HELP PLEASE! auto restarting

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by casmello, Mar 28, 2006.

  1. casmello

    casmello Private E-2

    Ok, I saw this file on my desktop and I have no idea how it got there, and I can't remember what it's called. I double clicked on it because I'm a moron, and now I think someone has access to my computer. There was this file called userinit.exe running in my tasks manager, so I ended it because I saw on a website it could be malicious. "Note: userinit.exe is also a process which is registered as the Satiloler Trojan. This Trojan allows attackers to access your computer, stealing passwords, Internet banking and personal data. It is a registered security risk and should be removed immediately. "
    My computer keeps randomly rebooting, and its not like it just goes black and reboots, it goes through the process of shutting down windows and then reboots. Ive tried the whole topic you guys have written out, but nothing is coming up. I did netstat -a in cmd and I saw an ip connected to a IRC Server but I don't see it now. What should I do?

    Edit by chaslang: Inline log removed. Cleaning steps not followed.
     
    Last edited by a moderator: Mar 29, 2006
    casmello, Mar 28, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Majorgeeks!

    Sorry but you have all the steps in the READ & RUN ME. That is obvious from your log. Also HijackThis log should not be posted inline and HJT must be installed properly. This is all covered in the READ & RUN ME.

    Also note: userinit.exe is a valid and necessary Windows file and process. It is all a matter of where the file is running from. If you delete (and obviously you have not) this file, you would not be able to login to your PC anymore.

    You have a Haxdoor variant on your PC.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
      • Bitdefender
      • Panda Scan
      • HijackThis
    .
     
    chaslang, Mar 29, 2006
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds