How to monitor Registry activity with RegMon

  • 24 February 2022
  • 0 replies
  • 100 views
C
Userlevel 3
Badge +8
 

How to monitor Registry activity with RegMon

KB000127

PRODUCT
K2.net 2003
SEE ALSO

KB000126: FileMon

SQL Profiler/SQL Trace

TAGS
Deployment
Installation
Security
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.

How to monitor Registry activity with SysInternal's “RegMon” utility. Important Note: This document is only intended to be an overview of how to use the RegMon utility and how it can be used in supporting K2.net systems. Please consult Microsoft documentation for information related to the RegMon utility.

 

Introduction
Regmon is a Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing.
 
Important: RegMon is a freeware utility and as such, is implemented at the risk of the user.
Regmon will monitor your system registry real time, providing the following information
  1. Report back on the applications accessing the system registry
  2. Identify which registry keys are being accessed
  3. Identify the registry data the applications are reading and writing
 
Regmon is an advanced utility with more features than Static Registry Tools
 
Installation
  1. Obtain the utility by browsing to the following site: http://www.sysinternals/Utilities/Regmon.html
  2. The application consists of a single file and therefore does not include a managed installation procedure
  3. It is recommended that the file be extracted to the following location C:Program FilesRegMon (you will need to create the folder "RegMon")
  4. Create a shortcut to the application and place the shortcut on the desktop

  
 
Usage
To utilize the Regmon application, do the following:
Double click on the "RegMon.exe" file in the folder that you extracted or double click the shortcut to run the application
Once the application launches, the information capture starts automatically and can be halted by clicking the "Capture"
At this point configure the application to perform the tasks that you require.
Note: Please refer to the help file provided with the application to perform the monitoring tasks.
Stop the capture by clicking on the magnifying glass in the tool bar or "CTRL-E"

  
5)  Save the trace file by clicking on the disk icon or "CTRL-S"
6)  Open the trace file for analysis or send the saved file to the support engineer for analysis
 

 

0 replies

Be the first to reply!

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings