Quick Launch Settings Not Retained - again

J

Jay

Revisiting this issue simply because none of the suggested fixes have
worked, Kelly's, Fixbar, etc ..

Upon every re-boot, the Quick Launch bar is completely missing.
Right-click on taskbar and selecting "Quick Launch" will bring it back
BUT has to be expanded to view all icons. And .. the placement of the
icons revert back to original positions not retaining the custom
settings. This is getting MOST frustrating to say the least .. HELP !!

Thanks, Jay
 
M

Marisa

I share your frustration, as I am experiencing the same
problems. Only since a couple of days ago has this been
happening... Hope someone can help!
 
R

Ramesh [MVP]

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

Revisiting this issue simply because none of the suggested fixes have
worked, Kelly's, Fixbar, etc ..

Upon every re-boot, the Quick Launch bar is completely missing.
Right-click on taskbar and selecting "Quick Launch" will bring it back
BUT has to be expanded to view all icons. And .. the placement of the
icons revert back to original positions not retaining the custom
settings. This is getting MOST frustrating to say the least .. HELP !!

Thanks, Jay
 
J

Jay

On 24.06.04 09:30, Marisa wrote:

--- Original Message ---

I share your frustration, as I am experiencing the same
problems. Only since a couple of days ago has this been
happening... Hope someone can help!
Click to expand...

There's more to this .........

"GP" - Grace, in another thread on the same subject suggested

CONTROL-Panel -> Taskbar/Start Menu -> make sure the box "show quick
launch" is checked. Of course it isn't upon reboot and checking the box
does bring it back but when re-booting this checkbox is UNchecked. The
settings are NOT retained as well as custom locations of the icons.

Jay
 
J

Jay

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
 
R

Ramesh [MVP]

I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
 
J

Jay

On 24.06.04 10:08, Ramesh [MVP] wrote:

--- Original Message ---
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Click to expand...

BAh .. my bad .. :-[

Value: wsaupdater.exe

The only one there. Now what?

Jay
 
M

Marisa

Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
Click to expand...
NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.
Click to expand...
 
R

Ramesh [MVP]

BAh .. my bad .. :-[

Value: wsaupdater.exe

That value is equally bad :)

Change the Userinit value to "C:\Windows\System32\userinit.exe,"
Include the comma, not the quotes. And change the drive-letter if you've installed XP in some other drive.

On next reboot, delete wsaupdater.exe from the system.

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 10:08, Ramesh [MVP] wrote:

--- Original Message ---
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Click to expand...

BAh .. my bad .. :-[

Value: wsaupdater.exe

The only one there. Now what?

Jay
 
R

Ramesh [MVP]

Yes. That should help. Change the line back to the value I said and restart Windows. Upon next successful login, delete the malware file wsaup.....exe

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.
Click to expand...
 
J

Jay

On 24.06.04 11:09, Jay wrote:

--- Original Message ---

On 24.06.04 10:08, Ramesh [MVP] wrote:

--- Original Message ---
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Click to expand...

BAh .. my bad .. :-[

Value: wsaupdater.exe

The only one there. Now what?

Jay
Click to expand...

wsaupdater.exe with userinit.exe

Problem solved.

:)

Jay
 
M

Marisa

I don't mean to sound dumb, but how do I delete that
wasaupdater.exe file? Just search for it and click delete?
-----Original Message-----

Yes. That should help. Change the line back to the
Click to expand...
value I said and restart Windows. Upon next successful
login, delete the malware file wsaup.....exe
--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

"Marisa" <[email protected]> wrote in
Click to expand...
message news:[email protected]...
Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
Click to expand...
NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.
Click to expand...
.
Click to expand...
 
J

Jay

wsaupdater.exe with userinit.exe
Problem solved.

:)

Jay
Click to expand...

And yes, added the " , "

Once I knew what to look for, eg., wsaupdater.exe it was then a simple
matter of doing a google search for wsaupdater and got many hits
accordingly. Found instruction, simple as that ... thanks

Jay
 
R

Ramesh [MVP]

That's great. Run a spyware scan as well. (if not done already)

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 11:09, Jay wrote:

--- Original Message ---

On 24.06.04 10:08, Ramesh [MVP] wrote:

--- Original Message ---
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Click to expand...

BAh .. my bad .. :-[

Value: wsaupdater.exe

The only one there. Now what?

Jay
Click to expand...

wsaupdater.exe with userinit.exe

Problem solved.

:)

Jay
 
R

Ramesh [MVP]

Open this folder using Windows Explorer:
C:\WINDOWS\System32

and look for this file "wsaupdater.exe"

Caution: First change the userinit value to the correct value I stated. Reboot once and then only delete wsau...exe file.

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

I don't mean to sound dumb, but how do I delete that
wasaupdater.exe file? Just search for it and click delete?
-----Original Message-----

Yes. That should help. Change the line back to the
Click to expand...
value I said and restart Windows. Upon next successful
login, delete the malware file wsaup.....exe
--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

"Marisa" <[email protected]> wrote in
Click to expand...
message news:[email protected]...
Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---

Hi Jay,

This may be caused by Blazefind or any other malware. Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit" and note down the value data
(should be C:\Windows\System32\userinit.exe, the correct value)

If you see any other value there, post back with details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)
Click to expand...

There is no entry for "Userinit", doesn't exist in that key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.
Click to expand...
.
Click to expand...
 
J

Jay

On 24.06.04 11:29, Ramesh [MVP] wrote:

--- Original Message ---

That's great. Run a spyware scan as well. (if not done already)
Click to expand...

I ran Pest Patrol and SpyBot S/D and neither one found anything
beforehand ... Guess I need to run a half-dozen or so apps .. :)

Jay
 
A

Alex Nichol

donato said:
every thing you said worked. i also found a file called WSAUPDATER.EXE-0469B4F6.pf, is this a safe file? What spyware do you recommend?
Click to expand...

That will be in the Prefetch folder and is the record of the pattern of
files loaded when that program loads. It can't of itself do any harm,
and will be dropped in a few days if the program is no longer used
 
G

Guest

Ramesh: I too have this same problem. However, my registry key is correct.
Do you know of anything else that would cause quick launch to disappear on
each reboot?

Donato said:
I did everything you said and it worked great. Thanks. I also found a file called WSAUPDATER.EXE-0469B4F6.pf is this safe? What spyware do you recommend? thanks for all your help.


Ramesh said:
Open this folder using Windows Explorer:
C:\WINDOWS\System32

and look for this file "wsaupdater.exe"

Caution: First change the userinit value to the correct value I stated. Reboot once and then only delete wsau...exe file.

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

I don't mean to sound dumb, but how do I delete that
wasaupdater.exe file? Just search for it and click delete?
-----Original Message-----

Yes. That should help. Change the line back to the
Click to expand...
value I said and restart Windows. Upon next successful
login, delete the malware file wsaup.....exe
--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

"Marisa" <[email protected]> wrote in
Click to expand...
message news:[email protected]...
Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but
HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---


Hi Jay,

This may be caused by Blazefind or any other malware.
Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit"
and note down the value data
(should be C:\Windows\System32\userinit.exe, the
correct value)

If you see any other value there, post back with
details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)


There is no entry for "Userinit", doesn't exist in that
key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.

.
Click to expand...
Click to expand...
Click to expand...
 
R

Ramesh [MVP]

If you're sure that the registry values are correct and the problem persist,
there are a couple of options:

Line 164. Restore Taskbar to Default Functionality
http://www.kellys-korner-xp.com/xp_tweaks.htm

Taskbar Repair Tool Plus!:
http://www.kellys-korner-xp.com/taskbarplus!.htm

--
Ramesh, MS-MVP XP Shell/UI
http://www.mvps.org/sramesh2k


Ramesh: I too have this same problem. However, my registry key is correct.
Do you know of anything else that would cause quick launch to disappear on
each reboot?

Donato said:
I did everything you said and it worked great. Thanks. I also found a
file called WSAUPDATER.EXE-0469B4F6.pf is this safe? What spyware do you
recommend? thanks for all your help.


Ramesh said:
Open this folder using Windows Explorer:
C:\WINDOWS\System32

and look for this file "wsaupdater.exe"

Caution: First change the userinit value to the correct value I stated.
Reboot once and then only delete wsau...exe file.

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

I don't mean to sound dumb, but how do I delete that
wasaupdater.exe file? Just search for it and click delete?
-----Original Message-----

Yes. That should help. Change the line back to the
Click to expand...
value I said and restart Windows. Upon next successful
login, delete the malware file wsaup.....exe
--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

"Marisa" <[email protected]> wrote in
Click to expand...
message news:[email protected]...
Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but
HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---


Hi Jay,

This may be caused by Blazefind or any other malware.
Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit"
and note down the value data
(should be C:\Windows\System32\userinit.exe, the
correct value)

If you see any other value there, post back with
details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)


There is no entry for "Userinit", doesn't exist in that
key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.

.
Click to expand...
Click to expand...
Click to expand...
 
G

Guest

Perfect, thanks. The vbscript worked.

Ramesh said:
If you're sure that the registry values are correct and the problem persist,
there are a couple of options:

Line 164. Restore Taskbar to Default Functionality
http://www.kellys-korner-xp.com/xp_tweaks.htm

Taskbar Repair Tool Plus!:
http://www.kellys-korner-xp.com/taskbarplus!.htm

--
Ramesh, MS-MVP XP Shell/UI
http://www.mvps.org/sramesh2k


Ramesh: I too have this same problem. However, my registry key is correct.
Do you know of anything else that would cause quick launch to disappear on
each reboot?

Donato said:
I did everything you said and it worked great. Thanks. I also found a
file called WSAUPDATER.EXE-0469B4F6.pf is this safe? What spyware do you
recommend? thanks for all your help.


Ramesh said:
Open this folder using Windows Explorer:
C:\WINDOWS\System32

and look for this file "wsaupdater.exe"

Caution: First change the userinit value to the correct value I stated.
Reboot once and then only delete wsau...exe file.

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

I don't mean to sound dumb, but how do I delete that
wasaupdater.exe file? Just search for it and click delete?
-----Original Message-----

Yes. That should help. Change the line back to the
value I said and restart Windows. Upon next successful
login, delete the malware file wsaup.....exe

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

message Hello Ramesh,
I was also having the same problem as Jay and I followed
your instructions and sure enough, the string
at "Userinit" at the location
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon] said "C:\WINDOWS\System32
\wsaupdater.exe,"
so I changed it to "C:\WINDOWS\System32\userinit.exe,"
This should take care of the problem I hope?
Thank you,
Marisa
-----Original Message-----
I'm not talking about HKEY_CURRENT_USER, but
HKEY_LOCAL_MACHINE.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

--
Ramesh - Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

AumHa VSOP: http://www.aumha.org

On 24.06.04 09:34, Ramesh [MVP] wrote:

--- Original Message ---


Hi Jay,

This may be caused by Blazefind or any other malware.
Open Registry Editor and navigate to this location:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon]

In the right-pane, locate the value named "Userinit"
and note down the value data
(should be C:\Windows\System32\userinit.exe, the
correct value)

If you see any other value there, post back with
details and change the value data to:
C:\Windows\System32\userinit.exe,

(Assuming Windows is installed in C:\ drive)


There is no entry for "Userinit", doesn't exist in that
key.

All that's there is:

BuildNumber
ExcludeProfileDirs
ParseAutoexec

Should I ADD "Userinit" and the value ??

Jay
.

.
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Restore invisible Quick Launch 2
Quick Launch icons disappearing 7
Quick Launch immovable atop Taskbar 2
Quick Launch Icons are Incorrect, but work 2
Quick Launch toolbar won't stay 2
Quick Launch Icons are STILL Incorrect, after iconcache_10.vbs 10
Quick Launch Icons and Outlook Signatures Have Disappeared 4
Quick Launch not retained 1

Top