10 methods for automatically starting a program under Windows 98

1. Autostart File
C: \ windows \ start menu \ programs \ startup {chinese/english}
C: \ windows \ Menu D javasarrer \ Programmes \ D javasarrage {french}
Location in the Registry: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell
Folders Startup = "C: \ windows \ start menu \ programs \ startup"
So it will be easily changed by the program

2. Win. ini
[Windows]
Loadpolicfile.exe
Runningfile.exe

3. System. ini [boot]
Shell‑assumer.exe file.exe

4. c: \ windows \ winstart. bat
It seems normal, but every time it is restarted

5. Registry Key
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ RunServices]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ RunServicesOnce]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ RunOnce]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ RunOnce]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ RunServices]

6. c: \ windows \ wininit. ini
Once running, it is deleted by windows.
Example: (content of wininit. ini)
[Rename]
NUL = c: \ windows \ picture.exe
Example: set c: \ windows \ picture.exe to NUL, which means to delete it and execute it completely concealed!

7. Autoexec. bat
Start each time in DOS

8. Registry Shell Spawning (have Subseven been used? Check it out)
[HKEY_CLASSES_ROOT \ exefile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_CLASSES_ROOT \ comfile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_CLASSES_ROOT \ batfile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_CLASSES_ROOT \ htafile \ Shell \ Open \ Command] @ = "\" % 1 \ "% *"
[HKEY_CLASSES_ROOT \ piffile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ batfile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ comfile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ exefile \ shell \ open \ command] @ = "\" % 1 \ "% *"
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ htafile \ Shell \ Open \ Command] @ = "\" % 1 \ "% *"
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ piffile \ shell \ open \ command] @ = "\" % 1 \ "% *"

These "% 1% *" values need to be assigned. If you change them to "server.exe % 1% *",
Server.exe will be executed at each startup, and all files such as exe/pif/com/bat/hta can be executed

9. Icq Inet
[HKEY_CURRENT_USER \ Software \ Mirabilis \ ICQ \ Agent \ Apps \ test]
"Path" = "test.exe"
"Startup" = "c: \ test"
"Parameters" = ""
"Enable" = "Yes"

[HKEY_CURRENT_USER \ Software \ Mirabilis \ ICQ \ Agent \ Apps \
When icq finds a network connection, it will be executed (the key value of icq2000b is different, but you can find it by yourself)
Have you found that OICQ has this problem? ^_^...

9. Miscellaneous
Find the following key values:
[HKEY_LOCAL_MACHINE \ Software \ CLASSES \ ShellScrap]
@ = "Scrap object" "NeverShowExt" = ""

The NeverShowExt key can be used to hide the name extension of the SHS file.
If you change the name of a file to "abc.jpg. shs", only "abc.jpg" is displayed"
If your registry contains many NeverShowExt key values, delete them.
Note:
These methods cannot all adapt to Win2K, but you can detect them by yourself.