Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Compromised PC - Advice please!


16 Jun 2014   #1

Windows 7 Home 64 bit
 
 
Compromised PC - Advice please!

A friend (yes - honestly!) has allowed a scammer to have access to his Windows 7 PC for 20 minutes and money has subsequently been taken from his Paypal account.

I've advised him to disconnect his PC from the internet until it's "clean" but I'd appreciate some advice on what is needed.

Would a complete re-install of Windows 7 be necessary?

Thanks

My System SpecsSystem Spec
.

16 Jun 2014   #2

Windows 7 Pro. 64/SP-1
 
 

The first thing I would advise your friend is change all passwords of everything.
Use a known clean computer to do the password replacement.
Then your friend should notify all financial association of the passwords being stolen.
Then check all accounts for any strange things of any kind.

Then I would do a Clean Install. It would take forever to figure out what the intruder did to the computer and what little goodies they left behind.

Please read these tutorials by Brink and Gregrocker.

Disk - Clean and Clean All with Diskpart Command


Clean Install Windows 7


Clean Reinstall - Factory OEM Windows 7
My System SpecsSystem Spec
17 Jun 2014   #3

Windows 7 Home 64 bit
 
 

Thanks, Layback Bear. I've read the articles but there are a couple of things (at least) that I'm uncertain about:
1. The pc has just one disk, but a full clean can't be done over the OS. How do I get round this?
2. To reload Windows 7 all I have are the three recovery discs (DVDs) created when the pc was first set-up. Can these be used to reinstall Windows 7?

Thanks
My System SpecsSystem Spec
.


17 Jun 2014   #4

Windows 7 Home 64 bit
 
 

The pc is a Dell Inspiron 660. According to Dell's website the pc can be reset to factory settings via the F8 button at start-up. Would this be sufficient to restore the pc to a safe state?
My System SpecsSystem Spec
17 Jun 2014   #5

Windows 7 Pro. 64/SP-1
 
 

Setting to factory settings should bring your computer back to the way it was when it was bought. If that is okay with the owner I would try it. The intruder probably never went into that partition where your factory setting are.
When done I would still scan the computer with many security scans.

Did you read the tutorials I posted?
My System SpecsSystem Spec
17 Jun 2014   #6

W7 Pro x64 SP1 / W8.1 Pro x64
 
 

He should also phone the police and let them know he's been scammed right in front of his face and tell them who it was.
My System SpecsSystem Spec
17 Jun 2014   #7

Windows 7 Home 64 bit
 
 

Yes, I read the tutorials - please see my second post.

It sounds as though the reset to factory settings option isn't 100% safe? It would be awful if my friend lost any further money.
My System SpecsSystem Spec
17 Jun 2014   #8

Windows 7 Home 64 bit
 
 

Hi Boozad, Yes he has spoken to the police and passed them all the details. Lloyds bank and Paypal have also been informed.
My System SpecsSystem Spec
17 Jun 2014   #9

W7 Pro x64 SP1 / W8.1 Pro x64
 
 

At least he should get his money back as long as he can provide proof to Paypal.

You can create a bootable USB stick using an ISO image of Windows 7 instead of using any disks you have. These will include Service Pack 2 and will save some update time once installed. You'd have to download the relevant ISO from here then mount that to a USB stick following Part 2 of this tutorial Windows 7 USB/DVD Download Tool

Then move onto the links Layback Bear posted.
My System SpecsSystem Spec
17 Jun 2014   #10

Windows 7 Home 64 bit
 
 

Paypal have made encouraging noises, but as he gave the scammer his password I'm not sure that they'll want to pay out. We'll see.

Thanks for the info regarding the bootable USB stick. I've had a quick look but it seems rather complicated.

Can the USB stick be created on my pc and then used to boot his?
My System SpecsSystem Spec
Reply

 Compromised PC - Advice please!




Thread Tools



Similar help and support threads for2: Compromised PC - Advice please!
Thread Forum
Ebay Compromised Security News
Computer compromised System Security
Solved E-mail security compromised? Browsers & Mail
RSA comes clean, SecurID is compromised News
E-mail accounts compromised.... System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:04 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33