Page 2 of 2

Re: Sysinternals AutoRuns

Posted: Sat Jul 09, 2016 11:52 am
by JohnTHaller
Sysinternals does this with their tools on a semi-regular basis. We always have to update one of the online installers for their tools at PortableApps.com when it happens and we don't get a warning because they don't make a blog post about it. We don't have another way around it because the tools' license does not permit redistribution (so hosting it ourselves or repacking it would be illegal) and we have our installers check the MD5 hash on the download because we verify that each specific version posted is virus/malware free before posting an online installer to it.

Re: Sysinternals AutoRuns

Posted: Tue Sep 12, 2017 1:51 am
by __philippe
Autoruns v13.80 released 11SEP2017

SysInternals' website has endured some overhaul, recently,...for the worse, IMO

They don't even bother to document changes between their utilities versions any longer... :roll:
Former "Blog changelogs", meager as they used to be, have disappeared altogether.

To add insult to injury, the official page for a specific utility fails to consistently document the current version available for download.

Case in point: (as of 12SEP2017 11:00UTC)
Autoruns official page is still documenting a former v13.71 version published 16MAY2017

For a reliable reference to an up-to-date Utilities publication timestamp,
I'd peruse instead SysInternals' live archive directory

Re: Sysinternals AutoRuns

Posted: Tue Sep 12, 2017 3:41 am
by Midas
__philippe wrote:I'd peruse instead SysInternals' live archive directory

Thanks for the tip, didn't know about that. :)

Re: Sysinternals AutoRuns

Posted: Tue Sep 12, 2017 6:37 am
by __philippe
You're welcome... 8)

From now on,
ascertaining SysInternals' utilities actual version number will call for some PE forensic tools, to ferret out their internal ID-tags.

Handy tool candidates:
PPee | PeStudio | BinText...and even, in a jiffy, SysInternal's own SigCheck CLI... :mrgreen:

PPee

Image

PeStudio

Image

BinText

Image

SigCheck

Code: Select all

c:>sigcheck -a -q autoruns.exe

c:\Autoruns.exe
        Verified:       Signed
        Signing date:   3:26 11/09/2017
        Publisher:      Microsoft Corporation
        Company:        Sysinternals - http://www.sysinternals.com
        Description:    Autostart program viewer
        Product:        Sysinternals autoruns
        Prod version:   13.80
        File version:   13.80
        MachineType:    32-bit
        Binary Version: 13.80.0.0
        Original Name:  autoruns.exe
        Internal Name:  Sysinternals Autoruns
        Copyright:      Copyright (C) 2002-2017 Mark Russinovich
        Comments:       n/a
        Entropy:        6.249
[/pre][/medium]

PS
On a more upbeat note, Autoruns v13.80 still runs happily under Win XP... :D

Re: Sysinternals AutoRuns

Posted: Wed Sep 13, 2017 6:26 pm
by webfork
__philippe wrote:SysInternals' website has endured some overhaul, recently,...for the worse, IMO
I don't get the sense that Windows generates nearly as much income as it once did for Microsoft, so tools that enable or improve the operating system are losing some of their luster at Redmond. This may be affecting their support tools at Technet (including SysInternals).

Re: Sysinternals AutoRuns

Posted: Wed Jul 08, 2020 10:27 am
by Special
Ever since the latest version it now "phones home" causing my firewall to popup asking if I should allow the connection, my settings haven't changed and I don't use any of the settings such as automatically submit to total virus or whatever...

Anyone else notice this behavior and know how to fix (stop it) from phone home on every launch?

Re: Sysinternals AutoRuns

Posted: Sun Jul 17, 2022 3:57 am
by Midas
:arrow: For some analysis of the impact on system Registry of Autoruns usage, check post at viewtopic.php?p=103573#p103573...