St0ney
join:2001-02-25
uranus
| reply to MIXZ1
Re: [Trojan] Cant even login to windows
said by MIXZ1  :Is it possible that you installed Windows AntiSpyware, which is really a hoax and hijacker? If you did do a google on "remove windows antispyware". One of the tools available is found at » www.spywareremovalblog.com/remov···are2008/ . Do a solid read of the page and you may be able to recover your system without a reformat. Good luck. hmm i dl the program...spyware doctor...its not free.
it did detect backdoor.hackdoor
Trojan.small.dl
Trojan-dodwnloader.agent.sy
rogueantispyware.antivirusxp2008 |
|
ChiTang
Premium,MVM
join:2002-08-23
Alhambra, CA | If you deleted the userinit.exe, you have to copy it back. Either from another system or extract from the I386 folder.
--
I used to be indecisive, now I am not sure. |
|
MIXZ1
join:2001-01-02
Mexico
 ·Prodigy Infinitum
| reply to St0ney
said by St0ney :said by MIXZ1 :Is it possible that you installed Windows AntiSpyware, which is really a hoax and hijacker? If you did do a google on "remove windows antispyware". One of the tools available is found at » www.spywareremovalblog.com/remov···are2008/ . Do a solid read of the page and you may be able to recover your system without a reformat. Good luck. hmm i dl the program...spyware doctor...its not free. it did detect backdoor.hackdoor Trojan.small.dl Trojan-dodwnloader.agent.sy rogueantispyware.antivirusxp2008 Well, is this the first diagnosis you've seen with these infections? If so, you can google each and try to find a manual method for deleting them one at a time, or gamble on paying for the download and letting it do the work it claims to do.
I have to add I have nothing to do with the company selling the software.
Good luck. |
|
St0ney
join:2001-02-25
uranus
| reply to ChiTang
no i did not delete it, i just skipped the file...so it still needs to be repaired?
also could it be some virus /trojan changed the userinit file
then avast detected
and i may have possibley quarantined it (moved it to the chest)
and that is why i cant not login?
i searched googl, and some say to go to registry and point userinit to c:\windows\systme32\userinit.exe, |
|
DOStradamus
MVM
join:2003-11-04
Santa Rosa, CA
| reply to St0ney
That is a very wise question to ask. I've seen too many "false positives" from A/V software..
userinit.exe resides in \Windows\System32. Is hafast giving that dir as the location of the file? If not KILL IT.
If so, look at userenv.dll, for example. Do they have the same Date/Time?
4/14/2008 5:42AM 26 KB is the userinit.exe I have in my XP installation.
WHILE YOU'RE AT IT:
CLEAN OUT YOUR "TEMP" DIRECTORIES. It is a favorite "home" for malware ..exe's to launch from.
Run REGEDIT, and clean out:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
-NK |
|
ravencajun
Premium
join:2004-08-12
Houston, TX
| reply to St0ney
the best programs currently cleaning out the antivirus xp are malwarebytes and superantispyware both are free try those and see if they help you.
»www.superantispyware.com/
»www.malwarebytes.org/
you can post in the security cleanup area for help from that point.
If you have linux on the other partition you could save your windows data using linux at least before a reformat if it comes to that. |
|
St0ney
join:2001-02-25
uranus | spybot detected
haxdoor.h
effectivebandtoolbar
smitfraud.c
spysheriff |
|
Mickeyme
You might be right, but, I don't care
Premium
join:2008-09-05
Carson City, NV | reply to St0ney
Now just think you could have done a reformat by now. |
|
ChiTang
Premium,MVM
join:2002-08-23
Alhambra, CA
| said by Mickeyme :Now just think you could have done a reformat by now. While reformat/reinstall is a guaranteed solution, how does one determine if reformat/reinstall is a faster approach? I bet you don't have an answer either.
It is always 20/20 after the fact.
--
I used to be indecisive, now I am not sure. |
|
Mickeyme
You might be right, but, I don't care
Premium
join:2008-09-05
Carson City, NV | reply to St0ney
He has been doing this for 3 days now!
 |
|
ChiTang
Premium,MVM
join:2002-08-23
Alhambra, CA
| said by Mickeyme :He has been doing this for 3 days now! It is still after the fact. How did you know it would have been quicker to reformat/reinstall 3 days ago.
--
I used to be indecisive, now I am not sure. |
|
Mickeyme
You might be right, but, I don't care
Premium
join:2008-09-05
Carson City, NV
| reply to St0ney
I gotten a lot of viruses in my time.
I have found when you get so many that you can't login, it's time!
About 15 minutes of trying and in goes the windows cd.
I finally broke down and bought Acronis so hopefully I have no problems if it happens again.
And my first post, as soon as I seen this post, I said to do it.
I understand you guys/gals what to find a way around a problem, but |
|
ChiTang
Premium,MVM
join:2002-08-23
Alhambra, CA
1 edit | said by Mickeyme :I gotten a lot of viruses in my time. Viruses can be healed or cleaned.
said by Mickeyme :I have found when you get so many that you can't login, it's time! Only if userinit.exe and winlogon.exe is/are infected and they can be fixed without a reformat/reinstall.
said by Mickeyme :About 15 minutes of trying and in goes the windows cd. I finally broke down and bought Acronis so hopefully I have no problems if it happens again. I didn't find "15 minutes" and/or "acronis" in OP's post, are you seeing things?
said by Mickeyme :And my first post, as soon as I seen this post, I said to do it. You are jumping into your own conclusion.
said by Mickeyme :I understand you guys/gals what to find a way around a problem, but That is the idea of troubleshooting.
!
May be you can come up with a reformat/reinstall FAQ and make it a sticky thread. It will solve all software problem and no more discusion is needed.
A solution for all problems, you are a genious. 
The smiley is not smiling, it is laughing.
--
I used to be indecisive, now I am not sure. |
|
Mickeyme
You might be right, but, I don't care
Premium
join:2008-09-05
Carson City, NV
1 edit | reply to St0ney
genious
??
How far do you have to go before realizing there is nothing you can do? |
|
Razzy
join:2002-10-29 | reply to St0ney
*scratches* head, he was able to log in safe mode? |
|
DOStradamus
MVM
join:2003-11-04
Santa Rosa, CA | reply to Mickeyme
There's a virus that, when loaded, fools the system into thinking WINLOGON is dependant on it... You fix that one, by booting the Recovery Console (off of the Windows CD), and deleting the offender.
-NK |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
 ·Optimum Online
 ·Vonage
1 edit | reply to St0ney
Now that it has been determined that Stoney8 does indeed have malware, that he can boot into safemode and that he does NOT want to reformat if at all possible, maybe this thread should be moved back to »Security Cleanup after he has followed all the steps here »Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance while in safemode.
Edit: or not. 
I've been advised he would need to start a new thread himself in Security Cleanup after following all the steps.
--
11,946 DEADLY TERROR ATTACKS SINCE 9/11~~SARAH BRIGHTMAN SYMPHONY WORLD TOUR |
|
ChiTang
Premium,MVM
join:2002-08-23
Alhambra, CA
| reply to Mickeyme
said by Mickeyme :How far do you have to go before realizing there is nothing you can do? For people who does not know how to fix things, I would say 2 minutes after turning on the PC and realise OS does not load.
I am sure you jump to that concludion very quickly.
--
I used to be indecisive, now I am not sure. |
|
