-
Notifications
You must be signed in to change notification settings - Fork 266
_ACPI Monitoring and Debugging
Quick manual on how to monitor, what specifically AC sends to the device
- Disable windows
Bitlocker
/Drive Encryption
- Turn off
Secure Boot
in BIOS - Download and IRPMon application install https://github.com/MartinDrab/IRPMon/releases
- Reboot
EXPLANATION: In order to allow IRPM Mon run, you need to disable Secure Boot in BIOS. But with secure boot disabled, your windows bitlocker also won't work, so you need to turn off Bitlocker beforehand as well
-
Right click on IRPMon icon, and select
Run as Administrator
-
In popup window select
Device
tab, enter\\.\irpmndrv
there and click OK -
Go to
Action
->Drivers and Devices
and scroll down toDriver/ATKWMIACPIIO
-
Right click on it, and check
Data
(important!) andHook
to it. Under IRP column (on the right) select onlyDeviceControl
checkbox. -
Under
Request
->Filters
create a new filter with this params
Type : IRP, Column : DeviceName, Contains : ATKACPI, Action : INCLUDE. Click ADD
and APPLY
(important)
- Under
Monitoring
selectCapture Packets
. You should see some requests coming from AC (or any other app)
By double clicking on packets, you should see Hexer
tab containing actual data payload that app sends
- Launch AC and in UI prepare to perform action you want to monitor. For example go to Manual mode
- In IRPMmon, select
Monitoring
-> Start capturing and Clear everything (AC could be quite spammy with data) - Quickly alt-tab to AC and perform your action - i.e. click Apply on Manual mode
- In IRPMon - Stop Capturing and save captured data as a log :)