Re: Mysterious file - WINXPINIT.EXE

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 09/13/04 

Date: Sun, 12 Sep 2004 22:15:52 -0400

Sounds like malware. Perform the following to see if it is in the virus class of malware...

Please go to one or more of the below online scanners and perform a scan of your platform
then report back your results.

Trend:
http://housecall.antivirus.com
http://housecall.trendmicro.com

F-Secure:
http://support.f-secure.com/enu/home/ols.shtml

McAfee:
http://www.mcafee.com/myapps/mfs/default.asp

Panda:
http://www.pandasoftware.com/activescan/

Kaspersky:
http://www.kaspersky.com/de/scanforvirus

Symantec:
http://security.symantec.com/

BitDefender
http://www.bitdefender.com/scan/license.php

Dave

"JZ" <themayor@adelphia.net> wrote in message news:q9-dnR8c49W6ndjcRVn-rg@comcast.com...
| I have Window 2000 machines that have a file named "winxpinit.exe" appearing
| in the c:\winnt\system32 directory. This file appears in the processes
| TWICE when I do a Ctrl+Alt+Del. It also is making registry entries in:
|
| HKey_Local_Machine & HKey_Local User
| Current user->Software->Microsoft->Windows->Current Version->Run and
| RunOnce (along with a few other places).
|
| When I put the computer in Safe Mode and remove the exe and registry entries
| the file returns. The computers with this file on it boot up but upon
| reaching the desktop screen, they just freeze the screen right before the
| desktop icons appear. If I kill the one winxpinit.exe process the computer
| will boot up completely but once the file returns it makes the computers run
| sluggish.
|
| I have done an extensive search on the Internet for this file but there
| doesn't seem to be any mention of it.
|
| Can someone shed some light on this file?
|
|

Relevant Pages

  • Re: Mysterious file - WINXPINIT.EXE
    ... >> virus class of malware... ... >>> the processes TWICE when I do a Ctrl+Alt+Del. ... >>> registry entries the file returns. ... >>> it boot up but upon reaching the desktop screen, ...
    (microsoft.public.security.virus)
  • Re: Trojan (?) will not allow safe mode, but *will* allow normal boot
    ... eject boot CDRduring test, spot spontaneous reboots ... Is the PC isolated from all malware? ... Executive summary: Safe mode isn't. ... familiarity with Bart, but for those who do fixing of Windows systems, ...
    (microsoft.public.security.virus)
  • Re: Compaq Presario go slow.
    ... Big boot recovery disk efforts to even ... boot CD antivirus check and removed 140 infections. ... I downloaded 'MalwareBytes Malware Remover' and ran it. ... SP2 raised the bar as far as memory requirements. ...
    (uk.comp.homebuilt)
  • Re: Format, install, ahhhhh!
    ... the built-in Windows firewall is sufficient. ... Perhaps you don't have enough RAM for the combination of programs your ... You never told us if you ever configured a clean boot to see if the ... malware. ...
    (microsoft.public.windowsxp.general)
  • Re: Format, install, ahhhhh!
    ... the built-in Windows firewall is sufficient. ... Perhaps you don't have enough RAM for the combination of programs your ... You never told us if you ever configured a clean boot to see if the ... malware. ...
    (microsoft.public.windowsxp.general)