Process Monitor 是一款系統進程監控軟體,總體來說,Process Monitor相當於Filemon+Regmon,其中的Filemon專門用來監視系統 中的任何文件操作過程,而Regmon用來監視註冊表的讀寫操作過程。有了Process Monitor,使用者就可以對系統中的任何文件和 註冊表操作同時進行監視和記錄,通過註冊表和文件讀寫的變化, 對於幫助診斷系統故障或是發現惡意軟件、病毒或木馬來說,非常 有用。
Process Monitor displays both file system and registry activities in real-time, combining the features of FileMon and RegMon. Additional features includes live changes (autoscroll), non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, file logging etc.