Hi everyone. I am new to this site, and so far I found it great! Kicks the pants off similar services, that's for sure....
Ok, so my question is this: My FILEMON (by SYSINTERNALS) refuses to capture file events. I am not a Windows professional, so what I have to say next is pure conjecture. Could it be that my kernel level debugging is disabled (incidentally how do I turn it on or off?) Is threre some malignant application that prevents FILEMON from working properly? Now that I think of it, I should go back and run REGMON to see if that fails too. One thing is fore sure, I used to be able to run FILEMON with no problem, but it has been almost five months since I last used it, so I couldn't begin to remember what all I did in the intervening time.
Also, an unrelated issue: How do I prevent an application from modifying my MSCONFIG startup configuration? Where is that data actually stored (ie: filename, registry, what?)
Thanks for any help, and glad to have found this place!
Ok, so my question is this: My FILEMON (by SYSINTERNALS) refuses to capture file events. I am not a Windows professional, so what I have to say next is pure conjecture. Could it be that my kernel level debugging is disabled (incidentally how do I turn it on or off?) Is threre some malignant application that prevents FILEMON from working properly? Now that I think of it, I should go back and run REGMON to see if that fails too. One thing is fore sure, I used to be able to run FILEMON with no problem, but it has been almost five months since I last used it, so I couldn't begin to remember what all I did in the intervening time.
Also, an unrelated issue: How do I prevent an application from modifying my MSCONFIG startup configuration? Where is that data actually stored (ie: filename, registry, what?)
Thanks for any help, and glad to have found this place!
Comment