Process Monitor

Process Monitor
Other names	ProcMon
Winternals Software
Developer(s)	Microsoft
Stable release	v3.95 / June 27, 2023; 9 months ago (Windows version)
Preview release	v1.0.1 Preview / April 28, 2021; 2 years ago (Linux version)
Windows XP SP2 and higher, Linux
Available in	English
License	Windows: Proprietary commercial software; Linux: MIT License
Website	Windows Sysinternals

Process Monitor is a tool from

system administration, computer forensics

, and application debugging.

Overview

Process Monitor monitors and records all actions attempted against the Microsoft Windows Registry. Process Monitor can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. In addition it shows how applications use files and DLLs, detects some critical errors in system files and more.^[3]

History

RegMon and its sister application

SysInternals prior SysInternals being bought out by Microsoft

in 2006.

The two tools were combined to create Process Monitor.[5]^[6] Early versions of Process Monitor (up to version 2.8) ran on Windows 2000 SP4 with Update Rollup 1.^[7] The current version for Windows only runs on Windows Vista and above.

Initially, ProcMon was only available for Microsoft Windows. In November 2018, Microsoft confirmed it is porting Sysinternals tools, including ProcDump and ProcMon, to Linux.^[8] The Linux port of the software is open source. It is licensed under MIT License and the source code is available on GitHub.^[9]

FileMon

FileMon (from a

operating systems

which provided users with a powerful tool to monitor and display file system activity.

FileMon is no longer supported.

RegMon

The RegMon utility from Sysinternals provided forensics on Windows Registry usage.

RegMon is no longer supported.

References

^ "Process Monitor - Windows Sysinternals". learn.microsoft.com.
^ "Process Monitor for Linux (Preview)". Sysinternals. 30 October 2022.
^ "Download Process Monitor (ProcMon)". BleepingComputer.
^ Mark Russinovich’s Blog Archived 2015-05-30 at the Wayback Machine
^ RegMon for Windows
^ Process Monitor, Microsoft Technet
^ "How to use Sysinternals Process Monitor and Process Explorer to Troubleshoot SharePoint". Archived from the original on 2011-08-20. Retrieved 2011-08-01.
CBS Interactive
. Retrieved 5 November 2018.

^ "Process Monitor for Linux (Preview)". GitHub. 24 October 2021.

External links

Official website

GitHub - microsoft/ProcMon-for-Linux

v
t
e
Microsoft free and open-source software (FOSS)
Overview

Microsoft and open source

Shared Source Initiative

Software
Applications

3D Movie Maker

Atom

Conference XP

Family.Show

File Manager

Open Live Writer

Microsoft PowerToys

Terminal

Windows Calculator

Windows Console

Windows Package Manager

WorldWide Telescope

XML Notepad

Video games

Allegiance

Programming
languages

Bosque

C#

Dafny

F#

F*

GW-BASIC

IronPython

IronRuby

Lean

P

Power Fx

PowerShell

Project Verona

Q#

R Open

Small Basic Online

TypeScript

Visual Basic

Frameworks,
development tools

.NET

.NET Framework

.NET Gadgeteer

.NET MAUI

.NET Micro Framework

AirSim

ASP.NET

ASP.NET AJAX

ASP.NET Core

ASP.NET MVC

ASP.NET Razor

ASP.NET Web Forms

Avalonia

Babylon.js

BitFunnel

Blazor

C++/WinRT

CCF

ChakraCore

CLR Profiler

Dapr

DeepSpeed

DiskSpd

Dryad

Dynamic Language Runtime

eBPF on Windows

Electron

Entity Framework

Fluent Design System

Fluid Framework

Infer.NET

LightGBM

Managed Extensibility Framework

Microsoft Automatic Graph Layout

Microsoft C++ Standard Library

Microsoft Cognitive Toolkit

Microsoft Design Language

Microsoft Detours

Microsoft Enterprise Library

Microsoft SEAL

mimalloc

Mixed Reality Toolkit

ML.NET

mod_mono

Mono

MonoDevelop

MSBuild

MsQuic

Neural Network Intelligence

npm

NuGet

OneFuzz

Open Management Infrastructure

Open Neural Network Exchange

Open Service Mesh

Open XML SDK

Orleans

Playwright

ProcDump

ProcMon

Python Tools for Visual Studio

R Tools for Visual Studio

RecursiveExtractor

Roslyn

Sandcastle

SignalR

StyleCop

SVNBridge

T2 Temporal Prover

Text Template Transformation Toolkit

TLA+ Toolbox

U-Prove

vcpkg

Virtual File System for Git

Visual Studio Code

Voldemort

VoTT

Vowpal Wabbit

Windows App SDK

Windows Communication Foundation

Windows Driver Frameworks
KMDF

UMDF

Windows Forms

Windows Presentation Foundation

Windows Template Library

Windows UI Library

WinJS

WinObjC

WiX

XDP for Windows

XSP

xUnit.net

Z3 Theorem Prover

Operating systems

MS-DOS (v1.25, v2.0 & v4.0)

Barrelfish

SONiC

Azure Linux

Other

ChronoZoom

Extensible Storage Engine

FlexWiki

FourQ

Gollum

Project Mu

ReactiveX

SILK

TLAPS

TPM 2.0 Reference Implementation

WikiBhasha

Licenses

Microsoft Public License

Microsoft Reciprocal License

Forges

CodePlex

GitHub

Related

.NET Foundation

F# Software Foundation

Microsoft Open Specification Promise

Open Letter to Hobbyists

Open Source Security Foundation

Outercurve Foundation

Category

v
t
e
Operating systems
General

Comparison

Forensic engineering

History

List

Timeline

Usage share

User features comparison

Variants

Disk operating system

Distributed operating system

Embedded operating system

Hobbyist operating system

Just enough operating system

Mobile operating system

Network operating system

Object-oriented operating system

Real-time operating system

Supercomputer operating system

Kernel
Architectures

Exokernel

Hybrid

Microkernel

Monolithic

Multikernel

vkernel

Rump kernel

Unikernel

Components

Device driver

Loadable kernel module

User space and kernel space

Process management
Concepts

Computer multitasking (Cooperative, Preemptive)

Context switch

Interrupt

IPC

Process

Process control block

Real-time

Thread

Time-sharing

Scheduling
algorithms

Fixed-priority preemptive

Multilevel feedback queue

Round-robin

Shortest job next

Memory management,
resource protection

Bus error

General protection fault

Memory paging

Memory protection

Protection ring

Segmentation fault

Virtual memory

Storage access,
file systems

Boot loader

Defragmentation

Device file

File attribute

Inode

Journal

Partition

Virtual file system

Virtual tape library

Supporting concepts

API

Computer network

HAL

Live CD

Live USB

Shell
CLI

User interface

PXE

This Microsoft Windows article is a stub. You can help Wikipedia by expanding it.
v
t
e

Retrieved from "https://en.wikipedia.org/w/index.php?title=Process_Monitor&oldid=1162724430"

[1] "Process Monitor - Windows Sysinternals". learn.microsoft.com.

[2] "Process Monitor for Linux (Preview)". Sysinternals. 30 October 2022.

[3] "Download Process Monitor (ProcMon)". BleepingComputer.

[4] Mark Russinovich’s Blog Archived 2015-05-30 at the Wayback Machine

[5] RegMon for Windows

[6] Process Monitor, Microsoft Technet

[7] "How to use Sysinternals Process Monitor and Process Explorer to Troubleshoot SharePoint". Archived from the original on 2011-08-20. Retrieved 2011-08-01.

[8] CBS Interactive
. Retrieved 5 November 2018.

[9] "Process Monitor for Linux (Preview)". GitHub. 24 October 2021.

[1]

[2]

[3]

[6]

[7]

[8]

[9]

Overview

History

FileMon

RegMon

See also

References

External links