When you need to track an application’s behavior then Sysinternals Process Monitor is a great place to start. In a click or two you can be watching the target program’s file, Registry and process-related activities, perfect for troubleshooting all kinds of odd problems.
Of course Process Monitor is watching only a relatively small number of Windows API calls, in an effort to keep things simple. These are well chosen, and will help you solve most common issues. But if your problem relates to something the program doesn’t track, an Internet function, say, then you might want to try a more powerful troubleshooting tool, like API Monitor.
We say “might”, because API Monitor is a full-strength developers tool. It can track thousands of API calls, will tell you about parameters, return values and call stacks, allow you to set breakpoints, and generally provide all kinds of information and options which will leave non-developers baffled.
And yet, the program’s core operation really is simple enough that experienced Windows users might find it useful for troubleshooting purposes. (And as it’s free, portable and a relatively small download, there’s no harm in giving it a try.)
As an example, launch Internet Explorer and load a web page (anything will do).
Launch apimonitor-x86.exe as an Administrator (if you’re using Windows Vista or later; fire up apimonitor-x64.exe if you’re running 64-bit IE).
Over in the top left corner you’ll see the API Filter pane, which tells the program which API calls you’d like to monitor. Find and check “Internet” in the list.
In the bottom left corner you’ll see a list of running processes. Find iexplore.exe, right-click it and select “Start Monitoring” (repeat that for any other copies of iexplore.exe you might have in that list).
Switch back to Internet Explorer, click any link and allow the new page to load.
Now return to API Monitor, and you’ll see the Summary pane now has a (probably) lengthy list of web-related calls to IEFRAME.dll, urlmon.dll and more. Calls with errors will be highlighted in yellow, and the “Error” column will tell you more, so even if you’ve absolutely zero programming knowledge then you might be able to pick up some useful troubleshooting clues from what’s available here.
If you’d like more detail, just click on a particular call -- one of the “CommitURLCacheEntryA” entries, say -- and check the Parameters window for information on URLs, file names, dates, times and everything else being passed by IE.
And while we’ve just chosen the Internet category for this brief example, there are plenty of other interesting options in the API Filter pane :”Devices”, “DirectX Graphics and Gaming”, “Documents and Printing”, “Networking” and more, each capable of displaying a huge amount of information about what’s happening on your PC.
Of course Process Monitor should still remain top of your list for troubleshooting odd program and system behaviour: it’s powerful enough to help you solve most issues, while remaining relatively easy to use.
If Process Monitor can’t help, though, it may be worth giving API Monitor a try. The program is vastly more complex, but an experienced PC user should still be able to produce basic reports from it without too much difficulty, and these may provide troubleshooting clues which simply aren’t available any other way.
Please note, though, the download we’re referencing here is an alpha build, and so likely to contain bugs. We had no problems in our testing, but play safe anyway: don’t run API Monitor on any system where you’ve unsaved documents, or while you’re running other important tasks.
All development related issues welcome
Moderator: Moderator Team
7 posts • Page 1 of 1
http://betanews.com/2012/05/30/api-moni ... -job-done/
Process monitor is a fairly well-known program.
Yes, Sysinternals (now owned by Microsoft) is familiar to many of us. I like the Autoruns program, which was also originally written by Mark R. While I've used it to get rid of unnecessary stuff from loading and cleaning up from suspicious programs, I've even used this to help repair a problem caused by a bad removal of a program. Some utilities use an obscure hook to be able to run in console mode on the next boot. While it is normally used to load a simple registry checker that comes with Windows, other things can be added to it like offline defragmenters and partition tools. That is fine, but if one of those programs corrupts the key, none of those types of programs will work after that. It took me a long time to figure out what was broken under XP, and I found Autoruns. I've also played with API Monitor, and I liked Tweaks UI and others of the power toys.FlyingIsFun1217 wrote:Process monitor is a fairly well-known program.
FlyingIsFun1217 wrote:Process monitor is a fairly well-known program.
PurpleGurl wrote: Yes, Sysinternals (now owned by Microsoft) is familiar to many of us.
That would be great and all if I was talking about Process Monitor or Sysinternals.
Process Monitor is watching only a relatively small number of Windows API calls
API Monitor comes with API Definitions for over 13,000 API’s from almost 200 DLL’s and over 17,000 methods from 1,300+ COM Interfaces (Shell, Web Browser, DirectShow, DirectSound, DirectX, Direct2D, DirectWrite, Windows Imaging Component, Debugger Engine, MAPI etc)
When you skim the first sentence without reading everything else, you tend to miss most of the information.
It's fairly easy to do when all you put up is a copy-and-pasted description.
Guess you didn't see the link then, the first thing in that post?FlyingIsFun1217 wrote:It's fairly easy to do when all you put up is a copy-and-pasted description.
I was not meaning to be rude, but to hint a suggestion that maybe next time there was some user-generated writing about the program in interest.