Reinstalled Windows 7, what next?

[Jester Joe]

Alright, long story short, I came home yesterday and went to get on my computer. I go to start up Chrome and instantly notice somethings off since the home page is a completely different search engine that's "Powered by Bing" (Hweugh).

So immediately I check around, notice my brother downloaded quite a few programs (Including I believe PC Optimizer Pro), so I ran Malwarebytes Anti-Malware, expecting a few threats....ends up showing up with 173. After a brief crying period, I clean it with that, restart the computer, and decide to just screw it, reinstall all of Windows just for safe measure, and the computer was getting slow with how much stuff he keeps installing without asking or checking its okay first.

Everything's back up and running now, I deleted the Windows.old after grabbing only WoW, Hearthstone, Diablo 3, Heroes of the Storm, and my pictures (I ain't losing my backgrounds).

Now that's the brief history, here's my questions.

1) Should all the malware/threats be gone pretty safely at this point, or should I go and get something like Hitman Pro?

2) What can I do to ensure so my brother won't be able to download/install anything with administrators rights?
Granted, to clarify, this is 100% my computer, I bought it fully with my own money. I allow him and my sister to use it because, well, I'm not there all the time of course, I figured it would be nice and on top of that, our old computer for the house was so outdated it couldn't even run a simple game without saying it was running low on virtual memory.

Thanks for any help!

[Ghâzh]

1) Should all the malware/threats be gone pretty safely at this point, or should I go and get something like Hitman Pro?

Everything should be gone. If you want to be 100% sure you should do a clean install and back up the pictures and games on a flash drive or external HDD and run a virus scan on those drives before transferring over to new windows install. If that's not an option, check with a few virus scanners to make sure it's definitely clean (malwarebytes, avg, avast, windows defender)

2) What can I do to ensure so my brother won't be able to download/install anything with administrators rights?
Granted, to clarify, this is 100% my computer, I bought it fully with my own money. I allow him and my sister to use it because, well, I'm not there all the time of course, I figured it would be nice and on top of that, our old computer for the house was so outdated it couldn't even run a simple game without saying it was running low on virtual memory.

Put a password on your administrator account, don't tell that to anyone and make the other users guest accounts with limited privileges.

[Jester Joe]

Everything should be gone. If you want to be 100% sure you should do a clean install and back up the pictures and games on a flash drive or external HDD and run a virus scan on those drives before transferring over new windows install. If that's not an option, check with a few virus scanners to make sure it's definitely clean (malwarebytes, avg, avast, windows defender)


Put a password on your administrator account, don't tell that to anyone and make the other users guest accounts with limited privileges.

The thing about the password was I had one set, yet he seemed to be able to install things anyway.
I guess he knew the password for a while then though somehow, or my parents were just putting it in for anything for him without checking what it was... I did change it after a fresh install. I wasn't sure whether it was a "It wasn't asking for it" or a "He knew the password", because I did do exactly what you said, I thought I missed something.

I'll definitely re-run malwarebytes as soon as I get home though, and I actually forgot about avast, and if anything pops up I bought my mom an external hard drive some years back so I should be able to do the fresh install then.

[Ghâzh]

The thing about the password was I had one set, yet he seemed to be able to install things anyway.
I guess he knew the password for a while then though somehow, or my parents were just putting it in for anything for him without checking what it was... I did change it after a fresh install. I wasn't sure whether it was a "It wasn't asking for it" or a "He knew the password", because I did do exactly what you said, I thought I missed something.

If he's using a standard user account and does not know the password for your administrator account, he can't download anything. You can even use parental control to limit what programs or games he can execute if you want to. As long you have your administrator password safe and the account is set to ask password on login, you are safe.

[Jester Joe]

If he's using a standard user account and does not know the password for your administrator account, he can't download anything. You can even use parental control to limit what programs or games he can execute if you want to. As long you have your administrator password safe and the account is set to ask password on login, you are safe.

Okay, I'll be sure to do that when I set it up for the side accounts again! Thank you!

[chazus]

You didn't actually do a clean install, so any malware/whatever that malwarebytes doesn't get that isn't in your old windows install is still there.

[Jester Joe]

You didn't actually do a clean install, so any malware/whatever that malwarebytes doesn't get that isn't in your old windows install is still there.

Well I know I didn't do the clean install, I'd imagine I could easily look up a guide for that though correct?(It seems like its the same thing I already did basically, but with restarting the computer instead to allow the clean install) I have the installation disc, it's just I'd rather not redo all that work again right away without need, granted of course it was a lot of just waiting, but the thought of reinstalling WoW is making me cringe already.

So basically just get the extra protections mentioned above and use that? Or is there something simple I could also do to check, I'd imagine there's not gonna be a folder in the program files that's all like "Hi, I'm pretending to be a normal program but I'm really malware"

[Iamanerd]

If you want to be sure it was wiped, run the install disk again and do a custom install, delete the partitions and install. Install all your drivers etc. and make sure your data is on an external or secondary drive. Then to stop them from downloading crap set up an admin account and standard accounts for your siblings. Get MWB Premium and grab their free anti-exploit. If you want to make damn well sure he can't download crap install and setup K9 and set up a master password and filter out crap sites so he can't download anything. Also Windows passwords are insecure as shit, I can either delete it or bypass it in under a minute and if your siblings wanted to they could grab a boot disk like Hirens to get by.

Safest bet is admin/standard accounts with K9 and a master password only you have. Also to make it easier when you reload windows grab your drivers now and keep them on a flash drive.

[Ghâzh]

You didn't actually do a clean install, so any malware/whatever that malwarebytes doesn't get that isn't in your old windows install is still there.

Well to be fair, he might be safe if the old installation didn't infect the new installation. Then again I don't know how likely that is, never dealt with this before (I'd just do a clean install).

...and if your siblings wanted to they could grab a boot disk like Hirens to get by.

It's a password reset tool though is it not? If they did that, you'd know it.

[Jester Joe]

If you want to be sure it was wiped, run the install disk again and do a custom install, delete the partitions and install. Install all your drivers etc. and make sure your data is on an external or secondary drive. Then to stop them from downloading crap set up an admin account and standard accounts for your siblings. Get MWB Premium and grab their free anti-exploit. If you want to make damn well sure he can't download crap install and setup K9 and set up a master password and filter out crap sites so he can't download anything. Also Windows passwords are insecure as shit, I can either delete it or bypass it in under a minute and if your siblings wanted to they could grab a boot disk like Hirens to get by.

Safest bet is admin/standard accounts with K9 and a master password only you have. Also to make it easier when you reload windows grab your drivers now and keep them on a flash drive.

Honestly, we're talking about someone here who doesn't even know you need to empty the recycling bin to actually delete documents(My brother of course, I know that myself :P). I don't believe he intentionally meant to download malware of course, but yeah.

I guess I'll be doing a clean install later at this rate, oh well.

[Iamanerd]

Well to be fair, he might be safe if the old installation didn't infect the new installation. Then again I don't know how likely that is, never dealt with this before (I'd just do a clean install).

It's a password reset tool though is it not? If they did that, you'd know it.

Yeah one of them is, but you can also use another tool on there to load the HIVE and read it as well. Also Kon boot bypasses it completely without deleting the password.

[Jester Joe]

Yeah one of them is, but you can also use another tool on there to load the HIVE and read it as well. Also Kon boot bypasses it completely without deleting the password.

Unless someone is giving him instructions on how to do this, I can't imagine him knowing how to on his own. Like I said, he doesn't even know how to empty the recycling bin or clear his history if he did something he shouldn't of (Honestly I'm shocked, he's 15, I thought he would at least know that simple stuff by now). That being said, I'm probably still gonna look into that K9 though.

[Ghâzh]

Yeah one of them is, but you can also use another tool on there to load the HIVE and read it as well. Also Kon boot bypasses it completely without deleting the password.

Well that seems neat. Never found anything like that last time I looked. Only either complete reset or brute force.

[Deleted]

If he is 15 chances are he ain't as dumb as you think he is. Anyone who can read and has basic understanding of google can get around windows passwords with ease.
You can make it harder for him by setting up bios password and disabling other boot devices then your hdd. If you bios is any good he wont be able to easily boot into some kind of recovery/hack tool to get around the password.

[Jester Joe]

If he is 15 chances are he ain't as dumb as you think he is. Anyone who can read and has basic understanding of google can get around windows passwords with ease.
You can make it harder for him by setting up bios password and disabling other boot devices then your hdd. If you bios is any good he wont be able to easily boot into some kind of recovery/hack tool to get around the password.

I'll give an example, you judge it I suppose on whether he is that bad at computer usage.

First off to clarify, my theory on how he got the password is he watched my parents enter it most likely. It wasn't the most complicated password since I'd imagine he would never know it, and he wouldn't be able to guess it. But if he saw it, he'd remember it quite easily.

That being said, in my google chrome browsing history on my profile, there was activity of google searches from 6:00 to 6:20. I wasn't home until 8, and lo and behold, it was programs he installed during that day. If he had a basic understanding of google, I would imagine he would know at least it would pop up in the history.

That being said, not to sound like I'm not taking your advice, I very much am, I'm just clarifying as to why I think he is as computer illiterate as I think he is.
Granted, I'm not amazing at it myself, hence why I'm here to confirm what to do!

[Iamanerd]

Unless someone is giving him instructions on how to do this, I can't imagine him knowing how to on his own. Like I said, he doesn't even know how to empty the recycling bin or clear his history if he did something he shouldn't of (Honestly I'm shocked, he's 15, I thought he would at least know that simple stuff by now). That being said, I'm probably still gonna look into that K9 though.

Yeah chances are he didn't use the methods I mentioned but K9 will definitely help out and regardless of him getting by the password for your windows account K9 will still be active and he can't uninstall it without for entering the admin password on the K9 account.

[PACOX]

If he is 15 chances are he ain't as dumb as you think he is. Anyone who can read and has basic understanding of google can get around windows passwords with ease.
You can make it harder for him by setting up bios password and disabling other boot devices then your hdd. If you bios is any good he wont be able to easily boot into some kind of recovery/hack tool to get around the password.

Eh, but he downloaded crapware...I don't anyone who would download shitware would know how to circumvent a Windows password, even if it is easy.

To OP, shouldn't like the "virus" that he downloaded was some annoying adware (I've checked out PC with similar symptoms a lot). Chrome was hijacked and you probably had a proxy, refreshing Windows would have fixed it. You actually didn't have to go that far but what works works. You can easily give him a standard account to prevent him from downloading programs. Very easy to monitor and restrict "child" accounts in Windows 8, never actually played with it in Windows 7 but if isn't easy a simple program like K9 (or just google content control solutions) will do the trick. Setup your account so that it will easily lock itself if you step away from the computer (put screensaver on a short timer and then require password to turn display back on, something like that).

Just follow basic security practices, don't like your account open and unattended for an extended period of time. You might want to teach him to download from safe vendors. Anyone who knows a little about computers knows what its like to support a family members PC, you can alleviate a lot of headaches just by teaching them some basic safe practices. Example, most of what you need on a PC can be downloaded from Ninite. Games/Mods either directly from the company who made it or from a third party (Steam, Origin, Nexus or Moddb for mods etc). For music you have services like Grooveshark, Spotify, Pandora, whatever else people use. Keep some sort of active antivirus running (ie Avast) and a passive one on deck (Malwarebytes). Make sure your browser at least has a popup blocker (many don't want to/know how to use a Flash blocker without frustrating themselves) as a minimal defense against bad ads.

[ComputerNerd]

My nephew doesn't have significant computer knowledge, but certainly enough to install applications.
I have previously had to remove unwanted software such as toolbars.
He is way too readily drawn to "free" stuff, which I would suspect is the cause of this issue here.
I am now moving towards established sites for flash games, or letting me vet something before downloading/installing.

Don't assume that lack of knowledge in what you assume is "basic" stuff means lack of knowledge elsewhere.

[Jester Joe]

Yeah chances are he didn't use the methods I mentioned but K9 will definitely help out and regardless of him getting by the password for your windows account K9 will still be active and he can't uninstall it without for entering the admin password on the K9 account.

That's good to know, I'll definitely be looking into it, thanks!

Eh, but he downloaded crapware...I don't anyone who would download shitware would know how to circumvent a Windows password, even if it is easy.

To OP, shouldn't like the "virus" that he downloaded was some annoying adware (I've checked out PC with similar symptoms a lot). Chrome was hijacked and you probably had a proxy, refreshing Windows would have fixed it. You actually didn't have to go that far but what works works. You can easily give him a standard account to prevent him from downloading programs. Very easy to monitor and restrict "child" accounts in Windows 8, never actually played with it in Windows 7 but if isn't easy a simple program like K9 (or just google content control solutions) will do the trick. Setup your account so that it will easily lock itself if you step away from the computer (put screensaver on a short timer and then require password to turn display back on, something like that).

Just follow basic security practices, don't like your account open and unattended for an extended period of time. You might want to teach him to download from safe vendors. Anyone who knows a little about computers knows what its like to support a family members PC, you can alleviate a lot of headaches just by teaching them some basic safe practices. Example, most of what you need on a PC can be downloaded from Ninite. Games/Mods either directly from the company who made it or from a third party (Steam, Origin, Nexus or Moddb for mods etc). For music you have services like Grooveshark, Spotify, Pandora, whatever else people use. Keep some sort of active antivirus running (ie Avast) and a passive one on deck (Malwarebytes). Make sure your browser at least has a popup blocker (many don't want to/know how to use a Flash blocker without frustrating themselves) as a minimal defense against bad ads.

Honestly I figured it would be a bit overkill if anything, but like I said, he installed so much over time it started to get bogged down anyway with unneeded programs that I didn't feel like going through uninstalling. But yeah, usually when I leave the computer on my account for a while, I do lock it so no one can use it, like if I'm running to the store or something real quick.

But I think between you and ComputerNerd's advice/guesses about the downloading, it's pretty much right on point. He downloads tons of mods for like, DayZ and other Steam games, but I don't think he's getting them through the safest way, and then on top of that, he wants to record them, so he tries downloading free streaming software and I'm sure we all know where that ends up going most the time!

Usually though I use Microsoft Security Essentials honestly, I guess I should move over to Avast instead since it keeps popping up as a suggestion?

My nephew doesn't have significant computer knowledge, but certainly enough to install applications.
I have previously had to remove unwanted software such as toolbars.
He is way too readily drawn to "free" stuff, which I would suspect is the cause of this issue here.
I am now moving towards established sites for flash games, or letting me vet something before downloading/installing.

Don't assume that lack of knowledge in what you assume is "basic" stuff means lack of knowledge elsewhere.

He does keep going towards the free video software it seems.

[PACOX]

Avast is very easy to use and doesn't require you to touch it, I put it in silent mode though because the lady can get annoying.

If he wants to record and stream to point him towards OBS (Open Broadcast Software). Very easy to use, its one that man streamers/recorders use or have used, and its free.