Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Screwed up my mothers computer


  • Please log in to reply
3 replies to this topic

#1 Myrick85

Myrick85

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 20 November 2009 - 08:08 PM

I just got back from college and thought I would clean up my mothers computer. It seems I have done more damage then good. When the computer boots I receive a error dialog box: logon.exe not recognized. I've had numerous pop ups, and after a brief internet search find the problem to be the dreaded personal guard 2009 virus. So far, I have contacted windows with no solution, HP with no solution, and most recently my virus protection software Bitdefender 2010 and once again no solution. Any help or general directional guidance would be most appreciated.

Regards,
Hudson

BC AdBot (Login to Remove)

 


#2 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:12:08 AM

Posted 20 November 2009 - 08:49 PM

Here's what I was able to find. The process Windows Logon UI belongs to the software Microsoft Windows Operating System or logonui.exe. Some malware camouflage themselves as logonui.exe, particularly if they are located in c:\windows or c:\windows\system32 folder.

If logonui.exe is located in the folder C:\Windows then the security rating is 72% dangerous. File size is 59,904 bytes. Program has no file description. The program is not visible. File logonui.exe is located in the Windows folder, but it is not a Windows core file. File logonui.exe is not a Windows core file.

If logonui.exe is located in a subfolder of "C:\Program Files" then the security rating is 64% dangerous. File size is 71,168 bytes. The application has no file description. The program is not visible. The application starts when Windows starts (see Registry key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). logonui.exe is not a Windows system file. logonui.exe is able to monitor applications.

All of the information I found points to malware. Are you able to log in in safemode?
DJ Digital Gem

I gave up on computers and now I just DJ!

#3 Myrick85

Myrick85
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 20 November 2009 - 09:01 PM

Thanks for the information. I'm not able to boot in safemode. I suspected malware from my brief internet research.

#4 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:12:08 AM

Posted 21 November 2009 - 01:22 PM

Well there are a couple of ways you can go with this. First, you can pull the drive and slave it on another known working computer. From there you can scan the drive with MBAM and SUPERAntiSpyware. I would even run a virus scan on it as well.

The slightly less invasive, but possibly not as reliable, thing that can be done is running a bootable virus scan. I did a search of DOS based malware/spyware scanners and found some that updated fairly frequently.

A-Squared Free
F-Secure Bootable
Avira Antivir Rescue System --> rated one of the best!
BitDefender Rescue CD

Each of these would need to burned to a CD as a bootable .iso file. If you aren't sure how to make a .iso file or how to burn one let me know and i'll give you some instructions. Once burned, insert the CD in the CD drive of the infected computer and boot from the CD.
DJ Digital Gem

I gave up on computers and now I just DJ!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users