· Introduction  · Benefits and Features  · Supported Operating Systems  · Pricing and Licensing  · Buy now  · Download Free Trial

Benefit of all-in-one combined monitoring tool

MultiMon offers an inexpensive one-stop multi-purpose solution for about every system monitoring situation. Because you have file, registry, process, thread object and user activity combined altogether in one tool (and optionally even in one display), it offers more usability than all these separate utilities together.

Multiple perspectives will save you time

MultiMon offers features to allow you to monitor a problem or situation from different angles. The file activitiy monitor for instance allows you to monitor file activity from the application perspective, the file system perspective as well as seen from the object manager. This will allow you to gather much more information than with conventional monitoring tools. Because much more information is at your disposal it allows you to make a very solid case analysis quickly which will you save a lot of time.

One tool supporting all operating system versions

MultiMon supports all x86 and x64 editions of Windows from Windows 2000 SP4 through Vista, eliminating the need to run separate utilities for different operatins systems.

File system monitor

The file system monitor displays real time file activity on your local hard drives as well on remote and removable drives from the perspective of the file system.  Unlike other file monitoring utilites, this tool reports detailed information on IRPs and their flags as well as process, thread and CPU information.

File API monitor

The file API monitor displays real time file activity on your local hard drives as well on remote and removable drives from the perspective of the application. 

System monitor

The system monitor displays real time notifications of the creation and deletion of processes and threads by applications and the system as well as the loading of binary executable images in memory before they are executed.

Registry monitor

The registry monitor displays real time registry activity by applications and the system.

Kernel object monitor

On x86 versions of Windows it allows you to monitor kernel object activity in realtime, observed from the perspective of the Windows Object Manager.

Because many elements in the Windows kernel such as files, registry keys, symbolic links and events are represented as kernel objects, this featrue can be used for a wide range of purposes. The kernel object monitor shows Types, Directories, SymbolicLinks, Tokens, Processes, Threads, Jobs, Events, Mutants, Callbacks, Semaphores, Timers, KeyedEvents, WindowStations, Desktops, Sections, Keys, Ports, Waitable Ports, Adapters, IoCompletion and WmiGuids.

Devices monitor

The devices monitor displays the loading and unloading of device drivers as well as communication between applications and kernel components. The devices monitor will not monitor communication between drivers in the system but will provide insight in the way applications interact with system components. Additionally this monitor will also report interaction between applications and pipes, mailslots, consoles and other resources which are not files on disk.

Keyboard monitor

The keyboard monitor logs keys pressed by a user. The monitor will display useful information such as process name and window title that received keyboard input, name of the pressed key as well as the scan code.

User monitor

The user monitor displays shell notifications as a result of user events. It displays information whenever a system alert takes place, a system sound is played, a (popup) menu is entered or exited, a window is activated, moved, resized or minimized, a drag and drop or scroll operations takes place or the user switches application by pressing ALT+TAB.

Clipboard monitor

The clipboard monitor displays a notification whenever the contents of the clipboard change.

Merged view

The merged view allows you to view the output of all monitors combined together in one single view.

Comprehensible non-destructive filtering

No need to search for a needle in a haystack. Just type in any text string and the display will filter all items in which your text string was not found. This makes it very easy to find the information you are looking for.

Advanced options

MultiMon offers several advanced features which allow you to tweak the behavior and display of the software according to your preferences.

Export to text file

Just export the contents of any view to a text file for further analysis or collecting proof. If you applied a filtering option then only the displayed items will be exported.