microsoft
Report a problem

Microsoft Releases Sony Rootkit Hunter's Tools

Daniel Fleshbourne   on 10 November 2006 - 11:47 · 8 comments & 6830 views

Advertisement (Why?)
Nearly four months after hiring Sony rootkit whistleblower Mark Russinovich, Microsoft has moved his company's software to its Web site and has released a new Windows system tool that can help fight hackers. The freeware products, now known as Windows Sysinternals were made available on Microsoft's Web site earlier this week. They are based on the code that Russinovich and Bryce Cogswell had been distributing on Sysinternals.com before Microsoft bought their company, Winternals Software, in July

"The tools are the same as what was on the original Sysinternal site with the exception of some updates and the release of Process Monitor," said Russinovich in an e-mail interview. Process Monitor is new software, based on code from two Sysinternals tools, which keeps track of activity on the Windows file system and registry and is designed to help Windows administrators with troubleshooting and malware detection.

View: The full story
News source: PCWorld

Post a comment · Send to friend Comments · There are 8 additional comments
#1 Mysterio on 10 Nov 2006 - 15:53
As long as there's this:

http://www.winternals.com/Products/Adminis...ak/Default.aspx

I'm a happy camper....
#2 GShapiro on 10 Nov 2006 - 16:35
It is my understanding that someone else actually broke the news about the Sony rootkit and not Russinovich.
(1 reply) #3 Havin_it on 10 Nov 2006 - 21:36
<paranoia>

I always relied upon Sysinternals kit to show me what Windows was doing behind my back. Slightly less confident of them in this respect now, it has to be said.

</paranoia>
#3.1 guylaroche on 13 Nov 2006 - 04:13
I understand your feelings -- and have to admit I mostly agree.
(2 replies) #4 toadeater on 10 Nov 2006 - 22:49
Autoruns is priceless. Why didn't MS ever make a tool to manage system startup like this? Why didn't MS ever make a decent task manager? MS never even made a decent registry editor or file association editor.

Strange isn't it? As always, I suspect MS had a nefarious reason for not wanting to give users such control. Those users may then have disabled some MS spamware perhaps...
#4.1 Andareed on 10 Nov 2006 - 22:50
What's wrong with regedit?
#4.2 Denver_80203 on 11 Nov 2006 - 07:52
yeah.. that would be called "msconfig"

try it from the run line sometime
#5 Yochanan on 18 Dec 2006 - 09:13
msconfig can't disable the WGA service.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)