Hello I'm new, I'm only 15-years-old and hope you guys could help
I have a problem with my computer.
For some reason when my computer turns on, and when I login to my account or to any other account, there is a pop up saying something about not being able to find "C:\WINDOWS\system32\ydtrlywft/winlogon.exe"
After checking the folder at "C:\WINDOWS\system32\ydtrlywft" I found only one thing and it was a Configuration Setting called "winlogon". When i open it it automatically opens with the "Notepad.exe".
This problem started to occur when I got a virus from MSN Messenger, a friend of mine got it, and he tried to get rid of it before the virus spread itself, but it was too late, a conversation window opened and it was saying something to like download, and it had reassuring words, that this wasn't a virus, my friend never knew the virus would just open random conversation windows and send the link to contacts. So since he was my friend, I trusted him and downloaded it (I was extremely oblivious from what it really was).
So after downloading the program, I opened the setup and it did everything by itself and then it started spreading the links to my contacts, so then I'm like "Oh ****" and I quickly closed my MSN and started phone everyone that I had in my contacts.
I have "AVG Anti-Virus" and "AVG Anti-Spyware" and they never let me down, I've been using them for at least 3-2 years, and no problem. I did a spyware scan and virus scan, nothing came up from my spyware scan, but a virus was detected from my AVG Anti-Virus.
The next day after I logged on to my account, my AVG Virus detected Virus popped up, and it caught the virus and got rid of it.
A few hours after I found that the virus was in the vault and heres a table of it, and all these infections was because of the Virus.
This is the table in the virus vault, but I made it differently (don't know how to use html that well), hope you can find the what it it [List is according to Date of Detection]
Infected or Healed= Infected
Virus Name= Virus found Hosts
Path= C:\WINDOWS\system32\drivers\etc\hosts
Date of Detection= 5/3/2007, 9:04:10 PM
Filename= hosts
File Size= 2.33KB
Infected or Healed= Infected
Virus Name= Trojan horse Downloader.Agent.KNG
Path= C:\Documents and Settings\gurjeet\Desktop\winit.exe
Date of Detection= 5/4/2007, 9:54:27 PM
Filename= winit.exe
File Size= 12 KB
Infected or Healed= Infected
Virus Name= Trojan horse Downloader.Generic3.ZSK
Path= C:\WINDOWS\system32\ydtrlywft\winlogon.exe
Date of Detection= 5/4/2007, 9:54:49 PM
Filename= winlogon.exe
File Size= 75.5 KB
Infected or Healed= Healed
Virus Name= Virus found Hosts
Path= C:\WINDOWS\system32\drivers\etc\hosts
Date of Detection= 5/5/2007, 11:32:26 AM
Filename= hosts
File Size= 1.61 KB
Infected or Healed= Infected
Virus Name= Trojan horse Downloader.Agent.KNG
Path= C:\WINDOWS\w1.exe
Date of Detection= 5/5/2007, 9:20:44 PM
Filename= w1.exe
File Size= 108.41 KB
So now I have no idea what to do about my winlogon.exe, any ideas, and how am i still able to logon without a logon.exe?
Thanks,
Tranc3r
ps. I know this website because i had a project on the history of computers and i used this site XD. Nice history, got 50/50!
