1namyln
asked on
Clensing a computer after user allowed scammer access to their computer
I've had quite a few of these over the past few months. All Windows system. The user gets a persistent webpage directing them to call Microsoft or random phone call where the caller tells them their computer is doing something it shouldn't. Some users go as far to pay the scammer, allow remote access, etc.
When they contact me I'm scanning the drive by removing it from their machine and connecting it to my technical system. Normally nothing is found. Diagnosing with their hard drive installed on their machine scanning with Malwarebytes, RogueKiller, check for unwanted programs in add/remove programs, ensure nothing odd in startup under Msconfig.
Any better advice on tools I can use to scan with?
In some instances I've simply saved important user files then reinstalled Windows. Thanks in advance.
When they contact me I'm scanning the drive by removing it from their machine and connecting it to my technical system. Normally nothing is found. Diagnosing with their hard drive installed on their machine scanning with Malwarebytes, RogueKiller, check for unwanted programs in add/remove programs, ensure nothing odd in startup under Msconfig.
Any better advice on tools I can use to scan with?
In some instances I've simply saved important user files then reinstalled Windows. Thanks in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Clean install is the sure fire way to ensure the problem is no more. Especially with a user that doesn't have many things to reinstall. Thanks for the help.
1namyln,
Please close the Question.
Please close the Question.
Usually it's just some web link with message to contact support etc, always Indian guy on other side
Additional tools: Spybot https://www.safer-networking.org This is really valuable free tool with multiple functions