Winlogon.exe (Microsoft Windows Logon Process vs Trojan / Virus)
Winlogon.exe is an integrated process Microsoft in Windows OS and is required for authentication (login / logout) system users or check activation it (the system). Moreover, Winlogon is responsible and protection system the exact delineation Registered users permissions (eg administrator user is full control and ordinary users typically only have access read-only).
Because it is an essential process for Windows, winlogon.exe is the target of many malware that either attaches to it in case of a possible infection or them "borrow" to induce users name in error. Location legitimize this process the system will always C: \ Windows \ System32. If you find this process to another location on hddOr notice that began to consume more resources abnormally, you should perform a thorough scan of the system because, most likely, it is a virus (worm), trojan or adware.
One of the most famous trojans affecting winlogon.exe process is Vundo (Or VirtumondoOr MS Juan) Trojan "available" in many ways, so that they cause infections ranging from benign infection to very severe (in which case formatting and reinstalling the system is the only solution). Some of the symptoms of Vundo infection are:
- advertising popups for fake antivirus
- screensaver Blue Screen of Death
- off Windows Automatic Updates
- off Task Manager, Registry Editor si msconfig
- booting failure in Safe Mode
- Repeated errors explorer.exe
- inaccessibility of sites, the majority of security products
- minimizing the space on hdd
- overwrite or rename dllLinks
- registry modification so as to reactivate every restart or boot
Many other trojans or viruses use names similar to that of winlogon.exe, an example being winIogon.exe (I capitalized instead of it), a process often associated with polymorphic virus Win32.Virut (Unfortunately, it can not be removed only by a complete format and reinstall the system), very common and prevalent in recent years. Therefore will recommend you to all updates, especially anti-virus in time, thus maintaining a high security system.Advertisements