..:: [ Program's Startup ] ::..

Способы Автозапуска
Ключи реестра и места на диске, с помощью которых программы могут запускаться автоматически при каждой загрузке системы Logon

%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup
%SystemDrive%\Documents and Settings\<username>\Start Menu\Programs\Startup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Common Startup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Common AltStartup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Common Startup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Common AltStartup
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Startup
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, AltStartup
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Startup
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, AltStartup
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
--
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows, load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows, run
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer, run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, shell
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, shell
--
HKLM\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Startup
HKLM\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Shutdown
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon
HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff
--
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd, StartupPrograms
--
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
--
%WinDir%\system.ini
%WinDir%\win.ini
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini

Winlogon

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
--
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
--
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, AppSetup
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, GinaDLL
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, System
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Taskman
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, UIHost
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, VmApplet
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Userinit
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, shell
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon, shell
--
HKCU\Control Panel\Desktop, SCRNSAVE.EXE
--
HKLM\SYSTEM\CurrentControlSet\Control\BootVerificationProgram, ImageName

AppInit DLLs

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, Appinit_Dlls

Explorer

HKLM\SOFTWARE\Classes\Protocols\Filter
HKLM\SOFTWARE\Classes\Protocols\Handler
--
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components
--
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKCU\Software\Microsoft\Active Setup\Installed Components
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKCU\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
--
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers
HKCU\Software\Classes\Folder\shellex\ColumnHandlers
--
HKLM\SOFTWARE\Microsoft\Ctf\LangBarAddin
HKCU\Software\Microsoft\Ctf\LangBarAddin

Internet Explorer

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
--
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
--
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
--
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars
--
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
HKCU\Software\Microsoft\Internet Explorer\Extensions
--
HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt
--
HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins
--
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
%WinDir%\Downloaded Program Files
--
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefix
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

Services

HKLM\SYSTEM\CurrentControlSet\Services
HKLM\SYSTEM\ControlSet001\Services
HKLM\SYSTEM\ControlSet002\Services
HKLM\SYSTEM\ControlSet003\Services

Drivers

HKLM\SYSTEM\CurrentControlSet\Services
HKLM\SYSTEM\ControlSet001\Services
HKLM\SYSTEM\ControlSet002\Services
HKLM\SYSTEM\ControlSet003\Services

Boot Execute

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager, BootExecute +
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager, Execute
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager, SetupExecute

Print Monitors

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors

Known Dlls

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls

Lsa Providers

HKLM\SYSTEM\CurrentControlSet\Control\Lsa, Authentication Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa, Notification Packages
HKLM\SYSTEM\CurrentControlSet\Control\Lsa, Security Packages
--
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders, SecurityProviders

Network Providers

HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order

WinSock Providers

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5

Image File Execution Options (Debugger)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

Command Processor

HKLM\SOFTWARE\Microsoft\Command Processor, AutoRun
HKCU\Software\Microsoft\Command Processor, AutoRun

Associations

HKLM\SOFTWARE\Classes\*\shell\open\command
HKCU\Software\Classes\*\shell\open\command

Апплеты панели управления (Control Panel Libraries)

%WinDir%\system32
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls

MVB

HKCU\Control Panel\IOProcs, MVB

Applications

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\BackupPath
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\Cleanuppath
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\DefragPath
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug, Debugger
HKLM\SOFTWARE\Microsoft\Windows Script Host
--
Task Scheduler: %WinDir%\Tasks

ICQ Agent Autostart Apps

HKCU\Software\Mirabilis\ICQ\Agent\Apps

Лучшие программы для анализа и контроля автозагрузки (обе программы бесплатные):

Online Solutions Autorun Manager

AutoRuns © Sysinternals

Автор: Saule
2007

Вернуться к списку статей | На главную