Skip links

SpyStudio API Monitor

SpyStudio is the most advanced API monitor, that allows you to break the Operating System’s code execution, intercept and analyze any Win32 API call in real time.

Contact Us Download SpyStudio

SpyStudio Product Overview

Trace Application

SpyStudio shows and interprets calls, displaying the results in a structured way which is easy for any IT professional to understand. SpyStudio can show registry keys and files that an application uses, COM objects and Windows the application has created, and errors and exceptions.

Compare Traces

When tracking down an application error, SpyStudio can compare a trace of a working application with the trace of the application which has issues. SpyStudio shows the differences in the registry and file system operations, COM object and Windows creations, and the rest of the events.

Application Virtualization

To troubleshoot a virtual application you can compare the virtual application’s trace with the base trace. Using this feature, you can see what is generating the issue.

Application Packaging

Nektra’s SpyStudio simplifies application virtualization packaging for VMware ThinApp and Symantec Workspace Virtualization. It includes advanced features for application harvesting, and troubleshooting. It is able to package applications with or without installation media in ThinApp environment.

Process Monitor Complement

SpyStudio is the user-mode Procmon complement. Looking for application errors with kernel-mode traces is tedious, and it is very difficult to see the final outcome of a user-mode call. With kernel-mode tools, you get a lot of noise that the application does not see, since a single user-mode call generates lots of kernel-mode events that are not important from the application’s perspective. Most application errors are generated by failed user-mode calls which expect a different state of some resources: registry keys and values, files, pipes, services and printers.

SpyStudio is also able to read Process Monitor logs and show them in a user friendly interface. It shows registry operations in tree form like Regedit and displays errors in red. File operations are also displayed in tree form.

.NET Troubleshoot

SpyStudio can now troubleshoot .NET applications: it logs exceptions, assembly loads, object creation and much more.

Malware Detection

SpyStudio is also being used in other IT sectors such as the cybersecurity field. The books Malware Forensics: Investigating and Analyzing Malicious Code and Malware Forensics Field Guide for Windows Systems discuss one way SpyStudio can be used to fight malware.

Case Studies:

  1. Nektra and VMware are Collaborating to Simplify Application Virtualization Packaging
  2. How Nektra Improved Desktop Virtualization for Symantec Corporation

SpyStudio Downloads

SpyStudio is free for any use.

You can se see our SpyStudio QuickStart Guide to learn how to start using SpyStudio.

For those who need a more specialized solution or a tailored version of SpyStudio we offer our System Software Development Services and Data Loss Prevention Solution Development.

Please feel free to Contact us directly.


  • XP SP3 or above.
  • .NET Framework 3.5 SP1 (skip this for Windows 7+)

Does not require:

  • It does not require installation, just unzip and use it
  • No Administrative privileges required, only the privileges of the application you want to intercept

You can see the complete changelog here

SpyStudio Support

You can read SpyStudio Wiki for technical details which includes a QuickStart Guide to learn how to start using SpyStudio.

If you have any other question or you want to give us your feedback contact us.


SpyStudio Versions Comparison Table

Feature / Version Free Basic Support
Trace Applications    
Show summary events for registry, filesystem, COM, etc.    
Use SpyStudio for Commercial tasks    
Export registry to .REG file format    
Troubleshoot applications comparing run logs
(see Compare Traces Example)
Export data to VMware ThinApp and Symantec Endpoint Virtualization
(see Creating VMware ThinApp Packages)
Response time N/A 48 hours
Escalation of your issues to core developers    
Use our templates library to create Office packages    
Price Free Contact Us

SpyStudio Virtualization

Simplify Application Packaging Process 

SpyStudio simplifies the packaging progress incresing your team’s productivity. Unlike other technologies, SpyStudio doesn’t require to execute the application installer making the whole process faster and easier.

Smart Resource Selector

SpyStudio is able to detect which components of the application are important to run in a virtual environment. When you create a package, SpyStudio selects by default most important files and keys based on a propietary algorithm developed in years of packaging experience.

Powerful UI

SpyStudio lets you modify the default selection checking or unchecking files and keys using a simple user interface.

Easy Updates

SpyStudio doesn’t need to reinstall the application or detect manually changes in its directory. SpyStudio detects changes and apply them to the application package.

Application Templates

Using these application templates SpyStudio’s users can package complex applications using a simple wizard.

Technology Independent

SpyStudio is able to load information from a Symantec Workspace Virtualization layer and convert it to a ThinApp package, or the opposite. This feature reduces your dependency in each technology.

Join the 300+ companies trusting Nektra

us air force
cornell university
apache milagro
trend micro

Latest Articles

This website uses cookies to improve your web experience.