Educause Security Discussion mailing list archives
Re: Windows rebooting problem.
From: Charlie Prothero <Charlie.Prothero () KEYSTONE EDU>
Date: Wed, 26 May 2004 15:42:40 -0400
Try booting in safe mode and removing McAfee. I saw something similar happen when a corrupt virus signature update got distributed across a network. -----Original Message----- From: Gary Dobbins [mailto:dobbins () ND EDU] Sent: Wednesday, May 26, 2004 3:27 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Windows rebooting problem. This is a remote but possible cause, so I'll toss it out for what it's worth: I've seen this occur while developing a logon GINA module for Windows, which some security (and maybe malware) products may have installed. The registry entry, if you can get to it, that loads an extension GINA is below. Just rename the value in the registry (effectively deleting it), and the default logon GINA will be used at next boot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GINADLL ('GINADLL' is the value's name. If not present, no extension GINA is installed.) Lois Lehman wrote:
Mark, see if this helps: http://support.microsoft.com/default.aspx?scid=kb;en-us;330303 Lois Lehman College Network Security Manager Physical Sciences Computer Support Manager College of Liberal Arts & Sciences Arizona State University 480-965-3139 -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark Wilson Sent: Wednesday, May 26, 2004 9:57 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Windows rebooting problem. We have had a problem with XP (and maybe 2000) systems rebooting. We use McAfee and all "infected" systems come up clean when scanned in
safe
mode/no network. Most times the system crashes either prior to the Windows Logon Screen or just seconds after someone logs in. The dreaded "Blue Screen of Death" appears with the following error: STOP Fatal systems error Windows logon process system process terminated unexpectedly. Status 0xc0000005 There is some mention that perhaps only networked systems experienced this problem. Seems to boot up and run in Safe Mode/No Network. Any ideas/suggestions? I will do my best to answer any questions
about
this as I am getting this info piecemeal. Thanks, Mark Wilson GCIA, CISSP #53153 Network Security Specialist Auburn University (334) 844-9347 ********** Participation and subscription information for this EDUCAUSE
Discussion
Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at http://www.educause.edu/cg/. -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Windows rebooting problem. Mark Wilson (May 26)
- <Possible follow-ups>
- Re: Windows rebooting problem. Lutzen, Karl F. (May 26)
- Re: Windows rebooting problem. Wehner, Paul (wehnerpl) (May 26)
- Re: Windows rebooting problem. Lois Lehman (May 26)
- Re: Windows rebooting problem. Tom Gerstner (May 26)
- Re: Windows rebooting problem. Gary Dobbins (May 26)
- Re: Windows rebooting problem. Charlie Prothero (May 26)
- Re: Windows rebooting problem. Mark Wilson (May 26)