I have been using this program for a while now and has really helped me out.
AutoRuns for Windows v8.73
Quotes from the Help Files:
Autoruns
Copyright © 1996-2005 Mark Russinovich and Bryce Cogswell
Sysinternals - www.sysinternals.com
http://www.microsoft.com/technet/sysintern...s/AutoRuns.mspx
This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor (A starting list of auto-run locations was obtained from David Solomon's "Windows Internals" seminar), shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. A "Hide Signed Microsoft Entries" option helps you to zoom in on third-party auto-starting images that have been added to your system.
You'll probably be surprised at how many executables are launched automatically!
Autoruns works on all versions of Windows including Windows XP 64-bit Edition (x64) and Windows Server 2003 64-bit Edition (x64).
***********************************
Displayed Locations and Entries
Simply run Autoruns and it shows you the currently configured auto-start applications in the locations that most directly execute applications. Perform a new scan that reflects changes to options by refreshing the display.
Logon This entry results in scans of standard autostart locations such as the Startup folder for the current user and all users, the Run Registry keys, and standard application launch locations.
Explorer Select this entry to see Explorer shell extensions, browser helper objects, explorer toolbars, active setup executions, and shell execute hooks.
Internet Explorer This entry shows Browser Helper Objects (BHO's), Internet Explorer toolbars and extensions.
Services All Windows services configured to start automatically when the system boots.
Drivers This displays all kernel-mode drivers registered on the system except those that are disabled.
Scheduled Tasks Task scheduler tasks configured to start at boot or logon.
AppInit DLLs This has Autoruns shows DLLs registered as application initialization DLLs.
Boot Execute Native images (as opposed to Windows images) that run early during the boot process.
Image Hijacks Image file execution options and command prompt autostarts.
Known DLLs This reports the location of DLLs that Windows loads into applications that reference them.
Winlogon Notifications Shows DLLs that register for Winlogon notification of logon events.
Winsock Providers Shows registered Winsock protocols, including Winsock service providers. Malware often installs itself as a Winsock service provider because there are few tools that can remove them. Autoruns can uninstall them, but cannot disable them.
LSA Providers Shows registers Local Security Authority (LSA) authentication, notification and security packages.
Printer Monitor Drivers Displays DLLs that load into the print spooling service. Malware has used this support to autostart itself.
Unless the Include Empty Locations selection in the Options menu is checked Autoruns doesn't show locations with no entries.
The Verify Signatures option appears in the Options menu on systems that support image signing verification and can result in Autoruns querying certificate revocation list (CRL) web sites to determine if image signatures are valid. Autoruns displays the text "(Not verified)" next to the company name of an image that either does not have a signature or has a signature that is not signed by a certificate root authority on the list of root authorities trusted by the system.
Use the Hide Signed Microsoft Entries (or Hide Microsoft Entries on a system that doesn't support image signing verification or when you've deselected Verify Signatures) in the Options menu to help you identify software that's been added to a system since installation. Autoruns prefixes the name of an image's publisher with "(Not verified)" if it cannot verify a digital signature for the file that's trusted by the system. The Hide Signed Microsoft Entries selection omits images that have been signed by Microsoft.
On Windows NT/XP/2000/2003 systems that have multiple user accounts the Users menu is populated with user names. Select one to view the auto-starting images for that account.
*********************************************
Full Version: AutoStart Discussions
Another, lesser known, but excellent application similar to AutoRuns is RunScanner:
http://www.runscanner.net/
http://www.runscanner.net/
Thats for sure Tony..Geert is doing a nice job on that one. Strated working with it a while back now and so happy the Community is embracing the project. 
Time to make it a well known tool for the experts.
Time to make it a well known tool for the experts.
QUOTE (Hunter @ Dec 9 2007, 07:25 PM) 
Thats for sure Tony..Geert is doing a nice job on that one. Strated working with it a while back now and so happy the Community is embracing the project. Time to make it a well known tool for the experts.
Time to make it a well known tool for the experts.I agree. IMO Geert is well ahead of the pack with it. :)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.