John Bartow
john at winhaven.net
Thu Jun 4 11:09:33 CDT 2009
The AutoRuns list is eye opening isn't it? Go to the options menu and check hide Windows Entries. Click Refresh (F5). That removes most of it from the list. The Logon tab is what is most user friendly. With Windows entries turned off you can uncheck most any item and it will not cause problems. Most of those are auto update features for add-ins, system tray icons programs and such. The other items can be checked for trace items that you know you don't need because you unistalled something. For instance Norton products leave behind a number of services and drivers. You can uncheck these and restart if nothing barks (it won't) at you then delete them. Once deleted, run CCleaner and it will remove a whole slew of crap (CCleaner stands for Crap Cleaner) that was left behind on disk and in registry because of those entries. The previously mentioned tabs and WinLogon are tabs to look through for items entered by malware. If you adjust what you see in Process Explorer (via the View Menu) it is also very eye-opening. How much memory is that simple "little" free utility using? Also handy for checking on how much memory all of the processes of a security application is using - min/max/ave. And when you kill a process there it will not sit around and decide if it wants to comply, it dies-pronto! SysInternals also has many other utilities like this - all free - file monitoring would be another useful one for the original purpose of this thread.