userinit.exe information

Information and startup locations can be examined on this page: verify all your files to make sure that they are legitimate, digitally signed and from the company Microsoft Corporation to which they should belong. userinit.exe security and file info Userinit Logon Application - Microsoft(R) Windows(R) Operating System - Microsoft Corporation Filetype : executable An executable file is a program that can be executed in your windows environment. What is userinit.exe? Userinit.exe is a part of Windows NT-based operating systems that handles the startup process. It is responsible for establishing network connections and starting the shell. This process is critical to the operation of the system. Do not make any attempt to disable it. Removing it will render your system unbootable and will require a reinstallation of the operating system. Dangers of userinit As this is a critical system executable that is necessary for the operating system to run, it is common for virus writers and spyware vendors to disguise their malware as the genuine one. Some malicious files may have the same name but be stored somewhere other than in %SystemRoot%\System32. Other malware may use a name that appears similar to it but with slight differences in spelling or with appended digits. The following malware is known to disguise itself as userinit.exe: Troj/Viran-B (%SystemRoot%) This is a Trojan horse that allows a remote attacker to gain full control over an infected system via HTTP. W32/Gommer-A (%CommonFiles%\system\(5BB5AD01-5EF7-40EC-93C7-5B152124146CA) \userinit.exe) This is a Trojan horse that spreads via mIRC. W32/Maddis-A (%SystemRoot%\System32\usrinit.exe) This worm spreads via network shares and takes several measures to prevent itself from being detected. It opens up several ports to function as a proxy server and submits the IP address of the infected machine to a proxy list website. Troj/Haxdoor-DP (%SystemRoot%) W32/Malas-E (%ApplicationData%\usrinit.exe) You should never see this process running in the Task Manager except for a few seconds after you log in. The presence of an instance of it in the task manager afterwards is a strong indicator of a malware infection. Common problems You immediately get logged out after logging in This is caused by a missing or corrupt userinit.exe. Check your system for viruses and then restore it from your Windows installation disc. Possible error for this file: Application error, the application has generated errors and will be closed by windows Our recommendation:  Click here to run a FREE Scan for USERINIT.EXE related errors

MD5 File security rating

A MD5 hash is a unique fingerprint of a file. Different files/versions can have the same filenames. The MD5 hash verifies that the legitimate file is not altered. Runscanner (Freeware) can help you checking the file's MD5 hashes Userinit.exe files in Runscanner database   248 different item(s) in database   2 different item(s) in database   7 different item(s) in database   219 different item(s) in database Green items are verified safe to use Unrated items are not yet checked for safety. Red items are not safe (typically virusses, spyware or other malware) This file is digitally signed by it's publisher. This means that the file is from the company claiming to created it, this does not mean by default that the file is safe

General file info

Product name:  Microsoft(R) Windows(R) Operating System Description:  Userinit Logon Application Company:  Microsoft Corporation Fix USERINIT.EXE errors:  Free registry scan

Pacman startup database

Added by the GOMMER-A WORM! Added by the HAXDOOR-DP TROJAN! info provided by sysinfo.org