0

when I download a program I want to know the many behaviour of this new program, i.e., does it connect to internet and sending my local computer data to somewhere, and what the system resources/functions have been called and what the new data/settings have just been written to my computer. Often than not Windows doesn't notify me all these actions, So I want to know it myselft, is there any possibility I can do that?

Thanks!!

Shinnok
  • 6,279
  • 6
  • 31
  • 44
grandproducts
  • 115
  • 7

1 Answers1

2

You can use ProcMon for exactly that.

Process Monitor is an advanced monitoring tool for Windows 
that shows real-time file system, registry and process/thread activity.

The newer version includes network activity monitoring too.

In fact you should take a look at the Sysinternals Suite since there are many other tools included in the suite like Process Explorer or TCPView that can help you with this task.

As for network packet inspection you can use Wireshark since the Sysinternals tools don't provide packet content inspection too(they mostly provide connection details and packet lengths).

Shinnok
  • 6,279
  • 6
  • 31
  • 44
  • Its unbelievable that sooooo many actions are going one in a flash of time by a single program. LOL. – grandproducts Feb 13 '11 at 09:13
  • True and since it tends to get hard to follow at some point you can use filters for eg. in ProcMon to follow only the Process you are interested in. Same goes with Wireshark too. – Shinnok Feb 13 '11 at 09:16