Sign in with
Sign up | Sign in
Your question
Closed

Unable to logon after Malware removal

Last response: in Windows XP
Share
May 19, 2010 5:36:19 PM

Hello,
Son had a Malware on his HP Mini 1000 1151NR. We DLd, installed, and ran a Spyware program which found 54 problems, which we allowed the Spyware program to fix. After that we rebooted.

Since that time any attempt to logon any UserID, including Admin, results in an extremely quick logon followed by "logging user off" and "saving settings." I read somewhere that some Malware changes a Registry key, something like userinit, which causes this problem.

Given normal circumstances I'd just throw in his XP discs and try a repair and go from there. Problem is... his machine has no CD/DvD drive and didn't come with any discs. It was supposed to come with some Roxio restore partition but that wasn't installed either.

Not too bad with PCs but I'm totally lost now. Any help, comments, suggestions, etc. greatly appreciated.

Thx ahead of time.

Totally Lost in NC
May 20, 2010 6:51:00 AM

ShipTom said:
Hello,
Son had a Malware on his HP Mini 1000 1151NR. We DLd, installed, and ran a Spyware program which found 54 problems, which we allowed the Spyware program to fix. After that we rebooted.

Since that time any attempt to logon any UserID, including Admin, results in an extremely quick logon followed by "logging user off" and "saving settings." I read somewhere that some Malware changes a Registry key, something like userinit, which causes this problem.

Given normal circumstances I'd just throw in his XP discs and try a repair and go from there. Problem is... his machine has no CD/DvD drive and didn't come with any discs. It was supposed to come with some Roxio restore partition but that wasn't installed either.

Not too bad with PCs but I'm totally lost now. Any help, comments, suggestions, etc. greatly appreciated.

Thx ahead of time.

Totally Lost in NC


[#0005ff]Go Start then Run and in the Open box, type regedit and hit Enter. Choose Export from the File menu and then note the location and the name you give what will be the backup of the Registry you're about to amend, in case you need to revert to it.

Then, in the same way you would in Windows Explorer through a file and folder structure, navigate to H_KEY_LOCAL_MACHINE>Software>Microsoft>WindowsNT>Current Version>Winlogon and in the right hand pane, look at UIHost. If the Data column doesn;'t show logonui.exe, double click UIHost and amend the data accordingly.

Leave the Registry by File and Exit and restart the computer. That should do the trick.
[/#000ff]
Related resources
May 20, 2010 12:03:59 PM

Appreciate the feedback/info. As stated in the OP, the problem is you can't logon to the machine in its current state, soon as you try a logon it immediately logsoff back to the logon screen. So, to restate it with more clarity, the issue is how do I go about even getting into a PC with no CD/DvD drive and no XP discs? I suppose I'm looking for some trick or method which would allow me to boot it, fix the bad Registry entry/run the sfc thing, without being able to logon to XP sitting on the C: drive. I'm thinking maybe a flashdrive or exterrnal hard drive but not quite sure how I'd go about setting those up to be bootable and then be able to get into the C: to fix or run anything.

Thx
May 20, 2010 12:12:08 PM

I think you're going to need an XP disc. You can do the repair using a flash drive, if you can get a disc. Here's a guide to creating a bootable USB drive.
http://www.boot-land.net/forums/?showtopic=4900

You could also use an external CD/DVD drive. The problem is, you'll still need an XP disc.
Anonymous
May 20, 2010 12:15:11 PM

You need an external USB CD drive and a UBCD4Win disk to fix the registry.
January 27, 2012 7:40:57 PM

This topic has been closed by Mousemonkey
!