XP Home Log In/Out

  • Thread starter Thread starter ohdear
  • Start date Start date
O

ohdear

Hey, had a real problem with what was more than likely a trojan and some
horrible malware.. Basically my PC has been reduced to something resembling a
smelly pancake.
When I start up normally I'm now asked to sign in my XP Home, which never
happens. Logs in, opens settings, might display the background image (no
Start button, toolbar, anything etc) then logs me out and 'saves' the
settings.. Also applies to Administrator option..
Can't open in safe-mode, as it just happens again..

Not sure if reboot works at the moment as i've lost the windows disk
somewhere along the way, so basiically does anyone know of a way of seriously
system restoring this cow (say about a week) or helping me tame this beast
without having to go to a shop and spend money on repairs??
 
ohdear said:
Hey, had a real problem with what was more than likely a trojan and
some horrible malware.. Basically my PC has been reduced to
something resembling a smelly pancake.
When I start up normally I'm now asked to sign in my XP Home, which
never happens. Logs in, opens settings, might display the
background image (no Start button, toolbar, anything etc) then logs
me out and 'saves' the settings.. Also applies to Administrator
option..
Can't open in safe-mode, as it just happens again..

Not sure if reboot works at the moment as i've lost the windows disk
somewhere along the way, so basiically does anyone know of a way of
seriously system restoring this cow (say about a week) or helping
me tame this beast without having to go to a shop and spend money
on repairs??

If you do not have the manufacturer's given method of restoring the system
to its original state (hard disk drive partition, system restore CDs, actual
installation media, etc) - one cannot likely do too much 'repair' without
these things. Especially if it is in the state you say it is (unable to
logon as any user, safe mode, etc.)
 
ohdear said:
Hey, had a real problem with what was more than likely a trojan and some
horrible malware.. Basically my PC has been reduced to something
resembling a
smelly pancake.
When I start up normally I'm now asked to sign in my XP Home, which never
happens. Logs in, opens settings, might display the background image (no
Start button, toolbar, anything etc) then logs me out and 'saves' the
settings.. Also applies to Administrator option..
Can't open in safe-mode, as it just happens again..

Not sure if reboot works at the moment as i've lost the windows disk
somewhere along the way, so basiically does anyone know of a way of
seriously
system restoring this cow (say about a week) or helping me tame this beast
without having to go to a shop and spend money on repairs??

It appears that Windows can no longer find userinit.exe - see here:
http://support.microsoft.com/?scid=kb;en-us;249321&x=10&y=10
Your chances of fixing this problem without a Windows CD and without
getting outside help are very slim.
 
Yes, you were right. The site doesn’t have sufficient information but still I
will not let the Virus win.

As you said there is least chance to recover from this error as "Ohdear"
doesn't have Windows XP Installation CD and even he can not login into
Windows in Safe Mode.

I think there is a solution. However doesn't guaranty that it will work but
“Ohdear†you still have a chance before you pay a huge amount for recovery?

If your friend has a computer and he doesn’t mind giving it you for recovery
(or experimenting) then you still have chances.

1. Turn Off your Computer.
2. Unplug the Hard Disk Drive carefully.
3. Plug in to another running computer. Make sure that this computer is
protected against Anti Virus and Spyware with latest updates.
4. After Login and windows finish installing your hard disk on this
computer. Try this:

Posted by: supersunbird at http://mybroadband.co.za/vb/showthread.php?t=90171


Put infected harddrive in other pc with up to date antivirus as a slave
drive. Scan harddrive with antivirus and let it clean up all those nasty
viruses.

Go to run in start menu. Type in regedit. Select HKEY_LOCAL_MACHINE. Go to
File and select Load Hive. Browse to the infected drive and go to
infecteddrivesletter:\WINDOWS\system32\config (or :\WINNT\system32\config for
Win2000 users). Select the software file (not software.sav or .txt).

It will ask for a file name, type in anything your name. In this newly
created Hive of yours, browse to Microsoft > Windows NT > CurrentVersion >
WinLogon. Select the UserInit entry and make sure it is
C:\WINDOWS\system32\userinit.exe, even if there is only a comma behind that,
delete that comma, and if there is other text remove that too. Then go back
up to where you had created your name in regedit and go to File and select
Unload Hive.

Put the drive back into its PC and you should be able to login successfully.
If you get error messages on startup, just click ok because there is no harm,
those can be removed via regedit as well, but that process has more variables
and is thus more complicated.

Hope this help, let us know!
 
Just for information
============

Actually, I was trying to replace the windows\system32\config of the
infected PC with a working one. As I knew, it didn't work because the files
were in use. I also tried to use the Remote Registry feature to check if I
can edit the registry of an infected pc but the procedure was too completed
and even didn't work.

So, finally I think of editing the registry of a Slave Hard Disk drive and
google the same and found the link. However, I didn't try it but will soon.

Hope this work for Ohdear!
 
ah right, now all of this seems to be making a little bit of sense to me..
i'm-a-reckoning that..
basically registry mechanic or nod32 - probably the latter as i'd picked it
up to try and clear the original mess up - has gone and deleted this
wininit.exe and / or taken the drive registry with it..
i'm rooting around for the cd, but any idea of a way of re-directing this
anyway?
just don't really trust moving about hard-drives and taking down all the
computers as we don't really have a reliable anti-virus it seems..
you've all been great by the way, many thanks!
 
Sorry for delay in response but you didn't provide sufficient information.
Means, whats actually happening now? What the Nod32 did? Are you on the same
way or something has changed after the cleanup?

Let us know!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top