Windows access denidon re-start after virus scan / removal of Trojan

Good morning board,
bad things happen at the worse time.
Basic Info:
I’m running WinXP SP2 - LAN DLS connection, Loggin Status: User/Admin
previous “antivirus” software: avast 4.8 (latest version, duely updated, clean deinstall before installing COMODO V.3.xx (latest version of 23.06.2008)

The Problem:
I’ve been running the avas! home edition virus software as a test before buy (free version). Before I was running AGV antivir until they stopped providing Resident Shield function with the free version.
Therefor after hunting I downloaded avas! antivir. Fro the beginning it was causing problems, not detection incomming maleware (Trojas, Keylogger, Boot virusses and Rootkits etc.) and probably not blocking aoutgoing data by the maleware. I the last case last night because of the maleware avast let onto my system my .jpg files and .document files were rendered inexecutable (no chance to open either of them anymore; folders claimed to be empty but after clicking to open files been visible but couldn’t be opende anymore).
So I was fedup finding permanetely gross maleware on my system and finally switched last night to COMODO, just happen running across it.
After the last (final) virus scan with avast (which foud 3 [out of 5] new Trojans) I kicked avast off and installed COMODO.
After about of running the 1st scan with COMODO during preparation it suddenly got stuck in the middle of the process (hung). So even after a good while waiting if the process would start again (as it dod not) I had to break. Then COMODO started with the first virus scan and detected 2 more Trojans (which where not detected by avast!) consequently I told COMODO to kill em and save information in a .txt file. After the scan done later on I closed windows. When some time later I intendetd to keep on working on some important dokuments I couldn’t run windows any more but got the following error messages: (and that still is status at the moment)

“Stop: c000021a {grave system error}
The system process windows Logon Process became unexpectedly ended.
Status 0x0000 002 (0x00000000 0x00000000. The System has been taken down”

Original message (german language): “Stop: c000021a {grave system error}
Der Systemprozess windows Logon Prozess wurde unerwartet beendet.
Status 0x0000 002 (0x00000000 0x00000000).
Das System wurde heruntergefahren.”

The .txt-file, the virus information given by COMODO (after scanning) was saved to, saying:
Trojan.Win32.Patched.m(ID = 0x4d69a) C:\WINDOWS\system32\dllcache\winlogon.exe
Trojan.Win32.Patched.m(ID = 0x4d69a) C:\WINDOWS\system32\winlogon.exe

So here I am made as a banshee not knowing what to do to get on my important data (causing me even to terminate any set appointments for the rst of the week since I couldn’t get access to the dokuments needed).

System recovery will not work for the simple reason that, finally the password-for-restore has been of course saved to an extern disc but couldn’t be read (without having access to the system i.e. windows platform).

Therefore HELP is badly neede to get this mess solved.
I’m thankful for any suggestion that would help get me back on.


Can you boot up into “Safe Mode”? (f8 while booting) and try last known good configuration.

Hi Matty, (:CLP)
thank you for the nudge :slight_smile: On the 3rd try finally F8 worked and I now have my system back. A immediate VirusScan brung the result of 10 more Virus (3 trojans out of 15 trojans avast only detected).
I gave up after the previous 2 F8. Now my sys is visibly faster - just as used to without viruses before. So Comodo and the speedy help from you guys here at the forum is worth some recommendation :slight_smile:

So thankx a lot :-TU