Autoruns for Windows

When you notice suspicious activity on your Windows system, it’s a good bet that whatever malware has breached your security measures has configured some mechanism to automatically launch the misbehaving process after a reboot. The Autoruns utility is very useful for finding and eliminating those items that allow malware to run without any user action.

There are many ways to automatically start a malicious program, and Autoruns has a lot of them covered. From Internet Explorer plug-ins to network providers, if a program is being automatically started, you should find it in one of these places.

Another thing I like about this tool is that it’s a quick download that doesn’t need to be installed. If I’m helping a friend, I can have it ready on a USB drive or download it and have it running in a few seconds.

There is also a console version that spits out the same information in a text format that is easily parsed. If you’re a programmer, you can use it to monitor the results for unexpected changes.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!