Make a note of the Process name, operation it tried to perform and the file/directory or the registry Path it tried to modify. This is for the purpose of illustration.ġ2. Of course, I knew REG.EXE needs to be run under elevated Command Prompt to create or modify keys in the system areas of the registry. In this example, I tried to create a registry key under the HKEY_CLASSES_ROOT branch using the REG.EXE command-line, and it countered an Access Denied error. After reproducing the problem, you’ll see Process Monitor list the Access Denied entries (if it has occurred any.) try to do the same operation while Process Monitor is capturing it in the background.ġ1. Suppose you try to create a registry key and encounter an error. Start capturing by enabling the Capture toggle button in the toolbar.ġ0. Then, set the filtering options as the one below, to catch specifically "Access Denied" entries.ĩ. This is to clear any filters if you’ve configured earlier.ħ. In the Process Monitor Filter dialog, click the Reset button. From the Filter menu, and click Filter (CTRL + L)Ħ. So, enable buttons 1 & 2 to start with.ĥ. Most basic troubleshooting procedure require buttons 1 or 2 (or both, if required) turned on. (Everything is captured anyway, but you can choose what’s shown in the output window.)Ĥ. The set of 5 buttons you see in the right is for displaying 5 different activities that are captured. Stop capturing by clicking Capture button (CTRL + E) in the toolbar. Process Monitor starts capturing events automatically. Accept the EULA that appears when you run the program for the first time.ģ. Get Process Monitor from Windows SysInternals page.Ģ. (I already have a how-to article on using Process Monitor with example and this article specifically explains how to track/trace "Access Denied" entries by configuring the Filtering Options in Process Monitor.)ġ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |