Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 -Hybrid


  • Members
  • 2 posts
  • Local time:02:08 AM

Posted 30 March 2006 - 08:52 PM

I somehow received winIogon.exe from some random website. I know that winlogon.exe is a real file that belongs in the windows folder. This file is a fake, and has an "I" instead of the "L". It came with trojans and ad software inside of it. So far, any attempt to remove it has failed. I tried Adaware, HiJackthis, Spybot Search and Destroy, Microsoft Anti-Spyware, Symantic Anti Virus, Spyware Doctor, ewido anti-malware, killbox, and winpfind. None of these will remove it. I googled information about this virus and what i got from it was: It detect's when it is being deleted and automatically takes up 100 mb of memory. Then it gives you a blue screen, forcing you to restart your computer. I opened up my Task Manager and some of the trojans that it has are called "Tueph.exe" and "dknlhi.exe". I also found a folder called "srchasst"(Easily noted as Search Assistant) inside of the windows folder. If i try to delete or end any of these processes or delete the folder, it either automatically comes back or gives me an error message saying that it is in use by another program. The ads and popups i get only happen if i open up a media file or a browser. Can someone please help me?

Edited by -Hybrid, 30 March 2006 - 08:54 PM.

BC AdBot (Login to Remove)


#2 rigel



  • Members
  • 12,944 posts
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:02:08 AM

Posted 30 March 2006 - 11:37 PM

Hi -Hybrid,

I strongly recommend that to follow this post. Start Here

Run through the procedures and post a HJT log. A Team member will review your log and give specific instructions on how to kill the malware affecting your computer. These people are excellent at malware removal.

There may be a delay to answer your post, so be patient. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

Good luck... I wish you well


Edited by rigel, 30 March 2006 - 11:38 PM.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users