Skip to content
Extended Process Monitor-like tool based on Event Tracing for Windows
Branch: master
Clone or download
Latest commit b7fbbf2 Mar 3, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ProcMonX nuget updates Feb 18, 2019
.gitattributes Add .gitignore and .gitattributes. Jan 11, 2018
.gitignore Add .gitignore and .gitattributes. Jan 11, 2018
ProcMonX.sln Add project files. Jan 11, 2018
README.md Update README.md Mar 3, 2019
procmonx1.PNG Add files via upload Mar 3, 2019

README.md

ProcMonX

Extended Process Monitor-like tool based on Event Tracing for Windows

The classic Sysinternals tool Process Monitor uses a file system minifilter, registry minifilter and process/thread callbacks to get the information it provides.

An alternative way is to use Event Tracing for Windows (ETW) to get this information, without the need for a kernel driver. (Process Monitor does use ETW for network events).

See more info at this blog post.

ProcMonX

You can’t perform that action at this time.