During its removal, a badly designed program may leave unwanted executable files behind. If the program has created the registry entry for this file, the EXE will load each time the Windows operating system boots to the desktop. You won’t find the process created by this executable until you navigate to the process explorer section of the task manager or go through the startup manager utility of Windows.
This process may waste a few megabytes of system memory. It might even use the processor for performing some calculations. The executable will reside on your PC as a junk file. You’ll have to remove it manually.
MsConfig, the tool that ships with MS Windows OS can be used to disable startup items. The biggest problem with this tool is that it doesn’t display the full path to the EXE file which has created the process nor does it make you aware of the corresponding registry entry. To get completely rid of such unwanted Windows startup items, you should use the free autoruns program.
Autoruns has been developed by a company called Sysinternals. A few years back, Microsoft Corporation had bought this company. Henceforth, the program has been renamed as Microsoft Autoruns.
MSA is a free utility program which can be used on Windows XP, 10, 8, 8.1 and Vista OS. It has a tabbed UI and menu-based navigation system.
Below are the most important modules of MSA:
Winlogon: The program will find self-starting items that have created an entry in the Windows registry or are located in the startup folder of the Windows OS. Found items will be listed in this interface.
Winsock: Here, you’ll find items that are actively using the using Winsock protocol. Malicious programs are known to use this protocol. Autoruns can stop the processes that are employing Winsock, but you will have to use some other program to safely delete the executable file that has created it.
Print monitor: Here, the user can check which dynamic linking libraries have registered themselves for using the Windows print spooling service.
Boot execute: In this section, you can learn which system image files are processed by the PC before it boots the Microsoft Windows operating system.
Services: To get information on the services which are enabled to start up when the OS boots, navigate to this tab.
Drivers: This interface displays a list of drivers that have been registered by the Windows system.
Scheduled tasks: This UI displays the files that Windows will run immediately when the user accesses the desktop after rebooting or turning on the computer.
To get details on codecs, image hijacks, Appinit, known DLLs, LSA/network providers, WMI startup items, open the help panel of Autoruns.
In Microsoft Sysinternals autoruns, you are allowed to compare the data collected from the existing system configuration with a previously saved configuration data. The program saves your data in a file with ARN extension. There’s an option for the same.
MSA features a filter and a search module to quickly locate and categorize the data. It can analyze the directory of an offline Microsoft Windows operating system.
This program has filters to display only the signed/unsigned startup items. This feature is absent in the MsConfig tool. MSA gives you a better insight of how the third party programs are behaving in the system. You can easily remove a malware or a virus manually without running standalone security application or using an antivirus rescue disk.
To make things easier for the user, Microsoft SysInternals Autoruns now comes integrated with the cloud technology based VirusTotal engine. If you find a suspicious file, right-click on it and select check with virus total option.
The online virus scanner will check if the selected file is malicious or not. If it isn’t safe, the user should delete the file immediately.
A malware may have cloned itself. For its complete removal, go through every item displayed by the Sysinternals autoruns tool or install a powerful malware remover.
Conclusion: As of today, there’s no better startup manager for Windows than Microsoft Sysinternals Autoruns. If you’re not able to disable auto running programs, this application will do the job for you.