Process Monitor is a program that displays information in real-time about Windows running processes.

Operating Systems allow us to use computers simply. Thanks to them, we can write documents, listen to music, browse the Internet, watch movies, etc. To do those tasks, the final no need to know which processes are running in the Operating System.
However, in certain situations, knowing which processes are executed by the installed programs is necessary and useful.

Process Monitor allows us to display and monitor different Operating System processes.

The software's main screen consists of a toolbar and a panel where all system activity will be logged. Some of the data displayed in the panel are:

• Time when the event happened.
• Name of the process
• PID (the number that uniquely identifies the Process)
• Type of Operation
• Path accessed by the process
• Result Displays if the process has been satisfactory or has produced any other type of result.

We can add new columns to the information panel to show more information about the registered event. For example, it can display the Process company name, Process version, event duration, parent process PID, and more.

The information panel registers the following aspects of the Windows Operating system:

• Show Registry Activity : Here, we can see programs that have accessed the Windows registry and the key registry they have read or modified. This is very useful if we want to know if a program tries to modify the System registry maliciously.
• Show File System Activity : The programs shown here read or write any file on the file system. This allows us to view the files that are being modified or read by the programs. This function can identify log error files created by some programs.
• Show Network Activity : This list shows the network connection programs. Displays information such as; protocol connection (TCP, UDP, etc), remote IP address, domain, etc. This information allows identifying the programs that make malicious use of the Internet connection, for example, malware and adware.
• Show Process and Thread Activity : The information shown here is about processes and threads created in PC's memory by active programs.
• Show Profiling Events : This option allows us to see the time consumed by any running process. It is very useful to detect possible performance problems of programs and applications.

In the top toolbar, we can show or hide any of the activities mentioned above. For example, we can display only File System activity. That way, only events related to the file system will be logged and displayed.

If we double-click on any registered events, it will display a window with more information about that event. Depending on the type of event, it will display one type of information or another.

The program also includes a powerful filtering tool to find the events and processes we were looking for quickly.

Another useful tool in this software is the “ Tree Process ” (Process Tree), which shows the processes being executed in the System as a data tree.

The software does not require installation, so we only need to unzip it and launch the included executable.

it is worth mentioning that this software combines the features of two discontinued programs and are therefore not updated anymore: FileMon and RegMon, developed by Sysinternals.