Help, I may have been scammed

[WolfeMacleod]

do a youtube search for Microsoft scammer and watch some of those videos. these guys are nasty

 

[Barcham]

I'm running rkill now, I have pages and pages of scrolling text in the dos window........

Rkill can take a bit of time to run. When finished, it will display a text document with a list of what it found and terminated along with the complete path to the file. From there you can see if there is anything unusual.

 

[GitFiddle]

I don't accept cold calls from anyone. Even if it was Bill Gates himself, I would hang up on his ass.

Just to be on the safe side:

I don't know your method of internet access, but if you are on some kind of DSL or Cable modem, most likely with a dynamic IP address, I would cycle power on the modem, or call your service provider, to get the IP address to change to something different than what it was when you got the call.

Good luck and I hope its nothing more than what the others suggest.

 

[Shadowplayer]

I feel so stupid, but I think I was scammed today. I got phone call from a 'Microsoft Engineer' I stupidly gave him remote access to my Son's laptop.

If you google 'onlinetechguys' and it will basically put you in the picture, they claim that your PC is being hacked and they can fix it etc and instruct you to look at the Windows Event Viewer and show you loads of errors etc.

Anyways, they ask to have access to your PC via Ammyy, stupidly I did this (I do this remote access stuff all the time at work and just did not think about it clearly. Whilst this guy was on the PC,I did watch is every move and all he did was show we around the event viewer, he then said for £170 a year he can keep the PC safe etc. he then showed their website where I could sign up and pay for the subscription.

Thankfully, I did not sign up and ended the call and the remote access.

I have since googled this scam and hence I am now concerned.

I cannot remember ever buying anything online via my sons laptop and for peace of mind I have cancelled my CC and bank cards and reset all my passwords for stuff like online banking, paypal, eBay, etc etc. essentially everything I can think of changing or stopping, I have.

I have also installed Mcafee on his laptop and run a full scan and it has removed a few unwanted programmes but found no viruses, I have it setup to do the constant live scanning.

So, I think I may have had a narrow escape. I have checked with my bank and cc company and there have been no unusual transactions.

But, what worries me is that some online reports suggest these scammers are not just trying to get you to sign up to an expensive no existent service, but they install stuff while they have you online, I did not see them do this? Is it possible they have installed anything? Nothing is picked up by McAfee?

I have searched the laptop for ammyy.exe but cannot find it, I think we just 'ran' the download and did not actually install it, I have also read that ammyy does not install, it runs from a .exe

Is there anything else I should do? My son is only 12 and only uses his laptop for YouTube and a few games like mine craft. Like I say, I am sure there have been no online purchases via this PC and i have now stopped all my cards.

I have the restore USB that came with the laptops when new, but would it be overkill to reinstall factory settings?

I feel so ****ing stupid!!!!!!!!!!

that sir...pretty dumb.



2 years ago, right before my old hard drive melted (yeah, bad fan) I called Dell for some support. I had to pay $200 for them to run a test via my computer. During this I watched the person from dell go through my files and such. turned off the computer and that was that.


also...reinstalling factory settings aint gonna do shit against a hacker.

 

[Kashmir]

If you're that worried about it, do a system restore, and restore the pc back to the day before the phone call.

 

[db3266]

You do not have Remote Desktop option because you aren't running Windows PRO. Turning those options off will have no effect at all on programs like Teamviewer which have their own integrated remote services and protocols. Teamviewer also requires the local host to generate a password and give it to the person attempting to connect or no connection can be made.

Another thing that you will notice is that when there is a remove connection made to the computer, any wallpaper image you may have will vanish to save bandwidth.

No one is connecting to your laptop via either Teamviewer or ammyy without you giving your permission first. The software is designed this way expressly to prevent it from being used as a hacker tool.

That is what happened, teamviewer generated a code and password that I had to give so he could connect.

Rkill just finished running

It says

no malware services found to stop

No malware processes found to kill

Explorer policy removed : NoActiveDesktopChanges [HKLM]

I then get reams of reparse point/junctions found (these May be legitimate)

No issues found for missing digital signatures

And no issues in the HOSTS file

 

[db3266]

So, if they can't get remote access and I have Mcaffee and rkil reporting no issues, is it safe to let my Son use his PC again?

My remaining concern is that there is some form of software looking for card details if purchases are made, but I guess McAffee will eliminate this?

 

[Barcham]

Go ahead and use your computer. McAfee is more of a risk to it than most malware would be anyways. But don't worry, the MS anti virus which is integrated in Win 8.1 will keep you running safe and sound.

Those guys do seem to keep busy though! They have a great scam going there.
http://whocallsme.com/Phone-Number.aspx/02081441094

 

[db3266]

PS - thanks for the all help so far !!!

 

[db3266]

the MS anti virus

Is that called Advanced System Protector?

 

[geochem1st]

So, if they can't get remote access and I have Mcaffee and rkil reporting no issues, is it safe to let my Son use his PC again?

My remaining concern is that there is some form of software looking for card details if purchases are made, but I guess McAffee will eliminate this?

Word of advice:

If you are going to make purchases on line use a dedicated card that has a limited amount of money in it, and ONLY use that card for online purchases.

This may be an extra step, but it will limit any damage that may occur in the future due to either a hacker, another error by you or your son, or even a bank error.

I would never use a card attached to my main account online.

 

[Barcham]

Microsoft Security Essentials on Win 7 and Windows Defender on 8 and 8.1. It might have been disabled during the McAfee installation but it can run in concert with third part anti-virus programs with no problems. But with McAfee, who knows? A girlfriend bought a new ASUS laptop after Xmas and the first thing I did was remove McAfee.

 

[DADGAD]

that sir...pretty dumb.



2 years ago, right before my old hard drive melted (yeah, bad fan) I called Dell for some support. I had to pay $200 for them to run a test via my computer. During this I watched the person from dell go through my files and such. turned off the computer and that was that.


also...reinstalling factory settings aint gonna do shit against a hacker.

You are lucky the Dell guy didn't find your squirrel porn.

 

[Barcham]

Word of advice:

If you are going to make purchases on line use a dedicated card that has a limited amount of money in it, and ONLY use that card for online purchases.

This may be an extra step, but it will limit any damage that may occur in the future due to either a hacker, another error by you or your son, or even a bank error.

I would never use a card attached to my main account online.

I'd 'like' that post 100 times if possible but because I can't, I liked it and quoted it.