SysInternals has always been a source of great tools for troubleshooting your system. FileMon, RegMon, Process Explorer, Handle, ListDlls, PsTools, DebugView: all of these have earned a permanent place on my Windows installations. Mark Russinovich, the co-founder, is a world-class hacker. He co-wrote Microsoft Windows Internals without access to the Windows source. It was he who discovered the Sony Rootkit and publicized it on his widely read blog.
Many people were somewhat disturbed to learn that Microsoft bought SysInternals a few months ago, that it would compromise the tools.
It seems not to be a problem. The tools have just been re-released on the TechNet SysInternals site. There’s one new tool, ProcMon, which aggregates together FileMon, RegMon, and a process monitor. And they’ve made the whole suite available as one zipfile, instead of having to download each tool separately.