Solved

User allowed a rogue support person access to her machine (random phone call) what scans to run now ?

Posted on 2013-02-02
2
483 Views
Last Modified: 2013-11-22
Its an XP PC.

Caller claimed to be from Microsoft.
User realised caller was a rogue 5 mins or so after he remoted the machine

What scans to run on the PC?

So far Ive:

Ran AVG form boot / with updates - found 0
Kapersky emergency CD / with updates  - from boot - found 0  
MBam / with updates - loaded in windows
0
Comment
Question by:fcek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Robby Swartenbroekx earned 250 total points
ID: 38847409
Mostly they use à remote control tool like teamviewer or ammyy admin. Then they open eventviewer to show you all the errors that are on your pc.
If the user realised it by now, there is no problem.
After that, they install a rogue virusscanner you have to pay to clean the pc. Normaly mbam find and deletes them.
0
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 250 total points
ID: 38847443
Also make sure your user installs a very strong, paid, corporate AntiVirus/Firewall suite as further protection.

If the user can have their external IP address changed, they should do it. That will reduce the ability of the rogue caller to get back in on their own.

Nothing will stop installed rogue software until it is removed. It may be both reasonable and practical for your user for backup, format and install Windows fresh after the external IP has been changed. That will wipe out everything.

It is important to understand that the callers are criminals bent on stealing information if they can.

.... Thinkpads_User
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Standalone trial or freeware to do SSL scan 4 62
windows event log error 1000 DSM what does this mean? 5 69
Multi Factor Authentication 3 45
FSRREMOS 7 63
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question