[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . ....
Type: Posts; User: spacyway; Keyword(s):
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . ....
Below is the log. I don't have the redirect problem anymore! I didn't remember my atapi.sys being infected before so I don't know what's up with that. Thank you SOO much for all your help with...
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . ....
ComboFix 11-01-14.01 - HP_Administrator 01/14/2011 19:22:03.4.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.583 [GMT -7:00]
Running from: c:\documents and...
DDS (Ver_10-12-12.02) - NTFSx86
Run by HP_Administrator at 17:37:52.46 on Wed 01/12/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional ...
Wow, that's definitely progress! I updated to SP3 and figured it couldn't hurt to run the files at virustotal again and they seem to come up clean now:
Explorer:...
Hi,
I ran the AVG remover.
Here are the new winlogon.exe results from virustotal:...
Thanks, it worked in safe mode, though when it rebooted it went into normal mode. I then got the error 3 times that I got before, but a log was produced. I didn't know if I should redo it and if it...
Thanks. Here are the results of everything you told me to do:
---When following the instructions for dragging the script to the combofix executable, I get a lot of errors. The first one is:
...
Here they are -
For c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe:...
Here are the winlogon.exe results from virustotal:
http://www.virustotal.com/file-scan/report.html?id=7b0b2472947a0112315430713dbbc37a40c70af3b53b55d15f8cf119a9e9d5fc-1294274771
And the...
Thank you. I uninstalled utorrent, and below is my new DDS log. It was too many characters to include the ComboFix log, so I've attached it and also the DDS attach.txt. If it's easier for me to do...
I have had the redirect virus, and AVG was saying winlogon.exe and explorer.exe were infected. It also said "virus found win32/patched". I'm sorry, but I did run combofix (I had not yet read the...