You can define the filters by pressing Ctrl+L in Process Monitor or through the Filter > Filter. The thoroughness of the tool is also weakness, as the amount of data captured by Process Monitor can easily overwhelm the analyst.įilters for Sifting Through Process Monitor Dataįinding meaningful events in Process Monitor’s voluminous log file is simpler by using the tool’s filtering capabilities, which allow the analyst to conditions for determining whether records should be shown or hidden.
It’s an invaluable tool for troubleshooting Windows problems as well as for malware forensics and analysis tasks. Process Monitor is a free tool from Microsoft that displays file system, registry, process, and other activities on the system.
0 kommentar(er)
