Windows Sysinternals Administrator’s Reference – now available!

Many of you have long wished for comprehensive, detailed documentation of the Sysinternals utilities. It has finally arrived. Over two years in the making, the Windows Sysinternals Administrator’s Reference (written by Mark Russinovich and me) is now available for purchase on and available from O'Reilly in 4 ebook formats, or you can read it online through Safari. If you do any Windows Sysinternals Administrator's Reference book covertechnical work on the Windows platform, there are Sysinternals utilities that will help you. And whether you are a novice or a guru, this book will help you use the utilities more effectively.

So how did I get involved in this?

I was one of the technical reviewers of a previous iteration of the book that Mark had been working on with another co-author. On May 6, 2009, we reviewers received an email from the co-author saying he needed to step down from the project because the time commitment was turning out to be too great. My initial thoughts were, “Darn! This book needs to be written. I wish I had the time to do it, but I don’t.” Somehow over the next few hours I convinced myself that maybe I could, and at 3am I sent Mark a note suggesting that I take over the project. (One of these days I’ll absorb the lesson I should have learned many times over that any email composed at 3am should be sat upon, not sent.)

Rather than saying “yes” right away, Mark suggested that I write the Process Monitor chapter so that he could evaluate whether my writing was a good fit for his book, and I could better gauge whether I really wanted to take on the project. Within a few weeks I sent Mark a draft. He loved its organization, thoroughness and tone, so we moved forward.

Writing a book – even for Microsoft Press – is outside of the regular duties of my day job in Microsoft Services, so I could do it only in my “spare time”. I had never written a book before, but I knew from other authors that it’s a big time sink. Being very detail-oriented in my writing, I knew that it would take a lot longer and be a lot harder than whatever I expected, no matter what my estimates were. It actually turned out to be even worse than that. It consumed all my nights and weekends, and – especially – vacations. Yes, all my vacations for the past two years have been spent holed up in my basement office, researching and writing.

I committed that I wouldn’t write anything unless I observed it working as I described it and fully understood what it meant. It’s a good thing that Mark asked me to start with Process Monitor rather than Process Explorer – I might have run from the project screaming if I’d had to write Procexp up first. While Procmon ended up at 44 pages, the Procexp chapter required 62 pages to document. But because Procexp is such a comprehensive tool that touches so many different parts of Windows, it took much more than 40% as long to write. I think the quality of the book reflects the extra effort. Enjoy!

Now I’m looking forward to having a real vacation again, but I don’t know whether I’ll remember how to enjoy it. I’ll probably spend all my time thinking about the Second Edition. :)