Microsoft SysInternals releases ProcessMonitor

Microsoft bought out Mark Russinovitch and his companies SysInternals and WinInternals last year. The Sysinternals tools remain freely available as before, while the Wininternals tools are generally targeted for the Desktop Optimization Pack.

Microsoft bought out Mark Russinovitch and his companies SysInternals and WinInternals last year. The Sysinternals tools remain freely available as before, while the Wininternals tools are generally targeted for the Desktop Optimization Pack. I'm sure that everyone that reads this site has used the tools Regmon, Filemon, and the Process Explorer from the SysInternals side.

The ProcessExplorer was updated a short while back and, of course, is more powerful than ever. I heard about this new tool last week from some Microsoft folks, and now here it is released. ProcessMonitor is the replacement for FileMon and RegMon, as an all in one tool. No more launching one and then the other and trying to cross reference timestamps! It also updates those tools for the new operating systems, adds in new filtering options, and adds in a boot-time logging option. While it does not include the ProcessExplorer, you can click on a captured line and get some process/stack information about the process that caused the event (if it is still running).

The is an excellent replacement for Filemon/Regmon for the toolset. Microsoft did change the license slightly, but basically they are just trying to prevent folks from distributing the bits from anywhere other than the Microsoft site. You can read more about the ProcessMonitor, and download the bits from http://www.microsoft.com/technet/sysinternals/utilities/processmonitor.mspx

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Microsoft didn't make that change - the license for sysinternals tools has for quite a while restricted your ability to distribute them from anywhere but the sysinternals website (this includes even a file share within your own company!). I can't say I agree with their reasoning on that, but the only other choice is to license them (yes you can license the freeware ones... weird).

The only thing Microsoft did was that stupid EULA popup the first time you run any tool.

Also, speaking of Process Monitor - Mark did a great webcast a while back:

Advanced Windows Troubleshooting with Sysinternals Process Monitor
Process Monitor is a free new troubleshooting tool that replaces Sysinternals' Filemon and Regmon with one even more powerful tool. In addition to monitoring file system and Registry operations, Process Monitor logs processes and threads, collects more information, includes advanced filtering, shows calling thread stacks for every event, and provides numerous ways to view collected data. This session, delivered by the tool's author, shows you with real-world examples advanced techniques to troubleshoot a range of Windows system and application issues, including DLL conflicts, permissions problems and configuration errors.

http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=346
Cancel
I forgot to add the switch "-accepteula" works with most of the tools to prevent the EULA from displaying.
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchEnterpriseDesktop

SearchServerVirtualization

SearchVMware

Close