Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Grandma allowed Computer 350 Tech scammer to install junk.

17 Sep 2018   #11
byzantine

windows 7 32 bit
 
 

I called her bank and had them suspend the online access to her account. Told them what happened. Bank (fraud dept) thinks simply having Geeksquad or Bestbuy run a virus scan, and certifying the computer virus-free will be enough to unsuspend the online access., and my Mom can merrily use the account again, after changing passwords.

Obviously you guys think the virus scan alone will not be enough, right?

Reloading Windows 7 sounds like an enormous ordeal.

What about doing a Housecall TrendMicro virus scan?


Best buy wants $149 for a virus check. Same with Geeksquad.


My System SpecsSystem Spec
.
17 Sep 2018   #12
SIW2

Microsoft Community Contributor Award Recipient

Vista x64 / 7 X64
 
 

$149 ? wow.

The best advice is to wipe and reinstall. Easy for us to say - we do it often, so we find it quite quick and easy.

If you are determined not to to do that, $149 - they are charging for their time. It is possible to have a go yourself - but that requires several different tools - there are plenty of free ones. However, that is more time and effort than reinstalling. More importantly, reinstalling is the safest way.
My System SpecsSystem Spec
17 Sep 2018   #13
Barman58

Windows 10 Pro x64 x3, Ubuntu
 
 

I could probably supply and fit a replacement Hard Drive for that, but I may be missing something


You could go to Bleeping Computer [ BleepingComputer.com - News, Reviews, and Technical Support ]and open a case there, they are the de facto experts in that field and would do a much better job instructing you to perform the tasks required. and all they would ask for is a donation that you can afford, and that is optional.

It does mean that you would perform all the tests and remedial work under instruction but the guys over there are used to dealing with all levels of experience.

You can if you wish post a link back here which will save typing out too much again
My System SpecsSystem Spec
.

17 Sep 2018   #14
Rainner

Windows 7 Ultimate x64 / Kali Linux multiboot
 
 

Quote   Quote: Originally Posted by byzantine View Post
Reloading Windows 7 sounds like an enormous ordeal.
It does sound intimidating at first, but it isn't that bad. I would NOT pay for one of these services, knowledge is power and this is a great thing to learn for your future.

I would suggest bringing it back to factory default as this is the most effective to remove all the crap;

1. Find and save all your personal files such as pictures, docs etc. that you don't want to loose. Back them up to a external source like a thumb drive. Then again, you may not have much. If you use all the defaults for saving, this will be very easy for you to do.

2. Make a list of any important software you added to this system as this will be deleted during the restoration; Have the software on hand to reinstall including activation numbers etc. or the links to it, or the compressed files. It's good to keep a list of this off the pc for times like this.

3. If you LOVE your bookmarks like I do, export them.

4. If you have anything special, files, coding, configs you spent allot of time on, save them also.

The rest is easy very easy:

Go to 'Control Panel' > 'Recovery' > Advanced Recovery Methods > 'Return Your Computer To Factory Condition'

This is extremely thorough and easy. When it's done, your system will be just the same and as fast as the day it was purchased.

-So if you had added software, you would now reinstall that
-Add back your pics, docs etc.
-import your bookmarks

That's it! It really is simple :)
---------------------------------------------------------

Additional Thought for Future Safety and Ease of Recovery

I personally have a load of software I had to reinstall, most people do not have this problem. But to eliminate the need to reinstall the software I have WHEN this occurs again, what I do is:

Once my new system is back up and I installed my software packages, if everything is cool, I then create an IMAGE file. This way, next time, and there always is, I can reinstall my IMAGE file instead of the Factory Default and my system will be like new except this time with my added software packages so I don't have to reinstall them.

Good food for thought :)

- Rainner
My System SpecsSystem Spec
18 Sep 2018   #15
F22 Simpilot

Windows 7 Ultimate x64
 
 

Next time clone the computer to an adequate USB external HDD so when disator strikes you can simply clone back.

If grandma is just surfing the net and printing things, then it might be worthwhile to use some flavor of Linux. Many use Linux Mint.

Screenshots - Linux Mint
My System SpecsSystem Spec
18 Sep 2018   #16
Nasty7

Windows 7 Home Premium 64bit
 
 

Maybe there was not remote access at all, if you know what to look for you could tell. I agree with what others said above, but if there was no remote access then there is no need to get crazy.

If she is able, ask her if she gave them any passwords, or if they asked her to download anything? Otherwise there was no remote access. "They" cannot download anything without her doing so. Unless a remote access piece of software was installed prior and they asked her to click on it and give THEM the password. Do you know if Teamviewer is installed, look in Programs and Features.

If LogmeIn was installed it should be in the C: Drive or on Program Files or Program Files (x86) Don't get me wrong, anything is possible, but you have to allow access to get access. Sometimes our clients will think they were hacked because they got a browser hijack or something. A browser hijack is scary to someone that don't know what it is, but if she didn't download a program, install it and give them the password then it's unlikely she was hacked. A browser hijack will also demand you call a phone number and then they try to talk you into paying them, this is what they do, low level scammers praying on the elderly. Giving someone your credit card info does not allow access to your computer. Just something to think about before reformatting your pc.

Malwarebytes is very good in addition to what you using now. What AV product are you using now?

Do you have a good restore point available?

Was she storing Passwords in a Browser without being password protected? Even if she was and they were unprotected they would again had to have access to the pc.
My System SpecsSystem Spec
18 Sep 2018   #17
Paul Black

7 HP SP1 64-bit Vista HB SP2 32-bit Linux Mint 18.3
 
 

Hi Nasty7,

Quote   Quote: Originally Posted by byzantine View Post
My chore is to remove the icon and the associated malware that my grandmother has allowed the scammers to download. She also gave them remote access to her computer and I want to make sure that is gone.

When I right click on the icon there is no "uninstall" option, of course.

I don't want to left click on it (execute it) because God only knows what it would do then.

The icon on the desktop is titled "Computer 350 Tech".
We have all gone with the fact that the computer has been hacked because of the OP's comments above.

You have made some good observations and comments in your post above. I am sure that anyone else coming across this thread that has a similar problem will find them very useful.

I still think that at the end of the day, for security reasons and piece of mind, that a re-install is the best option available.
My System SpecsSystem Spec
18 Sep 2018   #18
Nasty7

Windows 7 Home Premium 64bit
 
 

Quote:
We have all gone with the fact that the computer has been hacked because of the OP's comments above.
With all do respect I don't see any "facts" and people make unclear comments all the time, I'm only saying to get a little more clarity on the subject before the task of a reinstall because the op don't seem to be tech savvy.

I don't disagree with the safety of a reinstall, but I see this all the time, and unless the wording of the op is incorrect it's hard to say what happened.

Quote:
my grandmother has allowed the scammers to download.
This suggests someone was able to download something BEFORE having access to the pc, that's not possible as we all know.

The program in question can be checked to see what the install date was, it may have been there for years. Right Click File Location, and see when it was installed. I don't see that program online either, which is weird in itself, most likely renamed icon.

So it may be worth while to talk with grandmother after she has calmed down and see exactly what happened before a reinstall. The only reason I say this is because this can be a daunting task for the uninitiated.
My System SpecsSystem Spec
18 Sep 2018   #19
Paul Black

7 HP SP1 64-bit Vista HB SP2 32-bit Linux Mint 18.3
 
 

Hi Nasty7,

Quote   Quote: Originally Posted by Nasty7 View Post
This suggests someone was able to download something BEFORE having access to the pc, that's not possible as we all know.
It could have been a popup [or something similar] that said the machine was infected, and in order to get rid of the infection she should click a link, and then telephone the number supplied for techical help/support. We really don't know what the sequence of events were to be honest!

Quote   Quote: Originally Posted by Nasty7 View Post
The program in question can be checked to see what the install date was, it may have been there for years. Right Click File Location, and see when it was installed. I don't see that program online either, which is weird in itself, most likely renamed icon.
That is a very good point!
My System SpecsSystem Spec
21 Sep 2018   #20
mrjimphelps

Linux Mint 18.2 xfce 64-bit (VMWare host) / Windows 8.1 Pro 32-bit (VMWare guest)
 
 

If you are a really savvy technician, then you might be able to clean the computer. Basically, you restart the computer in Safe Mode, and you then disable all start-up items and services that you aren't absolutely sure about.

Even doing that, you may not catch everything. Therefore, only a clean install will do it. That means that you do a custom Windows 7 install; and you delete all partitions on the hard drive, then create one new partition, and install Windows on that new partition.

Everything will be forever gone once you do this, and you will have a clean copy of Windows. But that is the only way to make sure that the computer is free from whatever the scammer put on it.

Make sure you have all activation codes for Windows and for whatever software you want to install prior to doing this, because you won't be able to get these codes once you do the clean install.
My System SpecsSystem Spec
Reply

 Grandma allowed Computer 350 Tech scammer to install junk.




Thread Tools




Similar help and support threads
Thread Forum
Re-install of WLM not allowed?
Hi, Because problems with WLM 2009 on my 32 bit W7 pro, XP virtual enabled Asus PC, I removed it hoping do a fresh install of WLM 2009. During the installation I got this pop-up that said "I already have this program" What's going on here, as I have been installing & uninstalling Win...
Browsers & Mail
Install QuickTime Player Without All the Other Junk
I want to Install QuickTime Player Without All the Other Junk that installs with it. From where should I download it safely? Thanks, cb
Software
Birthday gift ideas for grandma
My grandmothers birthday is coming up next week, and i cant think of a gift, any ideas? Preferably something under $25. AND NO COMPUTERS!!!!!! Cause i dont want to spend the rest of my life showing her how to use it.
Chillout Room
System Restore disks, new Hard Drive, Same Computer. Allowed?
Okay, I want to upgrade the hard drive in one of my Laptops and was wanting to know, am I allowed, and is it possible, to use the System Restore disks, the ones you are asked to make on the first boot, to install Windows 7 on the new Hard Drive? It has a 250GB Western Digital Hard Drive and I was...
Backup and Restore
JUNK mail patch wont install
Hi All: I am running win7 pro there were 3 update patches 2 of them installed the junk mail patch KB979895 wont install gimes me an error cod57a did a search but could not find any fixes or what causes this issue..Any help would be appreciated Thanks Eddy
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:53.
Twitter Facebook Google+