"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in
news:sjcrh.1689$AG6.159@trnddc06:

> From: "Lil' Abner" <blvstk@dogpatch.com>
>
>| Ran across one yesterday; forgot to write it down, but it started
>| with "P". All kinds of Spanish popups and browser was hijacked.
>| But the interesting thing was that it had created a new passworded
>| user account called "Administrare". While the "owner" account still
>| had administrative priviledges, it still wouldn't allow task manager
>| and other administrative functions to run.
>| I managed to delete the phony account in Safe Mode. Then between SAS
>| and Spybot S&D I managed to get rid of it.
>| It (a laptop) was loaded with other stuff too, but it all cleaned up
>| nicely. Not sure where he got it but I noticed in his history he had
>| been to a multitude of penis enlargement sites.
>| Had a notion to ask him about that, but I don't know him that well
>| :-).
>|
>
> Too bad you didn't grab samples. :-(

Yeah, I wish I had it back here now. I imagine that Spybot S&D has it in
its logfile.

--
--- A dyslexic man walks into a bra ---