What Is Process Monitor?
Process monitor is a Windows utility that helps you figure out what different programs on your computer are doing. You never see many behind-the-scenes activities as a regular user, like background downloads, processes sharing information, or errors that aren’t relayed to the person using the program. Process monitor can help you see this kind of information. It isn’t as user-friendly as some Windows utilities and is used mainly by system administrators. In fact, you must have administrator access to the computer you’re using to run the process monitor tool. If you don’t have it yet, contact your system administrator for help.
What Can I Do With Process Monitor?
Process Monitor is a program designed to give you information. While you can’t use it to troubleshoot issues directly, it can help you figure out exactly what’s going on so that you know what to do. Having more information is always good when fixing problems on your PC.
How to Install Process Monitor?
Process monitor isn’t built into Windows like some other monitoring tools. You have to opt-in by installing it. Before you start, you need a program that can unzip files. You can drag the exe file to a location where it’s easily found and use that to open Process Monitor in the future if you prefer.
What Options Can I Adjust on Process Monitor?
There are a few things that you can adjust to make the program more user-friendly for you.
Process Monitor offers both a dark theme and a light theme. The light theme looks like the standard view of folders in Windows, while the dark scene may be easier on your eyes in low-light conditions. You can change it by going to the Options menu. In order to see your new theme, restart Process Monitor.You can also change the font to make it easier to read. There are so many different things happening in the program that larger font can make it easier to narrow down on what you’re seeking. However, a smaller font can get more information on your screen. Go to Options and choose Font to make your adjustments. To give yourself more information on the screen, go to Options and Select Columns. Here, you can choose which options appear. If you add too many, you may need to scroll left and right to see all the available information.
What Information Can You View in Process Monitor?
There are many columns to choose from. The name, operation, time of day, path, detail, and the result are automatically shown. You can hide or show the others as desired by changing your columns. Application details let you get more information about the process the monitor reports on.
Process nameImage pathCommand-lineCompany nameDescriptionVersionArchitecture
Event details give you more information about the specific event occurring in the reported application.
Sequence numberEvent classOperationDate and timeTime of dayCategoryPathDetailResultRelative TimeDurationCompletion time
Process Management gives you more information about the exact process taking place.
User nameSession IDAuthentication IDIntegrityProcess IDThread IDParent PIDVirtualized
You choose which columns you want to show based on the information you’re trying to find. You don’t need to have each column enabled to get more details on the collected events. If you want to see any of this information about a particular event, here’s how. Within the Properties of any particular event, you can choose to Copy All to save the information to a clipboard. This is helpful if you’re saving data for troubleshooting or sharing with another person.
Using Filters in Process Monitor
One way to narrow down some of the information and find what you’re looking for is by using filters. There are millions of processes recorded and reported by Process Monitor, so understanding filters is extremely helpful when looking for something specific. You can add and remove multiple filters in this menu, which can help cut down the many returned results and show you what you need.
Tips and Tricks for Using Process Monitor
At the top of the window are four illustrated icons representing Registry Activity, File System Activity, Network Activity, and Process and Thread Activity. You can unselect these to remove the matching results from the list or select them to include the results in the list. If you know what type of activity you’re looking for, adding or removing these can make it easier to find.To see the activity in the Process Tree view, click the symbol at the top of the window with three squares connected by lines. This will allow you to see the data differently that might be more useful, depending on your current task.You don’t want to run Process Monitor when you don’t need it because it uses a lot of memory. Your computer may not run as efficiently when it’s active. You can choose to highlight certain types of events to spot them more easily. In this way, you won’t remove other events from the list and will be able to see what’s happening simultaneously, but certain events will stand out more.You can always clear your filters from the Filter menu. It’s usually quick but may take a while, depending on your system.
Do I Need to Use Process Monitor?
Many people get by without ever having to use Process Monitor. As you get deeper into computer troubleshooting, though, having heavy-duty monitoring tools can help you better understand and find problems in your computer. Much of the information you see in Process Monitor isn’t as easily accessible in other ways. Even if it seems daunting at first, it’s worth the time it takes to explore what the utility has to offer.