Skip to main content

Solutions

Law firms

Tax, audit & accounting firms

Corporations

Governments

Products

Legal

Trade & supply

Tax, audit & accounting

Corporate tax

Risk & fraud

Books

Recommended products

Questions? We are here to help.
Contact us

Purchase

Buy solutions

Buy books

Contact sales

Questions? We are here to help.

Resources

Insights

Events

Product training

Product communities

Developers

Installer
Search
Search UltraTax CS Support Help and Support.

This article applies to:

  • Product: UltraTax CS
  • Subject: Install

Process Monitor (ProcMon) installation and usage guide

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry, and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. This tool can be used when standard troubleshooting has yielded no results and more advanced tools are needed.
As ProcMon is an advanced tool, high systems knowledge and familiarity with your environment are needed to take action based on the results of it. It is recommended that you consult with your qualified IT professional when running and reviewing a ProcMon log.

Steps to install ProcMon

  1. Download the latest version of Process Monitor.
  2. When prompted to Run or Save, select
    Save
     to save it to your
    My Documents
     folder.
  3. Right-click the ProcessMonitor.zip file, then select
    Extract All
     and extract it to the same folder you are in.
  4. You'll now have a ProcessMonitor folder. If you open it, you'll see a TXT, CHM and EXE file.

Steps to use ProcMon

To avoid to inaccurate or unnecessary data in the log, any applications or processes not critical to duplicating the issue should not be running during the ProcMon. It is recommended that non-Microsoft processes are temporarily disabled at turn on of your machine through Selective Startup.
  1. Run the
    Procmon.exe
     file.
  2. Select the Capture button to stop the capture.
  3. Select the Clear button to clear everything.
  4. Once you are ready to duplicate an issue, begin the capture again by selecting the Capture button.
  5. Once you have duplicated the problem, select the Capture button again to stop the capture.

How to analyze ProcMon

With the log open, search down to the area of the log around the time when the issue happened and look for clues as to what other program might be running after that or if there are any items referencing
ACCESS DENIED
, or
NAME NOT FOUND
. While not all of these errors may represent or be the cause of the issue you are experiencing, be sure to note them. Additionally, multiple filtering options exist in this tool that may help to better narrow critical items.

Diagnose issues by using ProcMon log

Once you have pinpointed any relevant items in the log that may be the possible cause of issues you are experiencing, take action in your system based on that information. This can include, but is not limited to: modifying or deleting registry entries if they point to moved or deleted items, appropriately updating permissions on directories as needed, and stopping any processes that appear to be interfering. Do this as needed until you can no longer replicate the initial issue. Your qualified IT professional may be needed to assist with analyzing, diagnosing, and resolving any issues with ProcMon.

error-icon

Triva isn't available right now.

Check out the support page for our phone number and hours

error-close