• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

windows regidtry question

#1
I found that MSCONFIG wont remove everything from startup. Programs can still hide in the registry and startup when your pc loads. All the registry keys are below. What i want to know is there a way to copy and paste those strings somewhere and it will bring me directly to that place, so i dont have to manually goto those locations all the time? Or if there is a program that will do that. Thanks in advance.


Here is the list of all Registry spots that could potentially load applications on Windows startup (you may or may not find them on your computer, depending on version of Windows you have):All of these willnot be found in MSCONFIG

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\load
 

Zaphod1620

OSNN Junior Addict
#3
I don't know of a way to "jump" to a spot in the registry. I think they purposely make it difficult to navigate through the registry to scare off novices from mucking about in there. However, if you are attempting to slim down your startup processes, you can check the services on your machine, by running "services.msc" This will show ALL the services, and when and if they start up on your machine. A great guide for tweaking these are here.-Zaphod
 
#4
not looking to slim my services. I am thinking about spyware/viruses. When they imbed them selves into the OS and MSCONFIG wont pick it up. Sometimes they hide in the registry startup places described above. its just annoying to manually goto each string. I am all about shortcuts :)
 
#5
Use the Favorites menu built into regedit. First go to the key you want, and select Favorites>Add to Favorites. Do that for all of the above keys, and they'll be stored so that you can get to them quickly next time. :)
 

hawedi

supermod@windows-board.de
#9
Use a vbs-script like this, replace strKeyPath as you need. Save the file for example as runs.vbs. Multiple vbs-files you may merge to a batch-file or other.
Const HKEY_LOCAL_MACHINE = &H80000002
Const REG_SZ = 1
Const REG_EXPAND_SZ = 2
Const REG_BINARY = 3
Const REG_DWORD = 4
Const REG_MULTI_SZ = 7

strComputer = "."

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")

strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Run"

oReg.EnumValues HKEY_LOCAL_MACHINE, strKeyPath, _
arrValueNames, arrValueTypes

For i=0 To UBound(arrValueNames)
Wscript.Echo "Value Name: " & arrValueNames(i)
Next
Sorry, it´s half past eleven pm CET, therefore my English drops down :)
 

hawedi

supermod@windows-board.de
#16
celticfan11 wrote :
never wrote or did anything with VB scripts... i understand batch files..not vb scripts...


Well, I believe there is no CMD-Batch-Command to analyse the windows registry. But the link posted by j79zlr refers to http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
The autorunstool especially autorunsc.exe, the command-line version of autoruns is a good basic approach.

I extracted this file (autorunsc.exe) from the downloaded zip-file to a new folder (for example I:\tools\autoruns in my way)

Next I build this batch - named compare.bat in the same folder :
@echo off
if not exist log.old goto :firstrun
copy /y log.new log.old > nul
autorunsc > log.new
fc log.old log.new > nul
goto answer%errorlevel%

:answer1
echo.
echo.
echo ***** ATTENTION ***** YOU HAVE NEW ENTRIES *****
echo.
pause

:answer0
goto :the_end

:firstrun
autorunsc > log.old
echo.
echo.
echo ***** MAYBE YOU RUN THIS FOR THE FIRST TIME ***** PLEASE RETRY LATER *****
echo.

:the_end
exit


I started compare.bat to create the initial level and then I added the location of my batch-file
first to one of this auto-run locations and at last to autostart - folder.

Running my compare.bat again and the batch notified me that there was an alternation.




Now I deleted the entry of my virus-av-guard using the (same, but GUI - ) tool autoruns and restarted my computer.
Perfect - it advised me about this change in the registry. O.K. - it is not the fastest way and expanding with the using syntax of autorunsc.exe it will become particularly slow.

But the main thing for my study was : less tools as possible !
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,017
Latest member
bettyicrewsi