Autoruns

Sysinternals Updates

There have been a lot of updates since i last blogged about this awesome set of tools, among those are updates to ProcDump, Autoruns, and PsLogList. The full details are here.

Another thing to mention is that Mark and David released the 5th Edition of their book, titled, “Windows Internals 5th Edition” You can check out the details herealso. Here is a small insert from their site.

Delve inside Windows architecture and internals:

• Understand how the core system and management mechanisms work—from the object manager to services to the registry
• Explore internal system data structures using tools like the kernel debugger
• Grasp the scheduler’s priority and CPU placement algorithms
• Go inside the Windows security model to see how it authorizes access to data
• Understand how Windows manages physical and virtual memory
• Tour the Windows networking stack from top to bottom— including APIs, protocol drivers, and network adapter drivers
• Troubleshoot file-system access problems and system boot problems
• Learn how to analyze crashes

New Version of Autoruns v9.37

This update includes a cool new option, Hide Microsoft and Windows Entries!

To use this, you start Autoruns (link to follow), then click on options, then “Hide Microsoft and Windows Entries”. This option makes it much easier to sort through all the apps and services loading on your system. You know that what is remaining definitely isnt verified by Microsoft, as this app is made by Microsoft Employees!

Run Autoruns now from Live.Sysinternals.com

Arent you curious to see what is in your system?

Another feature is to view apps running per user/system. There is also a command line tool, but I’m a GUI fan-boy. so i wont include the link. If you know what your doing you’ll have no problem finding it on your own

NS