Sysinternals Homepage
Forum Home Forum Home > Sysinternals Utilities > Process Monitor
  New Posts New Posts RSS Feed - ** Feature request list **
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

** Feature request list **
 Post Reply Post Reply Page  <1234 15>
Author
Message
  Topic Search Topic Search  Topic Options Topic Options
eried View Drop Down
Groupie
Groupie
Avatar

Joined: 02 June 2007
Location: Chile
Status: Offline
Points: 76 		Post Options Post Options   Thanks (0) Thanks(0)   Quote eried Quote  Post ReplyReply Direct Link To This Post Posted: 24 August 2007 at 8:10pm
Double click to open dir/reg!
 
Who wants to view properties?
http://erwin.ried.cl
Back to Top
jbs123 View Drop Down
Newbie
Newbie


Joined: 26 September 2007
Location: United States
Status: Offline
Points: 16 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jbs123 Quote  Post ReplyReply Direct Link To This Post Posted: 26 September 2007 at 8:34am
Better CLE support. This is an awesome tool that would make it even better if we had even more control from the command line.
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Status: Offline
Points: 17506 		Post Options Post Options   Thanks (0) Thanks(0)   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 26 September 2007 at 7:18pm
Hi Josh,
 
FWIW, Bryce has posted some notes on using the latest version of Process Monitor, 1.23, in a batch file:
 
Daily affirmation:
net helpmsg 4006
Back to Top
jbs123 View Drop Down
Newbie
Newbie


Joined: 26 September 2007
Location: United States
Status: Offline
Points: 16 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jbs123 Quote  Post ReplyReply Direct Link To This Post Posted: 01 October 2007 at 7:24am
Thanks


Edited by jbs123 - 01 October 2007 at 12:45pm
Back to Top
SystemPro View Drop Down
Senior Member
Senior Member
Avatar

Joined: 26 April 2007
Location: Germany
Status: Offline
Points: 514 		Post Options Post Options   Thanks (0) Thanks(0)   Quote SystemPro Quote  Post ReplyReply Direct Link To This Post Posted: 05 October 2007 at 4:50am
Any kind of hint that is able to explain the <unknown>īs (what the hell are these stack unknowns, there should be a hint to this root of <unknown>(evil)??) I doubt that I am the only one that experiences these unknown kernel/ntdll stacks(7c81..).

I really appreciate procmon but I hate <unknown> stacks!!!!!


Edited by SystemPro - 05 October 2007 at 4:54am
Back to Top
Bryce View Drop Down
Senior Member
Senior Member
Avatar

Joined: 06 June 2005
Status: Offline
Points: 196 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Bryce Quote  Post ReplyReply Direct Link To This Post Posted: 08 October 2007 at 5:08pm
"<unknown>" in a stack trace means that the address comes from a location that does not correspond to the address space of any loaded DLL. You should never see it in normal applications. However, up until the last version it was possible to get these if you stopped capturing before procmon had a chance to resolve all DLL info for all processes.
Back to Top
SystemPro View Drop Down
Senior Member
Senior Member
Avatar

Joined: 26 April 2007
Location: Germany
Status: Offline
Points: 514 		Post Options Post Options   Thanks (0) Thanks(0)   Quote SystemPro Quote  Post ReplyReply Direct Link To This Post Posted: 09 October 2007 at 5:52am
Quote "<unknown>" in a stack trace means that the address comes from a location that does not correspond to the address space of any loaded DLL. You should never see it in normal applications. However, up until the last version it was possible to get these if you stopped capturing before procmon had a chance to resolve all DLL info for all processes.
Thanks for this information, so until 1.25 this could happen and should be solved now in general?! So maybe I should stop capturing before I go to stack summary but this didnīt help in case of msimn <unknown> 7c81 and still occurs in v.1.25.


Edited by SystemPro - 09 October 2007 at 6:17am
Back to Top
jboucher View Drop Down
Groupie
Groupie


Joined: 18 October 2007
Status: Offline
Points: 43 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jboucher Quote  Post ReplyReply Direct Link To This Post Posted: 18 October 2007 at 9:09am
I would like to see a feature that would allow you to monitor the install of an application (much like InCtrl from PCMag does).  You could tell ProcMon to monitor a particular process and its children.  With filtering and unique values one could then extract the necessary install info.  However even nicer if ProcMon could then report the files/folders that were created or changed, as well as the registry entries that were created or changed.
Back to Top
jbs123 View Drop Down
Newbie
Newbie


Joined: 26 September 2007
Location: United States
Status: Offline
Points: 16 		Post Options Post Options   Thanks (0) Thanks(0)   Quote jbs123 Quote  Post ReplyReply Direct Link To This Post Posted: 22 October 2007 at 11:16am
jboucher,

Thats what I am using (well trying to) procmon for. I have everything but the registry figured out and hoping the procmon would solve that.
Back to Top
Merlin View Drop Down
Newbie
Newbie


Joined: 26 October 2007
Status: Offline
Points: 1 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Merlin Quote  Post ReplyReply Direct Link To This Post Posted: 26 October 2007 at 2:16am
Any chance of adding in the ability to output the events to file/database in real time?
 
I do not mean just saving what ever is shown into a file.
 
I meant keeping Process Monitor running and output thing the captured events to file/database.
 
Thanks.
Back to Top
 Post Reply Post Reply Page  <1234 15>
  Share Topic   

Forum Jump Forum Permissions View Drop Down