Originally published at: http://www.howtogeek.com/school/sysinternals-pro/lesson5/
In today’s edition of Geek School we’re going to teach you how to use Process Monitor to actually accomplish troubleshooting and figuring out registry hacks that you would not know about otherwise.
Here's a couple of screen shots, I'm lost. I guess not.It won't let me. I guess I will fiddle around with PM some more.What filters are you using? Because i put in operation is regsetvalue, and then i drug the bulls-eye over the taskbar window and i get expoler.exe HKCU ,user assist, but nothing with taskbar in the path. Then i tried path contains taskbar and nothing comes up.
Glad to know the Sysinternals series is getting more than a week. There's so much more than just Process Explorer and Process Monitor, even though those on their own are pretty epic tools.
@geek - Do you mind giving us an idea of which command-line tools you plan on featuring?
Still deciding, I haven't actually finished the second half of the series yet. Any preferences? There are definitely a ton of tools, and I don't know if another 5 parts will be enough time to cover them all.
It looks like you've got a lot of the big ones already covered, or on tap. In "using PsTools" I might suggest covering PSLoggedOn. It's probably more use to enterprise admins than at-home geeks, but also probably the command-line SysInternals tool I personally use the most.
Another one of interest might be Desktops - the virtual desktop manager. Haven't tried it myself (the idea of multiple desktops never really caught on with me) but I'm sure there's others who would be interested.
ShellRunAs is cool, but deprecated with Shift+Right-Click in Win7 (and maybe Vista).
I'm not sure what the purpose of PsShutdown is, since Windows already has a built-in shutdown utility usable via CLI or GUI - and it works across the network as well. Maybe it is from a time before that was part of the standard build.
TCPView! How did I forget TCPView?!
TCPView is pretty awesome.
This topic was automatically closed after 10 days. New replies are no longer allowed.