Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

General question: How to kill a O20?

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 5 posts
Perhaps someone can tell me in general what to do, when a malicious dll is being started in winlogon...

It seems to me it can be impossible to remove?

You can't delete it, since it is running in winlogon.
You can't kill winlogon, since it crashes windows XP.
You can't tag it for delete on boot(with killbox), since it controls the registry, and can remove the "PendingRename..." entrys instantly.
You can't remove it from the registry because it just puts it self back in.
You might not even be able to delete it from the disk after using a set of bootdisks, since it just might rename itself on exit from windows, and renaming it self back to its "online-name" when it has been started.

I just don't see how it can be killed, if its malicious enough... Anyone?

This must be a serious flaw in Windows XP, and Microsoft should make an util to unregister dll's from winlogon.

duplicate post. Topic closed.

Edited by coachwife6, 30 April 2005 - 10:07 PM.

  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP