when an application error message is added to the Windows Event logs, the Windows process name csrss.exe accesses the path c:\windows\system32\WerFault.exe. That way, you can see what credentials are used to start a specific process you can add the column 'User name' by right-clicking on the column headers. the column 'result' may give error messages which do not mean anything at all, in some cases Windows will just try to access files in different paths. just play with it and find out what the other buttons and functions in MPM do. Repeat this until you only see the process you are interested in (like Exact Globe processes). You can filter out unwanted processes by right-clicking on a 'process name' and choosing Exclude: Now you have to minimize the output of the trace by only showing the processes you want to see. Disable registry, network and process trace by pressing these buttons: In most trouble shooting scenarios, file tracing is enough. When started, MPM will automatically start showing all processes currently running, with registry, file, network and process activity. On first run, you will have to confirm to a license agreement. 
The tool does not have to be installed, just run it from the new location. Just copy the contents of the archive file to a new folder on the PC or server where you want to trace the problem, for example to C:\Program Files (x86)\Microsoft Process Monitor.
Please note that MPM is not an Exact tool and not supported as such. Microsoft Process Monitor (MPM) can be used to trace problems related to file or registry access, or to show which process may be the last to execute before an error occurred.
0 kommentar(er)
