Microsoft Process Monitor is a free utility for monitoring the file system, system registry and processes in RAM. Microsoft Process Monitor combines the capabilities of the three programs Filemon (file system monitoring), Regmon (registry monitoring) and Process Explorer (process monitoring), as well as a huge number of improvements, including advanced and harmless filtering, comprehensive event properties, and more. The utility does not require installation .
Benefits of Process Monitor:
- tracking the start and end of processes and threads, including information about the exit code
- monitoring the loading of images (DLLs and device drivers running in kernel mode)
- more collected data about the parameters of input and output operations
- harmless filters allow you to set filters that will not lead to data loss
- collecting thread stacks for each operation allows, in most cases, to determine the original reason for performing the operation
- reliable collection of information about processes, including the path to the process image, command line, as well as user and session ID
- configurable and movable columns for each event property
- filters can be set on any data field, including fields that are not columns
- advanced logging architecture expands program capabilities to tens of millions of logged events and gigabytes of logged event data
- the process tree displays the relationships between all the processes listed in the trace details
- the main log format saves all data so that it can be loaded in another instance of Process Monitor
- process hints for easy viewing of process image information
- detailed tooltips provide convenient access to formatted data that does not fit in a column
- stop search
- logging all operations during system boot
OS: Windows Vista and above, Windows Server 2008 and above. Download Process Monitor 3.93 (1 MB):
