Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • August 31, 2015, 08:53:49 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)  (Read 7744 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 34,959
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Donate to Member
This is a must have tool for those who have used SysInternals Regmon or Filemon: Process Monitor from MS (developed by sysinterals people i think after they joined MS).

Quote
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.


http://www.microsoft.../processmonitor.mspx

procmon-main.gifProcess Monitor from MS+SysInternals (evolved from Regmon+Filemon)



from http://roadtoknowwhere.com/

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 34,959
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #1 on: November 08, 2006, 02:43:29 AM »
note: download is at very bottom of page.
also see the new MS+SysInternals forum here: http://forum.sysinternals.com/

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,785
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #2 on: November 08, 2006, 06:12:58 AM »
Great program. It's a must have if you need to track down rogue processes.
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #3 on: November 08, 2006, 09:01:45 AM »
Too bad they're not porting over the sysinternals source code section, as well as some of the "smaller" apps, to the new MS home. Knew there'd be a catch.
- carpe noctem

Tekzel

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 228
    • View Profile
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #4 on: November 08, 2006, 02:52:31 PM »
Process Monitor has been there since long before Microsoft bought Sysinternals.  One thing I wish they would do is combine those monitor tools into one, FileMon, RegMon, ProcMon and DiskMon (raw disk access monitor, not file based like FileMon).  That would be cool.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 34,959
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #5 on: November 08, 2006, 03:20:33 PM »
process monitor IS the combo of regmon and filemon (not sure about diskmon..)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #6 on: November 08, 2006, 04:45:34 PM »
And they should NOT combine anything with Process Explorer - would make it too big & bloated.
- carpe noctem

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #7 on: November 11, 2006, 12:32:58 PM »
I just had a very nasty experience the other day. I was working on a minor bugfix for Notepad++ and wanted to track down some file activity. Started the new process monitor, added some filter, started notepad++ in debug mode in vs.net2005... and *b00m*, my system locked up. I could still move windows around and a few of them still repainted, but couldn't launch new processes, couldn't terminate anything, etc. System wouldn't even shut down, so I ended up having to do a hardboot :(
- carpe noctem

Tekzel

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 228
    • View Profile
    • Donate to Member
Re: Process Monitor from MS+SysInternals (evolved from Regmon+Filemon)
« Reply #8 on: November 16, 2006, 10:46:57 AM »
Doh!  How did I get ProcessExplorer and ProcessMonitor mixed up?!?  Not like the names are similar or anything. Damn Microsoft, I blame them.