![]() ![]() Hitting each button will exclude all events associated with a particular event category. There are five filter buttons, one for each of the different event categories. The screen capture below highlights the main filters. The main filters are found at the top menu bar in ProcMon. The best way to use ProcMon is to use the readily available filters, and zero-in on the events of interest. ProcMon captures thousands of events, and tracks all of them in real time. 5 Profiling operations: This generates a log for memory use and processor time of each process. ![]() 4 Process operations: All process and thread events such as process creation, process start, thread creation, thread start, thread exit, and process exit will be logged.It will however not log the actual information that was transmitted or received. 3 Network operations: All network activity (including source and destination addresses) associated with TCP/UDP traffic will be logged in ProcMon.2 File system operations: Activities such as file creations, deletions, modifications on both local and network drives are logged.1 Registry operations: All activities such as creating, deleting, reading, querying, and enumerating registry keys are logged. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |