Re: unable to login into WinXP HE
From: Malke (notreally_at_invalid.com)
Date: Sun, 18 Sep 2005 11:16:13 -0700
> Hi, I don't relly know if I'm posting in the right area but anyway...I
> was getting rid of viruses/sayware off my computer and MS GIANT found
> 3 viruses, a trojan, a mediaticket and a 180 solutions. I was akedto
> reboot my PC due because one of the viruses was running so I did. When
> I had rebooted I tryed to log into my useer but it immediately logged
> me out...I have tried safe mode and other users but all unsuccessful.
> Is there a way to open msconfig, command prompt (safe mode with prompt
> doesn't work) without logging into a user.
You may have run afoul of the wsaupdater problem. Here is MVP Rick
Roger's summation (with solutions):
The userinit value may have been corrupted by the removal of Blazefind.
It adds wsaupdater.exe to the logon value in the system registry,
sometimes appending it, sometimes replacing it. Running Adaware or
other cleaners detects and removes wsaupdater.exe, but doesn't correct
the registry damage. If this is the case, then you may need to load the
registry hive from another installation and change it. This is the key:
Userinit string value should be:
On the damaged installations it's one of these:
Note the trailing comma, which should be there.
Another "quickie" method of resolution is to load the Recovery Console,
copy userinit.exe as wsaupdater.exe from the command prompt, then
restart normally. Once in, go and change the registry value back to
what it's supposed to be and delete the copied file by doing:
cd system32 [Enter]
copy userinit.exe wsaupdater.exe [Enter]
Then boot the system and edit the Registry and then rename the System32
wsaupdater.exe back to userinit.exe.
You can also put the affected hard drive as a slave in a working XP box
and put a good userinit.exe in the sick driver's System32 folder,
rename it to wsaupdater.exe and then put the sick drive back in its
box. Start the system and make the changes in the Registry and rename
wsaupdater back to userinit.exe.
-- MS-MVP Windows User/Shell Elephant Boy Computers www.elephantboycomputers.com "Don't Panic"