Trojan found in winlogon.exe

Assistance with AVG Anti-Malware, legacy ewido and AVG Anti-Spyware applications

Moderator: Moderators

Trojan found in winlogon.exe

Postby rashul775 » Tue Jul 21, 2009 5:46 pm

AVG 8.5.392 detected a "Trojan horse PSW.Agent.ABKU" located at C:\Windows\system32\winlogon.exe
It was moved to the Virus Vault where it is marked as "white-listed." I was hesitant to delete it because winlogon.exe is an essential file.

Performing the "sfc /scannow" command seems to have worked; a scan shows winlogon.exe to be clean now. However, a winlogon.exe.tmp file has been created, presumably the corrupted winlogon.exe file that was replaced by sfc, and a scan of it still reveals the trojan. Interestingly, scanning the system32 directory doesn't reveal any trojan warnings about winlogon.exe.tmp. I've also noticed a strange side effect: any scrolling on firefox or other application now stutters - is this an effect of the trojan? Any idea for the next move?
rashul775
AVG Wannabee
 
Posts: 3
Joined: Tue Jul 21, 2009 5:43 pm

Advertisement

Re: Trojan found in winlogon.exe

Postby sc123 » Tue Jul 21, 2009 8:47 pm

Winlogon.exe doesn't have anything to do with Firefox. You should run a scan with MBAM: http://www.malwarebytes.org/mbam.php
Regards,
SC123 - Founder, http://www.AVGForums.com
-------------------------------------------------------
Complete uninstall/reinstall method | Other tools to try | Search the forums!
User avatar
sc123
Forum Administrator
 
Posts: 2095
Joined: Tue Jul 24, 2007 3:50 pm
Location: Virginia, USA

Re: Trojan found in winlogon.exe

Postby rashul775 » Wed Jul 22, 2009 4:19 pm

I scanned with Malwarebytes and it found a few infected registry keys. The stuttering problem while scrolling continues though. But more importantly, what do I do with that infected winlogon.exe.tmp file? Strangely, it isn't detected by AVG unless I specifically tell it to scan the file, and I can't delete it using Windows Explorer.
rashul775
AVG Wannabee
 
Posts: 3
Joined: Tue Jul 21, 2009 5:43 pm

Re: Trojan found in winlogon.exe

Postby sc123 » Wed Jul 22, 2009 6:06 pm

Do you have an option to heal it when you scan it?
Regards,
SC123 - Founder, http://www.AVGForums.com
-------------------------------------------------------
Complete uninstall/reinstall method | Other tools to try | Search the forums!
User avatar
sc123
Forum Administrator
 
Posts: 2095
Joined: Tue Jul 24, 2007 3:50 pm
Location: Virginia, USA

Re: Trojan found in winlogon.exe

Postby rashul775 » Wed Jul 22, 2009 8:35 pm

OK, AVG was able to heal it. It seems like I've gotten rid of the trojan completely now. Regarding the stuttering when scrolling, I found out my video card drivers were somehow messed up and I'll have to reinstall them. Was this a possible effect of the trojan or just a coincidence? It seems strange to me how infecting winlogon.exe would affect drivers.
rashul775
AVG Wannabee
 
Posts: 3
Joined: Tue Jul 21, 2009 5:43 pm

Re: Trojan found in winlogon.exe

Postby sc123 » Wed Jul 22, 2009 10:42 pm

Anything is possible, but like you I doubt it.
Regards,
SC123 - Founder, http://www.AVGForums.com
-------------------------------------------------------
Complete uninstall/reinstall method | Other tools to try | Search the forums!
User avatar
sc123
Forum Administrator
 
Posts: 2095
Joined: Tue Jul 24, 2007 3:50 pm
Location: Virginia, USA

Re: Trojan found in winlogon.exe

Postby sc123 » Thu Jun 17, 2010 9:42 am

alshidaa wrote:How do I get rid of a trojan virus and fix my network card? I received a trojan virus and it screwed up my computer. It also said that my network card is not working properly. Now, when I turn on my computer it doesn't do anything it just shows my desktop background. I don't get my start button toolbar or my desktop icons. It will not allow me to do anything. Can someone please give me some suggestions on how I can fix my desktop computer.


Start a new thread in an appropriate sub-forum, specify what virus you're having issues with and provide more details about your computer.
Regards,
SC123 - Founder, http://www.AVGForums.com
-------------------------------------------------------
Complete uninstall/reinstall method | Other tools to try | Search the forums!
User avatar
sc123
Forum Administrator
 
Posts: 2095
Joined: Tue Jul 24, 2007 3:50 pm
Location: Virginia, USA


Return to AVG Anti-Malware

Who is online

Users browsing this forum: No registered users and 1 guest