Microsoft Sysinternals 实用工具 - Process Monitor

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

下面是自动翻译的文章不通顺还能凑合...
进程监视器是一种先进的监测工具为Windows,显示实时文件系统,注册表和进程/线程活动。它结合了两个传统的Sysinternals的公用事业,Filemon和Regmon,并增加了一个广泛的增强功能,包括丰富的和非破坏性过滤,全面的事件属性,例如会话ID和用户名,可靠的工艺信息,集成了完整的线程堆栈符号支持列表为每个操作,同时记录到一个文件,等等。其独特而强大的特性将会使过程监控您的系统中的故障排除和恶意软件的狩猎工具包的核心工具。

官方主页http://technet.microsoft.com/en-us/sysinternals/bb896645

其他参考 http://technet.microsoft.com/zh-cn/sysinternals
直接下载 http://live.sysinternals.com/

你可能感兴趣的:(Microsoft)