Re: Windows Police Pro

The problem for me isnt the office - its the remote users that I have no control over. And yep, its unfortunately a situation where these people have admin privs, and there isnt anything I can do about it at the moment. Lots of culture/change need to take place at my shop, and its a very slow-goi

RE: Windows Police Pro

Uhm, don't you guys use opendns? This solves a lot of these problems FWIW Once you get it of course its too late, but a decent a/v on the email and opendns and your more likely to catch swine flu from the keyboard J ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

Re: Windows Police Pro

*Isn't* ntoskrnl.exe a virus? :-) 2009/9/4 Ben Scott : > On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola > Jr wrote: >> If you havent heard of it already, start Googling it. > > Got a link to decent tech info with, e.g., infection vectors and > attack mechanisms? All I find is removal instruct

RE: Windows Police Pro

ndlers\ShimLayer Property Page] @="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" [HKEY_CLASSES_ROOT\regfile] @="Registration Entries" "EditFlags"=dword:0010 "BrowserFlags"=dword:0008 -- Mike Gill -Original Message- From: Tim Evans [mailto:t

RE: Windows Police Pro

recipient, please contact the sender by reply e-mail and destroy all copies of the original message immediately. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Friday, September 04, 2009 12:49 PM To: NT System Admin Issues Subject: RE: Windows Police Pro Thanks for the FYI, Been st

Re: Windows Police Pro

Looks like its the same family as XP Antivirus 2008...antispyware 2009 etc etc on and on.. - Original Message - From: "Steven M. Caesare" To: "NT System Admin Issues" Sent: Friday, September 04, 2009 12:48 PM Subject: RE: Windows Police Pro I have too, I be

RE: Windows Police Pro

I have too, I believe. Screen almost got some users to click on it. -sc > -Original Message- > From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] > Sent: Friday, September 04, 2009 11:22 AM > To: NT System Admin Issues > Subject: Windows Police Pro > > If you havent heard of it

RE: Windows Police Pro

: paul chinnery [mailto:pdw1...@hotmail.com] Sent: Friday, September 04, 2009 12:29 PM To: NT System Admin Issues Subject: RE: Windows Police Pro I had one pc infected with it. I could clean most of it but could never get back Task Mgr. Since she had a spare machine to use, I took it back to my

RE: Windows Police Pro

nally reformated and gave it back to her yesterday. To: ntsysadmin@lyris.sunbelt-software.com Subject: Re: Windows Police Pro From: richardmccl...@aspca.org Date: Fri, 4 Sep 2009 10:47:42 -0500 Well, this would not have worked with the rooted machine I came across a couple of weeks ago. Any of the va

Re: Windows Police Pro

ail.com] > Sent: Friday, September 04, 2009 8:33 AM > To: NT System Admin Issues > Subject: Re: Windows Police Pro > > On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola > Jr wrote: > > If you havent heard of it already, start Googling it. > > Got a link to decent

RE: Windows Police Pro

Sans has a decent write up of what it does: http://isc.sans.org/diary.html?storyid=7066 -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, September 04, 2009 8:33 AM To: NT System Admin Issues Subject: Re: Windows Police Pro On Fri, Sep 4, 2009 at 11:21 AM

Re: Windows Police Pro

If it were mine, I would have... It was a "white box" built by her son a hundred miles or so out of town. Once I got it apparently functional, I told her to have him deal with it. PS - related to another thread, "STFU" is not an invocation of our beloved Stu containing a typo. It is a plea to

Re: Windows Police Pro

The first mistake with any infection is to try and boot from the HDD (safe mode or not) and perform repairs. Any malware worth its miserable salt will see that eventuality. Boot from a CD/DVD with some reputable tools thereon. My preference being ERD Commander with several malware scanners, Autoru

Re: Windows Police Pro

If it was rooted why repair? Sorry I just don't understand but then I so far have been able to get all of my garage clients but one to allow me to fdisk the system and rebuild. The one that would not I walked away from. I just was not going to give him false hopes that it was not hiding other th

Re: Windows Police Pro

Just reading this makes me cringe. Why not wipe and rebuild? Data's relatively easy to extract from an infected machine with an extrenal HD and booting with the UBCD4Windows. I could never trust a machine that's been owned so thoroughly. On Fri, Sep 4, 2009 at 11:47 AM, wrote: > > Well, this w

Re: Windows Police Pro

Well, this would not have worked with the rooted machine I came across a couple of weeks ago. Any of the various ways to access TaskManager were denied. Hitting the power button, then tapping F-8 to try to get into SafeMode would not work - numerous attempts ended up with "regular mode" XP ru

Re: Windows Police Pro

Of course, shortly after sending this I come across something decent on page 7 of my most recent Google search. This one looks good, walks through a Malwarebytes-based cleaning, and covers things that I haven't seen in any other "guides" I have come across: http://www.geekpolice.net/malware-r

Re: Windows Police Pro

On Fri, Sep 4, 2009 at 11:21 AM, Micheal Espinola Jr wrote: > If you havent heard of it already, start Googling it. Got a link to decent tech info with, e.g., infection vectors and attack mechanisms? All I find is removal instructions and the usual mass confusion in online forums (the same kind