bol - As you know, 'rpg' is the source authority on this stuff, but the ComboFix run in your last computer should have cleared all of your 'Restore Points' and created a new one - AFTER - it was finished running.
One of the quirks of McAfee (in the old days) was that it would keep a report/record of infected files - even after they had been deleted.
Have you physically looked in those folders to see if the files actually exist? As you know, some folders in XP may have to be viewed through some kind of LINUX-type boot disk.
If they files are truly gone, you can clear your McAfee log files and get rid of the 'false positive' messages.
Also - is this your computer?
Is the user accessing files from a remote source (external device or network share)?
Is the user using an account on the Internet that has 'Admin' privs?
Post back when you can, I'll hold the fort until the A Team checks in.
Vic
Main Topics
Browse All Topics





by: awawadaPosted on 2009-07-01 at 10:12:01ID: 24756305
try to remove with: om/actives can defender.c om/scanne r /online/f r ee.html _EMEA/secu rity/secur ity-lab/to ols- and-se rvices/onl ine-scanne r/ ecurity.sy mantec.c om /sscv6/h om e.asp?la ng id=ie& ve ni d=sym&cl os e_parent =t rue housecall. trendmicr o .com/ //www.kasp ersky.com/ v irusscann e r ome.mcafee .com/Dow nl oads/Fre eS can.aspx ?c tst=1 //www.eset .com/onlin e scan/ ://onecare .live.com/ si te/en-us /d efault.h tm
http://www.pandasecurity.c
www.bit
http://www.f-secure.com/en
http://s
http://
http:
http://h
http:
http