Sign in to follow this  
Followers 0
FuryCell

StartUpSentry

10 posts in this topic

#1 ·  Posted (edited)

This is a little program I made about 2 months ago. finally got around to posting it.

It monitors the GlobalRunKey,LocalRunKey,Local & Global Startup and Services(Only under 9x\Me. will make service blocking work on XP when the latest version of AutoIt comes out because I need dllstruct.) and when something changes it tell you what and allows you to allow or deny it and it has a <1% CPU usage.

Things I plan to add:

-A blacklist to automatically block items without notification and I whitelist to do the opposite.

-A tray icon (once latest beta becomes standard.)

It is useful for protecting yourself from spyware and other nuisances that try to make themselves startup with windows.

It helped me today by stopping QuickTime from making it self start with windows.

To use it just add it to your startup.

it also comes with some scripts to test it out in the test folder.

Any comments, criticism, or suggestions are welcome.

Enjoy.

Edit:Program removed. It can now be on the link on the post below under a different name.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

:( put up post and forgot to add zip file. Just attached it now.Realized it yesterday but could not fix it until today becuase i was have problems with my internet connection. :(

Sorry for the inconvenience.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

Sounds like you've created a very useful script here SolidSnake !

Nice work !

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Sounds like you've created a very useful script here SolidSnake !

Nice work !

<{POST_SNAPBACK}>

Thanks for the feedback.

P.S. Does anybody know of a good list of known spyware programs so when the blacklist is up and running i can block them by default?

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

gj... nice script i will be attempting to try it soon

Share this post


Link to post
Share on other sites

gj... nice script i will be attempting to try it soon

<{POST_SNAPBACK}>

Thanks for the feedback.

Please let me know if you find any bugs.


HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

"It monitors the GlobalRunKey,LocalRunKey,Local & Global Startup and Services(Only under 9x\Me."

I assume you mean it wont monitor startup folder's correctly on win 9x and me systems ?

Its working here on xp w/sp2. can you have it watch for any that are edited or deleted run keys and not just additions

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

RunServices

RunOnce

RunOnceEx

RunServicesOnce

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

RunServices

RunOnce

RunServicesOnce

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

BHO next ? :)

I suggest staying out of a blocklist

Edit: i think the name startup sentry is taken already.

You might take a look at regdefend. its a trial though.

Edited by LonnyRJones

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

"It monitors the GlobalRunKey,LocalRunKey,Local & Global Startup and Services(Only under 9x\Me."

I assume you mean it wont monitor startup folder's correctly on win 9x and me systems ?

Its working here on xp w/sp2.  can you have it watch for any that are edited or deleted run keys and not just additions

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

RunServices

RunOnce

RunOnceEx

RunServicesOnce

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

RunServices

RunOnce

RunServicesOnce

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

BHO next ? :evil:

I suggest staying out of a blocklist

Edit: i think the name startup sentry is taken already.

You might take a look at regdefend. its a trial though.

<{POST_SNAPBACK}>

It should monitor the startup folder corrently under 98 becuase it works fine under Windows ME.

About monitoring for removals and edits . That is a good idea. _ArrayDiff might come in handy for that. Also plan to guard RunServicesOnce and RunOnce like you said.

Also what is RunOnceEx?

Thanks for the reply.

-SolidSnake.

Edit: Just searched for StartUpSentry On DogPile.You are correct the name is already taken. I can't believe i have to change it. When I came up with the name I thought it was a good name.Can't believe it was already taken. Hope I don't get sued. :)

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

Hi

Runonceex is used sometimes used by ms and crapps to , its basicly a runonce but you can have a list of programs or funtions start one after the other

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx]

"Flags"=dword:00000008

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\000]

"runonce1"="\"C:\\sample1.txt\""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\001]

"runonce2"="\"C:\\sample2.txt\""

I think it works on all windows version

http://support.microsoft.com/default.aspx?...kb;en-us;232509

http://support.microsoft.com/default.aspx?...kb;en-us;310593

Edited by LonnyRJones

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0