View previous topic :: View next topic |
Author |
Message |
vinnycast27 Just Arrived
Joined: 19 Nov 2010 Posts: 1
|
Posted: Wed Apr 27, 2011 12:46 am Post subject: May have been infected after phone call/remote access scam |
|
|
Hi there
i'm not sure whether this is in the right forum so please re-direct if it's not.
Basically I received a call today from an Indian call centre that said they were part of my internet provider's support team that would speed up my pc.
Unfortunately for god knows what reason I went to:
teamviewer.com and downloaded the remote access tool.
I gave them the password and log in assuming they were genuine
they connected remotely and went to START-RUN-prefetch
saying these files are potential virus's and we can clear them for you at a small cost of £100 and you get 9 years cover...
At this point i realised this wasn't who I thought it was politely said no thanks and they abruptly said ok and hung up on me.
the window with the prefetch results was still open they soon closed it and then i got rid of the teamviewer connection. I wasn't sure if i was connected so reopened it reset the password just in case then re-deleted it. it's currently not on my desktop or my pc.
I then ran an Avira scan and a malware antibytes scan both finding nothing i'm uncertain if they have planted something on my pc that will absorb my passwords or my logins etc
I'm a bit scared about my level of security right now, can anyone help me ensure that i'm safe?
I must also stress that whilst he was talking to me on the phone only the preftech window was open he didnt do anything to my desktop or appear to install anything but how am I to know for sure.
Again my aniexty about this is really high so any help is very, very much appreciated.
kind regards
vinny
|
|
Back to top |
|
|
georgec SF Staff
Joined: 15 Nov 2010 Posts: 0
|
Posted: Wed Apr 27, 2011 12:10 pm Post subject: |
|
|
Why don't you call your ISP and confirm that they are actually providing this service on their part. Then if not, the risks are higher! If you suspect that they have installed additional stuff then you may do a system restore, if you are running Windows 7 then just type System restore from the Start text box and follow the wizard. Also, check and enable malware/spyware functionality your A/V solution may have.
|
|
Back to top |
|
|
vinnycast27 Just Arrived
Joined: 19 Nov 2010 Posts: 1
|
Posted: Wed Apr 27, 2011 12:20 pm Post subject: |
|
|
thanks for the replay.
I can 100% confirm that it is not legitimate by the ISP provider.
I use Windows XP how can I restore to before yesterday's events?
Also if i do so will i lose any data saved yesterday?
p.s not sure if this helps but here is my hijack this log.
Note: Hijackthis log removed from thread. The Hijackthis log is only allowed to be posted in the Hijackthis/Malware removal forum. - SifuMike
|
|
Back to top |
|
|
georgec SF Staff
Joined: 15 Nov 2010 Posts: 0
|
Posted: Wed Apr 27, 2011 12:49 pm Post subject: |
|
|
You shouldn't loose any personal data, however, I would save the most important files to an external storage device. Check this link for detailed info -how to restore Windows XP to a previous state http://support.microsoft.com/kb/306084
You can never be sure by reviewing the list of running processes as malicious programs can take the name of valid ones, etc.
|
|
Back to top |
|
|
vinnycast27 Just Arrived
Joined: 19 Nov 2010 Posts: 1
|
Posted: Wed Apr 27, 2011 2:52 pm Post subject: |
|
|
Hi George
I have just done the system restore and to confirm it's how it was as at yesterday before the phone call I didn't install Hijack this until today and it's currently not on my desktop. So i'm assuming i'm as I was before it all happened.
Is it a case of wait and see or can I do anything else to safeguard myself or detect if any malicious items still remain on my pc?
many thanks again
vinny
|
|
Back to top |
|
|
georgec SF Staff
Joined: 15 Nov 2010 Posts: 0
|
Posted: Wed Apr 27, 2011 4:14 pm Post subject: |
|
|
Keep your anti-virus/malware/spyware solution updated and running! Find a third-party firewall solution, block unnecessary traffic on both directions in/out and check the logs on regular basis.
|
|
Back to top |
|
|
vinnycast27 Just Arrived
Joined: 19 Nov 2010 Posts: 1
|
Posted: Wed Apr 27, 2011 4:51 pm Post subject: |
|
|
Thanks George
All is up to date, I may run another scan just in case but I guess all I can do is keep an eye on things and hope for the best.
Thanks for all your help
Vinny
|
|
Back to top |
|
|
SifuMike Deceased
Joined: 17 May 2004 Posts: 16777146 Location: Vancouver (not BC) WA (not DC)
|
|
Back to top |
|
|
|