Методы автозапуска программ
Добавил(а) microsin
Программы в операционных системах могут автоматически запускаться множеством способов, что активно используется вирусами.
1. Папка Автозагрузка (%USERPROFILE% \ Start Menu \ Programs \ Startup \, %ALLUSERSPROFILE% \ Start Menu \ Programs \ Startup\). Частенько использовалась вирусами. Кроме проводника, можно просмотреть и отредактировать программой msconfig.exe.
2. Ветка реестра HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run. Тоже частенько используется вирусами. Кроме regedit, можно просмотреть и отредактировать программой msconfig.exe. Ещё могут быть записи в ..\RunOnce и ..\RunOnceEx.
3. Ветка реестра HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Group Policy \ State \ Machine \ Scripts \ Startup \. Записи там появляются при изменении политики локального компьютера (mmc.exe \ Добавить или удалить оснастку \ Редактор объектов групповой политики \ объект “Локальный компьютер”). Если, например, добавить программу %SystemRoot%\system32\calc.exe (Политика “Локальный компьютер” \ Конфигурация компьютера \ Конфигурация Windows \ Сценарии (запуск/завершение) \ Автозагрузка, путь к скрипту или программе надо обязательно указывать полностью, даже если она лежит в %SystemRoot%\system32), то она запускается и висит до приглашения о логоне — это приглашение появится только после того, как calc.exe завершить. Эта автозагрузка срабатывает при инициализации Windows (после включения питания или полной перезагрузки). Можно, кстати, настроить автозапуск и на момент завершения работы Windows (тем же редактором объектов групповой политики).
4. Ветки HKEY_CURRENT_USER \ Software \ Policies \ Microsoft \ Windows \ System \ Scripts, HKEY_USERS \ S-1-5-21-1864085942-2410699049-2459454283-1003 \ Software \ Policies \ Microsoft \ Windows \ System \ Scripts, где безумное число S-1-5-21-1864085942-2410699049-2459454283-1003 представляет из себя идентификатор пользователя. Эти записи тоже появляются с помощью редактора объектов групповой политики, но не в “Конфигурации компьютера”, а в “Конфигурации пользователя”. Внесенные изменения вступают в силу немедленно (перезагрузка не требуется). Эта автозагрузка срабатывает сразу после успешного логона пользователя. Можно, кстати, настроить автозапуск и на время завершения сеанса (тем же редактором объектов групповой политики).
5. Планировщиками — либо консольной командой AT, либо через Панель управления \ Назначенные задания.
6. Автоза пуск в W2003 Server (и в W2k?) кроме всех стандартных известных способов, может происходить ещё из ветки реестра
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache
При этом Name устанавливается в путь до автозапускаемой программы (вместе с параметрами), Type устанавливается в REG_SZ, а в Data пишется комментарий (описание программы). Таким образом у меня запускалась каждый раз при перезагрузке и логине программа установки CakeWalk Pro Audio 9.
7. С помощью Browser Helper Objects (BHO) — позволяет запускать программы при старте Internet Explorer и событий, происходящих в нем. Частенько используется вирусами и spyware.
8. Для систем NT/XP ключ реестра HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon\ Shell указывает на запускаемую оболочку (по умолчанию там прописано Explorer.exe). Для Windows 9x используется в раздел [boot] файла system.ini, строка shell=explorer.exe.
9. При запу ске интерпретатора cmd.exe могут запускаться приложения, настроенные на ветки реестра
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\AutoRun
и
HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
См. подсказку к cmd.exe (выдается при запуске с опцией /?).
Windows 7 / Getting Started
Command Prompt’s equivalent to the old MS-DOS Autoexec batch mechanism is a feature
called AutoRun. By default, Command Prompt executes on startup whatever it finds in the
following two registry values:
- The AutoRun value in HKLM\Software\Microsoft\Command Processor
- The AutoRun value in HKCU\Software\Microsoft\Command Processor
The AutoRun value in HKLM affects all user accounts on the current machine. The AutoRun
value in HKCU affects only the current user account. If both values are present, both are
executed-HKLM before HKCU.
Both AutoRun values are of data type REG_SZ, which means they can contain a single
string. (You can enter a multistring value, but Windows ignores all but the first string.) To
execute a sequence of separate Command Prompt statements, therefore, you must use
command symbols or store the sequence as a batch program, and then use AutoRun to call
the batch program.
To specify an AutoRun value, open a registry editor and navigate to the Command Processor
key in either HKLM or HKCU. Create a new string value there, and name it AutoRun.
Then specify your command string as the data for AutoRun, exactly as you would type it at
the command prompt.
To disable AutoRun commands for a particular Command Prompt session, start Cmd with
/D. For more about Command Prompt’s command-line syntax, see the next section.
Skip to content
Hi folks
Today I was debugging some issues for hours. Some command-line tools from Node.JS, or C++ compiler just complained with weird errors such as File does not exist when the file clearly existed. I was pulling my hair off and then eventually I found it!
cmd.exe has an AutoRun feature. You can add some command to HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\AutoRun or HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun which will be executed any time
I found that I put the following script in that AutoRun setting chcp 65001 . I was trying to do that to fix Unicode characters output in the console. It did not work but I forgot to remove that AutoRun script.
The problem with that script, is that it outputs extra line Active code page: 65001 on every cmd.exe start
Because of that extra lines, all the scripts that rely on parsing scripts output might fail in a weird way.
For example, one of the issues I was encountering https://github.com/desktop/desktop/issues/8454
So if you need to add some script to AutoRun you have to ensure it doesn’t produce any output.
I would think about something like mycoolcommand 1>NUL 2>NUL & SET ERRORLEVEL=0
So this will ensure we did not put anything in stdout, stderr and did not return any bad exit codes
Stay tuned
If you want to run CMD command on startup automatically in Windows 11 or Windows 10, here is how you can do that. It is possible to run almost any command at startup with the help of the Task Scheduler. Here is how you can set things up as per your requirements.
At times, you might want to run a particular command whenever you log into your account. It can be a ping command or anything else. If so, you can follow this guide to learn how you can use the Task Scheduler, the in-built utility, to run any command via Command Prompt on startup on Windows 11 and Windows 10 computers.
To run CMD command on startup automatically in Windows 11/10, follow these steps:
- Open Task Scheduler on your computer.
- Click the Create Task button.
- Enter the task name and choose Windows 10 from the Configure for menu.
- Go to the Triggers tab and click the New button.
- Choose At startup from the Begin the task menu.
- Click the OK button.
- Go to the Actions tab and click the New button.
- Enter a command in the following format.
- Click the OK button.
- Click the Yes button.
- Click the OK button.
To learn more about these steps, continue reading.
First, you need to open the Task Scheduler on your computer. For that, you can search for task scheduler in the Taskbar search box and click on the individual search result. Then, click on the Create Task button.
Following that, enter the task name and a description in the General tab. Then, expand the Configure for menu and choose the Windows 10 option from the list.
Next, go to the Triggers tab, expand the Begin the task menu and select the At startup option.
Click the OK button, switch to the Actions tab, and click the New button.
Make sure that the Start a program option is selected in the Action menu. If so, enter the desired command in this format:
"C:\Windows\System32\cmd.exe" /k [command]
For your information, you need to enter the /k parameter to define the command. Let’s assume that you want to pin a website. If so, you need to enter this command:
"C:\Windows\System32\cmd.exe" /k ping www.thewindowsclub.com
Once done, click the OK button. It asks you to confirm the command. If a popup appears, click the Yes button to confirm.
Next, click the OK button to save the change. Following that, your command will run on startup automatically whether you use Windows 11 or Windows 10.
That’s all! Hope this guide helped.
Read: Command Prompt cmd.exe keeps popping up on Startup
How do I make Command Prompt run automatically?
There are two ways to make Command Prompt run automatically on Windows 11/10 PC. First, you can add the Command Prompt in the Startup folder on your computer. Second, you can use the Task Scheduler to create a task that will run the Command Prompt on startup. However, if you want to run a CMD command on startup instead of the Command Prompt, you can use the aforementioned guide to get the job done.
Read: How to Run commands of Command Prompt with a Desktop Shortcut
How do I add a Command Prompt to Windows 11/10 startup?
To add Command Prompt to Windows 11/10 Startup, you have multiple options. First, you can use the Startup folder to run it whenever you log in. Second, you can use the Local Group Policy Editor to use the Run these programs at user logon setting to set things up. Third, you can use Task Scheduler to add Command Prompt on startup. Whether you want to run only a Command Prompt or a CMD command, you can use the Task Scheduler to get that done. However, it is not possible with other methods.
Read: Disable Startup programs in Windows using Task Manager, WMIC, GPEDIT, Task Scheduler, MSCONFIG, Settings.
.
When I was looking at the documentation for the registry and keys associated with the command processor I came across this:
Hmm. For the fun of it I opened up the key and put ‘notepad.exe’ in the AutoRun value.(To see how this actually worked)
Any time I opened a console application, or a command prompt window notepad would launch – and the command processor would not start until it was closed. This includes the users login script.
So. This means whatever program I put in this key will execute, and the command processor will wait for it to finish before continuing.
This is perfect for something I was trying to do a few months back. I wanted to dynamically set a few environment variables – and have them available to any console based application. I tried putting it in the logon script, but that didn’t work since the environment variables only lasted for that session.
I ended up using the CALL command within each batch file I had. This was difficult because the batch files were part of an aging third party application – There were hundreds of them. Also some of them were automatically generated from time to time by the application, so the solution was not perfect.
I went back and setup my “set environment variables” batch file in the AutoRun key of the registry (Side note – make sure you put quotes around the full path of the filename in this key…or it will get lost on the first space it sees).
Then I removed my added call commands. Now when I ran any command prompt my custom environment variable script executed dutifully.
Better yet, since it is a registry key I was able to write a quick login script that updated all the clients on the network with the new setting.
I am not sure how often most administrators will need to use this registry key, since usually a login script will work for what you need. Still – the AutoRun key for the command prompt has its purpose. Now that you know it is there you have the option to use it when needed.
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools