Dismiss Notice
Hey Guest! We'd like to know what you think of our new theme & platform, click here to share your thoughts!
  1. NiKE..

    NiKE.. Banned

    Feb 8, 2011
    398
    :facepalm:yeah, i have been affected by a keylogger i think,, winlogon.exe is silently working in task manager.. pleasehelp me how to remove this virus:'(:'(:'(
     
  2. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    I think ,you tried to replace the original winlogon.exe file in windows xp for making pirated windows genuine ?
    otherwiset the process "winlogon.exe" runs in the background. Winlogon is a part of the Windows Login subsystem, and is necessary for user authorization and Windows activation checks.

    To remove Trojan Winlogon.exe ,just download this small utility and run it..
    http://liveupdate.symantec.com/upgrade/NPE/1033/NPE.exe

    Effective tool for such type of small trojans/snippers
     
  3. gfxguru

    gfxguru New Member Member

    Jul 9, 2009
    951
    The key to cleaning, is booting into Safe Mode With Networking, then running two (2) different cleaners. Here is how you can do it:


    (1) First, restart your computer in Safe Mode With Networking (reboot).
    Re-boot and hold down your [F8] key while re-booting
    (2) Boot into "Safe Mode with Networking"
    (3) Download Malwarebytes from www.malwarebytes.org
    (4) Install Malwarebytes
    (5) **Still in Safe Mode** Run Malwarebytes until it's finished
    (6) On the "Quarantine" tab, delete everything!
    (7) Restart your computer into SafeMode With Networking.

    THEN:

    Download and install the free SuperAntiSpyware.
    www.superantispyware.com/download.html

    Then, run SuperAntiSpyware. It's free, so you don't have to pay.

    Then, tell it to detect everything and clean everything. Then, restart computer.

    This should fix it.

    EDIT: IF YOU CAN ONLY BOOT IN SAFE MODE, then could mean that your REGISTRY is messed up --- but I'm not sure of that. So, what I would do is download the latest MICROSOFT SECURITY ESSENTIALS.

    links:
    http://www.malwarebytes.org/
    http://www.superantispyware.com/download.html
    http://www.microsoft.com/security/portal/Definitions/HowToMSE.aspx

    Source: Google search :D
     
  4. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    I think malwarebytes is not much effective as per previous experiences.rest OK!
     
  5. gfxguru

    gfxguru New Member Member

    Jul 9, 2009
    951
    from my personal experience malwarebytes is really good..i always use that, when KIS2012 cant find any.
     
  6. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    Might be better than KIS2012 in removing malwares ,but remember MALWAREBYTES is not much effective in removing any security risk related to trojans .Even ,some time ,these type of softwares do just a showoff means showing fake infos about risks !

    I have research report of various security softwares in which our team researched on it ..
     
  7. NiKE..

    NiKE.. Banned

    Feb 8, 2011
    398
    @Techking & @gfxguru ,, thanks for the help & please also help me in removeing 1 more suspisious task csrss.exe
     
  8. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    can you trace the path of that risk ?
     
  9. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    just run above tools as recommend by me as well as gfxguru..
     
  10. aussiegeorge

    aussiegeorge New Member Member

    Jan 2, 2011
    132
    1

    Click the "Start" button and then choose "Run," or press the "Windows" button and hold down "R" to launch the Run window.
    2

    Type in "cmd" and press "OK."
    3

    Type in "taskkill/IM winlogon.exe" and press "Enter."
    4

    Restart the computer system, and then press "F8" until the boot options menu appears. Choose "Boot in Safe Mode" and press "Enter."
    5

    Click "Start," "(My) Computer" and double-click the "C:" drive icon. Choose "Program Files" and then select "winlogon.exe." Push "Delete" and the file will be removed from the computer. Restart the computer system and allow it to boot normally.
     
  11. Techking

    Techking New Member Member

    Jan 11, 2012
    153
    It will remove the risk temporarily from your system (winlogon.exe resides it entry in recycler too)
    run npe after doing it..
    Better and short method proposed by @ aussiegeorge :)
     
  12. NiKE..

    NiKE.. Banned

    Feb 8, 2011
    398
    okie but safemode is not loading....anyways removed 4566 threats
     

Share This Page