manualbashing · April 1, 2020 03:36
diff --git a/remote_procmon.bat b/remote_procmon.bat

 # https://4sysops.com/archives/using-process-monitor-procmon-remotely/
 @echo off
 Psexec.exe -sd \\%1 procmon -accepteula -backingfile c:\temp\proc.pml -quiet
 Pause
 Psexec.exe -sd \\%1 procmon -accepteula -terminate -quiet
 Xcopy \\%1\c$\temp\proc.pml c:\temp\
 Del \\%1\c$\temp\proc.pml
 Procmon.exe /openlog c:\temp\proc.pm

	# https://4sysops.com/archives/using-process-monitor-procmon-remotely/
	@echo off
	Psexec.exe -sd \\%1 procmon -accepteula -backingfile c:\temp\proc.pml -quiet
	Pause
	Psexec.exe -sd \\%1 procmon -accepteula -terminate -quiet
	Xcopy \\%1\c$\temp\proc.pml c:\temp\
	Del \\%1\c$\temp\proc.pml
	Procmon.exe /openlog c:\temp\proc.pm
No results found