I need to run FileMon and RegMon on a Domain pc, but getting an error that i need Debugging privelegue (i know i can set this in a local policy, but i rather not, since im testing some packages on the pc).

However, i found some old versions of RegMon 4.25 and FileMon 4.33 which i have no problems running. BUT they won't save the settings. When i want to exclude "SUCCESS" it just ignores it. However if i chose to Highlight "SUCCESS" it works fine, this counts for both of them

Anyone who can help me in a tight spot?
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
You are running it with Local Admin privileges, don't you?
Answered 03/07/2006 by: revizor
Third Degree Blue Belt

Please log in to comment
0
yes, i am - setting LoadDriverPrivilege and DebugPrivilege, which works fine for the new versions until policies are run again - but those privileges do no difference for the old versions - i was wondering if you cant exclude actions in the old versions
Answered 03/07/2006 by: Bartesque
Orange Senior Belt

Please log in to comment
0
I normally kick off those utilities remotely through psexec (from sysinternals.com) - this way, I launch them under SYSTEM account, which bypasses pretty much all the restrictions on a computer. Make sure you specify interactive mode. Not the easiest way, but you can script it later. See if it helps you.
Answered 03/08/2006 by: revizor
Third Degree Blue Belt

Please log in to comment
Answer this question or Comment on this question for clarity