Dealing with Startup Processes

Discussion in 'Malware Removal FAQ' started by chaslang, Jan 26, 2008.

Thread Status:
Not open for further replies.
  1. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Howto deal with startup processes - do not use MSconfig
    • First you should uninstall any software that you do not use.
    • Second if you have processes still trying to load at startup even though you have uninstalled them. You can simply use HijackThis to easily remove the startup. That way you will not have to manually edit the registry. If you do not understand how to use HijackThis, you can read this HijackThis Tutorial
    • Third for software you do not want to uninstall but you don't want it to load at startup, look in the program for an option not to load when Windows starts and disable it this way. If you cannot find an option like that you have two possible actions:
      • if you never want it to load at startup, again use HJT to permanently remove the startup. If you do not understand how to use HijackThis, you can read this HijackThis Tutorial
      • if you sometimes want it to load at startup, use a program like Autoruns ( which is my preference ) to enable or disable as you see fit. There are other tools for doing this too, like SpyBot - Search & Destroy and Startup CPL and even Microsoft's Windows Defender if you have it installed (and by default Windows Defender is installed in Vista). See http://support.microsoft.com/kb/270035/ for using Windows Defender.
    • IMPORTANT NOTE: DO NOT use Ccleaner or Glary Utilities or Startup Manager to control startups either since they just make use of MSconfig registry keys which you do not want to use. And these registry keys belong to Microsoft not to Ccleaner, Glary Utilities, or to Startup Manager and they should not be using these registry keys since only MSconfig should be using them. After all, that is why they are labeled as MSconfig!!! Allowing other programs to use these registry keys, makes it look like MSconfig has orphaned these registry keys since MSconfig will not appear to be in use. Orphaned keys may be deleted by cleaning tools and thus you would not be able to ever restore the changes.
    ====================================================

    Why you should not be using MSconfig to control startups!!



    Many people frequently use MSconfig as a long term solution to control startup processes and services. You will also see many websites condoning use of MSconfig and teaching you how to use it for controlling startups. This is a very bad idea for many reasons.
    1. MSconfig was designed to be used only as a temporary debugging/troubleshooting tool. It was not meant to be used for long term solutions. Here is an example of using MSconfig to perform troubleshooting on Vista/Win7:
    2. MSconfig does not show all startups anyway.
    3. If you uninstall programs while they are being disabled with MSconfig, they will not be uninstall properly and you will have to resort to manual registry editing to properly get everything removed. MSconfig will leave orphan entries if/when installed software is uninstalled while under the control of MSconfig . When/if MSconfig is turned back to normal startup, it will give errors on boot due to those orphan entries.
    4. MSconfig and Services:
      • If you uninstall programs while you have some of the programs services being controlled with MSconfig, the programs will not be uninstall properly and you will have to resort to manual registry editing to get everything properly removed.
      • When you uncheck a service in msconfig, you completely disable it. If you uncheck the wrong one, you may not be able to restart your computer.
      • It is safer to control services by using Control Panel, Administrative Tools, Services (this runs services.msc).
    5. You can lock malware items into your registry that you may not see anymore until some point in time where you switch back to Normal Startup mode and now you can cause total reinfection of your PC with the malware. You need to remove the malware not mask it.
    If you still don't understand why not to use MSconfig, see what Microsoft writes here: http://support.microsoft.com/kb/310560 The key point is stated as such:

     
    Last edited: Dec 27, 2014
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds