Procmon. The infamous Windows Sysinternals’ utility to track down all kinds of Windows activity. Known for its ability to track down rogue software installers making unknown changes to registry keys or perhaps inspecting a virus’ tracks. If you need to inspect Windows registry, file system, process, or network activity and have decided to use procmon, this article is for you.
In this Ultimate Guide, you’ll learn everything there is to know about using the procmon utility, from installing and basic usage all the way to various use cases that will help you track down all kinds of activity.

Read more: https://adamtheautomator.com/procmon/