search

MicrosoftDocs / sysinternals

Content for sysinternals.com
http://sysinternals.com
Creative Commons Attribution 4.0 International
472 stars 259 forks source link

Unable to load Process Monitor Device driver #552

Closed smaillet closed 1 year ago

smaillet commented 2 years ago

Using latest ZIP file downloaded from MS site every time I start procmon.exe it pops up a dialog that says: "Unable to load Process Monitor Device driver"

ProcMon: v3.90

OS: Windows 10 21H2 - 19044.1826 (AMD64)

I am a member of the administrators group and I allow it to elevate at start. I've tried with procmon.exe as well as procmon64.exe but neither works.

smaillet commented 2 years ago

UPDATE: Same thing happens for the Windows store version of the install. This thing just isn't compatible with this OS build... How can I get an older version that works?

(Which I quickly uninstalled after testing because it's obnoxious without a folder to group all the apps, too many apps cluttering the app list :( )

foxmsft commented 2 years ago

v3.91 should fix this even on AMD64, any luck?

foxmsft commented 1 year ago

Closing this issue as I've seen no new reports after 3.91.

AK-CH commented 1 year ago

Solved: a permissions elevated CMD is not enough for the inital run. The first time launch requires true Admin permissions. Login as Admin.

3.92 (Intel) on Windows 11 does not work for me. "Unable to load Process Monitor Device driver"

d0vgan commented 1 year ago

Unfortunately, this is not fixed for Windows 11 even in Process Monitor 3.95. The system is 64-bit Windows 11 Enterprise 22H2 on Intel Core i7-1270P. What is even worse, when you exit Process Monitor (e.g. via File -> Exit), under Windows 11 it remains in the running processes. Which means that if you had initially started it without admin privileges (resulting in "Unable to load Process Monitor Device driver"), this process remained in the running processes and blocked any further instances of Process Monitor to load its device driver. Surely, until you realize there was a "zombie process" of Process Monitor and kill it manually.

sandip-shah commented 9 months ago

Unfortunately, still not fixed in 3.96. Windows 11 on ARM, within Parallels on a Mac.

petergluck commented 5 months ago

Unfortunately, still not fixed in 3.96. Windows 11 on ARM, within Parallels on a Mac.

Maybe it's obvious, but I first ran procmon64.exe and got this error. Then I realized that my Mac M2 chip is an ARM processor. When I ran procmon64a.exe, it launched correctly.