Often when investigating a problem, we need to see what a specific program is doing to the machine, or the registry, or accessing files etc. Process Monitor (also known as Procmon) is an awesome tool to be used for this.
Procmon is a small exe file that you can download and run on a machine and it will show you as below, what every single exe is doing, it’s registry accesses, both sucessful and failed, it’s file access, reads/writes, even directory listings are shown. You can use the filters to only show things from a specific EXE, or a specific path or registry key, which gives it huge potential to help figure out many things that go wrong.
Where can I download Procmon?
You can download it direct from Microsoft – here