[Added] Autoruns - App-Request
-
@Tom Yes, you should detect it as suite. But i am interested how you will do it.
-
@Anselm I believe this will be a combination of one of the files and the registry. Probably quite similar to the K-Lite case. But, a quick a look in the registry did not reveal much. So I have to install it on a test system one of the coming days and investigate.
-
The suite is just a ZIP file containing all tools in one bundle.
It is not installed, it is just unzipped to a target folder.
And all tools of Sysinternals are portable tools, I think they don't write anything in the registry.So when a user downloads the complete suite and extracts it, then you only can detect each tool separate because there is no Launcher or other application where you see that it is the complete suite.
There are only the single tools (as far as I know and as far as I can see).And what if the user downloads the entire suite but deletes some apps from the folder, that he does not need?
Like he deletes all 32-Bit versions of those tool that also offer a 64-Bit version?
And what if the user updates a single tool separate and does not download the complete suite again?
For example a user updates Autoruns but some other tools are not updated by the user?In my opinion you only can detect each tool separate.
Later when you support grouping you should show an entry called Sysinternals Suite and leave the version number empty.
If I expand it, then I see each installed tool with the proper version number.
This grouping should be shown when you have more than one tool of the suite.@Tom can start detecting some of those tools individually so later only groping is needed.
-
@Tom I don't think you will find something in the registry. It is only unpacking a zip file - no installation.
-
-
I think you have to add each tool separate...
-
@OLLI_S Yes, it looks that way... That's gonna be a looong day
-
1 down X to go
-
Autoruns is detected by VulnDetect and the version number is also correct.
Issue solved! -
What about detecting Autorunsc as well?
@Tom Do you need the version info from the EXE file? -
Here the version info of Autorunsc x32
File name and path: D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\autorunsc.exe Product Name: Sysinternals autoruns Internal Name: Sysinternals Autoruns Original Filename: autoruns.exe File Description: Autostart program viewer Company: Sysinternals - www.sysinternals.com Legal Copyright: Copyright (C) 2002-2018 Mark Russinovich Legal Trademarks: Comments: File Version String: 13.93 File Version: 13.93.0.0 Product Version String: 13.93 Product Version: 13.93.0.0
Here the version info of Autorunsc x64
File name and path: D:\PortableApps\PortableApps\_WSCCPortable\Sysinternals Suite\autorunsc64.exe Product Name: Sysinternals autoruns Internal Name: Sysinternals Autoruns Original Filename: autoruns.exe File Description: Autostart program viewer Company: Sysinternals - www.sysinternals.com Legal Copyright: Copyright (C) 2002-2018 Mark Russinovich Legal Trademarks: Comments: File Version String: 13.93 File Version: 13.93.0.0 Product Version String: 13.93 Product Version: 13.93.0.0
Important Note
Autorunsc is the command-line version of Autoruns.
So maybe you write Autorunsc (Autoruns Command Line)? -
@OLLI_S So, Autoruns (CLI) now added
-
Thank you, I see this.
Would it be better to write Command Line instead of CLI (more user fiendly)? -
@OLLI_S I may be wrong, but I would assume that people who download Sysinternals, more specifically, Autorunsc would know what CLI means.
-
OK, I agree with you!
Issue solved
