Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup program .. Process Explorer and Autoruns


  • Please log in to reply
4 replies to this topic

#1 Chaho-g

Chaho-g

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 28 February 2014 - 02:31 PM

I downloaded both Process Explorer and Autoruns but I don't see any of the status symbols Y N X U ?...next to the programs. How can I resolve this. Thanks



Mod Edit: Moved to get more eyes on topic. Also Edited topic
~~ boopme

Edited by boopme, 28 February 2014 - 09:05 PM.


BC AdBot (Login to Remove)

 


#2 FlannelBack

FlannelBack

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 01 March 2014 - 12:54 PM

Neither Process Explorer nor Autoruns will display those status symbols.

Grinler's "How To Use The Startup Database." gives a good explanation of how to use BleepingComputer's Startup Database in conjunction with Autoruns.


Edited by FlannelBack, 01 March 2014 - 01:05 PM.


#3 Chaho-g

Chaho-g
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 02 March 2014 - 03:45 PM

Neither Process Explorer nor Autoruns will display those status symbols.

Grinler's "How To Use The Startup Database." gives a good explanation of how to use BleepingComputer's Startup Database in conjunction with Autoruns.

Thanks FlannelBack for replying but when going to "How to use the StartupDatabase" it state:

For each program there is a status key that describes how we recommend the program should be allowed to operate. This status key is broken down as follows:

? - Unsure as to whether it needs to run or not, but not malware.

N - Not necessary to run as it can be started as needed.

U - Its up to the user. Its not necessary to run for the computer to work, but may be important enough to have running for some users.

Y - Yes, this program is necessary to run in order for the computer or a program to operate correctly.

X - This is considered malware or undesirable to have on the machine as it can cause problems.                                                      

 

When following the directions I don't see any symbols. How can I get them ?



#4 Chaho-g

Chaho-g
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 02 March 2014 - 03:52 PM

Thanks FlannelBack for replying but when going to "How to use the StartupDatabase" it state:

For each program there is a status key that describes how we recommend the program should be allowed to operate. This status key is broken down as follows:

? - Unsure as to whether it needs to run or not, but not malware.

N - Not necessary to run as it can be started as needed.

U - Its up to the user. Its not necessary to run for the computer to work, but may be important enough to have running for some users.

Y - Yes, this program is necessary to run in order for the computer or a program to operate correctly.

X - This is considered malware or undesirable to have on the machine as it can cause problems.                                                      

 

When following the directions I don't see any symbols. How can I get them ?



#5 FlannelBack

FlannelBack

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 03 March 2014 - 01:26 AM

The appropriate "Status key" will be shown on the "Search Results" page for a particular item in BleepingComputer's Startup Database.

Example:

In Autoruns you will see two rows of tabs near the top.  For now, we're interested in the "Everything" tab.  Below that is a row of four column headings:

  • Autorun Entry
  • Description
  • Publisher
  • Image Path

On mine for instance, under the "Autorun Entry" column I have an item listed as "Adobe ARM".  When highlighting that line/row, the bottom window pane displays the name of the file that is actually run/executed.  In this case "adobearm.exe".  The name of the file will also be shown under the "Image Path" column.

AR_Arm.png
Going to BleepingComputer's "Startup List" page and entering  adobearm.exe in the "Search for a Startup" search box, a "Search Results" page is displayed showing some information about "adobearm.exe", including the appropriate "Status key".  In the case of "adobearm.exe" the status is "N".

BC_SUR.png
While viewing the "Search Results" page, clicking on the file name will display a  page with more information about the file.
 

Some precautions when using Autoruns.

  • Before making any changes, from the "File" menu select "Save..." to save the current startup configuration.
  • Under the "Options" menu, make sure the "Hide Microsoft and Windows Entries" selection has a check mark in front of it.  If it is not check marked click the selection and then press "F5" to refresh the list.
  • Don't un-check an "Autorun Entry" indiscriminately. Make sure you know what an entry is before un-checking it.
  • If you suspect a malware problem is afoot, don't make any changes using Autoruns unless instructed to do so by a malware removal expert.

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users