Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Grandma allowed Computer 350 Tech scammer to install junk.

21 Sep 2018   #21
Megahertz07

Windows 7 HP 64
 
 

If the computer is a OEM (Dell, HP, etc) it probably has a Factory recover.
Once you launch it (from Windows or from BIOS) it will format the C: partition and load an image from the Restore partition.
It won't take long and it will end as it came from.

Save the data on a USB flash disk or external disk.

To help us guide you, give us the brand and model of your grandmother's computer.


My System SpecsSystem Spec
.
23 Oct 2018   #22
byzantine

windows 7 32 bit
 
 

Hi everyone,

OP here once again. I'm at Grandma's house and am poking around on the computer again. I've been busy with all sorts of things, many related to aging parents. Thanks for all the replies !! I know I'm supposed to just reload windows, to be safe. But so far I am content to tell Gma not to access any financial websites on her computer. I go to a different computer and access her financial sites myself, to check on things.

Anyway, I've found some more interesting stuff about the 'hack'.

I am now able to use Gmail again on her computer. It had been disabled somehow before, but became active again somehow. "Disabled' means you could click on the gmail icon and nothing would happen. Now it works again. I don't think I did anything to fix it.

I noticed that when you right click on the 'computer tech 350' folder icon (which appeared on the day of the hack) on her desktop, you get the popup box which has Mcafee 'scan' option and mcafee 'shred' option. Tempted to use 'shred'. I can't find much info about on mcafee shred, even with lots of googling, just that it is supposed to be a way to permanently delete something and make it unrecoverable.

I ran the mcafee scan option on the folder, and it processed for about 10 seconds, and reported that 4 files were scanned (yes, the folder contains 4 files) and that zero problems were found.


One of the 4 files in the folder is called Supremo.exe ! Internet says supremo.exe is a remote access program, which in itself is not malware. The install date of supremo is 9/9/2018, which is the day of the 'hack'.

Getting back to what actually happened on the 'hack' day, I asked Gma again about it and she said she would never give her passwords out to anyone, and that she did not give any password to the hackers. Maybe her memory is wrong. But maybe the hackers didn't need a password, anyway. Once they had Gma's IP address, they sent over the supremo.exe to her IP address, and Gma saw a dialog box pop up asking for her permission to install it? No password needed, Gma just clicks on OK, and boom, the new 'computer tech 350' icon pops up and the supremo.exe is installed ?

Another thing: remote access would not be needed in order to talk Gma through setting up a new Yahoo email account, right?
The scammers could have gotten their $149 and her credit card number from Gma without remote access, right? Of course why not go for the gusto, and send over the supremo.exe for good measure when you have a sucker on the line, right?

When I click on "remote app and desktop connections" it tells me there are currently no connections available on this computer'. A few days after the hack I noticed that 'allow remote assistance' was checked in 'system protection' tab in 'system', so I unchecked it.

Gma is running McAfee antivirus on her computer, and Windows Defender is turned off. A run of McAfee 'quick scan' says there are no problems found.

Summing up, thanks for all the advice so far. If you are tired of me not doing a reformat, reload, etc, I apologize and again thank you for your efforts, and of course someone in the future may benefit from reading this thread.

Is it possible the supremo.exe could self-activate at some point and send passwords and account numbers, etc out to hackers?


Lastly, what about the idea of me using the Mcafee 'shred' option on the entire 'computer tech 350' folder and the 4 files in it? Or just delete the whole folder, send it to recycle bin, and delete it from recycle bin? Any downside?


Thanks
My System SpecsSystem Spec
23 Oct 2018   #23
Paul Black

7 HP SP1 64-bit Vista HB SP2 32-bit Linux Mint 18.3
 
 

Hi byzantine,

I really only have two things to offer:

[1] Save ALL her personal data and files to an external HDD.
[2] CLEAN INSTALL!

I only say this because you can spend hours and hours [and probably have] looking for what might have and might not have happened.

At the end of the day though, there will always be a doubt in the back of your mind. It is far better to be safe than sorry and still have money in the bank!

It really is quite easy to clean install. We can walk you through it if you don't feel that it is something that you can do on your own!

I hope this helps!
My System SpecsSystem Spec
.

23 Oct 2018   #24
Megahertz07

Windows 7 HP 64
 
 

I agree with Paul.
Once the computer has been under others control you don't know what is installed. And you can run all antivirus and it won't find anything because a program for remote control isn't a malware. Then in some months a schedule is executed and they take control again.

As I wrote on post #21 there should be a option to do a Factory restore.
Save the data on a USB flash disk or external disk.
Launch Factory restore from windows or from BIOS. It won't take long and it will end as it came from factory.
Then you just need to install the programs and updates.
My System SpecsSystem Spec
23 Oct 2018   #25
Nasty7

Windows 7 Home Premium 64bit
 
 

Unfortunately these guys are right, a new install is what you need. Someone could go through all the places to look for these things but it would be a long list and very technical, and that kind of help usually ain't free, and honestly is more labor to Show someone how to do than actually do it.

My idea for you is to install Windows 10. I say this because it is Waaaaay faster to install. Windows 7 will take you all afternoon if you know what you are doing, longer if you don't. That is if you want all the Updates, perhaps that is not important for GMA.

And, some don't trust the Recovery Partition after scammers get involved. This may be a little paranoid, but it's possible that it has been tampered with, if it works at all. Most these scammers are lazy and will only remove Restore Points, and sometimes not even that. And, make sure to Delete all the Partitions during the install. This will eliminate every issue when you wipe the drive of all partitions. That is the key, to wipe all partitions.

Have you tried System Restore, most of these guys delete the restore points.

Uninstall Supremo

I don't endorse this site, but here are some simple instructions to follow.
My System SpecsSystem Spec
Reply

 Grandma allowed Computer 350 Tech scammer to install junk.




Thread Tools




Similar help and support threads
Thread Forum
Re-install of WLM not allowed?
Hi, Because problems with WLM 2009 on my 32 bit W7 pro, XP virtual enabled Asus PC, I removed it hoping do a fresh install of WLM 2009. During the installation I got this pop-up that said "I already have this program" What's going on here, as I have been installing & uninstalling Win...
Browsers & Mail
Install QuickTime Player Without All the Other Junk
I want to Install QuickTime Player Without All the Other Junk that installs with it. From where should I download it safely? Thanks, cb
Software
Birthday gift ideas for grandma
My grandmothers birthday is coming up next week, and i cant think of a gift, any ideas? Preferably something under $25. AND NO COMPUTERS!!!!!! Cause i dont want to spend the rest of my life showing her how to use it.
Chillout Room
System Restore disks, new Hard Drive, Same Computer. Allowed?
Okay, I want to upgrade the hard drive in one of my Laptops and was wanting to know, am I allowed, and is it possible, to use the System Restore disks, the ones you are asked to make on the first boot, to install Windows 7 on the new Hard Drive? It has a 250GB Western Digital Hard Drive and I was...
Backup and Restore
JUNK mail patch wont install
Hi All: I am running win7 pro there were 3 update patches 2 of them installed the junk mail patch KB979895 wont install gimes me an error cod57a did a search but could not find any fixes or what causes this issue..Any help would be appreciated Thanks Eddy
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:23.
Twitter Facebook Google+