Computer hacked... scammer wanted money... how to clean up

sillycat41 said:

I'm trying to help a friend safely get back online. He has Windows 10 but I'm nut sure what anti-virus programs. He was hacked and called the phone number... got the usual routine, they asked for $250 to fix the computer. After he told them that he didn't have credit card and was only 14 yrs. old, they hung up. He is 88 yrs. old but clever. :-D

Anyway, I have to pick up his computer and bring it home to work on it. Other than running anti-virus and spyware scans, what else should I look for? He doesn't have a backup to revert to. What about doing System Restore? Do the hackers plant software on the computers that shut them down? What would I be looking for exactly? I remember using a program called HiJackThis years ago. What is the new method? I welcome any tips. Thanks!

Do a clean install of Windows. Clean Install Windows 10


Your other option is to spend 2-3 weeks, being walked through complete removal...
Virus, Trojan, Spyware, and Malware Removal Help Forum - BleepingComputer.com





Which ever option you choose, make sure to install backup software afterwards. Then help the owner learn to use it.

Macrium Software | Reflect Free Edition


Quickie Macrium picture guide...
Macrium Reflect and Bootable Rescue Media, pictures...


Macrium Reflect User Guide...
https://updates.macrium.com/reflect/...user_guide.pdf

Macrium Notes:
1. A full OS image backup will be approx. 1/2 the size of the total "used space" on the C:\ drive.
2. Backing up takes about 75 seconds for every 20GB of "used space" on the C:\ drive.


Full tutorial...
Backup and Restore with Macrium Reflect

Another simpler option for free backup software would be AOMEI Backupper.
Free Backup Software for Windows 11/10/8/7 - AOMEI Backupper Standard







The easiest, fastest option is to just do a clean install of Windows.
Keep in mind that if there are other drives in the computer, besides the Windows drive... they may be infected too.

But, as I mentioned above... BleepingComputer will walk you through, completely cleaning the computer.
It will take a while. Figure two to three weeks.
BleepingComputer are by far the best infection cleaners you will find. They've been doing this for at least 20 years that I know of.

Hint: whilst Macrium Reflect (free) is a great program, Aomei Backupper is simpler. I've posted a current Pro giveaway - now moved to the Backup and Restore section.

Social engineering is the art of manipulating people so they give up confidential information. The kinds of data these criminals are looking for can shift, but when individuals are targeted the criminals are generally attempting to deceive you into giving them your passwords or bank information, or access your PC to covertly introduce malevolent software– that will give them access to your passwords and bank information and in addition giving them control over your PC.

Criminals use social engineering tactics because it is much easier to fool someone into giving their password than it is for criminals to try hacking their password (unless the password is really weak).

Malwarebytes' scanner
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes' scanner to your desktop.

• Double-click mb3-setup-consumer-3.x.x.xxxx and follow the prompts to install the program.
• Click Finish.
• On the Dashboard, click the 'Check for Updates' button.
• After the update completes, click the 'Scan Now' button.
• A Threat Scan will begin. Please allow it to progress through the scanning process.
• When the scan is complete, if there have been detections, click Quarantines Selected button to allow the program to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs: (Export log to save as txt)

• After the restart once you are back at your desktop, open Malwarebytes once more.
• Click on the Reports tab > Scan Report. (if you have done more than one scan in the past, select the most recent that shows the Date and time of the scan just performed. Press View Report button.
• Click 'Export'.
• Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported".
• Click Ok
• Find the log on your Desktop and Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)


In this video, i will show you how to Use Process Explorer to Identify Malware Infection.