Mark's Blog
Mark Russinovich's technical blog covering topics such as Windows troubleshooting, technologies and security.
The Case of the Missing AutoPlay
I’ve been presenting talks on Windows Vista kernel changes since TechEd US in the summer of 2006 and...
Author: Mark Russinovich Date: 12/31/2007
The Case of the Frozen Clock Gadget
Besides Aero Glass, one of the most visible features of Windows Vista is the Sidebar with its set of...
Author: Mark Russinovich Date: 10/15/2007
The Case of the Failed File Copy
The other day a friend of mine called me to tell me that he was having a problem copying pictures to...
Author: Mark Russinovich Date: 10/01/2007
Vista Multimedia Playback and Network Throughput
A few weeks ago a poster with the handle dloneranger reported in the 2CPU forums that he experienced...
Author: Mark Russinovich Date: 08/26/2007
The Case of the Failed File Compression
The other day Bryce tried to use Explorer’s Send To Compressed (zipped) Folder feature, seen below,...
Author: Mark Russinovich Date: 08/06/2007
The Case of the Unexpected PsList Error
Not long after I deployed Windows Vista on my main desktop system I noticed that a process became...
Author: Mark Russinovich Date: 07/05/2007
The Case of the Insecure Security Software
A little over a year ago I set out to determine exactly why, prior to Window Vista, the Power Users...
Author: Mark Russinovich Date: 06/15/2007
The Case of the Unknown Autostart
A few weeks ago I installed an update to a popular Internet Explorer media-player ActiveX control on...
Author: Mark Russinovich Date: 05/21/2007
WinHEC, TechEd and MSDRT
I love speaking at conferences. They provide great opportunities to share information, meet...
Author: Mark Russinovich Date: 05/10/2007
Botnets by Email
I make no effort to hide my email address, which means that I know the instant a new email-based...
Author: Mark Russinovich Date: 04/09/2007
PsExec, User Account Control and Security Boundaries
I introduced the -l switch to PsExec about a year and a half ago as an easy way to execute processes...
Author: Mark Russinovich Date: 02/12/2007
The Case of the Mysterious Code Signing Failures
I digitally sign code on a regular basis in the course of preparing Sysinternals executables for...
Author: Mark Russinovich Date: 12/11/2006
The Case of the Notepad that Wouldn't Run
Dave Solomon was on campus a couple of weeks ago presenting a Windows internals seminar to Microsoft...
Author: Mark Russinovich Date: 10/01/2006
The Case of the Process Startup Delays
I’ve been extremely busy here at Microsoft and so haven’t had time to blog until now,...
Author: Mark Russinovich Date: 08/31/2006
My Blog Has Moved
My blog has moved to its new home at Microsoft TechNet blogs where you'll find my current post, The...
Author: OttoHelweg2 Date: 08/31/2006
The First Week
First I want to thank the many people that have sent me warm wishes on my move to Microsoft directly...
Author: OttoHelweg2 Date: 07/31/2006
On My Way to Microsoft!
I’m very pleased to announce that Microsoft has acquired Winternals Software and Sysinternals....
Author: OttoHelweg2 Date: 07/18/2006
The Case of the Mysterious Driver
The other day I used Process Explorer to examine the drivers loaded on a home system to see if I’d...
Author: OttoHelweg2 Date: 03/27/2006
Running as Limited User - the Easy Way
Malware has grown to epidemic proportions in the last few years. Despite applying layered security...
Author: OttoHelweg2 Date: 03/02/2006
Using Rootkits to Defeat Digital Rights Management
The Sony rootkit debacle highlighted the use of rootkits to prevent pirates and authors of CD...
Author: OttoHelweg2 Date: 02/06/2006
Sony, Rootkits and Digital Rights Management Gone Too Far
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my...
Author: OttoHelweg2 Date: 10/31/2005
The Bypass Traverse Checking (or is it the Change Notify?) Privilege
Privileges are special security powers that you assign to accounts in Local Policies->User Rights...
Author: OttoHelweg2 Date: 10/19/2005
The Case of the Periodic System Hangs
A few months ago I began experiencing periodic system freezes of about a second where even my mouse...
Author: OttoHelweg2 Date: 07/17/2005
An Explosion of Audit Records
One of the topics I cover in the security module of the Windows internals seminar that I teach with...
Author: OttoHelweg2 Date: 06/15/2005
Buffer Overflows in Regmon Traces
Last time I talked about buffer overflow errors that you might see in Filemon traces. Now I’ll turn...
Author: OttoHelweg2 Date: 06/04/2005
Buffer Overflows
No, I’m not talking about the kind of buffer overflows that viruses can take advantage of to inject...
Author: OttoHelweg2 Date: 05/17/2005
Circumventing Group Policy Settings
Group policy settings are an integral part of any Windows-based IT environment. If you’re a network...
Author: OttoHelweg2 Date: 04/30/2005
The Case of the Mysterious Locked File
The other day I was intently editing code in Visual Studio and hit F7 to compile my latest batch of...
Author: OttoHelweg2 Date: 04/24/2005