Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

wininit.ini entries


  • Please log in to reply
No replies to this topic

#1 ajetrumpet

ajetrumpet

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa City, IA
  • Local time:10:21 AM

Posted 24 January 2013 - 12:59 PM

Hello all,

I noticed in this file that there are multiple lines with this string in it. Here's one that I have in there:

c:\tempjunk5015.tmp=C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE

There are also entries for DLLs. My web research tells me that this is malware (like most toolbars?) and a rootkit might be present. MalwareBytes (newest version) does not report anything found and neither does an AVG free 2013 version scan. AVG scans that were run include "full rootkit scan" and "complete computer scan".

I'm wondering why these strings are in the wininit.ini file but the paths are not present. Anything is possible with the bad guys though. My question for the experts here is: Is this an indication that I have something pretty deep bogging down the machine?

Any help appreciated. thanks.

----------------------------------------------------------------------
OS => Vista Home Prem 64-bit x86
----------------------------------------------------------------------

Edited by ajetrumpet, 24 January 2013 - 01:00 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users