Evan and all,
I came in on this thread at the end and all of the advise so far has
been good. I'll add two quotes from a security class I took some time back:
"Once bad people have run code on your machine, you no longer own it,
"Once there is malware on your machine, you can never be sure you have
removed it all. How can you ever be sure?"
The best advice was to reinstall. I would wipe the hard disk with
Darik's Boot 'n Nuke so even the partition table and MBR are wiped clean
and then reinstall to what the computer believes is a brand new hard drive.
Evan, your ego will be hurt far more when you declare the machine clean
and this crap reinstalls itself. Bite the bullet now and give the guy a
truly clean machine, with all patches applied and a completely up to
date AV. When you reinstall, download XP SP3 to another machine so you
can apply it before you connect to the Internet and then make the first
connection be Windows Update.
Kelly D. Leavitt wrote: