How to collect Process Monitor log

Process Monitor tool displays in real-time all file system and registry activity on operating system. Process Monitor can be used to detect failed attempts to read and write registry keys. The log generated by Process Monitor contains information about the detected activity of different processes.

When the log is collected

Mainly the ProcMon log should be collected in the following situations:

  1. Suspicion that third party software influences on the operating of ABBYY product (antivirus, registry cleaner, other software)
    • to verify whether the third party software is disabled
    • to verify whether there is any conflict with other software
  2. Suspicion that user does not have sufficient permissions to read/write to the Registry.

How to collect

To collect Process Monitor log file, please do the following:

  1. Download Microsoft special tool Process Monitor by the link https://download.sysinternals.com/files/ProcessMonitor.zip.
  2. Unpack ProcessMonitor.zip file.
  3. Close all applications which are displayed in the Taskbar (if it is possible) and try to not take any additional actions at steps 4-9.
  4. Run Procmon.exe.
  5. Go to Edit > Clear Display.
  6. Go to File, make sure Capture Events is checked.
  7. Reproduce the situation. I.e. repeat only those steps which are leading to error message or only those steps which demonstrate incorrect behavior.
  8. Click Ok in error message dialog.
  9. Go to File > Save in Process Monitor and save log-file in native PML format.

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.