启动项添加
注册表配置方式:
当前用户启动项
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /t REG_SZ /d "程序完整路径" /f
# 所有用户启动项 (需管理员权限)
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /t REG_SZ /d "程序完整路径" /fpowershell
# 当前用户
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Run" -Name "程序名" -Value "程序路径"
# 所有用户 (需管理员权限)
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "程序名" -Value "程序路径"schtasks计划任务
# 创建开机启动任务
schtasks /create /tn "任务名" /tr "程序路径" /sc onlogon /rl highest
# 创建系统启动任务
schtasks /create /tn "任务名" /tr "程序路径" /sc onstart /ru system傻瓜式方法3
# 打开当前用户启动文件夹
explorer "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
# 打开所有用户启动文件夹 (需管理员权限)
explorer "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp"
# 直接复制文件到启动文件夹
copy "程序路径" "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\"也可以在文件管理器输入shell:startup打开对应文件夹,然后防止对应的快捷方式或者程序,而对于老版本window实际上菜单里面就能找到启动的菜单ui,window 10 11,已经砍掉了.
注册表查询
# 查看注册表启动项
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Run"
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
# 删除启动项
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /f
# 查看计划任务
schtasks /query /fo table
# 删除计划任务
schtasks /delete /tn "任务名" /f启动项获取报告bat
@echo off
chcp 65001 >nul
setlocal enabledelayedexpansion
title 开机启动项一键检测工具
echo.
echo =====================================
echo 开机启动项一键检测工具 v1.0
echo =====================================
echo.
:: 创建输出文件
set "output=%~dp0启动项检测结果_%date:~0,4%%date:~5,2%%date:~8,2%_%time:~0,2%%time:~3,2%%time:~6,2%.txt"
set "output=%output: =0%"
echo 正在检测系统启动项,请稍候...
echo.
:: 开始写入结果文件
echo 开机启动项检测报告 - %date% %time% > "%output%"
echo ================================================= >> "%output%"
echo. >> "%output%"
:: 1. 注册表启动项检测
echo [1/8] 检测注册表启动项...
echo ========== 注册表启动项 ========== >> "%output%"
echo. >> "%output%"
echo --- 当前用户启动项 (HKCU\Run) --- >> "%output%"
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" 2>nul >> "%output%"
if errorlevel 1 echo 未找到当前用户启动项 >> "%output%"
echo. >> "%output%"
echo --- 所有用户启动项 (HKLM\Run) --- >> "%output%"
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 2>nul >> "%output%"
if errorlevel 1 echo 未找到系统启动项 >> "%output%"
echo. >> "%output%"
echo --- 一次性启动项 (RunOnce) --- >> "%output%"
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce" 2>nul >> "%output%"
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" 2>nul >> "%output%"
if errorlevel 1 echo 未找到一次性启动项 >> "%output%"
echo. >> "%output%"
echo --- 32位程序启动项 (WOW6432Node) --- >> "%output%"
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" 2>nul >> "%output%"
if errorlevel 1 echo 未找到32位程序启动项 >> "%output%"
echo. >> "%output%"
:: 2. 启动文件夹检测
echo [2/8] 检测启动文件夹...
echo ========== 启动文件夹内容 ========== >> "%output%"
echo. >> "%output%"
echo --- 当前用户启动文件夹 --- >> "%output%"
echo 路径: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup >> "%output%"
if exist "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup" (
dir /b "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup" 2>nul >> "%output%"
if errorlevel 1 echo 文件夹为空 >> "%output%"
) else (
echo 文件夹不存在 >> "%output%"
)
echo. >> "%output%"
echo --- 所有用户启动文件夹 --- >> "%output%"
echo 路径: %PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp >> "%output%"
if exist "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp" (
dir /b "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp" 2>nul >> "%output%"
if errorlevel 1 echo 文件夹为空 >> "%output%"
) else (
echo 文件夹不存在 >> "%output%"
)
echo. >> "%output%"
:: 3. 计划任务检测
echo [3/8] 检测计划任务...
echo ========== 启动相关计划任务 ========== >> "%output%"
echo. >> "%output%"
schtasks /query /fo table /fi "STATUS eq Ready" 2>nul | findstr /i "登录\|启动\|Logon\|Startup\|Boot" >> "%output%"
if errorlevel 1 echo 未找到启动相关的计划任务 >> "%output%"
echo. >> "%output%"
:: 4. 服务检测
echo [4/8] 检测自启动服务...
echo ========== 自动启动服务 ========== >> "%output%"
echo. >> "%output%"
echo 服务名称 启动类型 状态 >> "%output%"
echo ------------------------------------------------ >> "%output%"
wmic service where startmode="auto" get name,startmode,state /format:table 2>nul | findstr /v "^$" >> "%output%"
echo. >> "%output%"
:: 5. WMI启动项检测
echo [5/8] 检测WMI启动项...
echo ========== WMI启动项信息 ========== >> "%output%"
echo. >> "%output%"
wmic startup get caption,command,location /format:table 2>nul >> "%output%"
echo. >> "%output%"
:: 6. 系统信息
echo [6/8] 获取系统信息...
echo ========== 系统信息 ========== >> "%output%"
echo. >> "%output%"
echo 操作系统: >> "%output%"
wmic os get caption,version /format:list | findstr /v "^$" >> "%output%"
echo. >> "%output%"
echo 启动时间: >> "%output%"
wmic os get lastbootuptime /format:list | findstr /v "^$" >> "%output%"
echo. >> "%output%"
:: 7. 启动文件夹路径汇总
echo [7/8] 生成启动路径汇总...
echo ========== 启动文件夹路径汇总 ========== >> "%output%"
echo. >> "%output%"
echo 可以使用以下命令快速访问启动位置: >> "%output%"
echo. >> "%output%"
echo 1. shell:startup # 当前用户启动文件夹 >> "%output%"
echo 2. shell:common startup # 所有用户启动文件夹 >> "%output%"
echo 3. msconfig # 系统配置工具 >> "%output%"
echo 4. taskschd.msc # 任务计划程序 >> "%output%"
echo 5. services.msc # 服务管理 >> "%output%"
echo 6. regedit # 注册表编辑器 >> "%output%"
echo. >> "%output%"
echo 完整路径: >> "%output%"
echo 用户启动: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup >> "%output%"
echo 系统启动: %PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp >> "%output%"
echo. >> "%output%"
:: 8. 生成快速管理命令
echo [8/8] 生成管理命令...
echo ========== 常用管理命令 ========== >> "%output%"
echo. >> "%output%"
echo ■ 添加启动项到注册表: >> "%output%"
echo reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /t REG_SZ /d "程序路径" /f >> "%output%"
echo. >> "%output%"
echo ■ 删除注册表启动项: >> "%output%"
echo reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /f >> "%output%"
echo. >> "%output%"
echo ■ 创建计划任务启动项: >> "%output%"
echo schtasks /create /tn "任务名" /tr "程序路径" /sc onlogon >> "%output%"
echo. >> "%output%"
echo ■ 删除计划任务: >> "%output%"
echo schtasks /delete /tn "任务名" /f >> "%output%"
echo. >> "%output%"
:: 显示结果
echo.
echo =====================================
echo 检测完成!
echo =====================================
echo.
echo 结果已保存到: %output%
echo.
echo 检测到的启动项类型:
echo [√] 注册表启动项
echo [√] 启动文件夹
echo [√] 计划任务
echo [√] 系统服务
echo [√] WMI启动项
echo.
:: 询问是否打开结果文件
set /p choice="是否打开检测结果文件? (Y/N): "
if /i "%choice%"=="Y" (
start notepad "%output%"
) else if /i "%choice%"=="y" (
start notepad "%output%"
)
:: 询问是否打开启动文件夹
echo.
set /p choice2="是否打开启动文件夹进行管理? (Y/N): "
if /i "%choice2%"=="Y" (
start "" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup"
start "" "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp"
) else if /i "%choice2%"=="y" (
start "" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup"
start "" "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp"
)
echo.
echo 感谢使用!按任意键退出...
pause >nul下面是结果报告
开机启动项检测报告 - 2025/08/09 周六 11:15:43.13
=================================================
========== 注册表启动项 ==========
--- 当前用户启动项 (HKCU\Run) ---
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon REG_SZ C:\Windows\system32\ctfmon.exe
SandboxieControl REG_SZ "d:\Program Files\Sandboxie\SbieCtrl.exe"
Feem REG_SZ "C:\Program Files (x86)\Feem 2018\Feem.exe" --hide
Docker Desktop REG_SZ C:\Program Files\Docker\Docker\Docker Desktop.exe -Autostart
360Backup REG_SZ D:\Program Files (x86)\360\360Safe\Utils\WinreBackup\360WinREBackup64.exe /s
MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C REG_SZ "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
JetBrains Toolbox REG_SZ "C:\Users\Administrator\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe" --minimize
BaiduYunDetect REG_SZ "C:\Users\Administrator\AppData\Roaming\baidu\BaiduNetdisk\YunDetectService.exe"
iCloudServices REG_SZ "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
QQNT REG_SZ "D:\Program Files\Tencent\QQNT\QQ.exe" /background
Claude REG_SZ "C:\Users\Administrator\AppData\Local\AnthropicClaude\claude.exe" --startup
DingTalk REG_SZ C:\Program Files (x86)\DingDing\DingtalkLauncher.exe /autorun
ApifoxAppAgent REG_SZ C:\Users\Administrator\AppData\Roaming\apifox\ApifoxAppAgent.exe
--- 所有用户启动项 (HKLM\Run) ---
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SecurityHealth REG_EXPAND_SZ %windir%\system32\SecurityHealthSystray.exe
RTHDVCPL REG_SZ "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
ComputerZ-Tray REG_SZ "d:\Program Files (x86)\LuDaShi\ComputerZTinyTray.exe"
sysdiag REG_SZ "C:\Program Files\Huorong\Sysdiag\bin\hipstray.exe"
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
--- 一次性启动项 (RunOnce) ---
--- 32位程序启动项 (WOW6432Node) ---
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
Cisco AnyConnect Secure Mobility Agent for Windows REG_SZ "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
DkeyMoniter REG_SZ
360Safetray REG_SZ "C:\Program Files (x86)\360\360safe\safemon\360tray.exe" /hidetray
AweSun REG_SZ "D:\Program Files (x86)\Oray\SunLogin\SunloginClient\AweSun.exe" --cmd=autorun
========== 启动文件夹内容 ==========
--- 当前用户启动文件夹 ---
路径: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Ollama.lnk
--- 所有用户启动文件夹 ---
路径: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
Cloudflare WARP.lnk
Tailscale.lnk
========== 启动相关计划任务 ==========
未找到启动相关的计划任务
========== 自动启动服务 ==========
服务名称 启动类型 状态
------------------------------------------------
Name StartMode State
AppHostSvc Auto Running
Apple Mobile Device Service Auto Running
AudioEndpointBuilder Auto Running
Audiosrv Auto Running
AweSunService Auto Running
AzureAttestService Auto Running
BFE Auto Running
Bonjour Service Auto Running
BrokerInfrastructure Auto Running
CDPSvc Auto Running
CoreMessagingRegistrar Auto Running
cplspcon Auto Stopped
CryptSvc Auto Running
DcomLaunch Auto Running
DeviceAssociationService Auto Running
DeviceInstall Auto Stopped
Dhcp Auto Running
DingTalkEventService Auto Running
DispBrokerDesktopSvc Auto Running
Dnscache Auto Running
DoSvc Auto Running
dot3svc Auto Running
DpHost Auto Running
DsmSvc Auto Stopped
DusmSvc Auto Running
EventLog Auto Running
EventSystem Auto Running
FlexNet Licensing Service Auto Running
FontCache Auto Running
GoogleUpdaterInternalService140.0.7273.0 Auto Stopped
GoogleUpdaterService140.0.7273.0 Auto Stopped
gpsvc Auto Stopped
HipsDaemon Auto Running
HPAppHelperCap Auto Running
HPDiagsCap Auto Running
HPNetworkCap Auto Running
HpSvc Auto Running
HPSysInfoCap Auto Running
HpTouchpointAnalyticsService Auto Running
i4ToolsService Auto Running
igccservice Auto Running
igfxCUIService2.0.0.0 Auto Stopped
IISADMIN Auto Running
IKEEXT Auto Running
INODE_SVR_SERVICE Auto Running
Intel(R) TPM Provisioning Service Auto Stopped
iphlpsvc Auto Running
JetBrainsEtwHost.16 Auto Running
jhi_service Auto Running
LanmanServer Auto Running
LanmanWorkstation Auto Running
LMS Auto Running
LSM Auto Running
MapsBroker Auto Stopped
MDCoreSvc Auto Running
MEmuSVC Auto Running
mpssvc Auto Running
msoidsvc Auto Running
MyPublicWiFiService Auto Running
nsi Auto Running
NvContainerLocalSystem Auto Running
NVDisplay.ContainerLocalSystem Auto Running
OpenVPNServiceInteractive Auto Running
PCManager Service Store Auto Running
Power Auto Running
ProfSvc Auto Running
RedgateClient Auto Running
RpcEptMapper Auto Running
RpcSs Auto Running
RstMwService Auto Running
RtkWiFiManServ Auto Running
SamSs Auto Running
Schedule Auto Running
SECOMNService Auto Stopped
SENS Auto Running
ShellHWDetection Auto Running
SmartChatSvc Auto Running
Spooler Auto Running
sppsvc Auto Stopped
SQLTELEMETRY Auto Running
SQLWriter Auto Running
StateRepository Auto Running
StiSvc Auto Running
StorSvc Auto Running
SvpnService Auto Running
SystemEventsBroker Auto Running
TextInputManagementService Auto Running
Themes Auto Running
TrkWks Auto Running
UniVPNService Auto Running
UserManager Auto Running
UsoSvc Auto Running
W32Time Auto Running
W3SVC Auto Running
Wcmsvc Auto Running
WinDefend Auto Running
Winmgmt Auto Running
WireGuardManager Auto Running
WlanSvc Auto Running
WMIRegistrationService Auto Running
WpnService Auto Running
wscsvc Auto Running
WSearch Auto Running
WslInstaller Auto Stopped
WSLService Auto Running
XLServicePlatform Auto Running
XTU3SERVICE Auto Running
ZhuDongFangYu Auto Running
cbdhsvc_2497b5 Auto Running
CDPUserSvc_2497b5 Auto Running
OneSyncSvc_2497b5 Auto Running
webthreatdefusersvc_2497b5 Auto Running
WpnUserService_2497b5 Auto Running
WireGuardTunnel$51820 Auto Running
========== WMI启动项信息 ==========
C a p t i o n C o m m a n d L o c a t i o n
O n e D r i v e S e t u p C : \ W i n d o w s \ S y s t e m 3 2 \ O n e D r i v e S e t u p . e x e / t h f i r s t s e t u p H K U \ S - 1 - 5 - 1 9 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
O n e D r i v e S e t u p C : \ W i n d o w s \ S y s t e m 3 2 \ O n e D r i v e S e t u p . e x e / t h f i r s t s e t u p H K U \ S - 1 - 5 - 2 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
O l l a m a O l l a m a . l n k S t a r t u p
c t f m o n C : \ W i n d o w s \ s y s t e m 3 2 \ c t f m o n . e x e H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
S a n d b o x i e C o n t r o l " d : \ P r o g r a m F i l e s \ S a n d b o x i e \ S b i e C t r l . e x e " H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
F e e m " C : \ P r o g r a m F i l e s ( x 8 6 ) \ F e e m 2 0 1 8 \ F e e m . e x e " - - h i d e H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
D o c k e r D e s k t o p C : \ P r o g r a m F i l e s \ D o c k e r \ D o c k e r \ D o c k e r D e s k t o p . e x e - A u t o s t a r t H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
3 6 0 B a c k u p D : \ P r o g r a m F i l e s ( x 8 6 ) \ 3 6 0 \ 3 6 0 S a f e \ U t i l s \ W i n r e B a c k u p \ 3 6 0 W i n R E B a c k u p 6 4 . e x e / s H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
M i c r o s o f t E d g e A u t o L a u n c h _ 9 8 7 6 9 9 9 6 E 2 4 8 3 6 F 9 9 E C 8 6 1 7 6 4 4 4 2 3 B 4 C " C : \ P r o g r a m F i l e s ( x 8 6 ) \ M i c r o s o f t \ E d g e \ A p p l i c a t i o n \ m s e d g e . e x e " - - n o - s t a r t u p - w i n d o w - - w i n - s e s s i o n - s t a r t H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
J e t B r a i n s T o o l b o x " C : \ U s e r s \ A d m i n i s t r a t o r \ A p p D a t a \ L o c a l \ J e t B r a i n s \ T o o l b o x \ b i n \ j e t b r a i n s - t o o l b o x . e x e " - - m i n i m i z e H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
B a i d u Y u n D e t e c t " C : \ U s e r s \ A d m i n i s t r a t o r \ A p p D a t a \ R o a m i n g \ b a i d u \ B a i d u N e t d i s k \ Y u n D e t e c t S e r v i c e . e x e " H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
i C l o u d S e r v i c e s " C : \ P r o g r a m F i l e s ( x 8 6 ) \ C o m m o n F i l e s \ A p p l e \ I n t e r n e t S e r v i c e s \ i C l o u d S e r v i c e s . e x e " H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
Q Q N T " D : \ P r o g r a m F i l e s \ T e n c e n t \ Q Q N T \ Q Q . e x e " / b a c k g r o u n d H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
C l a u d e " C : \ U s e r s \ A d m i n i s t r a t o r \ A p p D a t a \ L o c a l \ A n t h r o p i c C l a u d e \ c l a u d e . e x e " - - s t a r t u p H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
D i n g T a l k C : \ P r o g r a m F i l e s ( x 8 6 ) \ D i n g D i n g \ D i n g t a l k L a u n c h e r . e x e / a u t o r u n H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
A p i f o x A p p A g e n t C : \ U s e r s \ A d m i n i s t r a t o r \ A p p D a t a \ R o a m i n g \ a p i f o x \ A p i f o x A p p A g e n t . e x e H K U \ S - 1 - 5 - 2 1 - 2 4 3 8 4 1 7 6 1 7 - 2 8 0 0 8 6 7 2 3 6 - 2 0 4 0 7 9 5 3 8 8 - 5 0 0 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
O n e D r i v e S e t u p C : \ W i n d o w s \ S y s t e m 3 2 \ O n e D r i v e S e t u p . e x e / t h f i r s t s e t u p H K U \ S - 1 - 5 - 8 0 - 2 6 5 2 5 3 5 3 6 4 - 2 1 6 9 7 0 9 5 3 6 - 2 8 5 7 6 5 0 7 2 3 - 2 6 2 2 8 0 4 1 2 3 - 1 1 0 7 7 4 1 7 7 5 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
C l o u d f l a r e W A R P C : \ P R O G R A ~ 1 \ C L O U D F ~ 1 \ C L O U D F ~ 1 \ C L O U D F ~ 1 . E X E C o m m o n S t a r t u p
T a i l s c a l e C : \ P R O G R A ~ 1 \ T A I L S C ~ 1 \ T A I L S C ~ 2 . E X E C o m m o n S t a r t u p
S e c u r i t y H e a l t h % w i n d i r % \ s y s t e m 3 2 \ S e c u r i t y H e a l t h S y s t r a y . e x e H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
R T H D V C P L " C : \ P r o g r a m F i l e s \ R e a l t e k \ A u d i o \ H D A \ R A V C p l 6 4 . e x e " - s H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
C o m p u t e r Z - T r a y " d : \ P r o g r a m F i l e s ( x 8 6 ) \ L u D a S h i \ C o m p u t e r Z T i n y T r a y . e x e " H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
s y s d i a g " C : \ P r o g r a m F i l e s \ H u o r o n g \ S y s d i a g \ b i n \ h i p s t r a y . e x e " H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
i T u n e s H e l p e r " C : \ P r o g r a m F i l e s \ i T u n e s \ i T u n e s H e l p e r . e x e " H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n
========== 系统信息 ==========
操作系统:
Caption=Microsoft Windows 11 家庭中文版
Version=10.0.22631
启动时间:
LastBootUpTime=20250809093235.500000+480
========== 启动文件夹路径汇总 ==========
可以使用以下命令快速访问启动位置:
1. shell:startup # 当前用户启动文件夹
2. shell:common startup # 所有用户启动文件夹
3. msconfig # 系统配置工具
4. taskschd.msc # 任务计划程序
5. services.msc # 服务管理
6. regedit # 注册表编辑器
完整路径:
用户启动: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
系统启动: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
========== 常用管理命令 ==========
■ 添加启动项到注册表:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /t REG_SZ /d "程序路径" /f
■ 删除注册表启动项:
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "程序名" /f
■ 创建计划任务启动项:
schtasks /create /tn "任务名" /tr "程序路径" /sc onlogon
■ 删除计划任务:
schtasks /delete /tn "任务名" /f导出开机启动项方便下次恢复
@echo off
chcp 65001 >nul
setlocal enabledelayedexpansion
title 开机启动项导出导入工具
:: 检查管理员权限
net session >nul 2>&1
if errorlevel 1 (
echo 警告: 部分功能需要管理员权限,建议以管理员身份运行
echo.
timeout /t 3 >nul
)
:MAIN_MENU
cls
echo.
echo ==========================================
echo 开机启动项导出导入工具 v2.0
echo ==========================================
echo.
echo 请选择操作:
echo.
echo [1] 导出所有启动项(备份)
echo [2] 导入启动项(恢复)
echo [3] 清除所有启动项
echo [4] 选择性导出
echo [5] 查看当前启动项
echo [0] 退出
echo.
set /p choice="请输入选项 (0-5): "
if "%choice%"=="1" goto EXPORT_ALL
if "%choice%"=="2" goto IMPORT_ALL
if "%choice%"=="3" goto CLEAR_ALL
if "%choice%"=="4" goto EXPORT_SELECTIVE
if "%choice%"=="5" goto VIEW_CURRENT
if "%choice%"=="0" goto EXIT
goto MAIN_MENU
:EXPORT_ALL
cls
echo.
echo ========== 导出所有启动项 ==========
echo.
:: 创建导出文件夹
set "backup_dir=%~dp0启动项备份_%date:~0,4%%date:~5,2%%date:~8,2%_%time:~0,2%%time:~3,2%%time:~6,2%"
set "backup_dir=%backup_dir: =0%"
mkdir "%backup_dir%" 2>nul
echo 正在导出到: %backup_dir%
echo.
:: 1. 导出注册表启动项
echo [1/6] 导出注册表启动项...
reg export "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" "%backup_dir%\HKCU_Run.reg" /y >nul 2>&1
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "%backup_dir%\HKLM_Run.reg" /y >nul 2>&1
reg export "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce" "%backup_dir%\HKCU_RunOnce.reg" /y >nul 2>&1
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "%backup_dir%\HKLM_RunOnce.reg" /y >nul 2>&1
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" "%backup_dir%\HKLM_WOW64_Run.reg" /y >nul 2>&1
:: 2. 备份启动文件夹
echo [2/6] 备份启动文件夹...
mkdir "%backup_dir%\用户启动文件夹" 2>nul
mkdir "%backup_dir%\系统启动文件夹" 2>nul
if exist "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" (
xcopy "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" "%backup_dir%\用户启动文件夹\" /s /e /y >nul 2>&1
)
if exist "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" (
xcopy "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" "%backup_dir%\系统启动文件夹\" /s /e /y >nul 2>&1
)
:: 3. 导出计划任务
echo [3/6] 导出计划任务...
mkdir "%backup_dir%\计划任务" 2>nul
schtasks /query /fo csv > "%backup_dir%\计划任务\所有任务列表.csv" 2>nul
:: 导出特定的启动任务
for /f "tokens=1 delims=," %%a in ('schtasks /query /fo csv ^| findstr /i "logon\|startup\|boot"') do (
set "taskname=%%~a"
if not "!taskname!"=="TaskName" (
schtasks /query /tn "!taskname!" /xml > "%backup_dir%\计划任务\!taskname!.xml" 2>nul
)
)
:: 4. 导出服务信息
echo [4/6] 导出服务信息...
wmic service where startmode="auto" get name,pathname,startmode,state /format:csv > "%backup_dir%\自启动服务.csv" 2>nul
sc query type=service state=all > "%backup_dir%\所有服务状态.txt" 2>nul
:: 5. 导出WMI启动项
echo [5/6] 导出WMI启动项...
wmic startup get /format:csv > "%backup_dir%\WMI启动项.csv" 2>nul
:: 6. 创建恢复脚本
echo [6/6] 创建恢复脚本...
(
echo @echo off
echo chcp 65001 ^>nul
echo title 启动项恢复脚本
echo.
echo echo 正在恢复启动项配置...
echo echo.
echo.
echo echo [1/4] 恢复注册表项...
echo if exist "HKCU_Run.reg" reg import "HKCU_Run.reg" ^>nul 2^>^&1
echo if exist "HKLM_Run.reg" reg import "HKLM_Run.reg" ^>nul 2^>^&1
echo if exist "HKCU_RunOnce.reg" reg import "HKCU_RunOnce.reg" ^>nul 2^>^&1
echo if exist "HKLM_RunOnce.reg" reg import "HKLM_RunOnce.reg" ^>nul 2^>^&1
echo if exist "HKLM_WOW64_Run.reg" reg import "HKLM_WOW64_Run.reg" ^>nul 2^>^&1
echo.
echo echo [2/4] 恢复启动文件夹...
echo if exist "用户启动文件夹" xcopy "用户启动文件夹\*" "%%APPDATA%%\Microsoft\Windows\Start Menu\Programs\Startup\" /s /e /y ^>nul 2^>^&1
echo if exist "系统启动文件夹" xcopy "系统启动文件夹\*" "%%PROGRAMDATA%%\Microsoft\Windows\Start Menu\Programs\StartUp\" /s /e /y ^>nul 2^>^&1
echo.
echo echo [3/4] 恢复计划任务...
echo if exist "计划任务\*.xml" (
echo for %%%%f in ("计划任务\*.xml"^) do (
echo schtasks /create /xml "%%%%f" /tn "%%%%~nf" /f ^>nul 2^>^&1
echo ^)
echo ^)
echo.
echo echo [4/4] 恢复完成!
echo echo.
echo echo 部分服务可能需要手动启用,请检查"自启动服务.csv"文件
echo echo.
echo pause
) > "%backup_dir%\恢复启动项.bat"
:: 创建说明文件
(
echo 启动项备份说明
echo ================
echo.
echo 备份时间: %date% %time%
echo 系统版本:
wmic os get caption,version /format:list | findstr /v "^$"
echo.
echo 文件说明:
echo ■ HKCU_Run.reg - 当前用户注册表启动项
echo ■ HKLM_Run.reg - 所有用户注册表启动项
echo ■ HKCU_RunOnce.reg - 当前用户一次性启动项
echo ■ HKLM_RunOnce.reg - 所有用户一次性启动项
echo ■ HKLM_WOW64_Run.reg - 32位程序启动项
echo ■ 用户启动文件夹/ - 用户启动目录文件
echo ■ 系统启动文件夹/ - 系统启动目录文件
echo ■ 计划任务/ - 相关计划任务
echo ■ 自启动服务.csv - 自动启动的服务列表
echo ■ WMI启动项.csv - WMI查询的启动项
echo ■ 恢复启动项.bat - 自动恢复脚本
echo.
echo 恢复方法:
echo 1. 运行"恢复启动项.bat"自动恢复
echo 2. 或手动导入.reg文件到注册表
echo 3. 或手动复制文件到对应启动文件夹
echo.
echo 注意事项:
echo - 恢复前建议先备份当前配置
echo - 部分操作需要管理员权限
echo - 服务项可能需要手动启用
) > "%backup_dir%\备份说明.txt"
echo 导出完成!
echo.
echo 备份位置: %backup_dir%
echo.
echo 文件清单:
dir /b "%backup_dir%"
echo.
set /p open_folder="是否打开备份文件夹? (Y/N): "
if /i "%open_folder%"=="Y" start "" "%backup_dir%"
echo.
pause
goto MAIN_MENU
:IMPORT_ALL
cls
echo.
echo ========== 导入启动项 ==========
echo.
:: 选择备份文件夹
echo 请选择要恢复的备份文件夹:
echo.
echo 可用备份:
for /d %%d in ("%~dp0启动项备份_*") do (
echo %%~nd
)
echo.
set /p backup_folder="请输入备份文件夹名称: "
if not exist "%~dp0%backup_folder%" (
echo 错误: 备份文件夹不存在!
pause
goto MAIN_MENU
)
echo.
echo 警告: 此操作将覆盖当前启动项配置!
set /p confirm="确定要继续吗? (Y/N): "
if /i not "%confirm%"=="Y" goto MAIN_MENU
cd /d "%~dp0%backup_folder%"
echo.
echo 正在恢复启动项...
:: 恢复注册表
echo [1/4] 恢复注册表项...
if exist "HKCU_Run.reg" reg import "HKCU_Run.reg" >nul 2>&1
if exist "HKLM_Run.reg" reg import "HKLM_Run.reg" >nul 2>&1
if exist "HKCU_RunOnce.reg" reg import "HKCU_RunOnce.reg" >nul 2>&1
if exist "HKLM_RunOnce.reg" reg import "HKLM_RunOnce.reg" >nul 2>&1
if exist "HKLM_WOW64_Run.reg" reg import "HKLM_WOW64_Run.reg" >nul 2>&1
:: 恢复启动文件夹
echo [2/4] 恢复启动文件夹...
if exist "用户启动文件夹" (
xcopy "用户启动文件夹\*" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\" /s /e /y >nul 2>&1
)
if exist "系统启动文件夹" (
xcopy "系统启动文件夹\*" "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\" /s /e /y >nul 2>&1
)
:: 恢复计划任务
echo [3/4] 恢复计划任务...
if exist "计划任务\*.xml" (
for %%f in ("计划任务\*.xml") do (
schtasks /create /xml "%%f" /tn "%%~nf" /f >nul 2>&1
)
)
echo [4/4] 恢复完成!
echo.
echo 启动项已成功恢复!
echo 部分服务可能需要手动启用。
echo.
pause
goto MAIN_MENU
:CLEAR_ALL
cls
echo.
echo ========== 清除所有启动项 ==========
echo.
echo 警告: 此操作将删除所有启动项!
echo 建议先进行备份!
echo.
set /p confirm="确定要继续吗? (Y/N): "
if /i not "%confirm%"=="Y" goto MAIN_MENU
echo.
echo 正在清除启动项...
:: 清除注册表启动项
echo [1/4] 清除注册表启动项...
for /f "tokens=2*" %%a in ('reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" 2^>nul ^| findstr REG_') do (
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "%%a" /f >nul 2>&1
)
for /f "tokens=2*" %%a in ('reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 2^>nul ^| findstr REG_') do (
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "%%a" /f >nul 2>&1
)
:: 清除启动文件夹
echo [2/4] 清除启动文件夹...
if exist "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" (
del /q "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" >nul 2>&1
)
if exist "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" (
del /q "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" >nul 2>&1
)
:: 清除相关计划任务(可选)
echo [3/4] 清除相关计划任务...
echo 已跳过计划任务清除(建议手动管理)
echo [4/4] 清除完成!
echo.
echo 启动项已清除!建议重启系统验证。
echo.
pause
goto MAIN_MENU
:EXPORT_SELECTIVE
cls
echo.
echo ========== 选择性导出 ==========
echo.
echo 请选择要导出的项目:
echo.
echo [1] 仅注册表启动项
echo [2] 仅启动文件夹
echo [3] 仅计划任务
echo [4] 仅系统服务
echo [0] 返回主菜单
echo.
set /p sel_choice="请选择 (0-4): "
set "export_dir=%~dp0选择性导出_%date:~0,4%%date:~5,2%%date:~8,2%_%time:~0,2%%time:~3,2%%time:~6,2%"
set "export_dir=%export_dir: =0%"
if "%sel_choice%"=="1" (
mkdir "%export_dir%" 2>nul
echo 正在导出注册表启动项...
reg export "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" "%export_dir%\HKCU_Run.reg" /y >nul 2>&1
reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "%export_dir%\HKLM_Run.reg" /y >nul 2>&1
echo 导出完成: %export_dir%
)
if "%sel_choice%"=="2" (
mkdir "%export_dir%\用户启动文件夹" 2>nul
mkdir "%export_dir%\系统启动文件夹" 2>nul
echo 正在导出启动文件夹...
if exist "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" (
xcopy "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*" "%export_dir%\用户启动文件夹\" /s /e /y >nul 2>&1
)
if exist "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" (
xcopy "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp\*" "%export_dir%\系统启动文件夹\" /s /e /y >nul 2>&1
)
echo 导出完成: %export_dir%
)
if "%sel_choice%"=="3" (
mkdir "%export_dir%\计划任务" 2>nul
echo 正在导出计划任务...
schtasks /query /fo csv > "%export_dir%\计划任务\所有任务列表.csv" 2>nul
echo 导出完成: %export_dir%
)
if "%sel_choice%"=="4" (
mkdir "%export_dir%" 2>nul
echo 正在导出系统服务...
wmic service where startmode="auto" get name,pathname,startmode,state /format:csv > "%export_dir%\自启动服务.csv" 2>nul
sc query type=service state=all > "%export_dir%\所有服务状态.txt" 2>nul
echo 导出完成: %export_dir%
)
if "%sel_choice%"=="0" goto MAIN_MENU
echo.
pause
goto MAIN_MENU
:VIEW_CURRENT
cls
echo.
echo ========== 当前启动项 ==========
echo.
echo ■ 注册表启动项 (HKCU):
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" 2>nul | findstr REG_
echo.
echo ■ 注册表启动项 (HKLM):
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 2>nul | findstr REG_
echo.
echo ■ 用户启动文件夹:
if exist "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup" (
dir /b "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup" 2>nul
) else (
echo 无文件
)
echo.
echo ■ 系统启动文件夹:
if exist "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp" (
dir /b "%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\StartUp" 2>nul
) else (
echo 无文件
)
echo.
echo ■ WMI启动项:
wmic startup get caption,command | findstr /v "^$"
echo.
pause
goto MAIN_MENU
:EXIT
echo.
echo 感谢使用!
timeout /t 2 >nul
exit
扫一扫
7269
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
