Advanced techniques for disabling Windows XP startup programs. Part 1 . Although those techniques do work, they are not appropriate for every situation. In this article, I will continue the discussion by showing you some of the more advanced techniques for disabling annoying Windows XP startup programs. By submitting your personal information, you agree that Tech. Target and its partners may contact you regarding relevant content, products and special offers. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy. Editing the registry. The Windows registry can be configured to launch applications at startup. In fact, adding calls to launch applications to the Windows registry is a favorite technique of malware authors. Don't assume though that just because a process is being launched from a call in the registry that the process is related to malware, because many legitimate applications are launched through the registry. This is particularly true of antivirus software and other applications that run in the background. The most effective way to prevent an application from running on startup is to simply delete the registry key that calls it. Before you do, though, it is extremely important that you know exactly what it is that you are deleting. I will talk about identifying unknown processes in much more detail later in this series. For now, however, if you need to identify a process prior to deleting a registry key that calls it, try doing a Google search on the process' file name. Using the Windows Registry Editor to Control Startup Programs : The. Troubleshooting the Startup Process. In the System Startup area, click Edit or select from the options listed in Default operating system. Describes how to disable programs that run when you start Windows XP or Windows Vista. Steps are provided to use Windows Defender to scan your computer and to stop unwanted applications from running. Removing Startup Items located in the registry. Posted in Windows XP by Community Submission. The System Configuration Utility displays items that start with your PC. These items are generally located in one of two. Where is the startup folder in Windows XP Professional SP3? Windows XP program startup locations. This key contains all sorts of programs that are set to run at startup. Simply go to the top of the registry and then select the Find command from the Registry Editor’s Edit menu. WARNING: Editing the registry is dangerous. Making an incorrect modification to the registry can destroy Windows and/or your applications. I therefore recommend making a full system backup before continuing. With that said, Windows differentiates between processes that are only run during the next reboot and those that are configured to run every time Windows is started. Calls to processes that are run only after the next reboot can be found beneath the following registry locations: HKEY. Here are the primary locations where these calls are stored: HKEY. The problem is that users are identified by GUID, rather than by user name. It is common for some types of malware to create a call to a malicious process for each individual user. The idea is that if one user cleans the call to the process from the machine, another user can log into the machine and cause it to become infected all over again. This is because Windows processes a registry key that is not processed when other users log in. Therefore, if you are trying to track down a malicious process, then it is a good idea to check each user account. Typically, there won't be too many accounts to sift through, and you can find calls to startup programs for individual user accounts at the following location: HKEY. As we all know, though, malware infections can spread rapidly, and who wants to manually edit the registries of every workstation on your network? Fortunately, you don't have to. Windows includes Group Policy settings that prevent the registry from launching applications on system startup. Keep in mind though that the technique I am about to show you is an all or nothing proposition. The Group Policy Object Editor isn't flexible enough to allow you to selectively enable and disable various processes. You have the option of preventing Windows from using the registry to launch processes at startup, but, by doing so, you may disable desirable processes as well as unwanted ones. You do, however, have the option of specifying the processes you want to run when a user logs in directly through the Group Policy rather than through the registry. Since Group Policies are hierarchical in nature, in the beginning I recommend that you experiment with this technique using only the local security policy on a few workstations. If testing reveals that this technique isn't going to cause problems, then you can always implement the settings at the domain or OU level of the Group Policy hierarchy later on. To prevent processes from being called from the registry at system startup, open the Group Policy Object Editor and navigate through the Group Policy tree to the following location: User Configuration\Administrative Templates\System\Logon. There are three Group Policy settings of interest in this location: Do Not Process the Run Once List. Do Not Process the Legacy Run List. Run These Programs at User Logon This setting prevents processes listed in the following registry locations from being launched: HKEY. Calls to startup processes can be associated either with the computer or with the user account. Therefore, you will find a duplicate set of Group Policy settings beneath the Group Policy Editor's Computer Configuration container at Computer Configuration\Administrative Templates\Logon. DISABLING STARTUP PROGRAMS IN WINDOWS XPUsing Safe Mode and the Shift key Editing the registry and using Group Policy. The System Configuration Utility and the trouble with networks Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2. Server, Exchange Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. He writes regularly for Search. Win. Computing. com and other Tech.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2017
Categories |