Over time, every computer gets more and more junk, er, software, added to its autostart locations. What starts out as a happy user experience, in which a PC owner is pleased with the performance of their new system, can turn sour after few months or years. By then, they are complaining about its performance -- especially Microsoft Windows users. Most blame Microsoft.
In 99 percent of the cases, it has nothing to do with anything Microsoft has added and everything to do with what the user has intentionally installed. (I am a full-time Microsoft employee.) Just about every software vendor out there contributes to the problem. In their zeal to position their product's usefulness and performance, they frequently add one or more of their programs to users' autostart list.
Want to see what your PC automatically runs when it starts up? Check out Microsoft's free utility, Autoruns. If you're unfamiliar with the inner workings of Windows PCs or who haven't run Autoruns before, you'll be amazed. The average computer runs well over 100 autostarting programs, and perhaps 20 to 50 percent of them aren't needed when your PC boots up.
Notorious performance killers: Unneeded programs
I recommend all users evaluate which programs autostart on their PC and at least remove the ones that aren't used anymore. Start with Add/Remove Programs and uninstall any unneeded program. Then run any of the great utilities showing you everything that automatically fires up when the computer starts or the user logs in. Along with Autoruns, I've happily used Silent Runners or Trend Micro's HijackThis. All are great utilities, with their own advantages and disadvantages.
I've been using these types of utilities for many years, and I've become fairly accustomed to what can be removed and what must be kept. New users should proceed cautiously -- only remove what you're certain won't harm your system. Know that you can disable and reenable them quickly (if problems are noted) with many of tools, including Autoruns.
Having a ton of autorun programs has big implications in the enterprise, too. First, if admins don't know of every autorun program installed on the end-user PCs they're managing, there is a security gap. Only allowed and authorized programs should be installed.
Secondly, each and every program (including autostarters) installed on a PC adversely affects performance; plus, they can cause operational issues and increase security risk. I've seen many companies where PCs take 10 minutes to boot and are loaded with so many computer-defense programs that users actively seek to disable them. It might be acceptable for an antivirus scanner to take hours to do a full scan of a computer, but probably not if it makes the computer nearly unusable during work hours. You shouldn't cripple the business just to protect it.
To that end, enterprises should create policies to ensure that an ever-increasing number of installed programs don't significantly delay bootup or operations performance. The companies that do this best require an approval process for every newly installed program. Here's how to put together such a process.
Create a company policy on acceptable system performance
In the beginning, a committee should determine acceptable boot time and operational performance. Five- and 10-minute boot times are unacceptable; it should take 1 to 2 minutes (or less) in most environments, unless the IT team has decided that the slow boot time is an acceptable ill effect of running particular programs. The defined acceptable performance thresholds should be approved by IT, information security, and management.
Next, every program under approval consideration should be reviewed for its effects on performance and earn a pass or fail rating. The committee should also keep track of what programs are installed on every managed image (and the impact on performance, in seconds); the same goes for optional and specialized programs. Everyone involved in the process, including system managers, administration, and the help desk, should know what is and isn't acceptable.
Finally, if a program is found to be violating acceptable performance measurements, it should be denied for new installation. If it causes a performance issue with an existing installed program, the program owner and/or vendor should be given a reasonable amount of time to remediate the performance problems. You'd be surprised how much free expert help you'll get from the vendor when you tell them you are pulling their program because of performance considerations.
Only by creating a policy and process can an enterprise hope to prevent performance creep.
This story, "Kill autorun programs to boost PC performance," was originally published at InfoWorld.com. Follow the latest developments in network security and read more of Roger Grimes' Security Adviser blog at InfoWorld.com.