This tab lists out all of the browser extensions, toolbars, and browser helper objects that are usually used by malware to either spy on you or show you ads. This tab is immensely useful when working on other people’s computers, since they are much more likely to be using Internet Explorer than our readers are.
You can search online for the name of the process or the data in the column, see the detailed properties, or see if that entry is running by doing a quick search through Process Explorer - although many processes have a loader that then launches something else before exiting, so just because that feature shows no results doesn’t mean anything. Yellow – the startup entry is there, but the file or job it points to doesn’t exist anymore.Īlso just like most of the SysInternals tools, you can right-click on any entry and perform a number of actions, including jumping to the entry or image (the actual file in Explorer).Green – this color is used when comparing against a previous set of Autoruns data to indicate an item that wasn’t there last time.Pink – this means that no publisher information was found, or if code verification is on, means that the digital signature either doesn’t exist or doesn’t match, or there is no publisher information.Like most SysInternals tools, the items in the list can be different colors, and here is what they mean: These shady crapware companies started figuring out how to automatically load their software through browser helper objects, services, drivers, scheduled tasks, and even through some extremely advanced techniques like image hijacks and AppInit_dlls. In the olden days, software would start itself automatically by adding an entry to the Startup folder in the Start Menu, or adding a value into the Run key in the registry, but as people and software became more savvy at finding unwanted entries and deleting them, the makers of questionable software started finding ways to get more and more sneaky. Wrapping Up and Using the Tools Together.
Analyzing and Managing Your Files, Folders, and Drives.Using PsTools to Control Other PCs from the Command Line.Using BgInfo to Display System Information on the Desktop.Using Autoruns to Deal with Startup Processes and Malware.Using Process Monitor to Troubleshoot and Find Registry Hacks.Using Process Explorer to Troubleshoot and Diagnose.What Are the SysInternals Tools and How Do You Use Them?.
0 kommentar(er)
