Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winlogin/explorer files infected


  • Please log in to reply
1 reply to this topic

#1 ArcticPrince

ArcticPrince

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 29 December 2010 - 08:21 AM

I have a friend who has what appears to be a virus. Originally he had one of those hijack programs that would not let him do anything unless he bought their "antivirus" program to clean his computer. I was able to get rid of that problem, but then got hit with a redircter problem that I had more trouble with. In the process of getting that under control I enlisted the help of another site, but the help kind of died off. I did run several tests, one of them being combofix. It came back with

c:\windows\system32\winlogon.exe . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

I was asked to go to the MS site and download SP3 for XP, which I did. Here is my last message regarding the problem.

...Tried to download from the webpage and get the download window popup, but it never actually starts the download. Just sits there with the animation of the file going from the spinning globe to the folder, but never downloads. I have left that open for an hour and download progress is still 0%. OK, went back to my place and downloaded the file onto my stick and took it back to the suspect puter. When I tried to install SP3, I get a message "The volume for a file has been externally altered such that the opened file is no longer valid", and I can not copy it over. If I take that same stick back to my computer it copies over just fine....

The last suggestion I received was to reformat...


Is that all that is left to do to help this guy, or are there still some roads untraveled?

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:04:32 PM

Posted 29 December 2010 - 11:35 PM

Hi ArcticPrince.

In the process of getting that under control I enlisted the help of another site, but the help kind of died off.

Could we have a link to that topic so that our team will have a history of what was tried?

are there still some roads untraveled?

Maybe. Do you have a Windows XP disk available?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users