The problem for me isnt the office - its the remote users that I have
no control over.
And yep, its unfortunately a situation where these people have admin
privs, and there isnt anything I can do about it at the moment. Lots
of culture/change need to take place at my shop, and its a very
slow-goi
Uhm, don't you guys use opendns? This solves a lot of these problems FWIW
Once you get it of course its too late, but a decent a/v on the email and
opendns and your more likely to catch swine flu from the keyboard J
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
*Isn't* ntoskrnl.exe a virus? :-)
2009/9/4 Ben Scott :
> On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola
> Jr wrote:
>> If you havent heard of it already, start Googling it.
>
> Got a link to decent tech info with, e.g., infection vectors and
> attack mechanisms? All I find is removal instruct
ndlers\ShimLayer Property
Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
[HKEY_CLASSES_ROOT\regfile]
@="Registration Entries"
"EditFlags"=dword:0010
"BrowserFlags"=dword:0008
--
Mike Gill
-Original Message-
From: Tim Evans [mailto:t
recipient, please
contact the sender by reply e-mail and destroy all copies of the
original message immediately.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Friday, September 04, 2009 12:49 PM
To: NT System Admin Issues
Subject: RE: Windows Police Pro
Thanks for the FYI,
Been st
Looks like its the same family as XP Antivirus 2008...antispyware 2009 etc
etc on and on..
- Original Message -
From: "Steven M. Caesare"
To: "NT System Admin Issues"
Sent: Friday, September 04, 2009 12:48 PM
Subject: RE: Windows Police Pro
I have too, I be
I have too, I believe. Screen almost got some users to click on it.
-sc
> -Original Message-
> From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
> Sent: Friday, September 04, 2009 11:22 AM
> To: NT System Admin Issues
> Subject: Windows Police Pro
>
> If you havent heard of it
: paul chinnery [mailto:pdw1...@hotmail.com]
Sent: Friday, September 04, 2009 12:29 PM
To: NT System Admin Issues
Subject: RE: Windows Police Pro
I had one pc infected with it. I could clean most of it but could never
get back Task Mgr. Since she had a spare machine to use, I took it back
to my
nally reformated and gave it back to her yesterday.
To: ntsysadmin@lyris.sunbelt-software.com
Subject: Re: Windows Police Pro
From: richardmccl...@aspca.org
Date: Fri, 4 Sep 2009 10:47:42 -0500
Well, this would not have worked with
the rooted machine I came across a couple of weeks ago. Any of the
va
ail.com]
> Sent: Friday, September 04, 2009 8:33 AM
> To: NT System Admin Issues
> Subject: Re: Windows Police Pro
>
> On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola
> Jr wrote:
> > If you havent heard of it already, start Googling it.
>
> Got a link to decent
Sans has a decent write up of what it does:
http://isc.sans.org/diary.html?storyid=7066
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Friday, September 04, 2009 8:33 AM
To: NT System Admin Issues
Subject: Re: Windows Police Pro
On Fri, Sep 4, 2009 at 11:21 AM
If it were mine, I would have...
It was a "white box" built by her son a hundred miles or so out of town.
Once I got it apparently functional, I told her to have him deal with it.
PS - related to another thread, "STFU" is not an invocation of our beloved
Stu containing a typo. It is a plea to
The first mistake with any infection is to try and boot from the HDD
(safe mode or not) and perform repairs. Any malware worth its miserable
salt will see that eventuality. Boot from a CD/DVD with some reputable
tools thereon. My preference being ERD Commander with several malware
scanners, Autoru
If it was rooted why repair? Sorry I just don't understand but then I so
far have been able to get all of my garage clients but one to allow me to
fdisk the system and rebuild. The one that would not I walked away from. I
just was not going to give him false hopes that it was not hiding other
th
Just reading this makes me cringe. Why not wipe and rebuild? Data's
relatively easy to extract from an infected machine with an extrenal HD and
booting with the UBCD4Windows.
I could never trust a machine that's been owned so thoroughly.
On Fri, Sep 4, 2009 at 11:47 AM, wrote:
>
> Well, this w
Well, this would not have worked with the rooted machine I came across a
couple of weeks ago. Any of the various ways to access TaskManager were
denied. Hitting the power button, then tapping F-8 to try to get into
SafeMode would not work - numerous attempts ended up with "regular mode"
XP ru
Of course, shortly after sending this I come across something decent
on page 7 of my most recent Google search. This one looks good, walks
through a Malwarebytes-based cleaning, and covers things that I
haven't seen in any other "guides" I have come across:
http://www.geekpolice.net/malware-r
On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola
Jr wrote:
> If you havent heard of it already, start Googling it.
Got a link to decent tech info with, e.g., infection vectors and
attack mechanisms? All I find is removal instructions and the usual
mass confusion in online forums (the same kind
18 matches
Mail list logo