Grandma allowed Computer 350 Tech scammer to install junk.

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 40
    windows 7 32 bit
    Thread Starter
       #11

    I called her bank and had them suspend the online access to her account. Told them what happened. Bank (fraud dept) thinks simply having Geeksquad or Bestbuy run a virus scan, and certifying the computer virus-free will be enough to unsuspend the online access., and my Mom can merrily use the account again, after changing passwords.

    Obviously you guys think the virus scan alone will not be enough, right?

    Reloading Windows 7 sounds like an enormous ordeal.

    What about doing a Housecall TrendMicro virus scan?


    Best buy wants $149 for a virus check. Same with Geeksquad.
      My Computer


  2. Posts : 16,129
    7 X64
       #12

    $149 ? wow.

    The best advice is to wipe and reinstall. Easy for us to say - we do it often, so we find it quite quick and easy.

    If you are determined not to to do that, $149 - they are charging for their time. It is possible to have a go yourself - but that requires several different tools - there are plenty of free ones. However, that is more time and effort than reinstalling. More importantly, reinstalling is the safest way.
      My Computers


  3. Posts : 31,242
    Windows 11 Pro x64 [Latest Release and Release Preview]
       #13

    I could probably supply and fit a replacement Hard Drive for that, but I may be missing something


    You could go to Bleeping Computer [ BleepingComputer.com - News, Reviews, and Technical Support ]and open a case there, they are the de facto experts in that field and would do a much better job instructing you to perform the tasks required. and all they would ask for is a donation that you can afford, and that is optional.

    It does mean that you would perform all the tests and remedial work under instruction but the guys over there are used to dealing with all levels of experience.

    You can if you wish post a link back here which will save typing out too much again
      My Computers


  4. Posts : 5
    Windows 7 Ultimate x64 / Kali Linux multiboot
       #14

    byzantine said:
    Reloading Windows 7 sounds like an enormous ordeal.
    It does sound intimidating at first, but it isn't that bad. I would NOT pay for one of these services, knowledge is power and this is a great thing to learn for your future.

    I would suggest bringing it back to factory default as this is the most effective to remove all the crap;

    1. Find and save all your personal files such as pictures, docs etc. that you don't want to loose. Back them up to a external source like a thumb drive. Then again, you may not have much. If you use all the defaults for saving, this will be very easy for you to do.

    2. Make a list of any important software you added to this system as this will be deleted during the restoration; Have the software on hand to reinstall including activation numbers etc. or the links to it, or the compressed files. It's good to keep a list of this off the pc for times like this.

    3. If you LOVE your bookmarks like I do, export them.

    4. If you have anything special, files, coding, configs you spent allot of time on, save them also.

    The rest is easy very easy:

    Go to 'Control Panel' > 'Recovery' > Advanced Recovery Methods > 'Return Your Computer To Factory Condition'

    This is extremely thorough and easy. When it's done, your system will be just the same and as fast as the day it was purchased.

    -So if you had added software, you would now reinstall that
    -Add back your pics, docs etc.
    -import your bookmarks

    That's it! It really is simple :)
    ---------------------------------------------------------

    Additional Thought for Future Safety and Ease of Recovery

    I personally have a load of software I had to reinstall, most people do not have this problem. But to eliminate the need to reinstall the software I have WHEN this occurs again, what I do is:

    Once my new system is back up and I installed my software packages, if everything is cool, I then create an IMAGE file. This way, next time, and there always is, I can reinstall my IMAGE file instead of the Factory Default and my system will be like new except this time with my added software packages so I don't have to reinstall them.

    Good food for thought :)

    - Rainner
      My Computer


  5. Posts : 0
    Windows 7 Ultimate x64
       #15

    Next time clone the computer to an adequate USB external HDD so when disator strikes you can simply clone back.

    If grandma is just surfing the net and printing things, then it might be worthwhile to use some flavor of Linux. Many use Linux Mint.

    Screenshots - Linux Mint
      My Computer


  6. Posts : 555
    Windows 7 Home Premium 64bit
       #16

    Maybe there was not remote access at all, if you know what to look for you could tell. I agree with what others said above, but if there was no remote access then there is no need to get crazy.

    If she is able, ask her if she gave them any passwords, or if they asked her to download anything? Otherwise there was no remote access. "They" cannot download anything without her doing so. Unless a remote access piece of software was installed prior and they asked her to click on it and give THEM the password. Do you know if Teamviewer is installed, look in Programs and Features.

    If LogmeIn was installed it should be in the C: Drive or on Program Files or Program Files (x86) Don't get me wrong, anything is possible, but you have to allow access to get access. Sometimes our clients will think they were hacked because they got a browser hijack or something. A browser hijack is scary to someone that don't know what it is, but if she didn't download a program, install it and give them the password then it's unlikely she was hacked. A browser hijack will also demand you call a phone number and then they try to talk you into paying them, this is what they do, low level scammers praying on the elderly. Giving someone your credit card info does not allow access to your computer. Just something to think about before reformatting your pc.

    Malwarebytes is very good in addition to what you using now. What AV product are you using now?

    Do you have a good restore point available?

    Was she storing Passwords in a Browser without being password protected? Even if she was and they were unprotected they would again had to have access to the pc.
      My Computer


  7. Posts : 6,021
    Win 7 HP SP1 64-bit Vista HB SP2 32-bit Linux Mint 18.3
       #17

    Hi Nasty7,

    byzantine said:
    My chore is to remove the icon and the associated malware that my grandmother has allowed the scammers to download. She also gave them remote access to her computer and I want to make sure that is gone.

    When I right click on the icon there is no "uninstall" option, of course.

    I don't want to left click on it (execute it) because God only knows what it would do then.

    The icon on the desktop is titled "Computer 350 Tech".
    We have all gone with the fact that the computer has been hacked because of the OP's comments above.

    You have made some good observations and comments in your post above. I am sure that anyone else coming across this thread that has a similar problem will find them very useful.

    I still think that at the end of the day, for security reasons and piece of mind, that a re-install is the best option available.
      My Computer


  8. Posts : 555
    Windows 7 Home Premium 64bit
       #18

    We have all gone with the fact that the computer has been hacked because of the OP's comments above.
    With all do respect I don't see any "facts" and people make unclear comments all the time, I'm only saying to get a little more clarity on the subject before the task of a reinstall because the op don't seem to be tech savvy.

    I don't disagree with the safety of a reinstall, but I see this all the time, and unless the wording of the op is incorrect it's hard to say what happened.

    my grandmother has allowed the scammers to download.
    This suggests someone was able to download something BEFORE having access to the pc, that's not possible as we all know.

    The program in question can be checked to see what the install date was, it may have been there for years. Right Click File Location, and see when it was installed. I don't see that program online either, which is weird in itself, most likely renamed icon.

    So it may be worth while to talk with grandmother after she has calmed down and see exactly what happened before a reinstall. The only reason I say this is because this can be a daunting task for the uninitiated.
      My Computer


  9. Posts : 6,021
    Win 7 HP SP1 64-bit Vista HB SP2 32-bit Linux Mint 18.3
       #19

    Hi Nasty7,

    Nasty7 said:
    This suggests someone was able to download something BEFORE having access to the pc, that's not possible as we all know.
    It could have been a popup [or something similar] that said the machine was infected, and in order to get rid of the infection she should click a link, and then telephone the number supplied for techical help/support. We really don't know what the sequence of events were to be honest!

    Nasty7 said:
    The program in question can be checked to see what the install date was, it may have been there for years. Right Click File Location, and see when it was installed. I don't see that program online either, which is weird in itself, most likely renamed icon.
    That is a very good point!
      My Computer


  10. Posts : 1,784
    Linux Mint 18.2 xfce 64-bit (VMWare host) / Windows 8.1 Pro 32-bit (VMWare guest)
       #20

    If you are a really savvy technician, then you might be able to clean the computer. Basically, you restart the computer in Safe Mode, and you then disable all start-up items and services that you aren't absolutely sure about.

    Even doing that, you may not catch everything. Therefore, only a clean install will do it. That means that you do a custom Windows 7 install; and you delete all partitions on the hard drive, then create one new partition, and install Windows on that new partition.

    Everything will be forever gone once you do this, and you will have a clean copy of Windows. But that is the only way to make sure that the computer is free from whatever the scammer put on it.

    Make sure you have all activation codes for Windows and for whatever software you want to install prior to doing this, because you won't be able to get these codes once you do the clean install.
      My Computer


 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:04.
Find Us