Article ID: 926098
Article Last Modified on 12/20/2007
APPLIES TO
- Windows Vista Enterprise 64-bit Edition
- Windows Vista Business
- Windows Vista Enterprise
- Windows Vista Home Basic
- Windows Vista Home Premium
- Windows Vista Starter
- Windows Vista Ultimate
Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows XP and Windows Vista
Warning You should not enable tracing functionality on production systems unless a Microsoft support representative indicates that the tracing information is required to diagnose an issue. The performance of the computer may be affected. As soon as the reason for the issue has been found and resolved, you should disable tracing functionality. By default, tracing functionality is disabled. Therefore, there is no performance effect on a regular installation. When you change the error-tracing configuration, the changes take effect when a process is recycled.
INTRODUCTION
In Windows Vista and in Microsoft Windows Server 2003, you can use Event Tracing for Windows (ETW) to trace events for some COM+ components and for some base COM components.
Note ETW is not available in earlier versions of Microsoft Windows.
You can trace the following COM+ and COM providers:
- COMSVCS
- COMADMIN
- OLE32
- DCOMSCM (RPCSS)
Note The tracing mechanism produces a binary file. The binary file must be formatted by Microsoft so that it can be analyzed.
MORE INFORMATION
You can use the following commands to start or stop tracing for an event provider that writes events to an ETW session.
Note Typically, to troubleshoot an issue, you do not have to enable tracing for all the providers that are listed in the "Introduction" section.
To start tracing
To start the tracing functionality for a provider, use one of the following commands as appropriate.
Note In the following commands, the placeholder GUID represents the GUID for the provider.
- logman -start COMSVCS -p {
GUID} 0xf 0x5 -ets - logman -start COMADMIN -p {
GUID} 0xf 0x5 -ets - logman -start DCOMSCM -p {
GUID} 0x7 0x5 -ets - logman -start OLE32 -p {
GUID} 0xf 0x5 -ets
Note For more information about how to enable ETW for the OLE32 provider, see the "More information" section.
The start command creates a log file in the current directory. For example, the start command may create the Dcomscm.etl log file or the Ole32.etl log file. You can use the -o parameter to specify a different path.
To stop tracing
To stop the tracing functionality for a provider, use one of the following commands as appropriate:
- logman -stop COMSVCS -ets
- logman -stop COMADMIN -ets
- logman -stop DCOMSCM -ets
- logman -stop OLE32 -ets
Note After the trace log is created, you must send the binary files to Microsoft for analysis.
To work around decreased performance if you enable tracing for the OLE32 component
The Ole32.dll file is loaded in many processes. Therefore, you may experience decreased performance if you enable tracing for the OLE32 component.
To work around this issue, enable OLE32 component tracing per process. To enable OLE32 component tracing per process, use one of the following methods.
Note You do not have to use these methods for the other tracing providers.
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
Method 1: The registry or static method
If you know the name of the executable of the process or processes that have COM problems, you can add a registry value to enable ETW tracing. To add a registry value to the registry, type the following command at a command prompt.
Note In the following command, the placeholder ExecutablesToTrace represents the process or processes that you want to trace.
reg add HKLM\Software\Microsoft\OLE\Tracing /v ExecutablesToTrace /t REG_MULTI_SZ /d c:\test\app1.exe c:\test\app2.exe /f
Note You can type multiple executables in the registry value. You must type the full path of each executable.
If you are not sure which process or processes have COM problems, you can use the following command.
Note The following command adds a registry value that enables tracing on all process that start after the registry value is set. Tracing is enabled on processes that start after the computer is restarted. Therefore, we recommend that you delete the registry keys after the trace session is completed.
reg add HKLM\Software\Microsoft\OLE\Tracing /v ExecutablesToTrace /t REG_MULTI_SZ /d * /f
Method 2: The Comtrace.exe or dynamic method
You can use the commands that are listed in the following table to enable ETW tracing by using the Comtrace.exe utility.
Note The Comtrace.exe utility is not part of the operating system. Therefore, we recommend that you use the registry method if you can do this.
Note When you use the Comtrace.exe utility to enable tracing for the OLE32 provider on a program that is running, the tracing functionality stops when the application exits. Additionally, the tracing functionality for the program will not start when you start the program again.
| Command | Result |
|---|---|
| comtrace.exe -f ON -p 123 | Turn on COM tracing for PID 123 |
| comtrace.exe -f OFF -p 123 | Turn off COM tracing for PID 123 |
| comtrace.exe -f ON -p 123 456 | Turn on COM tracing for PID 123 and for PID 456 |
| comtrace.exe -f ON -p * | Turn on COM tracing for all COM processes |
Additional query words: complus
Keywords: kbhowto kbinfo KB926098
