The Analyzer


Back to tool Introduction.

 Back to tool Documentation of Tool Functions

Back to tool Documentation of Publishing tab


When on the Publishing Tab, you may select a package and then click on the Analyze button to run the Package Analyzer against the App-V package.  The function is also available as a right click option on the package.

The analyzer will make use of the following sources of information:

  • The AppXManifest.xml file.
  • FileSystemMetadata.xml file.
  • Presence of Files and Folders within the archive
  • The Registry data file(s) inside the package.

The tool does not consider the external DeploymentConfiguration and UserConfiguration files.  The package does not need to be added or published to the client.

The Analyzer will open to a summary screen:

The Analyzer consistently provides basic package information at the top, and a set of buttons with counts on the left side. The buttons change the display to show details on a particular area and the count next to the button lets you know how many of that type are present.  The remainder of the display above is specific to the display selection chosen on the left side.  The default selection displayed is the Summary page.  Items highlighted in yellow indicate identified conditions that deserve special attention.  Hovering the mouse over the highlighted area will provide more detail.  In many cases, you will want to pick the detail display for the extension type.

Analyzer: Summary

The Summary page has many sections.  Starting on the upper left and working Clockwise:

  • Zip Compression File Statistics: information on the overall compressed file, plus that of the major sub-files (outside of the virtual file system) are provided.
  • Virtual File Statistics: Information on the number of files and folders, including deletion markers. There is a button which provides a graphical view of the virtual file system, "similar" to that in the Sequencer only showing the deletion markers also.
  • Virtual Registry Statistics: Information on the number of registry keys and items, including deletion markers. There is a button which provides a graphical view of the virtual file system, "similar" to that in the Sequencer only showing the deletion markers also.
  • Office PlugIn Statstics: Counts of the number of registered plugins to Microsoft Office contained in the package. Each line has 4 columns on the right indicating how the plugin was registered.  The characters ML (for Merge with Local) or OL (for Override Local) appear in a column when present.  The columns, from left to right, are HKLMx86, HKLMx64, HKCUx86, HKCUx64.  You typically want Merge with local registration if you plan to have locally installed plugins also present.
  • APIs Unsupported by App-V: This area shows evidence of the package containing files/registry entries for working with an API that is not supported for App-V.  Most of the time we do not want these items, but it is a good idea to be sure.
  • Supported but interesting: This area includes evidence of the package containing files/registry entries that are supported by App-V, but sometimes not desirable.
  • Non GAC .NET: This are provides information about .Net components found outside of the Global Assembly Cache. This is where most applications place there components.  The area also shows when the component has (or doesn't have) a compiled "native interface" format counterpart inside of the GAC.  For optimal performance we want to capture the compiled version also. There is a button to view details.
  • GAC Components: Shows .NET components in the package that are inside the Global Assembly Cache.  This is mostly to let you know if the app is .Net 3.x based or 4.x based.
  • Package Configuration Settings,  Shows the settings used when the package was created.  Some of these come from the advanced settings.

Many of the fields on the summary (and detail pages) use a background color to draw your attention to potential issues discovered:

  • A blue background indicates something "interesting".  In the image above the package has files in the Windows Installer cache that appear safe to remove. Some people will always take action when they see this, others will ignore it.
  • A yellow background indicates a warning. This indicates that there is, or could be depending on how published, an issue with the package.  Bad shortcuts and certain IE Plugins registered under HKLM are examples.
  • A red background indicates something sinister.  For example, if there is a VC Runtime present with a known security flaw.


The following sections cover the use of each of the buttons on the left side of the Analyzer.

Analyzer: Applications

The menu on the left side of the analyzer allows you to see more detail of the items summarized. For example, here is the detail on applications within the package:

The detail has summary information on the left, plus three sub-panels on the right.

  • Applications with AppIDs are executable files (EXEs) that are referenced by Shortcuts, File Type Associations, or URL Protocol Handlers.
  •  Non-App Applications" are executable files (EXEs) that do not have an AppID.
  • Dlls are the dll files in the package.

FIles with manifests that require Admin rights or UIAccess rights,  are highlighted as these may require UAC prompts and admin credentials.

Analyzer: Shortcuts

Shows all shortcuts.  Shortcuts with spaces at the end are detected and highlighted when present (not shown):

Analyzer: FileType Associations

File Type Association information is provided.  Bad ProgIDs may be detected and highlighted (not shown in this image):

Analyzer: URL Protocol Handlers

URL Protocol handlers are displayed.

Analyzer: Browser Plug-Ins

Covers many forms of Browser add-ons. Identification of the type is provided, as well as some potential issues.

Browser Extension Examples

There are several forms of Browser Extensions. They may load COM based dlls, or run external programs or scripts.

Explorer Bar Example

Browser Helper Object Examples

In this example there are two BHOs that have issues, and each has two issues. One is a warning that if user publishing is used the BHO may be loaded twice, the second warning indicates that the registry key containing the plug-in registration is marked override local, which may block loading of additional plugins.

An explorer bar is a horizontal or vertical pane that would appear inside a web page window.

Analyzer: ActiveX Plug-Ins

Shows ActiveX Components.

ActiveX plug-ins are only used by Internet Explorer.

Analyzer: Shell Extensions

Shows information on the Shell extensions. These are identified by type of extension. If a potential issue is identified, the count will be highlighted in Yellow.

Shell Extension Context Menu example

Context Menus, when you right click on a link to an appropriate file type, act like right-click menus in explorer.

Shell Extension other examples

This example shows a Context Menu handler, a drop-target handler, a drag-and-drop handler, and an info tip handler.

This example adds a property sheet handler.

Analyzer: COM Objects

Shows all entries of the COM Extensions (not all are actually COM Objects).  Details are provided, and when possible object relations to other extensions are noted.  Remote COM (DCOM) is also shown, including cases where this is a "false positive" reported by the sequencer.

Analyzer: Application Capabilities

Application Capabilities can register user-selectable FTA and URL handlers. It also affects start menu search, allowing the program to be found before the user completes typing in the full name.

Analyzer: App Paths

Details of any AppPaths are provided. These act as pre-pended strings to the Path Variable, but only for the named process. Affects dll search.

Analyzer: SW Clients

Details of any Software Clients are provided. These offer replacements for 5 standard OS services.

Analyzer: SidexSide Packages

Shows captured Side-by-Side assemblies that are to be deployed during publishing.  Currently we have detected both VC++ and MSXML Runtimes being detected.

Analyzer: Services

Shows any Virtual Service Extensions of the package, including startup type.

Here are some disabled services.

This list is augmented with a list of any services that were registered during sequencing, but ignored due to an incorrect service logon account.  The latter are highlighted as a potential issue with the package, as shown in the example below:

Analyzer: Fonts

Shows all of the Fonts.

Analyzer: Environment Variables

Shows new, changed, and removed environment variables. Note that new variables show up as changed variables, and sometimes a variable deletion is recorded as setting the value to nothing.

You'll note in this example that the path variable was updated during sequencing, but the entire path was recorded, not just the changes. This is different behavior than in 4.x and could lead to a client issue.

Analyzer: Named Objects

 Normally blank.  If the advanced feature "allow all named objects to interact" was selected, this will contain a single entry of "*" as an additional exclusion item. With manual editing of the internal AppXManifest file, it is possible to add specific exclusions.

Analyzer: Internal Scripts

Information on scripts located within the internal AppXManifest.xml file are shown.


Analyzer: Installer Fixups

As of version 5.9 of the tool, the pervious "Generate Fixups" button that produced a powershell script for the SilentInstall framework has been replaced by this button.  Installer Fixups works with the newer PassiveInstall framework (also available on under the Packager Tools).

After clicking on the button, you see the different types of potential fixes identified by the Analyzer, and you can choose which ones you want. When you click on the Generate Fix Script button, the tool will generate a PowerShell script that uses the PassiveInstall module to perform the actions.  To get the improved package, you would resequence the package, running that PowerShell script after performing the install as before. For additional information see this article.


The following sections show the additional buttons that are available from the summary page.

Analyzer: View v.Files

From the Summary page, the Virtual Files Stats section has a button that allows you to view file information on files contained within the package.

Analyzer: View v.Registry

From the Summary page, the Virtual Registry Stats section has a button that allows you to view registry information on virtual registry keys and entries contained within the package.

And here is an example with a couple of keys that are deleted in the virtual registry. These appear here in red; they do not appear in the Sequencer editor, but will hide visibility to any locally deployed key (and sub-keys and values) of the same path.

Analyzer: Microsoft.Net and Native Compilation

When an application adds .net based components, it may place them in private folders or in the public Global Assembly Cache (GAC for short). In either case, the component may also be compiled from the MSIL format to a native format (NI for short).  No matter whether the component was private or public, the NI version will be placed in the GAC.

App-V respects NI files in the package and they work properly at the client. But many installers request background compilation that does not complete when sequencing unless you flush the ngen queue (or what with the system idle for a significant period of time) before ending monitoring mode. Some installers fail to even attempt compilation, and if you repackage your own MSIs you often loose the compilation requests made by the vendor.

The analyzer will automatically detect the files, but to perform full analysis, you must first Add the package to the client (publishing is not required). When you have added the package and analyze, you might find that the summary looks like this:

If you do not see the "Examine DotNet" button present on the summary display, then you need to add the package!

When you click on this button, a full analysis on the .net components is run. This can take a while. When it completes, you will see the statistics and the button changes to a new one. An example is shown below:

In this case, no compilation was done by the vendor's MSI package (although the vendor's exe installer does request compilation). The yellow highlighting indicates that there are uncompiled DotNet files present.

Clicking on the View DotNet button will show the details of the analysis in a new window.

If you now click on the "Gen Script" button, it will create a PowerShell script that will be placed (by default) in the folder with your App-V Package. This script will attempt the appropriate ngen compilation for any DotNet component that is missing the NI in the package. It also will force an ngen queue flush to insure the action completes. This script can be used in an update to the package, or when repackaging if you start over.

Here is what the summary page looks like when the same install is performed along with this script:

Clicking to examine the detail reveals that most have now been compiled.

Here is an example of the detail showing the same component as before; it is now compiled.

Here is an example of one that does not compile. At this time we don't know why the vendor has a handful of these that do not compile in the package. Attempting to compile them generates a security error. It may be that these are PIO (Primary InterOp) files that act as an interface to non-dotnet dlls. We can see several non-DotNet files listed as dependencies in the lower section. In any case, this is as good as the app can get for DotNet performance.