Process Monitor (v1.01) and Web Site Updates

Process Monitor (v1.01) and Web Site Updates

  • Comments 45
  • Likes

 

Mark and Bryce have fixed a bug in Process Monitor that prevented it from working on some non-US English (localized) versions of XP. Thanks for your help debugging this!

 

Check out this blog on Process Monitor: Filemon + Regmon = Process Monitor 1.0. It enumerates many of the displayed operations.

 

Site Updates:

 

Thanks for all the feedback and help finding issues with this new site! Here's what's been updated in the past 48 hours alone. The biggest update in the addition of the 'Utilities Index' page and the addition of utility version/date info to this page.

  • Update version on Process Explorer page to 10.21 (twice: first edit was wrong)
  • Delete all versioning info before version 10.1 on Process Explorer
  • Update Speaking Schedule page
  • Correct PSTools announcement for PsShutdown.
  • Code Sign and Upload new DebugView binaries.
  • Hover menus don’t work for FireFox so a Utilities Index page needs to be created
  • Fix spaces between ProcessMonitor and ProcessExplorer in TOC
  • Typo on Process Monitor page (procexp.exe should be procmon.exe)
  • Add hyperlinks to Utilities Pages on Sysinternals blog
  • Add hyperlink to Sysinternals TechCenter on Sysinternals blog announcement
  • Update 2003 to 2003 SP1 on Process Monitor page
  • Fix typo on Utilities, File & Disk, and Security Index pages (AccessChk)
  • Fix main page title to read ‘Windows Sysinternals’
  • Add a link to the Suite on the Utilities Index page
  • Add version and file date/time to the Utilities Index page
  • Remove ‘back to top’ links in Speaking Schedule
  • Add version to PsTools Page
  • Add MoveFile to Utilities Index
  • Add RegHide to Utilities Index
  • Multiple edits to Tips and Trivia
  • CodeSign and Upload new Process Monitor v1.01
  • Removed ‘last updated’ dates from Utilities index pages (covered by new Utilities Index file dates)
  • Updated Index page titles for better bookmarking experience
  • Add a link to the Sysinternals home from the home page logo
  • Fix invalid reference on 'Information' page
  • Fix invalid reference in Networking Utilities page
  • Make 'Download....' links more noticable
  • Stop links on the left nav bar from creating a new browser window
Comments
  • <p>ok - normally I'm not paranoid but now that the source code has been hidden by Microsoft I have to wonder what is behind this term in the EULA</p> <p>&gt;You may not:</p> <p>&gt;* work around any technical limitations in the </p> <p>&gt;binary versions of the software</p> <p>Kudos to anyone who proves whether or not process monitor is written to NOT report certain processes. Before the Sony rootkit I would have scoffed at suggestions of any legit company doing this. But now ... well what technical limitations could they be talking about with freely released software?</p> <p>Yes - proving a negative is hard. But I have yet &nbsp;to gauge the extent to which Mark has sold out. The source code issue troubles me greatly.</p>

  • <p>Yes: I'd appreciate too the sourcecode to be made available again</p> <p>BR,</p> <p>Martin</p>

  • <p>Me too!</p> <p>Loved the source code.</p> <p>And still love it!</p> <p>So please, Microsoft, let Mark publish the source code.</p> <p>It's heaven for developers, and you WANT more experienced developers for the windows platform, don't you?</p>

  • <p>And one more thing...</p> <p>If would be quite NICE to have Network monitoring included too in this MORE THAN NICE tool!</p> <p>Once again Congratulations for this WONDERFUL JOB!</p>

  • <p>Is there some mirror of the old programms/source before the purchase by microsoft?</p> <p>Thanks</p>

  • <p>Great program! But I tried to exclude a process from logging (only file mon active) when a lot was happening... Basically, Process Mon took over 2GB of my 1GB ram, and the system slowed to a standstill as the last 4mb of ram was fought over by the other processes via the swap file :-( ... Could you rein in its memory desires when adding exclusions/whatever to the filter?</p>

  • <p>Thanks Gary. Would you repost your finding in the forum? <a rel="nofollow" target="_new" href="http://forum.sysinternals.com/">http://forum.sysinternals.com/</a></p>

  • <p>Hello Martin and Sebutzu,</p> <p>Regarding the source code. Is there a particular piece of source code you're most interested in? In other words, if I can deliver some but not all, which would you like to see first?</p> <p>Thanks for the site feedback as well.</p>

  • <p>So a few questions:</p> <p>1. &nbsp;So are these utilities essentially the same version as were previously on the pre-Microsoft Sysinternals site? &nbsp;With the exception of Process Monitor, which is obviously new.</p> <p>2. &nbsp;I would like to see a version history of what has changed for the various utilities.</p> <p>3. &nbsp;Will Mark and Bryce be joined by others to maintain and create utilities going forward?</p> <p>I am specifically interested in BGInfo, among others. &nbsp;This has issues with CPU detection and identification of operating systems.</p>

  • <p>Changing the subject. &nbsp;I was wondering if Microsoft will eventually include certain Sysinterals products with Windows. &nbsp;MS might do good to distribute at least Process Explorer and Autoruns along with Vista or a future operating system.</p> <p>Before I stumbled across Sysinternals, I had no reliable method for troubleshooting my Windows system and removing malware. &nbsp;Tools like Process Explorer and Autoruns have saved me countless times.</p>

  • <p>1. &nbsp;For goodness sake, just release the sources under some kind of abandonware license. &nbsp;Put a big disclaimer on it, declare it end of life and unsupported, throw it out there to the community, and wash your hands of it. &nbsp;This completely solves your resourcing and support problems.</p> <p>2. &nbsp;The 'it could help malware authors' argument is nonsense, not just because (as others have pointed out) all the knowledge is out there already anyway, but because the MAIN ITEM THAT WOULD BE OF USE TO MALWARE AUTHORS IS THE ONE AND ONLY PIECE OF SYSINTERNALS SOURCE THAT YOU **ARE** STILL DISTRIBUTING! &nbsp;</p> <p>&lt;sigh&gt; I guess everone has to go and rush to download ctrl2cap before you pull it now. &nbsp;You'd probably better pull the DDK/WDK/WDF as well. &nbsp;That's completely evil too.</p> <p>3. &nbsp;The archive postings of all the sysinternals newsletters are messed up. &nbsp;There's nothing there but the headers.</p>

  • <p>BTW: Does Process Monitor mean that the development of regmnon and filmon will be ceased?</p> <p>(No problems with that...)</p>

  • <p>Answers to many questions:</p> <p>1. Q: So are these utilities essentially the same version as were previously on the pre-Microsoft Sysinternals site?</p> <p> &nbsp; A: Correct. There were some other minor updates that were also mentioned in the site migration post on the blog. Updated tools will be mentioned here.</p> <p>2. I would like to see a version history of what has changed for the various utilities.</p> <p> &nbsp; A: Noted.</p> <p>3. Q: Will Mark and Bryce be joined by others to maintain and create utilities going forward?</p> <p> &nbsp; A: Hopefully. We don't have a concrete plan in place but I invision some sort of community based effort for updating and posting new tools and utilities.</p> <p>4. Q: I was wondering if Microsoft will eventually include certain Sysinterals products with Windows?</p> <p> &nbsp; A: Possibly. Don't know for sure yet.</p> <p>5. Q: Does Process Monitor mean that the development of regmnon and filmon will be ceased?</p> <p> &nbsp; A: Yes, most likely.</p> <p>6. The archive postings of all the sysinternals newsletters are messed up.</p> <p> &nbsp; A: Actually it's the way archive blogs are displayed. The title is a link to the entire newsletter. We're going to see if that can be fixed.</p>

  • <p>FYI process monitor has a bug on W2K/XP where it takes 99% cpu for several minutes. &nbsp;CSwitch delta is in the millions..</p> <p>It happened when it was replacing taskman (although that may not be the reason)</p>

  • <p>Pardon.. i mean process explorer. (sorry didn't notice this was about process monitor</p>