News Stay informed about the latest enterprise technology news and product updates.

Free Windows utility combines two popular tools to ID events

The software architects behind utility maker Sysinternals are prepping a free tool that combines the features of the popular Filemon and Regmon.

IT administrators fond of the freeware they download from Sysinternals can look forward to a new offering shortly that combines the features of two popular tools -- Filemon and Regmon.

The new utility, called Process Monitor, will not only merge the features of Filemon and Regmon, but will also collect additional event data, said Mark Russinovich, chief software architect at Sysinternals, a freeware site that offers advanced utilities. Russinovich said he expects the tool to be available in "several months."

Filemon monitors and displays file system activity on a system in real time, while Regmon is a Registry monitoring utility that shows which applications are accessing the Registry in real time. Sysinternals offers both tools, along with technical information and source code relating to Windows and created by Russinovich and Bryce Cogswell. Both men are well-known Windows platform experts.

Russinovich, who is also chief software architect (and co-founder) of Winternals Software, in Austin, Texas, said he isn't sure yet if Filemon or Regmon will continue to exist as independent software tools.

Sysinternals' Filemon and Regmon are among the most popular downloads for Windows, along with Process Explorer, which identifies for administrators which handles and DLL processes have opened or loaded.

Russinovich said numerous features were added during the past year to these tools mainly to help them tackle the increasing problem with malware, which is software that is specifically designed to disrupt a system. To that end, Sysinternals also released a new tool called the RootkitRevealer, a rootkit detection utility that lists Registry and file system API discrepancies that may show the presence of a user mode or kernel mode rootkit, Russinovich said. "It's aimed at a certain class of malware which can hide its presence from certain diagnostic tools," he explained.

Related stories:

Special Report: Bounty of free IT tools available

Late to migrate? Microsoft offers free tool

One of the things he said IT administrators could do more of is explore the features in the free tools they are already using. To cite one example, Process Explorer has a feature that helps to tell if a service host process is consuming too much processing power.

As a routine function, he also recommends that IT pros use Autoruns, a utility that shows which programs are configured to run during system bootup or login. "You can see what kind of extraneous junk is automatically configured to run when you boot up a machine."

Russinovich thinks system administrators are becoming more sophisticated in their use of tools. He said he has seen an increase in the number of downloads from the Sysinternals site. Last year there were from 35,000 to 45,000 visitors a day, and this year that number has grown from 50,000 to 60,000 visitors per day.

Dig Deeper on Windows administration tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.