Build a stack of threads to determine the reason for the operation.Track the start and end of a process or thread.The utility allows you to implement the following: Inquiries are made to the file system and registry, the activity of processes and the operation of network connections. For correct operation, it installs its own driver, with which it intercepts the monitored data. The program does not require installation on the hard disk, but must be run with an account that has administrator rights. Works on 32 and 64-bit Windows operating systems. It would also be nice if it did not require administrative privileges.Process Monitor is a utility from the developer Sysintermals, designed to monitor in real time the file system of the computer, registry and operating system processes. Another requirement which I didn't really state is that speed is fairly important I was planning on doing this for things like compiling a C++-file, and pulling up a full GUI which generates a 20 MB logfile will have prohibitive overhead. I'm really only interested in what files are opened, and if they are opened for read/write or just read. If I narrow down my requirements even further, it is probably enough to be able to monitor calls to CreateFile(). I'm aware of Process Monitor, but I would like to receive the data in a form which I can import into another program for further analysis. I want to do this programmatically from another process. I'm primarily interested in running a process and figuring out which files it has read and written. On Linux I can probably get away using strace with suitable parameters, but how can I do this on Windows? I would like to be able to monitor certain system calls made by a process, primarily file I/O calls.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |