![]() We’re just looking at the fact that a process is writing to one of these streams, so we can later figure out more about what is happening. So Process Monitor can capture any type of I/O operation, whether that happens through the registry, file system, or even the network - although the actual data being written isn’t captured. Again, you would probably want to use Process Explorer for tracking these things most of the time, but it’s useful here if you need it. Profiling – These events are captured by Process Monitor to check the amount of processor time used by each process, and the memory use.This can be useful information in certain instances, but is often something you’d want to look at in Process Explorer instead. Process – These are events for processes and threads where a process is started, a thread starts or exits, etc.Network – this will show the source and destination of TCP/UDP traffic, but sadly it doesn’t show the data, making it a bit less useful. ![]() ![]()
0 Comments
Leave a Reply. |