Spyware, Viruses, & Security forum

General discussion

My friend got scammed; please help make her PC safe again

by Lee Koo (ADMIN) CNET staff/forum admin / November 11, 2011 6:48 AM PST
Question:

My friend got scammed; please help make her PC safe again


Dear members, I hope you can help. My friend bought her first used computer. A few days later she received a phone call from someone in India who said my friend had more than 1,000 computer errors on her new computer and if she didn't do something, her computer would crash. Since my friend was very naive, she accepted what the person was telling her, then the person in India managed to talk my friend into letting her "into" her computer where she had control of the cursor. In the end the lady in India tried to sell my friend something that was, say £200 ($322) but she could have it for £50 ($80) or some lesser amount. This is when my friend realized she had been taken.

My friend went to where she bought the used computer and the salesperson said there is nothing she can do because the person in India managed to get into her software. He told her just don't put any personal information on the computer.

My question is: Is there anything she can do to make her computer safe again? Kind regards.

-Submitted by: Janet

If you have any advice or suggestion for Janet, please click on reply link below and submit away. Please be as detailed as possible when providing a solution for her. Thank you!
Post a reply
Discussion is locked
You are posting a reply to: My friend got scammed; please help make her PC safe again
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: My friend got scammed; please help make her PC safe again
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
more than scammed
by tedtks / November 11, 2011 8:14 AM PST

if the india lady had full access to the pc - then there could be more things hidden than
the usual virus programs can get to.
I,, personally,, would format the drive and reload all !
you should be done in about an hour - depending on how many other programs she
has/had on there - that she wants to keep/use.
then download Avast Free from Cnet and she should be good to go.

Collapse -
Indian scam
by asrobs. / November 11, 2011 11:49 PM PST
In reply to: more than scammed

I would recommend she contacts -bleeping computers -it is an American company who will suggest all the options to clear her PC of rubbish ,it could take a few days to run all their suggestions but I was completely satisfied with their help.

Collapse -
Cleaning the computer.
by Bill Barker / November 18, 2011 9:17 AM PST
In reply to: more than scammed

Reformat and Re-install windows it is the only truly safe way to clean a used computer.

Collapse -
Definatly clean the computer..
by Pennydog2 / November 18, 2011 12:41 PM PST
In reply to: Cleaning the computer.

Not only reformat but on any secondhand harddrive I always do a Zero File Format. As with experience I had with one hardrive where I did the usual format and reload. This particular virus reemerged and the harddrive was short a few Mb and had damaged sectors. After a zero file format it gained some extra Mb and lost a few damaged sectors. This harddrive is still ticking away quite nicely even after five years.

Collapse -
Only one problem there...
by JCitizen / November 20, 2011 11:32 AM PST

Most folks don't have a zero fill utility that will avoid destroying the recovery partition, that is so prevalent in most PCs now. Also - what was called "zero fill" or "low level formatting" has changed. Modern hard drives mostly use utilities called "diagnostics" that do what is essentially the same thing. I read, for example, on the Western Digital web site, that modern drive controllers are geared to work with the Windows operating system installation process to format hard drives. So folks may find it hard to find the perfect solution.

Collapse -
Reply to Cleaning The Computer.
by nahnot4ulol / November 18, 2011 1:30 PM PST
In reply to: Cleaning the computer.
Unfortunately I agree that REFORMATTING and Reinstalling the Operating System is the Safest Option. BUt Be Sure to Reformat it.
Collapse -
Things to consider.
by webserf / November 20, 2011 12:26 AM PST
In reply to: more than scammed

It depends on what the computer was originally used for, and what might already have been installed by the previous user.
Also, the version or brand of OS software installed. You didn't mention whether it was a Apple/Mac, or an IBM-based computer. Assuming it is IBM, remote access can be turned off in Windows, and these people are busy making money off of unsuspecting naive users so once you do that, all that is left is to run virus scanning software to clear out any malware that may have been installed.
Also, assuming it's a Windows OS, you can do a "System Restore", that will usually remove registry changes if that restore done for a date PRIOR to the remote access.

Like many have said, to do a full disc zero data format, and then reinstall the OS does give her the best chance of having trouble free use of that computer. Late-Model computers have the Operating System Media on the hard drive already (usually marked as drive "D" "Restore Partition" for example), and so a full format would possibly erase that so be careful.

If the computer came with physical DVD/CD's for the OS, then even better. I have a feeling not.

In advising someone like your friend, it would very much depend on how the computer is being used, and then if any suspicious activity is occurring after the remote access. As I said, remote access can be blocked, (do a google search for her particular OS regarding the settings). System Restore, and then keep malware and virus protection software up to date.

Collapse -
It depends on what she has available to work with
by 4Denise / November 11, 2011 8:31 AM PST

If your friend has the media to reinstall the operating system, then she should be able to fix the problem. It is a little more than just a simple reinstall, however. She should completely erase the hard drive and make sure it is empty before reinstalling. If she has data on the computer then she might want to consider just letting the data go. She can back it up and try to keep it, but since nobody knows exactly what this person did it could be risky.

There are programs available that will completely wipe a hard drive clean. Once that is done, it will need to be partitioned and formatted over again and the operating system will then need to be reinstalled. Do not do this without making sure that the necessary numbers for all software (especially the operating system) are available, because once the hard drive is clean there will be no way to get the data back.

If she does not have the media to reinstall then she has a problem. This is quite possible, since she bought the system used. I don't know what other computer shops do, but the one I use would provide a disk if she didn't have one. It sounds like the one she dealt with isn't so generous. She may have to purchase a new operating system or beg a copy off of someone else if she has access to the information she needs to reinstall (look for a sticker on the case).

In any event, a good class on computer security would be a good thing for her to take immediately after getting her computer functioning properly again. There are free classes offered online.

Collapse -
If you read the post...
by rmazzeo / November 11, 2011 10:30 PM PST

...the friend is very naive. If she got herself into this problem, she certainly won't be able to get herself out of it. She needs to get herself & her PC to a professional & have it wiped & reinstalled - period.Then she should sell the computer immediately & not bother with one again until she takes a class or 2 in how to use it.

Collapse -
reinstalling media
by Piercan / November 12, 2011 1:43 AM PST

If the owner of the computer has the licences for Windows and whichever Office suite she is using, the store should be able to do the re-install from their own professional software. Other software will have to be downloaded again.

Collapse -
"I say we take off and nuke the site from orbit...
by Flirkann / November 11, 2011 8:34 AM PST

...It's the only way to be sure."

Whilst Lt. Ripley is discussing the ideal way of handling a swarm of rampaging aliens, the intent is still the same:

The only way to be absolutely certain your friend's computer is safe to use again, is to scrub the hard drive of all data, and start over with a clean installation of an operating system.

You, Your friend, Us, the Computer Geek next door, or the IT Pro in town; none of us know exactly what was done to that computer while the remote control session was active, so can never be sure that everything was reversed or neutralised if the machine is worked on in an "As Is" state.

If the machine is a brand name, you or your friend can try speaking with the vendor support teams about using the Recovery/Restore Discs that hopefully came with it to perform a full "format you PC and lose all of your data" type Factory Restore, otherwise the best thing to do is to get that machine into the hands of someone competent in computer servicing for restoration.

If the PC was running Windows, recovery can be made that bit longer/more expensive if the machine does not have a Windows Key and Certificate of Authenticity on or with it, as a new license would be required for legal purposes.
Fortunately Windows Vista and 7 allow themselves to be installed and operated for a limited time without a license to trial the operating system and acquire a license later, older editions are not so friendly.

Collapse -
Cleaning the Machine
by tazmo8448 / November 11, 2011 8:43 AM PST

What ever you choose to do if it were me I would go on line and down load Malwarebytes/Anti-Malware and Piriform CCleaner/Defraggler and run a deep scan and driver wiper respectively and with CCleaner I would go through all the programs that clean every thing, they are free and work very well

Collapse -
(NT) Since It's new to Her, She could use a "Wipe Disk" like Spyt
by snoopindaweb / November 19, 2011 11:30 AM PST
Collapse -
Got scammed
by blaineclrk / November 11, 2011 8:53 AM PST

Since there doesn't sound like there's any important info or documents on this learning tool computer, I'd start off with doing a clean reinstall. That would wipe any virus and remove any possibility of there being any other rogue programs, but if your friend isn't comfortable doing this, being a newbie and all, I'd ask a knowledgeable friend to help or take it to a real shop, for sure not where she bought the computer. If she'd rather try cleaning it up herself with a good anti-virus program and a good adware removal utility, she could try that, again with a friend's help. One thing about this, your friend wanted to learn about computers and really, this is a good thing as long as she didn't loose any money or any personal identification information because if she gets a chance to do it herself or if someone can help her through this, it's certainly going to be a learning experience! I don't know if I'd try doing a restore after a thorough cleaning, but this too would be good experience. The more a person learns of the workings and terminology of their computer, the better off they are in the long run. This'll help her learn file structure and so much more if she wants to learn to efficiently work on documents, listen to music and more.

PS; Microsoft released a statement earlier this summer that this sort of scam is on the rise.

Collapse -
How to make the computer safe.
by cleomc / November 11, 2011 8:59 AM PST
Run a recovery on the computer to put it back in the condition it was in when it left the factory. This will leave it with a clean operating system and all the programs installed at the factory. Get a friend to help. as I recall, one starts the safe mode process and chooses this option from a menu. George
Collapse -
hate those calls from India
by wojtas0 / November 11, 2011 9:18 AM PST

I agree with the other respondents that say to totally clean the hard disk and reload.
Hard disks are not that expensive anymore so if you have a friend that is computer savy maybe you toss the hard disk you have and upgrade to a newer faster disk with more capacity.
Maybe you can get a quote from the Geel Squad.

Collapse -
Making compromised computer safe again
by Piercan / November 11, 2011 9:26 AM PST

Get the salesperson to reformat the Hard Drive and (re)install Windows7; then get *good* internet security software (Norton, MacAfee, AVG...). Your computer should be as good as new.

Collapse -
Recovery from an invasion
by wdemedio / November 11, 2011 9:27 AM PST

The only way you can be 99.99 % sure that this person cannot access your system is if you reformat your hard drive and reload your operating system. If you want 100% certainty, replace the hard drive, format it, and load a new operating system. Any personal information you may have had on the computer you let her hack needs to be changed immediately. This includes usernames, passwords, credit card numbers, phone numbers, important scans and photos, and anything else that may compromise your own or other's security. I would like to know how this person in India was able to find out that you bought a used computer and your phone number. As long as you didn't make it public information e.g. post it on facebook, I would strongly suspect that the person you bought it from set you up. If so, you should report that person to the police. Good luck. For future reference, let me quote scarface: Who do I trust? I trust me.

Collapse -
How get phone number?
by gordon451 / November 11, 2011 11:11 AM PST

"I would like to know how this person in India was able to find out that you bought a used computer and your phone number."

They don't have to. Use the built-in dialler in Windows, and feed it a set from a text file. About the posession of a computer? How many people do you know who don't have one?

This scam is prevalent in Oz, and we have frequent fun with the leeches, by stringing them along and wasting their time -- we once had them tied up for an hour, "following" their instructions, then when we got bored, we simply told the idiot "we don't have a computer!" He wasn't very amused...

Fix? Format C drive, partition to C: and D:, re-install Windows. Most current versions will allow moving "Documents and Settings" to D:\, so backup is not such a problem.

If there isn't a CD, just buy one from Ebay or Amazon, they don't cost much and most are genuine. This offers the chance to get the latest SP slipstreamed in.

Gordon.

Collapse -
How the get your number
by xenbb / November 11, 2011 4:53 PM PST
In reply to: How get phone number?

here is a story from yesterday. I got a similar call. From a one Justice Sighn. A distinct Hindi accent. Claimed to be from Cape Town South africa. Claimed to represent a respected IT company. Claimed they had received complaints about my computer sending errors on the internet that interfere with anothers OS.

I asked for my name, he told me. I asked my address he told me. Now I am one for privacy and do not have my number listed. The name was right the address given was for my wifes company. This can only mean one thing, the results of information we give to our creditors and government. These are sold on and becomes the property of these criminals.

The thing that struck me was that he was somewhat insistant. He made the error of asking if I owned the computer and whether I was online and if I had DSL. Seemingly innocent questions but to one who was suspicious of the accent being non resident to start I thought the questions strange. The second, him having information that should not be public domain. Lastly if he know who i was and had these "complaints" why did he have to ask if I owned a computer.

Despite mu paranoia I have already been caught with a URL download sent by a trusted friend that installed a backdoor virus that deactivated the Antivirus and rewrote the antivirus update. It turnout that he never sent the URL but had similar malware.

My advice is listen hard to what is being said. Be difficult. Tell them to phone back later as you are busy. Never, no matter how bad you are told your computer condition is, do not log onto any url, use chat, download or screen share even if you do not know the person really well. Alway phone your local computer shop for advice if you are unsure. Always check with your friend. Always be sure that you have a live site check anti virus or malware running. I might add that in my case I still got the Virus.

Collapse -
How or where they get your number...
by melsrockpile / November 21, 2011 8:44 AM PST

The scammers just don't stop... They keep calling and calling and calling!.How or where they get your number is irrelevant. 99% of all the calls I receive that ask me to log on to some website or another, are of east Indian Accent. After they tell me who they are and why they are calling, I simply ask them to "PROVE IT!" PROVE who you are!!! There is simply nothing they are able to say on the phone that can prove anything. NOTHING!
I have personally had conversations with genuine MicroSoft Technical support (Calls that I made) and believe me when I tell you: Microsoft does NOT, nor will ever make phone calls to consumers about error issues and furthermore... any error messages are logged, and logged only. They are not followed up. Can you imagine trying to follow up all the error messages from the few billion computers on the planet? NOT!
You can check your own error messages - simply type in "eventvwr.exe" in the run command.

I did notice that very few people who are recommending to re-format the hard drive and re-install the OS, are failing to mention to delete the partition and create another. (Some programs include that step... others don't)
Another recent phone scam is the calls from various Banks looking for your personal information. Under no circumstances do you give out information over the phone! Even if they really are genuine banking personel !

Collapse -
please make my friends computer safe again
by gene_71 / November 21, 2011 6:12 PM PST
In reply to: How get phone number?

LOL!! Gordon451, way to go. I bet he wasn't very amused. ROTFL!!

Collapse -
Easy
by Corrytonapple / November 11, 2011 9:47 AM PST

Reinstall Windows. You have have gotten restore discs with the computer... but if not she can buy retail discs and just reinstall whatever OS is on there.

Collapse -
My friend got scammed; please help make her PC safe again
by pauly1651 / November 11, 2011 9:58 AM PST

You don't need a long winded answer for this question, here's what to do...
1. Back up all your personal stuff..pictures, documents, videos etc.
2. Reformat the hard drive(s)
3. reinstall the operating system.
4. Install Malwarebytes, AVG Anti Virus
and your personal stuff back on the PC.
5. and NEVER again, talk to people you don't know, that want to fix your computer over the phone, that say they need to have control of it.
The personal computer world can be a wonderful, and rewarding thing, but there are trolls, spammers, phonys, and just plain rotten people out there who love scamming folks who don't know any better. So, be smart.

Collapse -
PC Safety....
by BonnieFinn / November 11, 2011 11:30 AM PST

Hello Janet, I think I finally understand what you mean by "make her computer safe again"... I was fairly certain that your friend had no intention of letting anyone "take over" her computer again, so perhaps you're thinking that the woman from India still has access and can use it anytime? Or it's a tiny language blip and "again" sort of means "from now on"....Is this about right?

Collapse -
Say what!?
by blaster46 / November 18, 2011 6:18 PM PST
In reply to: PC Safety....
Bonnie, you brought up the point about needing a drink. From your rambling here it sounds almost as if you had already had one-too-many before you started writing this confusion you posted.
Collapse -
There is more than your computer at risk
by lzmorgan / November 11, 2011 1:22 PM PST

If you had any banking or personal information on your computer, you should also go to your bank's web site once you have a clean computer and change your password. Do this with any passwords you had for any site that is critical, as depending on your browser and practices you may have had some stored. I don't know what they may have gotten, but be safe. Do NOT log into any secure sites until you clean the PC, in case they put a key-capture program on there to catch your passwords as you type them.
Be sure to monitor your banking and credit reports carefully for the next while, to make sure nothing has been done in your name.

Collapse -
My computer got Scammed
by Shirl1pete2 / November 11, 2011 3:34 PM PST

I had a similar experience but realised it might be scam before I had given too much information. However I had unwittingly given a number that worried me.so terminated the call. Not being a computer expert I checked with a number of more experienced users and opinions varied with nothing conclusive.
I therefore took the expensive option and bought a new lap Top. Not a good reply I admit but it gave me some peace of mind.

Collapse -
Three more things to do...
by JCitizen / November 20, 2011 12:41 PM PST

The question was how to make the computer safe again. Well you can not really make a computer safe anymore, when folks are using them for shopping and banking. Paypal can protect you from careless vendors, but what if the crooks read your hard drive? What if they read you keyboard or make screen shots?

Collapse -
RE:
by Will929 / November 11, 2011 3:57 PM PST

You can do a complete hardware rest which gets rid off ALL of the computers downloads EXCEPT FOR DEFAULT PROGRAMS and this should solve the problem
-best regards Will Happy

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech explained

Do you know what an OLED TV is?

CNET explains how OLED technology differs from regular TVs, and what you need to know to make the right shopping decision.