Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 561
  • Last Modified:

Windows XP system will not boot. It keeps cycling at login

I may have gotten a virus, but not sure. Suddenly the computer will boot, show the background desktop image then go to the boot screen where I can select the user. It's called user 1
I click on it, it doesn't ask for a password, then it says logging off. I can click on the user 1 button over and over and it keeps saying logging off.
0
wootangclan
Asked:
wootangclan
  • 13
  • 8
  • 3
  • +2
1 Solution
 
Kris MontgomeryCommented:
Hi!

An old nasty logon script.

You need the Kapersky Rescue Disk:
http://support.kaspersky.com/viruses/rescuedisk

It will resolve the issue for you.

Thanks.

mug
0
 
dbruntonCommented:
Quite possible virus.

Safe mode works or not?

If not you'll have to take the hard drive out and attach to another machine (either as a slave or in a USB caddy) and scan for virus there.

These are usually the anti-virus products recommended around here for this task.

MalwareBytes:
http://www.malwarebytes.org/mbam-download.php

HitmanPro:
http://www.surfright.nl/en/hitmanpro

TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
moon_blue69Commented:
as soon as your system is powerd up and the bios screen flashes press F8 to bring the advanced startup menu and select disable automatic restart on system failure and continue
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Kris MontgomeryCommented:
I will second the comment to use Malwarebytes and ComboFix.   And I will second my own comment :) about using a Rescue disk, only because the user doesn't need to remove the harddrive.

If you happen to remove the drive, run Malwarebytes... A Full Scan will be necessary.

Thanks!

mug
0
 
wootangclanAuthor Commented:
I have Kapersky. It boots, I choose graphic mode, then it has the blackspalsh and nothing else.
0
 
TK-77Commented:
If you can't get Kapersky to fully boot, you can try Dr Web Live CD.
http://www.freedrweb.com/livecd/

If that doesn't boot into graphic mode, you can select to run a scan from the console mode. It's pretty easy to use plus it's free and it works well.

TK
0
 
wootangclanAuthor Commented:
how do you work console mode
0
 
dbruntonCommented:
Lots of possibles here.

Kapersky may not be fiinding the hard disk.
The hard disk may be corrupt.
Your computer itself my be ailing (motherboard, power supply).

Consider taking the hard disk across to another computer.
0
 
wootangclanAuthor Commented:
No. the HD is not corrupt. I've already ran chkdsk /r on it.
it was from another windows install.
0
 
moon_blue69Commented:
pull your hard disk out if you have a another computer connect it their go to folder options and unhide protected system files and copy ntdetect, ntldr,boot.ini to your c drive plug t back it should be working
0
 
dbruntonCommented:
>>  No. the HD is not corrupt. I've already ran chkdsk /r on it.

OK.  In that case the motherboard, power supply might be OK as well.  Strange the Kapersky CD didn't seem to go anywhere.  

SATA or PATA drive?  Laptop or desktop computer?
0
 
wootangclanAuthor Commented:
SATA drive on a SATA card. I was thinking that was causing issues. I'm trying it on console mode now
0
 
wootangclanAuthor Commented:
so isn't there a linux release that has good virus malware scan built in. bootable linux?
0
 
dbruntonCommented:
That Kapersky CD is I think a Linux disk.  You've got Midnight Commander on it for text mode operations and that http://en.wikipedia.org/wiki/Midnight_Commander is a Linux util.
0
 
wootangclanAuthor Commented:
I wish the Kapersky disk would boot damn it. I tried console mode, and it just hanged there. There was just a curser. what do I do? what do I type?
0
 
wootangclanAuthor Commented:
I wish the Kapersky disk would boot damn it. I tried console mode, and it just hanged there. There was just a curser. what do I do? what do I type?
0
 
wootangclanAuthor Commented:
starting to think there is something seriously wrong with the hardware on this machine.
0
 
dbruntonCommented:
I suspect that the Kapersky CD can't recognise the hard disk on the SATA channel.

Or there is a hardware problem as you state.

You could grab another Linux distribution such as Knoppix http://www.knoppix.org/ or Ubuntu http://www.ubuntu.com/ and boot from that and see if can see and browse the disk.

You did say that you ran chkdsk on this disk and presumably on this SATA port and it worked OK.

0
 
wootangclanAuthor Commented:
hooked it up to my machine. malwarbytes found nothing.
0
 
wootangclanAuthor Commented:
tried malwarebytes, superantispyware, and chkdsk. so far nothing. how can I force windows into a normal login window where I can try to login as admininstrator. now I only have option for user1.
I can see user1 and administrator on safe mode boot, however, it does the same thing for both accounts logs back off immediately.
0
 
dbruntonCommented:
Look at this thread http://www.computing.net/answers/windows-xp/logs-out-imedialtly-after-i-log-in/116408.html

May not be your problem but worth looking at.
0
 
dbruntonCommented:
0
 
Kris MontgomeryCommented:
The Avira Rescue Disk is Linux and is a good one too.

http://www.avira.com/en/support-download-avira-antivir-rescue-system

Please try that.  Thanks!

mug
0
 
wootangclanAuthor Commented:
none of these disk are working. I need a high level expert or guru to tell me how to fix this and not just rely on these rescue disks. I already said that there were no virus found.

I know there has to be something simple. like replacing a windows file. or a registry edit, or script edit that will trick windows to boot up.
0
 
wootangclanAuthor Commented:
Sry. I finally found the solution. I had to mount the registry hive from another computer. then I adjusted the registry

HKEYLOCALMACHINE/SOFTWARE/WINDOWSNT/WINLOGON/
changed key entry to point to userinit.exe file.

All I had to do was change it to point from c:\windows\system32\userinit.exe to d:\windows\system32\userinit.exe

d: is where the actual userinit.exe file is. for some reason the registry was pointing to the c drive even though d was always the boot drive.
0
 
dbruntonCommented:
0
 
wootangclanAuthor Commented:
Thanks for all that tried, but just pointing to these rescue disks didn't help.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 13
  • 8
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now