컴퓨터 부팅시 실행되는 프로그램 리스트
(컴퓨터가 느리다면 꼭 점검할 필요가 있다)
실행파일 : 시작레지스터리자료뽑기(regview.txt).exe
아래의 항목을 regview.txt 파일로 추출하는 실행파일입니다.
regedit를 실행하면 한눈에 들어오지 않아 쉽게 보기위해 만들어 본 프로그램입니다.
윈도우 시작시 실행되는 파일들의 레지스터리 위치.
;HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
;HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
;HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
;HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
;HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
;HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
;HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
;HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
;HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
;HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
참고 : http://hallang.tistory.com/225
정상 레지스터리 샘플
HKEY_CURRENT_USER,Software\Microsoft\Windows\CurrentVersion\Run
MyPeople:="C:\Program Files\Daum\MyPeople\MyPeople\MyPeople.exe" -startup
ctfmon.exe:=C:\WINDOWS\system32\ctfmon.exe
HKLM,Software\Microsoft\Windows\CurrentVersion\Run
Hidirect:=C:\windows\system32\cmmss.exe
MSCLIENT:=C:\WINDOWS\NICS\Client.exe
safeout:=C:\WINDOWS\nics\safeout.exe
1:=c:\nics.bat
SoftcampDS:=C:\WINDOWS\Softcamp\SDS\SDSLaunc.exe
ActivePost Standard:="C:\Program Files\SKB Messenger\SKB_Messenger.exe"
CleanMem Mini Monitor:=C:\Program Files\CleanMem\Mini_Monitor.exe /startup
AhnLab V3Lite Tray Process:="C:\Program Files\AhnLab\V3Lite\V3LTray.exe" /logon
SOFTWARE:=
HKLM,Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Key:=98330701
GinaDLL:=SCGina.dll
DisableCAD:=1
DefaultDomainName:=PC-201211080840
AltDefaultDomainName:=PC-201211080840
AltDefaultUserName:=User1
ShowLogonOptions:=0
HibernationPreviouslyEnabled:=1
WinStationsDisabled:=0
SFCDisable:=0
DebugServerCommand:=no
Background:=0 0 0
LogonType:=1
UIHost:=logonui.exe
AllowMultipleTSSessions:=0
scremoveoption:=0
passwordexpirywarning:=14
forceunlocklogon:=0
cachedlogonscount:=10
allocatefloppies:=0
allocatedasd:=0
allocatecdroms:=0
PreloadFontFile:=gulim
SfcQuota:=4294967295
VmApplet:=rundll32 shell32,Control_RunDLL "sysdm.cpl"
Userinit:=C:\WINDOWS\system32\userinit.exe,
System:=
ShutdownWithoutLogon:=0
Shell:=Explorer.exe
ReportBootOk:=1
PowerdownAfterShutdown:=0
LegalNoticeText:=
LegalNoticeCaption:=
DefaultUserName:=User1
AutoRestartShell:=1
Credentials:=
SpecialAccounts:=
Notify:=
GPExtensions:=
HKEY_CURRENT_USER,Software\Microsoft\Windows NT\CurrentVersion\Windows
Device:=print,winspool,Ne00:
Programs:=com exe bat pif cmd
NullPort:=None
NetMessage:=no
load:=
DosPrint:=no
Documents:=
DebugOptions:=2048
HKEY_LOCAL_MACHINE,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
wlballoon:=
termsrv:=
SensLogn:=
sclgntfy:=
Schedule:=
ScCertProp:=
igfxcui:=
dimsntfy:=
cscdll:=
cryptnet:=
crypt32chain:=
HKEY_LOCAL_MACHINE,Software\Microsoft\Windows NT\CurrentVersion\Windows
USERProcessHandleQuota:=10000
TransmissionRetryTimeout:=90
swapdisk:=
Spooler:=yes
GDIProcessHandleQuota:=10000
DeviceNotSelectedTimeout:=15
AppInit_DLLs:=