My mums computer was possibly infected with a virus or remotely accessed- what should be done?

EdwardTeach · 20 Apr 2016 at 22:46

Background: My mum is mid-60 and fairly computer illiterate. She used the same password to login to windows for her email address and several other things. Apparently my dad has emailed her files called "money" a few times with details of all their investments and login details!

I am going to paraphrase what my described:

She turned on her computer, there was a rectangle in the middle (possibly a a file explorer folder), inside this rectangle there were all the "money" files (they are not normally kept in a distinct folder). At the bottom of the rectangle my mum could see her password written out. There was pink dots moving across the top of the rectangle.

My mum showed my dad and then turned off the computer. She has changed her passwords for everything as has my dad, but she has kept using the computer. This was a bout a week ago, (I have only heard about it today as I have been in Italy) As far as they are aware nothing has happened to their bank accounts. I have been through my mums email account, she doesn't seem to have opened any dodgy emails.

It sounds really dodgy right? Is there any innocent scenario that would match the above? The bit that sticks out for me was that her password was visible on the screen.

Assuming it is dodgy what should we do? I have told her to leave her computer off for the time being.

malachi · 20 Apr 2016 at 22:53

Back up any important documents, format and reinstall Windows then find yourself a good AV to install.

EdwardTeach · 21 Apr 2016 at 08:55

Is there something I could put on a USB to scan the computer, without having to connect it to the internet again?

bledd · 21 Apr 2016 at 09:06

http://www.eset.com/sg/support/sysrescue/

Install KeePass for them, use a strong easy to remember password for it..

Something like....

thewheelsonthebusgoroundandround@1

^Boot from the CD/USB with the network connection connected, this will allow it to get the latest updates.

Personally, I would just grab the files you want and then format.

EdwardTeach · 21 Apr 2016 at 10:12

Yes I will definitely format. Is it possible that the virus may now be hidden in their office office files?

Deleted member 77746 · 21 Apr 2016 at 10:29

malachi said:
Back up any important documents, format and reinstall Windows then find yourself a good AV to install.

This, it's far easier to backup and format rather than worrying if there is something in the system lurking ready to eat you alive.

jpaul · 21 Apr 2016 at 11:31

I have used free bitdefender linux rescue cd in the past

.. what is the technique to backup important files though - presumably you need to do that in linux too ?

KIA · 21 Apr 2016 at 18:29

Does she need Windows?

Have a look at Chrome OS.

bledd · 22 Apr 2016 at 08:44

jpaul said:
I have used free bitdefender linux rescue cd in the past

.. what is the technique to backup important files though - presumably you need to do that in linux too ?

The best option is, you restore your pc from your system image backup that you've of course taken previously..

Or just format and install Windows then restore from your file backup that you've taken previously..

Or you boot from Ubuntu or Linux Mint live CD, then copy your files off, reinstall and copy the files back.

lude1962 · 22 Apr 2016 at 09:07

EdwardTeach said:
Yes I will definitely format. Is it possible that the virus may now be hidden in their office office files?

if you mean ms office files, there's a possibility the files contains malicious code (same as old pdfs using old version of pdf reader).
copy the content of the file into something like notepad and save, a messy but workable solution