Process Monitor by Mark Russinovich and Bryce Cogswell (SysInternal)

SysInternal is been around since DOS date. And yet still active and hard core as they always are.

Their recent production: Process Monitor, I'm adding it into my must have toolbox - it allows you to watch windows processes and track 'em Comprehensively.

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.