sxstrace.exe
- File Path:
C:\Windows\SysWOW64\sxstrace.exe - Description: Sxs Tracing Tool
Hashes
| Type | Hash |
|---|---|
| MD5 | F509469ED866462CC44D79E9C7A6543D |
| SHA1 | 263492020AD06025E58936A2772C0DF465631134 |
| SHA256 | 2693A1363B8B9BE2BC04E248A4D0B0962BB2138A52100F78BAE111154E8363B4 |
| SHA384 | 065B4EBFDEE5839F79147CC19A6F1C463CBC36848A84FBED9E4CC7D147A6E72E39761A1ABCE5E0C8D9FF2CD88A1EA53D |
| SHA512 | C7A59EFC2CD0B8A82503BFDED9ACB73D788C12FDD300C2CDB90FEDABB0398CEC10BAB12B38A4A21C5066DA9D832CED0DADE4EAC735C93D0CB896A1F81442804E |
| SSDEEP | 384:bKj6d1wFbTSsbFO7lS5NVyjjGvLkRRShKiNj8BGDT0GFcTFLFttrWXqQw+sNduar:8ISNMuy/pru0Gu5lrH7mbyfXp9 |
| IMP | E5F700CF708ED01F967809EB3E520C38 |
| PESHA1 | 494905335AFE3461CB173B9455CCDA7CE9FDAC74 |
| PE256 | AA7ACA3D8201EF223F6FCA80B677CCDB6CC77F0933477FB26E2A6DD8519C0069 |
Runtime Data
Usage (stdout):
WinSxs Tracing Utility.
Usage: SxsTrace [Options]
Options:
Trace -logfile:FileName [-nostop]
Enabling tracing for sxs.
Tracing log is saved to FileName.
If -nostop is specified, will not prompt to stop tracing.
Parse -logfile:FileName -outfile:ParsedFile [-filter:AppName]
Translate the raw trace file into a human readable format and save the result to ParsedFile.
Use -filter option to filter the output.
Stoptrace
Stop the trace if it is not stopped before.
Example: SxsTrace Trace -logfile:SxsTrace.etl
SxsTrace Parse -logfile:SxsTrace.etl -outfile:SxsTrace.txt
Loaded Modules:
| Path |
|---|
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\sxstrace.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: sxstrace.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/2693a1363b8b9be2bc04e248a4d0b0962bb2138a52100f78bae111154e8363b4/detection/
File Similarity (ssdeep match)
| File | Score |
|---|---|
| C:\Windows\SysWOW64\sxstrace.exe | 96 |
| C:\Windows\SysWOW64\sxstrace.exe | 96 |
Additional Info*
*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.
sxstrace
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Diagnoses side-by-side problems.
Syntax
sxstrace [{[trace -logfile:<filename> [-nostop]|[parse -logfile:<filename> -outfile:<parsedfile> [-filter:<appname>]}]
Parameters
| Parameter | Description |
|---|---|
| trace | Enables tracing for side-by-side. |
| -logfile | Specifies the raw log file. |
<filename> |
Saves tracing log to <filename. |
| -nostop | Specifies that you shouldn’t receive a prompt to stop tracing. |
| parse | Translates the raw trace file. |
| -outfile | Specifies the output filename. |
<parsedfile> |
Specifies the filename of the parsed file. |
| -filter | Allows the output to be filtered. |
<appname> |
Specifies the name of the application. |
| stoptrace | Stops the trace, if it wasn’t stopped before. |
| -? | Displays help at the command prompt. |
Examples
To enable tracing and to save the trace file to sxstrace.etl, type:
sxstrace trace -logfile:sxstrace.etl
To translate the raw trace file into a human readable format and to save the result to sxstrace.txt, type:
sxstrace parse -logfile:sxstrace.etl -outfile:sxstrace.txt
Additional References
MIT License. Copyright (c) 2020-2021 Strontic.