Windows vista virus help?
by stickman5758 - 1/26/13 10:52 AM
My windows vista computer recently started logging us off as soon as we logged in. It still let us access the administrator account, yet I could not do much from there.The problem still persisted when I rebooted into safe mode.
<div>I went into the registry and found the userinit file, and it had another path. It linked to a strangely named file, within a strangely named folder in the admin accounts appdata/local folder. I changed the userinit back to the default one, C:/Windows/System32/userinit.exe, but as soon as I confirm it, it re-adds the appdata/local file. I deleted the file, yet whenever I reboot it re-generates itself.
I also discovered that the virus blocks access to microsoft sites, antivirus sites, and other sites which could be used to destroy it (e.g. bleepingcomputer.com). It also stopped me running anti-virus software. It disabled the windows security center. I tried to restart it manually from the services.msc, but there was not a service listed as security center.
Also throughout all the tests, MS security essentials kept telling me to restart, run a scan, and that everything was 'ok'. I uninstalled it eventually.
<div>I tried to run MBAM, and it would not run. I used the chameleon feature, and that started MBAM. I ran a full system scan, and it detected serveral things (including one which edited the userinit registry file). It deleted them all and told me to restart, so I did. Once it had restarted I tried to log in to the accounts which were not allowing access, but it failed. Infact, it didn't seem to do anything.
I attempted to run SUPERAntiSpyware, and tried to update it as it was really outdated, yet it would not connect to their servers to update, as the virus was blocking it.
Another thing I did was to check the hosts file but it was unmodified.
So there is my massive list of problems and failed solutions, does anyone have any idea how I could fix this?
P.S. Do not know if this will help, but it doesn't seem to be infecting other computers on the same network, as I'm currently on my Win7 laptop, which is fine.
stickman5758 has chosen the best answer to his/her question.
Click here to view the answer that was selected.