Jump to content

Preventing return of Winlogui

Recommended Posts


Both Desktop and Laptop (Surface Pro - really bad, don't buy Microsoft devices!) have been infected with winlogui trojan/bitcoin miner. The trojan kept coming back, revealing some king of back door or flaw allowing re-infection after cleanup.

The infection may be related to browser account information and sharing it across devices may be an issue...

This device should be clean. The system was reinstalled after infection and nothing have been spotted by Malwarebytes since. Yet, my browser was connected to my account and sharing information, so would appreciate your help to check if some process/information is opening doors for re-infection. I attach FRST and Addition files.


PS: Malwarebytes actually spot one suspicious registry entry, but it is a known entry I have manually created.

FRST.txt Addition.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

Your logs are clean of malware.

Check the Sync with Firefox as you did in the other topic I helped you with.

Hope it helps.

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.



Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.