RegMon: Difference between revisions
Appearance
Content deleted Content added
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
{{Notability|date=June 2007}} |
{{Notability|date=June 2007}} |
||
'''RegMon''' is a tool used in [[system administration]], [[computer forensics]], and application debugging. RegMon was primarily created by [[Mark |
'''RegMon''' is a tool used in [[system administration]], [[computer forensics]], and application debugging. RegMon was primarily created by [[Mark Russinovich]]<ref>http://blogs.technet.com/markrussinovich/about.aspx</ref> and [[Bryce Cogswell]], employed by [[SysInternals]] prior SysInternals being bought out by [[Microsoft]] in 2006. |
||
RegMon monitors and records all actions attempted against the [[Microsoft Windows]] [[Windows Registry|Registry]]. RegMon can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. |
RegMon monitors and records all actions attempted against the [[Microsoft Windows]] [[Windows Registry|Registry]]. RegMon can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. |
Revision as of 21:26, 11 February 2008
The topic of this article may not meet Wikipedia's general notability guideline. (June 2007) |
RegMon is a tool used in system administration, computer forensics, and application debugging. RegMon was primarily created by Mark Russinovich[1] and Bryce Cogswell, employed by SysInternals prior SysInternals being bought out by Microsoft in 2006.
RegMon monitors and records all actions attempted against the Microsoft Windows Registry. RegMon can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values.
RegMon and it's Sister Application FileMon have been replaced in Windows Vista by Process Monitor[2][3].