The August 2017 Born to Learn MS Press Round-up blog post includes a welcome and valuable freebie. It features a link to a sample chapter from the latest edition of a terrific book. And that book is the 2nd edition of Troubleshooting with the Windows Sysinternals Tools. The sample chapter covers the excellent and always informative Autoruns utility. Thus, MS Press samples Autoruns coverage in great detail for free. This material is well worth glomming onto, because Autoruns is so comprehensive and far-reaching, it can be hard to make sense of its findings without expert help. And here, expert help is at hand!
This book’s been out for a while, but the free chapter on Autoruns is worth grabbing and saving all by itself.
When MS Press Samples Autoruns Coverage, What Does It Get You?
Short answer to the preceding question: “A whole lot.” However, a longer answer comes from listing the topics addressed therein. Here’s the list of topics addressed therein, reproduced verbatim from Sysinternals Autoruns page:
Use Process Explorer to display detailed process and system information
Use Process Monitor to capture low-level system events, and quickly filter the output to narrow down root causes
List, categorize, and manage software that starts when you start or sign in to your computer, or when you run Microsoft Office or Internet Explorer
Verify digital signatures of files, of running programs, and of the modules loaded in those programs
Use Autoruns, Process Explorer, Sigcheck, and Process Monitor features that can identify and clean malware infestations
Inspect permissions on files, keys, services, shares, and other objects
Use Sysmon to monitor security-relevant events across your network
Generate memory dumps when a process meets specified criteria
Execute processes remotely, and close files that were opened remotely
Manage Active Directory objects and trace LDAP API calls
Capture detailed data about processors, memory, and clocks
Troubleshoot unbootable devices, file-in-use errors, unexplained communication, and many other problems
Understand Windows core concepts that aren’t well-documented elsewhere
You’ll also get a peachy overview of how to read the various elements of the Autoruns GUI. In fact, that covers the tool’s organization around registry keys, its use of color coding, and online lookup feature. I’ve always found Autoruns helpful and informative. But after reading over this sample chapter, I’m able to get more out of the program. I’m also more able to make sense of the wealth of information it provides. If it works for me, it should work for you, too. Check it out!