Friday, May 02, 2008

Breaking the Windows XP infinite login loop

Recently came across this very interesting problem with Windows XP. For some reason Windows would logoff immediately after you logon. There's a few causes of this phenomena, it seems, and these would be:
  1. A corrupted Windows activation
  2. Virus/spyware infection
Searching online seems to turn up the latter cause much more often. I'm not quite certain which specific virus/spyware infection(s) cause this behaviour but it's a good thing this site was around to help me resolve this issue (on somebody else's notebook, no less). There's more, but I unfortunately did not bookmark all the sites that had helped point me in the right direction (sorry).

To resolve this, you'll be needing your Windows setup CD. Boot into Windows setup and logon with Recovery Console. Resources abound on how to do that so just Google for it if you don't already know how.

Next, backup your current registry hives as any sane human being would (and should):

C:\Windows> copy C:\Windows\System32\config\software C:\Windows\system32\config\software.bak
C:\Windows> copy C:\Windows\System32\config\security C:\Windows\system32\config\security.bak
C:\Windows> copy C:\Windows\System32\config\default C:\Windows\system32\config\default.bak
C:\Windows> copy C:\Windows\System32\config\sam C:\Windows\system32\config\sam.bak
C:\Windows> copy C:\Windows\System32\config\system C:\Windows\system32\config\system.bak

Then, you can "restore" the registry from an initial copy which Windows XP had made after first install of Windows.

C:\Windows> copy C:\Windows\repair\software C:\Windows\repair\software

Exit the Recovery Console, and you should now be able to boot into Windows. Once inside, the first order of the day would be to run regedit. Browse to (and highlight) the HKLM\Software key, then import the backup of software (C:\Windows\System32\config\software.bak) back into the registry. This may take some time depending on how big your software registry is.

Once that's done, do not reboot just yet. Still in regedit, head over to HKLM\Software\Microsoft\Windows NT\Winlogon and edit the UserInit key to read C:\Windows\System32\userinit.exe,

In case anybody's wondering, that comma should be included.

Make sure that userinit.exe really does exist in \system32 before you reboot, then reboot and everything should be back to how it was. Just be sure to run your system through a barrage of antivirus & antispyware scans; Just In Case.

As for the corrupted Windows activation, the only resolution I've found so far is to do a Repair install over the current installation. If that doesn't work, then you're royally screwed. Basically, just grab whatever files you can out of the hard drive and start over with a clean slate.