![]() ![]() The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device errorįilename: \Device\HarddiskVolume2\Windows\System32/drivers/PROCMON23.SYS I checked Event Viewer->Security and saw that there was an Audit Error:Ĭode integrity determined that the image hash of a file is not valid. Login as Administrator and try it (didn’t work).When on a 64 bit system, Procmon extracts a 64bit binary in the %TEMP% folder as Procmon64.exe and runs that.Extract the 64 bit binary from the procmon.exe into it’s own binary procmon-64 (didn’t work).The Workstation service needs to be running (it is). ![]() There are several solutions noted as the root cause, not of which worked for me including: This has been mentioned in posts going back to 2008. Attempts to run the 64 bit version of procmon to observe a process’ activity results in the following error: Unable to load Process Monitor Device Driver. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |