?
Solved

User allowed a rogue support person access to her machine (random phone call) what scans to run now ?

Posted on 2013-02-02
2
Medium Priority
?
498 Views
Last Modified: 2013-11-22
Its an XP PC.

Caller claimed to be from Microsoft.
User realised caller was a rogue 5 mins or so after he remoted the machine

What scans to run on the PC?

So far Ive:

Ran AVG form boot / with updates - found 0
Kapersky emergency CD / with updates  - from boot - found 0  
MBam / with updates - loaded in windows
0
Comment
Question by:fcek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Robby Swartenbroekx earned 1000 total points
ID: 38847409
Mostly they use à remote control tool like teamviewer or ammyy admin. Then they open eventviewer to show you all the errors that are on your pc.
If the user realised it by now, there is no problem.
After that, they install a rogue virusscanner you have to pay to clean the pc. Normaly mbam find and deletes them.
0
 
LVL 97

Assisted Solution

by:Experienced Member
Experienced Member earned 1000 total points
ID: 38847443
Also make sure your user installs a very strong, paid, corporate AntiVirus/Firewall suite as further protection.

If the user can have their external IP address changed, they should do it. That will reduce the ability of the rogue caller to get back in on their own.

Nothing will stop installed rogue software until it is removed. It may be both reasonable and practical for your user for backup, format and install Windows fresh after the external IP has been changed. That will wipe out everything.

It is important to understand that the callers are criminals bent on stealing information if they can.

.... Thinkpads_User
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question