Re: Computer hangs at 'loading your personal settings'

A

Ace Fekay [MVP]

In
Brad Park said:
Hello,

I am using Windows 2000 Pro and the computer hangs at "Loading your
personal settings".
The computer hung for 12 hours more. And I gave up and did hard
reboot. After shocked by disgusting "Blaster Worm", I cannot logon
with the account used at that time.
But I can logon with other accounts normally.

Here is a doubtful part of "userenv.log" with account (Administrator &
hspark).
"hspark" account is a problem.
And I attached unattended "userenv.log" file.

All help appreciated.
With posting any comments, send them to my e-mail, please.
Thanks in advance.

Brad Park
e-mail : (e-mail address removed)

##### This is a part of log with Adminstrator account
USERENV(c0.a8) 20:08:00:718
=========================================================
USERENV(c0.a8) 20:08:00:718 LoadUserProfile: Entering, hToken =
<0x110>, lpProfileInfo = 0x6f648
USERENV(c0.a8) 20:08:00:718 LoadUserProfile: Entering, hToken =
<0x110>, lpProfileInfo = 0x6f648
USERENV(c0.a8) 20:08:00:718 LoadUserProfile: lpProfileInfo->dwFlags =
<0x0> USERENV(c0.a8) 20:08:00:718 LoadUserProfile:
lpProfileInfo->lpUserName = <Administrator>
USERENV(c0.a8) 20:08:00:718 LoadUserProfile: NULL central profile path
USERENV(c0.a8) 20:08:00:734 LoadUserProfile: NULL default profile path
USERENV(c0.a8) 20:08:00:734 LoadUserProfile: NULL server name
USERENV(c0.a8) 20:08:00:734 GetUserMutex: entering
USERENV(c0.a8) 20:08:00:750 GetUserMutex: Waiting...
USERENV(c0.a8) 20:08:00:750 GetUserMutex: Wait succeeded. Mutex
currently held.
USERENV(c0.a8) 20:08:00:750 RestoreUserProfile: Entering
USERENV(c0.a8) 20:08:00:750 RestoreUserProfile: User is a Admin
USERENV(c0.a8) 20:08:00:750 IsCentralProfileReachable: Entering
USERENV(c0.a8) 20:08:00:750 IsCentralProfileReachable: Null path.
Leaving USERENV(c0.a8) 20:08:00:750 RestoreUserProfile: Profile path
= <> USERENV(c0.a8) 20:08:00:750 ExtractProfileFromBackup: A profile
already exists
USERENV(c0.a8) 20:08:00:750 PatchNewProfileIfRequred: A profile
already exists with the current sid, exitting
USERENV(c0.a8) 20:08:00:750 CreateLocalProfileKey: Not setting
additional Security
USERENV(c0.a8) 20:08:00:750 GetExistingLocalProfileImage: Found
entry in profile list for existing local profile
USERENV(c0.a8) 20:08:00:750 GetExistingLocalProfileImage: Local
profile image filename = <%SystemDrive%\Documents and
Settings\Administrator> USERENV(c0.a8) 20:08:00:750
GetExistingLocalProfileImage: Expanded local profile image filename
= <C:\Documents and Settings\Administrator> USERENV(c0.a8)
20:08:00:781 GetExistingLocalProfileImage: No local mandatory
profile. Error = 2
USERENV(c0.a8) 20:08:00:781 GetExistingLocalProfileImage: Found local
profile image file ok <C:\Documents and
Settings\Administrator\ntuser.dat> USERENV(c0.a8) 20:08:00:781
GetExistingLocalProfileImage: Failed to query low profile unload
time with error 2
USERENV(c0.a8) 20:08:00:781 Local Existing Profile Image is reachable
USERENV(c0.a8) 20:08:00:781 Local profile name is <C:\Documents and
Settings\Administrator>
USERENV(c0.a8) 20:08:00:781 RestoreUserProfile: No central profile.
Attempting to load local profile.
USERENV(c0.a8) 20:08:01:984 MyRegLoadKey: Mutex released. Returning
0. USERENV(c0.a8) 20:08:01:984 GetUserDNSDomainName: Computer is
running standalone. No DNS domain name available.
USERENV(c0.a8) 20:08:02:046 MyRegLoadKey: Mutex released. Returning
0. USERENV(c0.a8) 20:08:02:046 CreateClassHive: existing user classes
hive found
USERENV(c0.a8) 20:08:02:046 RestoreUserProfile: About to Leave.
Final Information follows:
USERENV(c0.a8) 20:08:02:046 Profile was successfully loaded.
USERENV(c0.a8) 20:08:02:046 lpProfile->lpRoamingProfile = <>
USERENV(c0.a8) 20:08:02:046 lpProfile->lpLocalProfile = <C:\Documents
and Settings\Administrator>
USERENV(c0.a8) 20:08:02:046 lpProfile->dwInternalFlags = 0x100
USERENV(c0.a8) 20:08:02:046 RestoreUserProfile: Leaving.
USERENV(c0.a8) 20:08:02:046 UpgradeProfile: Entering
USERENV(c0.a8) 20:08:02:046 UpgradeProfile: Build numbers match
USERENV(c0.a8) 20:08:02:046 UpgradeProfile: Leaving Successfully
USERENV(c0.a8) 20:08:02:046 LoadUserProfile: Releasing mutex.
USERENV(c0.a8) 20:08:02:046 LoadUserProfile: Leaving with a value of
1. USERENV(c0.a8) 20:08:02:046 LoadUserProfile: hProfile = <0x314>
USERENV(c0.a8) 20:08:02:046
=========================================================

##### This is a part of log with hspark account
USERENV(c0.a8) 20:13:37:937
=========================================================
USERENV(c0.a8) 20:13:37:937 LoadUserProfile: Entering, hToken =
<0x158>, lpProfileInfo = 0x6f648
USERENV(c0.a8) 20:13:37:937 LoadUserProfile: Entering, hToken =
<0x158>, lpProfileInfo = 0x6f648
USERENV(c0.a8) 20:13:37:937 LoadUserProfile: lpProfileInfo->dwFlags =
<0x0> USERENV(c0.a8) 20:13:37:937 LoadUserProfile:
lpProfileInfo->lpUserName = <hspark>
USERENV(c0.a8) 20:13:37:937 LoadUserProfile: NULL central profile path
USERENV(c0.a8) 20:13:37:968 LoadUserProfile: NULL default profile path
USERENV(c0.a8) 20:13:37:968 LoadUserProfile: NULL server name
USERENV(c0.a8) 20:13:37:968 GetUserMutex: entering
USERENV(c0.a8) 20:13:37:984 GetUserMutex: Waiting...
USERENV(c0.a8) 20:13:37:984 GetUserMutex: Wait succeeded. Mutex
currently held.
USERENV(c0.a8) 20:13:37:984 RestoreUserProfile: Entering
USERENV(c0.a8) 20:13:37:984 RestoreUserProfile: User is a Admin
USERENV(c0.a8) 20:13:37:984 IsCentralProfileReachable: Entering
USERENV(c0.a8) 20:13:37:984 IsCentralProfileReachable: Null path.
Leaving USERENV(c0.a8) 20:13:37:984 RestoreUserProfile: Profile path
= <> USERENV(c0.a8) 20:13:37:984 ExtractProfileFromBackup: A profile
already exists
USERENV(c0.a8) 20:13:37:984 PatchNewProfileIfRequred: A profile
already exists with the current sid, exitting
USERENV(c0.a8) 20:13:37:984 CreateLocalProfileKey: Not setting
additional Security
USERENV(c0.a8) 20:13:37:984 GetExistingLocalProfileImage: Found
entry in profile list for existing local profile
USERENV(c0.a8) 20:13:37:984 GetExistingLocalProfileImage: Local
profile image filename = <%SystemDrive%\Documents and Settings\hspark>
USERENV(c0.a8) 20:13:37:984 GetExistingLocalProfileImage: Expanded
local profile image filename = <C:\Documents and Settings\hspark>
USERENV(c0.a8) 20:13:37:984 GetExistingLocalProfileImage: No local
mandatory profile. Error = 2
USERENV(c0.a8) 20:13:38:031 GetExistingLocalProfileImage: Found local
profile image file ok <C:\Documents and Settings\hspark\ntuser.dat>
USERENV(c0.a8) 20:13:38:031 GetExistingLocalProfileImage: Failed to
query low profile unload time with error 2
USERENV(c0.a8) 20:13:38:031 Local Existing Profile Image is reachable
USERENV(c0.a8) 20:13:38:031 Local profile name is <C:\Documents and
Settings\hspark>
USERENV(c0.a8) 20:13:38:031 RestoreUserProfile: No central profile.
Attempting to load local profile.
USERENV(c0.a8) 08:36:01:125 LibMain: Process Name:
\??\C:\WINNT\system32\winlogon.exe
=> This "winlogon.exe" process is for another logon with Administrator
account.
Click to expand...

Did you try using the FixBlast tool? You can find it at Symantec's site.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
M

Michael Johnston [MSFT]

Make sure that MSBlast is completely removed. Then delete the profile for the user account that is not longer accessible. Logon and allow a default profile to
get created. If problems continue, I would recommend you wipe the drive and re-install the OS. If the box has been compromised, this is the only way to
completely recover.

Thank you,
Mike Johnston
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 
A

Ace Fekay [MVP]

In
Michael Johnston said:
Make sure that MSBlast is completely removed. Then delete the
profile for the user account that is not longer accessible. Logon
and allow a default profile to get created. If problems continue, I
would recommend you wipe the drive and re-install the OS. If the box
has been compromised, this is the only way to completely recover.

Thank you,
Mike Johnston
Microsoft Network Support
Click to expand...

That FixBlast.exe tool from Symantec should clean it up fine without
necessitating a reinstall. Cleaned one up for a friend and it worked fine.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Logon problem - Profile locked - Temporary profile created 3
Roaming profile won't load on Windows 2000 but does on XP 4
TS profiles problem 3
Failed to get UserGuid - policy does not apply 2
HANG on Applying personal settings 2
USB disk silent read errors 2
Slow in "Applying Personal Setting" 0
LCP negotication when accepting an incoming call 0

Top