PDA

View Full Version : What is winlog.exe?



Colpol
29-08-2009, 11:54 AM
Hi all.

Found this in my startup on my Desktop PC. (Not found on Work laptop)
Searched Google and found heaps, all of it contradictory some say it is a virus and others say leave it there.
Vista on both
Now confused. Can anyone clarify what it is.
If it is bad how do you get rid of it.

Cheers
Colin

Speedy Gonzales
29-08-2009, 12:07 PM
Dont get it confused with winlogon.exe which is a windows file

WHAT folder is it in? It may belong to agobot a worm. There is also a program called Salfeld Personal Security tool. But you would be in a program files folder.

Remove it from startup with ccleaner, then reboot. If there are any other suss entries in startup, delete them too. And if winlog.exe is running now kill it. Scan your system with something

Colpol
29-08-2009, 12:12 PM
Thnks speedy. I know what all other startup entries are.
This file is located in
Users\Admin\App data\Roaming\Microsoft\winlog.exe

Speedy Gonzales
29-08-2009, 12:20 PM
Kill its process, then delete its entry in startup then delete that file. Then reboot. It looks like it does belongs to Agobot. Then reboot. Then scan the whole hdd with whatever AV program. Use something like trojan remover if this is 32 bit, update it then scan. Then select all options under utils

You probably got it if your system isnt up to date, or you use P2P programs. MAKE SURE it is winlog.exe NOT winlogon.exe

Blam
29-08-2009, 01:14 PM
Download and run MBAM and Spyware Terminator. Make sure System Restore is disabled.
http://www.malwarebytes.org/mbam-download.php
http://www.spywareterminator.com/download/download.aspx

Blam

Colpol
29-08-2009, 05:24 PM
Thanks Blam and Speedy.
All good now.

Cheers
Colin