This is a list of auto-start locations that malware’s normally use to restart themselves on a system reboot.

We have tried to find their Windows Vista entries too. Windows 7, we don’t know yet. Now, some might not work on all platforms. They might not work on Windows 98, 95, ME, etc. as they are not Windows NT bases and the NT’s work differently. Some will also work without any registry key manipulation.

We have maintained a few known abbreviations just to shorten the post. They are as follows:
HKLM : HKEY_LOCAL_MACHINE
HKCU : HKEY_CURRENT_USER
HKCR : HKEY_CLASSES_ROOT
%windir% : The Windows Directory. Can be C:Windows or C:WINNT or anything, depending on the location, the OS & the customization of the OS!
%USERPROFILE% : Normally is C:Documents and Settings, depending on the installation location.
%ALLUSERSPROFILE% : Normally is C:Documents and SettingsAll Users, depending on the installation location.

Please keep in mind that the Windows registry is very sensitive and you should fiddle with it only if you know how to get out of it! We should not be held responsible for any harm coming out of their usage!

Beginning with registry methods:

1. HKLMSystemCurrentControlSetControlTerminal ServerWdsrdpwdStartupPrograms
2. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonAppSetup
3. HKLMSoftwarePoliciesMicrosoftWindowsSystemScriptsStartup
4. HKCUSoftwarePoliciesMicrosoftWindowsSystemScriptsLogon
5. HKLMSoftwarePoliciesMicrosoftWindowsSystemScriptsLogon
6. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonUserinit
7. HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemShell
8. HKCUSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell
9. HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemShell
10. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell
11. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonTaskman
12. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunonce
13. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunonceEx
14. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRun
15. HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun
16. HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunOnceEx
17. HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunOnce
18. HKCUSoftwareMicrosoftWindows NTCurrentVersionWindowsLoad
19. HKCUSoftwareMicrosoftWindows NTCurrentVersionWindowsRun
20. HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerRun
21. HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun
22. HKCUSoftwareMicrosoftWindowsCurrentVersionRun
23. HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnce
24. HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnceSetup
25. HKCUSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunonce
26. HKCUSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunonceEx
27. HKCUSOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRun
28. HKLMSOFTWAREClassesProtocolsFilter
29. HKLMSOFTWAREClassesProtocolsHandler
30. HKCUSOFTWAREMicrosoftInternet ExplorerDesktopComponents
31. HKLMSOFTWAREMicrosoftActive SetupInstalled Components
32. HKCUSOFTWAREMicrosoftActive SetupInstalled Components
33. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler
34. HKLMSOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad
35. HKCUSOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad
36. HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks
37. HKCUSoftwareClasses*ShellExContextMenuHandlers
38. HKLMSoftwareClasses*ShellExContextMenuHandlers
39. HKCUSoftwareClassesAllFileSystemObjectsShellExContextMenuHandlers
40. HKLMSoftwareClassesAllFileSystemObjectsShellExContextMenuHandlers
41. HKCUSoftwareClassesFolderShellExContextMenuHandlers
42. HKLMSoftwareClassesFolderShellExContextMenuHandlers
43. HKCUSoftwareClassesDirectoryShellExContextMenuHandlers
44. HKLMSoftwareClassesDirectoryShellExContextMenuHandlers
45. HKCUSoftwareClassesDirectoryBackgroundShellExContextMenuHandlers
46. HKLMSoftwareClassesDirectoryBackgroundShellExContextMenuHandlers
47. HKCUSoftwareClassesFolderShellexColumnHandlers
48. HKLMSoftwareClassesFolderShellexColumnHandlers
49. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellIconOverlayIdentifiers
50. HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerShellIconOverlayIdentifiers
51. HKCUSoftwareMicrosoftCtfLangBarAddin
52. HKLMSoftwareMicrosoftCtfLangBarAddin
53. HKCUSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
54. HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
55. HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
56. HKCUSoftwareMicrosoftInternet ExplorerUrlSearchHooks
57. HKLMSoftwareMicrosoftInternet ExplorerToolbar
58. HKCUSoftwareMicrosoftInternet ExplorerExplorer Bars
59. HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars
60. HKCUSoftwareMicrosoftInternet ExplorerExtensions
61. HKLMSoftwareMicrosoftInternet ExplorerExtensions
62. HKLMSystemCurrentControlSetServices
63. HKLMSystemCurrentControlSetServices
64. HKLMSystemCurrentControlSetControlSession ManagerBootExecute
65. HKLMSystemCurrentControlSetControlSession ManagerSetupExecute
66. HKLMSystemCurrentControlSetControlSession ManagerExecute
67. HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Options
68. HKLMSoftwareMicrosoftCommand ProcessorAutorun
69. HKCUSoftwareMicrosoftCommand ProcessorAutorun
70. HKLMSOFTWAREClassesExefileShellOpenCommand(Default)
71. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindowsAppinit_Dlls
72. HKLMSystemCurrentControlSetControlSession ManagerKnownDlls
73. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSystem
74. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonUIHost
75. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify
76. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonGinaDLL
77. HKCUControl PanelDesktopScrnsave.exe
78. HKLMSystemCurrentControlSetControlBootVerificationProgramImagePath
79. HKLMSystemCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9
80. HKLMSYSTEMCurrentControlSetControlPrintMonitors
81. HKLMSYSTEMCurrentControlSetControlSecurityProvidersSecurityProviders
82. HKLMSYSTEMCurrentControlSetControlLsaAuthentication Packages
83. HKLMSYSTEMCurrentControlSetControlLsaNotification Packages
84. HKLMSYSTEMCurrentControlSetControlLsaSecurity Packages
85. HKLMSYSTEMCurrentControlSetControlNetworkProviderOrder
86. HKCUSoftwareMicrosoftWindows NTCurrentVersionWindowsload
87. HKCRbatfileshellopencommand @=""%1" %*"
88. HKCRcomfileshellopencommand @=""%1" %*"
89. HKCRexefileshellopencommand @=""%1" %*"
90. HKCRhtafileShellOpenCommand @=""%1" %*"
91. HKCRpiffileshellopencommand @=""%1" %*"
92. HKLMSoftwareClassesbatfileshellopencommand
93. HKLMSoftwareClassescomfileshellopencommand
94. HKLMSoftwareClassesexefileshellopencommand
95. HKLMSoftwareClasseshtafileshellopencommand
96. HKLMSoftwareClassespiffileshellopencommand
97. HKLMSystemCurrentControlSetControlClass{4D36E96B-E325-11CE-BFC1-08002BE10318}UpperFilters
98. HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonVmApplet
99. HKLMSoftwareMicrosoftWindows NTCurrentVersionInitFileMapping
100. HKLMSoftwareMicrosoftWindows NTCurrentVersionAedebug
101. HKLMSoftwareClassesCLSID{CLSID}Implemented Categories{00021493-0000-0000-C000-000000000046}
102. HKLMSoftwareClassesCLSID{CLSID}Implemented Categories{00021494-0000-0000-C000-000000000046}
103. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.batApplication
104. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.cmdApplication
105. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.comApplication
106. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.exeApplication
107. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.htaApplication
108. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.pifApplication
109. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.scrApplication
110. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.batProgID
111. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.cmdProgID
112. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.comProgID
113. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.exeProgID
114. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.htaProgID
115. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.pifProgID
116. HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.scrProgID
117. HKLMSoftwareCLASSESbatfileshellopencommand @=""%1" %*"
118. HKLMSoftwareCLASSEScomfileshellopencommand @=""%1" %*"
119. HKLMSoftwareCLASSESexefileshellopencommand @=""%1" %*"
120. HKLMSoftwareCLASSEShtafileShellOpenCommand @=""%1" %*"
121. HKLMSoftwareCLASSESpiffileshellopencommand @=""%1" %*"
122. HKCRvbsfileshellopencommand
123. HKCRvbefileshellopencommand
124. HKCRjsfileshellopencommand
125. HKCRjsefileshellopencommand
126. HKCRwshfileshellopencommand
127. HKCRwsffileshellopencommand
128. HKCRscrfileshellopencommand
129. HKLMSoftwareMicrosoftActive SetupInstalled ComponentsKeyName
StubPath=C:PathToFileFilename.exe

Now, we will start with folder auto start locations.
%ALLUSERSPROFILE%Start MenuProgramsStartup
%USERPROFILE%Start MenuProgramsStartup
%windir%Tasks
%windir%System32Tasks - Windows Vista
%ALLUSERSPROFILE%MicrosoftWindowsStart MenuProgramsStartup
%USERPROFILE%AppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

In addition to this, there are some more files which when added an entry, will restart the file.
win.ini:
[windows]
load=file.exe

OR

[windows]
run=file.exe

system.ini:
[boot]
Shell=Explorer.exe file.exe

windirdosstart.bat (Windows 95 or Windows 98 only)
windirsystemautoexec.nt
windirsystemconfig.nt