Part 1 | Part 2 | Part 3
Although it can be convenient (and sometimes essential) for various applications and services to load during a system's startup, having processes load automatically can at times be problematic. For instance, it's very common for Trojans and other types of malicious software to load as a part of the boot process.
Legitimate applications and services can cause problems as well. If a legitimate program hangs during the boot process, it could cause the process to fail or result in problems with other applications or services that have dependencies on the failed service.
In this article series, I will start out by showing you some techniques for disabling unwanted or problematic Windows XP programs that are configured to execute during the boot process. Of course these techniques assume that you know which service or application is causing the problem. As this series progresses, I will explore techniques for isolating malicious or problematic code.
For starters, try Safe Mode
By far the easiest way to temporarily disable startup programs is to boot the system into safe mode. Safe mode boots Windows XP using a bare configuration. It loads only the essential device drivers, and Windows does not load any startup programs. That way, if a particular device driver or startup program is causing problems, you can boot Windows without loading it. You are then free to disable or remove the driver, service or application that is causing the problem.
You can access safe mode by pressing the F8 key just before Windows XP begins to boot (you may have to press F8 repeatedly). Upon doing so, the Windows boot menu will be displayed, which gives you several different boot modes to choose from. Below is a brief explanation of each of these modes:
- Safe Mode -- Safe Mode boots Windows using a minimal driver set and without loading any startup applications.
- Safe Mode with Networking -- This option does the same thing as Safe Mode, except that it also loads the drivers and services necessary for network access.
- Safe Mode with Command Prompt -- This option is similar to Safe Mode, except that the system boots to a command prompt rather than to a GUI. This option is most useful for repairing GUI-related problems.
- Enable Boot Logging -- If you select this option, Windows will create a diagnostic log of the boot process. You can use this log to figure out where the process is breaking down. The log file is named NTBLOG.TXT and is located in the %SYSTEMROOT% folder. You can use boot logging in conjunction with any of the safe mode boot options except for the Last Known Good Configuration option.
- Enable VGA Mode -- The Enable VGA Mode option is intended for use when the correct video driver is installed, but Windows was accidentally configured to use an incompatible display resolution. The Enable VGA Mode option boots Windows using the current video driver but uses a 640 x 480 resolution. This gives you the opportunity to reset the display resolution. Safe Mode and Safe Mode with Networking also use a decreased screen resolution but do so by using the VGA.SYS driver rather than the video driver that was specifically designed for your video card. Therefore, the Enable VGA Mode is the option of choice for resetting the display resolution.
- Last Known Good Configuration -- When Windows boots successfully, it makes note that it was able to boot successfully by marking the configuration as "good." If you make a configuration change that renders Windows unbootable, you can select the Last Known Good Configuration option to boot Windows using a known good configuration.
- Directory Services Restore Mode -- Although this option appears on Windows XP's menu, it is only valid for Windows Server machines that are acting as domain controllers.
- Debugging Mode -- This option is an obsolete leftover from Windows NT. The option allows you to send debugging information over a serial port (COM2) to another computer that is running a debugger. However, modern computers are no longer equipped with traditional serial ports.
- Disable Automatic Restart on System Failures -- This option prevents Windows from automatically rebooting when a blue screen error occurs. It is useful for troubleshooting when a machine mysteriously reboots itself in the middle of the night.
- Start Windows Normally -- This option causes Windows to load in the normal way.
- Reboot -- Use this option to reboot the machine.
- Return to OS Choice Menu -- Selecting this option takes you to a screen that lets you choose which of the installed operating systems you want to boot. Unless you are running a dual boot or a multi-boot configuration, Windows XP will be the only choice.
Believe it or not, you can actually use the Shift key to prevent some startup programs from running with Windows XP. Here's how this trick works:
- Boot Windows in the usual way.
- When you get to the login screen, enter your username and password and then click OK.
- Immediately after clicking OK, hold down the Shift key.
- Continue to hold the Shift key down until all of the desktop icons appear.
Although this trick works really well, it doesn't give you quite as clean of a boot as booting to Safe Mode. After all, you are booting Windows normally, so all of the usual device drivers will be loaded. Holding the Shift key down only prevents applications from launching automatically from the following locations:
\Documents and Settings\Username\Start Menu\Programs\Startup
\Documents and Settings\All Users\Start Menu\Programs\Startup
Windir\Profiles\All Users\Start Menu\Programs\Startup
Note: The Windir path is only valid if the system was upgraded from Windows NT 4.0.
One important thing to keep in mind about this technique is that applications may still launch from other locations. For example, it is common for applications to be launched by instructions embedded in the system's registry. If an application is called from the registry, it will still load, regardless of whether the Start key was held down or not.
Remember that while the Safe Mode menu and shift key are both effective ways of temporarily disabling some startup programs, these techniques are not appropriate for every situation. In the next article, I will continue this discussion by showing you some of the more advanced techniques for disabling annoying startup programs.
DISABLING STARTUP PROGRAMS IN WINDOWS XP
Using Safe Mode and the Shift key
Editing the registry and using Group Policy
The System Configuration Utility and the trouble with networks
|Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server, Exchange Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. He writes regularly for SearchWinComputing.com and other TechTarget sites.|