LAPOTES
asked on
USERINIT.EXE
HI. I TRIED TO START MY PC (WINDOWS XP PACK2) BUT I GET THE USERINIT.EXE APPLICATION ERROR. I'VE TRIED TO FIX IT USING THE CONSOLE, USING THE SOLUTIONS THAT EVERYBODY HAS POSTED ABOUT EXPAND THE USERINIT.EXE FILE FROM THE XP CD....THE POINT IS THAT IN THE WINDOWS\SYSTEM32 DIRECTORY, THE FILE USERINIT.EXE DOES EXIST. AND THAT FILE WSAUPDATER.EXE DOES NOT...SO, WHAT ELSE CAN I DO? I CAN ACCESS THE DESKTOP IN SAFE MODE...AND THE REGISTRY...BUT IT DOESNT SOLVE ANYTHING....
I FORGOT TO SAY THANKS :)
I FORGOT TO SAY THANKS :)
ASKER
thanks....can i do this from the console? if so, how do i go back to c: from c:windows\ ?
No, you need to create a boot disk, I would go for BARTPE as it is very useful for all kinds of things.
BARTPE creates a Windows XP that runs from a CD, once you have created this and it is running oen up a command prompt and follow the instructions on the link in the previous post.
Regards
BARTPE creates a Windows XP that runs from a CD, once you have created this and it is running oen up a command prompt and follow the instructions on the link in the previous post.
Regards
LAPOTES - check out the folder C:\WINDOWS\system32\dllcac he it must be a copy of userinit.exe there.
In console enter the command:
dir C:\WINDOWS\system32\dllcac he\userini t.exe
If files exists, then just copy it:
COPY C:\WINDOWS\system32\dllcac he\userini t.exe C:\WINDOWS\system32\userin it.exe
In case if file does not exist, follow the instructions posted by Brum07 - the article clearly states you will be able do it from Windows install CD 2K/XP console recovery.
To navigate between the folders use these commands:
"cd \" or "cd .." or "cd <folder name>"
Brum07 - thanks for the link!
In console enter the command:
dir C:\WINDOWS\system32\dllcac
If files exists, then just copy it:
COPY C:\WINDOWS\system32\dllcac
In case if file does not exist, follow the instructions posted by Brum07 - the article clearly states you will be able do it from Windows install CD 2K/XP console recovery.
To navigate between the folders use these commands:
"cd \" or "cd .." or "cd <folder name>"
Brum07 - thanks for the link!
ASKER
what is bartpe? how do i do that?
ASKER
ok. im on the c:\>
but when i type cd\system volume information it says the command is not recognized.
i use the command dir and i can see the name of the directory but as d--hs---
thank youuuu
but when i type cd\system volume information it says the command is not recognized.
i use the command dir and i can see the name of the directory but as d--hs---
thank youuuu
BartPE is the greates toll to build up the recovery CDs: http://www.nu2.nu/pebuilder/
Altrnetively, you might try Microsoft Diagnostics and Recovery Toolset (former ERD): http://www.microsoft.com/downloads/details.aspx?familyid=5D600369-0554-4595-8AB4-C34B2860E087&displaylang=en
But in your case it might be sufficient if you use Windows install CD 2K/XP console recovery.
Altrnetively, you might try Microsoft Diagnostics and Recovery Toolset (former ERD): http://www.microsoft.com/downloads/details.aspx?familyid=5D600369-0554-4595-8AB4-C34B2860E087&displaylang=en
But in your case it might be sufficient if you use Windows install CD 2K/XP console recovery.
Try this: dir c:\windows\system32\dllcac he\userini t.exe
If file exists: COPY C:\WINDOWS\system32\dllcac he\userini t.exe C:\WINDOWS\system32\userin it.exe
If file exists: COPY C:\WINDOWS\system32\dllcac
ASKER
I tried that. THe file doesnt exist in dllcache...:(
OK, thanks for the clarification.
So let's back to the instructions posted by Brum07.
Try this:
cd\
cd "System Volume Information"
So let's back to the instructions posted by Brum07.
Try this:
cd\
cd "System Volume Information"
ASKER
got it. but when i type dir in "system volume information", there are only 4 files.and none of them is restore. and if i type cd _restore*, it says that the name is incorrect.
Could you post the outcome of the command DIR when you run it in "system volume information"?
You said you can boot in safe mode, can you run Hijackthis and show us the log please?
Download Hijackthis:
http://www.trendsecure.com /portal/en -US/tools/ security_t ools/hijac kthis/down load
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.
Paste the log in the "Code Snippet" or "Attach File" window.
Download Hijackthis:
http://www.trendsecure.com
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.
Paste the log in the "Code Snippet" or "Attach File" window.
ASKER
sorry...i just fell asleep.
the outcome is this:
10/11/05 12:31a d--hs--- 0 .
10/11/05 12:31a d--hs--- 0 ..
10/24/04 10:46a -a-hs--- 0 MountPointManagerRemotData base
16/11/04 01/58p -a-ks--- 20480 tracking.log
4 file (s) 20480 bytes
91171393536 bytes free
rpqgamergirl: I cant use the internet on the "ill" computer....
thanks :D
the outcome is this:
10/11/05 12:31a d--hs--- 0 .
10/11/05 12:31a d--hs--- 0 ..
10/24/04 10:46a -a-hs--- 0 MountPointManagerRemotData
16/11/04 01/58p -a-ks--- 20480 tracking.log
4 file (s) 20480 bytes
91171393536 bytes free
rpqgamergirl: I cant use the internet on the "ill" computer....
thanks :D
>>> I cant use the internet on the "ill" computer....<<<
You would use another pc with online access(like the one you use to post here) to download the tool you need and put it in a flash drive and transfer it to the infected pc.
You can also try downloading and running Winsockfix and see if that helps with the connection problem.
You would use another pc with online access(like the one you use to post here) to download the tool you need and put it in a flash drive and transfer it to the infected pc.
You can also try downloading and running Winsockfix and see if that helps with the connection problem.
ASKER
hey,
sorry it takes me so long, but I have a 5 months old baby that does his best to keep me busy :D
ok. here is the log file
thanks for your help and patience
hijackthis.log
sorry it takes me so long, but I have a 5 months old baby that does his best to keep me busy :D
ok. here is the log file
thanks for your help and patience
hijackthis.log
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks alot for your help!!!!. Finally it worked. Now I guess Ill have to tell my husband to buy an update the antivirus.... thanks again :D
You're welcome.
Glad to know it's now fixed.
The system was infected most likely due to your version of java (2re1.4.2_03) that's very vulnerable to vundo infection.
I suggest, updating to a later or latest version.
Updating Java:
Go to Start > Control Panel > Add/Remove programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
Select and click Remove.
Then Download and install the newest version from here:
http://www.java.com/en/dow nload/manu al.jsp
Thanks!
Glad to know it's now fixed.
The system was infected most likely due to your version of java (2re1.4.2_03) that's very vulnerable to vundo infection.
I suggest, updating to a later or latest version.
Updating Java:
Go to Start > Control Panel > Add/Remove programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
Select and click Remove.
Then Download and install the newest version from here:
http://www.java.com/en/dow
Thanks!
http://forum.sysinternals.com/forum_posts.asp?TID=7672
Regards