Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.
Annoying file in startup
Name: djwolf Date: December 24, 2003 at 15:06:45 Pacific OS: XP CPU/Ram: 512mb
Comment:
While browsing the net earlier my IE crashed so I had to shut down. On boot-up I found that 2 files were added to my startup folder, 1 called MSupdate.exe and the other called winlogon.exe. I managed to delete the first file but can't delete the second because there is a critical system file which shares the same name. The file appears to automatically add url's to my favourites and changes my home page on startup. Anyone know how I can remove this annoying file? Thanks.
Go here and download TDS-3 then go and get the latest Radius File and make sure you follow the directions for updating TDS-3
Once TDS-3 is installed, reboot, copy and paste the radius file into the proper directory then perform a full system scan.
KTTD
0
Response Number 2
Name: djwolf Date: December 24, 2003 at 16:06:46 Pacific
Reply:
TDS-3 managed to find the original file in the temporary internet files folder but the winlogon.exe file is still not being picked up. Any other ideas?
At least I know you do not have a major trojan on your system. A couple more things to try. I would go to House Calls first and then take these steps Read Me but make sure you update both products before using them. If all else fails feel free to post a Hijackthis log file but only on the Security/Virus Forum.
Best of luck,
KTTD
0
Response Number 4
Name: sxshep Date: December 24, 2003 at 16:23:15 Pacific
Reply:
dj
It could be somewhere like this
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe
Do a search for files and folders "winlogon". There should be one in System32, that is valid and necessary, do not delete. The one mentioned above can go.
shep
0
Response Number 5
Name: djwolf Date: December 24, 2003 at 16:36:00 Pacific
Reply:
I'll try that KTTD, thanks. The main problem is that the file is running in the background and therefore 'in use', it cannot be ended because Windows sees it as a system file. Could I try deleting in DOS or is that not a good idea?
Winlogin.exe is one of the two main core files that XP uses. It is a required system file for XP to run. This is why you are having issues removing it.
Best bet is to drop a Hijackthis log on the Security/Virus Forum. You can find the link to it in my "read me" link I gave to you.
Just state in the post I told you to post it.
KTTD
0
Response Number 7
Name: thaIvan Date: December 26, 2003 at 15:23:23 Pacific
Reply:
Hi,
I had the very same problem with the wilogon.exe that I was unable to remove. I had as you two instances of winlogon.exe running which is not normal. One was running under system privileges and the other one under "my account" privilege. The one running under "my account" privilege was poping up porno web sites and was also changing my Internet Explorer homepage.
The solution :
1. Boot XP in safe mode with command prompt.
2. Go to the directory C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Summary: When i checked startup today there is a file in there called system32:ezyxxd the command line for this file is rundll32 C:\windows\system32:ezyxxd.dll,Init 1 The problem is this has never been there b...
Summary: I am not sure if it is the computer or not, but when I am in safe mode, I cannot run an executable file. My computer freezes during normal startup so I am trying to run the file in safe mode. It is t...
Summary: Hi, I have desktop.ini file in my startup folder which contains the following; [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787 I'm not sure if it was there before, in...
