Now, if any process running on Windows tries to read or write to a tracking file or registry key, you will see this event in Process Monitor. In this way, exclude any other trusted processes that are accessing your file or registry key. It means that the ProcMon log won’t display any activity from this process. This process will be added to the ProcMon filter with the Exclude value. To exclude the events of this process from the ProcMon log, right-click on the process name msmpeng.exe and select Exclude “….”. This is the core process of the antimalware detection engine in Windows Defender. The list of events contains the system process msmpeng.exe (Antimalware Service Executable).
0 kommentar(er)
