POLL: POWERSHELL VS. GUI - DO YOU WANT TO BE A DEVOP OR AN ADMIN?
Sysinternals Autoruns: the most comprehensive startup monitor
By Michael Pietroforte - g+ - Fri, June 23, 2006 - 4 comments Michael Pietroforte is a Microsoft Most Valuable Professional (MVP) with more than 28 years of experience in system administration.
Sysinternals Autoruns is the most comprehensive free Windows tool I know for managing auto starting programs. It lists the corresponding registry entries, services, drives etc. etc. (see screenshot) You can disable auto starting programs with it and can use it from the command line too. If you really want to know what is going on your computer when it boots up, then you need this tool.
However, its comprehensiveness might be its biggest disadvantage since only absolute Windows experts will know how to use it properly. Be careful to disable a program if you are not sure about its purpose.
Some time ago, I introduced a much simpler tool, Startup Control, which is sufficient if you just want to get rid of the typical auto-starting pests which are installed by so many applications these days.
I agree, Autoruns is a wonderful tool, but IMO it should incorporate a way to display the really hidden items. I recently came accross a machine that had a bunch of trojans/rootkits and Autoruns didn’t display any of these and they were starting up on boot. I know RootkitRevealer is also available, but I think it would make a lot more sense if Autoruns would also display those items.In the end I used IceSword, which displayed *all* the items starting up. DarkSpy, gmer are similar in that regard
Usually, when I use a startup manager, I only want to disable autostarting components of a freshly installed application. I want to do this without much hassle with an easy-to-use tool. On the other hand, searching for rootkits is a more complicated and a different task. I guess that’s why Sysinternals offers two different tools here. But all in all it is a matter of taste, I think. Thanks for the tips. A good list of anti-rootkit tools can be found here.
Just to let you all know, the new site is available at : http://www.microsoft.com/technet/sysinternals/SystemInformation/Autoruns.mspx
Thanks for all the help
Thanks for hint! I corrected the link in the article.