Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Will a recovery disk wipe my hijacked pc completely?

27 Dec 2010   #11
Ivan the SoSo

windows 10 pro 64 bit

After erecovery....Use malwarebytes and MSE scans to make sure your computer is clean... some of those problems can write themselves into the recovery partition

My System SpecsSystem Spec
27 Dec 2010   #12

Windows 7 Prof 64bit

Hi Mike ... Sorry if i'm asking dumb questions but is there no chance of the recovery files being corrupted by the hijackers?

I need to be 100% sure they will not be able to access remotly when i blitz and reinstall the Win & preload.
My System SpecsSystem Spec
27 Dec 2010   #13
Microsoft MVP

Windows 7 Ult. x64

Hi McScooter,

Sorry to hear about your misfortune - you have definately come to the right place to get it fixed.

Mike is correct : run Option 1. The default factory setting will wipe all existing data from the partition, and then "reinstall" everything back to the partition that was current the day you bought the laptop. Since this pre-dates the trouble you had, it is unlikely that there will then be traces of the “letmein123” on the system.

However, Ivan has a good point : in the case of complex dialers/keyloggers it is possible that the recovery partition may have been infected. As Ivan suggested, you should scan the laptop once you have recovered from the factory settings. To do this please follow these steps:

1. Download and install MSE here - run a FULL scan
2. Also, as an added layer of protection, run this online virus scanner here Free ESET Online Antivirus Scanner
3. Download and install MBAM here Malwarebytes - run both the FLASH, and the FULL scan

Please ensure the virus/malware database are up to date before running the scans (there will be an option in MSE and MBAM to update to the latest definitions).

Please post back here once you have recovered to factory settings and performed those scan. There is one other security check I would like you to run after you have been able to recover and scan.


EDIT : Also perform these same scans on any backup devices (external USB drives for example) once you get to the point where you want to attach them to your laptop again.
My System SpecsSystem Spec

27 Dec 2010   #14


Yes there is a possibility the Recovery Partition itself is corrupted, but the factory bloatware itself is another form of corruption which slows Win7 from being the feather light instantaneous OS it is.

Here are suggested steps to getting a purrfect clean reinstall without the factory bloatware - allowing you to wipe the entire HD with zeroes to overwrite all factory code, corruption and infection: re-install windows 7

If you need more time to find a clean installer and want to proceed with the Factory Recovery for now, here are tips to tame the bloatware until you can get completely clean: HP laptop has used up all four primary partitions

You can also ask Acer Tech Support for a clean copy Win7 Installation DVD as they are actually required under their agreement with MS to provide one but find ways to avoid it so they can enforce the sponsored bloatware which provides their profit margin. Some have reported success by asking, however. If they take a hard line, then don't tell them if you clean reinstall so you can continue getting tech support.
My System SpecsSystem Spec
27 Dec 2010   #15

Windows 7 Prof 64bit

Hi Golden .... I've ran all the scans and the good news is nothing has appeared ... So, what next please?
My System SpecsSystem Spec
27 Dec 2010   #16
Microsoft MVP

Windows 7 Ult. x64


Please remember that you need to make the worst assumption that every USB device (external drives, thumb drives, sticks etc.) plugged into the PC are potentially also infected and should be also scanned with the same rigour as the PC. Likewise, if you had other laptops/PC's connected to the same network.

The last test I would like you to run is a vulnerability check to intrusion on the ports of your router. To do this, please follow these steps:

1. Open this web page
2. Select Proceed
3. Select All Service Ports

The site will now check whether you have any open ports on the router that can be used to gain access to your system. If you get the results as shown in the image, your system is locked down tight, which is the way you want it.

The last thing I think we should do, is ask one of the security experts here to have a look at my suggestions to make sure we haven't missed anything - I'll ask if anyone is available to do that for you.

Please keep the following up and running at all times:
1. Windows Firewall
2. MSE
3. MBAM (consider a purchase to have it resident in memory and auto updating)


Attached Thumbnails
Will a recovery disk wipe my hijacked pc completely?-capture2.png  
My System SpecsSystem Spec
27 Dec 2010   #17
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit

I have had HP computers in the past with recovery. I never had anything enter the recovery section.
99.9% safe.

Turn on Windows Firewall and download MSE. That will give you active protection
Then a run of Malwarebytes etc. when done installing is a good idea just for peace of mind if nothing else.

Golden's above posting is right in ext HD or Flash drive being infected is highly likely.

My System SpecsSystem Spec
27 Dec 2010   #18

Windows 7 Prof 64bit

Hi Golden ... So i ran the app and all ports were found to be in stealth mode .. Good.
However Trustealth failed as a ping reply was received back. IS that an issue i should worry about.

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,

Rgds ,,, Stuart
My System SpecsSystem Spec
27 Dec 2010   #19
Microsoft MVP

Windows 7 Ult. x64

Hi Stuart,

No, I don't think its a big issue, but I wouldn't mind a second opinion on that.

Am I right in saying you got your router from your ISP (or maybe they helped you set it up)? They leave these ports open so they can ping your router when you ring them for support. I close mine entirely so that I don't even seem to exist - its the equivalent of removing your telephone number from the directory to avoid cold calls. If you want to place them into stealth, we can do that via the router - what make & model router do you use?

Apart from that, you are locked down nice and tight now - its looking good. Whilst we wait for a security expert just to review this, I suggest starting a scan of all your external USB devices.

My System SpecsSystem Spec
27 Dec 2010   #20

Windows 7 Prof 64bit

Hi Golden .... You are correct i have a BT 2wire HUB (2700HGV Business HUB) and if it is possible i would like to be in complete stealth mode. The bad news is i now need to start on my WD NAS drive which was connected at the time, i work from home a lot and use this to link in if i'm away on business. Fingers crossed it's not infected ... b
My System SpecsSystem Spec

 Will a recovery disk wipe my hijacked pc completely?

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
How do I completely wipe a computer?
Hey, so I'm currently in the process of selling my computer and I want to delete everything from it, however I do no have the Windows CD which came with it as I received the computer as a gift a few years ago. I understand that you can download a licensed program on the windows website which...
General Discussion
Did windows 7 recovery disk, now monitor is completely black
First post! Hi, I did a system recovery to get a fresh start because a lot of memory was being taken up. So I did it. Then, maybe 30 minutes later, the monitor went black. I thought it was just restarting, so i left it. It kept like that. The laptop was accidentally closed so it shut off. My...
Graphic Cards
System Restore-Does it completely wipe everything?
So, I'm planning on selling my PC and I've entered a lot of private information on this computer. I don't want to be a victim of identity theft and I don't want people looking at my documents. I know that just deleting them would be recoverable (since it doesn't delete the data, but it lets it be...
Backup and Restore
Completely wipe HDD using Windows 7 Installation Disc (X: Drive?)
Alright, so I plan to install a third hard drive into my case tomorrow (or whenever it ships to my house), and before I do I want to make sure I have my current 2 TB HDDs completely blank. (I plan on using the new SSD for booting Win 7 and a few other major programs and use the HDDs for storage...
Installation & Setup
want to completely wipe my computer.
i want to completely wipe my computer clean. i tryed reinstalling. but i still have 200 gig worth of stuff on my hard drive. how do i wipe my hard drive completely then reinstall windows and have a fresh computer
Installation & Setup
0xE0000100 How do I 'completely wipe entire hard disk'
I am suffering the Error code: 0xE0000100 while attempting to do a 'Custom Install' of Windows 7. My problem is a corrupt MBR etc. which I caused by deleting the first partition on the disk! I have read the thread 'Installation error' in this forum and it is clear that I need to 'completely wipe...
Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:00.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App