Winlogon.exe and Explorer.exe Infected

[scottk15]

Hi,
My wife's netbook has unfortunately been infected by Think Point (I think) and after following all the steps as best as I could (could only boot in safe mode so had to re-re-boot several times) I have completed all of the steps in XP cleaning - I also ran MBR check - log attached.
The original XP is in a hidden partition and I have recovery console now available and tried to fxmbr but with success.
Any suggestion most welcome - Thanks, Scott.

[scottk15]

Second set of logs

[scottk15]

Whoops I forgot to say Please Help and I also had no success with FIXMBR.
Thanks again Scott.

[TimW]

If you can boot into the recovery console, do this:

Once you are back to the C:\Windows> prompt of the Recovery Console, input the below bold font commands one at a time each followed by the enter key.
copy D:\i386\explorer.ex_ explorer.exe
cd system32
copy D:\i386\winlogon.ex_ winlogon.exe
exit
This assumes your cd-rom drive is D:
Reboot and tell me how things are running, while I look at your other logs.

[scottk15]

Hi Tim,

no joy - the result was access denied - however this is an NC10 netbook - c & d are partitions - there is no external drive.
Thanks
Scott

[TimW]

Your message #3 indicated that you tried to run fixboot. This indicated to me you were able to get into the recovery console. Is this not true? Do you have your Windows CD? Is the recovery console installed?

You may need to get an external disc drive to be able to fix this.