1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

How to rescue a hijacked Windows 7 machine?

Discussion in 'Windows 7' started by OM2, Jul 18, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    A friend had a call from 'Microsoft'.
    They changed his password and demanded a £10 ransom.
    He put the phone down.

    His laptop is a Windows 7 one.

    Is there anyway I can get in and change or reset his password somehow?

    If the answer is no... what's the best way of doing a complete reinstall?
    He's got teh serial number below on the sticker. Can I download and reinstall?

    What should I do for the hard drive? Format? Use Fdisk or something?
    I used Fdisk a long time ago... can't remember what I used for actually!

    Thanks.
     
  2. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,672
    In such circumstances, my reaction would be to nuke & pave the machine to ensure it's free of malware. If there's important personal information on the machine he'd like to keep, perhaps consider booting with a Linux live CD to pull the information onto backup media.

    Since he has the product key, you can download Windows 7 ISOs from here to do the re-installation. Is it a case of whenever your friend boots the system, it asks for a password and won't let him progress without it? If so, that implies a change in syskey to me. There are various how-to's out there for removing this pest, but I've found them to be largely hit & miss. That's why I recommend a re-installation of the OS from an ISO, since this will take care of the situation.
     
  3. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,325
    First Name:
    Karen
    As I'm sure you're aware, we don't assist with password issues. However, I'm leaving this open to discuss the other options mentioned.
     
  4. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    @lochlomonder great advice.
    i'll do this.

    syskey?
    not sure.
    he told me that they took remote control and while he was in the kitchen, he could see them on the user profile page changing the password.

    i don't want to risk anything - he might have all sorts of nasties.
    so i will try ISO way after linux boot

    QUESTION: will i be able to access the hard drive? i booted from Linux Mint on another latop and am sure i couldnt access the main hard drive. i'll try again though.

    i looked up on youtube and saw a way you can 'break in'. but i don't even want to go there.

    @Cookiegal thanks. i think the problem is something many others will face.
     
  5. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,672
    OM2,
    Yes, you'll be able to read the hard drive. Within Linux, the convention used is SDA1, SDA2, SDA3, etc. These denote the first partition on drive 1, the second partition on drive 1, and then the third partition on drive 1. If the PC has an additional drive with multiple partitions, these would show as SDB1, SDB2, SDB3, etc. Does this make sense to you?

    I'm guessing for the machine in question, you may want to look at SDA2, since I think this is where you'll find the OS and data files. If not, just explore each drive shown to discover where they're saved.
     
  6. plodr

    plodr

    Joined:
    Jun 27, 2014
    Messages:
    19,137
    First Name:
    Liz
    Someone can only do this if he/she turned on Remote Assistance. It is off by default in Windows 7.

    Did he/she turn it on? If not, then perhaps the password was not changed. Has it been checked to be sure it was actually changed?

    If people would just spend the time imaging a computer!!! It takes lees than an hour to restore an image and then all the unlucky person would need to do is be sure the browsers and flash are up to date.
     
    lochlomonder likes this.
  7. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    thanks for all replies guys.

    i could read the hard drive from linux - but couldn't search. i wanted to search for all *.docx and *.jpg and backup files and then restore.
    linux could see the files - but couldn't do a search.

    i then took out hard drive - think i could attach to an external case and access.
    access was blocked - guessing it was microsoft 'sophisticated' way of encrypting.

    so i then booted into linux again and had to access and copy files by selecting a few at a time by going through different folders.

    now going to download iso @locklomonder gave above.

    THANKS for all the help.
     
  8. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,672
    I couldn't agree more. I know some disc imaging programs can be daunting for those unfamiliar with the concept, but I've been impressed with the freeware version of AOMEI Backupper. I've installed this for people I've helped, so I can ease them into the process of regular imaging, and the learning curve has been slight for them.
     
  9. lochlomonder

    lochlomonder

    Joined:
    Jul 24, 2015
    Messages:
    2,672
    You're welcome, OM2 (y)

    As plodr mentioned: once your friend gets his PC back up and running, imaging the PC would be a real boon. It's a lot easier to get a machine back up and running after things go awry and that's why I recommend AOMEI Backupper, as I mentioned in my previous post. Disclaimer: I don't work for the company or derive any financial gain. I just believe in credit where credit's due...heh
     
  10. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    guys...
    i tried to download the ISO
    microsoft told me that the serial belonged to a pre-install and that they didn't want to help me. :(
    oh well.

    i had to just resort to the inbuilt restoration to take back to 2012 settings.
    only 6 years. :whistle:

    question: what should you do in such a case?
    how do you do a restoration?
    i've actually got the original CD (or DVD) as well... so all wouldn't be lost whatever happened.
    but someone could have a corrupt hard disk or something + maybe lost the original restoration disc - and be completely lost?

    EDIT another question: how do i get the updates the quickest way? it's going to take many many many hours to get everything upto date!
     
  11. plodr

    plodr

    Joined:
    Jun 27, 2014
    Messages:
    19,137
    First Name:
    Liz
    You make images regularly so the computer never has to go back several years. I have not needed to restore a computer to its original state. The worst I've had to do was this year when I had to restore an image to my desktop computer in March. The image was from December 21st. I then had to update two browsers, flash, SpywareBlaster, Malwarebytes. my av and 7-zip. Since the January and February updates were really slowing down the computer, I chose not to install them again.

    Sorry but there is no quick way to get 6 years of updates.
    Look over all that are offered and do 2012 first. Reboot. Then to 2013 and reboot. Keep going until nothing else is offered.

    Don't do any driver updates offered - ever.
     
  12. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    how come?

    the problem is that it's not for me. it's for a non techno old aged person. :)
    he's a top block and i feel so bad that some idiot hijacked his machine.

    as for not being able to download ISO - i think that's disgraceful of microsoft.
    there are zillions of people with microsoft on their laptops.
    of these how many bought a license from microsfot independently and therefore can use the download facility?
    surely it must be just a few thousand around the world?

    time to ditch microsoft and move to linux.
     
  13. plodr

    plodr

    Joined:
    Jun 27, 2014
    Messages:
    19,137
    First Name:
    Liz
    You can download ISOs. You go here
    https://www.majorgeeks.com/files/details/microsoft_windows_iso_download_tool.html
    grab the tool, then run it and it will list the various version of Windows 7 available for download.
    I've used the tool in the past to download 32 bit and 64 bit versions of Home Premium and Pro.

    I resemble that remark. :D I'm 71.

    MS drivers can break things. If you ever heard the saying "if it ain't broke, don't fix it". Years ago MS suggested a driver for my ethernet. I took the advice and allowed it to be installed. I then had no internet access. Thinking I did something wrong, I rolled back the driver and tried again. I had the same result - no internet.
    The absolute best place to look for drivers in the manufacturers' website. If they aren't offering any updated drivers, then don't update.
    I rarely find it necessary to update drivers.

    Before you jump on the linux bandwagon, make sure your hardware is compatible. Linux has gotten easier but it is still not user friendly.

    I prefer my android tablet to running linux on my netbook. It is more user friendly and updating is behind the scenes unlike linux where you have to fire up package mangers, set specific repositories and search for updates.
     
    OM2 likes this.
  14. OM2

    OM2 Thread Starter

    Joined:
    Oct 28, 2007
    Messages:
    973
    apologies for being careful...
    but how can i trust this website...?
    where do they get the ISOs from? do they download from microsoft?
    why do i need to download a program to download an iso? why can't i just get a download link?

    still don't get why microsoft make it so hard :(

    that's pretty young i think. :)
    you're as old as your mind thinks it is.
     
  15. plodr

    plodr

    Joined:
    Jun 27, 2014
    Messages:
    19,137
    First Name:
    Liz
    MS will not give you the download links if you have an OEM serial number, MS refuses to let you download a thing. MajorGeeks is a trustworthy site. I've downloaded from them for years. Those who know me from at least half dozen forums I frequent know I never post links to dodgy sites.

    MS makes it hard because they want everyone to get with their program and move to Windows 10. That's not my plan.

    If you don't trust the site, then don't download the ISO.
    You could always download the ISO then scan it with malwarebytes and your av program. (Right click and select scan with - your security programs should have entries in the right click menu). I routinely do this if I download something I'm not 100% positive about.
     
    OM2 and lochlomonder like this.
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1213124

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice