Undoing things done by phone scammers

Forums › Microsoft Windows › Undoing things done by phone scammers

johny99

495 posts

Ultimate Geek
+1 received by user: 61
Inactive user

#268628 29-Mar-2020 13:18

Hi All

Can anyone point me in the right direction on what virus malware scans etc etc to run if one has allowed scammers access to their computer, my mother is freaking out as she did just this. I have run a trend micro house call scan and a malware bytes, they haven't found anything which is good I guess, but is there any further steps I should do?

Mum mentioned that a whole lot of text went across the screen, I am assuming she saw a script or some thing run or it could have been a cmd command in order to scare her in to giving them money.

Can anyone advise the best way or tool to remove Rootkits?

Oblivian

7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

#2449457 29-Mar-2020 13:25

They run shyte to mask what is going on. Jump on youtube.

The first thing you do is LOCK YOUR BANK ACCTS. Call them. NOW

They keylog using the remote tools and capture your bank details. Chances are it may already be too late.

johny99

495 posts

Ultimate Geek
+1 received by user: 61
Inactive user

#2449459 29-Mar-2020 13:30

Bank has been called

allan

2073 posts

Uber Geek
+1 received by user: 899

ID Verified

Lifetime subscriber

#2449516 29-Mar-2020 14:52

Safer to do a complete rebuild/reinstall frankly.

jarledb

Webhead
3319 posts

Uber Geek
+1 received by user: 1983

Moderator

ID Verified

Trusted

Lifetime subscriber

#2449575 29-Mar-2020 16:21

allan:

Safer to do a complete rebuild/reinstall frankly.

This. I would not trust a computer that someone like this has had free rein on.

Easiest is to format and re-install everything.

Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#2449583 29-Mar-2020 16:37

agreed, the only way to be sure, is to pave the machine and reinstall

Although until you can get there to do that, MalwareBytes etc may be handy

consider not giving your mum local admin rights too :)

Jogre

182 posts

Master Geek
+1 received by user: 40

#2449896 30-Mar-2020 09:47

Rogue Killer is another option as well, found its good at picking up registry changes (although I would also recommend MalwareBytes to start).

Jono Green

Microsoft New Zealand

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

1101

3141 posts

Uber Geek
+1 received by user: 1143

#2449919 30-Mar-2020 10:39

It the scammers had access , then what ever they did or installed may not EVER show up a malware, because what they installed or the changes they made arent 'malware' and may be seen as legit if detected at all . eg remote access programs they use are often legit .

You will honestly never know . It needs to be wiped & re-installed .

networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified

Trusted

Lifetime subscriber

#2449954 30-Mar-2020 11:27

1101:

It the scammers had access , then what ever they did or installed may not EVER show up a malware, because what they installed or the changes they made arent 'malware' and may be seen as legit if detected at all . eg remote access programs they use are often legit .

You will honestly never know . It needs to be wiped & re-installed .

This.

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#2450154 30-Mar-2020 16:29

"If an attacker has access to your PC, it's not your PC anymore"

johny99

495 posts

Ultimate Geek
+1 received by user: 61
Inactive user

#2450387 31-Mar-2020 09:48

So antivirus software like trend and Norton is just a waste $$$, am I right in thinking that?

snnet

1413 posts

Uber Geek
+1 received by user: 556

#2450388 31-Mar-2020 09:52

johny99: So antivirus software like trend and Norton is just a waste $$$, am I right in thinking that?

To ensure these scammers don't have access to your computer, yes

But (in my opinion) not a waste of money for general course of protection. I use Norton and Malwarebytes Premium together. Some people are happy with Windows Defender.

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

1101

3141 posts

Uber Geek
+1 received by user: 1143

#2450392 31-Mar-2020 10:02

johny99: So antivirus software like trend and Norton is just a waste $$$, am I right in thinking that?

No , AV is worthwhile.
Having deadbolts on the front door is not going to help if you invite the burglars in

The scammers can use LEGIT software to do their dirty work, that wont get detected as it isnt malware.
Also , no AV can detect changes that scammers made to the system. They can also uninstall or disable the AV .