WINLOGON.EXE – Worm Autorun
Alex NightWatcher: Solved! Fix it immediately: WINLOGON.EXE – Worm Autorun removal File MD5 Virus Alias WINLOGON.EXE 063189252bc82ef42b18fe7b78a5f659 Worm Autorun WINLOGON.EXE 063189252bc82ef42b18fe7b78a5f659 Trojan Hllw WINLOGON.EXE 063189252bc82ef42b18fe7b78a5f659 Trojan Agent WINLOGON.EXE size: 892160 bytes WINLOGON.EXE hash: 063189252BC82EF42B18FE7B78A5F659 Created files: %UserProfile%\winlogon.exe Detected by UnHackMe: WINLOGON.EXE Default location: %USERPROFILE%\WINLOGON.EXE Dropper information: MD5: 063189252bc82ef42b18fe7b78a5f659 File size: 892160 bytes Recommended: UnHackMe anti-rootkit [...]
WINLOGON.EXE is Trojan Opachki
Alex NightWatcher: Solved! Fix it immediately: Is the file WINLOGON.EXE located on your computer? Then your computer is infected. We do suggest you should remove WINLOGON.EXE from your computer as soon as possible. WINLOGON.EXE is Trojan/Backdoor. Kill the process WINLOGON.EXE and remove WINLOGON.EXE from the Windows startup. Malware Analysis of WINLOGON.EXE Full path on a [...]
WINLOGON.EXE is Trojan Spambot
Alex NightWatcher: Solved! Fix it immediately: The file WINLOGON.EXE is malware related. You must delete the file WINLOGON.EXE immediately! Delete the file WINLOGON.EXE without delay! Kill the process WINLOGON.EXE and remove WINLOGON.EXE from the Windows startup. Malware Analysis of WINLOGON.EXE Full path on a computer: %WinDir%\winlogon.exe Detected by UnHackMe: Item Name: nvchost Author: Unknown Related [...]
winlogon.exe – trojan Agent
Alex NightWatcher: Solved! Fix it immediately: The file winlogon.exe is malware related. You must delete the file winlogon.exe immediately! Delete the file winlogon.exe without delay! Kill the process winlogon.exe and remove winlogon.exe from Windows startup. Malware Analysis of winlogon.exe Removed: winlogon.exe. Full path: C:\WINDOWS\system32\drivers\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows Defender Author: KvĀ®2010 Related [...]
Winlogon.exe – trojan Kazy
Alex NightWatcher: Solved! Fix it immediately: The file Winlogon.exe is malware related. You must delete the file Winlogon.exe immediately! Delete the file Winlogon.exe without delay! Kill the process Winlogon.exe and remove Winlogon.exe from Windows startup. Malware Analysis of Winlogon.exe Executed: winlogon.exe Removed: Winlogon.exe. Full path: C:\Documents and Settings\Administrator\Application Data\Miicrosoft\Winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: [...]
Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\Security\svchost.exe, C:\Program Files\winlogon.exe (trojan Injector)
Alex NightWatcher: Solved! Fix it immediately: Malware: KLU7CH~1.EXE Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\Security\svchost.exe C:\Program Files\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 127.0.0.1 avp.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 customer.symantec.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 dispatch.mcafee.com Author: Unknown Related File: Type: Hosts File Contents [...]
Removed: windsys2.exe, winlogon.exe (trojan KD)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\exe.exe Removed: C:\Documents and Settings\Administrator\Application Data\windsys2.exe C:\Program Files\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 127.0.0.1 avp.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 customer.symantec.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 dispatch.mcafee.com Author: Unknown Related File: Type: Hosts File Contents [...]
Removed: GLXLIPAJ.SYS; Restored: EXPLORER.EXE, WINLOGON.EXE (NSIS/TrojanDownloader)
Alex NightWatcher: Solved! Fix it immediately: Malware: 1PkgMgrb.exe Removed: C:\WINDOWS\SYSTEM32\DRIVERS\GLXLIPAJ.SYS Restored: C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: TDL MBR Rootkit Author: Unknown Related File: TDL MBR Rootkit Type: MBR 2. Multi AntiVirus scan: 2.1 EXPLORER.EXE Default location: C:\WINDOWS\EXPLORER.EXE MD5: 62DFABC372EB96822890DAF50D4EAF87 SHA1: E83408F1 1D48CD25 B77C62E6 6A5EA5E5 8BD5CF1E File Size: 1 [...]
Removed: C:\Program Files\winlogon.exe (trojan Kazy)
Alex NightWatcher: Solved! Fix it immediately: Malware: firefox-toolbar.exe Removed: C:\Program Files\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 127.0.0.1 avp.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 customer.symantec.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 127.0.0.1 dispatch.mcafee.com Author: Unknown Related File: Type: Hosts File Contents /…/ Item Name: Windows [...]
Removed: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\oweeaxce.exe, C:\Program Files\UcAgWjev\oweeaxce.exe; Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (trojan Ramnit)
Alex NightWatcher: Solved! Fix it immediately: Malware: all-zahlung.exe Removed: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\oweeaxce.exe C:\Program Files\UcAgWjev\oweeaxce.exe Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,,C:\Program Files\UcAgWjev\oweeaxce.exe Type: UserInit Value Item Name: oweeaxce.exe Author: Macromedia, Inc. Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\START MENU\PROGRAMS\STARTUP\OWEEAXCE.EXE Type: Startup Folder 2. Multi AntiVirus [...]
Removed: C:\Documents and Settings\Administrator\27F6471627473796E696D64614\winlogon.exe, C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe, C:\Documents and Settings\NetworkService\winlogon.exe, C:\winlogon.exe (worm AutoTsifiri)
Alex NightWatcher: Solved! Fix it immediately: Malware: 76.exe Removed: C:\Documents and Settings\Administrator\27F6471627473796E696D64614\winlogon.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe C:\Documents and Settings\NetworkService\winlogon.exe C:\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 132.96.17.184 drweb.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 88.227.68.221 f-secure.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 40.47.94.210 kaspersky.com Author: Unknown [...]
Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE (trojan Bamital)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\install.exe Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE —————————————————————————————————————————- Detected by UnHackMe: WINLOGON.EXE Default location: C:\WINDOWS\SYSTEM32\WINLOGON.EXE MD5: D504CF2B1C61FB4680DFA4805D396845 SHA1: 876A39C1 DE9A9D90 1A9302B0 722A6E70 6E4853B0 File Size: 507 904 Version Info: OriginalFilename: WINLOGON.EXE FileDescription: Windows NT Logon Application InternalName: winlogon CompanyName: Microsoft Corporation FileVersion: 5.1.2600.5512 (xpsp.080413-2113) LegalCopyright: c Microsoft Corporation. All rights reserved. ProductName: [...]
Removed: C:\WINDOWS\system\winlogon.exe, C:\WINDOWS\systemz.exe (trojan Vilsel)
Alex NightWatcher: Solved! Fix it immediately: Malware: limewirepro.exe Removed: C:\WINDOWS\system\winlogon.exe C:\WINDOWS\systemz.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: System Author: Unknown Related File: C:\WINDOWS\SYSTEMZ.EXE Type: Registry Run Item Name: winlogon Author: 378465345863 Related File: C:\WINDOWS\SYSTEM\WINLOGON.EXE Type: Registry Run Item Name: systemz.exe Author: Unknown Related File: C:\WINDOWS\SYSTEMZ.EXE Type: Running Processes Item Name: svchots.exe Author: mIRC Co. Ltd. [...]
Removed: Kernel32.exe, Latest_Version.exe, winlogon.exe (trojan Autorun)
Alex NightWatcher: Solved! Fix it immediately: Malware: t0theface.Exe Removed: C:\Documents and Settings\Administrator\Application Data\Kernel32.exe C:\Documents and Settings\Administrator\Application Data\sys\Latest_Version.exe C:\Documents and Settings\Administrator\Application Data\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 1AVG Internet Security 8.5 Patch Author: Team Blacklist Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\KERNEL32.EXE Type: Registry Run Item Name: {B9C4FAF8-AEA2-BDCE-07DF-3D09BBEFDFAD} Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYS\LATEST_VERSION.EXE Type: [...]
Removed: C:\WINDOWS\WinLogon.exe (trojan Meredrop)
Alex NightWatcher: Solved! Fix it immediately: Malware: pics.exe Removed: C:\WINDOWS\WinLogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WinLogon.exe Author: Microsoft Related File: C:\WINDOWS\WINLOGON.EXE Type: Running Processes After first reboot detected by UnHackMe: Item Name: WinLogon Author: Related File: C:\WINDOWS\WinLogon.exe Type: Registry Run Removal Results: Success Number of reboot: 2 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result [...]
Removed: C:\WINDOWS\system\winlogon.exe (trojan for users vkontakte.ru)
Alex NightWatcher: Solved! Fix it immediately: Malware: new.exe Removed: C:\WINDOWS\system\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system\winlogon.exe Type: UserInit Value Item Name: winlogon.exe Author: Related File: C:\WINDOWS\SYSTEM\WINLOGON.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.21 Trojan.Generic.KD.12015 Kaspersky 7.0.0.125 [...]
Removed: ..\Application Data\winlogon.exe, nvdisp.exe (trojan Mudrop)
Alex NightWatcher: Solved! Fix it immediately: Malware: cheezburger.exe Removed: C:\Documents and Settings\Administrator\Application Data\winlogon.exe C:\Documents and Settings\Administrator\Application Data\nvdisp.exe —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: Winlogon Author: Prive Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WINLOGON.EXE Type: Explorer Run Item Name: {1AD870AD-7ACC-1FA0-77DB-08BAB1DDBD76} Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WINLOGON.EXE Type: ActiveSetup Item Name: Winlogon Author: Related File: C:\DOCUMENTS [...]
Removed: %WinDir%\winlogon.exe (trojan Scar)
Alex NightWatcher: Solved! Fix it immediately: Malware: c:\sand-box\server.exe Removed: C:\WINDOWS\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {B5BB5C54-E895-1BAD-DEAA-CAEAEF1EA2E2} Author: Microsoft Related File: C:\WINDOWS\WINLOGON.EXE Type: ActiveSetup Item Name: Winlogon Author: Related File: C:\WINDOWS\WINLOGON.EXE Type: Registry Run Item Name: winlogon.exe Author: Related File: C:\WINDOWS\WINLOGON.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version [...]
Removed: GenAvir.exe, inoutin.exe, pb.dll, winlogon.exe (FakeAV – General Antivirus)
Alex NightWatcher: Solved! Fix it immediately: Malware: setup_build13401.exe Removed: C:\Program Files\General Antivirus\GenAvir.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\inoutin.exe C:\Documents and Settings\Administrator\Application Data\General Antivirus\db\pb.dll C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\winlogon.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.05 Gen:Trojan.Heur.GM.0000450220 Kaspersky 7.0.0.125 2010.03.05 – McAfee 5910 2010.03.04 – Microsoft 1.5502 2010.03.05 Trojan:Win32/InternetAntivirus NOD32 4917 2010.03.05 a variant [...]
Malware: install12501.exe
Alex NightWatcher: Solved! Fix it immediately: —————————————————————————————————————————- Malware: install12501.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.15 Gen:Trojan.Heur.GZ.cyW@bCRUHni Kaspersky 7.0.0.125 2010.02.15 Trojan-Downloader.Win32.Delf.yee McAfee 5892 2010.02.14 Generic.dx!nkr Microsoft 1.5406 2010.02.14 VirTool:Win32/Obfuscator.EW NOD32 4866 2010.02.14 – Symantec 20091.2.0.41 2010.02.15 Trojan.Pandex —————————————————————————————————————————- Additional information File size: 34816 bytes MD5 : c2bd6c05ff710dbfbcb0a589d9c18f8d SHA1 : 7720b9f1dde37ae164341d0f53a01c358d54673c SHA256: d390a26f1b6b9d8b410de53e35a84269f16e25ebaab5f2cb1f13abc7916c570d [...]
Malware: install11.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: install11.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.03 Suspicious:W32/Riskware!Online Kaspersky 7.0.0.125 2010.02.03 not-a-virus:FraudTool.Win32.InternetAntivirusPro.as McAfee 5881 2010.02.03 FakeAlert-FQ Microsoft 1.5406 2010.02.03 Trojan:Win32/InternetAntivirus NOD32 4832 2010.02.03 a variant of Win32/Kryptik.CBJ —————————————————————————————————————————- Additional information File size: 33280 bytes MD5 : 0f159f049c04cf2cbd58b7c5c8d6f22f SHA1 : 7a3c5a492cdbf345241b3f9d4c53d6d4d6b4a8c5 SHA256: 928e3abdb4814267d773aae1648bd0fd43763ee395bcb149b3cf858891f8a2ba —————————————————————————————————————————- Installation [...]
Removed: winlogon.exe
Alex NightWatcher: Solved! Fix it immediately: Malware: install13400.exe Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\winlogon.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.27 Suspicious:W32/Riskware!Online Kaspersky 7.0.0.125 2010.01.28 Trojan-Downloader.Win32.FraudLoad.wxtr McAfee 5874 2010.01.27 – Microsoft 1.5406 2010.01.28 Trojan:Win32/InternetAntivirus NOD32 4811 2010.01.27 a variant of Win32/Kryptik.CBJ Symantec 20091.2.0.41 2010.01.28 InternetAntivirus —————————————————————————————————————————- Additional information File size: 32768 bytes MD5 [...]
