Pretty sure i have a virus, any suggestions for getting rid of it?

[Vishera]

I use microsoft security essentials for my anti-virus, it's free and seems to get the job done. well, until now that is. in AppData/Roaming/ there is a hidden folder that is labeled System32.ini and in it is a single exe file, WinLogon. the security window that asks if you want to run a program keeps popping up for WinLogon from System32.ini. i assumed it was the service that allows you to log on but i was suspicious, so i checked task manager and winlogon.exe was running according to what i saw. AND just now after another window popped up asking if i wanted to run the program, some sort of installer popped up.i quickly closed both out and scanned the folder with security essentials, but nothing came up. my question is, is it a virus and if security essentials can't detect it how do i get rid of it? also, is it safe to delete this System32.ini folder? it isn't the System32 in the Windows folder, but i did have to choose to show important operating system files and folders to get the .ini folder to show up. if anyone could try and shed some light on the situation i'd appreciate it!

 

[Robert17]

Go to the folder that the suspect file is located in, locate the file, hover your mouse pointer over it, right click, select properties, determine the publisher and other details, go from there.

 

[Vishera]

well properties says it came from another computer. publisher isn't listed, it was created in july of 2006, not sure if that's relevant or not. i'm using windows vista home premium, if that is any help to know

 

[Squadfer]

Have you tried Malwarebytes?

 

[Silver_Pharaoh]

Have you tried Malwarebytes?

1+ Malwarebytes. It's the go-to tool for this.

'Nuff said. Malwarebytes. Get it. Run it. You won't be disappointed.

 

[Ajay57]

Here try this from this site as its where i get most of my programs, its free and clean!!

1, http://www.filehippo.com/download_malwarebytes_anti_malware/

GL from AJ!!

 

[Vishera]

i haven't tried malwarebytes yet, but i'll give it a try. suppose this doesn't work my next option would be....?

 

[Ajay57]

I have used this to checkout Laptops from Friends it seems to kill most things, also it may tell you what it is!!

If not you could be looking at a fresh install and wiping that drive clean, but i would check first with other members about that!!

AJ.

 

[Silver_Pharaoh]

Here try this from this site as its where i get most of my programs, its free and clean!!

1, http://www.filehippo.com/download_malwarebytes_anti_malware/

GL from AJ!!

Why not just link to the Malwarebytes site? http://www.malwarebytes.org/products/malwarebytes_free/

EDIT: Sorry, the new posts didn't show up

 

[Vishera]

it worked, malwarebytes detected it as a trojan and i just deleted it

 

[Silver_Pharaoh]

it worked, malwarebytes detected it as a trojan and i just deleted it

Good, reboot then run Malwarebytes again and if it's clean, update and doa full scan with MSE (security Essentials)

 

[Squadfer]

99 out of 100 times malwarebytes will result in getting the computer clean if the database is up to date. I'm a security analyst and I scan my work computer every night with malwarebytes. Reason why I do this is because some of the incidents I investigate for clients tends to lead me down a path that gets the virus installed on my work comp as I hunt for the root cause for how the virus got installed on the clients network. Also I like to inform the webmasters as well if the virus is still being hosted off of their website or if there is a redirect somewhere on their website that leads to another website hosting the malware. If malwarebytes doesn't work I tend to wipe the HDD and reinstall from a current good backup.

 

[Ajay57]

Well job done, it always worked cleaning up my friends Laptops etc, as they sometimes do not bother with a Anti-Virus Protection.

AJ.

 

[Vishera]

would i be stupid to uninstall security essentials? malwarebytes found 73 malicious objects and security essentials wasn't telling me anything. seems kind of pointless to keep a program that doesn't do the job right

 

[mimart7]

Get TDSSKIller, from here,http://www.bleepingcomputer.com/download/tdsskiller/, install and run.

Also get Combofix from here, http://www.bleepingcomputer.com/download/combofix/

Follow the directions to the letter, when you run combofix. yes, and run Mbam, too.

 

[Squadfer]

The thing with computer security is that there isn't 1 product that does everything. I don't pay for Malwarebytes so I cant say how good the realtime detection is, however the manual scans with a current database (updated right before the scan) malwarebytes shines. MSE shines at being free and decent for real time protection... I've been using MSE for a few years now and it has picked up on a few things. The best defense is to use multiple products since they all tend to pick up on different things...

 

[mimart7]

The thing with computer security is that there isn't 1 product that does everything. I don't pay for Malwarebytes so I cant say how good the realtime detection is, however the manual scans with a current database (updated right before the scan) malwarebytes shines. MSE shines at being free and decent for real time protection... I've been using MSE for a few years now and it has picked up on a few things. The best defense is to use multiple products since they all tend to pick up on different things...

Just don't use 2 anti virus programs.

 

[Vishera]

i know multiple programs can help, i just wasn't sure if one was better than the other in the long run

 

[MechE]

Thanks for the post/links. I needed to do this as well.

 

[Silver_Pharaoh]

Thanks for the post/links. I needed to do this as well.

No problem, that's what the forums are for!