Loaded Modules
This tab displays modules loaded in the BrowserSentinel.exe process. A module is a DLL file (Windows Dynamic Link Library) that contain functions that a process uses to perform various tasks.
The tab is very effective in detecting keylogger software since keyloggers usually inject their DLL files into a process to monitor keystrokes using the Windows hooking technique.
Note that this tab does not display ShellExecute Hook and Shell Extension modules loaded into the BrowserSentinel.exe process due to ShellExecute API function call.
The Unload Action
The unload action tries to unload the module from the BrowserSentinel.exe process. The action is available only in Windows 2000/XP/.NET Server.
Use this action with much care since unloading a module can crash Browser Sentinel. This happens because the module can be performing opertaions which can crash the process if interrupted.
The Delete Action
The delete action (depending on the selected options):
- Unloads the module;
- Deletes the module;
- Unregisters the module.
Properties
| Publisher | The developer (a company or a person) of the module. |
| Description | The description of the module retrieved from its file resources. |
| File | A full path to the module file. |
| File Version | File version information. The information is retrieved from the file resources. Also includes product version information if it differs from the file version. |
| File Size | File size in bytes. |
| File CRC32 | Cyclic Redundancy Checksum (Check) of the file. |
| File MD5 | Message Digest 5 of the file. |
| File Creation Date | The date the file was created. |
| System |
Indicates whether the item is a system item, i.e. originally shipped with Windows. WARNING: Browser Sentinel does not always correctly differentiate third-party items and system items, use this property with care! |
| Safe | Indicates whether the item in a safe or in a blocked list. Yes - item is in a safe list. No - item is in a blocked list. N/A - items is not in a safe nor in a blocked list. |