 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Windows Vista / General Topics / September 2008Black / Blank screen after login
Hi all Its been 5 days since i have locked out of my pc (vista home). *Problem:* Switch on PC, Choose any user from list, after login, i get a black screen. After searching i found my way to the registry using F8->Repair .->Command promt->regedit.exe In there i found that the everytime i change [*HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell*] to explorer.exe, and restart my pc, it changes to *cmd.exe /k start cmd.exe* . i dont know what to do now. The following didnt work: - CTRL-ALT-DELETE/CRTL-SHFT-ESC to show task manager - Safe mode - System restore and repair  SignaturePhadima > Hi all > [quoted text clipped - 12 lines] > - Safe mode > - System restore and repair You could try having a look at the registry keys that run programs on start-up. HKCU\Software\Microsoft\Windows\CurrentVersion\Run Have a look on the right side and delete anything that looks suspicious. I have only one entry there, for the sidebar gadgets. HKLM\Software\Microsoft\Windows\CurrentVersion\Run I have only one entry there, for Windows Defender. I do not have this key in my registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell so I don't know what to suggest about that. > Hi all > [quoted text clipped - 4 lines] > ..->Command promt->regedit.exe > In there i found that the everytime i change [*HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell*] > to explorer.exe, and restart my pc, it changes to *cmd.exe /k start > cmd.exe* . [quoted text clipped - 3 lines] > - Safe mode > - System restore and repair My guess (because I can't see the machine) is that your computer is severely infected which is why the shell setting changes upon reboot. Since you haven't told us anything about your computer and its recent history (except that you've had this problem for 5 days) or your security/antivirus protection, that's about as specific as I can guess. You could try booting with a Bart's PE with an antivirus plugin and scanning from there. Or you could pull the drive and attach it to a working computer running XP or Vista and use the installed av to scan it from there. Standard disclaimer: I can't see and test your computer myself, so these are just suggestions based on many years of being a professional computer tech; suggestions based on what you've written. You should not take my suggestions as a definitive diagnosis. If you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). If possible, have all your data backed up before you take the machine into a shop. Malke SignatureMS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic! Hi, For starters, that should be the HKLM branch, not the HKCU branch, and your key is entirely the wrong path. It should be: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Note that this is the "Windows NT" key, not just "Windows", and not the "Explorer" key but the "Winlogon" key. Try changing it there. As Malke has pointed out, you most likely have a serious infection which is best attacked from outside of Windows. SignatureBest of Luck, Rick Rogers, aka "Nutcase" - Microsoft MVP http://mvp.support.microsoft.com/ Windows help - www.rickrogers.org My thoughts http://rick-mvp.blogspot.com > Hi all > [quoted text clipped - 12 lines] > - Safe mode > - System restore and repair Thank you for your replies. I was mistaken it is in the *HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon *My laptop is a Toshiba P100, got it a year ago,running the latest symantec endpoint protection, two days before it went blank i installed divx and the latest windows update. Before then i was using skype,xlite with x-ten, fireworks,dreamweaver,visual studio 2005, sql server 2005, mysql 5.1, office 2007 and all toshiba programs that came with the pc. I have also changed it to explorer.exe but it keeps going back to cmd.exe /k start cmd.exe* the only thing left to try is scanning from another machine and formating i guess. SignaturePhadima > Thank you for your replies. > I was mistaken it is in the [quoted text clipped - 9 lines] > the only thing left to try is scanning from another machine and > formating i guess. I Googled "cmd.exe /k start cmd.exe" and came across this rootkit forum's page: http://www.rootkit.cz/forum/viewtopic.php?t=48920&view=next&sid=0a3840d4a75c0b6b 05639a1e2fb8f250 If you look at the HijackThis posting you will see the "cmd.exe /k start cmd.exe" entry in the F2 section. The HijackThis help file says this about F section entries: F - IniFiles, autoloading entries F0 - Changed inifile value F1 - Created inifile value F2 - Changed inifile value, mapped to Registry F3 - Created inifile value, mapped to Registry So it may be worth looking at your system.ini and win.ini files via the command prompt. They are at c:windows\system.ini and c;\windows\win.ini Navigate to c:\windows and type in edit system.ini You can REM anything out with a semi-colon ( like the first line is). It's a long shot, but if you have tried everything else... I'm also getting a black\blank screen after I log in. Nothing works shortcuts everything after log in, except the mouse fails to work. I even purchased a new HD and installed vista, a fresh install same problem. Any help would be appreciated Signaturelightsaber007 http://forums.techarena.in |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.