kailasa108
New member
Do you have or know where I can get a tool that shows which registry keys/dll files/other files a program is reading as it starts and executes?
Thanks!!! :spider:
Thanks!!! :spider:
Tool info request
- Thread starter kailasa108
- Start date
md usa spybot fan
Spybot Advisor Team [Retired]
You could try some of the former Sysinternals Utilities such as Regmon and Filemon. I personally have not re-download these utilities since Microsoft acquired Sysinternals in July 2006. Look here:
To find what Dynamic Link Libraries (dlls) are being use by a program, go into Spybot > Mode > Advanced mode > Tools > Process list. Select (left click) the program you are interested in and then click on the "Loaded modules" tab at the bottom of the Process list screen.
- Windows Sysinternals
http://www.microsoft.com/technet/sysinternals/default.mspx
To find what Dynamic Link Libraries (dlls) are being use by a program, go into Spybot > Mode > Advanced mode > Tools > Process list. Select (left click) the program you are interested in and then click on the "Loaded modules" tab at the bottom of the Process list screen.
kailasa108
New member
Cool!
Thanks a lot MD. I like your signature! :bigthumb:
Thanks a lot MD. I like your signature! :bigthumb:
kailasa108
New member
Info update
Hey MD - you might want to check out SysInternals again. They have a new program that supersedes RegMon and FileMon - Here's an overview:
Process Monitor v1.01
By Mark Russinovich and Bryce Cogswell
Published: November 9, 2006
Introduction
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista.
Direct link is:
(http://www.microsoft.com/technet/sysinternals/processesandthreads/processmonitor.mspx)
Thanks again for your help!
:spider:
Hey MD - you might want to check out SysInternals again. They have a new program that supersedes RegMon and FileMon - Here's an overview:
Process Monitor v1.01
By Mark Russinovich and Bryce Cogswell
Published: November 9, 2006
Introduction
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista.
Direct link is:
(http://www.microsoft.com/technet/sysinternals/processesandthreads/processmonitor.mspx)
Thanks again for your help!
:spider: