PC CAN'T LOG ON

[CAMERA HOUSE]

I have a pc with Windows Xp professional. One day morning when I started it gone up to users screen when I click on user it says 'loading your personal setting' and next second it goes to 'logging off' next 'saving settings' and gone back to log in screen. After that I click any user it does the same. has anybody got any solution????

[drconservative]

Camera House

It sounds like you have a Trojan Hourse Virus and it may have changed the setting in your registry. If you can get into safe mode and run Regedit you will be able to see if the virus has changed the file I have below. Let me know if you need any asistance in getting to safe mode.

Once you get to the registry follow the format below

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Check to make sure that the file does not read "wsaupdater.exe" the file should read "userinit.exe".

If this does not help you will need to remove the Virus.

[CAMERA HOUSE]

I started in safe mode but even there it ask to log on in admin before I do anything. When I clicked on admin it does the same in safe mode.

[CAMERA HOUSE]

Is there any other way to reach registry?

I took out hard drive and connected to other computer in USB but can not find registry files. System folder has no access.

[Big Dave]

If you have the original Windows XP Pro installation cds, you could boot from the CD, and get to "command prompt", but editing the registry from there is probably impossible.

BUT, you could see if you're infected with the "wsaupdater.exe" virus by just typing "dir "wsaupdater.exe" /s"

and that'll scan your hard drive for that file.  If it's there, you're infected. If not, you've got another problem.

You could then find / copy the userinit.exe into the same location as the wsaupdater.exe and rename it so that when the OS re-starts, you'll have the standard userinit.exe running.

Just a thought....

[CAMERA HOUSE]

HI BIG DAVE

To do any thing it needs to LOG ON first. But it does not let me in any any mode. I tried thru network, but it does not allow to go into system files. I took out HDD now from there where shall I find the infected files?  

[CAMERA HOUSE]

THANKS TO ALL FOR HELP.

I could not do it. So copied some files I wanted, and formated that HDD while it was connected to other computer.

[nobids]

****WARNING WARNING READ THE BOTTOM FIRST.

If you slave the hard drive you took out on a XP machine you can do this.

Click Run on the start menu and type regedit

Once in the registry click on the HKEY_LOCAL_MACHINE. Then from the FILE menu choose LOAD HIVE. From the open file windows that pops up. Navigate on your slaved drive to WINDOWS\system32\config and select and open the SYSTEM file (this is the registry/hive file). There will be another box asking your to name the file you just opened, give it the name SLAVEREG.

The registry from the slaved drive will now be loaded under HKEY_LOCAL_MACHINE > SLAVEREG and you are free to browse and edit.

I would however take this method first. Slave the drive on a computer with a good maleware cleaner and scan the slave drive for virus, if it gets some of the nasties try and boot the drive back in your computer if it boots run install the maleware scanner and run virus scanners really should be run on a primary hard drive.

***** READ FIRST - Under no circumstances modify the registry until you have made a backup copy of the SYSTEM file you are going to edit. Now read the post and you will understand which file I am talking about.

If you end up corrupting the SYSTEM (registry) you can copy and paste the backup file over top and start again. If you don't have backup you are lost for ever.

[manager]

cool post, nobids, thanks!