su root
08-13-03, 11:03 PM
A client of mine brought me a box. He thinks it has a virus. It has many symptoms:
-Virus scanner won't run (norton)
-No activeX will work (windows update, trendmicro's free scanner)
-Doesn't trust any certificates (can't install drivers, can't reinstall IE6, can't use any hotfixes, or service packs [doesn't trust microsoft logo certificates / complains that cryptographic sercie is not running (it is) / complains that it can't verify the integrity & refuses to install] )
I'm about this far away: | <----> | from formatting it. It's an XP home box, the box wasn't taken care of well... i pulled over 500 pieces of spyware out of it. System recovery gives me errors, and I figure if I'm going to install it again, I'd rather flat out format it than reinstall. Doesn't look like there's much on there that they need saved (gotta call them).
Scanned for viruses-- there was one, but it was a "spread through MSN" kind of virus, didnt' look like it had actually had a chance to infect the system.
Anyone run into this kind of thing before?
-Virus scanner won't run (norton)
-No activeX will work (windows update, trendmicro's free scanner)
-Doesn't trust any certificates (can't install drivers, can't reinstall IE6, can't use any hotfixes, or service packs [doesn't trust microsoft logo certificates / complains that cryptographic sercie is not running (it is) / complains that it can't verify the integrity & refuses to install] )
I'm about this far away: | <----> | from formatting it. It's an XP home box, the box wasn't taken care of well... i pulled over 500 pieces of spyware out of it. System recovery gives me errors, and I figure if I'm going to install it again, I'd rather flat out format it than reinstall. Doesn't look like there's much on there that they need saved (gotta call them).
Scanned for viruses-- there was one, but it was a "spread through MSN" kind of virus, didnt' look like it had actually had a chance to infect the system.
Anyone run into this kind of thing before?