The moment you run procmon, it begins capturing many different kinds of Windows events. You’ll then see a folder like any ol’ network share containing all of the Sysinternals files including procmon. To do this, open up File Explorer and paste in \\ \tools. If you’d rather not (or can’t) download an EXE, you can also use the Sysinternals Live folder. There is a way around this which will be touched on later in this Guide. Procmon only runs with elevated permissions so you’ll be prompted to accept this if you have UAC enabled when you run it. Now run procmon by invoking the ~\ProcessMonitor\procmon.exe file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |