Main Area and Open Discussion > General Software Discussion
Win Patrol Plus (Bits Du Jour- Fri) Chameleon Startup Manager, Startup Organizer
evgeni:
evgeni: would it be possible to beta test v3 anytime soon?
-TucknDar (March 19, 2009, 05:50 AM)
--- End quote ---
Hi, Christian
The program will be accessible to all in a current of 1-2 weeks. I now finish testing.
If you want, I can allow to download to you the current version.
TucknDar:
That would be much appreciated, evgeni :)
evgeni:
That would be much appreciated, evgeni :)
-TucknDar (March 19, 2009, 08:32 AM)
--- End quote ---
I sent a link to e-mail
Steven Avery:
Hi Folks,
Some additions and changes on the big post above, especially the mention of :
ADDITIONS TO FIRST POST
Windows Defender - Microsoft
Autorun Manager (OSAM - Online Solutions Autorun Manager)
JV16 - Macecraft
A-Spy - Xiaoyu Zhang
WinStartup - RJL Software
Windows XP Startup Tracker v3.8 - Doug Knox (2003)
Greatis (Regrun) Database
Pacman's Portal Startup Tips Webpage and more info
=========================
LOG FILES USED FOR ANALYSIS
One security usage of a startup program is to give a list that can be analyzed by others to help find concerns and problems. The most heavily used log is:
Hijackthis combined with StartupList - as explained above, sold by Merijn to Trend Micro
TrendMicro HijackThis Overview
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Piriform has a simple post explaining
http://forum.piriform.com/index.php?showtopic=10965
And above I reference the pages of Wilders and Mirijn that link to many forums that do HijackThis analysis. It is possible that Trend Micro will be a dead-end, which often happens when software is picked up by the larger companies. Note: "the HijackThis WhiteList. HJT "Hides" some Known legit entries."
WinPatrol Hijack log - (free and pro)
"The WinPatrol Hijack log includes all but about two items that HijackThis includes but we adds about a dozen more items which people have requested. The log format is designed to make it easier for forum helpers but I have heard it’s compatible with some of the automated hijack readers." - note from BillP (his blog is highly recommended).
Here is a recent blog post that shows the log and discusses other features.
http://billpstudios.blogspot.com/2008/12/top-ten-reasons-to-try-winpatrol-again.html
Top Ten Reasons to Try WinPatrol Again - 12/04/2008
RunScanner - "Save to text log file"
Most recent Wilder's thread
http://www.wilderssecurity.com/showthread.php?t=231176&highlight=runscanner
Runscanner 1.8.0.0 released (02/2009)
Autoruns for Windows v9.39
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Silent Runners
Good description here on Byte forum post.
http://bytes.com/topic/windows/insights/860760-windows-autorun-faqs-programs-dealing-autoruns
The purpose of Silent Runners is to identify the programs that start up with Windows. The original author of Silent Runners is Andrew Aronoff (although many have contributed to development of the script). According to Silent Runners website- "Silent Runners is not an anti-virus, an anti-trojan, or a spyware scanner. It only pinpoints how programs start up i.e. it does not scan the system to identify every trace of malware. The text file it creates can be removed for study or stored as a benchmark". The script changes absolutely nothing on your system other than adding its report file. It has no option to change anything and no such option will ever be added. (continues with urls)
AutoStart Viewer (ASViewer)- DiamondCS
http://www.diamondcs.com.au/freeutilities/asviewer.php
"- Save/Print functions allow you to take snapshots "
One simple way to see the tone and usage of some of these logs (in addition to the lists mentioned above about forums that are HijackThis friendly) is simply to put "RunScanner log" "Autoruns log" and such into Google. e.g You will find threads at "PC Help Forums" and "Geeks to Go" and "WhattheTech" and others. Just be aware that many of these forums (not all) are weak in the ads they have. It is sad to see ads for negative software (e.g. scamware or even potentially rogueware) on sites that are meant to help the user .. one of the excellent aspects of DonationCoder ! (Have I made my donation today ?)
==============================================================
Those are the ones most likely to be received on the forums, although I have little familiarity with the actual usage today.
Also of note, considering the excellent rep of Nir Sofer.
NirSoft - StartupRun (2004)
"Save the list of startup items into a text or HTML files" - Byte forum post
There are other logs (the Byte post also mentions one or two more Startup logs of less interest):
Wilder mentions:
"Spybot S&D, Ad-aware, plus the new generation of Anti-Rootkit detection logs (gmer, rkunhooker, etc.) and other similar product logs." -- however those mentioned above seem to be "Startup" specialists. (I'm also looking at "RemoveAny" where there is a log email capability, however the way it is currently set up may encourage a newbie to be too aggressive in removal and it does not think in terms of programs at startup. This is true of a few of the log file programs, they are process or .dll techie-oriented, not startup program oriented.
One thing worth noting. WinPatrol is the only real active program (StartupList and StartupRun are not real active) in this whole group that first approaches the issue as "Startup Programs" and then is drilling down to a report-log as a complementary feature as well. Most of the others begin more from the techie level of logging everything that happens. The multi-aspect of WinPatrol makes it a fan favorite.
========================================
THE FOUR OF THE THREAD - CHAMELEON, WINPATROL, STARTED, STARTUP MANAGER
Thank you Evgeni for contributing. I think Evgeni's Chameleon and WinPatrol and Outertech's StartEd are three of the more active and vibrant products around, all with free/lite and paid versions. And all discussions with the developers, or feedback from their blogs and support, are very welcome.
Personally I think a startup manager is one utility that deserves a paid version if the features match your needs well.
(Metaproduct's Startup Organizer is also mentioned above, it is a fine product, still developed, solid. I do not see that the developers are quite as active and visible, although 2.9 is Feb 2009 with a service relaease March 2009. However this was 3+ years from 2.8. What it does it does well, in my experience. Here are the screenshots, complete although small. http://www.metaproducts.com/mp/Startup_Organizer-Screenshots.htm . The plus of SO is that it combines the Explorer interface with easy changes with some configuration flexibility with decent warnings (similar to Scotty). Are they as up on hidden spots as Scot ? Dunno. Waiting for someone to do a comparison review !)
There are real interface and emphasis differences. And I can see working with two (WinPatrol + one more) instead of one and folks will have different needs. e.g. WinPatrol simply does not have that easy-to-see Explorer type review of all startup functions. Those who value that highly will gravitate to one of the other softwares.
WinPatrol is strong on security issues among the startup managers, a big plus to many, myself included. Yet some work with more dedicated HIPS and registry protection programs and may find WinPatrol redundant. (And some reject post-facto protection for real-time protection .. note that this is one area where WinPatrol Plus is stronger than free. Although how real-time is a Wilder's type of discussion.) And the tabbed interface of WinPatrol is quite different than the Explorer-style of many programs. As an example of the WinPatrol security emphasis, in addition to the log above, WinPatrol has a tab for the Windows Scheduler .. early in the day Bill Pytlovany noted that a crafty malware could use that for startup. Bill clearly thinks from a defense and security perspective, which is neat.
A current Wilder's thread on WinPatrol:
http://www.wilderssecurity.com/showthread.php?p=1426907
Winpatrol .. Tips Please!
On any security-oriented product it is suggested to do a search within Wilder's - good stuff, although you can end up a bit perplexed about the abundance of HIPS and sandbox and malware and firewall and browser protection and other programs (even putting aside the ugly morass of 'anti-virus' heuristic analysis). Also I think sandboxes and virtual machines can get pretty ugly at times, well-intentioned as they are.
One thing I like about startup analysis -- fairly easy to understand. Even if a program tells you 'late' (ie. a trojan installed and did something bad) at least you likely will know it and can decide between removal attempts, restore attempts such as system restore or registry restore or the ultimate cleanup -- OS reinstallation followed by increased protection and caution. Hopefully this is rare, or never. (Yes there are very sophisticated attempts that might hide, such as rootkit stuff. This is one reason why the security folks are putting more emphasis into things like browser and registry protection and watching OS files, I recently added MJ Registry Watcher.) Keep in mind that all of this is largely because Windows remains a kludge-style operating system in terms of non-protection of OpSys functions. So we balance the advantages (easy software functionality) with the problems.
ADDED 3/20/09 - Autoruns and RunScanner - used for logs, plus expanded comments
Shalom,
Steven Avery
evgeni:
I announced Chameleon Startup Manager version 3 in this thread
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version