Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
Process Monitor´s user interface and options are similar to those of Filemon and Regmon, but it was written from the ground up and includes numerous significant enhancements, such as:
* Monitoring of process and thread startup and exit, including exit status codes
* Monitoring of image (DLL and kernel-mode device driver) loads
* More data captured for operation input and output parameters
* Non-destructive filters allow you to set filters without losing data
* Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
* Reliable capture of process details, including image path, command line, user and session ID
* Configurable and moveable columns for any event property
* Filters can be set for any data field, including fields not configured as columns
* Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
* Process tree tool shows relationship of all processes referenced in a trace
* Native log format preserves all data for loading in a different Process Monitor instance
* Process tooltip for easy viewing of process image information
* Detail tooltip allows convenient access to formatted data that doesn´t fit in the columna
Info: www.freewarefiles.com
Comments :
Posting Komentar