Someone said: discovered a new virus, to run this "virus" after not be able to sign, a sign that the virus modified password.

Get this "virus", the virtual machine running in trying to restart the tips of "local interactive login is disabled," Obviously, this is not modify the registry password, but only in the local security strategy Zuoleshoujiao.

Restoration of such a system, a number of ways:

1. System Restore course, the most simple, which do not have to say (I am talking about windows of the annex to the System Restore, the ghost is not any reduction or other tools)

2.MMC called Group Policy Editor remote management of fault, in computer management -> security settings -> user privileges in the distribution of the right of inspection "to allow local sign" is not the user to delete the group, if removed, then add the corresponding User group.

The use of remote computer repair on the premise that can connect remote fault plane, I test, not even on life and death, or even the use of fault recovery console sign the test virtual machine, telnet services and long-distance services into the registry automatically, try again Or failure. telnet connection failures planes also failed.

But try a third technique, but this is the simplest skills.

3. Xp in, windows of the repair of the registry backup directory of the key data, testing procedures of this prank is clearly modify the security configuration, will try to restore security to c: \ windows \ system32 \ config directory, restart Was resolved.

Only need to use the guidance system was installed into the fault recovery console, and then the implementation of copy c: \ windows \ repair \ security c: \ windows \ system32 \ config \ security can be.