| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 118097 | 2011-05-19 11:20:00 | ms tools?? LOCK DOWN | notechyet (4479) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1203289 | 2011-05-19 11:20:00 | Hi ALL I did help my partner on her (school) machine establishing a wiki for a class. During this a popup came up to update mse, so I did. Some time later a tool 'ms tools' started running and scanning(suposidly) and then locking down her email client. Also popups at the bottom mentioning threats. Has anyone come accross this? A while ago I inserted a Kaspersky Rescue CD to boot from and run a scan as a first self-help. Any hints would be welcome. Thanks |
notechyet (4479) | ||
| 1203290 | 2011-05-19 11:34:00 | Does it look like this? (www.bleepingcomputer.com) I would run this first, save it to the desktop (download.bleepingcomputer.com) |
Speedy Gonzales (78) | ||
| 1203291 | 2011-05-19 11:40:00 | Does it look like this? (www.bleepingcomputer.com) I would run this first, save it to the desktop (download.bleepingcomputer.com) Speedy Thanks, exactly what's in the first link. Should I just get this file on a usb stick and copy to the desktop and then run? |
notechyet (4479) | ||
| 1203292 | 2011-05-19 11:54:00 | Speedy I have tried once before to go into safe mode but it seems that it wont let me; iit started ok in safe mode though at the end it switched to normal mode. Could that be due to the fact that it is a school machine? I could not run the rskill from the desktop nor could I get the task manager to start up as I wanted to kill the process. |
notechyet (4479) | ||
| 1203293 | 2011-05-19 12:16:00 | Oh the wonders of schools and their attempts to lock down machines, and they still cannot prevent drive by infections.... I've had this sort of thing on my wife's school issued machine. To fix it I nuked the local Administrator account password, which then allows me to log in to Safe Mode as the local Administrator and kill the initial part of the infection. This allows you to login normally as the local Administrator. Then it's Malwarebytes, SpyBot S&D, HijackThis and any other tools you need to run to get rid of these peeksy critters. |
HAL9000 (12736) | ||
| 1203294 | 2011-05-19 12:31:00 | Possible that its because its a school PC. Do you look after them or someone else? If there's IT people there, get them to fix it. It doesnt crash, when you boot normally does it?? It just wont run rkill? | Speedy Gonzales (78) | ||
| 1203295 | 2011-05-19 12:45:00 | Possible that its because its a school PC. Do you look after them or someone else? If there's IT people there, get them to fix it. It doesnt crash, when you boot normally does it?? It just wont run rkill? Speedy I am only helping my partner with working issues and try to stay away from system. No it does not crash though ero is coming on Monday and she needs to have access to all . ATM this bloody thing makes problems. I might try the nuke version. It is win 7. What is the best workaround for this? |
notechyet (4479) | ||
| 1203296 | 2011-05-19 12:46:00 | I hear you Speedy, but in the interests of matrimonial harmony SWMBO demanded that I fix this because she had loads of planning to do and could not wait until the following day. And compared to the monkeys (you know peanuts and all that) the IT Services Company sends she'd be waiting a week for them to reimage the machine (their answer for any little problem!) Heck they can't even get Roaming Profiles to work properly in the teachers laptops. At home SWMBO can't even save things on the laptop because unhooked from the LAN the machines (and it's most of them from the questions I get asked) it creates a temporary profile which gets deleted when the machine is shut down. Apparently this is an easy fix too. |
HAL9000 (12736) | ||
| 1203297 | 2011-05-19 13:04:00 | Speedy I might try the nuke version. It is win 7. What is the best workaround for this? Not sure, but my Ultimate BootDisk or Hirens sorts XP and Vista OK. I'd guess that W7 is supported too at some level. |
HAL9000 (12736) | ||
| 1203298 | 2011-05-19 13:17:00 | Not sure, but my Ultimate BootDisk or Hirens sorts XP and Vista OK. I'd guess that W7 is supported too at some level. Thanks Hal I'm looking forward to a long night. |
notechyet (4479) | ||
| 1 2 | |||||