Jump to content

  • Sign up for free and receive a month's subscription

    You are viewing this page as a guest. That means you are either a member who has not logged in, or you have not yet registered with us. Signing up for an account only takes a minute and it means you will no longer see this annoying box! It will also allow you to get involved with our friendly(ish!) community and take part in the discussions on our forums. And because we're feeling generous, if you sign up for a free account we will give you a month's free trial access to our subscriber only content with no obligation to commit. Register an account and then send a private message to @dave u and he'll hook you up with a subscription.

Userinit.exe

Duncan Clench

By Duncan Clench,
in TNF - Techy Nerd Forum

 Share

Recommended Posts

Duncan Clench Experienced

Duncan Clench

Posted
Posted

This is very likely one for Uncle Meat as he's bailed me out on several occasions before! 2 computers (both XP) at work have got nasty little bugs that I can't seem to fix.

 

First up, a trojan (downloader.agent) is screwing one of them over. I've run updated versions of Malwarebytes, Cureit, spybot, and xoftspy, as well as the AVG antivirus scans. It keeps coming back though, and here's the thing. The trojan has infected userinit.exe so AVG won't remove it even though it finds it. I'm not sure Malwarebytes is even picking up on it because it's a windows executable. I've done loads of internet research but to no avail.

 

Anyone got any ideas?

 

Second up, and XP laptop that won't even log in. Logs in, and the back out again immediately.

 

Would appreciate any advice. Doing my head in. Thanks in advance.

Link to comment
Share on other sites
Uncle_Meat Mentor

Uncle_Meat

Posted
Posted

I take it you're having no joy in Safe Mode either?

 

Have you got a copy of Winternals? 'Tis a boot disk (Preinstalled Enviroment) that at least allows you easy access to restore points/registry editing.

 

If not, build yourself a copy of UBCD4Win

 

UBCD for Windows

 

Download the builder, and all you need to add is a source of XP install files (XP CD will do, for obvious reasons they're not allowed to distribute the tool as a ready-made image). The builder will make the .iso for you. Then, burn the image to a CD, boot and off you go. Shitloads of tools for you to tweak with, plus some virus scanners. Update the virus databases for the included AV software on there too.

Link to comment
Share on other sites
Duncan Clench Experienced

Duncan Clench

Posted
  • Author
Posted

Thanks again mate. I managed to get into the laptop using the recovery console. Changed the userinit file name and then expanded a healthy one from the XP disc.

 

Avast has found the trojan as expected but can't clean it so I've moved it into the chest for now. Hopefully it's the userinit.old file that's infected because I can delete it safe in the knowledge that log in will still work!

 

By the way... the user in question came clean about how he got the virus. Was looking for naked pics of a woman from star trek. Her name is a number or something like that. Don't watch it myself and I wasn't listening properly. I've got a hangover.

 

You're help is much appreciated as always.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...