Windows 7 / Getting Started

Process Monitor

Process Monitor is an extremely powerful troubleshooting tool that monitors file and registry accesses by an application. With Process Monitor, you can see exactly what an application is doing, allowing you to isolate the resources to which an application requires access. If an application fails because a resource is unavailable or access is denied, Process Monitor can allow you to identify the resource. Often, you can use that information to resolve the problem.

To run Process Monitor, save the file to a folder that is allowed to run executable files, such as C:\Program Files\. Specifically, you cannot save it to a Temporary Files folder. Then, rightclick ProcMon.exe and click Run As Administrator.

When run, Process Monitor immediately begins capturing events. To stop or restart capturing events, press Ctrl+E or click Capture Events from the File menu.

To use Process Monitor, enable event capturing and then run the application that you want to monitor. After you perform the task that you need to analyze, stop event capturing.

Process Monitor displays all disk and file accesses that occurred while capturing was enabled. To view events for just a specific process, right-click any event generated by the process and then click Include. Process Monitor will filter the displayed event so that only events generated by the selected process are visible. You can create more complex filters using the Filter menu.

When examining the captured events, pay close attention to events with a result other than Success. Although non-Success events are common and normal, they are more likely to indicate the cause of an error.

You can download Process Monitor from http://technet.microsoft.com/en-ca/sysinternals/bb896645.aspx. For an example of how Process Monitor can be used, read "The Case of the Failed File Copy" at http://blogs.technet.com/markrussinovich/archive/2007/10/01/2087460.aspx and "The Case of the Missing AutoPlay" at http://blogs.technet.com/markrussinovich/archive/2008/01/02/2696753.aspx.

[Previous] [Contents]

In this tutorial:

  1. Troubleshooting Hardware, Driver, and Disk Issues
  2. Windows 7 Improvements for Hardware and Driver Troubleshooting
  3. Windows Troubleshooting Platform
  4. Built-in Troubleshooting Packs
  5. Windows Troubleshooting Platform Components
  6. Creating Custom Troubleshooting Packs
  7. Running Troubleshooting Packs Remotely
  8. Windows 7 Reliability Monitor
  9. Windows 7 Resource Monitor
  10. Windows Memory Diagnostics
  11. Disk Failure Diagnostics
  12. Self-Healing NTFS
  13. Improved Driver Reliability
  14. Improved Error Reporting
  15. The Process of Troubleshooting Hardware Issues
  16. How to Troubleshoot Problems That Prevent Windows from Starting
  17. How to Troubleshoot Problems Installing New Hardware
  18. How to Troubleshoot Problems with Existing Hardware
  19. How to Troubleshoot Unpredictable Symptoms
  20. How to Diagnose Hardware Problems
  21. How to Use Device Manager to Identify Failed Devices
  22. How to Check the Physical Setup of Your Computer
  23. How to Check the Configuration of Your Hardware
  24. How to Verify That System Firmware and Peripheral Firmware Are Up to Date
  25. How to Test Your Hardware by Running Diagnostic Tools
  26. How to Simplify Your Hardware Configuration
  27. How to Diagnose Disk-Related Problems
  28. How to Use Built-In Diagnostics
  29. How to Use Reliability Monitor
  30. How to Use Event Viewer
  31. How to Use Data Collector Sets
  32. How to Use Windows Memory Diagnostics
  33. Memory Failures
  34. How Windows Automatically Detects Memory Problems
  35. How to Schedule Windows Memory Diagnostics
  36. How to Start Windows Memory Diagnostics When Windows Is Installed
  37. How to Start Windows Memory Diagnostics from the Windows DVD
  38. How to Configure Windows Memory Diagnostics
  39. How to Troubleshoot Disk Problems
  40. How to Prepare for Disk Failures
  41. How to Use ChkDsk
  42. ChkDsk Examples
  43. ChkDsk Syntax
  44. How to Use the Graphical ChkDsk Interface
  45. How to Determine Whether ChkDsk Is Scheduled to Run
  46. ChkDsk Process on NTFS Volumes
  47. How to Use the Disk Cleanup Wizard
  48. How to Disable Nonvolatile Caching
  49. How to Troubleshoot Driver Problems
  50. How to Find Updated Drivers
  51. How to Roll Back Drivers in Windows 7
  52. How to Use Driver Verifier
  53. How to Use the File Signature Verification
  54. How to Use Device Manager to View and Change Resource Usage
  55. How to Use Windows 7 System Restore
  56. How to Troubleshoot USB Problems
  57. How to Solve USB Driver and Hardware Problems
  58. Understanding USB Limitations
  59. How to Identify USB Problems Using Performance Monitor
  60. How to Examine USB Hubs
  61. How to Troubleshoot Bluetooth Problems
  62. Troubleshooting Tools
  63. DiskView
  64. Handle
  65. Process Monitor