Regmon

From Wikipedia, the free encyclopedia

RegMon is a tool used in system administration, computer forensics, and application debugging. RegMon was primarily created by Mark Russinovich^[1] and Bryce Cogswell, employed by SysInternals prior SysInternals being bought out by Microsoft in 2006.

RegMon monitors and records all actions attempted against the Microsoft Windows Registry. RegMon can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values.

RegMon and it's Sister Application FileMon have been replaced in Windows Vista by Process Monitor^[2]^[3].

[edit] References

Categories: Windows administration

Views

Interaction

Search

This page was last modified 12:49, 28 March 2008 by Wikipedia user DumZiBoT. Based on work by Wikipedia user(s) Oorang, SmackBot, Oh Snap, Rjwilmsi, Legis, Alaibot and Donspaulding and Anonymous user(s) of Wikipedia.
All text is available under the terms of the GNU Free Documentation License. (See Copyrights for details.)
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a U.S. registered 501(c)(3) tax-deductible nonprofit charity.
About Wikipedia
Disclaimers