Vista 2012 Rogue Antivirus: Malware

Samuel

[OP]
Regulars
Nov 7, 2010
6,337
189
Delhi/NCR
Situation: Computer is infected with this malware and is running operating system Vista.

-Unable to start any program or install any executable file.

-Computer is connected to the network, still unable to browse.

-Tried to connect to the internet using safe mode with networking, failed.

-Created a new profile, still cannot connect to the internet.

Tried to reset internet explorer to default settings.

-Restarted the computer. After logging in, the computer shuts down.

-Tried to log in using some other profile/user account, just a white screen appears and nothing happens.

Aim: is to connect to the internet and install an executable file, how can we do it?
 

Samuel

[OP]
Regulars
Nov 7, 2010
6,337
189
Delhi/NCR
Anything that has to be done, can be only done on the same computer :D..thats the aim, to get the computer working in a state that enables us to connect to the internet and install an executable file.
 


Sushubh

Administrator
Oct 29, 2004
418,241
13,004
Gurugram
use another machine to make a bootable USB with the ISO mentioned above. boot the infected machine using it and scan?
 

Samuel

[OP]
Regulars
Nov 7, 2010
6,337
189
Delhi/NCR
No another machine is available.Consider the computer user to be a complete noob you are just guiding him over the phone.Your aim is to get remote of his computer by making him perform minimum steps on his computer.
 

neevarp

Regulars
Regulars
Nov 4, 2007
1,503
16
Trivandrum
Are you able to run applications in safe mode? If so, run combofix in safemode. Certain malware may recognize combofix and hence it is better to rename it to something else like iexplore.exe That should fix the PC hopefully.
 


Samuel

[OP]
Regulars
Nov 7, 2010
6,337
189
Delhi/NCR
If you cannot connect to the internet, how can you download a program on the same computer :DThe computer is quite screwed to be honest, the person tries to turn on Mcafee Real time Protection, it disables it.The infections can corrupt the winsock and other services as well.So, what I was thinking is to perform a clean boot to at least get over the shut down shit.And then repairing DHCP and Winsock services :disturbed:...any better ideas?
 

neevarp

Regulars
Regulars
Nov 4, 2007
1,503
16
Trivandrum
Hmm.Yes. The infected PC is down at the moment. I was implying about downloading the fix through some other means (neighbor's / friend's PC) and running it in safemode in this infected machine. :)Combofix usually removes all traces of malware along with doing the necessary repair works.Try this, before opting for the easy way out - i.e. formatting / re-installing ..
 

Samuel

[OP]
Regulars
Nov 7, 2010
6,337
189
Delhi/NCR
PC starts in Safe mode with networking but is unable to connect to the internet.Ipconfig and pings are correct. netsh winsock reset all - It ran successfully but, after power cycle the PC wont boot into the same profile again. Shows the login screen and the moment you select the profile, it will shut down.
 
Thread starter Similar threads Forum Replies Date
Sushubh Deals 0
IBF Movies 0
Sushubh Politics 1
gambit Linux 0
IBF Brands 0

Similar threads