Re: XP Pro logons changed after recent Windows Update
- From: "Rock" <rock@xxxxxxxxxx>
- Date: Tue, 21 Nov 2006 22:08:09 -0800
"Steve" wrote
System is XP Pro XP2, all patches are up to day. Running on dynamic IP
DSL with Windows Firewall, Windows Defender and up to date AVG
anti-virus.
There are 2 user accounts, mine (strong password protected and an
admin), and my wife (no password, not admin level), along with the
admin account (strong password protected).
My wife logged on this morning as normal, checked e-mail and went to
get ready for work. When she came back to the PC, it was back at the
user login screen and started to ask her for a password. Nothing she
tried worked. I came down and tried to log into my account - and my
password no longer worked. Obviously checked caps lock and such -
nothing - couldn't log in.
When to shut it down and was prompted with an alert that another user
was logged in. The alert box didn't "look" quite right - not sure if
that was my imagination or not though - it seemed the font or something
about the type wasn't quite right.
Rebooted in safe mode and was able to log in as administrator fine and
changed my account password to a new one. Rebooted and I could get
into my account fine. I also noticed I had the "green shield" icon
stating that updates were recently done and an automatic reboot was
necessary (perhaps this is why my wife's desktop was back to a login
screen?)
In examining my tasklist, the only process running that didn't seem
familiar was uphclean.exe. When I google it, I see it's "User Profile
Hive Cleanup Service". When I searched for the physical file, I found
it in c:\Program Files\uphclean\ and the only other file in that
folder was a readme.txt. To the best of my recollection, I can't
recall ever seeing this in the tasklist before, and I know it's the
first time I've googled it.
When I had to leave for work, I went to shut down and was again given
the dialog box that said other users were logged onto the system.
Part of me thinks (hopes) this was an automatic reboot that didn't
check to see if uphclean.exe was running, and it somehow slightly
corrupted the user hive. Another part of me fears that uphclean.exe is
some sort of trojan and all hell is breaking loose in my machine.
Anyone see this happen before? What can I do to further investigate
and / or mitigate any damage short of a paranoid reformat?
What caused the problems in your system I don't know but Uphclean is a legitimate Windows file,. Though that doesn't mean the one on your system hasn't been altered, it doesn't seem likely. Uphclean helps to unload the registry when windows is shut down. It doesn't do anything else. It is not installed by windows update. Someone must have installed it.
UPHClean v1.6d readme.txt
http://download.microsoft.com/download/a/8/7/a87b3d05-cd04-4743-a23b-b16645e075ac/readme.txt
Troubleshooting profile unload issues
http://support.microsoft.com/?id=837115
.
- References:
- Prev by Date: Re: [OT] Ping No Stop
- Next by Date: Re: Configure Disk Clean-Up
- Previous by thread: Re: XP Pro logons changed after recent Windows Update
- Next by thread: Re: Off line folder problem
- Index(es):
Relevant Pages
|
