| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 48842 | 2004-09-02 21:00:00 | winitr32.exe | drb1 (4492) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 268441 | 2004-09-02 21:00:00 | winitr32.exe. Any body know anything about this guy, not google, not symantec, not microsoft. seems to be naughty. |
drb1 (4492) | ||
| 268442 | 2004-09-02 21:13:00 | Where is it on the hard drive?? And is it under msconfig under startup? And what version of Windows are you using?? If XP, its not part of XP 1 or 2. It's not on this PC. |
Spacemannz (808) | ||
| 268443 | 2004-09-02 21:24:00 | couldnt find anything either, maybe check the spelling | Rob99 (151) | ||
| 268444 | 2004-09-03 05:34:00 | It might be wininit32.exe? Which belongs to this securityresponse.symantec.com This is a worm/backdoor trojan. or wininit.exe? which is service1.symantec.com |
Spacemannz (808) | ||
| 268445 | 2004-09-03 06:50:00 | > It might be wininit32 . exe? > > Which belongs to this > > . symantec . com/avcenter/venc/dat" target="_blank">securityresponse . symantec . com > /w32 . xabot . worm . html > > This is a worm/backdoor trojan . > > or wininit . exe? > > which is > > . symantec . com/sarc/sarc . nsf/html/pf/w32" target="_blank">service1 . symantec . com > hllw . bymer . html > Yes, very close, I was there B4 I came here, the spelling is (winitr32 . exe) . I have seen Wuamgrd (?spelling) remanifest itself as Muamgrd . It's probably the same scenario . I got a blue screen slow start, (winitr32 . exe) was flicking on and off in tsk/mnger . Halted the process and got a complete boot . Removed file from sys32 . on reboot somethig was looking for it . Next reboot seems to be gone . just about time for an image replacment . This was really a curiosity/inf post . Thank you . |
drb1 (4492) | ||
| 268446 | 2004-09-03 06:52:00 | No prob :) HTH ciao | Spacemannz (808) | ||
| 268447 | 2004-09-03 06:54:00 | I forgot it also gets picked up in the firewall tring to acess the net with that spelling. | drb1 (4492) | ||
| 1 | |||||