AutoRuns for Windows v9.0

Discussion in 'other software & services' started by ronjor, Dec 18, 2007.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,763
    Location:
    Texas
    Microsoft Sysinternals
     
  2. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Thanks Ron! :)
     
  3. newbino

    newbino Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    377
    From Windows Sysinternals Autoruns page
    article
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I ran Autoruns immediately and it found this very suspicious object in my online and even off-line system partition under :

    HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
    Autorun Entry: 0
    Description...: blank (very suspicous)
    Publisher......: blank (very suspicious, unknown source)
    Image Path...: File not found About:Home (very suspicious, completely hidden)

    I was stupified, because that was in theory impossible.
    Was this a sneaky rootkit or keylogger ?
    Was this a malware that infected the firmware of all my hardware components ?
    Was this an object caused by one of these "invisible" things of Joanna ?
    Was I infected by Rustock A upto Z ?
    Was this malware telling me I'm a zero as a bad joke ?
    I don't know. After the first panic and taking a valium pill, I got my common sense back.

    I have an image of WinXPproSP2 only, which has never been on-line, not even for activation.
    If that image also contained this suspicious object, I was malware-free.

    So I restored that image, ran Autoruns and this suspicious object appeared again in the Autoruns List, which means it was NOT a malicious object.
    Case closed and back to normal.

    This is typical M$ : scaring the user about nothing. This is the second time. :mad:
     
    Last edited: Dec 19, 2007
  5. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
  6. appster

    appster Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    530
    Location:
    Paradise (Hawaii)
    @Erik, fwiw I have that also, so perhaps that provides additional reassurance that it actually is an MS entry. ;)
     
  7. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Thanks for the tip! I'm running Autoruns v8.6. can I install v9 over my v8.6 or do I have to uninstall v8.6 first? Thanks:)
     
  8. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    I just replace all 4 existing files with the 4 new ones...
     
  9. appster

    appster Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    530
    Location:
    Paradise (Hawaii)
    There is no install (as such). Just replace the old exe with the new one.
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I installed right over the old one. Works for me!

    Ah Ron -- 10Q!
     
  11. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Thanks all. :D
     
  12. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Erik,
    Autoruns isn't a blacklist scanner. It only informs you about certain system variables and it's up to you to verify/decide on them.
    It's a forensic tool (like HijackThis, Runscanner, anti-rootkits, integrity checkers, etc) and it isn't targeted to "newbies", although you can learn how to use it without fear.
     
Loading...
Thread Status:
Not open for further replies.