关于智能删除注册表启动项的问题
就是读出HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run里面有多少启动项,,
然后只保留想要的启动项如“输入法”"双核补丁程序"等
把其它的都删除掉
应该要怎么样子写,,请老大们给点提示,或者帮助一下,, 因为已经研究很久了。。谢谢 删除注册表启动项容易,但智能很难.
怎么判断启动项非法呢?文件名?数字签名?路径?
也许需要一个强大的库来进行比对 回复 2# 3mile
你Q多少,我加你,我有源码只是不会用{:face (239):} 回复 3# 网络凯子
源码共享一下一起研究撒 {:face (303):} 整个键值全部删除就行了。这样启动更快。输入法什么的也不会受影响。 本帖最后由 lixiaolong 于 2011-1-15 22:15 编辑
回复 1# 网络凯子
这样不行吗?
指定要保留的注册表值,其他的都删除.
delregkey('指定注册表项名', '不想删除的值', '不想删除的值', '不想删除的值')
delregkey($regkey, $key1, $key2, $key3)
默认能指定3个值.
注意:
不要写错要保留的值,要不然的话想保留的值也给删除了.
要不自己加个判断.
请先备份注册表再试.
$a = 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
delregkey($a, 'ATKMEDIA', 'ETDWare', 'HControlUser');不想删除的值(3个)
Func delregkey($regkey, $key1, $key2, $key3)
For $i = 1 To 100
$key = RegEnumVal($regkey, $i)
If @error <> 0 Then
MsgBox(0, 0, '删除前:' & $i & '个启动项')
ExitLoop
EndIf
Next
$i = 1
While 1
$key = RegEnumVal($regkey, $i)
If @error <> 0 Then
MsgBox(0, 0, '删除后:' & $i & '个启动项')
ExitLoop
EndIf
If $key = $key1 Or $key = $key2 Or $key = $key3 Then
$i += 1
ContinueLoop
Else
RegDelete($regkey, $key)
EndIf
WEnd
EndFunc ;==>delregkey 好东西 收藏 弱弱地说下,注册表启动项的位置很多处的,并不止 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
这一处 所以嘛,,,要整出来大家才能用嘛哈。 如果只是想保留你所说的两个的话,你可以先把所有的都删除, 再新建你自己要保留的, 当然、你要保留的也可以做下判断, 看他的指定目标是不是存在 。{:face (280):} 嗯.我在网吧用的也是10楼的办法.先直接把Run删了,再建自己要留的.
也就是RegRead和RegWrite两个函数就可以解决了的. 本帖最后由 netegg 于 2011-1-25 06:43 编辑
不想帖整个脚本了,你要的启动项在这些里面[大体齐了],可以自己慢慢看
"HKCU\SOFTWARE\Policies\Microsoft\Windows\SYSTEM\Scripts"
"HKCU\SOFTWARE\Policies\Microsoft\Windows\SYSTEM\Scripts\Logon"
"HKCU\SOFTWARE\Microsoft\Windows\SYSTEM\Scripts"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SYSTEM\Shell"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SYSTEM\Shell"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Run"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\RunonceEx"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
"HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions"
"HKCU\SOFTWARE\Microsoft\Command Processor\Autorun"
"HKCU\Control Panel\Desktop\Scrnsave.exe"
"HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"
"HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute"
"HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls"
"HKLM\SYSTEM\CurrentControlSet\Control\BootVerificationProgram\ImageName"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\SYSTEM\Shell"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"
"HKLM\SOFTWARE\Classes\Protocols\Filter"
"HKLM\SOFTWARE\Classes\Protocols\Handler"
"HKLM\SOFTWARE\Classes\Folder\Shellex\ColumnHandlers"
"HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"
"HKLM\SOFTWARE\Microsoft\Command Processor\Autorun"
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar"
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars"
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\RunonceEx"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SYSTEM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman"
"HKLM\SOFTWARE\Policies\Microsoft\Windows\SYSTEM\Scripts"
"HKLM\SOFTWARE\Policies\Microsoft\Windows\SYSTEM\Scripts\Logon"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run"
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
@StartupCommonDir
@StartupDir
顶楼上的,为写启动项工具的人做出了贡献! 回复 12# netegg
这么多都是启动项? 收藏一下12楼的启动项资料
页:
[1]
2