Misplaced Pages

Process Monitor

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
(Redirected from Filemon) Free tool from Windows Sysinternals, part of the Microsoft TechNet website "Filemon" redirects here. For the cat, see Przygody kota Filemona.
Process Monitor
Logo of Process Monitor
Screenshot of Windows 10 Process Monitor
Other namesProcMon
Original author(s)Winternals Software
Developer(s)Mark Russinovich and Bryce Cogswell
Stable releasev4.01 / June 20, 2024; 5 months ago (2024-06-20) (Windows version)
Preview releasev2.0 Preview / July 22, 2024; 4 months ago (2024-07-22) (Linux version)
Repositorygithub.com/microsoft/ProcMon-for-Linux
Written inC++
Operating systemWindows XP SP2 and higher, Linux
Included withSysinternals
Available inEnglish
LicenseWindows: Proprietary commercial software
Linux: MIT License
WebsiteWindows Sysinternals

Process Monitor is a tool from Windows Sysinternals, part of the Microsoft TechNet website. The tool monitors and displays in real-time all file system activity on a Microsoft Windows or Unix-like operating system. It combines two older tools, FileMon and RegMon and is used in system administration, computer forensics, and application debugging.

Overview

Process Monitor monitors and records all actions attempted against the Microsoft Windows Registry. Process Monitor can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. In addition it shows how applications use files and DLLs, detects some critical errors in system files and more.

History

RegMon and its sister application Filemon were primarily created by Mark Russinovich and Bryce Cogswell, employed by NuMega Technologies and later SysInternals prior SysInternals being bought out by Microsoft in 2006.

The two tools were combined to create Process Monitor. Early versions of Process Monitor (up to version 2.8) ran on Windows 2000 SP4 with Update Rollup 1. The current version for Windows only runs on Windows Vista and above.

Initially, ProcMon was only available for Microsoft Windows. In November 2018, Microsoft confirmed it is porting Sysinternals tools, including ProcDump and ProcMon, to Linux. The Linux port of the software is open source. It is licensed under MIT License and the source code is available on GitHub.

FileMon

FileMon (from a concatenation of "File" and "Monitor") was a free utility for 32/64-bit Microsoft Windows operating systems which provided users with a powerful tool to monitor and display file system activity.

FileMon is no longer supported.

RegMon

The RegMon utility from Sysinternals provided forensics on Windows Registry usage.

RegMon is no longer supported.

See also

References

  1. "Process Monitor - Windows Sysinternals". learn.microsoft.com.
  2. "Process Monitor for Linux (Preview)". Sysinternals. 30 October 2022.
  3. "Download Process Monitor (ProcMon)". BleepingComputer.
  4. Mark Russinovich’s Blog Archived 2015-05-30 at the Wayback Machine
  5. RegMon for Windows
  6. Process Monitor, Microsoft Technet
  7. "How to use Sysinternals Process Monitor and Process Explorer to Troubleshoot SharePoint". Archived from the original on 2011-08-20. Retrieved 2011-08-01.
  8. Cimpanu, Catalin (5 November 2018). "Microsoft working on porting Sysinternals to Linux". ZDNet. CBS Interactive. Retrieved 5 November 2018.
  9. "Process Monitor for Linux (Preview)". GitHub. 24 October 2021.

External links

Microsoft free and open-source software (FOSS)
Overview
Software
Applications
Video games
Programming
languages
Frameworks,
development tools
Operating systems
Other
Licenses
Forges
Related
Category
Operating systems
General
Variants
Kernel
Architectures
Components
Process management
Concepts
Scheduling
algorithms
Memory management,
resource protection
Storage access,
file systems
Supporting concepts
Stub icon

This Microsoft Windows article is a stub. You can help Misplaced Pages by expanding it.

Categories: