{"id":442793,"date":"2025-03-27T14:18:35","date_gmt":"2025-03-27T14:18:35","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&#038;p=442793"},"modified":"2025-03-31T13:59:35","modified_gmt":"2025-03-31T13:59:35","slug":"powershell-skript-zur-pruefung-von-autorunsc","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/de\/script-hub\/powershell-skript-zur-pruefung-von-autorunsc\/","title":{"rendered":"Systemstart-Sicherheit meistern: PowerShell-Skript-Guide zur Pr\u00fcfung von Autorunsc"},"content":{"rendered":"<h2>Die wichtigsten Erkenntnisse<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Umfassende Pr\u00fcfung<\/strong>: Das Skript pr\u00fcft Startobjekte gr\u00fcndlich und erh\u00f6ht dadurch die Sicherheit und Leistung des Systems.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><strong>Automatisierung und Effizienz<\/strong>: Automatisiert den Prozess des Herunterladens und Ausf\u00fchrens von Autorunsc und spart so Zeit im Vergleich zu manuellen Methoden.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><strong>Anpassbare Parameter<\/strong>: Bietet die Flexibilit\u00e4t, bestimmte Autorun-Elemente wie Dienste, geplante Aufgaben oder Startanwendungen zu konfigurieren.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><strong>Effiziente Berichterstattung<\/strong>: Gibt die Ergebnisse in ein Aktivit\u00e4tsprotokoll und optional in ein benutzerdefiniertes Feld zur einfachen Dokumentation und \u00dcberpr\u00fcfung aus.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><strong>Notwendigkeit von Administratorrechten<\/strong>: F\u00fcr den vollen Funktionsumfang sind Administratorrechte erforderlich, insbesondere f\u00fcr das Schreiben in benutzerdefinierte Felder.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"6\" data-aria-level=\"1\"><strong>Kompatibilit\u00e4t<\/strong>: Entwickelt f\u00fcr Windows 10, Server 2012 und h\u00f6her, was eine breite Anwendbarkeit in modernen IT-Umgebungen gew\u00e4hrleistet.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"7\" data-aria-level=\"1\"><strong>Identifizierung von Malware<\/strong>: Hilft bei der Identifizierung verd\u00e4chtiger Autorun-Elemente, was ein wichtiger Schritt bei der Erkennung und Verhinderung von Malware ist.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"8\" data-aria-level=\"1\"><strong>Regelm\u00e4\u00dfige Pr\u00fcfungen werden empfohlen<\/strong>: Es wird empfohlen, das Skript regelm\u00e4\u00dfig zu verwenden, um die Systemintegrit\u00e4t und -sicherheit aufrechtzuerhalten.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"9\" data-aria-level=\"1\"><strong>Sorgf\u00e4ltige Analyse der Ergebnisse<\/strong>: Betont die Notwendigkeit einer sorgf\u00e4ltigen \u00dcberpr\u00fcfung der Pr\u00fcfungsergebnisse, um falsch positive Ergebnisse zu vermeiden und die Zuverl\u00e4ssigkeit des Systems zu gew\u00e4hrleisten.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"10\" data-aria-level=\"1\"><strong>Integration mit IT-Management-Tools<\/strong>: Beweist, wie die Integration mit Tools wie NinjaOne die IT-Verwaltung und Sicherheitsstrategien verbessern kann.<\/li>\n<\/ul>\n<p>F\u00fcr IT-Expert:innen und <a href=\"https:\/\/www.ninjaone.com\/de\/was-ist-ein-msp\/\">Managed Service Provider (MSPs)<\/a> ist es entscheidend, die Feinheiten von IT-Systemen zu verstehen, insbesondere im Bereich der Sicherheit und des Systemstart-Managements. Die effiziente \u00dcberpr\u00fcfung und Verwaltung von Autorun-Elementen ist ein wesentlicher Bestandteil der Aufrechterhaltung der Systemintegrit\u00e4t und -sicherheit. In diesem Blogbeitrag wird ein PowerShell-Skript vorgestellt, das Autorunsc, ein Sysinternals-Tool, zur Durchf\u00fchrung umfassender Systemstart-Pr\u00fcfungen verwendet.<\/p>\n<h2>Kontext<\/h2>\n<p>Das thematisierte Skript dient dazu, Autorunsc mit verschiedenen benutzerdefinierten Parametern auszuf\u00fchren und die Ergebnisse in ein Aktivit\u00e4tsprotokoll und m\u00f6glicherweise in ein benutzerdefiniertes Feld auszugeben. Autorunsc ist ein renommiertes Tool von Sysinternals, das Mark Russinovich entwickelt hat. Es bietet einen detaillierten Einblick in alle Programme und Skripte, die so konfiguriert sind, dass sie w\u00e4hrend des Systemstarts oder der Benutzeranmeldung ausgef\u00fchrt werden.<\/p>\n<p>F\u00fcr IT-Expert:innen und MSPs ist dieses Skript ein wichtiges Asset, da es ihnen erm\u00f6glicht, potenziell sch\u00e4dliche oder unn\u00f6tige Startobjekte schnell zu identifizieren und so die Systemleistung und Sicherheit zu verbessern.<\/p>\n<h2>Das Skript zur Pr\u00fcfung von Autorunsc<\/h2>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"powershell\">#Requires -Version 4\r\n\r\n&lt;#\r\n.SYNOPSIS\r\n    Runs Autorunsc with your selected options and outputs the results to the activity log and optionally a WYSIWYG custom field. Please note that there is a limit to the number of results that can be set in Custom Fields or viewed in the Activity Log.\r\n.DESCRIPTION\r\n    Runs Autorunsc with your selected options and outputs the results to the activity log and optionally a WYSIWYG custom field. Please note that there is a limit to the number of results that can be set in Custom Fields or viewed in the Activity Log.\r\n.EXAMPLE\r\n    (No Parameters)\r\n    URL Given, Downloading the file...\r\n    Download Attempt 1\r\n    HKCU:\\SOFTWARE\\Sysinternals\\AutoRuns\\EulaAccepted changed from 1 to 1\r\n\r\n    Sysinternals Autoruns v14.10 - Autostart program viewer\r\n    Copyright (C) 2002-2023 Mark Russinovich\r\n    Sysinternals - www.sysinternals.com\r\n\r\n    WARNING: Script must be elevated in order to write to custom field.\r\n    \r\n    Entry          : C:\\Windows\\system32\\userinit.exe\r\n    Entry Location : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Userinit\r\n    Image Path     : c:\\windows\\system32\\userinit.exe\r\n    Signer         : (Verified) Microsoft Windows\r\n    MD5            : 9C4C281156040CF01EA35D759092F540\r\n\r\n    Entry          : cmd.exe\r\n    Entry Location : HKLM\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\AlternateShell\r\n    Image Path     : c:\\windows\\system32\\cmd.exe\r\n    Signer         : (Verified) Microsoft Windows\r\n    MD5            : 8A2122E8162DBEF04694B9C3E0B6CDEE\r\n\r\nPARAMETER: -CustomField \"ReplaceWithAMultilineCustomField\"\r\n    The name of the multiline custom field you would like to save the results to.\r\n\r\nPARAMETER: -Startup\r\n    Applications or scripts configured to run automatically after a user logs into their account. This is the default option for Autoruns. \r\n    E.g. Applications in the 'Startup' folder.\r\n\r\nPARAMETER: -Boot\r\n    Programs or commands that are set to execute during the system's boot-up sequence before a user logs in.\r\n\r\nPARAMETER: -WinLogon\r\n    Items that are configured to run during the Windows logon process. Often these items are critical to the logon UI.\r\n\r\nPARAMETER: -AppInit\r\n    DLLs that are automatically loaded by every process that calls the User32.dll file (anything with a GUI).\r\n\r\nPARAMETER: -Explorer\r\n    Plugins or extensions that integrate into the Windows Explorer shell.\r\n\r\nPARAMETER: -Sidebar\r\n    Mini applications or gadgets that load into the desktop sidebar in earlier versions of Windows (introduced in Windows Vista).\r\n\r\nPARAMETER: -ImageHijacks\r\n    Registry modifications that redirect the execution of specific executable files to a different program.\r\n\r\nPARAMETER: -IEAddons\r\n    Browser extensions or toolbars that Internet Explorer will load automatically when it starts.\r\n\r\nPARAMETER: -KnownDLLs\r\n    Crucial system DLLs that Windows will load into memory at startup.\r\n\r\nPARAMETER: -WMIentries\r\n    Entries related to WMI scripts or providers that are set to execute automatically.\r\n\r\nPARAMETER: -WinSockProtocols\r\n    Modules or services meant to load up with the Windows network stack.\r\n\r\nPARAMETER: -Codecs\r\n    Software components meant to be used for encoding or decoding digital media streams (often set to run at system startup).\r\n\r\nPARAMETER: -PrinterMonitor\r\n    DLL's associated with printer drivers.\r\n\r\nPARAMETER: -LSAProviders\r\n    Plugins that integrate with the Local Security Authority subsystem.\r\n\r\nPARAMETER: -Services\r\n    Windows Services set to start Automatically.\r\n\r\nPARAMETER: -ScheduledTasks\r\n    These are tasks set in Task Scheduler to do something automatically at a specified interval.\r\n\r\nPARAMETER: -HideMicrosoftEntries\r\n    Hides Signed Microsoft Entries from the results.\r\n\r\nPARAMETER: -DestinationFolder\r\n    By default this script downloads autorunsc to the temp folder.\r\n\r\nPARAMETER: -DownloadUrl\r\n    URL to download Autoruns from.\r\n\r\nPARAMETER: -SkipSleep\r\n    Skips sleeping prior to downloading autorunsc.\r\n.OUTPUTS\r\n    None\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 10, Server 2012\r\n    Release Notes: Initial Release\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n#&gt;\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [String]$CustomField,\r\n    [Parameter()]\r\n    [Switch]$Startup = [System.Convert]::ToBoolean($env:checkLogonStartupEntries),\r\n    [Parameter()]\r\n    [Switch]$Boot = [System.Convert]::ToBoolean($env:checkBootEntries),\r\n    [Parameter()]\r\n    [Switch]$WinLogon = [System.Convert]::ToBoolean($env:checkWinlogonEntries),\r\n    [Parameter()]\r\n    [Switch]$AppInit = [System.Convert]::ToBoolean($env:checkAppinitEntries),\r\n    [Parameter()]\r\n    [Switch]$Explorer = [System.Convert]::ToBoolean($env:checkExplorerAddons),\r\n    [Parameter()]\r\n    [Switch]$Sidebar = [System.Convert]::ToBoolean($env:checkSidebarGadgets),\r\n    [Parameter()]\r\n    [Switch]$ImageHijacks = [System.Convert]::ToBoolean($env:checkImageHijacks),\r\n    [Parameter()]\r\n    [Switch]$IEAddons = [System.Convert]::ToBoolean($env:checkInternetExplorerAddons),\r\n    [Parameter()]\r\n    [Switch]$KnownDLLs = [System.Convert]::ToBoolean($env:checkKnownDlls),\r\n    [Parameter()]\r\n    [Switch]$WMIentries = [System.Convert]::ToBoolean($env:checkWmiEntries),\r\n    [Parameter()]\r\n    [Switch]$WinSockProtocols = [System.Convert]::ToBoolean($env:checkWinsockProtocol),\r\n    [Parameter()]\r\n    [Switch]$Codecs = [System.Convert]::ToBoolean($env:checkCodecs),\r\n    [Parameter()]\r\n    [Switch]$PrinterMonitor = [System.Convert]::ToBoolean($env:checkPrinterMonitorDlls),\r\n    [Parameter()]\r\n    [Switch]$LSAProviders = [System.Convert]::ToBoolean($env:checkLsaSecurityProviders),\r\n    [Parameter()]\r\n    [Switch]$Services = [System.Convert]::ToBoolean($env:checkAutostartServices),\r\n    [Parameter()]\r\n    [Switch]$ScheduledTasks = [System.Convert]::ToBoolean($env:checkScheduledTasks),\r\n    [Parameter()]\r\n    [Switch]$HideMicrosoftEntries = [System.Convert]::ToBoolean($env:hideMicrosoftEntries),\r\n    [Parameter()]\r\n    [String]$DestinationFolder = \"$env:Temp\",\r\n    [Parameter()]\r\n    [String]$DownloadUrl = \"https:\/\/download.sysinternals.com\/files\/Autoruns.zip\",\r\n    [Parameter()]\r\n    [Switch]$SkipSleep = [System.Convert]::ToBoolean($env:skipSleep)\r\n)\r\n\r\nbegin {\r\n\r\n    # If Script Forms are used replace the parameters\r\n    if ($env:destinationFolder -and $env:DestinationFolder -notlike \"null\") { $DestinationFolder = $env:destinationFolder }\r\n    if ($env:downloadUrl -and $env:downloadUrl -notlike \"null\") { $DownloadUrl = $env:downloadUrl }\r\n    if ($env:customFieldName -and $env:customFieldName -notlike \"null\") { $CustomField = $env:customFieldName }\r\n\r\n    if ($PSVersionTable.PSVersion.Major -lt 5) {\r\n        function Expand-Archive {\r\n            [CmdletBinding()]\r\n            param(\r\n                [Parameter()]\r\n                [String]$Path,\r\n                [Parameter()]\r\n                [String]$DestinationPath,\r\n                [Parameter()]\r\n                [Switch]$Force\r\n            )\r\n            begin {\r\n                Add-Type -assembly \"System.IO.Compression.FileSystem\"\r\n            }\r\n            process {\r\n                if ($Force -and (Test-Path $DestinationPath)) {\r\n                    $ZipFile = [System.IO.Compression.ZipFile]::OpenRead($Path)\r\n\r\n                    $ZipFile.Entries | ForEach-Object {\r\n                        $Destination = [System.IO.Path]::Combine($DestinationPath, $_.FullName)\r\n                        $DestinationDir = [System.IO.Path]::GetDirectoryName($Destination)\r\n                        if (-not (Test-Path $DestinationDir)) {\r\n                            New-Item -ItemType Directory -Path $DestinationDir -Force\r\n                        }\r\n                        [System.IO.Compression.ZipFileExtensions]::ExtractToFile($_, $Destination, $True)\r\n                    }\r\n                    $ZipFile.Dispose()\r\n                }\r\n                else {\r\n                    [System.IO.Compression.ZipFile]::ExtractToDirectory($Path, $DestinationPath)\r\n                }\r\n            }\r\n        }\r\n    }\r\n\r\n    # Handy download function\r\n    function Invoke-Download {\r\n        param(\r\n            [Parameter()]\r\n            [String]$URL,\r\n            [Parameter()]\r\n            [String]$Path,\r\n            [Parameter()]\r\n            [Switch]$SkipSleep\r\n        )\r\n\r\n        Write-Host \"URL Given, Downloading the file...\"\r\n\r\n        $SupportedTLSversions = [enum]::GetValues('Net.SecurityProtocolType')\r\n        if ( ($SupportedTLSversions -contains 'Tls13') -and ($SupportedTLSversions -contains 'Tls12') ) {\r\n            [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol::Tls13 -bor [System.Net.SecurityProtocolType]::Tls12\r\n        }\r\n        elseif ( $SupportedTLSversions -contains 'Tls12' ) {\r\n            [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12\r\n        }\r\n        else {\r\n            # Not everything requires TLS 1.2, but we'll try anyways.\r\n            Write-Warning \"TLS 1.2 and or TLS 1.3 isn't supported on this system. This download may fail!\"\r\n            if ($PSVersionTable.PSVersion.Major -lt 3) {\r\n                Write-Warning \"PowerShell 2 \/ .NET 2.0 doesn't support TLS 1.2.\"\r\n            }\r\n        }\r\n\r\n        $i = 1\r\n        While ($i -lt 4) {\r\n            if (-not ($SkipSleep)) {\r\n                $SleepTime = Get-Random -Minimum 3 -Maximum 60\r\n                Start-Sleep -Seconds $SleepTime\r\n            }\r\n\r\n            Write-Host \"Download Attempt $i\"\r\n\r\n            try {\r\n                $WebClient = New-Object System.Net.WebClient\r\n                $WebClient.DownloadFile($URL, $Path)\r\n            }\r\n            catch {\r\n                Write-Warning \"An error has occurred while downloading!\"\r\n            }\r\n\r\n            $File = Test-Path -Path $Path -ErrorAction SilentlyContinue\r\n            if ($File) {\r\n                $i = 4\r\n            }\r\n            else {\r\n                $i++\r\n            }\r\n        }\r\n\r\n        if (-not $File) { \r\n            Write-Error -Message \"File failed to download!\" -Category DeviceError -Exception (New-Object System.Exception)\r\n            Exit 1 \r\n        }\r\n    }\r\n\r\n    # Need to set Regkey to accept EULA\r\n    function Set-RegKey {\r\n        param (\r\n            $Path,\r\n            $Name,\r\n            $Value,\r\n            [ValidateSet(\"DWord\", \"QWord\", \"String\", \"ExpandedString\", \"Binary\", \"MultiString\", \"Unknown\")]\r\n            $PropertyType = \"DWord\"\r\n        )\r\n        if (-not $(Test-Path -Path $Path)) {\r\n            # Check if path does not exist and create the path\r\n            New-Item -Path $Path -Force | Out-Null\r\n        }\r\n        if ((Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue)) {\r\n            # Update property and print out what it was changed from and changed to\r\n            $CurrentValue = (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name\r\n            try {\r\n                Set-ItemProperty -Path $Path -Name $Name -Value $Value -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n            }\r\n            catch {\r\n                Write-Error -Message \"[Error] Unable to Set registry key for $Name please see below error!\" -Category DeviceError -Exception (New-Object System.Exception)\r\n                Write-Error $_\r\n                exit 1\r\n            }\r\n            Write-Host \"$Path\\$Name changed from $CurrentValue to $($(Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n        }\r\n        else {\r\n            # Create property with value\r\n            try {\r\n                New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n            }\r\n            catch {\r\n                Write-Error -Message \"[Error] Unable to Set registry key for $Name please see below error!\" -Category DeviceError -Exception (New-Object System.Exception)\r\n                Write-Error $_\r\n                exit 1\r\n            }\r\n            Write-Host \"Set $Path\\$Name to $($(Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n        }\r\n    }\r\n\r\n    function Set-NinjaProperty {\r\n        [CmdletBinding()]\r\n        Param(\r\n            [Parameter(Mandatory = $True)]\r\n            [String]$Name,\r\n            [Parameter()]\r\n            [String]$Type,\r\n            [Parameter(Mandatory = $True, ValueFromPipeline = $True)]\r\n            $Value,\r\n            [Parameter()]\r\n            [String]$DocumentName\r\n        )\r\n\r\n        $Characters = $Value | Measure-Object -Character | Select-Object -ExpandProperty Characters\r\n        if($Characters -ge 10000){\r\n            throw [System.ArgumentOutOfRangeException]::New(\"Character limit exceeded, value is greater than 10,000 characters.\")\r\n        }\r\n    \r\n        # If we're requested to set the field value for a Ninja document we'll specify it here.\r\n        $DocumentationParams = @{}\r\n        if ($DocumentName) { $DocumentationParams[\"DocumentName\"] = $DocumentName }\r\n    \r\n        # This is a list of valid fields that can be set. If no type is given, it will be assumed that the input doesn't need to be changed.\r\n        $ValidFields = \"Attachment\", \"Checkbox\", \"Date\", \"Date or Date Time\", \"Decimal\", \"Dropdown\", \"Email\", \"Integer\", \"IP Address\", \"MultiLine\", \"MultiSelect\", \"Phone\", \"Secure\", \"Text\", \"Time\", \"URL\", \"WYSIWYG\"\r\n        if ($Type -and $ValidFields -notcontains $Type) { Write-Warning \"$Type is an invalid type! Please check here for valid types. https:\/\/ninjarmm.zendesk.com\/hc\/en-us\/articles\/16973443979789-Command-Line-Interface-CLI-Supported-Fields-and-Functionality\" }\r\n    \r\n        # The field below requires additional information to be set\r\n        $NeedsOptions = \"Dropdown\"\r\n        if ($DocumentName) {\r\n            if ($NeedsOptions -contains $Type) {\r\n                # We'll redirect the error output to the success stream to make it easier to error out if nothing was found or something else went wrong.\r\n                $NinjaPropertyOptions = Ninja-Property-Docs-Options -AttributeName $Name @DocumentationParams 2&gt;&amp;1\r\n            }\r\n        }\r\n        else {\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Options -Name $Name 2&gt;&amp;1\r\n            }\r\n        }\r\n    \r\n        # If an error is received it will have an exception property, the function will exit with that error information.\r\n        if ($NinjaPropertyOptions.Exception) { throw $NinjaPropertyOptions }\r\n    \r\n        # The below type's require values not typically given in order to be set. The below code will convert whatever we're given into a format ninjarmm-cli supports.\r\n        switch ($Type) {\r\n            \"Checkbox\" {\r\n                # While it's highly likely we were given a value like \"True\" or a boolean datatype it's better to be safe than sorry.\r\n                $NinjaValue = [System.Convert]::ToBoolean($Value)\r\n            }\r\n            \"Date or Date Time\" {\r\n                # Ninjarmm-cli expects the GUID of the option to be selected. Therefore, the given value will be matched with a GUID.\r\n                $Date = (Get-Date $Value).ToUniversalTime()\r\n                $TimeSpan = New-TimeSpan (Get-Date \"1970-01-01 00:00:00\") $Date\r\n                $NinjaValue = $TimeSpan.TotalSeconds\r\n            }\r\n            \"Dropdown\" {\r\n                # Ninjarmm-cli is expecting the guid of the option we're trying to select. So we'll match up the value we were given with a guid.\r\n                $Options = $NinjaPropertyOptions -replace '=', ',' | ConvertFrom-Csv -Header \"GUID\", \"Name\"\r\n                $Selection = $Options | Where-Object { $_.Name -eq $Value } | Select-Object -ExpandProperty GUID\r\n    \r\n                if (-not $Selection) {\r\n                    throw [System.ArgumentOutOfRangeException]::New(\"Value is not present in dropdown\")\r\n                }\r\n    \r\n                $NinjaValue = $Selection\r\n            }\r\n            default {\r\n                # All the other types shouldn't require additional work on the input.\r\n                $NinjaValue = $Value\r\n            }\r\n        }\r\n    \r\n        # We'll need to set the field differently depending on if its a field in a Ninja Document or not.\r\n        if ($DocumentName) {\r\n            $CustomField = Ninja-Property-Docs-Set -AttributeName $Name -AttributeValue $NinjaValue @DocumentationParams 2&gt;&amp;1\r\n        }\r\n        else {\r\n            $CustomField = Ninja-Property-Set -Name $Name -Value $NinjaValue 2&gt;&amp;1\r\n        }\r\n    \r\n        if ($CustomField.Exception) {\r\n            throw $CustomField\r\n        }\r\n    }\r\n\r\n    # Test for elevation\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n\r\n    $ExitCode = 0\r\n}\r\nprocess {\r\n\r\n    # Take the script parameters and translate them into Autoruns options.\r\n    if ($Startup) { $AutorunOptions = \"l\" }\r\n    if ($Boot) { $AutorunOptions = \"$($AutorunOptions)b\" }\r\n    if ($Winlogon) { $AutorunOptions = \"$($AutorunOptions)w\" }\r\n    if ($AppInit) { $AutorunOptions = \"$($AutorunOptions)d\" }\r\n    if ($Explorer) { $AutorunOptions = \"$($AutorunOptions)e\" }\r\n    if ($Sidebar) { $AutorunOptions = \"$($AutorunOptions)g\" }\r\n    if ($ImageHijacks) { $AutorunOptions = \"$($AutorunOptions)h\" }\r\n    if ($IEAddons) { $AutorunOptions = \"$($AutorunOptions)i\" }\r\n    if ($KnownDLLs) { $AutorunOptions = \"$($AutorunOptions)k\" }\r\n    if ($WMIentries) { $AutorunOptions = \"$($AutorunOptions)m\" }\r\n    if ($WinSockProtocols) { $AutorunOptions = \"$($AutorunOptions)n\" }\r\n    if ($Codecs) { $AutorunOptions = \"$($AutorunOptions)o\" }\r\n    if ($PrinterMonitor) { $AutorunOptions = \"$($AutorunOptions)p\" }\r\n    if ($LSAProviders) { $AutorunOptions = \"$($AutorunOptions)r\" }\r\n    if ($Services) { $AutorunOptions = \"$($AutorunOptions)s\" }\r\n    if ($ScheduledTasks) { $AutorunOptions = \"$($AutorunOptions)t\" }\r\n\r\n    if (-not $AutorunOptions){\r\n        Write-Error -Message \"No Autoruns options selected. Please at least select one option to search for autostart entries.\" -Category InvalidArgument -Exception (New-Object System.ArgumentNullException)\r\n        exit 1\r\n    }\r\n\r\n    # Download the file and unzip its contents\r\n    $DownloadArguments = @{\r\n        URL  = $DownloadUrl\r\n        Path = \"$DestinationFolder\\Autoruns.zip\"\r\n    }\r\n    if ($SkipSleep) { $DownloadArguments[\"SkipSleep\"] = $true }\r\n\r\n    # Download and unzip\r\n    Invoke-Download @DownloadArguments\r\n    Expand-Archive -Path \"$DestinationFolder\\Autoruns.zip\" -DestinationPath \"$DestinationFolder\\Autoruns\" -Force\r\n\r\n    if (-not (Test-Path \"$DestinationFolder\\Autoruns\\autorunsc64.exe\" -ErrorAction SilentlyContinue)) {\r\n        Write-Error -Message \"Failed to unzip Autoruns\" -Category DeviceError -Exception (New-Object System.Exception)\r\n        exit 1\r\n    }\r\n\r\n    # Now that we have the options create an argument list using those options\r\n    $ArgumentList = New-Object System.Collections.Generic.List[string]\r\n    $ArgumentList.Add(\"-a $AutorunOptions\")\r\n    $ArgumentList.Add(\"-h\")\r\n    $ArgumentList.Add(\"-c\")\r\n    $ArgumentList.Add(\"-s\")\r\n    if ($HideMicrosoftEntries) { $ArgumentList.Add(\"-m\") }\r\n\r\n    # Accept EULA\r\n    Set-RegKey -Path \"HKCU:\\SOFTWARE\\Sysinternals\\AutoRuns\" -Name \"EulaAccepted\" -Value 1\r\n\r\n    # Run autoruns and store the results as a csv and then import the results into powershell\r\n    Start-Process \"$DestinationFolder\\Autoruns\\autorunsc64.exe\" -ArgumentList $ArgumentList -NoNewWindow -RedirectStandardOutput \"$DestinationFolder\\Autoruns\\autorunsc.csv\" -Wait\r\n    $AutorunResults = Import-Csv \"$DestinationFolder\\Autoruns\\autorunsc.csv\" | Where-Object { $_.Entry } | Sort-Object Entry | Select-Object Entry, \"Entry Location\", \"Image Path\", Signer, MD5\r\n\r\n    if (-not ($AutorunResults)) {\r\n        Write-Error -Message \"No startup entries found. Is Autorunsc being blocked?\" -Category InvalidResult -Exception (New-Object System.ApplicationException)\r\n        $ExitCode = 1\r\n    }\r\n\r\n    # Set the custom field with the Autoruns results.\r\n    if ($CustomField) {\r\n        if ($PSVersionTable.PSVersion.Major -lt 3) {\r\n            Write-Warning \"Ninjarmm-cli does not support setting custom fields using PowerShell 2.0\"\r\n            $ExitCode = 1\r\n        }\r\n        \r\n        if ( -not (Test-IsElevated)) {\r\n            Write-Warning \"Script must be elevated in order to write to custom field.\"\r\n            $ExitCode = 1\r\n        }\r\n\r\n        try {\r\n            Write-Host \"Attempting to set Custom Field '$CustomField'.\"\r\n            $htmlTable = $AutorunResults | ConvertTo-HTML -Fragment\r\n            Set-NinjaProperty -Name $CustomField -Value $htmlTable\r\n            Write-Host \"Successfully set Custom Field '$CustomField'!\"\r\n        }\r\n        catch {\r\n            $_\r\n            $ExitCode = 1\r\n        }\r\n    }\r\n\r\n    # Clean up our leftover files.\r\n    Remove-Item \"$DestinationFolder\\Autoruns\" -Recurse -Force\r\n    Remove-Item \"$DestinationFolder\\Autoruns.zip\" -Force\r\n\r\n    # Output results into activity log. Using Format-List due to size of table.\r\n    $AutorunResults | Sort-Object Entry | Format-List\r\n\r\n    exit $ExitCode\r\n}\r\nend {\r\n    \r\n    \r\n    \r\n}<\/pre>\n<p>&nbsp;<\/p>\n\n<div class=\"in-context-cta\"><p style=\"text-align: center;\">Greifen Sie auf \u00fcber 300 Skripte im NinjaOne Dojo zu.<\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/www.ninjaone.com\/freetrialform\/\">Zugang erhalten<\/a><\/p>\n<\/div>\n<h2>Detaillierte Aufschl\u00fcsselung<\/h2>\n<p>Das Skript beginnt mit der Einrichtung von Parametern, die es Benutzer:innen erm\u00f6glichen, verschiedene zu \u00fcberpr\u00fcfende Autorun-Eintr\u00e4ge anzugeben, zum Beispiel Startanwendungen, ausf\u00fchrbare Boot-Dateien und geplante Aufgaben. Es l\u00e4dt das Autorunsc-Tool herunter, f\u00fchrt es mit den gew\u00e4hlten Parametern aus und sammelt die Ausgabe.<\/p>\n<p><em>Die wichtigsten Schritte des Skripts:<\/em><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Initialisierung der Parameter:<\/strong> Anwender:innen k\u00f6nnen die Art der zu pr\u00fcfenden Autorun-Elemente ausw\u00e4hlen, wie etwa Startobjekte, geplante Aufgaben oder Dienste.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><strong>Herunterladen von Autorunsc:<\/strong> Das Skript l\u00e4dt automatisch Autorunsc von Sysinternals herunter.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><strong>Ausf\u00fchrung und Handhabung der Ausgabe:<\/strong> Autorunsc wird mit den angegebenen Parametern ausgef\u00fchrt, und die Ausgabe wird in ein lesbares Format formatiert.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><strong>Schreiben in ein benutzerdefiniertes Feld:<\/strong> Optional lassen sich die Ergebnisse in einem benutzerdefinierten Feld speichern, sofern das Skript mit erh\u00f6hten Rechten ausgef\u00fchrt wird.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><strong>Bereinigung:<\/strong> Nach der Ausf\u00fchrung bereinigt das Skript die heruntergeladenen und tempor\u00e4r erzeugten Dateien.<\/li>\n<\/ul>\n<h2>M\u00f6gliche Anwendungsf\u00e4lle<\/h2>\n<p>Stellen Sie sich vor, ein IT-Experte hat den Verdacht, dass in den Systemen seines Unternehmens beim Start nicht autorisierte oder sch\u00e4dliche Software ausgef\u00fchrt wird. Wenn er dieses Skript ausf\u00fchrt, kann er schnell alle Startobjekte \u00fcberpr\u00fcfen und unerw\u00fcnschte oder verd\u00e4chtige Anwendungen identifizieren, was die Sicherheit und Leistung des Systems erh\u00f6ht.<\/p>\n<h2>Vergleiche<\/h2>\n<p>Herk\u00f6mmliche Methoden zur \u00dcberpr\u00fcfung von Startobjekten beinhalten oft die manuelle \u00dcberpr\u00fcfung verschiedener Systemorte oder die Verwendung separater Tools f\u00fcr verschiedene Starttypen. Dieses Skript vereinfacht und konsolidiert den Prozess, indem es ein einziges Tool (Autorunsc) in Anspruch nimmt, um eine umfassende Reihe von Autorun-Elementen zu \u00fcberpr\u00fcfen. Im Vergleich zu manuellen Methoden spart dieses Skript Zeit und verringert die Wahrscheinlichkeit, dass kritische Autorun-Elemente \u00fcbersehen werden.<\/p>\n<h2>FAQs<\/h2>\n<p>Q1: Ist dieses Skript f\u00fcr alle Windows-Versionen geeignet?<br \/>\nA1: Das Skript ist f\u00fcr Windows 10, Server 2012 und h\u00f6her konzipiert.<\/p>\n<p>Q2: Ben\u00f6tige ich Administratorrechte, um dieses Skript auszuf\u00fchren?<br \/>\nA2: Ja, f\u00fcr bestimmte Vorg\u00e4nge, wie das Schreiben in ein benutzerdefiniertes Feld, sind Administratorrechte erforderlich.<\/p>\n<p>Q3: Kann dieses Skript Malware erkennen?<br \/>\nA3: Es kann zwar nicht autorisierte oder unbekannte Startobjekte identifizieren, doch ist eine weitere Analyse erforderlich, um festzustellen, ob es sich um Malware handelt.<\/p>\n<h2>Folgen<\/h2>\n<p>Die Verwendung dieses Skripts bei der \u00dcberpr\u00fcfung von Startobjekten ist f\u00fcr die IT-Sicherheit bedeutend. Die Identifizierung und Verwaltung von Autorun-Elementen kann die Ausf\u00fchrung von <a href=\"https:\/\/www.ninjaone.com\/de\/blog\/5-schritte-zur-entfernung-von-malware-von-ihrem-computer\/\" target=\"_blank\" rel=\"noopener\">Malware beim Start verhindern<\/a> und die Systemleistung verbessern. Es ist jedoch wichtig, die Pr\u00fcfergebnisse sorgf\u00e4ltig zu analysieren, um falsch positive Ergebnisse zu vermeiden und sicherzustellen, dass legitime Software nicht versehentlich blockiert wird.<\/p>\n<h2>Empfehlungen<\/h2>\n<p>Zu den Best Practices bei der Verwendung dieses Skripts geh\u00f6ren:<\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\">Regelm\u00e4\u00dfige Audits zur Aufrechterhaltung der Systemintegrit\u00e4t.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">F\u00fchren Sie das Skript mit Administratorrechten aus, um die volle Funktionalit\u00e4t zu erhalten.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\">Analysieren Sie sorgf\u00e4ltig die Pr\u00fcfergebnisse, um unberechtigte oder unn\u00f6tige Autorun-Elemente zu identifizieren und entsprechende Ma\u00dfnahmen zu ergreifen.<\/li>\n<\/ul>\n<h2>Abschlie\u00dfende \u00dcberlegungen<\/h2>\n<p>Im Rahmen einer effizienten IT-Systemverwaltung k\u00f6nnen Tools wie NinjaOne in Kombination mit leistungsstarken Skripten wie dem PowerShell-Skript zur Pr\u00fcfung von Autorunsc die F\u00e4higkeit eines IT-Experten, den Systemzustand und die Sicherheit aufrechtzuerhalten, erheblich verbessern. Die umfassende IT-Management-Suite von NinjaOne, integriert mit solchen <a href=\"https:\/\/www.ninjaone.com\/de\/script-hub\" target=\"_blank\" rel=\"noopener\">Skripten<\/a>, bietet eine robuste L\u00f6sung f\u00fcr die <a href=\"https:\/\/www.ninjaone.com\/de\/it-management-fuer-unternehmen\/infrastruktur\/\" target=\"_blank\" rel=\"noopener\">\u00dcberwachung, Verwaltung und Sicherung von IT-Infrastrukturen<\/a>.<\/p>\n","protected":false},"author":35,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4307],"class_list":["post-442793","script_hub","type-script_hub","status-publish","hentry","script_hub_category-windows"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/script_hub\/442793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/comments?post=442793"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/media?parent=442793"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/operating_system?post=442793"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/de\/wp-json\/wp\/v2\/use_cases?post=442793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}