Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Compromised PC - Advice please!

16 Jun 2014   #1
Kaone

Windows 7 Home 64 bit
 
 
Compromised PC - Advice please!

A friend (yes - honestly!) has allowed a scammer to have access to his win7 PC for 20 minutes and money has subsequently been taken from his Paypal account.

I've advised him to disconnect his PC from the internet until it's "clean" but I'd appreciate some advice on what is needed.

Would a complete re-install of Win7 be necessary?

Thanks


My System SpecsSystem Spec
.

16 Jun 2014   #2
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

The first thing I would advise your friend is change all passwords of everything.
Use a known clean computer to do the password replacement.
Then your friend should notify all financial association of the passwords being stolen.
Then check all accounts for any strange things of any kind.

Then I would do a Clean Install. It would take forever to figure out what the intruder did to the computer and what little goodies they left behind.

Please read these tutorials by Brink and Gregrocker.

Disk - Clean and Clean All with Diskpart Command


Clean Install Windows 7


Clean Reinstall - Factory OEM Windows 7
My System SpecsSystem Spec
17 Jun 2014   #3
Kaone

Windows 7 Home 64 bit
 
 

Thanks, Layback Bear. I've read the articles but there are a couple of things (at least) that I'm uncertain about:
1. The pc has just one disk, but a full clean can't be done over the OS. How do I get round this?
2. To reload win7 all I have are the three recovery discs (DVDs) created when the pc was first set-up. Can these be used to reinstall Win7?

Thanks
My System SpecsSystem Spec
.


17 Jun 2014   #4
Kaone

Windows 7 Home 64 bit
 
 

The pc is a Dell Inspiron 660. According to Dell's website the pc can be reset to factory settings via the F8 button at start-up. Would this be sufficient to restore the pc to a safe state?
My System SpecsSystem Spec
17 Jun 2014   #5
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Setting to factory settings should bring your computer back to the way it was when it was bought. If that is okay with the owner I would try it. The intruder probably never went into that partition where your factory setting are.
When done I would still scan the computer with many security scans.

Did you read the tutorials I posted?
My System SpecsSystem Spec
17 Jun 2014   #6
Boozad

W7 Pro x64 SP1 | W10 Pro IP x64 | W8.1 Pro x64 VM | Linux Mint VM
 
 

He should also phone the police and let them know he's been scammed right in front of his face and tell them who it was.
My System SpecsSystem Spec
17 Jun 2014   #7
Kaone

Windows 7 Home 64 bit
 
 

Yes, I read the tutorials - please see my second post.

It sounds as though the reset to factory settings option isn't 100% safe? It would be awful if my friend lost any further money.
My System SpecsSystem Spec
17 Jun 2014   #8
Kaone

Windows 7 Home 64 bit
 
 

Hi Boozad, Yes he has spoken to the police and passed them all the details. Lloyds bank and Paypal have also been informed.
My System SpecsSystem Spec
17 Jun 2014   #9
Boozad

W7 Pro x64 SP1 | W10 Pro IP x64 | W8.1 Pro x64 VM | Linux Mint VM
 
 

At least he should get his money back as long as he can provide proof to Paypal.

You can create a bootable USB stick using an ISO image of Windows 7 instead of using any disks you have. These will include Service Pack 2 and will save some update time once installed. You'd have to download the relevant ISO from here then mount that to a USB stick following Part 2 of this tutorial Windows 7 USB/DVD Download Tool

Then move onto the links Layback Bear posted.
My System SpecsSystem Spec
17 Jun 2014   #10
Kaone

Windows 7 Home 64 bit
 
 

Paypal have made encouraging noises, but as he gave the scammer his password I'm not sure that they'll want to pay out. We'll see.

Thanks for the info regarding the bootable USB stick. I've had a quick look but it seems rather complicated.

Can the USB stick be created on my pc and then used to boot his?
My System SpecsSystem Spec
Reply

 Compromised PC - Advice please!




Thread Tools





Similar help and support threads
Thread Forum
System may be compromised
My son called this afternoon and said he had an issue with an IPhone and in order to get support he did a Google search for Apple support. The first hit in the results was the following link; Amazingtechsupport He called them and the tech, who had a heavy accent, asked him to attach the...
System Security
Ebay Compromised
BBC News - eBay makes users change their passwords after hack
Security News
Problems with C: - Not sure if set up correctly - compromised
Dear Forum, I am in the state of not knowing if I have the correct set up with my initial set up of Windows 7. I am just about to restart everything and trying to get most of my programs off the system as well. 1. I want a qualified person to have a quick look - I know this is hard via...
General Discussion
Computer compromised
Hi there, Im trying to help my mum out with her computer. After a visit to her local bank they informed her that someone had got her bank details online and has been ordering video games for themselves from this. I need to ensure that her PC is like fort Knox as im meant to be good with ...
System Security
RSA comes clean, SecurID is compromised
It took them long enough. RSA finally comes clean: SecurID is compromised
News
E-mail accounts compromised....
When I signed up for Hallmark Smilebox to send out Thanksgiving cards I was asked to import my accounts(:o). thinking Hallmark would be a secure site........Wrong! It has been compromised. My friends are getting all kinds of trash. Also noticed a MyWebSearch file(now deleted and removed) that...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:35.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App