In msconfig, the following entry scares me, as I did not install it:
Insider, command: C:\Program Files\Insider\Insider.exe
As for the Symantec, Norton Ghost is made by Symantec, so that must be why it's running. I shut it down, but presumably it will just return on restart.
Going to begin running Kaspersky now.
C:\Program Files\Insider\Insider.exe <<< http://www.google.com/search?hl=en&q...=Google+Search
I can find anything good about that item. Open the folder and see what is in it. Here are scans you can use if needed:
http://virusscan.jotti.org/
http://www.kaspersky.com/scanforvirus
http://www.virustotal.com/
You can delete that folder if you are sure it is not needed.
Please let me look at an uninstall list:
Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.
(You may edit out Microsoft, Hotfixes, Security Update for Windows XP, Update for Windows XP and Windows XP Hotfix to shorten the list)
If possible I would like to see if Kaspersky indicates that item is bad during the scan.
Thanks
MS-MVP Consumer Security 2007-08-09
Proud Member ASAP
UNITE Member 2006
Hm...I cannot find that Insider folder now (even looking for hidden folders), so the msconfig must have been leftover from something I had installed (ESPN Insider is a possibility).
Uninstall list:
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Photoshop 7.0
Adobe Reader 8
Adobe Shockwave Player
Adobe SVG Viewer 3.0
AIMutation (remove only)
AOL Instant Messenger
ATI Control Panel
ATI Display Driver
BEAT THE MARKET
CDBurnerXP Pro 3
Compaq Presario r4000 User Guides
Conexant AC-Link Audio
Craxtion4
Data Fax SoftModem with SmartCP
DC++ 0.691
Diamond Mind Baseball version 9
D-Link AirPlus Xtreme G Adapter
DMB Encyclopedia 9b patch
DMB Encyclopedia version 9
DMB version 9a patch
DMB version 9b patch
DMB version 9c patch
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
HP Document Viewer 5.3
HP Help and Support
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Integrated Module with Bluetooth wireless technology
HP PSC & OfficeJet 5.3.A
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
InterVideo WinDVD
Ipswitch WS_FTP Professional 2006
ISO Recorder
iTunes
Java(TM) 6 Update 3
JD Secure 3.1
Kaspersky Online Scanner
K-Lite Codec Pack 2.77 Basic
LiveUpdate 3.2 (Symantec Corporation)
Logitech Harmony Remote Software 7
Macromedia Director MX 2004
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Device Emulator version 1.0 - ENU
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005
Microsoft Money 2005
Microsoft Office Converter Pack
Microsoft Office OneNote 2003
Microsoft Office Visio Professional 2003
Microsoft Office XP Professional
Microsoft Script Debugger
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Professional Edition - ENU
Microsoft Works
Mozilla Firefox (2.0.0.11)
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
muvee autoProducer 4.0 - SE
MySQL Server 5.0
NHL 2001
No-IP.com DUC (remove only)
Norton Ghost
Personal License Update Wizard for Windows Media Player
PowerISO
Quick Launch Buttons 5.10 B3
QuickTime
Remote Control USB Driver
ScreenStream
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB943460)
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Spybot - Search & Destroy
SQLite ODBC Driver
Steam(TM)
Synaptics Pointing Device Driver
UltraEdit-32
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
UserGuides
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Hotfix - KB893086
WinRAR archiver
WinSCP 4.0.4
Yahoo! Widgets
ZoneAlarm
Kaspersky to follow.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, December 05, 2007 3:13:33 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/12/2007
Kaspersky Anti-Virus database records: 443261
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 204587
Number of viruses found: 17
Number of infected objects: 42
Number of suspicious objects: 0
Duration of the scan process: 02:47:56
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\muvee Technologies\030625\0102\0310\values Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Aim\ebxzrvsf\spw26yankees\cert8.db Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Aim\ebxzrvsf\spw26yankees\key3.db Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Ipswitch\WS_FTP\Logs\1plus120071205123805_1064.rtf Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Ipswitch\WS_FTP\Logs\1plus120071205123806_1664.rtf Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Ipswitch\WS_FTP\requests.dat Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Ipswitch\WS_FTP\TransferHistory.dat Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\cert8.db Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\history.dat Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\key3.db Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\parent.lock Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Shawn\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\webappsstore.sqlite Object is locked skipped
C:\Documents and Settings\Shawn\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\uz5vavww.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\History\History.IE5\MSHist012007120520071206\index.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temp\Perflib_Perfdata_4f4.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temp\Perflib_Perfdata_b88.dat Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temp\~DFE10B.tmp Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temp\~efa053\~efe2.tmp Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temp\~efb6aa\~efe2.tmp Object is locked skipped
C:\Documents and Settings\Shawn\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Shawn\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Shawn\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\rterek.html Infected: Trojan-Clicker.HTML.IFrame.dn skipped
C:\Program Files\No-IP\DUC - Shawn.log Object is locked skipped
C:\qoobox\Quarantine\C\Documents and Settings\Shawn\My Documents\SKS~1\logonui.exe.vir Infected: Trojan-Downloader.Win32.PurityScan.eu skipped
C:\qoobox\Quarantine\C\Program Files\Common Files\qujav.dll.vir Infected: Trojan.Win32.BHO.ab skipped
C:\qoobox\Quarantine\C\WINDOWS\b104.exe.vir/stream/data0002 Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\qoobox\Quarantine\C\WINDOWS\b104.exe.vir/stream Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\qoobox\Quarantine\C\WINDOWS\b104.exe.vir NSIS: infected - 2 skipped
C:\qoobox\Quarantine\C\WINDOWS\b111.exe.vir Infected: Trojan-Downloader.Win32.Agent.fjv skipped
C:\qoobox\Quarantine\C\WINDOWS\b122.exe.vir Infected: Trojan-Downloader.Win32.Agent.erf skipped
C:\qoobox\Quarantine\C\WINDOWS\b138.exe.vir Infected: Trojan-Downloader.Win32.Agent.cbx skipped
C:\qoobox\Quarantine\C\WINDOWS\b147.exe.vir Infected: Trojan-Downloader.Win32.Agent.fjn skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\a1\rarndrll2.exe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\r2\wr31drs.exe.vir Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\qoobox\Quarantine\C\WINDOWS\tk58.exe.vir Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\tracking.log Object is locked skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP808\A0162373.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP808\A0162374.exe/data0004 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP808\A0162374.exe/data0005 Infected: Trojan-Clicker.HTML.IFrame.dn skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP808\A0162374.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP808\A0162377.exe Infected: Trojan-Downloader.Win32.PurityScan.eu skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP809\A0162649.dll Infected: Trojan.Win32.Pakes.akr skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP811\A0164244.sys Infected: Rootkit.Win32.Agent.mb skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP813\A0165260.dll Infected: Trojan.Win32.Pakes.sv skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165397.exe/stream/data0002 Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165397.exe/stream Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165397.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165398.exe Infected: Trojan-Downloader.Win32.Agent.fjv skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165399.exe Infected: Trojan-Downloader.Win32.Agent.erf skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165400.exe Infected: Trojan-Downloader.Win32.Agent.cbx skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165401.exe Infected: Trojan-Downloader.Win32.Agent.fjn skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165403.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165410.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165412.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP814\A0165414.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP823\change.log Object is locked skipped
C:\VundoFix Backups\rqrppqo.dll.bad Infected: Trojan.Win32.Pakes.sv skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\i.bat Infected: Trojan-Downloader.BAT.Ftp.ca skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\SPWLAPTOP.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\mrofinu1000106.exe Infected: Trojan-Downloader.Win32.Agent.fhv skipped
C:\WINDOWS\mrofinu312.exe Infected: Trojan-Downloader.Win32.Agent.fhv skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{1CFA2616-D664-4DC9-8F9C-4B4042163C27}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\hakbqwxp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\Mz16r\Mz16r2291.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped
C:\WINDOWS\system32\ope9D2.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\WINDOWS\system32\ope9D4.exe/data0006 Infected: Trojan-Downloader.Win32.VB.bqc skipped
C:\WINDOWS\system32\ope9D4.exe NSIS: infected - 1 skipped
C:\WINDOWS\system32\svjhpfru.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_1d0.dat Object is locked skipped
C:\WINDOWS\Temp\ZLT01863.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT0186d.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\xampp\apache\logs\access.log Object is locked skipped
C:\xampp\apache\logs\error.log Object is locked skipped
C:\xampp\apache\logs\sslerror.log Object is locked skipped
C:\xampp\mysql\data\SPWlaptop.err Object is locked skipped
Scan process completed.
Thanks for returning your information and the feedback, Kaspersky should show us anything left as far as malware.
Did you miss this?
(You may edit out Microsoft, Hotfixes, Security Update for Windows XP, Update for Windows XP and Windows XP Hotfix to shorten the list)
My eye are about shot from looking though information I don't need to see.
Uninstall list: <<< I look for malware and security issues, it's a good chance for you to see stuff you no longer need.
I do not know all of your programs, as far as I can see there are no issues there.
KASPERSKY ONLINE SCANNER REPORT Wednesday, December 05, 2007 3:13:33 PM
Number of infected objects: 42
Delete the files and folder in red
C:\Program Files\Common Files\rterek.html
C:\WINDOWS\i.bat
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\mrofinu312.exe
C:\WINDOWS\system32\hakbqwxp.exe
C:\WINDOWS\system32\Mz16r\
C:\WINDOWS\system32\ope9D2.exe
C:\WINDOWS\system32\ope9D4.exe
C:\WINDOWS\system32\svjhpfru.exe
If you have any problems, boot to safe mode and remove them or use this tool:
How to use the Delete on Reboot tool http://www.bleepingcomputer.com/tuto...42.html#delreb
C:\qoobox\Quarantine\ <<< delete that folder
C:\VundoFix Backups\ <<< delete that folder
Once you get successfully to this point, restart your computer and clean the System Restore files:
MANUAL INSTRUCTIONS FOR SYSTEM RESTORE
Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Reboot
Turn ON System Restore,
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
Run a new Kaspersky scan to see if we got it all, do not post a clean scan resport.
Thanks
MS-MVP Consumer Security 2007-08-09
Proud Member ASAP
UNITE Member 2006
Sorry, I saw "may" and figured better to leave it in just in case.Originally Posted by pskelley
Was able to delete all those files/folders and Kaspersky came up clean!
Is there anything else? If not, thank you VERY MUCH for your time, effort and help.
Shawn
Sounds good, how about having Happy Holidays
http://www.microsoft.com/windowsxp/u...s/mcgill1.mspx
Some good information for you:
http://users.telenet.be/bluepatchy/m...wcomputer.html
Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/m...revention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml
Thanks...Phil
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
MS-MVP Consumer Security 2007-08-09
Proud Member ASAP
UNITE Member 2006
Thanks very much Phil.
Shawn
Posting Permissions
