Remove startup programs from the registry

Remove Startup Programs From The Registry

Removing startup programs from the Windows registry

Some programs when installed add entries to the Windows registry to run files when Windows starts up.

Some times some of these files are absolutely unnecessary and degrade system performance. Other times, viruses and/or malware will use these startup points in the registry to run files related to the virus or malware without your knowing.

Backing up the registry

When add/removing entries in the Windows registry, you should always make a backup first in case you add or remove something vital to the operation of the Windows operating system. Before making any changes, right-click the key you are going to modify and click “Export”. It will save it as a “.reg” file you can later use if you need to repair any modifications to the registry you have made.

Common load points in the registry

The following are common load points in the registry most programs use:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Programs can also load files in the Winlogon process by using:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

Some virus have also been known to add additonal files to the “Shell” string in Winlogon. The shell should be “explorer.exe”, but some viruses and malware will change it to “explorer.exe nail.exe”. Nail.exe would then load with explorer.exe. To check this setting navigate to:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

In the right pane, make sure the “Shell” string only says “explorer.exe”. You should double click the “Shell” string and open it because sometimes the virus or malware will place a bunch of spaces after explorer.exe, so it may appear to be normal because you won’t see the extra filename because the spaces have pushed it to the right so far it doesn’t show in the right pane in regedit.


Regedit

Can’t Open Regedit

Can’t Open Regedit.exe?

If you cannot open the registry editor (regedit.exe), your computer may be infected by a virus or malware.

Some viruses and malware block access to the registry and to Task Manager to stop the average to moderate user from stopping or removing the infection.

If your antivirus did not prevent the infection or you do not have antivirus protection installed, you will need to fix the problem manually.

The following are methods of fixing the registry so the registry editor and/or executable files (.exe) can be opened:

Rename the file

Renaming the file extension of regedit.exe to regedit.com can enable you to open the registry editor so you can remove the bogus entries that are causing the registry editor and/or executable files from opening.

Removing the bogus entry in the Registry

Open the registry editor and find the following entry:

HKEY_CURRENT_USER\Software\Classes

Find the “.exe” entry and right-click it and click delete. You should now be able to open executable files (.exe) with no issues.