[filename.info logo]
[cn userinit.exe][de userinit.exe][es userinit.exe][fr userinit.exe][gb userinit.exe][it userinit.exe][jp userinit.exe][kr userinit.exe][nl userinit.exe][pt userinit.exe][ru userinit.exe][us userinit.exe]
 

userinit.exe (5.1.2600.1106)

Contained in software

Name:Windows XP Home Edition, Deutsch
License:commercial
Information link:http://www.microsoft.com/windowsxp/

File details

Filepath:C:\WINDOWS\system32 \ userinit.exe
Filedate:2002-08-29 14:00:00
Version:5.1.2600.1106
Filesize:22.528 bytes

Checksum and file hashes

CRC32:1C9570DC
MD5:BEBD 3F08 461F 9A88 E5AB CE0C B970 7000
SHA1:55E8 15C5 ECE5 8884 B88D 80C4 9BD6 2D6C 6AF6 8C99

Version resource information

CompanyName:Microsoft Corporation
FileDescription:Userinit-Anmeldeanwendung
FileOS:Windows NT, Windows 2000, Windows XP, Windows 2003
FileType:Application
FileVersion:5.1.2600.1106
InternalName:userinit
LegalCopyright:© Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename:USERINIT.EXE
ProductName:Betriebssystem Microsoft® Windows®
ProductVersion:5.1.2600.1106

userinit.exe was found in the following malware reports:

W32.Tiniresu

About W32.Tiniresu
...W32.Tiniresu is a virus that infects the Userinit.exe file and downloads and executes a file from a remote location....
Threat assessment
...Modifies files: Modifies %system%userinit.exe Degrades performance:...
Technical details
...performs the following actions: Locates %System%Userinit.exe, and if the file is less than 25,600 bytes long, infects it by prepending 48,128...
Removal instructions
...After the repair is complete, we recommend that you extract a clean copy of Userinit.exe from the Windows installation CD....
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.tiniresu.html

W32.Petch

Technical details
...Copies itself as: C:WindowsSystem32Userinit32.exe C:WindowsSystem32Dllhost32.exe...
...Changes the value to: "Userinit"="C:Windowssystem32userinit32.exe"...
...Deletes the following files: C: Windows System32Userinit.exe C:WindowsCmd.exe...
...C:WindowsSystem32Taskmgr.exe C:WINDOWSSystem32Userinit.exe C:WindowsSystem32Win.exe...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.petch.html

Backdoor.Sinit

Technical details
...modifies the value: "Userinit" = "%System%userinit.exe"...
Removal instructions
...pane, double-click the value: Userinit In the Value data box, delete...
...default installation, change: C:WINNTsystem32userinit.exe,%System%svcinit.exe to:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sinit.html

W32.Petch.B

Technical details
...%windir%TASKMAN.exe C:Windowssystem32userinit.exe Note: %Windir% is a variable....
...Copies itself as: %windir%system32userinit32.exe %windir%system32ctfmon32.exe...
...Changes the value: "Userinit" = "%windir%system32userinit.exe"...
...to: "Userinit" = "%windir%system32userinit32.exe"...
Removal instructions
...right pane, double-click: Userinit In the Value data box, change...
...last part of the text from: userinit32.exe to:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.petch.b.html

W32.HLLW.Reckus

Technical details
...Shutdown32.exe Userinit.exe Winsys32.exe...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.reckus.html

Backdoor.IRC.RPCBot.G

Technical details
...Adds the value: "Userinit"="C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32mshtml.exe"...
Removal instructions
...right pane, delete the value: "Userinit"="C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32mshtml.exe"...
......
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.rpcbot.g.html

Navigation

Browse files

• by name




Valid HTML 4.01!
Copyright © 2004 by Tegtmeier Internet Solutions Colocation: NetGate