Do you have a Windows 10 app that doesn’t meet your expectations? It might be too slow, crash suddenly, or have unspeakable issues that are hard to identify. One way to get to the root of the problem is to use a free official Microsoft utility called Process Monitor. This would help you diagnose and debug Windows application errors and issues.
Download and install
SysInternals’ Process Monitor (ProcMon) utility has been around since 2006 and does a lot of things outside of diagnosing application problems. It gives visibility to all registry keys, file system locations and network traffic.
However, it does not capture mouse pointer movements or hardware-related changes. Still, if your goal is to capture malware, identify problematic apps, or get a high-level overview of your Windows PC, ProcMon is the most advanced tool to have.
Download the tool from Microsoft official link. No installation is involved, but you must agree to the terms of the SysInternals software license agreement when running the .exe file.
Let Process Monitor fill in all the events for your Windows system. You don’t have to wait for the process to complete. All running programs are automatically included in the scan.
Diagnosing problems with Windows Process Monitor
When the program fills in the details, it can be overwhelming to see so many rows and columns. There are millions of entries. You don’t have to worry about all of the following:
- Process names
- Process ID (PID): a four or five digit number
- File path
- Result code: “success” or many other entries, such as “name not found”, “analysis”, etc.
For quick access to problematic applications, go to “Tools -> Process Tree”.
The dashboard will be populated with all the open and running apps on your system. A full green block in the “Lifetime” column usually indicates that there is no problem with the affected application. If your programs and Windows 10 system are updated, most registry errors and file health issues will not be a problem for you. For update related issues, you can use another utility called SetUpDiag.
Scroll down to the problematic event and click “Go to event” to access the problem. In the next screen, ProcMon had diagnosed many issues with Tencent’s QQ browser. I noticed a process id (“3428”) by its .exe file.
Once the source of the problem has been identified, you should use an option called “Filters”. By right clicking and adding the “Include” filter for a specific executable file, you focus on a single specific application.
Go down one step and apply the filter. Depending on the number of entries, it may take a little while. There were thousands of entries for this filter.
You can also exclude certain results such as “Success” or “Buffer Overflow” because they do not indicate any problem with the application. This will reduce the search even further.
Now, focus on the most common result code for the problematic application. For a complete list of result codes, user Lowell Vanderpool has compiled them in this link between pages 7 and 9. The “Name not found” problem was the most common problem here with thousands of entries meaning the caller tried to open an object that does not exist. In other words, there was a problem with the installation itself. Thus, we have diagnosed the root of the problem.
Final troubleshooting
Here we will show the final troubleshooting for the above program. Before resolving the diagnosed issue that requires uninstalling, you might want to save the ProcMon file from “File -> Save” so that you can investigate the affected issues in the future.
Saving the file also gives you the filter presets you just created. If you want to go back to the default settings, click “Reset”.
As stated here, the program needs to be uninstalled due to many missing DLL files. Uninstalling the program is not always easy, so ProcMon offers a right click option called “Find Online”. This led me to an uninstall screen.
Click on the uninstaller to completely remove the program.
The uninstall step is a nuclear option but works with programs that have too many missing file issues.
When I reopened ProcMon with the same filter presets, the issue with Tencent’s QQ browser was no longer captured.
You can use Windows Process Monitor to diagnose Windows application errors and troubleshoot problems. It just takes a little practice to identify the main source of the problem.
If your Windows is causing a 100% CPU usage error instead, check out the solutions here to fix it. We also have solutions for Bad System Config Info error.
Related:
Sayak Boral is a technology writer with over ten years of experience in different industries including semiconductors, IoT, enterprise computing, OSS / BSS telecommunications, and network security. He has written for MakeTechEasier on a wide range of technical topics including Windows, Android, the Internet, hardware guides, browsers, software tools, and product reviews.
Is this article useful?
!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version=’2.0′;
n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t,s)}(window, document,’script’,
‘https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘400239050508508’);
fbq(‘track’, ‘PageView’);
