Startup: The usual "Run*" registry locations, the "Startup" program groups, win.ini and system.ini files,
Windows Services, the Windows Task Scheduler, and a number of even more obscure registry
Internet Explorer: Watches for changes to the browser's home page, search sites, etc.
Watches for new Browser Helper Objects, Toolbars, toolbar Buttons and Tools menus.
If IE is set to hide "Internet Options" from the Tools menu or Control Panel; or if it is set
so you can't change the home page. If IE is changed
so all websites are set to be "Trusted" and given total access to your computer!
If any different text is set to be added to the beginning of a URL when you don't include the "http://" part
(someone could have it add "http://evil.com/goto?" and watch or change everything you do!)
Changes to the window title and logo for Internet Explorer.
Changes to the "about:" protocol settings and locations. And more.
Internet Connection: Watches for changes to your DNS (Domain Name Servers). Looks for changes to
your Proxy settings or changes to "Automatic Configuration from a server". Changes to the phone
numbers used by Dial-Up Networking entries.
Suspicious: Watches for changes to the info where Windows stores the location for "My Computer", etc.
Some Windows Update settings so it isn't disabled or pointed to a different address.
Running various "program" files (.BAT, .EXE, etc.) does run the file directly and doesn't
let something else sneak in the middle. Checks if the Windows registry editor have been disabled, or
if you have been set with any programs that will be denied the ability to run.
For nearly all of these protected settings, Geek Superhero is able to tell windows
"notify me when this changes". So it isn't constantly scanning things...only when it
gets one of the messages from Windows.
There are a few items that Windows doesn't notify about changes, and
just in case some Scoundrel gets Windows to skip the messages, Geek Superhero also
will check things every hour (as well as when it first starts to run)