PMon 1.0
PMon is a device driver/GUI combination which logs and displays all process activity on a Windows NT 4.
|
0.00 
Freeware
0K
Windows Vista 
PMon is a device driver/GUI combination which logs and displays all process activity on a Windows NT 4.0 system. The device driver uses several undocumented hooking functions that cause it to be called whenever a process or thread is created or deleted. In addition, if run on the Checked build of NT or the Multiprocessing kernel, an undocumented context-swap hook is installed that has PMon optionally display all context switch activity.
PMon works on all builds of NT 4.0. Installing PMon is as easy as unzipping it and typing, "ntpmon." The GUI dynamically loads the driver (based on code from the instdrv sample in the Windows NT DDK), which installs hooks for process and thread creation and deletion. The menus can be used to disable event capturing, control the scrolling of the listview, and to save the listview contents to an ASCII file.
Where possible, PMon displays the name of the process that owns a thread that is part of a thread creation or deletion, or a context swap. The thread ID immediately follows the process name. In some cases the owning process does not exist anymore, in which case PMon displays "???" for the name. The "Elapsed" column indicates the time in seconds between successive events in the display. Note that many times this will be 0, which simply means that the events happened inside of one system timer clock tick. Clock ticks are normally 10 milliseconds apart, so alot can happen.
The context-swap hook is only present in multiprocessor builds of NT, and is by default not enabled. To turn on context-switch monitoring when it is present, select the "Context Swap" menu entry under the "Events" menu. Note that monitoring context swaps generates many records rapidly. In order to try and minimize the amount of non-interesting context-swap noise, PMon ignores swaps between system threads 0 and 1, which occur frequently as system work items are dispatched.
If you have MSDN membership, you have the checked build. You can install a minimal checked build environment by replacing NTOSKRNL.EXE with the NTOSKRNL.EXE on the checked build CD, and by replacing HAL.DLL with the appropriate version on the checked build. To determine the correct HAL to copy over to your system, search for HAL.DLL in its [winnt]\repair\setup.log file. Copy the one with the same name on the checked CD to HAL.DLL in your [winnt]\system32 directory. Be sure and back up your existing copies of these files so that you can go back to the free build.
tags
context swap checked build the checked hal dll with the the context the events you have you can ntoskrnl exe note that the name context switch
Download PMon 1.0
Authors software
Bluescreen 3.2
Mark Russinovich
One of the most feared colors in the NT world is blue.
Du v 1.00 r 7
Mark Russinovich
Du (disk usage) will report the disk space usage for the directory you specify.
Sigcheck 1.0
Mark Russinovich
Verify that images are digitally signed and dump version information with this simple command-line utility called Sigcheck.
AccessChk 1.03
Mark Russinovich
As a part of ensuring that they've created a secure environment Windows administrators often need to know what kind of accesses specific users or groups have to resources including files, directories, Registry keys, and Windows services.
CacheSet 1.0
Mark Russinovich
CacheSet is an applet which helps you manipulate the working-set parameters of the system file cache.
Similar software
PMon 1.0
Mark Russinovich
PMon is a device driver/GUI combination which logs and displays all process activity on a Windows NT 4.
Tokenmon 1.01
Mark Russinovich
Tokenmon is a tool which monitors and displays a variety of security-related activity taking place on a system.
PsList 1.26
Mark Russinovich
Most UNIX operating systems ship with a command-line tool called "ps" (or something equivalent) that administrators use to view detailed information about process CPU and memory usage.
Microsoft Process Monitor 1.12
Microsoft Inc
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
Advanced System Tune up 3.1.0.4
Softwaredepo.com
FREE Advanced System Tuneup and Optimizer is a free program that consist of many useful modules that can be launched from the startup screen.
Frob 1.6a
Mark Russinovich
One of the most annoying characteristics of NT is its lack of support for tuning various system performance settings such as the foreground and background process quanta (a quantum is the time-slice, or length of time a thread will run without being pulled off the CPU for another thread to run).
EasyMP3 2005 2.0.0.19
ZeuS Microsystems
EasyMP3 was created to simply encode and decode audio files.
power Process 2.0
Soft3D
power Process is software for monitoring active PROCESS and THREADS on machine.
Daphne v0.99.6pre4
DRK
Daphne is a small (system tray) application for killing, controlling and debuging window's processes.
Thread-Level Keyboard Hook 1.0
Morrison Schwartz
Thread-Level Keyboard Hook is a useful tool that demonstrates using the SetWindowsHookEx API call from C#, by setting up a thread-level keyboard hook which intercepts all keyboard events on the primary thread.
Other software in this category
FileDrag 3
Aigars Krjanins
FileDrag is a program that identifies file extension and shows info about it.
SkinMem 0.50
SkinTech
SkinMem is a freeform skinnable system resource monitor.
WinComm 2.03
Anthony Galica
WinComm helps you deal with testing through the COM port.
My CPU 1.13g
Goldfish Software
My CPU is a small utility to find out info on your CPU.
DLL Informant
Johannes Plachy
DLL Informant shows what DLLs are on the system.
RSS