Some days ago, Microsoft released Sysinternals Process Monitor 1.12. It has a very interesting new feature: boot logging. I must admit that I didn't use the last version of Process Monitor, so I can only rely on this article on SearchWinIT about its new features.
- Midnight Commander remote connect via Shell link (copy files over SSH) and SFTP link using FISH and public key authentication - Mon, Jan 17 2022
- Root login via SSH and SFTP on EC2 instances running Linux - Wed, Jan 12 2022
- Poll: Will you deploy Windows 11 in 2022? - Mon, Jan 10 2022
Process Monitor is a free tool that allows you to monitor in real-time file system, registry and process/thread activity. According to the SearchWinIT article, Process Monitor 1.12 has a new tool bar and you can now cancel a search process. However, the most interesting new feature certainly is the boot logging feature. It enables you to analyze a Windows system that is having problems during the boot process.
Subscribe to 4sysops newsletter!
You can enable boot logging by selecting the corresponding menu point under Options. When you boot Windows the next time, Process Monitor will log all system activity. You can then save the log file in the process monitor format (pfl) when you start the monitoring tool after the reboot. This file can be opened with Process Monitor for later analysis. It is then also possible to save log files in CSV format if you want to use another tool to analyze system activity.