From The Coffee and Chat Email list

Some people may find this exchange of Interest:

CharlieK kicked off with....

We have spoken many times at C&C about start up items as seen in MS Config
and what some of them might be.

The Black Viper site has been mentioned as a good source of information, but
I have just encountered this site http://www.sysinfo.org/startupinfo.html
which I think is more comprehensive.

If you click on the word "HERE" about 6 lines form the top you will go
straight to a searchable list of possible entries in the start-up list.

It is pretty enormous (over 6,500 entries) so make use of the search
facility to find any entries that may be concerning you.

This site also contains a downloadable (and updatable) file of these items
so you can keep a list on your machine if you don't have an "always on"
internet connection.

A word of warning, check carefully before disabling an item as there can be
more than one file with the same name, one of which might be OK and the
other might not.

An example on my machine is "nwiz.exe" which is a valid NVIDIA start-up app,
but can also be a program installed by a Trojan.

You need to follow the path (and that might mean delving into the Registry)
to confirm what the program is actually starting.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I replied with:

IMHO Black Viper http://www.blackviper.com/ is a great site for
understanding and manipulating Windows ME and later system *services* -
those operating system tasks which are buried even deeper than items in the
registry start-up (Msconfig) lists.

If you check using 'services.msc' instead of 'msconfig.exe' you will find
magnificent lists (over 90 on my standard list - many of which are running -
such as cryptographic services, error reporting services etc.). Most of
those do not appear on the msconfig list - but some msconfig items appear on
the services list.

Obviously there is a lot of scope to disable or change the way that some
non-critical services are run - and this is what the Black Viper site aims
to do. One day I'll really have to find the time to play with some of that
stuff and end up with a lean mean machine. It's a good way to get into
trouble although (I think) you can reverse things in safe mode.

I do agree that http://www.sysinfo.org/startupinfo.html is a great site for
looking up what those strange program names in the msconfig and services lists
actually do. I have used it many times in the past.

I have just revisited the site and he's changed it so that it's not really
obvious how you get to the main listings. Be sure to click on the HERE link
near the start of the page. The listing is huge and contains many programs,
DLLs, etc. that are installed by other programs (apart from the operating
system).

Should be in everyone's favourites/bookmarks.
 


John Saxon 18 Dec 2004

INDEX                NEXT