Solved

User allowed a rogue support person access to her machine (random phone call) what scans to run now ?

Posted on 2013-02-02
2
474 Views
Last Modified: 2013-11-22
Its an XP PC.

Caller claimed to be from Microsoft.
User realised caller was a rogue 5 mins or so after he remoted the machine

What scans to run on the PC?

So far Ive:

Ran AVG form boot / with updates - found 0
Kapersky emergency CD / with updates  - from boot - found 0  
MBam / with updates - loaded in windows
0
Comment
Question by:fcek
2 Comments
 
LVL 7

Accepted Solution

by:
Robby Swartenbroekx earned 250 total points
ID: 38847409
Mostly they use à remote control tool like teamviewer or ammyy admin. Then they open eventviewer to show you all the errors that are on your pc.
If the user realised it by now, there is no problem.
After that, they install a rogue virusscanner you have to pay to clean the pc. Normaly mbam find and deletes them.
0
 
LVL 92

Assisted Solution

by:John Hurst
John Hurst earned 250 total points
ID: 38847443
Also make sure your user installs a very strong, paid, corporate AntiVirus/Firewall suite as further protection.

If the user can have their external IP address changed, they should do it. That will reduce the ability of the rogue caller to get back in on their own.

Nothing will stop installed rogue software until it is removed. It may be both reasonable and practical for your user for backup, format and install Windows fresh after the external IP has been changed. That will wipe out everything.

It is important to understand that the callers are criminals bent on stealing information if they can.

.... Thinkpads_User
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now