When I need to troubleshoot a problem in Windows, the first things I ask my customer to provide are a Process Monitor trace and a network trace. Process Monitor is the second most downloaded tool from the Sysinternals toolkit. You can download it as part of the Sysinternals Suite. Sometimes you don't have access to the computer to run the tool interactively, or you don't want the end user seeing Procmon running on the computer. In the next post, I will show how you can acquire a Process Monitor trace from a remote computer.
Source : 4sysops