I encountered another computer in less than a week with the same problem. The computer would log in and rapidly log off mere seconds from each other. I check the usual suspects, spyware and malware. Nothing.
I then suspect it is a userinit missing issue. (userinit loads explorer.exe which loads one's background and icons etc)
I searched the c:\windows\system32 folder. There is a perfectly good copy.
My only other suspicion is that the registry key that points to the userint.exe file is pointing to the wrong or is pointing to a dubious location.
The winlogon key under the hklm hive contains the pointer for the userinit.exe file.
I was wrong again. The pointer wasn't wrong or pointing to a non existent location. It was blank. Curiously, the the pointer field was empty. I inserted the proper pointer field.
c:\windows\system32\userinit.exe,
I booted the pc. The username logged in with no problems. Immediately after logging in, Microsoft's malicious software removal tool or MRT, popped up that it had successfully removed a piece of malware. I would bet money that the MRT removed the key in question as lot of malware try to manipulate the userinit.exe file to ensure that thier payload is executed when the user logs in. I blame the computer not logging in on Microsoft. The removal tool was a little over zealous. Anyone know for sure?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment