Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 Dannielle


  • Members
  • 1 posts
  • Local time:06:18 PM

Posted 18 August 2011 - 12:35 AM

I don't know what the heck I downloaded, but now there is an additional 'winlogon.exe' in my task manager that isn't being run by the system.

What I know:
Image Name: winlogon.exe ...
Using: 6,168K
Description: AGQPKJEC

When I right click and go to the location it is in AppData/Roaming/Install

There is another winlogon.exe being run by the system and it is in the correct folder. I understand that you should only have one running at any given time. If there is a winlogon.exe that is NOT in the system folder... it means trouble.

What I have tried doing:
Ending the process. It says something about bad things happening etc etc etc system death.
Deleting directly from the folder. Can't because it is running in another program.
System restore. Can't restore to a date when my compute wasn't affected by this thing. The 5 points it gives me are after the event.
Several websites random malware and antivirus programs that people say work against this thing... but no help.
Browsing forums, but so far nothing has been located in this folder. Also, there is no distortion in the name, it is 'winlogon.exe'

It if helps, the icon that it is using is a little speedometer looking thing.

Other maybe useful information?
Property details gave me this: Product Name: WVQSAHRRX
Original Filename: srcozns.exe

I've tried searching these things and found nothing.

Any help would be appreciated.

BC AdBot (Login to Remove)


#2 MR Cracker

MR Cracker

  • Members
  • 22 posts
  • Local time:02:48 AM

Posted 18 August 2011 - 06:45 AM

download and install MBAM after updateing program
scan your all of your hard drives and clear & fix all results
when you done program will give you a log
post it here

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users