If it were mine, I would have... It was a "white box" built by her son a hundred miles or so out of town. Once I got it apparently functional, I told her to have him deal with it.
PS - related to another thread, "STFU" is not an invocation of our beloved Stu containing a typo. It is a plea to cease-and-desist for that thread! I rely too much on the real, on-topic posts of the person offended; please don't chase him away... Thanks! -- RMc Jonathan Link <[email protected]> wrote on 09/04/2009 10:51:26 AM: > Just reading this makes me cringe. Why not wipe and rebuild? > Data's relatively easy to extract from an infected machine with an > extrenal HD and booting with the UBCD4Windows. > I could never trust a machine that's been owned so thoroughly. > On Fri, Sep 4, 2009 at 11:47 AM, <[email protected]> wrote: > > Well, this would not have worked with the rooted machine I came > across a couple of weeks ago. Any of the various ways to access > TaskManager were denied. Hitting the power button, then tapping F-8 > to try to get into SafeMode would not work - numerous attempts ended > up with "regular mode" XP running. > > The infected profile, a local admin on XP Home, did let me create a > new administrator user. That new user was able to install > MalwareBytes from a CD - no way to download anything with that root > kit running! - and run it. Then this new user could finish running > the assorted clean-up tools. > -- > Richard D. McClary > Systems Administrator, Information Technology Group > > ASPCA® > 1717 S. Philo Rd, Ste 36 > Urbana, IL 61802 > > [email protected] > > P: 217-337-9761 > C: 217-417-1182 > F: 217-337-9761 > www.aspca.org > > The information contained in this e-mail, and any attachments > hereto, is from The American Society for the Prevention of Cruelty to Animals® > (ASPCA®) and is intended only for use by the addressee(s) named > herein and may contain legally privileged and/or confidential > information. If you are not the intended recipient of this e-mail, > you are hereby notified that any dissemination, distribution, > copying or use of the contents of this e-mail, and any attachments > hereto, is strictly prohibited. If you have received this e-mail in > error, please immediately notify me by reply email and permanently > delete the original and any copy of this e-mail and any printout thereof. > > > Micheal Espinola Jr <[email protected]> wrote on 09/04/2009 > 10:37:45 AM: > > > > Of course, shortly after sending this I come across something decent > > on page 7 of my most recent Google search. This one looks good, walks > > through a Malwarebytes-based cleaning, and covers things that I > > haven't seen in any other "guides" I have come across: > > > > http://www.geekpolice.net/malware-removal-guides-f12/remove- > > windows-police-pro-removal-guide-t13546.htm > > > > However, I dont think it will work in all circumstances of a WPP > > infection (particularly if the registry is corrupted and .exe's can be > > run), but its worth a try. Even the Microsoft forum discussions on > > this malware are useless. > > > > But of course, I say this one "looks good", since I havent had the > > opportunity to try it yet. But I suspect I will very soon. > > > > -- > > ME2 > > > > > > > > On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola > > Jr<[email protected]> wrote: > > > If you havent heard of it already, start Googling it. Its the next > > > big thing that you will be re-imaging infected systems for. > > > > > > I've seen it twice now, and its very messy. > > > > > > -- > > > ME2 > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
