• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2864
  • Last Modified:

Windows XP logs on, then immediately logs off (even in Safe Mode)

Good morning.

I have a laptop here with Windows XP installed. It has been working fine for the past 2 years and a frequent virus scans / updates are run using Avast Home. I am also regularly running and updating SpyBot Search and Destroy.

A few days the laptop started to automatically log off as soon as I would log on. At that time I was able to boot in safe mode with networking which was when I updated my Avast program and definitions. I scheduled a boot scan which found 3 Trojans, then shut down.

Now I am not even able to boot in safe mode. I have removed the drive and attached it to a PC and am running a second full virus scan. The first full virus scan did not find anything, but when the drive was placed back into the laptop I am still unable to log on...even in safe mode.

Is there a permissions issue or file corruption that can en corrected? I'd prefer not to resort to a reformat.

Thanks in advance for any advice.
1 Solution

1. Navigate to
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

2. If there is a key named "OldUserinit", delete the "Userinit" key and rename the "OldUserinit" key to "Userinit".

3. The "Userinit" key should now say

"WINDOWS_PATH" is relative to where you have your windows installed.
Mine would be "C:\WINDOWS\system32\userinit.exe,"

Now you can log in again

Who changed my Userinit key?

Spyware. The program is called "Search Assistant" and is located at "\Program Files\WindowsSA". It also has some "omni*.*" files in "\WINDOWS\system32\" dir that are linked to "Userinit" key. If you remove this spyware (using Ad-aware, etc.) the "omni*.*" files are deleted and you can't log in.

How to edit registry when I can't log in?

- Use recovery console - read the manual or browse the web on how to edit registry in recovery console.


- Use another machine on your network: Open regedit and select "File->Connect Remote Registry..." and in the dialog box select computer that has log in problems to view its registry.
But if you're no longer cant access safe mode, its a corruption issue. To avoid reformatting your drive, your best option is to use a windows xp live cd. It's a copy of windows xp that runs entirely on cd, it doesnt install anything to your HD. It has the essentials tools you need to restore your windows back to its normal state. Try  google and look for it, or you can make one..here is one link see below :

Open in new window

trahanAuthor Commented:
I am in the registry and do not see "OLDUserinit", but I do have "Useinit" that only has the value of "userinit.exe". I changed the value to "WINDOWS_PATH\system32\userinit.exe" but the system still just logs on and off immediately.

Is there anything else I can change?
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

trahanAuthor Commented:
I have compared my entry with another win xp station. Here's what I hav for the volume of Userinit:


I still am unable to log on though.
windows path refers to the system path, did you try changing the key to "c:\windows\syystem32\userinit.exe"?  That is the default path
If you used "WINDOWS_PATH\system32\userinit.exe" that wouldn't work.
trahanAuthor Commented:

Turns out the userinit.exe file was missing. I replaced it and it worked. Thanks again!
personally, my userinit.exe file was missing entirly and i copied and pasted from another windows and all was well.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now