Can't Logon
in [Windows XP]
|
Prev: kernrate and cpu
Next: Serscan.sys
From: Skye on 25 Nov 2009 05:44 After a trojan was cleaned on my PC running XP Home I can no longer get back into the operating system. I can't get past the logon screen using either Administrator or User, nothing happens it just says logging on then immediately logs off and I can't get into safe mode either. I remember seeing that the trojan was in Windows User Logon Hotkey Registry, not necessarily in that order though. Any advice guys? Thanks, Skye. --
From: Elmo on 25 Nov 2009 10:06 Skye wrote: > After a Trojan was cleaned on my PC running XP Home I can no longer get back > into the operating system. I can't get past the logon screen using either > Administrator or User, nothing happens it just says logging on then > immediately logs off and I can't get into safe mode either. I remember seeing > that the Trojan was in Windows User Logon Hotkey Registry, not necessarily in > that order though. Any advice guys? > Thanks, Skye. Here are a few things to try: - The registry might've been damaged. Press F5 repeatedly during the Reboot, and select "Last Known Good Configuration". - Burn BitDefender, or another program listed at the link below, to a CD (using a working machine) and test the infected machine with it. BitDefender also has a Rootkit checker on the Linux Desktop; run it if you think that's the problem: http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/ Download the executable rather than the .iso image, if one is available.. it prompts you to insert a CD and burns the file, no problem. - Try a Repair Install of XP. http://michaelstevenstech.com/XPrepairinstall.htm -- Joe =o)
From: Skye on 25 Nov 2009 12:12 Thanks for info. Last known good config doesn't work either and I don't know how to check the infected PC if I can't get into the o/s. PC's here don't come with an installation CD so I can't do a repair. Hmmmmm!!! Skye
From: Jose on 25 Nov 2009 12:35 On Nov 25, 12:12 pm, Skye <S...(a)discussions.microsoft.com> wrote: > Thanks for info. Last known good config doesn't work either and I don't know > how to check the infected PC if I can't get into the o/s. PC's here don't > come with an installation CD so I can't do a repair. Hmmmmm!!! > Skye What program(s) did you use to remove the trojan? Unless you want to try a lot of things, the most efficient way to troubleshoot and resolve your issue is to come up with (beg, borrow, copy) a genuine bootable XP installation CD. Failing that, create a bootable XP Recovery Console CD - which you can do with no XP media. Then troubleshoot and resolve the issue.
From: Pegasus [MVP] on 25 Nov 2009 14:25
"Skye" <Skye(a)discussions.microsoft.com> wrote in message news:F08BFA54-147D-4A08-9AE9-A309EFD48AE4(a)microsoft.com... > After a trojan was cleaned on my PC running XP Home I can no longer get > back > into the operating system. I can't get past the logon screen using either > Administrator or User, nothing happens it just says logging on then > immediately logs off and I can't get into safe mode either. I remember > seeing > that the trojan was in Windows User Logon Hotkey Registry, not necessarily > in > that order though. Any advice guys? > Thanks, Skye. > -- There appear to be two issues here: a) The virus infection. b) The logon/logoff loop. About a): In my opinion, machines that are infected are compromised and should be reloaded. You will need to decide if it worth the trouble spending a lot of time in an attempt at cleaning the machine and perhaps ending up with an unstable machine. A re-installation would give you a result of guaranteed quality within a few hours. About b): This looping behaviour is usually caused by an inability of Windows to locate the file userinit.exe. The cure depends on your setup: - It is easy if the machine is networked with an other machine and if you know the Administrator's password. - It is less easy if you can connect its hard disk as a slave disk (or as a USB disk) to some other machine. - It is quite hard if none of the above apply. "Hard" means that the process is quite complex, possibly difficult to understand if you're a novice and very time consuming. |