0

I'm currently fixing the computer of a family member who just fell for the "I'm from Microsoft and let me take control of your computer please" phone scam. The computer is an old Core 2 Duo running on Windows XP.

I already removed pretty much all of the nasty stuff (AdWares, remote control applications etc.) but there's one thing I can't get rid of.

When booting, the computer looks clean for some time, a few minutes to an hour, then out of nowhere, a bridge connection appears in the bottom right taskbar. It just says "Internet Connection". Whenever I click on it to see the status window, I see it for a split second and it disappears. Also, I just can't do anything about it in the Control Panel, everything I try just does nothing. Also, I tried booting in safe mode to see if I could do more, but it doesn't appear, and never pops up (I only see the usual LAN connection).

I ran all kinds of tools on it to scan for threats but so far nothing worked. Is this a case of nuke it from orbit? If not, what could I do to fix it?

Anders
  • 64,406
  • 24
  • 178
  • 215
Samuel Bolduc
  • 103
  • 3
  • 3
    It's XP...RUN!! – Bubble Hacker Jul 11 '16 at 14:57
  • They don't want me to upgrade it :/ also, with only 2GB RAM, anything more recent would be really slow I suppose... – Samuel Bolduc Jul 11 '16 at 15:00
  • 2
    XP has reached its end of life. There won't be any security updates for it anymore. Known vulnerabilities won't get patched. You can fix it today but it will get re-infected tomorrow and there is nothing you can do about it. – Philipp Jul 11 '16 at 15:24
  • Possible duplicate of [Phone call to try and gain access](http://security.stackexchange.com/questions/108430/phone-call-to-try-and-gain-access) – André Borie Jul 11 '16 at 15:37
  • A Core 2 Duo used to be my daily machine for more than a year. Ran Windows 7 just fine with an SSD and 4 GB of RAM. Both of these things aren't that expensive anymore and you should consider upgrading their machine or switching to a more lightweight OS (Linux?). – André Borie Jul 11 '16 at 15:39
  • Linux is a no go since they are really not tech savvy (I know I know it's user friendly and all, but still not what they're used to). For the specs, I don't think they want to invest in it at all since it's really not that important for them. They only have 2GB RAM and a very low performance Core 2 Duo - I'm still going to give Windows 10 a try, but if it's too slow I'll just revert to XP – Samuel Bolduc Jul 11 '16 at 15:54

1 Answers1

6

Yes, it is a case of nuke it from orbit.

The fact that you can not remove this particular piece of visible malware does not matter. Even if you could, there might be loads of malware that you can not see left. No matter how many scans you run or how many hours your spend deleting registry keys you will never know for sure.

It was game over the second your parents fell for the scam. There is nothing to do other than a complete reinstall.

And while you are at it, you might want to consider installing a modern OS. While I understand that your family might not like the change, as Philipp points out in comments, using old software is fundamentally insecure.

Community
  • 1
Anders
  • 64,406
  • 24
  • 178
  • 215