Using Procmon in Command-line

You can run Procmon using command-line.

1. The following command-line will spawn procmon in Quiet mode(will not ask for any filter. It will collect all information). The procmon will start in the minimized window and also save the log in the file(abc.PML):
procmon /Quiet /Minimized /BackingFile abc.PML
2. Once you are done you can issue the following command to stop the procmon :
procmon /Terminate
3. Now you can open the abc.PML file and check if there is any activity that is causing the issue.

You can even schedule two tasks to start/stop procmon at the specified time.

Comments

  • Anonymous
    May 09, 2011
    The comment has been removed

  • Anonymous
    June 17, 2011
    I think when you see two instances of procmon processes sitting there doing nothing after being called from a scheduled task, that's when you have it running under another account that has not accepted the License agreement. Try logging on with said account (or use your own) and run it interactively so you can say yes to the license agreement. Then you may have success. Cheers!

  • Anonymous
    October 25, 2013
    Did anyone get round to fixing this? I have the same problem, two processes running and killing them currupts the log file.

  • Anonymous
    February 06, 2014
    The comment has been removed