process monitor

How to Run a Boot Trace Using Process Monitor

by
Process monitor boot logging

Process Monitor is an excellent diagnostic tool from Microsoft Sysinternals. It can run a trace during the current Windows session or trace the boot process. Let’s see how to enable boot tracing using Process Monitor. Enable Boot Logging using Process Monitor Download Process Monitor and run it. Read and accept the license agreement. If the … Read more

Find Which Program is Constantly Reading or Writing to Disk

by

Does your hard drive LED in the computer’s chassis show non-stop disk input or output activity? If the I/O operations occur at an alarming rate, sometimes even at 100% disk usage, find the process and stop it from running, especially if you’re using Solid State Drive. If you’re wondering which process is thrashing your hard drive continuously, here is how to find the offending program.

Read more

Process Monitor “Unable to write PROCMON23.SYS” Enabling Boot Logging

by

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It can also trace the entire boot process and save to a PML log file. When enabling the setting “Enable Boot Logging” from the Options menu in Process Monitor, the following error may pop up:Read more

Track Process Creation and Exit Time Using Process Monitor

by

Summary: This post tells you how to track process creation and exit events using the Process Monitor utility.

My previous post, List Running Processes, helps you track down currently running processes. And the article Command Prompt Opens and Closes immediately tells you if a last run program window was a scheduled task or not.Read more

How to Track “Access Denied” Registry and File Events Using Process Monitor

by

A well-written application does proper error handling, notifying the user in detail about the error it countered and how to go about fixing it, rather than failing silently or throwing up an obscure error code and quitting. This post tells you how to trace "Access Denied" events for file and registry activities occurring in the system, using Process Monitor.Read more

How to Find Which Program Is Making Sound in the Background

by
volume mixer - program name

Every now and then, my PC located in the bedroom emanated a sound at random intervals. This was caused by an application playing a short media file. And I noticed it twice when entering the bedroom, which I thought was a mere coincidence, but wasn’t. I couldn’t figure out what it was.

Control Panels → Sounds was the first place I checked. It was not the Sound Scheme as it was already set to “No Sounds”.

I then opened the Volume Mixer to find out the program responsible for playing the unidentified music on my computer. But when I looked through the Volume Mixer, the 3rd column said: “Name Not Available”. Randomly, the music just popped right up into the speakers. It lasted for a few seconds.

Find which program is playing random music in the background

With almost a dozen applications running and I didn’t want to disturb them, I fired up the excellent Process Monitor right away and configured the filters so that any entry with “.wav” in the Path is captured.

It may not necessarily be a .wav file (it could be .mp3 or any audio file type, as well), but I had a suspicion that it could be, in this case. So I included “.wav“, to start with.Read more

Using Process Monitor to Track Registry and File System Changes

by
Process Monitor window

Process Monitor is an excellent troubleshooting tool from Windows Sysinternals that displays the files and registry keys that applications access in real-time. The results can be saved to a log file, which you can send to an expert for analyzing a problem and troubleshooting it.

Process Monitor window

This article tells you how to use Process Monitor to capture registry and file system accesses by applications. You can also save the events to a log file for further analysis.Read more