Article ID: 955101 - Last Review: July 10, 2008 - Revision: 1.0

How to enable client-side tracing on a computer that does not have IAG Client Components installed

View products that this article applies to.
Expand all | Collapse all

INTRODUCTION

This article describes how to enable client-side tracing on a computer that does not have the Microsoft Intelligent Application Gateway (IAG) Client Components installed. This procedure should only be used for troubleshooting.

MORE INFORMATION

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756  (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows

To enable client-side tracing on a computer that does not have IAG Client Components installed, follow these steps:
  1. Start Notepad, and then paste the following content in the new document.
    Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom]
[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client]
[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging]
[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000001
"ForceFlush"=dword:00000000
"0000"=dword:00050004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\AWCleaner.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000012
"ForceFlush"=dword:00000000
"0000"=dword:00010004
"0001"=dword:00010013
"0002"=dword:00010024
"0003"=dword:00010034
"0004"=dword:00010042
"0005"=dword:00020004
"0006"=dword:00020011
"0007"=dword:00020024
"0008"=dword:00030004
"0009"=dword:00030014
"000a"=dword:00030024
"000b"=dword:00030034
"000c"=dword:00030044
"000d"=dword:00030054
"000e"=dword:00030064
"000f"=dword:00030071
"0010"=dword:00030084
"0011"=dword:00030094

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Common\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000007
"ForceFlush"=dword:00000000
"0000"=dword:00070004
"0001"=dword:00070014
"0002"=dword:00070021
"0003"=dword:00070034
"0004"=dword:00090004
"0005"=dword:000a0004
"0006"=dword:029a0004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\DMService.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:0000001b
"ForceFlush"=dword:00000000
"0000"=dword:00010004
"0001"=dword:00010013
"0002"=dword:00010024
"0003"=dword:00010034
"0004"=dword:00010042
"0005"=dword:00020004
"0006"=dword:00020011
"0007"=dword:00020024
"0008"=dword:00030004
"0009"=dword:00030014
"000a"=dword:00030024
"000b"=dword:00030034
"000c"=dword:00030044
"000d"=dword:00030054
"000e"=dword:00030064
"000f"=dword:00030071
"0010"=dword:00030084
"0011"=dword:00030094
"0012"=dword:00060004
"0013"=dword:00060014
"0014"=dword:00070004
"0015"=dword:00070014
"0016"=dword:00070021
"0017"=dword:00070034
"0018"=dword:00090004
"0019"=dword:000a0004
"001a"=dword:029a0004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\IExplore.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe]
"Enabled"=dword:00000000
"DebugOutput"=dword:00000000
"OutputPath"="%TEMP%"
"Count"=dword:00000012
"ForceFlush"=dword:00000000
"0000"=dword:00010004
"0001"=dword:00010013
"0002"=dword:00010024
"0003"=dword:00010034
"0004"=dword:00010042
"0005"=dword:00020004
"0006"=dword:00020011
"0007"=dword:00020024
"0008"=dword:00030004
"0009"=dword:00030014
"000a"=dword:00030024
"000b"=dword:00030034
"000c"=dword:00030044
"000d"=dword:00030054
"000e"=dword:00030064
"000f"=dword:00030071
"0010"=dword:00030084
"0011"=dword:00030094

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\MSTSC.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe]
"Enabled"=dword:00000000
"DebugOutput"=dword:00000000
"OutputPath"="%TEMP%"
"Count"=dword:00000012
"ForceFlush"=dword:00000000
"0000"=dword:00010004
"0001"=dword:00010013
"0002"=dword:00010024
"0003"=dword:00010034
"0004"=dword:00010042
"0005"=dword:00020004
"0006"=dword:00020011
"0007"=dword:00020024
"0008"=dword:00030004
"0009"=dword:00030014
"000a"=dword:00030024
"000b"=dword:00030034
"000c"=dword:00030044
"000d"=dword:00030054
"000e"=dword:00030064
"000f"=dword:00030071
"0010"=dword:00030084
"0011"=dword:00030094

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\Outlook.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000019
"ForceFlush"=dword:00000000
"0000"=dword:00010004
"0001"=dword:00010013
"0002"=dword:00010024
"0003"=dword:00010034
"0004"=dword:00010042
"0005"=dword:00020004
"0006"=dword:00020011
"0007"=dword:00020024
"0008"=dword:00030004
"0009"=dword:00030014
"000a"=dword:00030024
"000b"=dword:00030034
"000c"=dword:00030044
"000d"=dword:00030054
"000e"=dword:00030064
"000f"=dword:00030071
"0010"=dword:00030084
"0011"=dword:00030094
"0012"=dword:00060004
"0013"=dword:00060014
"0014"=dword:00070004
"0015"=dword:00070014
"0016"=dword:00070021
"0017"=dword:00070034
"0018"=dword:000a0004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\rundll32.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe]
"Enabled"=dword:00000000
"DebugOutput"=dword:00000000
"OutputPath"="%TEMP%"
"Count"=dword:00000001
"ForceFlush"=dword:00000000
"0000"=dword:00090004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\SFHlprUtil.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000001
"ForceFlush"=dword:00000000
"0000"=dword:00050004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlCach3.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe]
"Enabled"=dword:00000001
"DebugOutput"=dword:00000001
"OutputPath"="%TEMP%"
"Count"=dword:00000005
"ForceFlush"=dword:00000000
"0000"=dword:00040004
"0001"=dword:00040012
"0002"=dword:00040021
"0003"=dword:00080004
"0004"=dword:00090004

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\AW]
"ID"=dword:00000005
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\ComponentsManager]
"ID"=dword:00000007
"ClassesCount"=dword:00000004
"0002"="ConfigXML"
"0000"="General"
"0003"="Service"
"0001"="SystemRestore"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\EndpointDetection]
"ID"=dword:00000006
"ClassesCount"=dword:00000002
"0001"="DetectionScript"
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\IPC]
"ID"=dword:00000002
"ClassesCount"=dword:00000003
"0000"="Client"
"0001"="Terminal Services"
"0002"="Utilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\LSP]
"ID"=dword:00000003
"ClassesCount"=dword:0000000a
"0008"="Access Control"
"0004"="AsyncSelect"
"0005"="EventSelect"
"0000"="General"
"0001"="Overlapped"
"0009"="Passthru"
"0003"="SocketCreation"
"0007"="SocketsInfo"
"0006"="SOCKS"
"0002"="SPI"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\NSP]
"ID"=dword:00000001
"ClassesCount"=dword:00000005
"0000"="General"
"0001"="Lookups"
"0002"="WSP"
"0003"="WSP Pipes"
"0004"="WSP ThreadPool"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\RSASoftToken]
"ID"=dword:0000029a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\Security]
"ID"=dword:00000009
"ClassesCount"=dword:00000001
"0000"="CheckSite"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\SSLVPN]
"ID"=dword:00000004
"ClassesCount"=dword:00000003
"0000"="General"
"0002"="TunnelLifetime"
"0001"="XPSP2Check"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\TCPDump]
"ID"=dword:00000008
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\Logging\WhlClnt3.exe\Reporters\VistaUtils]
"ID"=dword:0000000a
"ClassesCount"=dword:00000001
"0000"="General"

[HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\Client\SSLWrapper]
  2. Save the file as a .reg file, and then double-click the file to run it.
  3. Open Internet Explorer, and then move to the IAG Web site for which you want to collect logs.
  4. Install the IAG Client Components when you are prompted.
  5. After the installation is completed, log on to the IAG portal.

    Note If you are using any Secure Sockets Layer (SSL) virtual private network (VPN) applications or if you are using Network Connector, run these applications, or run Network Connector to complete the component download and installation process.
  6. Close Internet Explorer to unlock all log files that are still being written.
After you complete these steps, the log files will be created in the temporary directory of the current user. These files will be stored in several locations. To easily collect them, follow these steps:
  1. Start Notepad, and then paste the following content in the new document.
    xcopy /y %temp%\*.csv %temp%\datacollection\user_temp\
xcopy  /y %windir%\temp\*.csv %temp%\datacollection\win_temp\
xcopy /y <drive>:\temp\*.csv %temp%\datacollection\c_temp\
xcopy /y %temp%\low\*.csv %temp%\datacollection\temp_low\
xcopy /y %temp%\low\low\*.csv %temp%\datacollection\temp_lowlow\
xcopy /y "%programfiles%\Whale Communications\Client Components\3.1.0\*.log" %temp%\datacollection\NC\
    Note Use the actual system installation drive to replace the <drive> placeholder.
  2. Save the file as a .bat file, and then double-click the file to run it.
After you complete these steps, the log files are collected from several locations, and they are put in the %temp%\Datacollection folder.
APPLIES TO
  • Intelligent Application Gateway 2007
  • Whale Communications Intelligent Application Gateway 3.6
Back to the top
Keywords: 
kbexpertiseinter kbhowto kbinfo KB955101
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations