SpyStudio Overview

Trace Application

SpyStudio shows and interprets calls, displaying the results in a structured way which is easy for any IT professional to understand. SpyStudio can show registry keys and files that an application uses, COM objects and Windows the application has created, and errors and exceptions (see more).

Compare Traces

When tracking down an application error, SpyStudio can compare a trace of a working application with the trace of the application which has issues. SpyStudio shows the differences in the registry and file system operations, COM object and Windows creations, and the rest of the events (see more).

Application Virtualization

To troubleshoot a virtual application you can compare the virtual application's trace with the base trace. Using this feature, you can see what is generating the issue (see more).

Application Packaging

Nektra’s SpyStudio simplifies application virtualization packaging for VMware ThinApp and Symantec Workspace Virtualization. It includes advanced features for application harvesting, and troubleshooting. It is able to package applications with or without installation media in ThinApp environment (see more).

Process Monitor Complement

SpyStudio is the user-mode Procmon complement. Looking for application errors with kernel-mode traces is tedious, and it is very difficult to see the final outcome of a user-mode call. With kernel-mode tools, you get a lot of noise that the application does not see, since a single user-mode call generates lots of kernel-mode events that are not important from the application's perspective. Most application errors are generated by failed user-mode calls which expect a different state of some resources: registry keys and values, files, pipes, services and printers.

SpyStudio is also able to read Process Monitor logs (see Load ProcMon log) and show them in a user friendly interface. It shows registry operations in tree form like Regedit and displays errors in red. File operations are also displayed in tree form.

.NET Troubleshoot

SpyStudio can now troubleshoot .NET applications: it logs exceptions, assembly loads, object creation and much more.

Malware Detection

SpyStudio is also being used in other IT sectors such as the cybersecurity field. The books Malware Forensics: Investigating and Analyzing Malicious Code and Malware Forensics Field Guide for Windows Systems discuss one way SpyStudio can be used to fight malware.

Case Studies: