Sysinternals Process Monitor v1.0

Here's an announcement that I almost missed due to the noise from TechEd and the Sysinternals site migration. The long awaited replacement for Filemon and Regmon has been released! Process Monitor adds process, thread, and DLL monitoring as well as advanced filtering and event information.

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista.

You can see below how the registry and file monitoring functionality has been combined into a single view and new process and thread monitoring added.

There is a new Microsoftified site and blog. Apparently everything has been migrated over except the source code.

As DisappointedOne points out:

On the 'Oh my, used in malware, cut it, cut it!!!' issue: The only thing you'll accomplish will be to have all those sources floating around on hacker sites, file sharing networks and the like. Many people who could do something useful with them may not be bothered to search for them in those places, but malware authors most certainly will. Who's losing and who's gaining, I wonder?

The other comments are worth reading as well.