George V. Reilly

New SysInternals Site and Tools

Windows SysInternals

Sys­In­ter­nals has always been a source of great tools for trou­bleshoot­ing your system. FileMon, RegMon, Process Explorer, Handle, ListDlls, PsTools, DebugView: all of these have earned a permanent place on my Windows in­stal­la­tions. Mark Russi­novich, the co-founder, is a world-class hacker. He co-wrote Microsoft Windows Internals without access to the Windows source. It was he who discovered the Sony Rootkit and publicized it on his widely read blog.

Many people were somewhat disturbed to learn that Microsoft bought Sys­In­ter­nals a few months ago, that it would compromise the tools.

It seems not to be a problem. The tools have just been re-released on the TechNet Sys­In­ter­nals site. There’s one new tool, ProcMon, which aggregates together FileMon, RegMon, and a process monitor. And they’ve made the whole suite available as one zipfile, instead of having to download each tool separately.

