COM traffic(?) - how to examine/monitor?

I'm debugging some windows applications on W764 that use COM.

I can use Windows Detective to inspect messages to/from the app windows, but I'm trying to figure out a way to inspect the calls to a COM object's properties/methods and returned values.  Also to identify what COM objects an app is communicating with.
SAbboushiAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
There are option (rather old though) but suggest the basic to start off to see if the usual OLE viewer in the Visual Studio suffice. https://msdn.microsoft.com/en-us/library/esssys8z(v=vs.71).aspx
The others listed are found below but most of it may be testing the COM itself, however, you can check out "oStudio - Live Tuning" though it is not free per se
http://www.woodmann.com/collaborative/tools/index.php/Category:COM_Debugging_Tools
0
SAbboushiAuthor Commented:
Thanks - I browsed around on the Microsoft site per your link.  It helped clarify for me that what I am looking for is some kind of program in the "spy" category, like Windows Detective.  

That other link: I found that a few days ago and examined the tools, but I didn't find anything that does what I want.

To clarify: I want to see/monitor/examine/inspect the calls/responses between programs e.g. that program A made a call to object B using COM and the call was to Object B's method C.

I'm not looking for tools that help me to develop or browse COM object or to develop apps that are communicating with COM objects.  Sorry... I did use the word "debug", but my debugging isn't related to the tool I seek.
0
btanExec ConsultantCommented:
I was thinking of API monitor which lets you monitor and control API calls made by applications and services. But this may not be intuitive in program calls and manual interpretation, it can still be useful to check out its call tree with will also highlight the hierarchy of API calls and also the involved module object such as OCX and DLL etc   and monitoring of services and processes hooked by it.
http://www.rohitab.com/apimonitor 

Probably the area lacking is the network comms layer thought it can be hooking that APIS call to create and manage the Socket objects. There is network monitor tool for that ...

another I think of is the Spy++ (quite like Windows Detective) which hooks Windows handle and gives you a graphical view of the system’s processes, threads, windows, and window messages. It comes with Visual Studio. Likewise it provides a tree view of all windows and controls available on your machine too.
https://msdn.microsoft.com/en-us/library/dd460725.aspx

there are coding leveraging on Spy++ too for customisation  req e.g. to inspect window messages, to see how applications are communicating and managing their controls
Spy++ installs 3 global hooks to receive every Send, Post and Call to a window message handler. The information provided by these methods is not enough to know what messages are coming from our application or if any of them have been filtered by a hook installed earlier in the call chain.
Do not panic, Deviare comes to rescue. What we are going to do is intercept all the Message APIs from the process that the window belongs to and monitor its calls. From there, we can be sure of what messages are being sent from the application to its controls and if any of them are missing from the ones that Spy++ is reporting, then we will know if someone else is watching us...
http://www.codeproject.com/Articles/33459/Spying-Window-Messages-from-the-Inside

Lastly it is the listing that is more or less similar with what we mentioned so far. However but they are not targeted for your platform. More for info.

a) WinSpy, based around the Spy++ utility, but platform is not up keeping to the latest though
http://www.catch22.net/software/winspy-17

b) WinID resembles Spy++
http://www.dennisbabkin.com/winid/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

SAbboushiAuthor Commented:
Thanks so much for your help.  I've been examining API Monitor (wow... overwhelming...).  Seems that it will only capture and display calls for which it has definitions; it has provisions for letting me monitor external DLL's, but that means I would need to know which dlls are being called.

As best as I can tell, I would need to use something like Dependency Walker to identify all the dlls referenced by the applications I want to monitor and then add any 'external' dlls to API Monitor and then I'm good to go.  I think...!

API Monitor seems to be what I am looking for... but what a learning curve to get to that next level...

It seems that the other tools (if I'm not mistaken) are limited to messages between applications and the Windows UI, correct?  I tried out spy++ a few months ago but found it lacking for my needs because it doesn't seem to provide CLASSNN... only CLASS (i.e. no instance #) (same problem with Window Detective).  If you know of one that provides CLASSNN, that would be great!

Thanks again --- you have been extremely helpful!  Much appreciated.

With Regards-
Sam
0
btanExec ConsultantCommented:
processexplorer form sysinternal can be useful to sieve out the dll loaded by the running processes too. good luck and thanks.
Probably the hard core mean is really back to traditional debugging using windebug and find the COM and DLL and ts module via the memory dump, but it would really trace unless going live tracing...else it is set up hooks using like detours (need to code) to place inline code to monitor those or using back debugger (olleydebug to set breakpt etc...no easy feat as far as I see..
0
SAbboushiAuthor Commented:
k - thanks again--
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Components

From novice to tech pro — start learning today.