How to get verbose debug logging from LM.Detection.exe

  • 7014131
  • 18-Nov-2013
  • 30-Jul-2021


Novell ZENworks Patch Management 11
Novell ZENworks Patch Management 2017


How to get verbose debug logging from LM.Detection.exe

Note:  Note:  It may be necessary to first delete HKEY_LOCAL_MACHINE\SOFTWARE\\cache SYSTEM_HASH entry so that the logging is bypassing the cache.


  1. Rename registry value HKEY_LOCAL_MACHINE\SOFTWARE\\cache entry to bypass cache and rescan fully.
  2. Run lm.detection_x64 /r /l 4 /d 0 /e "tmpScan" and collect lm.detection.log

In addition to above sometimes it helps to run analyze -d and collect analyze_results.txt and debug*.log.

Also collect \windows\logs\cbs and \windows\logs\dism *.log files for Microsoft Windows patch scan information.

For individual patch verbose log (this is not as verbose as above steps):

  1. Look in registry HKEY_LOCAL_MACHINE\SOFTWARE\\Discovery Agent\NativeScan search below for the name of the patch to test.  
  2. Example:  2018-02 Security Only Quality Update for Windows 7 x64 (KB 4074587) is found under HKEY_LOCAL_MACHINE\SOFTWARE\\Discovery Agent\NativeScan\038b7343-567a-489c-9a7b-99359061b585
  3. Or do a database query to get the guid from patch signature table. 
    Example:  select type from patchsignature where name =  '2018-02 Security Only Quality Update for Windows 7 x64 (KB 4074587)' gives this:  038B7343-567A-489C-9A7B-99359061B585 (remove the brackets)
  4. Rename the registry key above so that it will force re-scan.
  5. Run the following command from %ZENWORKS_HOME%\zpm directory:

    LM.Detection_x64.exe or LM.Detection.exe /ErrorStdOut /registry /loglevel 4 /e /g 038B7343-567A-489C-9A7B-99359061B585
    "/g" is guid of the patch. 
  6. Once the patch has run on the device there will be a corresponding log file at the root of "%ZENWORKS_HOME%\zpm".

    Example:  "lm.detection-038B7343-567A-489C-9A7B-99359061B585.log
Note:  The guids are consistent across different zones, so the same patch will have the same guid for everyone.


At times the need to troubleshoot LM.Detection.exe is needed to isolate why a patch will not install.

Tips for reading the log:

Look for failure to match values in HKLM

Look for entries querying cbc, example:

 _WindowsCbsPackage: RuleType='isinstalled'

_WindowsCbsPackage: Applicability: '7' CurrentState: '6'

_WindowsCbsPackage: Result: False

for more information about CBS servicing states see

Additional Information

Other things to help with lm.detection.  Disable PD cache in case files in workdir are corrupt.  Ensure latest ospx files are present.  Sometimes corruption in system %temp% files also can contribute.

In standard agent patch scanning (running DAU or zac ps), analyze.exe launches lm.detection.  lm.detection writes to HKEY_LOCAL_MACHINE\SOFTWARE\\Discovery Agent\NativeScan registry.  analyze reads from that registry and writes to the .state file.