Filemon and Regmon No More, Long Live Procmon

I am working on content for a troubleshooting guide for System Center Virtual Machine Manager. Windows Sysinternals has launched on Technet, and the new site includes some invaluable TS tools. For example, Process Monitor 1.0, an advanced monitoring tool showing file system, Registry and process/thread activity. "It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more."

Procmon 1.0 runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista.

Some other hand PS tools on this site include:

PsTools The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.

Regjump Jump to the registry path you specify in Regedit.

MoveFile Schedule file rename and delete commands for the next reboot. This can be useful for cleaning stubborn or in-use malware files.

RootkitRevealer Scan your system for rootkit-based malware

SDelete Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program. Complete source code is included.

BgInfo This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more.

Or, just get the 8 MB full-meal deal (Sysinternals Suite). Fits nicely on a keychain USB.


Skip to main content