Userinit.exe

BleepingComputer.com: Userinit.exe

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

Userinit.exe

#1 KenH

New Member

Group: Members
Posts: 2
Joined: 31-December 05

Posted 31 December 2005 - 04:26 PM

I used autoruns and the first entry listed is:

AUTORUN ENTRY: C:\WINDOWS\system32\userinit.exe

DESCRIPTION: Userinit Logon Application

PUBLISHER: (Verified) Microsoft Windows Publisher

IMAGE PATH: c:\windows\system32\userinit.exe

I found this in the startup database:

This is an undesirable program.

This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.

If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.

Name: 1qaw3edr5
Filename: userinit.exe
Command: C:\WINDOWS\system32\userinit.exe
Description: Added by the Troj/Kbroy-B keylogging Trojan.
File Location: %System%
Startup Type: This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry.
HijackThis Category: O4 Entry

Is this the same program even though the descriptions are different and is from (verified) Microsoft Windows Publisher?

I want to check before I delete it.

Thank you.

#2 Grinler

Bleep Bleep!

Group: Admin
Posts: 36,603
Joined: 24-January 04
Gender:Male
Location:USA

Posted 31 December 2005 - 05:31 PM

That is a legit file. Generally when its verified as microsoft's is legit. This entry is also started from a different location in the registry as its supposed to.

Lawrence Abrams
Circle BleepingComputer on Google+!
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
How to detect vulnerable programs using Secunia Personal Software Inspector <- Everyone should do this!