- May 7, 2013
- 10,400
Okay, so I've been using the Sysinternals NotMyFault program to generate some Kernel Memory dumps, to demonstrate some extensions and commands. The dump files yesterday, weren't causing problems at all, apart from when the dump file was still within the C:\Windows folder. I moved the dump file to my Desktop, and that solved yesterday's access denied problems.
Today, I tried the same procedure and even ran Windows Explorer as a Administrator, both these methods didn't work. As a result, I decided to use ProcMon to get a trace on what was happening, I haven't really used ProcMon much so if want to run it again to gather more information, then please say so.
Here's the stack trace, the CreateFileW is the point in which Windows attempts to open the dump file and then return a handle to the WinDbg process object.
Here's my security permissions for the file:
Today, I tried the same procedure and even ran Windows Explorer as a Administrator, both these methods didn't work. As a result, I decided to use ProcMon to get a trace on what was happening, I haven't really used ProcMon much so if want to run it again to gather more information, then please say so.
Here's the stack trace, the CreateFileW is the point in which Windows attempts to open the dump file and then return a handle to the WinDbg process object.
Here's my security permissions for the file: