Jump to content


Yikes! What have I done now?

  • This topic is locked This topic is locked
1 reply to this topic

#1 Sam-I-Am



  • Full Member
  • Pip
  • 2 posts

Posted 07 September 2005 - 09:08 PM

Lately I've been using my laptop more frequently than the desktop. It has half the RAM, but its processor is probably faster, and more important than that, its modem usually connects at a slightly higher speed. But the laptop, which I acquired secondhand, with Windows XP already installed, seemed to have some on-again, off-again issues. It would frequently and repeatedly ask me to make an internet connection, and the requesting URL (which would change) would be something I'd never heard of, and something with a shady-sounding ring to it.

I thought my problem lay in a registry key that activated some official-sounding "Microsoft Telcom" program. I'd dealt with that, and for awhile, that seemed to do the job. More recently, A-squared had warned me of "spooler.exe", a two-day-old file, that they didn't think was legitimate. I decided to try Hijack This, which I'd previously downloaded but had never gotten around to using, I don't think.

Hijack This reported that there were a bunch of bad things, and it seemed that they were mostly HOSTS file entries that had been altered. The majority seemed to involve banking websites, and even though I'm not an online banker, I didn't like this at all. So I authorized Hijack This to deal with them, but to make an automatic backup. I also authorized Hijack This to zap (with backup) some other flaky-looking entries that dealt with nothing I'd ever deliberately done. I was pretty happy that I was getting something accomplished.

Now, since I was working in Safe Mode, I wanted to reboot normally and see if I would still get a connectivity request from "www.newsoftware30.info" (or something like that). So I shut down and rebooted. It seemed to take a little longer than usual, but I expected as much.

When it eventually asked me to log in as "Administrator", which is what it'd done from the day I received the laptop, I entered Administrator's password, which had always been <carriage return>. It informed me that it was "loading personal settings" for a few seconds, and then, the instant that was complete, it informed me that it was logging off. And this seems to be the perpetual cycle.

It does the same thing when I try Safe Mode, when I try Command Prompt mode, when I try "last settings that actually worked" mode, and when I try anything else I can think of to try. I'm perplexed. The laptop (actually a subnotebook, a ThinkPad 240X) has no CD-ROM drive, and even if it did, it came with XP pre-installed, so there's no source for reloading the OS (which isn't something I would want to do, anyway, if I can possibly help it).

Many thanks in advance for any assistance that the community can lend!

#2 Sam-I-Am



  • Full Member
  • Pip
  • 2 posts

Posted 26 September 2005 - 09:07 PM

Okay. People were just falling all over themselves in their rush to my assistance, and I completely ignored their selfless helpfulness. I have successfully resolved the issue, though, and here's the fix:

If you read what I posted previously, you'll recall that I'd "fixed" things but good with Hijack This. I'd had a couple of episodes of strange and aggravating requests for internet connection that I wanted gone, and in the course of getting them gone, I (or Hijack This, or the malware) had rendered my OS (XP Pro) un-log-innable. My little ThinkPad, therefore, became a three-pound paperweight.

I'd considered finding me a DOS boot disk, but I don't know where they're hiding, and I didn't put much effort into looking. Instead, I went over to see this one pal of mine and we smoked cigars and talked about it. He encouraged me to bring the computer over and we'd see what we could do. So that's what I did. He went to http://www.bootdisk.com and scored an XP quickstart floppy, but when we went to try it, we discovered that my external floppy disk drive had gotten squashed somewhere along the line. I'd used it last winter, and it was okay then, but hey, these things happen. No problem, though; I thought I had another compatible external floppy drive, and maybe two others.

So NEXT time I went over to visit, I was equipped. The XP quickstart disk wouldn't do the job, which didn't surprise us much. We were having trouble finding error-free floppy disks, but he eventually got it to where it would boot to a miniature Linux buildlet. This was heartening, but it was getting late, and I had to be up early the following day.

Not so for my pal, who, in addition to being one of the sharpest people you're going to encounter (real life or www, take your pick), is slightly underemployed. I'm not kidding, the guy is knowledgeable. He's entirely self-taught, and consequently has no "certificates" and his résumé doesn't reflect the typical hopscotching from IT job to IT job 'til the résumé-holder floats (key word, there) up to a position for which s/he is eminently unqualified (but which pays really really well). No, he does freelance lumberjack work, and occasional carpentry work (pretty darned good at it, too), and he somehow manages not to starve. He could, and should, be a Unix system administrator, and he'd be far more competent than some people whom I've actually seen ascend to such positions. But that's easier said than done when one doesn't have documentation or a résumé that at least appears to be halfway credible.

But enough about him and his qualifications. I went home, and he stayed up and massaged the crippled ThinkPad. As I said above, we'd gotten it to show signs of life when booted to Linux. I'd had no reason to suspect that the hardware was bad, however – it was simply an OS issue, and the powerful OS wouldn't allow me to sneak in and address whatever was amiss. The way he explained it to me (and I'm not an authority on Linux, by any means . . . I yearn for the good ol' DOS prompt), all he had to do was "assemble a kernel that would read a FAT32 directory". Once he'd done that, he could read the hard drive, and everything looked to be intact. Yay.

But this fellow, despite all his brilliance, doesn't know a whole lot about Microsoft's current quasi-operating systems. He'd argue that this works to his advantage (and when he does have to suffer exposure to a Windows environment, he claims he feels anxious and powerless and he's relieved to get back to his stable, powerful Linux environment), and I don't doubt him a bit. He's got a good gut, though, and he'd sensed that the problem that I was having was coming when "Administrator" wasn't being recognized, probably owing to some component of Administrator's user information being missing or misplaced. It'd certainly have been nice, I'd think, if the installed OS had reported something to that effect, but it hadn't. It had simply "loaded Administrator's personal settings" and then instantly logged Administrator off.

Well, his gut, coupled with a tiny dose of Googling, led him to look for USERINIT.EXE. It was there, sure enough, in C:\WINDOWS\SYSTEM. The only problem would be that Windows doesn't look for it there. It looks for it in C:\WINDOWS\SYSTEM32. Oops. So it was a simple matter of moving the file to the right place, and the machine was up and running just like old times.

Summary: 1) Boot up somehow (a real challenge for me,
having neither a CD-ROM drive nor OEM Windows media),

2) Look for USERINIT.EXE somewhere in the C:\WINDOWS
directory or its subdirectories,

3) If it's not in C:\WINDOWS\SYSTEM32, make sure there's a
copy of it there,

and (knock on wood) you'll be good to go.

Linux isn't installed on this computer. Not yet. Its hard drive isn't enormous, and having Microsoft Office ready at hand gives me comfort. But it's only a matter of time. I concede that it'll be inefficient of me to squander a third of the drive's capacity on a bloated operating system in order to have access to a bloated office suite, but it wasn't especially "efficient" of the operating system to be unwilling to load (or to even hint at why it wouldn't/couldn't load) a user's settings, either.

Member of UNITE
Support SpywareInfo Forum - click the button