/bundles/itninjaweb/img/Breadcrumb_cap_w.png
I need to run FileMon and RegMon on a Domain pc, but getting an error that i need Debugging privelegue (i know i can set this in a local policy, but i rather not, since im testing some packages on the pc).

However, i found some old versions of RegMon 4.25 and FileMon 4.33 which i have no problems running. BUT they won't save the settings. When i want to exclude "SUCCESS" it just ignores it. However if i chose to Highlight "SUCCESS" it works fine, this counts for both of them

Anyone who can help me in a tight spot?
0 Comments   [ - ] Hide Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity

Answers

0
You are running it with Local Admin privileges, don't you?
Answered 03/07/2006 by: revizor
Third Degree Blue Belt

Please log in to comment
0
yes, i am - setting LoadDriverPrivilege and DebugPrivilege, which works fine for the new versions until policies are run again - but those privileges do no difference for the old versions - i was wondering if you cant exclude actions in the old versions
Answered 03/07/2006 by: Bartesque
Orange Senior Belt

Please log in to comment
0
I normally kick off those utilities remotely through psexec (from sysinternals.com) - this way, I launch them under SYSTEM account, which bypasses pretty much all the restrictions on a computer. Make sure you specify interactive mode. Not the easiest way, but you can script it later. See if it helps you.
Answered 03/08/2006 by: revizor
Third Degree Blue Belt

Please log in to comment