Sign in to follow this  
Followers 0
ripdad

GetCommonStartups v3.07

75 posts in this topic

#1 ·  Posted (edited)

GetCommonStartups v3.00

Initial Release: September 17, 2012

Last Updated: July 29, 2014
Current Version: 3.07

What is it?
It had a very humble beginning with some minimal coding to display Run Keys and their values in the registry.

Since then, it has grown into a tool that I use to trouble-shoot computers.

Credits and Updates:

-Credits:

- trancexx for listview onhover snippet.
- GeoSoft for Regedit jump snippet.
- wraithdu for _IsJunction().
- and the many who contributed to Array.au3.

-Updates:

October 01, 2012 - v.3.01 - Various Code Improvements.

October 03, 2012 - v3.02 - Fixed a few problems with object errors in _WMI_InstancesOf().
1) If a device is not found (like a sound card), it will return a blank string when the "object count" is zero.
2) If a "property name" returns an error of "not found" at the "qualifier loop", then the function will continue without it.
Thanks goes to ricky03 for posting the errors and testing.

November 05, 2012 - v3.03 - Updated _WMI_GetATAPISmartData() with v1.00

December 09, 2012 - v3.04
* Upgraded _WMI_InstancesOf() to v1.00 -- Getting a "bit" more from WMI.
* Updated _WMI_GetATAPISmartData() with v1.01
* Moved _WMI_QuickFixEngineering() to it's own window.
* Fixed a crash issue with _Drivers_Services() when a PathName was blank. (Case: DisplayName -> SASKUTIL)
* Removed _WMI_MiniInstancesOf() and _WMI_ProcessItem(). The new version of _WMI_InstancesOf() replaced them.
* Added _WMI_GetErrorDescription() for when the Error Handler fails to give one.
* Added the ability to also run au3 scripts in _RunProgram().
* Updated various other functions. ie: Reg_Debuggers(), GetCommonstartups(), _ObjErrorHandler(), etc.

January 03, 2013 - v3.05 (not released)
Added: _Clean_ContentIE5 v0.2b

July 14, 2014 - v3.06

Modified to support Win8.0 and newer AutoIt versions (ie: 3.3.12.0).

* Removed _StartService() and modified GCS_TestWMI() to a simpler code.

July 29, 2014 - v3.07

Modified to support Win8.1

This script must be compiled 64Bit if used on a 64Bit OS.

Download Version 3.07

GetCommonStartups_v3.07.zip

Please let me know if you have any issues or complaints.

 

Edited by ripdad
2 people like this

"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

The list of startup entries is very complete and some people may be surprised of what they will found.

Thanks ripdad ! Posted Image

Edited by wakillon

AutoIt 3.3.14.2 X86 - SciTE 3.6.0WIN 8.1 X64 - Other Example Scripts

Share this post


Link to post
Share on other sites

Thanks wakillon

I have tested it on 4 machines without trouble. You guys let me know if any quirks or bugs you find, please.

I have also made a few updates.


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

You should create a gui ( as codestuff starter style )

with possibilities to check or uncheck entries, and if i abuse

with the functionality of startup monitor!

It could be a complete tool ! Posted Image

Edited by wakillon

AutoIt 3.3.14.2 X86 - SciTE 3.6.0WIN 8.1 X64 - Other Example Scripts

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

It reports to me that appinitdll might be infected, should I be worried?

EDIT:

Answer = I'm not much worried, since the dll file it referenced is part of my firewall and need to run at startup.

Edited by JohnOne

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

wakillon - I'll leave that in your capable hands <grin>. I have other plans for it.

I used Startup Monitor for several years. My clients would still click yes when

prompted, then ask me how they got infected?!

JohnOne - It's unusual for anything valid to start from AppInit_DLLs. Name of the firewall?


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

JohnOne - ok, thanks


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

G'day ripdDad

Great script and will come in VERY useful!

But, i've got another false positive for the Appint_dll warning

"BdGamingMonitor.dll"

It belongs to BullGuard antivirus package.

Thanks for takeing the time to share!

John Morrison

Share this post


Link to post
Share on other sites

As long as you guys know your dll is valid.

It's not a matter of a false positive.

The script just checks if anything is written to it. It's blank by default.

If you do a search for AppInit_DLLs, you'll come up with tons of pages about virus infections.

But .. I can see discernment will be needed. There is an option to turn the warning off, btw.


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

If you do a search for AppInit_DLLs, you'll come up with tons of pages about virus infections.

But .. I can see discernment will be needed. There is an option to turn the warning off, btw.

Hay don't get me wrong. :unsure:

The script is great and I can see a lot of uses for it.

I just wanted to let you know that "JohnOne" wasn't the only one that had a DLL in that area.

John (well TWO I guess) :>

Storm-E

Share this post


Link to post
Share on other sites

storme - nah, I didn't take it wrong. I appreciate your input.

This is where manual research is needed to make a determination if that dll is valid.

Not much I can do (on my end) from the scripts point of view. Thats all I was trying to say.

You can modify the script to allow your dll .. and then warn if that changes.

In addition, I would make an MD5 check on it.

By the way, the AppInit_DLLs entry works the same way as UserInit. Comma-separated entries.


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

JohnOne - Thanks, I'll give it some thought.


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

Just noticed since I use another language-version... autostart-folders are not named the same.

You should use: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"

...and the value of: "Common Startup"

It looks like this for me: "%ALLUSERSPROFILE%\Start-meny\Program\Autostart"

Dunno if that is true of Vista/Win7. (Most likely.)

And btw, great work!

/Manko [EDIT: Provide value of key, so you don't have to look...]

Edited by Manko

Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...

Share this post


Link to post
Share on other sites

#17 ·  Posted (edited)

Manko - Thanks, first post updated.

I have to add another section of code for Win7.

In XP, the value is: %ALLUSERSPROFILE%\Start Menu\Programs\Startup

In Win7: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

I don't have time right now. I'll work on it later tonight.

Edited by ripdad

"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

Manko - Thanks, first post updated.

I have to add another section of code for Win7.

In XP, the value is: %ALLUSERSPROFILE%\Start Menu\Programs\Startup

In Win7: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

I don't have time right now. I'll work on it later tonight.

Alright! It works much better... Thanks.

http://forum.autoitbrasil.com/ (AutoIt v3 Brazil!!!)

Somewhere Out ThereJames Ingram

somewh10.png

dropbo10.pngDownload Dropbox - Simplify your life!
Your virtual HD wherever you go, anywhere!

Share this post


Link to post
Share on other sites

First Post Updated

Let me know if any issues - thanks


"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post


Link to post
Share on other sites

AppInit_DLLs-->wbsys.dll

Now, It detect well WindowBlinds dll at startup

Thanks ! Posted Image


AutoIt 3.3.14.2 X86 - SciTE 3.6.0WIN 8.1 X64 - Other Example Scripts

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0