Remote Access

S

Steve T

Suspended / Banned
Messages
1,100
Name
STEVE
Edit My Images
No
My son has allowed one of the dreaded 'you have a problem with windows' arce holes, access to his PC! PC world have suggested he backup everything and they will re install win7 for him for £50.00.
I am happy to do a fresh install, but is it necessary and is that all that should be done.
I told him to change all his passwords and speak to his bank, the obvious stuff but I'm not too sure how serious the problem could be?
 
Thanks Neil, will do that tonight. Is a re install really necessary?
 
Mind and go in and untick the Remote Connection box too.
 
Once someone has gained access, you can never be 100% sure that they haven't left something behind. personally, I would re-install. it's just not worth the risk. If you are not too fussed, do as suggested and run MalwareBytes and a few online scanners such as Trend Micro HouseCall. But like I say, you can only be sure by re-installing.

Or you could take the approach that the New York Times took after they were hacked :-)

http://www.bbc.co.uk/news/technology-21273617
 
Doesn't mean anyone has actually gained access, just that he's ended up with malware on the machine thats been installed by a script or whatever.

I'd agree with Neil, do the scans, if they find something and clear it there is no need for a re-install imho.
 
If system restore is enabled in windows, you may be able to roll back to a check point before the program was installed.

Sometimes the easiest way. But learn from it afterwards and install avg or other or grams to Protect the computer
 
Pull the network lead or turn off the wireless before you do anything. Disconnect that pc from the Internet basically. Then download the program's required to a separate USB stick on another pc and copy them over that way.
 
Byker28i said:
Pull the network lead or turn off the wireless before you do anything. Disconnect that pc from the Internet basically. Then download the program's required to a separate USB stick on another pc and copy them over that way.
Click to expand...

One of the first things malware program's will want to do is update
 
Pulling the network lead (or disabling wireless) is sound advice and is good practice. You should do this the very moment you are aware that a PC has become infected?

Why?

1. To stop malware from infecting further PC's on your network and beyond.

2. To prevent further infection of the PC (often a malware attack can make an infected PC vulnerable to further infection by creating backdoors and compromising your anti-malware software).

3. Often the first attack is just the infection whereby the malware then 'calls home' to notify the writer / author that your PC is primed for whatever deed they have planned for it. This could be reporting your keystrokes and website visits via a key logging script, uploading your files such as browsing history, or using your PC as a 'zombie' to attack other PC's and networks.

4. In many cases you may find that your anti-malware software is unable to complete an update as one of the first things the malware might do is to try and prevent it from getting updates (I've seen this in a high percentage of infections). 'Good' or 'effective' malware attempts to attack the lower level operation of your PC (the area of the operating system that controls your hardware and networking). By using methods such as DNS changing, you will have no idea whether the websites you are visiting are genuine or are infected mirrors.


As well as downloading the program from another machine, many anti-malware programs provide a way to also copy updated definitions from another computer.

Here's the recommended method for using a clean PC to update the MalwareBytes definitions of an infected PC:

http://forums.malwarebytes.org/index.php?showtopic=10138

(See point 4.).
 
Last edited:
I've been surprised by a friend being taken in like this last week - he is a retired teacher so (probably!) no idiot normally.
He seems to have paid someone in Florida the thick end of £200 - and gave them credit card details over the phone!
Barclaycard rang him and asked if he really wanted to do it too.

This was all on the strength of an unexplained pop-up listing about 1000 'threats' making his laptop slow.

Someone took control of the PC and 'seemed to be doing something' for more than three hours.
 
Last edited:
Thanks for all the help guys, he hasn't used it online since and I'm waiting for him to bring it over once he's copied all his bits and bobs.
Another lesson learned the hard way!
 
You must log in or register to reply here.
Back
Top