Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Restore Access To Hacked Windows 7 PC?
New Posts  All Forums:Forum Nav:

Restore Access To Hacked Windows 7 PC?

post #1 of 4
Thread Starter 
My uncle unfortunately fell victim to a scam caller today who pretended to be from Microsoft and gave him remote access to his computer (yeh I know!)

To make things worse, the scammer added a password to Windows (Windows 7 Home Edition I believe) so is now unable to access his computer. I offered to try help him at least recover his personal files tomorrow (if they havent been deleted)... So how would you guys go about it? Ive thought of a few possible options:


1. Perform a system restore - would this remove the password or even be possible without entering a password though? If particularly evil they might have deleted all recovery points.

2. Plug hard drive into another machine as a slave drive then copy files over. However will I actually be able to access the user files without a password? I forget how sophisticated the security is on Win7. Plus although unlikely could they have installed something to infect a second computer or added a backdoor? Obviously I dont want to put another computer at risk by doing so.

3. Use a Linux Boot CD (KNOPPIX) to boot in without Windows to gain access to the personal files (again not sure how secure Win7 is against this though?)

4. Or finally, try resetting the password but not sure of the process.


Thanks for any advice! smile.gif
post #2 of 4
Number 3 should work fine to get to the files.
I forget the name at the moment but there is a program you can run in the linux live environment that can run the windows password through some rainbow tables to find what it was changed to. Its a long shot but the new password may be found that way.
Xelf
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7 4770k @ 4.0Ghz Asrock z87e-itx Sapphire Tri-X 290x GSkill Sniper 2x8GB 1866 
Hard DriveHard DriveCoolingOS
Samsung 840EVO 500GB HGST 1TB 7200 Noctua NH-D14 Arch Linux 
OSMonitorKeyboardPower
Debian 8 Qnix QX2710 Razer Black Widow Chroma Seasonic G series 650W 
CaseMouseMouse Pad
Node 304 Logitech G502 Roccat Taito mid-size 
  hide details  
Reply
Xelf
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7 4770k @ 4.0Ghz Asrock z87e-itx Sapphire Tri-X 290x GSkill Sniper 2x8GB 1866 
Hard DriveHard DriveCoolingOS
Samsung 840EVO 500GB HGST 1TB 7200 Noctua NH-D14 Arch Linux 
OSMonitorKeyboardPower
Debian 8 Qnix QX2710 Razer Black Widow Chroma Seasonic G series 650W 
CaseMouseMouse Pad
Node 304 Logitech G502 Roccat Taito mid-size 
  hide details  
Reply
post #3 of 4
Thread Starter 
Thanks, all fixed now thumb.gif
post #4 of 4
Happy to help.
Xelf
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7 4770k @ 4.0Ghz Asrock z87e-itx Sapphire Tri-X 290x GSkill Sniper 2x8GB 1866 
Hard DriveHard DriveCoolingOS
Samsung 840EVO 500GB HGST 1TB 7200 Noctua NH-D14 Arch Linux 
OSMonitorKeyboardPower
Debian 8 Qnix QX2710 Razer Black Widow Chroma Seasonic G series 650W 
CaseMouseMouse Pad
Node 304 Logitech G502 Roccat Taito mid-size 
  hide details  
Reply
Xelf
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7 4770k @ 4.0Ghz Asrock z87e-itx Sapphire Tri-X 290x GSkill Sniper 2x8GB 1866 
Hard DriveHard DriveCoolingOS
Samsung 840EVO 500GB HGST 1TB 7200 Noctua NH-D14 Arch Linux 
OSMonitorKeyboardPower
Debian 8 Qnix QX2710 Razer Black Widow Chroma Seasonic G series 650W 
CaseMouseMouse Pad
Node 304 Logitech G502 Roccat Taito mid-size 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Restore Access To Hacked Windows 7 PC?