Download and run firefox to protect your computer from future spyware attacks and pop ups which are coming in through internet explorer (Trojan downloaders, win32 ).Browser attacks aren't easy to spot because they piggyback on legitimate traffic that doesn't exhibit many obvious warning signs
1. Run Deckard's System Scanner (DSS)
2. Run the vundo and combo fix
3. Run Malwarebytes Anti-Malware
4. Run the anti spyware removal programs spybot
5 Run Superantispyware
6. Run a complete scan with free curing utility Dr.Web CureIt!
Answer
winlogon.exe is required on machines that have a network connection of any kind. Removing it wouldn't be wise. -
i am having a similar proble, winlogon.exe is actually a virus. it has been used on my computer to hack into my email and send spam email to other users. i am currently looking for a way to remove it as well. the only way i have come across is to reinstal windows.
Answer
If you really want to remove it, boot from a knoppix (http://www.knoppix.net) cd. The captive-driver allows you to write to ntfs-partitions.
Answer
C:\Windows\winlogon.exe is virus malware etc relatively small file carries out virus activities. Needs to be started on reboot. Remove by first killing startup entry - use Spybot Search and destroy (Tools - Startup) or hijackthis, or edit registry directly whichever you feel comfortable with. After startup has been disabled can delete file using explorer - no longer dangerous. NB - likely to be other files loaded using same technique check any startup entry that accesses file in C:\Windows rather than C:\Windows\System32 likely to be virus malware etc.
C:\Windows\System32\winlogon.exe is windows logon function appears in taskmanager - killing task will halt system - does not need any startup entry. Do not remove this file!!
Answer
C:\Windows\System32\winlogon.exe can be fixed by starting up in safe mode then opening the i386 directory and copying the winlogon.exe. After you do that you go into your System32 directory paste the file, and do not confirm that you want to overwrite the file yet. Kill the winlogon.exe process now(this can't be done through windows task manger but security task manger can kill it) and confirm the file overwrite. You should have about a second before you system brings up an error screen.
now reboot and upload your winlogon.exe to http://virusscan.jotti.org/en to confirm that your winlogon.exe is no long infected.
No comments:
Post a Comment