 How To Use The Startup Database. |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
BleepingComputer.com > Bleeping Computer Applications and Guides > Windows Startup Programs Database  |
 Oct 18 2005, 08:49 AM
Post
#1
|
|
 Bleep Bleep!  Group: Admin Posts: 31,597 Joined: 24-January 04 From: USA Member No.: 3  |
Introduction For a program to work it must be started. Programs are started in three ways. The first way is if you actually start it yourself by launching it. The second way is for another programs to start another program. Finally the third way, is for a program to be configured to automatically start when the operating system boots up. The type of programs that start via the third way are what we call Windows Startup Programs and are the types of programs that the Startup Databases focuses on. The reason why we want to be concerned with automatic startup programs is because they consume resources on your computer for programs. In order to optimize your machine to peak performance, we want only those programs that are necessary to run, to be allowed to run, and disable the rest. Unfortunately there are many different ways for a program to launch automatically when Windows starts. Luckily for us, though, there are programs that allow us to cut through this confusion and see the various programs that are automatically starting when windows boots. The program we recommend for this, because its free and detailed, is Autoruns from Sysinternals. When you run this program it will list all the various programs that start when your computer is booted into Windows. For the most part, the majority of these programs are safe and should be left alone unless you know what you are doing or know you do not need them to run at startup. At this point, you should download Autoruns and try it out. Just run the Autoruns.exe and look at all the programs that start automatically. Don't uncheck or delete anything at this point. Just examine the information to see an overview of the amount of programs that are starting automatically. When you feel comfortable with what you are seeing, move on to the next section. How the Startup Database is layed out The Windows Startup Database is simple a listing of various startup programs with associated information about them. With each entry we provide what we know about the program such as it's startup name as it appears in the registry and various autorun listing programs, its location, the filename, how it is started, the files description, and whether or not it should be allowed to run. For each program there is a status key that describes how we recommend the program should be allowed to operate. This status key is broken down as follows: ? - Unsure as to whether it needs to run or not, but not malware. N - Not necessary to run as it can be started as needed. U - Its up to the user. Its not necessary to run for the computer to work, but may be important enough to have running for some users. Y - Yes, this program is necessary to run in order for the computer or a program to operate correctly. X - This is considered malware or undesirable to have on the machine as it can cause problems. Now that you have an understanding of how the Startup Database is laid out, lets move on to how to query the startup programs on your computer to the database. Understanding the output of Autoruns and applying it to the Startup Database When you runs Autoruns it will list all the known automatic startup locations and the programs that are loading via them. Below is an image where we have numbered 3 startup entries that I have on my machine and which are being loaded via the following registry key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run I will show you how to interpret that information and the search for it in the database to determine if these programs are valid and should be allowed to run.  As you can see from the image, we have numbered 3 different programs that are automatically starting up. Lets start breaking down the various entries and how they can be searched for in the database. The first entry labeled number 1 would be broken down as: Name: AVG7_CC The second entry labeled number 2 would be broken down as: Name: AVG7_EMC The third entry labeled number 3 would be broken down as: Name: nwiz Instructions on how to disable the entry are in the next section. How to disable a startup entry If you run into a startup entry like Nwiz above that is recommended to be disabled, or you find a piece of malware and want to remove its startup entry you simply need to uncheck the checkbox in autoruns next to that entries name. For example with the Nwiz example above, since the database stated it is not necessary to run, I would simply remove the check next to that entry and close the program. The next time I reboot that program will no longer startup automatically. Conclusion Now that you know how to use the Windows Startup Program Database, go download autoruns and get started optimizing your computer. For more information and answers to commonly asked questions on this site visit the New User Orientation Center. This post has been edited by D-Trojanator: Jun 22 2007, 12:20 PM -------------------- |
 |
 
|
|
Jan 29 2006, 09:05 PM
Post
#2
|
|
|
Member Group: Members Posts: 34 Joined: 30-October 05 Member No.: 39,088 |
someone owes me about 3 hours of my life, all I tried to do was answer Bobby's questions to a practice log and I seen this great program when looking for something in the database and the problem I am having is this, I downloaded it and then I ran it and when I run it my Windows Word program opens and it asks me what format do I want to use and I tried all 3 but they all look nothing like the nice looking orogram in the pictures?? It just looks like c++ code or something in my "Word" window??
Am I doing something wrong here? I downloaded it and just opened it with the "run" command? Thanx! |
|
|
|
|
Jan 29 2006, 10:51 PM
Post
#3
|
|
|
Bleep Bleep! Group: Admin Posts: 31,597 Joined: 24-January 04 From: USA Member No.: 3 |
Thats strange...you are running autoruns.exe?
-------------------- |
|
|
|
|
Mar 28 2006, 09:41 PM
Post
#4
|
|
|
Member Group: Members Posts: 28 Joined: 6-January 06 Member No.: 49,118 |
How do I see what programs run on Windows Startup?
|
|
|
|
|
Mar 28 2006, 09:46 PM
Post
#5
|
|
|
Bleep Bleep! Group: Admin Posts: 31,597 Joined: 24-January 04 From: USA Member No.: 3 |
Did you read the first post in this topic?
-------------------- |
|
|
|
|
Mar 29 2006, 07:43 AM
Post
#6
|
|
|
New Member Group: Members Posts: 5 Joined: 19-March 06 Member No.: 59,888 |
Hi.
Is it usual for the database not to find a file name? I searched for vcsmpdrv and vcsmpdrv.sys - and there were no entries. |
|
|
|
|
Mar 29 2006, 07:49 AM
Post
#7
|
|
|
New Member Group: Members Posts: 5 Joined: 19-March 06 Member No.: 59,888 |
ahhgg, I think I should have asked that last question in a new topic - oops
|
|
|
|
|
Mar 29 2006, 07:56 AM
Post
#8
|
|
|
Bleep Bleep! Group: Admin Posts: 31,597 Joined: 24-January 04 From: USA Member No.: 3 |
IThe database does not contain every program. You need to google for the filename if its not found in the database.
-------------------- |
|
|
|
|
Jul 3 2006, 11:07 AM
Post
#9
|
|
 Member Group: Members Posts: 87 Joined: 1-July 06 Member No.: 74,187 |
Thank you for this resource. I've successfully downloaded autoruns.exe and now need to go through the list. It is quite an enormous list but I look forward to learning about my start up programs.
|
|
|
|
|
Jul 17 2006, 03:24 PM
Post
#10
|
|
|
New Member Group: Members Posts: 1 Joined: 17-July 06 Member No.: 76,678 |
I clicked on the autoruns link and tried download and install the program. The link took me to:
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml Instead of an exe file I got a page with: The page cannot be displayed The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings. Has autoruns been withdrawn? Moved? Did I do something wrong? Thanks for any help someone can give me. I need all I can get! |
|
|
|
|
Jul 17 2006, 09:56 PM
Post
#11
|
|
 SPAM Magnet Group: Site Admin Posts: 15,789 Joined: 6-May 04 From: SW Louisiana Member No.: 363 |
Worked for me.
Here's a direct link to the download, PeteBlair: http://www.sysinternals.com/Files/Autoruns.zip -------------------- Health is merely the slowest possible rate at which one can die.
. Become a BleepingComputer fan: Facebook |
|
|
|
|
Aug 6 2006, 02:53 AM
Post
#12
|
|
 New Member Group: Members Posts: 11 Joined: 6-August 06 Member No.: 79,563 |
Hello I have tried both the above links for autorun and gotten the cannot display page. Is there another way to get this program?
|
|
|
|
|
Aug 6 2006, 03:37 PM
Post
#13
|
|
 'r Brudiwr Group: HJT Team Posts: 2,604 Joined: 10-April 05 From: South Wales, UK Member No.: 16,608 |
I've just found this line...
&Links File not found: C:\WINDOWS\system32\ieframe.dll is it safe to just uncheck it? --------------------   |
|
|
|
|
Aug 27 2006, 05:47 PM
Post
#14
|
|
|
New Member Group: Members Posts: 1 Joined: 27-August 06 Member No.: 82,582 |
Hi there!
About: Windows Program Automatic Startup Locations I have some years of experience in XP but, I found something very nice that I can not handle. The story: I did install Family KeyLogger, for trial. So, at every startup a have a nice little window warning me that my pc is monitored. Fine. I did an uninstall, the warning window still there at startup. I did a new install and a new uninstall. Guess? Yes, I still have the little window. I jumped in registry and in .ini files: nothing. I tried procexp.exe from sysinternals (very nice!) and I found out that the window it is a separate thread of explorer and explorer it is using a temp file (exe file afterall with tmp extension) to create the thread with a procedure from kernel32. Now I am looking for help, first time in 8 years  So I invite you to this challenge. KMint21 Software is the company i believe. And me NOD32 it is telling me that Family Kelloger is some kind of virus when i do the download (i do not think so). If this is not the wright place for this post i am sorry. If my english look pour it is so and I apologize. Tks! |
|
|
|
|
Aug 30 2006, 03:18 PM
Post
#15
|
|
|
Member Group: Members Posts: 36 Joined: 29-August 06 From: Texas Member No.: 82,891 |
Hi.
Where is the "status code" you speak of for the first item on my list I am looking up... rdpclip I cannot find where this status code is. Thanks. -------------------- Don't use a big word where a diminutive one will suffice.
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 20th November 2009 - 08:16 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.