![]() Inspecting the folder %SystemRoot%\System32\Drivers\ showed me, that a new file PROCMON23.sys was created – beside the old file _PROCMON23.sys. And voilá, it came up with the window shown above – and I was able to enable the boot logging option. To start logging, double-click Procmon.exe to run the tool. I also ignored this advice and launched Process Explorer via a double click. Solution: Download Process Monitor, then extract the file ProcessMonitor.zip to your Desktop. ( Quick Tip: You can also use the Windows key R keyboard shortcut to open the Run command, enter the. Microsoft's MSDN article also requires to launch Process Monitor using a command:Ĭ:\procmon\Procmon /BackingFile C:\procmon\log.pml /AcceptEula /Quiet /noconnect Search for System Configuration and click the top result to open the experience. It required administrator privileges, but I was able to process this renaming operation successfully. Then I tried to rename this file to _PROCMON23.sys. A very useful feature of process monitor is to trace events during logoff, shutdown, startup and login. I tried a different approach (never believe, what Microsoft writes): I fired up Windows explorer and navigated toĪnd found a file PROCMON23.sys. Since this issue was occurring at reboot that was the path we followed. From the menu click OPTIONS then ENABLE BOOT LOGGING and ProcMon will monitor on reboot. ![]() Searching the web, I came across this MSDN article (link broken), where deleting this file in Windows PE was suggested. You can collect boot traces with ProcMon to collect data during a boot of a machine.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |