Hacked computer problem

Wingcowyn
Wingcowyn Member Posts: 15 New User
edited March 2023 in 2017 Archives

i have been having great problems with windows update, and after 10 attempts by microsoft and Tesco technicians, it seems to be working at the moment. One fix by microsoft was to create a boot flash drive and completely reinstall windows 10 on my Acer Aspire ES1-571-P1VN. This also got rid of all the on screen icons placed there by the manufacturer, so i telephoned who i thought were Acer on a freephone number ************* who called themselves Acer UK, to ask if i could re download them. They answered stating that they would need remote acess to scan my  system for problems. When doing thi in command prompt the found something callede Torpig, a form of spyware and said that they would need to install a program to get rid of it. They also said that i should do this on any other computers that i had. At this point i told the chap that i was not happy and clicked the window shut. Ilater found the correct number for Acer support, who said bthat they would never ask for remote access. I am cocerned that my computer may be hacked and a friend told me that the only way to be sure that there was not spywear on there was to reset windows selecting that all files be removed. I am now doing this but am still cocerned that this would not remove the hacking program if it was installed. I am not a computer expert and would be grateful for any advice.

Thanks,

Peter

 

[edited to remove # so others don't use it]

Answers

  • Trikein
    Trikein Member Posts: 25

    Tinkerer

    Where did you find the number you called? Sounds like you googled the wrong number and got ahold of someone pretending to them and they probably installed ransomware on your PC. I think that kind of problem is outside the scope of this forum. I would suggest trying a malware forum forums.malwarebytes.com or www.bleepingcomputer.com/forums/ for a list of programs to try running to find the malware. A full reinstall usually takes care of any malware, just make sure you delete any backups or recovery partitions on the drive where the malwaree may be hiding. There are still a few kinds of malware that can infect you after that, but those are rare and I don't think Torpig is one. Either way, those two forums would be the best place to ask. Just keep your PC offline or turned off until then.

  • doughjohn
    doughjohn Member Posts: 353 Mr. Fixit WiFi Icon

    Hi

     

    I suggest you try a good anti-virus and a trial of Malwarebytes. 

     

    Since you have a flash drive with Windows 10 on you can do  a clean install yourself.  It does not put back the missing Acer icons.  However you should read up on re-installing using any Acer recovery area that there may be.

     

    It may have been cleared by the install, but you may have a folder called Windows.old on your screen.  Is there such a folder?

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Hi,

    There isn't any such folder on my screen, if you mean the desktop, and the remote access program that i downloaded has disappeared from the recycle bin. The only icons on my desktop now are those that were on it from new. this is a brand new comuter which i had not yet used because of bissues with windows update.

    interesting that i have had the manufacturers desktop back with all its icons after doing the reset, as they were all lost after doing the new install of windows 10 from microsoft.

    I still have the update issue, where windows cannot connect to update or gets stuck at 0% trying download an update that it has already downloaded. if i try and update Windows defender manually i get error code 2145123272.

    It is reall annoying that these problems are on a brand new computer from the factory and Tesco will not refund or exchange the machine because they say it is a softwear error.

    Thanks,

    Peter

     

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Hi Doughjohn,

    Just opened up Acer C: and noticed that there is a Windows folder and a Windows.old bfolder there as well as SWindows.~BT.

    I should say that i am using Windows Defender.

    Should i delete the Windows.old?

    Thanks,

    Peter

  • Trikein
    Trikein Member Posts: 25

    Tinkerer

    I really think you need proffesional malware/ransomware help. I would really suggest Bleepingcomputers.com. What ever problems you had with the laptop are moot now, as you infected yourself with malware by mistake. That needs to be fixed before any problems from the manafacture are fixed. It's like if you just bought a car and the breaks didn't work so you go to a shop but instead of fixing your breaks, they remove your engine. Sure, the breaks still need to be fixed, but that does no good if the car isn't moving.

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Thanks everyone for your replies. I discussed this with a computer engineer that i know and went through my experiences with him. I told him that after the remote control was added, this chap pointed out this torpig thing to me and baskede if he could install a program to remove it. At that point i bsaid no and deleted the remote window off the screen. And deleted the remote program item on my desktop.

    He said that to install this other program would have required permissions to do this and askede when i nwas monitoring the screen if this occurred. I told him that this did not occur because i deleted the window immediately he asked me to have this other program installed.

    He is of vthe opinion that he did not have a chance to install this ransomeware progaram, but bfor peace of mind said that the reinstall, provided i took the options to remove all files, which i did, should have cleared any problems up. He told me to delete the windows.old folder, and to delete it from the recycle bin.

    I had the number off the net when i searched for Acer uk. It came up before the official site and number.

    I think this number should have been left on the forum to makie people aware and to warn others not to use it. 

    If this forum is monitored by Acer, then i think that they should look into it.

    This is a brand new computer with no information on it at present and i will check out the links provided before i enter any in.

    Any other opinions welcome.

    Thanks,

    Peter

     

     

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Hi again,

    Iam trying to delete the Windows.old file, but i get a message stating acess denied, you need permission frpm SYSTEM to do this.

    Any suggestions how this could be done?

    Thanks,

    Peter

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Hi,

    I have worked out how to remove the Windows.old file, and removed it. I amm now checking out some of the links. I wonder of it is possible to use the Malaware softwear from Malawarebytes as well as windows defender. Has anyone tried this?

    Thanks,

    Peter

  • Trikein
    Trikein Member Posts: 25

    Tinkerer

    Malwarebytes has two versions, the free version which is just passive until you run it, and the paid version, which has the option for active scanning. The free version won't conflict with defender, but the premium may. Also, even if the active scanner is disabled, by default the client still starts when Windows starts, so make sure to disable that in options if you don't want it to. 

     

    PS. Have you tried looking at Bleepingcomputer yet?

  • Wingcowyn
    Wingcowyn Member Posts: 15 New User

    Hi Trickein,

    Thanks for that information. I have had a glance at bleeping computer, but need to take a more detailed look.

    Thanks,

    Peter