Log in

View Full Version : Really good File Monitor ??? Please recommend....


DeViaN
May 4th, 2007, 16:42
Hello everybody

I trying to find really good file monitor like from microsoft (FileMonitor 7) but with more options and so on.

I need only to show names of files which that process accessed them and do not show duplicated results.

In FileMonitor.... it shown me over 250 000 lines (with included process which i only need) and there are many duplicated results + time + application name + port + anything else

There is any similar to my requirements ?

I already googled....

Thank you in advance

Kayaker
May 4th, 2007, 17:45
Hi

I doubt you'll find a better file monitor than Filemon (Sysinternals/ now MS).
Even if you do I also doubt any will remove duplicate entries, certainly there are none that I know of.

However, I wrote a utility to do just that, remove duplicate entries (at different filter levels) in Regmon/Filemon logs. I haven't tried it with the new versions of those apps, but you can give it a shot if you wish. It comes with full source so feel free to hack together a new version of it if it's not quite right.

http://www.woodmann.com/forum/showthread.php?t=4162

Kayaker

DeViaN
May 5th, 2007, 03:16
Thank you so much ... It helped me,it removes over 280 000 duplicates and size decreased from 51MB to only 7MB

Kayaker
May 5th, 2007, 13:53
Cool, nice to know it's still useful

squidge
May 5th, 2007, 14:10
I too get quite irritated by some of Filemon's shortcomings. Maybe I should stop bitching and write my own instead

DeViaN
May 6th, 2007, 03:26
Oh I found better way.... There is also Process Monitor which is combination of FileMon and RegMon + advanced settings and tools
This program is able to show you the list of accessed files without duplicity and any comments

squidge
May 6th, 2007, 03:40
I was thinking of being more process-local, using an API viewer utility to hook into the various file i/o and reg i/o, and obtaining parameters and return addresses. I know there's lot of API monitors around, so I'm looking for one I like, or one that has source that I can hack. Hopefully I don't have to start from scratch.