If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Can't log into Windows XP.
I had a virus on my computer called 'Internet Security 2010' which i tried to
remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris |
Ads |
#2
|
|||
|
|||
Can't log into Windows XP.
On Feb 15, 6:47*pm, worldc8804
wrote: I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris Try tapping F8 during POST to get safe mode . |
#3
|
|||
|
|||
Can't log into Windows XP.
worldc8804 wrote:
I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris Download this Avira Antivir Rescue System program which will burn a CD image to a blank CD. It's updated a few times per day. Insert the CD into the damaged machine and let it do a scan of your system. Before starting the scan, select "Configuration" and set to repair or rename the infected files. Sometimes your machine won't restart after such a repair process, so you might want to save needed files to another system before using this. If you can't, then you can move the hard drive to another machine to copy needed files. You can do that before, or after this scan. http://www.free-av.com/en/tools/12/a...ue_system.html Then run these: Malwarebytes© Corporation http://www.malwarebytes.org/mbam/program/mbam-setup.exe SuperAntispyware http://www.superantispyware.com/supe...freevspro.html You can try of the CD's mentioned at the following site. BitDefender was my favorite, but if the infected machine can't connect to the internet to get updates, Avira comes with current virus definitions. Also, some of these just won't run on some systems, perhaps because there's no drivers available for some system devices, motherboard, graphics card, etc. So try a few of these till you find one that works: Burn BitDefender, or another program listed at the link below, to a CD (using a working machine) and test the infected machine with it. BitDefender also has a Rootkit checker on the Linux Desktop; run it if you think that's the problem: http://www.techmixer.com/free-bootab...download-list/ Download the executable rather than the .iso image, if one is available, (though no .exe is available for BitDefender). After the scan is run, if you elect to quarantine files, they're quarantined to RAM and lost after you reboot. You'll need to copy any quarantined files to the hard drive, a thumb drive or elsewhere before exiting. -- Joe =o) |
#4
|
|||
|
|||
Can't log into Windows XP.
I appreciate the response. I have tried to get in safe mode. When I am in I
am still unable to log into my Admin account and my personal one. "sandy58" wrote: On Feb 15, 6:47 pm, worldc8804 wrote: I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris Try tapping F8 during POST to get safe mode . . |
#5
|
|||
|
|||
Can't log into Windows XP.
worldc8804 wrote:
I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. You must have done this incorrectly. Whether you want to boot off the Windows CD or perhaps one of the bootable CDs Elmo mentioned, you need to first make sure your BIOS is configured so that the PC will boot off the CD first. Then again, some PCs (like Dells) allow you to press a key (e.g., F12) immediately after you power up to access a boot options menu. What is the make and model of your PC? Helpful links: http://michaelstevenstech.com/bios_manufacturer.htm http://www.bleepingcomputer.com/viru...-security-2010 http://www.elephantboycomputers.com/...moving_Malware |
#6
|
|||
|
|||
Can't log into Windows XP.
"worldc8804" wrote: I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris I solved this problem in two steps: THIS PART MIGHT NOT EVEN BE NECESSARY: The first thing I did was replace the userinit.exe in c:/windows/system32 with the one off of one of my winxp pro cds (I used one with service pack 3). To do this, I went on another computer and attached the bad system drive to it using an external enclosure and did stat, run : expand d:/i386/userinit.ex_ e:/windows/system32 where d: is your cdrom drive and e: is the name of the bad system drive attached as an external. IThen I renamed the original userinit.exe to userinitold.exe and named userinit.ex_ to userinit.exe. This process might not be necessary but I had assumed from the beginning that userinit.exe has been compromised. This probably was all that actually needed to be done: The problem in my case is that the a registry entry had been changed by the virus. I used the Ultimate boot cd for windows to boot into a windows environment and then ran the remote registry program to edit the registry of the infected file system. (because you can't login normally, right?) Under HKLM: \Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit I changed this key to Userinit=C:\WINDOWS\system32\userinit.exe it had been changed by the virus to winlogon32.exe or something like that. Of course there are probably other ways to edit the registry on a system hard drive without using ultimate boot cd for windows. You could probably attach the hard drive to another machine with an external enclosure and then run a program that lets you remotely access the registry to change the necessary key. |
#7
|
|||
|
|||
Can't log into Windows XP.
Rob wrote:
"worldc8804" wrote: I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris I solved this problem in two steps: THIS PART MIGHT NOT EVEN BE NECESSARY: The first thing I did was replace the userinit.exe in c:/windows/system32 with the one off of one of my winxp pro cds (I used one with service pack 3). To do this, I went on another computer and attached the bad system drive to it using an external enclosure and did stat, run : expand d:/i386/userinit.ex_ e:/windows/system32 where d: is your cdrom drive and e: is the name of the bad system drive attached as an external. IThen I renamed the original userinit.exe to userinitold.exe and named userinit.ex_ to userinit.exe. This process might not be necessary but I had assumed from the beginning that userinit.exe has been compromised. This probably was all that actually needed to be done: The problem in my case is that the a registry entry had been changed by the virus. It can be caused by a missing Userinit file but more often than not the problem with the login loop is caused by an incorrect Winlogon Userinit registry entry rather than a missing Userinit.exe file. I used the Ultimate boot cd for windows to boot into a windows environment and then ran the remote registry program to edit the registry of the infected file system. (because you can't login normally, right?) Under HKLM: \Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit I changed this key to Userinit=C:\WINDOWS\system32\userinit.exe Don't forget the comma at the end! The correct Userinit value data should read: C:\WINDOWS\system32\userinit.exe, Of course there are probably other ways to edit the registry on a system hard drive without using ultimate boot cd for windows. You could probably attach the hard drive to another machine with an external enclosure and then run a program that lets you remotely access the registry to change the necessary key. No need for special programs, you can edit the remote registry with Regedit, see here for easy to follow instructions: http://www.rwin.ch/xp-live/regedit.htm John |
#8
|
|||
|
|||
Can't log into Windows XP.
Thanks John I added the common too
Also thanks for the info on the registry. I had complete forgot that it was indeed stored as files. So in this case Software should be loaded, modified, and then unloaded "John John - MVP" wrote: Rob wrote: "worldc8804" wrote: I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris I solved this problem in two steps: THIS PART MIGHT NOT EVEN BE NECESSARY: The first thing I did was replace the userinit.exe in c:/windows/system32 with the one off of one of my winxp pro cds (I used one with service pack 3). To do this, I went on another computer and attached the bad system drive to it using an external enclosure and did stat, run : expand d:/i386/userinit.ex_ e:/windows/system32 where d: is your cdrom drive and e: is the name of the bad system drive attached as an external. IThen I renamed the original userinit.exe to userinitold.exe and named userinit.ex_ to userinit.exe. This process might not be necessary but I had assumed from the beginning that userinit.exe has been compromised. This probably was all that actually needed to be done: The problem in my case is that the a registry entry had been changed by the virus. It can be caused by a missing Userinit file but more often than not the problem with the login loop is caused by an incorrect Winlogon Userinit registry entry rather than a missing Userinit.exe file. I used the Ultimate boot cd for windows to boot into a windows environment and then ran the remote registry program to edit the registry of the infected file system. (because you can't login normally, right?) Under HKLM: \Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit I changed this key to Userinit=C:\WINDOWS\system32\userinit.exe Don't forget the comma at the end! The correct Userinit value data should read: C:\WINDOWS\system32\userinit.exe, Of course there are probably other ways to edit the registry on a system hard drive without using ultimate boot cd for windows. You could probably attach the hard drive to another machine with an external enclosure and then run a program that lets you remotely access the registry to change the necessary key. No need for special programs, you can edit the remote registry with Regedit, see here for easy to follow instructions: http://www.rwin.ch/xp-live/regedit.htm John . |
#9
|
|||
|
|||
Can't log into Windows XP.
Thanks for the responses. Elmo I tried using the avira_rescue and it froze at
"Mounting Devices" /dev /fd0 in the very beginning. I think its only for linux? I looked at a few other posts from Rob and John John and I think i'm out of my league looking at their posts. Is there a simple way to fix this or should I concede and pay $150 for a repair shop to fix it. Any suggestions would be greatly appreciated. Thank you ladies and gents who have posted so far. |
#10
|
|||
|
|||
Can't log into Windows XP.
"worldc8804" wrote in message ... I had a virus on my computer called 'Internet Security 2010' which i tried to remove with 'AVG Free 9.0'. My anti-virus software required a restart in order to remove all of the virus's. I restarted and now when i try to log into my profile it logs in for 3 seconds and logs out before I can do anything. I tried logging into every advanced login option, IE safemode /w command prompt and all of the other options. I can not log in with administrator either. I read some things online that said to boot from the Windows xp CD. I tried this and got a message on the blue screen saying my computer is infected and it must shut down to prevent further damage. Is there anyway to bypass the login screen or get to a command prompt to reformat? PLEASE HELP!@@!!@ -Chris (Chris later adds...) "worldc8804" wrote in message ... Thanks for the responses. Elmo I tried using the avira_rescue and it froze at "Mounting Devices" /dev /fd0 in the very beginning. I think its only for linux? I looked at a few other posts from Rob and John John and I think i'm out of my league looking at their posts. Is there a simple way to fix this or should I concede and pay $150 for a repair shop to fix it. Any suggestions would be greatly appreciated. Thank you ladies and gents who have posted so far. Chris: Before getting into the more substantive part of my post...a suggestion or two... 1. It's really helpful to potential responders to know something about the system involved, e.g., is this an OEM machine? If so, what's the make & model? If not, is it a desktop machine? Is the XP OS installation CD you're using a non-branded OEM version or a retail version? Or is it a recovery/restore type of CD possibly provided by the maker of your machine? 2. It's best not to treat this (or any similar) newsgroup as some sort of "chatline". Except in the most trivial instances, when you post a message (as you did in your last message above) it should *not* merely be a continuation of the problem/issue you've raised without providing pertinent background info concerning the problem/issue you've originally raised. In other words it should not be an "orphan" or isolated post responding *only* to one or another poster who previously responded to your plea for help. As you will note I've included your original post in this message. Now to your problem... 1. First of all, in the final line of your original post you raise the question "or get to a command prompt to reformat?" Are you indicating that when all is said & done at this point all you're interested in is returning the system to a bootable, functional state involving a fresh install of the XP OS? So that at this point-in-time you're not particularly interested in the possibility of repairing the OS in order to salvage the latter together with your programs & personal data? Or, on the other hand, you really didn't mean to use the term "reformat" in that sense? So that your interest actually *is* in "repairing" the system and salvaging all the data? 2. Have you used the HDD diagnostic utility from the hard drive's manufacturer to check out the disk? If you haven't done so it would be wise to do so ASAP. 3. I'll assume the XP OS installation CD you're using is either a non-branded or retail version. When you boot to that CD can we assume the "Press any key to boot from CD" or similar message comes up at the beginning of the boot process? And that the display indicates the string of setup files are being loaded? So that the "blue screen" you mention displays *after* those setup files have been apparently loaded? What we're trying to get at is that are you absolutely sure you are booting to the XP OS installation CD and not to your problem HDD? If you see fit, respond to the above and we can go on from here should you want to. Anna |
#11
|
|||
|
|||
Can't log into Windows XP.
worldc8804 wrote:
Thanks for the responses. Elmo I tried using the avira_rescue and it froze at "Mounting Devices" /dev /fd0 in the very beginning. I think it's only for Linux? I looked at a few other posts from Rob and John John and I think I'm out of my league looking at their posts. Is there a simple way to fix this or should I concede and pay $150 for a repair shop to fix it? Any suggestions would be greatly appreciated. Thank you ladies and gents who have posted so far. The Knoppix CD runs independent of the hard drive, but should run on most systems. There can be some pauses at times, but it should eventually run. -- Joe =o) |
#12
|
|||
|
|||
Can't log into Windows XP.
What I suggested should not be that difficult to perform so long as you can
find the parts: You simply need: 1. Another computer such as a friend's 2. Open up your computer and see what type of hard drive you have (either IDE and SATA) look at pictures on google to tell the difference. There a also two sizes of hard drives desktop (3.5") and laptop (2.5") 3. Then get an external hard drive enclosure (you can buy this at best buy for like $20 or fry's electronics). For example tell the guy at the store that you need a IDE hard drive enclosure for a desktop hard drive. 3. Then remove the hard drive from your computer and attach it to the enclosure. Then plug it in to the extra computer and then follow the instructions here http://www.rwin.ch/xp-live/regedit.htm, open the SOFTWARE file, and replace the key with what I showed you. Then installl your hard drive and boot up. I doubt a virus removal program is going to fix this for your. This is a registry issue caused by a virus. Do what i said, I'm fairly sure that this is the solution "worldc8804" wrote: Thanks for the responses. Elmo I tried using the avira_rescue and it froze at "Mounting Devices" /dev /fd0 in the very beginning. I think its only for linux? I looked at a few other posts from Rob and John John and I think i'm out of my league looking at their posts. Is there a simple way to fix this or should I concede and pay $150 for a repair shop to fix it. Any suggestions would be greatly appreciated. Thank you ladies and gents who have posted so far. |
Thread Tools | |
Display Modes | |
|
|