Windows stuck at login screen

By Transform
Oct 19, 2008
Topic Status:
Not open for further replies.
  1. Hi.

    For several weeks I have been trying to solve a problem on a family members desktop computer.

    The scenario is as follows:

    User clicks on their profile and their custom background appears. From here, the taskbar and desktop icons do not appear automatically and the user must open task manager and manually launch the process 'explorer.exe' to force the desktop to appear correctly.

    The problem occurs with all the profiles on the computer and there is nothing in the event log to suggest that there is a problem.

    Could someone help me out?
  2. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Check the Shell value for Winlogon in your registry. Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    should show:

    Shell REG_SZ explorer.exe

    Or download this tool: http://www.dougknox.com/xp/utils/XP_FixLogon.zip
    This utility checks for the correct GINA value in the Registry and will allow you to restore it, if its incorrect.


    By the way, this is usually a sign of Virus\Malware infection
    You are therefore advised to go here, and complete all steps:
    Viruses/Spyware/Malware Preliminary Removal Instructions
  3. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    The registry value was ok.

    I have gone through all 8 steps of the malware link you gave me. here are my results (attached) as instructed...

    Attached Files:

  4. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    is there anyone that can help me out with my reply?
  5. almcneil

    almcneil TechSpot Guru Posts: 1,554

    I'd try a Windows repair at this point. Do you have your Windows installation CD?

    -- Andy
  6. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    my computer was purchased from Dell so I will need to have a look if they sent me a Windows XP disk with it...
  7. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    As your logs are now a week old

    You may be best providing a new HJT log

    Before supplying the log, please do these things:

    Run CCleaner (to remove old temp files)
    Reset IE, using this proceedure
    Remove any known, not required startups, using this tool

    Restart, then create a new log
  8. almcneil

    almcneil TechSpot Guru Posts: 1,554

    I used to work for Dell and they stopped shipping CDs more than 2+ years ago. You have to pay for them separately now. If you can get your hands on a Windows installation CD for the version you have, then you can do the Windows repair. Either get one from a friend or from an independent computer store.

    Best,
    -- Andy
  9. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    I have Windows XP Home Edition.

    So as long as I can find a Home Edition CD it will allow me to do the repair?

    Will I still keep my legitimate Windows key?
  10. almcneil

    almcneil TechSpot Guru Posts: 1,554

    Check the Windows sticker on your computer. If it's for the same version as the CD, you're home free!!

    -- Andy
  11. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    And I won't lose any of my files?
  12. almcneil

    almcneil TechSpot Guru Posts: 1,554

    No! Windows repair does not touch your personal files, program or settings. It only check the Windows system files and associated settings.

    Pop the installation CD in the CD drive. Boot to it. On the first screen, press <enter> for an installation. It's the next choice where it asks if you want to install a clean copy or repair. That's when you select 'r'.

    Repost if you have questions.

    -- Andy
  13. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Transform as you are being told to Repair Windows
    I must state that you should back up first!

    Yes there is always the chance that you can lose data
     
  14. almcneil

    almcneil TechSpot Guru Posts: 1,554

    Although Windows repair does not specfically touch your person files, yes, Kimsland is correct, it can fail and result in the installation being corrupted. In my experience, that happens because your file system is corrupted to being with. That doesn't appear to be your case. Nonetheless, if you want to be prudent, back up your files first.
  15. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    That will be difficult considering I have nothing to backup to
  16. almcneil

    almcneil TechSpot Guru Posts: 1,554

    Don't sweat it then. In my expereince the only Windows repair backfires and corrupts the installation is simply because the file system was corrupt to begin with. This isn't your case. Your files are safe.

    You can proceed with the Windows repair.

    -- Andy
  17. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    just did the repair but its still the same problem :(
  18. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Option #1
    • Already stated in post#7 above (not done)
    Option #2
    • Click on Start -> Run -> control userpasswords2
    • Tick "Users must enter a username and password to use this computer"
    • Click to highlight your username
    • Click "Apply"
    • Un-Tick "Users must enter a username and password to use this computer"
    • Click "Apply"
    • Type in your current password (or leave blank if you don't have one)
    • Click OK
    • Restart your computer
    Option #3
    • Please backup your Kaspersky licence information and key
    • Then fully uninstall Ad-Aware
    • Then fully uninstall Kaspersky
    • Once complete restart your computer

    Reply with results
  19. almcneil

    almcneil TechSpot Guru Posts: 1,554

    Good news, bad news.

    Good news is that if the Windows repair completed and you can boot to the Desktop, your Windows system is probably fine.

    Bad news is, your still having problems and it's something outside your Windows system.


    I don't think in all of this I ever asked or you ever mentioned this but can you boot to Safe Mode? If so, do you still have the same problems?

    I might suggest if you haven't tried this but create a new user account (call it "Sparky" for fun!) See if "Sparky" has the sames problems.

    -- Andy
  20. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    And is a Windows logon issue

    One of the options above, will likely fix it
    I'm betting on Option#3 But yet to hear your reply Transform
  21. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +34

    Please follow through with the guides from kimsland first.

    Although the logs aren't the most current, I did check them and found the following:
    At that time, Mbam show no malware.
    At that time, SAS showed numerous Tracking Cookies. Have SAS remove them. Here is an image to help with that:
    http://screenshots.en.softonic.com/en/scrn/50000/50803/3_antispy4.jpg

    You need to reset Cookies:
    Open Internet Options (through Tools or Control Panel)> Privacy tab> Advanced button> CHECK 'override automatic Cookies handling'> CHECK 'allow first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

    Update Java: Your version of Java is now outdated. Java vulnerabilities are commonly exploited by viruses so I strongly recommend you update. Click here to download the latest version of java ( Java Runtime Environment (JRE) 6.0 Update 10 ): http://java.com/en/download/manual.jsp
    Please install it and then reboot your computer.

    HijackThis log items to review first:
    It appears that you have two Kaspersky program running. Please verify this. If duplicate, and uninstall ONE of them:
    Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below:
    Be cautious about this. It is a social networking feature and may expose you to malware. If you do not actively use it, remove it.
    You may at one time have used this scanner online. But it is still loading and running in the background and could conflict with the Kaspersky AV. It should be stopped and uninstalled.
    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot. into Safe Mode:
    Remove the older versions of Java:
    1. Click Start, Control Panel, Add/Remove Programs.
    2. Delete all Java updates except J2SE Runtime Environment 6.0 Update 10

    Reboot into Normal Mode. Run a new HijackThis scan and attach the log.

    We will also update the Adobe program or use an alternate next go round.
  22. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    As asked in post #7, I here is my HJT log after completing the steps required.

    I also completed option #2 from post #18 which hasn't worked. I will try option #3 next time I have a chance (remote desktoping from overseas).

    ----------

    Moderator Edit:
    Pasted HJT log removed, and then attached
    Please attach your logs, do not paste them into a reply
    .
  23. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +34

    Update Adobe: Your Adobe Reader is out of dale. Vulnerabilities can be exploited. Click here to download the latest version v9: http://www.adobe.com/products/acrobat/readstep2.html
    OR
    Install the FoxIt Reader: this does the same thing as Adobe, but doesn't’t have the bloat: http://www.foxitsoftware.com/pdf/rd_intro.php
    Click on ‘Get it Free button

    HijackThis log item to review first:
    Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below.
    Be cautious about this. It is a social networking feature and may expose you to malware. If you do not actively use it, remove it.
    You may at one time have used this scanner online. But it is still loading and running in the background and could conflict with the Kaspersky AV. It should be stopped and uninstalled.
    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot. into Safe Mode:

    Control Panel> Add/Remove Programs Uninstall the following:
    All Java EXCEPT v6u10
    All Adobe Reader EXCEPT v9.

    Reboot into Normal Mode. Run a new HijackThis scan and attach the log.

    Please give us system status.
  24. Transform

    Transform Newcomer, in training Topic Starter Posts: 70

    I just tried uninstalling Ad-Aware and Kaspersky and restarted but the problem still exists :( I have installed AVG Anti-Virus just to keep the computer safe for now.

    I will complete the above post next and post back the results.
  25. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Just passing by

    Try Free Antivirus like Avast or Avira

    I use Avira, it seems pretty good. AVG seems a bit slow, and has stopped networks working with past faults (now resolved)

    Just thought I'd mention that, before you totally get set on AVG
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.