Wednesday, August 22, 2012

Tool of the Day: Process Monitor -- X-Ray Vision For Windows

Earlier today, I was trying to install an app on Windows and it kept failing with an error saying a file could not be read. Of course, it didn't say *which* file had missing permissions. Nope, that would be too easy.

After a bit of Googling, I installed Process Monitor and tried the install again. After sorting through about a bazillion lines of messing I found the one permission denied error.

Turns out, the .msi file itself had permission for Ben to access it, but nobody else. Therefor, during the install when the Administrator was attempting to access the files, it failed.

I added read permission for the user Everyone and I was back in business.

But that's not all! Process Monitor delivered not just once, but twice today!

I was fiddling with UScreenCapture, and was having problems getting the required registry settings to take effect. The docs clearly said:

The following are configuration registry settings:

HKLM\SOFTWARE\UNREAL\Live\UScreenCapture
DWORD: MonitorNum
DWORD: Left
DWORD: Right
DWORD: Top
DWORD: Bottom
DWORD: FrameRate
DWORD: ShowCursor
DWORD: CaptureLayeredWindows

Yet, setting these values had no effect.

Process Monitor to the rescue, again!

I fired it up, tweaked the filter settings so I'd be less overwhelmed by output and accessed my app that was using UScreenCapture. Wouldn't you know it, the registry path being accessed wasn't what was reported in the docs, but was as follows:

RegQueryValue HKLM\SOFTWARE\Wow6432Node\UNREAL\Live\UScreenCapture\MonitorNum NAME NOT FOUND Length: 144
RegQueryValue HKLM\SOFTWARE\Wow6432Node\UNREAL\Live\UScreenCapture\ShowCursor NAME NOT FOUND Length: 144
RegQueryValue HKLM\SOFTWARE\Wow6432Node\UNREAL\Live\UScreenCapture\CaptureLayeredWindows NAME NOT FOUND Length: 144
RegQueryValue HKLM\SOFTWARE\Wow6432Node\UNREAL\Live\UScreenCapture\FrameRate NAME NOT FOUND Length: 144
...

Apparently, the sub key Wow6432Node is required.

I set these keys instead of the ones in the documentation and all worked as expected.

For years, I've wondered what the equivalent of Unix's strace is, and I believe I've found it.

By at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)