SecTeer VulnDetect Support Forum

    VulnDetect

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Download VulnDetect Installer

    [Added] Autoruns - App-Request

    Added App Requests
    app-request
    3
    24
    7174
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_S
      OLLI_S Community Moderator last edited by OLLI_S

      Name of the app:
      Autoruns

      Developer:
      Sysinternals

      Website:
      https://docs.microsoft.com/de-de/sysinternals/

      Download Site:
      https://docs.microsoft.com/de-de/sysinternals/downloads/autoruns

      Version number displayed in the app:
      13.93

      App-Icon: (in ICO format)
      I still can not upload icon files

      Notes:

      • The icon is available in 48 x 48 pixel

      Here the information extracted from the 32-Bit EXE file:

      File name and path:     D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\Autoruns.exe
      Product Name:           Sysinternals autoruns
      Internal Name:          Sysinternals Autoruns
      Original Filename:      autoruns.exe
      
      File Description:       Autostart program viewer
      Company:                Sysinternals - www.sysinternals.com
      Legal Copyright:        Copyright (C) 2002-2018 Mark Russinovich
      Legal Trademarks:       
      Comments:               
      
      File Version String:    13.93
      File Version:           13.93.0.0
      Product Version String: 13.93
      Product Version:        13.93.0.0
      

      Here the information extracted from the 64-Bit EXE file:

      File name and path:     D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\Autoruns64.exe
      Product Name:           Sysinternals autoruns
      Internal Name:          Sysinternals Autoruns
      Original Filename:      autoruns.exe
      
      File Description:       Autostart program viewer
      Company:                Sysinternals - www.sysinternals.com
      Legal Copyright:        Copyright (C) 2002-2018 Mark Russinovich
      Legal Trademarks:       
      Comments:               
      
      File Version String:    13.93
      File Version:           13.93.0.0
      Product Version String: 13.93
      Product Version:        13.93.0.0
      
      1 Reply Last reply Reply Quote 0
      • OLLI_S
        OLLI_S Community Moderator last edited by

        OK, I agree with you!
        Issue solved

        1 Reply Last reply Reply Quote 0
        • T
          Tom VulnDetect Team Member @OLLI_S last edited by

          @OLLI_S I may be wrong, but I would assume that people who download Sysinternals, more specifically, Autorunsc would know what CLI means.

          /Tom
          Download the latest SecTeer VulnDetect agent here:
          https://vulndetect.com/dl/secteerSetup.exe

          1 Reply Last reply Reply Quote 0
          • OLLI_S
            OLLI_S Community Moderator last edited by

            Thank you, I see this.
            Would it be better to write Command Line instead of CLI (more user fiendly)?

            T 1 Reply Last reply Reply Quote 0
            • T
              Tom VulnDetect Team Member @OLLI_S last edited by

              @OLLI_S So, Autoruns (CLI) now added

              /Tom
              Download the latest SecTeer VulnDetect agent here:
              https://vulndetect.com/dl/secteerSetup.exe

              1 Reply Last reply Reply Quote 0
              • OLLI_S
                OLLI_S Community Moderator last edited by OLLI_S

                Here the version info of Autorunsc x32

                File name and path:     D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\autorunsc.exe
                Product Name:           Sysinternals autoruns
                Internal Name:          Sysinternals Autoruns
                Original Filename:      autoruns.exe
                
                File Description:       Autostart program viewer
                Company:                Sysinternals - www.sysinternals.com
                Legal Copyright:        Copyright (C) 2002-2018 Mark Russinovich
                Legal Trademarks:       
                Comments:               
                
                File Version String:    13.93
                File Version:           13.93.0.0
                Product Version String: 13.93
                Product Version:        13.93.0.0
                

                Here the version info of Autorunsc x64

                File name and path:     D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\autorunsc64.exe
                Product Name:           Sysinternals autoruns
                Internal Name:          Sysinternals Autoruns
                Original Filename:      autoruns.exe
                
                File Description:       Autostart program viewer
                Company:                Sysinternals - www.sysinternals.com
                Legal Copyright:        Copyright (C) 2002-2018 Mark Russinovich
                Legal Trademarks:       
                Comments:               
                
                File Version String:    13.93
                File Version:           13.93.0.0
                Product Version String: 13.93
                Product Version:        13.93.0.0
                

                Important Note

                Autorunsc is the command-line version of Autoruns.
                So maybe you write Autorunsc (Autoruns Command Line)?

                T 1 Reply Last reply Reply Quote 0
                • OLLI_S
                  OLLI_S Community Moderator last edited by OLLI_S

                  What about detecting Autorunsc as well?
                  @Tom Do you need the version info from the EXE file?

                  1 Reply Last reply Reply Quote 0
                  • OLLI_S
                    OLLI_S Community Moderator last edited by

                    Autoruns is detected by VulnDetect and the version number is also correct.
                    Issue solved!

                    1 Reply Last reply Reply Quote 0
                    • T
                      Tom VulnDetect Team Member last edited by

                      1 down X to go

                      /Tom
                      Download the latest SecTeer VulnDetect agent here:
                      https://vulndetect.com/dl/secteerSetup.exe

                      1 Reply Last reply Reply Quote 0
                      • T
                        Tom VulnDetect Team Member @OLLI_S last edited by

                        @OLLI_S Yes, it looks that way... That's gonna be a looong day

                        /Tom
                        Download the latest SecTeer VulnDetect agent here:
                        https://vulndetect.com/dl/secteerSetup.exe

                        1 Reply Last reply Reply Quote 0
                        • OLLI_S
                          OLLI_S Community Moderator last edited by

                          I think you have to add each tool separate...

                          T 1 Reply Last reply Reply Quote 0
                          • A
                            Anselm last edited by

                            @Tom @OLLI_S After executing a sysinternal tool you have to accept an eula (for each tool!). Accepting this writes to the registry.

                            1 Reply Last reply Reply Quote 0
                            • A
                              Anselm @Tom last edited by

                              @Tom I don't think you will find something in the registry. It is only unpacking a zip file - no installation.

                              1 Reply Last reply Reply Quote 0
                              • OLLI_S
                                OLLI_S Community Moderator last edited by OLLI_S

                                The suite is just a ZIP file containing all tools in one bundle.
                                It is not installed, it is just unzipped to a target folder.
                                And all tools of Sysinternals are portable tools, I think they don't write anything in the registry.

                                So when a user downloads the complete suite and extracts it, then you only can detect each tool separate because there is no Launcher or other application where you see that it is the complete suite.
                                There are only the single tools (as far as I know and as far as I can see).

                                And what if the user downloads the entire suite but deletes some apps from the folder, that he does not need?
                                Like he deletes all 32-Bit versions of those tool that also offer a 64-Bit version?
                                And what if the user updates a single tool separate and does not download the complete suite again?
                                For example a user updates Autoruns but some other tools are not updated by the user?

                                In my opinion you only can detect each tool separate.

                                Later when you support grouping you should show an entry called Sysinternals Suite and leave the version number empty.
                                If I expand it, then I see each installed tool with the proper version number.
                                This grouping should be shown when you have more than one tool of the suite.

                                @Tom can start detecting some of those tools individually so later only groping is needed.

                                1 Reply Last reply Reply Quote 0
                                • T
                                  Tom VulnDetect Team Member @Anselm last edited by

                                  @Anselm I believe this will be a combination of one of the files and the registry. Probably quite similar to the K-Lite case. But, a quick a look in the registry did not reveal much. So I have to install it on a test system one of the coming days and investigate.

                                  /Tom
                                  Download the latest SecTeer VulnDetect agent here:
                                  https://vulndetect.com/dl/secteerSetup.exe

                                  A 1 Reply Last reply Reply Quote 0
                                  • A
                                    Anselm @Tom last edited by

                                    @Tom Yes, you should detect it as suite. But i am interested how you will do it.

                                    T 1 Reply Last reply Reply Quote 0
                                    • OLLI_S
                                      OLLI_S Community Moderator last edited by OLLI_S

                                      @Tom and @Anselm
                                      The Sysinternals Suite is a ZIP-file that contains all Sysinternals Tools.
                                      You extract it into a folder of your choice and there are all tools in one folder.

                                      As far as I can see there is no separate launcher?
                                      So you have to detect each app separate.

                                      1 Reply Last reply Reply Quote 0
                                      • A
                                        Anselm @Tom last edited by

                                        @Tom FYI: https://docs.microsoft.com/en-us/sysinternals/downloads/

                                        1 Reply Last reply Reply Quote 0
                                        • A
                                          Anselm @Tom last edited by

                                          @Tom I agree. But i think you will not find a version identifier for the suit. Maybe the newest program in the bundle?

                                          1 Reply Last reply Reply Quote 0
                                          • T
                                            Tom VulnDetect Team Member @Anselm last edited by

                                            @Anselm Exactly, and these are always a bit of an issue, since if we add all individual programs and the suite, then we will clutter your app list, until the day where we properly can handle bundled apps.

                                            So I guess that we will add detection for the suite soon and then postpone the individual apps until we can "bundle" it, what do you think?

                                            /Tom
                                            Download the latest SecTeer VulnDetect agent here:
                                            https://vulndetect.com/dl/secteerSetup.exe

                                            A 3 Replies Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                                            Please see our Privacy and Data Processing Policy
                                            Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                                            Forum software by NodeBB