Loading ...Microsoft’s new Sysinternals Process Monitor v1.2 and quick and dirty IT journalism
By Michael Pietroforte | 5 Comments | Permalink | Trackback | Previous | NextMicrosoft released Process Monitor v1.2, a free tool to monitor real-time file system, registry and process/thread activity. There is an “interesting” SearchWinIT article about its new features. I guess the author never saw Process Monitor in his life.
He stated that Microsoft added “destructive filtering“. Well, I hope they didn’t because that certainly wouldn’t be a constructive contribution to the stability of my computer. However, when I first run it on my desktop I thought for a moment MS really did. Process Monitor hanged and I wasn’t able to close the program. Even killing its process didn’t help. I, then, tried to reboot my Vista machine. I waited for about 20 minutes, but Vista hanged, too. I had no other choice but to pull the power plug. After I rebooted, Process Monitor still showed the same behavior.
I tried the tool on two other Vista machines, and it worked there without problems. So, it seems like my desktop is just screwed up and MS didn’t add “destructive” filtering. The real name of the feature is non-destructive filtering and it’s not new because the predecessors of version 1.2 already supported it. It just means that Process Monitor’s filters only affect the display of events, but not the event data itself. So it is not really revolutionary.
Process Monitor 1.2 has some new features, though. You can now open log files on a 64 bit machine that were generated on a 32 bit system. Process Monitor has the new switch “/run32” for this purpose which does nothing else than run the 32 bit version of the tool. Well, that’s not really exciting either, is it?
There is another new feature that sounds interesting in the SearchWinIT article:
Also included in the latest version is a feature that lets users better see how each process is running during an activity trace by showing a graph for each one.
Unfortunately, Procmon 1.2 doesn’t really allow you to “see how each process is running” (whatever that is supposed to mean). It only displays the activity span for each process (see screenshot) in the Process Activity Summary window (formerly called Process Summary). So this feature only gives you some limited information about the process’ activity during a certain time span. I suppose, I won’t need this feature either. Would you?
I found a third new feature which the SearchWinIT article doesn’t mention. In the tools menu, there is new the new point “Activity Summary“. I must admit, I don’t really understand the purpose of this feature. It is a graphical representation of the overall process activity based on the number of events or the elapsed time. I wasn’t able to find something about this in the help file.
I will just continue using Process Monitor 1.12. If the author of the article, whose name is SearchWinIT.com staff, didn’t just try to repeat what a marketing guy from Microsoft told him/her/it, but wrote a real review about Procmon’s new features, I probably wouldn’t have downloaded the new version.
Leave a Comment | 
Subscribe RSS
| 
Newsletter
Thanks for the heads-up on the new version!
Though it should be old news to everyone, here’s the reminder that regmon and filemon have been integrated within Process Monitor… That was its best move forward IMO. Love the tool.
[...] | Vía 4SysOps [...]
Leonardo, you’re right it was good move to put Filemon and Regmon together. I also think that Process Monitor is a great tool. Maybe that didn’t come across in my somewhat negative review of the new features.
[...] Process Monitor v1.2 lanzado Windows Vista Add comments Microsoft lanzó la versión 1.2 de la aplicación Process Monitor, cuya función es monitorear en tiempo real el sistema de archivos, el registro, y los procesos que se están ejecutando. Esta nueva versión trae algunas novedades: se pueden abrir archivos con historial que fueron creados en un sistema de 32 bit en uno de 64. Ahora los usuarios también podrán ver todo el nivel de actividad de un proceso a través de un gráfico. El sumario de las actividades también es una nueva función implementada en esta versión. Es una representación gráfica del proceso general de actividades basado en el número de eventos que se llevaron a cabo en determinado período de tiempo. En conclusión, esta nueva versión permitirá a las personas especialistas en computación estar más al tanto de todas las tareas y cambios que se están produciendo en el sistema. Descarga de la aplicación: Process Monitor v1.2 | Vía 4SysOps [...]
I have the same problem (Vista hangs) with the version 1.22 of process monitor and I can’t use “filemon” because when I try to start it advise to use “processmon”!
Some ideas?
Luke