sxstrace.exe
- File Path:
C:\Windows\system32\sxstrace.exe - Description: Sxs Tracing Tool
Hashes
| Type | Hash |
|---|---|
| MD5 | E2AF11DCF02930A6D31C7C01C6B6B66B |
| SHA1 | CC679E9AB4FE6FB7B55FDAAD70463CEEA76BADD8 |
| SHA256 | 5BCA119BCDA248F6DCA945A755C0A072FBFDA8776774EB53035691C8385ABA0C |
| SHA384 | 76FDB47B470CC045BB277677FBA6BB5C875A9156DD7652B9C030372CA7AFDC2879000F8593E2FB82CFEF90DF9FB00FB6 |
| SHA512 | F7A877AE9394697F53C99FAED902F5DE8D9433F78CC9ECC200A76B534BBE093EDE8C3B03AF3E3B792697E461FCD7EEAFCE3A9B3979FCA64C3E913FAE42621192 |
| SSDEEP | 768:vRQDJUODpd9PWNR2LVx9HvQ4GaX1Pzd3kbBU/sSIC2x3pmh0X0hUDR:vRcT9P7vp/ro2R92P9EhuR |
| IMP | 608C121F28B6837B15D6067BE234792E |
| PESHA1 | 0F77825BD4B74B58081F0023C2C800C9710ACB82 |
| PE256 | CCB86A28BB38969E8CDC0285271B9FF303B4698779002C7736B5C2332F4039AE |
Runtime Data
Usage (stdout):
WinSxs Tracing Utility.
Usage: SxsTrace [Options]
Options:
Trace -logfile:FileName [-nostop]
Enabling tracing for sxs.
Tracing log is saved to FileName.
If -nostop is specified, will not prompt to stop tracing.
Parse -logfile:FileName -outfile:ParsedFile [-filter:AppName]
Translate the raw trace file into a human readable format and save the result to ParsedFile.
Use -filter option to filter the output.
Stoptrace
Stop the trace if it is not stopped before.
Example: SxsTrace Trace -logfile:SxsTrace.etl
SxsTrace Parse -logfile:SxsTrace.etl -outfile:SxsTrace.txt
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\sxstrace.exe |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265 - Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: sxstrace.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/5bca119bcda248f6dca945a755c0a072fbfda8776774eb53035691c8385aba0c/detection/
File Similarity (ssdeep match)
| File | Score |
|---|---|
| C:\Windows\system32\sxstrace.exe | 93 |
Additional Info*
*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.
sxstrace
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Diagnoses side-by-side problems.
Syntax
sxstrace [{[trace -logfile:<filename> [-nostop]|[parse -logfile:<filename> -outfile:<parsedfile> [-filter:<appname>]}]
Parameters
| Parameter | Description |
|---|---|
| trace | Enables tracing for side-by-side. |
| -logfile | Specifies the raw log file. |
<filename> |
Saves tracing log to <filename. |
| -nostop | Specifies that you shouldn’t receive a prompt to stop tracing. |
| parse | Translates the raw trace file. |
| -outfile | Specifies the output filename. |
<parsedfile> |
Specifies the filename of the parsed file. |
| -filter | Allows the output to be filtered. |
<appname> |
Specifies the name of the application. |
| stoptrace | Stops the trace, if it wasn’t stopped before. |
| -? | Displays help at the command prompt. |
Examples
To enable tracing and to save the trace file to sxstrace.etl, type:
sxstrace trace -logfile:sxstrace.etl
To translate the raw trace file into a human readable format and to save the result to sxstrace.txt, type:
sxstrace parse -logfile:sxstrace.etl -outfile:sxstrace.txt
Additional References
MIT License. Copyright (c) 2020-2021 Strontic.