SysInternals Updater is a free program for Microsoft Windows systems to update SysInternals software automatically on the device it is run on.
Applications developed by SysInternals are used by many Windows technicians, system administrators and tech savvy computer users.
The tool collection offers some of the best applications in their respective field, among the utilities like Autoruns, Process Explorer or Rootkit Revealer.
The software programs can be downloaded separately from the website, or as part of the SysInternal Suite which contains all public programs in their latest version.1041
One problem with both options is that the tools are not updated automatically. This means that it is up to the user to find out if updates are available, and if they do, download and replace the old file versions with the new.
While it is possible to directly access the tools at http://live.sysinternals.com/ it is usually better to have them available locally as they are then available even if an Internet connection is not available or unstable.
SysInternals Updater has been designed to make the updating of SysInternals applications comfortable. The portable application can be used to scan a folder for existing programs, compare their versions with the latest versions of detected SysInternals tools, and download selected program files to the local system.
It is semi-automated which means that it is up to the user to select the right folder where the applications are installed. Users should note that the tool assumes that all programs are stored in the same directory which is the case if the SysInternals Suite has been downloaded and unpacked.
SysInternals Updater checks the program versions of the selected folder automatically, and auto-selects programs that are either not up to date, or non existing in the folder. It is possible to select or deselect files which is the only way to update only those files that are already on the host system.
The most recent version of SysInternals Update has a Settings tab added to it which you may use to configure the program processes.
You may configure it to kill any running SysInternals program to avoid conflicts during the updating, compare local files with external files, select which SysInternal files the program should show to you, and toggle logfile creation.
SysInternals Updater is a handy tool, especially for users who have downloaded the full suite of applications from SysInternals. The software is compatible with 32-bit and 64-bit editions of Windows. A download is provided at the developer website.
It’s probably a false positive, but Arcavirus finds something called “Trojan.Refroso.byxa” in the file (probably caused by the packer is a guess).
In addition, the same program finds the same trojan in several of the author’s other files:
I have used this author’s JKDefragGUI in the past and found it to be of excellent value. I think there was some discussion in the JkDefrag forums regarding the packer used and a possible trojan.
As I recall, the program author responded as he did in this recent thread regarding the same trojan found above in MydefragPowerGUI:
The program author advised sending the file to a virus scanning site.
The author himself found 16 scanners noticed problems and recompiled the program.
As of today, the Mydefrag site (which recommends various gui’s for the program) has not listed MydefragPowerGUI, although in this August, 2010 thread, the author of Mydefrag stated it would be listed on his “See Also” page:
Perhaps both the authors of Mydefrag and MydefragPowerGUI/Sysinterals Update would like to clear up the situation?
Personally, I think Emiel writes some very good programs, but the trojan problems should be explained on the front page of the site if they’re false positives.
PS – Does anyone know if Arcavirus is reliable?
Just tried to search to see if the “Trojan/Refroso” was addressed at http://www.wieldraaijer.nl. It appears that the program author provides Virustotal pdf files that indicates an AV program called JiangMin
consistently finds the same trojan (Virustotal doesn’t use Arcavirus).
If the author of Sysinternals Updater reads this site, can he please clear up the situation or at least post a “false positive” disclaimer somewhere on his site?
Sysinternal has always returned false positives with AV software. It has to do with the way the access the systems at the root level.
Just did a VirusTotal.com:
Jiangmin 13.0.900 2011.01.11 Trojan/Refroso.ijp
in all likelihood false positives
Try WSCC! http://www.kls-soft.com/wscc/index.php
This Tool integrates sysinternal, nirsoft and windowsown utilities to one plattform including an updater.
Kaspersky KAV 2011 flaged a warning about the tool maybe used by hackers.
My Programs are written in AutoIt, the files are packet with UPX and the headers are modified to prevent decompiling.. this causes the false positives. The way the executables are packed with upx caused the amount of false positives.
My program MyDefragPowerGUI isn’t listed on Jeroen Kessels website because i did not ask Jeroen to do it.
Most virus warnings are made by programs i have never seen of heard of before..and i now about virusses for a long time..