If you are not familiar, process monitor (procmon) is monitoring tool that helps you to monitor in real time processes activitiy, Registry and file-system. It combines to useful former tools of https://technet.microsoft.com/en-us/sysinternals/bb545027.aspx called FileMon and RegMon. Also with Process Monitor you can log activity during the initialization of boot-start device drivers which is probably the most useful option.
My example will be rather simple just to show you how to use ProcMon as far as this will be enough to understand what can be done with it. To be honest, to use Process Monitor you must have certain knowledge about windows processes as well as their names and usage.
I will use the general Process Monitor example with ccleaner.
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
https://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
