Sysinternals Homepage
Forum Home Forum Home > Sysinternals Utilities > Autoruns
  New Posts New Posts RSS Feed - Highlighted colors?
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Highlighted colors?

 Post Reply Post Reply Page  <12
Author
Message
redwolfe_98 View Drop Down
Newbie
Newbie


Joined: 24 June 2005
Location: SC, USA
Status: Offline
Points: 7
Post Options Post Options   Thanks (0) Thanks(0)   Quote redwolfe_98 Quote  Post ReplyReply Direct Link To This Post Posted: 27 January 2015 at 9:02am
i just ran "autoruns" and a "driver", "mbamchameleon.sys", is highlighted in pink.. i am wondering what that indicates..

there are some other drivers that are unsigned so i don't think it is simply indicating that the driver is unsigned..

the "mbamchameleon.sys" driver-file was created when i ran malwarebyte's "mbar" anti-rootkit program, just now.. maybe the pink highlight indicates that the file is new? less than 24 hours old?
Back to Top
LMiller7 View Drop Down
Moderator Group
Moderator Group


Joined: 27 May 2011
Status: Offline
Points: 358
Post Options Post Options   Thanks (0) Thanks(0)   Quote LMiller7 Quote  Post ReplyReply Direct Link To This Post Posted: 27 January 2015 at 3:13pm

An item in pink indicates the image is unsigned. It ha no other meaning.


Back to Top
Dax1792 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 15 March 2011
Status: Offline
Points: 902
Post Options Post Options   Thanks (0) Thanks(0)   Quote Dax1792 Quote  Post ReplyReply Direct Link To This Post Posted: 27 January 2015 at 6:30pm
From the Autoruns Help file:
 
If you select the Verify Signatures option, entries corresponding to unsigned images highlight in light red. If the Verify Signatures option is disabled, items that have a missing image or an image with no company name or description highlight in light red.
 
Missing images are now highlighted in yellow. Signed images for which verification fails, for example if the certificate has been revoked, are also highlighted in light red.
Back to Top
azdayton View Drop Down
Newbie
Newbie
Avatar

Joined: 05 December 2017
Location: Phoenix, AZ, US
Status: Offline
Points: 1
Post Options Post Options   Thanks (0) Thanks(0)   Quote azdayton Quote  Post ReplyReply Direct Link To This Post Posted: 05 December 2017 at 3:09pm
Purple are group headings, so that items from the same folder or registry key are grouped together.

You can double-click them to open that Key/Folder.

The icon on the left shows the type of group, ie. Folder or Registry Key.
Back to Top
 Post Reply Post Reply Page  <12
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 11.06
Copyright ©2001-2016 Web Wiz Ltd.