Thanks for the FYI,
Been stuck in NPP Memory issues with an Oracle Cluster for the last 4 days.... Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 ________________________________ From: paul chinnery [mailto:[email protected]] Sent: Friday, September 04, 2009 12:29 PM To: NT System Admin Issues Subject: RE: Windows Police Pro I had one pc infected with it. I could clean most of it but could never get back Task Mgr. Since she had a spare machine to use, I took it back to my office to work on it. I tried a lot of different tricks I've learned through the years but never got that functionality back. I finally reformated and gave it back to her yesterday. ________________________________ To: [email protected] Subject: Re: Windows Police Pro From: [email protected] Date: Fri, 4 Sep 2009 10:47:42 -0500 Well, this would not have worked with the rooted machine I came across a couple of weeks ago. Any of the various ways to access TaskManager were denied. Hitting the power button, then tapping F-8 to try to get into SafeMode would not work - numerous attempts ended up with "regular mode" XP running. The infected profile, a local admin on XP Home, did let me create a new administrator user. That new user was able to install MalwareBytes from a CD - no way to download anything with that root kit running! - and run it. Then this new user could finish running the assorted clean-up tools. -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 [email protected] P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org <http://www.aspca.org/> The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. Micheal Espinola Jr <[email protected]> wrote on 09/04/2009 10:37:45 AM: > Of course, shortly after sending this I come across something decent > on page 7 of my most recent Google search. This one looks good, walks > through a Malwarebytes-based cleaning, and covers things that I > haven't seen in any other "guides" I have come across: > > http://www.geekpolice.net/malware-removal-guides-f12/remove- > windows-police-pro-removal-guide-t13546.htm > > However, I dont think it will work in all circumstances of a WPP > infection (particularly if the registry is corrupted and .exe's can be > run), but its worth a try. Even the Microsoft forum discussions on > this malware are useless. > > But of course, I say this one "looks good", since I havent had the > opportunity to try it yet. But I suspect I will very soon. > > -- > ME2 > > > > On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola > Jr<[email protected]> wrote: > > If you havent heard of it already, start Googling it. Its the next > > big thing that you will be re-imaging infected systems for. > > > > I've seen it twice now, and its very messy. > > > > -- > > ME2 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ________________________________ With Windows Live, you can organize, edit, and share your photos. Click here. <http://www.windowslive.com/Desktop/PhotoGallery> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
