Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
I used autoruns and the first entry listed is:
AUTORUN ENTRY: C:\WINDOWS\system32\userinit.exe
DESCRIPTION: Userinit Logon Application
PUBLISHER: (Verified) Microsoft Windows Publisher
IMAGE PATH: c:\windows\system32\userinit.exe
I found this in the startup database:
This is an undesirable program.
This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.
If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.
Name: 1qaw3edr5
Filename: userinit.exe
Command: C:\WINDOWS\system32\userinit.exe
Description: Added by the Troj/Kbroy-B keylogging Trojan.
File Location: %System%
Startup Type: This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry.
HijackThis Category: O4 Entry
Is this the same program even though the descriptions are different and is from (verified) Microsoft Windows Publisher?
I want to check before I delete it.
Thank you.
AUTORUN ENTRY: C:\WINDOWS\system32\userinit.exe
DESCRIPTION: Userinit Logon Application
PUBLISHER: (Verified) Microsoft Windows Publisher
IMAGE PATH: c:\windows\system32\userinit.exe
I found this in the startup database:
This is an undesirable program.
This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.
If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.
Name: 1qaw3edr5
Filename: userinit.exe
Command: C:\WINDOWS\system32\userinit.exe
Description: Added by the Troj/Kbroy-B keylogging Trojan.
File Location: %System%
Startup Type: This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry.
HijackThis Category: O4 Entry
Is this the same program even though the descriptions are different and is from (verified) Microsoft Windows Publisher?
I want to check before I delete it.
Thank you.
Back to top
