We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
What to do with possibly compromised PC

UncleZen
Posts: 851 Forumite


in Techie Stuff
Got a call earlier from my elderly mum, who said that she had a message pop up on her computer to call microsoft, which she did. The MS lady "fixed" loads of stuff and "installed something" (which sounded like malwarebytes from her description). She didnt pay out any money.
She was genuinely convinced she was talking to MS.
I told her about social engineering and that her PC may now be compromised and that she should switch it off and not use it, which she has done.
I now need to check it. But what should I check for? Should I rebuild it from scratch?
Advice?
Thanks
She was genuinely convinced she was talking to MS.
I told her about social engineering and that her PC may now be compromised and that she should switch it off and not use it, which she has done.
I now need to check it. But what should I check for? Should I rebuild it from scratch?
Advice?
Thanks
0
Comments
-
Goodness only know what is on there.
1. treat it like it is infected with COVID - anything you plug in there from now on do not plug into any other computer eg at home
2. power PC on, plug in a blank usb stick, copy off any data your mum wants to keep (eg documents, photos).
Re-install system from scratch, booting from eg DVD or bootable USB stick - format the drive before re-installing. OR you can go to settings / update and security / reset this pc and do it there but I personally would go the DVD / USB route.
Once up and running, ideally restore personal files from an old backup ie pre 'MS engineer' - these are unlikely to be infected. Otherwise, well you have them on the USB stick you made - I would be very very wary of putting that in the new machine. Depends on how precious the data is - it's crap shoot. If you do, make sure autorun is disabled.1 -
Yes for me it would be a full wipe unless machine has a backup image .
1 -
How best should I protect this PC in the future, assuming that its operated by a PC Numpty (which it is really). Like no Admin rights for example.
Thinking back: I once remember her telling me she got an Email from a friend who was apparently stuck in Dubai or somewhere without money. Click link to send some money for him to get home. She didnt follow the link. Because she had seen him 2 days before and he didnt mention going to Dubai.
0 -
Yes you can change the password to the admin account and create a user account for her.
Make sure you change the password to the hidden admin account too - not that your mum will find it but the 'MS engineer' will. Google it.1 -
UncleZen said: She didnt pay out any money.She was genuinely convinced she was talking to MS.
If you put your general location in your Profile, somebody here may be able to come and help you.1 -
grumpycrab said:UncleZen said: She didnt pay out any money.She was genuinely convinced she was talking to MS.0
-
UncleZen said:grumpycrab said:UncleZen said: She didnt pay out any money.She was genuinely convinced she was talking to MS.If you put your general location in your Profile, somebody here may be able to come and help you.0
-
Is there any data stored on the machine which needs to be retained?In which case you might need to air gap it and copy off any important files/folders.I have had exactly this situation twice with my Mother. Here is where I'm at currently:
I have a low power PC (Intel Atom NUC) running a PiHole. This blackholes DNS requests for domains which are use for tracking/malware/phishing etc.. I have added a number of extra blocklists to it.Said low power PC also does some basic network monitoring via Zabbix. That's more helpful for the support calls rather than anything else right now.Aside from that, she doesn't have admin access on the machine and support is provided via Microsoft Quick Assist.A dream is not reality, but who's to say which is which?0 -
UncleZen said:Got a call earlier from my elderly mum, who said that she had a message pop up on her computer to call microsoft, which she did. The MS lady "fixed" loads of stuff and "installed something" (which sounded like malwarebytes from her description). She didnt pay out any money.
She was genuinely convinced she was talking to MS.
I told her about social engineering and that her PC may now be compromised and that she should switch it off and not use it, which she has done.
I now need to check it. But what should I check for? Should I rebuild it from scratch?
Advice?
Thanks0 -
Just a suggestion, but my mum was constantly struggling with her laptop and fell for one of these scams. In the end, we clubbed together and bought her an iPad which are pretty well locked down and are of no interest to these sort of scammers. We also set her up with a call blocker which has successfully stopped all scam calls.1
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 350.6K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.4K Spending & Discounts
- 243.6K Work, Benefits & Business
- 598.3K Mortgages, Homes & Bills
- 176.7K Life & Family
- 256.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards