Thanks sooooooooooooooooo much for your time and effort in helping me sort
the problem. With your info and the help of a pal next door, between us we
have managed to get the userinit back into the registry somehow and now Iam
up and running again. Ran Spysweeper and Malwarebytes which found numerous
virus', trojans and other errors which have now been rectified and all seems
ok except for the System Restore, it no longer works. As soon as I accessit
a message appears saying I must restart my computer after which the same
message appears again. Any ideas on this one?
You have to think like malicious software - which is really more
annoying that anything else.
It will do what it finds fun to keep you from removing it - like keep
you from logging it, keep you from loogin in in safe mode, keep
popular malware scanners from running (MBAM & SAS), keep you from
running regedit, and of course keep you from running System Restore.
The world is lucky malicious software is not as malicious as it could
be - it is merely an annoyance.
Your login issue is well known and easy to fix from Recovery Console
which is why I wanted you to make a RC CD in the first place, and
don't know if you did or not.
It is not difficult and time consuming and my copy/paste directions
from having fixed this so many times would have had you running in
minutes - after you got the RC going.
Then you could run some good scans and clean up the leftovers and
anything else. We don't know how you fixed that issue either and
maybe you fixed it "right" or had some good luck, but it doesn't
matter now.
After fixing the userinit issue, you would not want to do a SR anyway
because your RPs are probably compromised as well, so you would just
reinfect your machine. Do you know if SR has ever worked in the first
place or is this the first time you have tried to use it? SR is
certainly not a time machine.
SR is often the fist thing people try to do and of course it doesn't
work after an attack. It is broken and it is broken because the
malicious software broke it on purpose. Malicious software breaks
things that can be used to detect and remove it. Removal programs
sometimes don't fix everything.
One you get your machine cleaned up, you should whack all your old RPs
and make a new one. Trying to "fix" a broken SR is generally easy,
but the best advice is to not count on or try to use any of your old
RPs.
Reinstalling XP is an option, but to me it is an admission of defeat,
losing and giving up. I have never reinstalled XP or needed to -
ever.
Your SR problem is also well known and likely quite fixable, but the
solution will cost you your all of your old (and probably worthless)
RPs - why would you want to use them anyway? I certainly would not
trust any of them. You would also have to answer a few more
questions, and might (but probably not) have to come up with a copy of
an XP installation CD that matches your configuration.
It is not in my nature to guess at what might could be or have been or
suggest things to try that might work. People need specifics to solve
these issues, not vague guesses about what it might be.
You did not mention SAS but you should run it too.
Perform some scans for malicious software first, then fix any
remaining issues:
Download, install, update and do a full scan with these free malware
detection programs:
Malwarebytes (MBAM):
http://malwarebytes.org/
SUPERAntiSpyware: (SAS):
http://www.superantispyware.com/
They can be uninstalled later if desired.
Then let us know if you want to fix your SR or do you want to
reinstall.