Sysinternals ProcessMonitor is the ultimate tool for working with Windows processes. It shows all the processes, their various threads, the files opened, the registry keys opened, etc.
The program is really small and represents a tool made of just a single executable file procmon.exe, just like other sysinternal tools. When I listed all the processes and threads running in Windows7, it showed up more than 2000000 entries, which took a lot of time to scan. Now, that is a huge list. The thing is to know what we are looking for. The search tool is thus unavoidable.
The list never gets complete because Windows runs a lot of background processes that optimize the system. There can be the scheduler, disk defragmenter, and other tools set to run. There is also an idle task processor that may have started some work when the system was idle.
There are filters that can remove unwanted entries and clean the list.
The processes can be viewed as a tree. Various processes along with the sub processes are shown. It is just like the task manager list, easier to read.
Regarding the data it gives and the features, this is the best tool of its kind. But it is only for advanced users.
- Small application.
- Shows complete details about all the processes in regular and tree view.
- Boot time logging of all operations.
- Process tooltip for easy viewing of process image information
- Slows down the system while scanning and takes a lot of time