| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 99468 | 2009-05-03 04:55:00 | Virus??? | Happy Harry (321) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 770585 | 2009-05-03 04:55:00 | Hi there "O Great Learned Ones" I have a PC to try and resolve an issue. XP Home,was bought to me, stalled at 1st splash screen. I removed the HDD installed and scanned it from another PC using AVG Pro. This found 1 virus, Trojanhorsedownloader Generic8.AGYM in Windows\System32 userinit.exe. Installing HDD back ito the original PC, I was then able to boot the PC to the Welcome Log On Screen This PC is setup with 5 users It doesn't matter which of the 5 users I try to log on with, the same problem occurs. Click on any user, "Loading Personal Settings "shows under the users icon, then screen flashes on the users Wallpaper, then back to the users icon/name with "Logging Off underneth. The screen then displays the Welcome screen with the 5 users names/icons I have run CombiFix on the drive without any problems. Has anyone seen anything like this before and any suggestions please. Cheers HH |
Happy Harry (321) | ||
| 770586 | 2009-05-03 05:01:00 | Its probably infected userinit.exe. If the same version of userinit.exe is on another computer, copy it to this PC (then copy it to the system32 folder). In safe mode (if it'll let you). Or try /sfc scannow to replace it (you may need the XP CD). |
Speedy Gonzales (78) | ||
| 770587 | 2009-05-03 05:09:00 | Seen that virus plenty of times( there are a couple with the same name) - only twice managed to remove the infected one and replace, all other times ended up reinstalling the OS from scratch after saving all data as a slaved drive. Some AV software will remove the infections, but it makes the Pc unbootable in doing so. |
wainuitech (129) | ||
| 770588 | 2009-05-03 05:35:00 | Only way is to scan and remove all malware, then replace userinit I've encountered it twice, managed to fix it manually. Blam |
Blam (54) | ||
| 770589 | 2009-05-03 08:15:00 | Seen that virus plenty of times( there are a couple with the same name) - only twice managed to remove the infected one and replace, all other times ended up reinstalling the OS from scratch . Same. |
pctek (84) | ||
| 1 | |||||