Helping people with computers... one answer at a time.
If you're logged out as soon as you log in to Windows it's likely that your anti-malware tools removed an infection along with your ability to login.
My PC cannot go past the Log in screen. As soon as I log in, the pc accepts the password and then immediately logs off again. There is no way for me to also run any diagnostic program as well to determine the cause.
This actually happens frighteningly often. I've encountered it at least once, and will describe what caused it and what I did to recover.
There are potentially several reasons that this might happen. My specific example might be an interesting example that'll help you diagnose your problem ... or it might not help at all.
In which case, I have a different suggestion which is what I really recommend anyway.
The most common cause for immediate logout on login is that your machine was infected with a virus. And that "was" might very well be exactly accurate, because what seems to happen is this:
A system file used during login is infected with a virus.
Your anti-virus program detects this and removes or quarantines the file so that it can no longer be used.
The next time you login, the file required to complete your login is missing (having been removed or quarantined) and you can't login.
Technically, your machine might no longer be infected, but that doesn't matter since you can't login.
There are two approaches to dealing with this problem.
The first and the one that I actually recommend is to reinstall Windows. In a case like this, you may be able to do a "repair" reinstall - meaning that Windows will repair itself and replace missing files. This does require that you have your installation media from which to run the reinstall. (It's unclear if an OEM's "recovery disk" will work in a situation like this, but if it's all you have it's worth a shot.)
Since viruses can be so difficult to eradicate these days, having a good backup and doing a reformat and reinstall is perhaps a painful approach, but is the path most certain to eradicate the problem.
Those are what I recommend.
Now, here's what I did...
I fired up a recovery console (also on the Windows installation media), and identified the missing file by comparing the contents of c:\windows and c:\windows\system32 to the same folders on another, working copy of the same version of Windows.
In my case, the missing file was winlogon.exe, and since I was indeed working with two machines that had identical copies of Windows I simply used a USB drive to copy the missing file from the working system. Having done so, I rebooted, successfully logged in, and began a sequence of running the System File Checker, to locate and repair any other missing files, and of course multiple anti-malware scans.
For the record, you can probably do the same without the recovery console using a Linux live CD, such as Ubuntu, Knoppix or others. All you need is something that'll let you boot from CD, view the hard drive and copy files to it.
You may also be able to do it using your installation media instead of an identically configured system. Once you've identified the missing file (and that would be the trick without a system to compare to), you may be able to copy the file from the installation media. Since files are typically compressed on the original media (winlogon.ex_ instead of winlogon.exe, for example) you might need to run the recovery console so that you can run the "expand" utility to decompress the file.
Ultimately, though, that immediate logout scenario can be a difficult one to identify and clear up. By far the best approach is to be prepared with regular backups and your Windows installation media.
Actually, the best approach is not to let your machine get infected in the first place, of course.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.