Windows NT Startup Process

I while back I wrote about the fact that I didn’t really know how Windows startup works. As with many things wikipedia clears it all up. It looks like this is what I should have examined in the registry:

Now I know.

Norton Internet Security

Last night I was asked to debug a problem with a Windows XP laptop that had Norton Internet Security installed. The problem? “The internet didn’t work.” Unfortunately I didn’t realize about Norton Internet Security part until later. While the fix was simple, disable Norton Internet Security, the symptoms of the problem weren’t obvious to me.

Connection acquisition wasn’t a problem “ipconfig /release” and “ipconfig /renew” just worked. Pinging IPs worked but pinging hostnames failed. Putting and IP in the browser like 72.14.207.99(google.com) worked.
I thought… classic dns issue. “ipconfig /flushdns” should just solve it. Wrong. I was really surprised when “nslookup google.com” worked. So I could resolve hostnames to IPs, I can connect to IPs but when I put it all together it fails.

At this point Safe Mode with Networking to the rescue. In safe mode everything just works. Clearly something starts up in regular mode that screws up the connection.
Not seeing Norton Internet Security Icon in the in taskbar in regular mode, because it’s hidden, I went the msconfig route. Disabling everything possible and restarting still didn’t solve the problem.

The lesson here was that Norton gets it’s claws so deep into the system that it’s not obvious it’s running at all, when in fact it is and the firewall itself can act in pretty unintuitive ways.