User allowed a rogue support person access to her machine (random phone call) what scans to run now ?

Posted on 2013-02-02
Medium Priority
Last Modified: 2013-11-22
Its an XP PC.

Caller claimed to be from Microsoft.
User realised caller was a rogue 5 mins or so after he remoted the machine

What scans to run on the PC?

So far Ive:

Ran AVG form boot / with updates - found 0
Kapersky emergency CD / with updates  - from boot - found 0  
MBam / with updates - loaded in windows
Question by:fcek

Accepted Solution

Robby Swartenbroekx earned 1000 total points
ID: 38847409
Mostly they use à remote control tool like teamviewer or ammyy admin. Then they open eventviewer to show you all the errors that are on your pc.
If the user realised it by now, there is no problem.
After that, they install a rogue virusscanner you have to pay to clean the pc. Normaly mbam find and deletes them.
LVL 101

Assisted Solution

by:John Hurst
John Hurst earned 1000 total points
ID: 38847443
Also make sure your user installs a very strong, paid, corporate AntiVirus/Firewall suite as further protection.

If the user can have their external IP address changed, they should do it. That will reduce the ability of the rogue caller to get back in on their own.

Nothing will stop installed rogue software until it is removed. It may be both reasonable and practical for your user for backup, format and install Windows fresh after the external IP has been changed. That will wipe out everything.

It is important to understand that the callers are criminals bent on stealing information if they can.

.... Thinkpads_User

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Cloud computing is a model of provisioning IT services. By combining many servers into one large pool and providing virtual machines from that resource pool, it provides IT services that let customers acquire resources at any time and get rid of the…
A discussion about Penetration Testing and the Tools used to help achieve this important task.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question