Windows 7: Will a recovery disk wipe my hijacked pc completely?

Hi .. I need your help and guidance please. My idiot son took a bogus call from people saying they are from our ISP and they could improve our network speed if they could access our system remotely.
Yes, you guessed it, he let them in via “letmein123” and I’m sure they have installed loggers and whatever nonsense they install to get our details. So, I’ve now contacted the banks etc and got my banking stuff fixed and blocked.

I want to reload his Windows 7 64bit from scratch and want to know if a recovery disk will enable this. I’m not bothered about saving data, such as media files as he will need to feel the pain of being stuuupid. What I need to feel is safe and secure from a new reload that I’m going to completely wipe any files/programs they have installed.

So my question to the experts, if this happened to you how would you deal with it?

I have no doubt someone else on the forum will have posted a similar issue, maybe you can point me in the correct direction.

Format and install clean (Or from a known clean image). That is what I would do.

use this Eraser - Free software downloads and software reviews - CNET Download.com

So sorry this happened to you McScooter. Don't forget to change all of your internet passwords as well as dealing with formatting and uninstalling/reinstalling, because the hijackers will probably have access to all of your original passwords and security information as well as all of your other data. And you may have to go so far as to change your credit card and banking accounts too, if that information was available in your system. The most important thing is to think carefully about what security information you have/had in your system, and anticipate that the hijackers could use that information to gain access to your accounts -- after all, that's probably why they did what they did!!!!

By the way, I've had my credit card and bank account hijacked several times in the last year (once through PayPay, which is supposed to be one of the most secure payment processing sites in the world!) -- so I'm very sensitive to and aware of just how aggressive and devious hijackers and other 'thieves' can be!!!!

Yes, Imperfect1 holds a good point: first of all, if you don't need to do backups, you may want to think about what you had on the HD that was sensitive and then give a call to the bank/credit card issuer/ISP to have your accounts checked.

Then, wipe your HD. I don't know if you have the time (and maybe it's also an overkill) but in case of malware attacks I always performed a "one-pass zeros" wiping before reinstalling (I worked as a PC techie for a small company so I had the chance to let it run overnight, because it may take also 3 or 4 hours for a 1TB drive).

Then I'd suggest you to re-install Windows creating two different profiles. An administrative one that you'll use yourself and a standard one, subjected to UAC, to let your son use the PC reducing the risk of being hit again.
I use a limited user account myself even if I also am the owner of the administrative one, so you may want to create also a standard account for yourself.

Then, change all of your passwords (no matter what they are for) as you'd be better safe than sorry.

Thanks to everyone for the excellent posts, you have confirmed I need to wipe the image to a clean hardfile with not data and start again.

So, if I create a recovery disk from my system that has the same Windows 7 installed will that be sufficient to create a new image and from that I can reload my sons system?
Will I need to take a note of the product key or can I use the COA?

Hi, McScooter! Welcome to the Seven Forums!

Use the COA.

Install clean from a Win 7 install DVD, however, since you haven't mentioned having a Win 7 install DVD am I to assume you do not? Is there a recovery partition on your son's PC?

Hi There ... Yes, His Acer (Aspire 5738ZG) offers a recovery partition options. When you boot and press F10 it gives the following options -
Acer eRecovery:

• Plug in the AC adapter and battery, then turn the system on
• Immediately, press ALT on the keyboard and start tapping F10. Continue holding ALT and tapping F10 as the unit boots up.
• A screen stating "Starting Acer Erecovery" should appear. (Release ALT and stop tapping F10 at this point)
• There will be 4 options:
  1. Restore system to factory default
  2. Restore system from user backup
  3. Restore system from cd/dvd
  4. Exit

The first option looks the best, but will that give me confidence to know that the system really is clean?

when i look at the first option in more detail it mentions -->

1. This action will erase all existing data on the c: drive.
2. This option will return your computer to a factory setting. All files, settings, updates and software installed since the computer was first used will be deleted.
3. We recommend this recovery if your computer is infected by a persostent virus or malware, or if other recovery options fail.

Mc Scooter

That is the one you want.

Mike