The SysInternals tools are now on

The SysInternals tools -- including Process Explorer, Regmon, Filemon, and many more -- are now available here on  A couple of major highlights include Process Monitor, a new tool that supersedes Regmon and Filemon, and the SysInternals Suite, which combines the whole set of SysInternals tools into a single download package.

In addition, check out Mark's new TechNet blog, and the SysInternals blog.


Comments (7)

  1. Yesterday, I used the wonderful tools from SysInternals for troubleshooting some of the new VC++ 2005

  2. Yay for Sysinternals tools! 🙂 They make troubleshooting "stuff" easy! BTW, I just came across your blog today, Aaron, and I really like it! Good overall topic for desktop administrators …

  3. Gordon Fecyk says:

    I know there’s a sense of humour in there somewhere!  Please keep it on there!

    Gordon, it’s there:
    That item got the most press (by far) when the tools were migrated to

    — Aaron

  4. Anonymous says:

    Thanks for not pointing out the Microsoft has redacted the source code for these useful tools. We wouldn’t want programmers to understand how the scare operating system works would we.

    Very few of the utilities came with source code, and none of the really popular ones (like Regmon, Filemon, Process Explorer, etc.)

    The source offered only a limited view into a handful of undocumented and unsupported APIs intended for use only within Windows itself.  If you really want to know how Windows works, go get the book Mark Russinovich co-wrote with David Solomon, and which Microsoft published:  Windows Internals, 4th Edition.  976 pages packed with far more info than you’d ever get from a few source code files.


    — Aaron

  5. markovich says:

    and none of the really popular ones (like Regmon, Filemon, Process Explorer, etc.)

  6. David C says:

    I came across software running "Themida" protection what checks to see if you have a process monitoring agent like procman running.

    The software then refuses to run if procman is watching it.  I think its used for encrypted software looking to protect itself.  Are there any good alternatives to Procman to watchdog apps ?

Skip to main content