The problem was when logging into windows, it immediately logged off automatically. This was the same for each user account and even attempting to log in using Safe Mode.

This turned out to be due to userinit.exe not running correctly. A virus had hijacked the log in process, running its own executable instead of userinit.exe. A registry key referencing userinit.exe had been altered.

The solution is as follows:

The obvious difficulty is that I could not log on to the PC to access and edit the registry. To get around this a bootable CD such as Hiren Boot CD or BartPE is required.

To edit the registry of the PC  Boot int Windows PE or Minid XP on the device.
Once in Windows go to the command prompt and  type regedit.
Select HKEY_LOCAL_MACHINE.
On the File menu, choose Load Hive.

A series of message boxes might appear that stating that the folder cannot be found and that the location is unavailable. Ignore any such messages and click OK when they appear.

The Load Hive dialog box will appear.
In the Files of type box, select All Files.
Navigate to the registry location on the local PC. Typically this is C:\WINDOWS\system32\config.

In this config folder, select the hive SOFTWARE and then click OK.
Back in the Load Hive dialog box type a Key Name, e.g., TEST_ITEM.

Choose HKEY_LOCAL_MACHINE, and then choose the new reg key .

Browse to:
“HKEY_LOCAL_MACHINE\TEST_ITEM\Microsoft\Windows NT\CurrentVersion\Winlogon”

Look for a a key named “OldUserinit”, delete the “Userinit” key and rename the “OldUserinit” key to “Userinit”.

The “Userinit” key should be “C:\WINDOWS\system32\userinit.exe”.

Usually the problem is that this key is referencing an alternative exe which is causing this automatic log off.

Now clicke HKEY_LOCAL_MACHINE, go to the File menu, and then choose Unload Hive.

Reboot the PC. The log on process should work correctly. However a virus scan needs be run immediately. This is because the problem may reoccur at the next logon (This happened to me)

A scanner such as Combofix, Smitfruadfix and/or Malwarebytes should be used. Each of these can be found from a Google search.

After rebooting it is recommended to run an additional scan, perhaps with the installed Anti-Virus program.

I hope you too have Found a Fix!

1. Try Combofix. Disable whatever anti-virus you are currently running first and download here.
2. Visit http://safety.live.com and click on “Full Service Scan”. Follow the steps for a complete scan.
3. After this has completed, go to http://housecall.trendmicro.com/ and Click on “Scan Now. It’s Free”. Again, follow the steps for complete scan and removal of threats.
4. From the control panel, Go to Add/Remove programs and remove any unnecessary programs. Look out for browser add-ins, search programs, free or demo software, shopping , advertising, toolbar extra’s, and so on. At the very least, this is good pc maintenance. If you have more than 1 ant-virus software, then remove at least one of them.
5. Download and run RogueRemover.
6. Download and Run SmitfraudFix
7. Download, Install and run CCleaner – This is a free tool for removing temporary files, cookies, history, and cleaning up registry problems. Run the Cleaner and then the registry fix.
8. Download, install and run Spybot – Search & Destroy –  Homepage is http://www.spybot.info
9. To analyse and remove items from your startup list,  download HijackThis to a temporary directory. This tool is a great way to see what programs are starting up when you pc logs in to windows. My advice here is to remove obvious entries but consult Google for a second opinion. Be careful with this tool as you can adversely affect genuine programs such as your ant-virus software. Alternatively, you can use the startup manager in CCleaner to simply disable the startup items.
10. If you do not have any anti-virus software, download AVG Free .

I hope you have Found A Fix!