• PC World
• »Security

Nearly four months after hiring Sony rootkit whistleblower Mark Russinovich, Microsoft has moved his company's software to its Web site and has released a new Windows system tool that can help fight hackers.

The freeware products, now known as Windows Sysinternals were made available on Microsoft's Web site earlier this week. They are based on the code that Russinovich and Bryce Cogswell had been distributing on Sysinternals.com before Microsoft bought their company, Winternals Software, in July.

Original Tools Updated

"The tools are the same as what was on the original Sysinternal site with the exception of some updates and the release of Process Monitor," said Russinovich in an e-mail interview. Process Monitor is new software, based on code from two Sysinternals tools, which keeps track of activity on the Windows file system and registry and is designed to help Windows administrators with troubleshooting and malware detection.

Russinovich and Cogswell founded Winternals in 1996, and have since produced a number of widely used system-recovery and performance-tuning products.

Russinovich made international headlines last November after he discovered that copy protection software that Sony had been distributing with millions of CDs was cloaking itself using undetectable "rootkit" software. Sony was ultimately forced to recall the affected CDs after hackers began using the rootkit to hide malicious code.

Russinovich's popular blog, along with his original posting on the Sony rootkit have been moved to Microsoft's Technet Web site.

No Source Code

One aspect of the Sysinternals.com Web site that did not survive the transition to Microsoft is the free source code that Cogswell and Russinovich had made available for some of their tools.

These tools were not often downloaded, however, Russinovich said. That fact, "combined with the Microsoft requirement of having all published source scrubbed for security ... and compatibility issues, drove the decision not to move it forward," he said.