What Is Process Monitor?
Monitoring file system, registry, and process activity In Windows
Process Monitor is a tool on Windows systems that helps you monitor for issues on your system. You can view registry, filesystem, process, and network activity in real-time.
Process Monitor was born when Mark Russinovich and Bryce Cogswell created RegMon “Registry Monitor” and its sister application Filemon “File Monitor”. The two tools combined to form the earliest version of ProcMon “Process Monitor”. Some tools that are similar to Process Monitor today are SpyStudio.exe, Sysmon.exe, Procexp.exe, and perfmon.exe.
Sysadmins often use ProcMon to troubleshoot the operating system. Security professionals use it to monitor critical processes and spot potential attacks. Today, we are going to go through the basics of using ProcMon.
Installing Process Monitor
But first, let’s install ProcMon! Go to Microsoft’s website to download Process Monitor.
