Loading user information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading user information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Defrag Tools: #5 - Autoruns and MSConfig

33 minutes, 59 seconds


Right click “Save as…”

In this episode of Defrag Tools, Chad and I walk you through Sysinternals Autoruns. We also look at its predecessors: MSConfig and SysEdit. AutoRuns and MSConfig allow you to view and disable autostart entries on the computer. The autostart entries are locations in the registry and file system that can cause applications and DLLs to be automatically run at startup, login, application launch, and at many more registration points in Windows.

Sysinternals Autoruns

[01:05] - A look back in time...
[03:20] - SysEdit on Windows 95
[04:32] - Bar Napkin (Janet Harris)
[06:19] - MSConfig on Windows 98
[07:25] - MSConfig on Windows 7
[13:03] - Sysinternals Autoruns
[33:19] - Reboot required

Raymond Chen's Blog:
The Old New Thing


Follow the discussion

  • Oops, something didn't work.

    Getting subscription
    Subscribe to this conversation
  • Also Another great tool I used to use during my time at MS support Smiley

  • Bean town is Chicago

  • What kind of remote desktop connection is that? The one which has Ctrl+Alt+Del and some other menus in title bar?

  • @gt65345: It's not Remote Desktop, it's Virtual PC.

    History of the nickname Beantown. Though apparently a lot of Boston residents dislike the nickname. Sorry, Boston residents.

  • Can I find if an USB drive have added any autorun or scripts in the system,after it has been plugged into the system??

  • @Debojyoti: Some of that kind of stuff might show up if you look for it with Autoruns, but it sounds like what you're really looking for is real-time malware protection such as that provided by Microsoft Security Essentials.

  • @ChadBeeder Actually I am facing a problem with my filter driver. The driver is for volume wide encryption of files.

    The driver attaches itself on top of removable media only and it works fine. There is a 6x delay when an USB drive is first attached to the system. Generally it takes 20 - 30 second to install the driver but with my filter driver it takes somewhere about 2 mins. The delay is not the there when the USB drive is plugged into the system from second time onwards.

    It's certain that the delay happens for my filter driver but I am not sure how to approch this problem.

  • Andrew Richardswindev Andrew Richards

    @Debojyoti: xPerf (WPT) profiling can help you here.  We'll go over this in detail on a future episode but the gist is:

    xperf -on Diag+Latency -stackwalk Profile+CSwitch+ReadyThread+ThreadCreate -BufferSize 1024 -MinBuffers 256 -MaxBuffers 256 -MaxFile 256 -FileMode Circular

    echo Press a key when you want to stop...
    xperf -stop -d result.etl

    Look at the result.etl with xperfview.exe

  • @Debojyoti: That doesn't quite sound like the sort of problem that Autoruns would be able to help you troubleshoot. Personally I'd probably bring out the big guns and use a kernel debugger for that. Break in during the 2-minute delay and try to see what the filter driver is waiting on.

    Or, I agree with Andrew, you could probably figure it out from an xperf trace as well.

  • @windev and @ChadBeeder , Thanks. I will try out xperf...

  • Marcel OonkMarcel Oonk

    I've found that disabling all the 'File not found' Autorun-entries could leave you with an un-bootable system. I would like to know if there's a way to determine if a 'File not found' entry can be safely disabled/deleted or not.

Remove this comment

Remove this thread


Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.