Windows auto-start Methods

Source: Internet
Author: User

Preface:

Sometimes people often have a headache for the startup of a program, because some users often do not know how those files are started. So there are often useless things hanging on the system to occupy resources. Sometimes someone has a headache because they don't know how to start a file. Even more, the authors of trov easily discover their Trojans because they do not know the system's self-starting method ......

There are actually many ways to enable Windows. In addition to some common startup methods, there are also some very concealed methods that can be used to start files. This article is summarized as follows, although not all, but I think it will be helpful to everyone. All articles are subject to the default system status for research.

English represents the English operating system and Chinese represents the Chinese operating system. This document does not indicate that Windows 98 is a Chinese operating system.

Warning:
Some operations mentioned in this article may involve system stability. For example, incorrect use of the Registry Editor may cause serious problems such as re-installing the system. Microsoft cannot guarantee that the results caused by abnormal use of the Registry Editor can be solved. I am not responsible for the use of the consequences, please use according to your own situation.

Windows auto-start mode:
I. self-starting directory:

1. The first self-starting directory:
The default path is:
C: windowsstart menuprogramsstartup (English)
C: windowsstart menuprograms startup (Chinese)
This is the most basic and commonly used Windows Startup method. It is mainly used to start self-starting projects of some applications, such as Office shortcut menus. Generally, you can start the files you want to start at startup by simply placing the files or their shortcuts in the folder.

Corresponding Registry location:
[Hkey_current_usersoftwaremicrosoftwindowscurrentversionpolicershell Folders]
Startup = "% Directory %"
[Hkey_current_usersoftwaremicrosoftwindowscurrentversionpoliceruser Shell Folders]
Startup = "% Directory %"
"% Directory %" is the Startup Folder location.

The default English version is:
C: windowsstart menuprogramsstartup
The default Chinese characters are:
C: windowsstart menuprograms startup

The "start" folder in the Start menu can be changed. If you change the Startup Folder, the key values of the above registry are changed to the corresponding name.

It is worth noting that the content in the "Start" folder in the Start menu can be clearly viewed by users by default. However, modifications can be made to achieve the purpose of relatively concealed startup:

First, the shortcut or other file attributes in the "Start" folder can be changed to "hidden ". In this way, the hidden files are not started by the system, and the startup function can be restored by changing the file attributes when the system needs to be started.
Second, in fact, the "Start" folder is just a normal folder, but the system monitors this folder, so it becomes somewhat special, but the folder has some functions, as well as the folder. For example, the name of the "Start" folder can be changed, and the "Start" folder can also set properties. If you set the attribute to "hide ", the "start" folder is not displayed in the "Start" program "menu in the system (even if" show all files "is set in" Folder Options "). The system also starts non-hidden files in the hidden folder.
Sensitive people may have discovered problems. For example:

If I want to start the server of Trojan A, I can change the name of the original "start" menu to "StartUp" (here it is changed randomly, the corresponding key value of the registry is also automatically changed .) Create a folder named "start" and copy all the files in the "StartUp" menu to the "Start" menu, put the server program of Trojan A in the "StartUp" folder, and hide the "StartUp" folder. Success!

From the appearance, the user's "start" and "start" directory are still located, and the files to be started are also located. However, the file started by the system is not a file in the folder named "start", but a file in the folder named "StartUp. If the trojan is good, you can copy the files in "StartUp" to the "StartUp" directory every time you start the system to update the StartUp directory in real time. Because the "StartUp" folder is hidden, the "StartUp" menu cannot be seen in the "Start" program ", so the hidden StartUp is achieved!
Although this startup method is relatively concealed, it can still be seen on the "Start" page through msconfig.

2. The second self-starting directory:
Yes, in fact, there is another self-starting directory in Windows, which is obviously but often ignored.
The path is located:
C: WINDOWSAll UsersStart MenuProgramsStartUp (English)
C: WINDOWSAll UsersStart MenuPrograms startup (Chinese)
This directory is used in the same way as the first self-starting directory. You only need to find the Directory and drag and drop the files to be started to start the directory.
[Hkey_local_machinesoftwaremicrosoftwindowscurrentversionpoliceruser Shell Folders]
"Common Startup" = "% Directory %"
[Hkey_local_machinesoftwaremicrosoftwindowscurrentversionpolicershell Folders]
"Common Startup" = "% Directory %"

It is worth noting that this directory is completely invisible in the "Start" directory of the Start Menu. With each startup, non-hidden files in this directory will also be started! In addition, you can see the file to be started under this directory in Msconfig.

Ii. Start the system configuration file:

Because the system configuration files are quite unfamiliar to most users, these startup methods are relatively hidden, therefore, some of the methods mentioned here are often used for some destructive operations. Please note that.

1. Start Windows. INI:
Startup location (file.exe is the name of the file to be started ):
[Windows]
Loadpolicfile.exe
Runningfile.exe
Note: The difference between load = and run = is that by using load = to run a file, the file will be run (minimized) in the background, and by running =, the file is run by default.

2. Start SYSTEM. INI:
Startup location (file.exe is the name of the file to be started ):
Default Value:
[Boot]
Shell‑assumer.exe
After the file can be started:
[Boot]
Shell‑assumer.exe file.exe
Note:
I remember that in a book written by Mr. Norton (the person who developed the Norton software), I once said that the files 1 and 2 have no impact on the system, however, due to the time, I did not have time to test. If you are interested, you can try it.

However, it is certain that such a startup method is often used by Trojans or some prank programs (such as the kiss of the demon), leading to abnormal system performance. Generally, users seldom care about these two files, and even some people do not know what these files are for, so they are very concealed. However, as it is used more and more frequently, this startup method is gradually noticed. You can use the msconfig command to check whether any program is loaded. Specifically, enter msconfig and press enter in "run" in the menu, and then follow the text instructions.

Note:
1.different from win.ini files, system.inican only start a specified file. Replacing shell‑policer.exe file.exewith shell‑file.exe will paralyze Windows!
2. This startup method is earlier than Registry Startup. Therefore, if you want to restrict the startup of files in the registry, use this method.
3. Start WININIT. INI:
The Wininit. ini file may not be known to many users. In general operations, users rarely directly access this file. However, if you have compiled an uninstall program, you may know the file.
WinInit is the Windows Setup Initialization Utility. It is the installation and initialization tool for Windows. If you see the following prompt:
Please wait while Setup updates your configuration files.
This may take a few minutes...
Everyone may know it! This is what Wininit. ini is working!

In Windows, many executable files and driver files are executed into the memory and are protected by the system. Therefore, changing these files in the normal Windows State becomes a problem, so the Wininit. ini file appears to help the system do this. Before the system loads Windows, the system executes commands, including copying, deleting, and renaming, to update files. The Wininit. ini file exists in the Windows directory. However, we usually cannot find this file in the C: Windows directory. We can only find the exeprogram wininit.exe. The reason is that Wininit. ini will be automatically deleted by the system every time it is executed by the system until a new Wininit. ini file appears again ...... And then deleted.
File Format:
[Rename]
File1 = file2
File1 = file2 means to copy a file named file1 from file2, which overwrites file1.
In this way, Windows will update file1 with file2; If file1 does not exist, the actual result is to copy file2 and change it to file1; if you want to delete the file, run the following command:
[Rename]
Nul = file2
This means to change file2 to null, that is, to delete it.
The above file names must contain the complete path.

Note:
1. Since Wininit. ini files are processed before Windows starts, long file names are not supported.
2. The above files are copied, deleted, renamed, and executed without prompting users. Some viruses also use this file to damage the system, so if you find that the system appears for no reason:
Please wait while Setup updates your configuration files.
This may take a few minutes...
Then the system may be faulty.
3. Windows 95 Resource Kit mentioned that the Wininit. ini file has three possible segments, but only describes the [rename] segment usage.
4. Start WINSTART. BAT:
This is a batch file started by the system. It mainly serves to process tasks that need to be copied and deleted. For example, some software is required to be restarted after installation or uninstallation.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.