Introduction to the Windows 7 system boot entry

We know that Windows has its own startup folder, which is the most common startup project, but many people pay little attention to check it carefully. If you load the program into this folder, the system will automatically load the program when it starts, and because it is exposed, it is very easy to be changed by external factors.

First, the specific location is the "Start" option in the "Start" menu

The location on the hard disk is: C:\\Documents andSettings\\Administrator\\"Start" menu\\Programs\\ Start;

The location in the registry is:

HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run

Second, Msconfig

Msconfig is "System Configuration Utility" in Windows system, it can be wide enough, including: system.ini, win.ini, startup project, and so on. Similarly, it is also a place that the self-starting program likes to stay very much!

1.System.ini

First, enter "msconfig" in the "Run" dialog box to start the system configuration utility (under The same), find the system.ini tag, inside the "shell=..." can be used to load special programs. If your shell= is not the default explorer.exe, or there is a program name behind it, then you should be careful, please check the corresponding program is safe!

2.Win.ini

If we want to load a program: hack.exe, then it can be in win. Ini is implemented with the following statement:

[Windows]

load=hack.exe

run=hacke.exe

What to do, You should know it!

At this point, use the system settings in the Rubik's Cube (click here to download) - Startup settings, at a glance, and you can easily remove and add startup items.

3. "Startup" project

The startup tab in the System Configuration Utility is not the same thing as the "Startup" folder we mentioned above. This is the system configuration utility. The startup project is a collection of Windows system startup projects. Almost all startup projects can be found here - of course, specially programmed programs can be displayed here by other methods.

Open the "Startup" tab, the "Startup Project" lists the name of the boot program, the "Command" is the specific program add-on command, and the last "Location" is the program in the registry. Corresponding location. You can perform detailed path and command check on suspicious programs. Once you find an error, you can use the "Disable" below to disable the program from loading at boot time.

Generally speaking, except for the startup project of the system software based on the hardware part and the kernel part, other startup items can be changed appropriately, including: anti-virus program, specific firewall program, playback software, memory Management software, etc. In other words, the startup project contains a list of all our visible programs, and you can use it to manage your startup program.

Three, the corresponding startup load project in the registry

The startup project of the registry is the favorite of viruses and Trojans! The intractability of many virus Trojans is realized through the registry. So, usually you can download a registry monitor to monitor changes to the registry. Later versions of Rubik's Cube (click here to download) will also add a series of security features to monitor malware modifications to the system, etc. . Especially when installing new software or running a new program, be sure not to be confused by the beautiful appearance of the program. Be sure to see if its essence is the Trojan's camouflage shell or bundled program! If necessary, you can restore the registry according to the backup. There are many such registry programs online, so I won't go into details here. ---www.bianceng.cn

We can also manually check the corresponding location in the registry, although many of them are duplicated above, but for network security, be careful Never be too much!

Be sure to compare the corresponding keys in the safe and clean system registry. If you find inconsistencies, be sure to find out what it is! Don't trust the "system" written outside, "Windows", "programfiles" and other names, everyone knows the "what to cover". If you have a detailed comparison, you can be sure that it is an unknown program, don't be soft, delete it now!

Four, Wininit.ini

We know that the Windows installer often calls this program to achieve After the installation process, delete the work, so don't underestimate it. If you do it on it, it can be said to be very hidden and perfect!

It is opened in the Windows directory of the system disk with Notepad. It (sometimes the wininit.hak file) can see the corresponding content. Obviously, we can add corresponding statements to the purpose of modifying the system program or deleting the program. If it is a file-related Trojan, you can use winint.ini to delete the original file after infection, so as to truly hide yourself!

Five, DOS battle

Finally, let's talk about it The startup project under DOS is loaded, and the files such as config.sys, autoexec.bat, *.bat, etc. can be loaded in a specific programming manner. So don't think that DOS is an outdated thing. Programming under good DOS can often achieve very simple and very useful functions.