Defrag Tools: #5 - Autoruns and MSConfig

Sign in to queue

The Discussion

  • User profile image
    Typhos

    Also Another great tool I used to use during my time at MS support Smiley

  • User profile image
    artisticche​ese

    Bean town is Chicago

  • User profile image
    artisticche​ese

    What kind of remote desktop connection is that? The one which has Ctrl+Alt+Del and some other menus in title bar?

  • User profile image
    ChadBeeder

    @gt65345: It's not Remote Desktop, it's Virtual PC.

    History of the nickname Beantown. Though apparently a lot of Boston residents dislike the nickname. Sorry, Boston residents.

  • User profile image
    Debojyoti

    Can I find if an USB drive have added any autorun or scripts in the system,after it has been plugged into the system??

  • User profile image
    ChadBeeder

    @Debojyoti: Some of that kind of stuff might show up if you look for it with Autoruns, but it sounds like what you're really looking for is real-time malware protection such as that provided by Microsoft Security Essentials.

  • User profile image
    Debojyoti

    @ChadBeeder Actually I am facing a problem with my filter driver. The driver is for volume wide encryption of files.

    The driver attaches itself on top of removable media only and it works fine. There is a 6x delay when an USB drive is first attached to the system. Generally it takes 20 - 30 second to install the driver but with my filter driver it takes somewhere about 2 mins. The delay is not the there when the USB drive is plugged into the system from second time onwards.

    It's certain that the delay happens for my filter driver but I am not sure how to approch this problem.

  • User profile image
    windev

    @Debojyoti: xPerf (WPT) profiling can help you here.  We'll go over this in detail on a future episode but the gist is:

    xperf -on Diag+Latency -stackwalk Profile+CSwitch+ReadyThread+ThreadCreate -BufferSize 1024 -MinBuffers 256 -MaxBuffers 256 -MaxFile 256 -FileMode Circular

    echo Press a key when you want to stop...
    pause
    xperf -stop -d result.etl

    Look at the result.etl with xperfview.exe

  • User profile image
    ChadBeeder

    @Debojyoti: That doesn't quite sound like the sort of problem that Autoruns would be able to help you troubleshoot. Personally I'd probably bring out the big guns and use a kernel debugger for that. Break in during the 2-minute delay and try to see what the filter driver is waiting on.

    Or, I agree with Andrew, you could probably figure it out from an xperf trace as well.

  • User profile image
    Debojyoti

    @windev and @ChadBeeder , Thanks. I will try out xperf...

  • User profile image
    Marcel Oonk

    I've found that disabling all the 'File not found' Autorun-entries could leave you with an un-bootable system. I would like to know if there's a way to determine if a 'File not found' entry can be safely disabled/deleted or not.

Add Your 2 Cents