Windows Vista with Vista Service Pack 1
I was reviewing my suspicious activity log and came acrosss this entry from 11/26/08 at 11:32pm
suspicious behavior
Risk level- Low
wininit.exe accessed the protected resource listed
activity- Stealth process
Resource- REGISTRY\MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\ShutdownFlags
I have googled wininit.exe and see some concern abou it having been a virus at one time. However, mine is located
C:|Windows\System32 and I scanned it and it came up clean
I also noted that in my Vista Problem History there are several entries dated 11/26/08 at 10:45pm where windows host process Rundl32 stopped working (twice) for cceraser.dll
I also know that around that time, I turned off my computer. I can't recall if I turned it off correctly or had a problem and just cut off the power.
Could that account for this "suspicious" activity?
Since that time I have run at least 35 full system scanns and numerous full system scans without any issues detected other than tracking cookies.