I think there is, but there's also a perl equiv:

perl -MFile::Which -le 'print "$_: ", which $_ for @ARGV' echo
[download]

If it was Unix, I would...

s-(?<=tusc)-/procmon-; s/If it was Unix, //

- tye        

Interesting. Looks like the tool I've been looking for for ages :)

After a bit of reading, I tried the following (along the lines of what's suggested in the help pages):

set PM=C:\tools\sysinternals\procmon.exe
start %PM% /quiet /minimized /backingfile C:\temp\test.pml
%PM% /waitforidle
perl -le "system 'echo junk*'"
%PM% /terminate
[download]

This created a 17 MB logfile containing 99+% irrelevant stuff (seems to be the entire system activity in that period). I haven't yet been able to figure out how to
• limit event logging to the process of interest (perl in this case) and any subprocesses spawned by it (cmd.exe, etc.)
• log certain types of activity only, like related to files or process creation etc., or a specific system call
In other words, I'd be grateful if you could give me a quick heads up on how to get something roughly comparable to the following strace usage:

$ strace -fqe execve perl -le "system 'echo junk*'"
execve("/usr/local/bin/perl", ["perl", "-le", "system 'echo junk*'"], 
+[/* 76 vars */]) = 0
[pid 26565] execve("/bin/sh", ["sh", "-c", "echo junk*"], [/* 76 vars 
+*/]) = 0
junk*
[download]

Also, it seems you need to be a member of the administrative group to use the utility. Unfortunately, more often than not, I'm not a member of that group when I would need the tool for debugging. Is there any way to watch activity of your own processes only (for which you should have permission)?

Thanks!