“Program” unknown at startup: how to identify which file starts with Windows

“Program” unknown at startup: how to identify which file starts with Windows

How many times do we happen to apply a clean boot (or maybe just take a look at the processes in startup) and find an entry with only “Program” written? Let‘s see how to take action to figure out what software it belongs to

Let’s change the task manager view

The first thing to do is to understand the path where the file resides, which is crucial to understand what program it is associated with.

To get it to open the Task Manager (or Task Manager), hover over the Start tab and right-click on Name, checking Command Line now.

We choose to display the command line
We choose to display the command line

Now we could see the path of the file that will tell us which software it belongs to. Usually they refer to software already removed from the system and it will be enough to disable them, if instead we were to see an abnormal path, which maybe points to a temporary folder or a subfolder in AppData, we could be infected.

In this regard, it is useful to follow our dedicated guide:

How to remove malware from my computer?

Let’s modify the registry

NOTE: Disabling executables at startup is more than enough, if you are not practical or geeks it is NOT recommended to act on the register.

If, on the other hand, we want to physically remove the reference at startup, you must check the following paths in the log:

HKEY_LOCAL_MACHINE-Software-Microsoft-Windows-CurrentVersion-RunServicesOnce

HKEY_LOCAL_MACHINE-Software-Microsoft-Windows-CurrentVersion-RunServices

HKEY_LOCAL_MACHINE-Software-Microsoft-Windows-CurrentVersion-RunOnce

HKEY_LOCAL_MACHINE-Software-Microsoft-Windows-CurrentVersion-Run

HKEY_CURRENT_USER.Software

Where within these path we will find the path references that we identified by The Task Manager, just delete the value and close the log.

Warning Incorrect editing of the registry through the editor or another method can cause serious problems, which may require you to reinstall the operating system. Microsoft cannot help you troubleshoot problems that result from the mishandling of Registry Editor. Changing the registry is at the user’s risk. Before you make registry changes, we recommend that you perform a save of the affected keys, as noted in:How to back up and restore the registry in Windows

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *