Tech Support Forum banner
Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
141 Posts
Discussion Starter · #1 ·
Hi, for a period of time I did not run any antivirus or spyware software, about 1 month later, I had all kinds of bugs on my computer. Today I used SuperAntiSpyware to clean out my computer, but things did not go well. I cannot explain what went wrong so I have to do a chronology of the mishaps I experienced today.

1) Cleaned out a whole bunch of trojans, viruses, etc. with Super antispyware, these included Vundo, a lot of ".tm" files, unknowns and others.
The virus disabled task manager and other things, it also seemed to create a Administrator account that is only accessible or be seen if you go into safe mode.

2) Opened windows in Safe Mode (without any command prompt or anything), scanned again and TRIED to clean out the viruses. (able to log in at the time)

3) when I scan to a certain degree, the computer shuts down, it could be due to low batteries because I kept on turning it on and off, which consumes a lot of power for a 1 hour lithium battery.

4) Amidst my third try (guess third time's the charm), the computer ran out of batteries and I couldn't access it for a long time until I found a power source.

5) Now I cannot even login, everytime I type in my password, it says its logging me in, but it only shows the blank desktop background and nothing else, nothing to press, nothing to interact with, no keystrokes do anything, after waiting a long time it logs me back off.

If I'm being too wordy, I'm basically trying to say that the login buttons are useless, pressing it only returns me to the login screen

I tried logging in safemode, but its basically the same thing except faster, no blue screens this time, its just "logging in"->"saving your settings"->"logging out"

I'm using windows XP, with restore points, but I can't activate system restore ultility. And Besides, I have sensitive information on the desktop that might be lost if I do a system restore. (I do backups but this mishap striked at its best opportunity.)
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Hello billpnats,

Start up the machine same as if you were going to enter Safe Mode, but instead - choose Last Known good configuration. If Windows still won't load, you'll need to locate your Windows XP install disc.
 

·
Registered
Joined
·
141 Posts
Discussion Starter · #3 ·
Unfortunately that didn't work

Fortunately, I know what happened thru the ever wonder Google.

The virus scan removed the userinit.exe and wdaupdater.exe file because they were infected but it couldn't replace it, so thats how it really started.

I'm gonna reinstall XP, but will I lose those data that I had? Even if I choose to not format the disk?
 

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Correct. The deletion of userinit.exe is what is preventing you from entering Windows.

If you have the install disc, you can replace userinit.exe via the Recovery Console.



1. Insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.

2. Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

3. When the "Welcome to Setup" screen appears, press R to start the Recovery Console.

4. You must enter which Windows installation to log onto. Type the appropriate number and press enter.

5. Enter your password when prompted. If there is no password, simply click Enter.


Type the following bolded commands:
D: (<--Or whatever drive letter your CD-ROM drive has assigned to it. )
press Enter

CD I386
press Enter

EXPAND USERINIT.EX_ C:\WINDOWS\SYSTEM32
press Enter​
After entering EXPAND USERINIT.EX_ C:\WINDOWS\SYSTEM32 you should see the text "1 file(s) copied", in which case all went well.

Remove the Windows XP CD, type "EXIT" and press ENTER to restart your computer. You should now be able to log on as normally.

Let me know if you were successful and we'll continue from there to remove the malware.
 
1 - 4 of 4 Posts
Status
Not open for further replies.
Top