document updated 15 years ago, on Mar 4, 2009
Procmon is POWERFUL. It really looks like the authors have spent a lot of time to make it work really well, probably because they themselves use it quite a bit.
Tips
- Tools > Unique Values includes ALL events, even those that have been filtered out. Tools > Count Occurances includes ONLY those events that the filter lets through.
- little features that make it clear they use the tool A LOT themselves
- you can right-click on a registry path, and choose "jump to" to open up regedit to that path (WOW!)
- you can double-click or right-click on just about any value to add it to the filter