08.11.05
Removing startup items - regedit, msconfig
If you don’t allready know about this tip then read carefully and error on the side of caution. It involves editing the Windows registry; which can ruin your Windows installation (i.e. computer won’t start) if done incorrectly. If in doubt get help from a professional.
Most malware programs set themselves to start automatically when the computer starts up. They do this by making an entry in one of a few specific directories in the registry. Removing these entries will prevent these malware programs from starting automatically, making them less bothersome and easier to remove.
You can edit the registry with regedit. To start regedit go to the start menu and select Run…, then type in regedit and click the OK button. The Registry Editor will open with a list of directories on the left side. The directories you are looking for are named Run, RunOnce, or other variations beginning with Run. They are located in two different places: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ and HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\. You can go through each of these Run folders and look for anything suspicious. It isn’t a good idea to remove everything from these Run folders (and don’t remove the folders themselves!); most of these entries will likely be legitimate such as your antivirus program, CD burning software, or display drivers/applications. Delete keys corresponding to any malware (do a google search for the key/executable name if in doubt) from each of these Run folders. After rebooting the corresponding malware shouldn’t start up. Now you can run your antivirus/spyware-removing programs with a better chance of getting rid of that pesky malware.
Another easier and safer, although not quite as thorough, way to access the same information is through msconfig (not available in Windows 2000). Go to the start menu and select Run…, then type in msconfig and click OK. The System Configuration Utility will open. Click on the Startup tab. Now you can look through the list that comes up for anything that you don’t want to start automatically, unchecking the corresponding check-box. Again, be careful not to remove anything you need. After clicking on the OK button you will be prompted to restart the computer. After restarting you will get a warning that the System Configuration Utility has been used, uncheck the box on this warning so that it won’t bug you everytime you reboot and click OK.