Where’s My FileMon?
Process Monitor tracks and logs all file system, registry and process activity on your computer. This activity is displayed with the related process, operation type, time/date stamp, duration and any other of the 28 different columns shown below.
The results can be overwhelming. It is easy to capture hundreds of thousands of events in a matter of seconds (not an exaggeration). Luckily, Process Monitor provides searching and filtering tools to help you find exactly what you’re looking for (even if you don’t know what it is). Once you do find what you are looking for, you can drill down into more details including whether the event was successful, what the desired outcome was, and even viewing the full stack of events leading up to a selected event. And as an improvement over FileMon and RegMon, Process Monitor can even monitor bootup events.
Process Monitor 2.8 supports client operating systems Windows XP SP2 and higher and server operating systems Windows Server 2003 SP1 and higher. It can be downloaded from Microsoft. You can also view a Microsoft webcast of how Process Monitor can be used in troubleshooting. Other tools are also available from Microsoft Sysinternals including a Port Monitor, Hard Disk Monitor and a Debug Output monitor. Please leave a comment if you have any novel techniques for using this tool to troubleshoot system and application problems.
Tags: File System, Filemon, Process Monitor, registry, RegMon, troubleshooting, Utilities, Windows
Read more posts by Paul Gimbel
