Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Wednesday 29.4.2026 / 05:13
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - software discussion > total control of windows processes and their trees
Show topics
 
Forums
Forums
Total control of windows processes and their trees
  Jump to:
 
Posted Message
Oddin
Newbie
_ 		11. August 2006 @ 02:50 _ Link to this message    Send private message to this user   
Ok I battled a virus for 4 days while ago and bumbed in to this strange problem that there is couple windows procesesses that you cant really do anything and they are winlogon.exe and explorer.exe. Was really annoying when winlogon was allowing a harmful .dll file to re-open itself inside the process, and that you cannot really close any processes under the winlogon. So anyone know a program that can actually bypass the "protection" and so you could easily shutdown harmful processes under it ? Since it's xp it doesnt have the good old dos, just the command prompt wich opens the the both damn processes (winlogon and explorer)

I've tried couple different programs, but they cant seem to be able to shut down any threads etc.

So if anyone happen to know suitable program fro that purpose would really much appreciate it. Don't mind does it cost or not.

-Oddin
[ + quote]
Advertisement
_ 		__
Noqoilpi
Member
_ 		11. August 2006 @ 03:35 _ Link to this message    Send private message to this user   
Have you booted in safe mode.
[ + quote]
dolphin2
Suspended due to non-functional email address
_ 		12. August 2006 @ 02:41 _ Link to this message    Send private message to this user   
One way you could finish battling the virus is to boot into a Live version of Linux. What you do is boot from the CD and it runs from your RAM without installing anything on your system. Then remove the problems that way as there wouldn't be any Windows processes running.

I would recommend Knoppix for this. One of its' design features is just what I stated above. On the web page it states:

utilities for data recovery and system repairs, even for other operating systems

transparent write access for NTFS partitions (libntfs+fuse)

Here's the link to the Knoppix page:
http://www.knoppix.org/
[ + quote]
[img]http://img209.imageshack.us/img209/9991/7027vv1.jpg [/img]signature by ireland


Read the Forum Rules:http://forums.afterdawn.com/thread_view.cfm/2487
For more help or help now, check out the web chat http://www.adbuddies.org
Please visit: http://forums.afterdawn.com/thread_view.cfm/386611#2324454
Noqoilpi
Member
_ 		12. August 2006 @ 06:20 _ Link to this message    Send private message to this user   
@dolphin2
Nice I will have to put this one in the trick bag.
[ + quote]
dolphin2
Suspended due to non-functional email address
_ 		12. August 2006 @ 12:21 _ Link to this message    Send private message to this user   
Just be sure that you (or the one your advising) knows what their doing. Since it reads and writes NTFS, the wrong file could be removed. That would/could result in more trouble than was started with! As there is no warning such as Windows "file in use" message.
[ + quote]
[img]http://img209.imageshack.us/img209/9991/7027vv1.jpg [/img]signature by ireland


Read the Forum Rules:http://forums.afterdawn.com/thread_view.cfm/2487
For more help or help now, check out the web chat http://www.adbuddies.org
Please visit: http://forums.afterdawn.com/thread_view.cfm/386611#2324454

This message has been edited since posting. Last time this message was edited on 12. August 2006 @ 15:07
orb.fl
Suspended due to non-functional email address
_ 		13. August 2006 @ 04:31 _ Link to this message    Send private message to this user   
There is also a free program called autoruns from sysinternals. All you have to do is launch the program and go to the winlogon tab, uncheck the offending process and reboot. The unchecked process will no longer startup at boot. You can get it here http://www.sysinternals.com/utilities/autoruns.html
[ + quote]
Advertisement
_ 		__
 
_
dolphin2
Suspended due to non-functional email address
_ 		13. August 2006 @ 12:23 _ Link to this message    Send private message to this user   
The problem with using a utility like that is it will NOT shut down necessary Windows files such as winlogon and explorer (the two he/she is having problems with). Without those two, Windows will not start.
Quote:
Autoruns' Hide Signed Microsoft Entries option helps you to zoom in on third-party auto-starting images that have been added to your system ...
According to the web page, it's only good for third-party items.

I stand by my method of removing/replacing Windows system files.
[ + quote]
[img]http://img209.imageshack.us/img209/9991/7027vv1.jpg [/img]signature by ireland


Read the Forum Rules:http://forums.afterdawn.com/thread_view.cfm/2487
For more help or help now, check out the web chat http://www.adbuddies.org
Please visit: http://forums.afterdawn.com/thread_view.cfm/386611#2324454
afterdawn.com > forums > software, operating systems and more > windows - software discussion > total control of windows processes and their trees
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2026 by AfterDawn Ltd.

  IDG TechNetwork