Whenever I start up my PC (running Windows 8.1) I am able to see three windows of running reg.exe program for a flash of a second. Some times they are visible for a longer duration and that was when I was able to get the below screenshot.
From this link I gather that reg.exe is a command-line utility with same features as regedit.exe.
In my Task Manager's Startup tab I can see Registry Console Tool enabled with three entries.
How can I check why reg.exe starts up at boot time? Will disabling these processes will have adverse effects on my PC?
3 Answers
The manual way
To find out what they do, I recommend you take a look at the Run-location in the registry, located at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runor...
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runor...
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
It's a bit strange that you have three startup items for reg.exe, so I'd check out the registry keys and see what parameters the instances for reg.exe have.
It is possible to have that if you have some IBM software installed. IBM Notes for example put on startup 3 registry key who looks like that:
HKLM:Run !IBM Notes Browser Plugin IE Registration REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults" /v notes /t REG_DWORD /d 2 /f
HKLM:Run IBM NBP Disable IE Popup Blocker REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1809 /t REG_DWORD /d 3 /f
HKLM:Run IBM NBP Disable IE Protected Mode REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 2500 /t REG_DWORD /d 3 /f
You can check what applications are launched at system startup/login with Sysinternals Autoruns.
If you find out these reg.exe processes are not related to a software you specifically installed you should disable it with Sysinternals Autoruns.
