Originally Posted by
jimbouk
Not sure what they do with these machines once they have access? Assume all personal info has been lifted already and they just continue to sniff for more passwords, bank details, etc. Can't imagine it gets put on a botnet or anything like that, and if the hard-drives been encrypted then that's that.
Think one of the last two might be worth a punt - hopefully something obvious that can just be uninstalled.
Was a news article recently about a scammer who dialled the Australian Cyber Crimes unit (I think) which had some details about what was done, see if I can find it.