SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Paging 0-0 or other Computer folks
Go
New
Find
Notify
Tools
Reply
  
Paging 0-0 or other Computer folks Login/Join 
Member
Picture of dlc444
posted
The wife, while I was out of town fell for a scam. A big, noisy window popped up and told her she has viruses and to call a number or the world was going to end. So she called the number and Mohammed Patel on the other end talked her into allowing him to access her computer.

When Mohammad logged on, up popped all the evidence necessary for her to pay $189 to have them removed. At this point she decided to call me. I told her to press the off button for 10 seconds and not turn the thing on until I got home, two days later.

Anyhow, I am currently running a full Windows Defender scan and will follow with a Malware Bytes (free version) scan.

Anything else I should do (aside restricting access to the wife)?


-.---.----.. -.---.----.. -.---.----..
It seems to me that any law that is not enforced and can't be enforced weakens all other laws.
 
Posts: 4357 | Location: Tampa | Registered: August 19, 2007Reply With QuoteReport This Post
Member
posted Hide Post
Hopefully you maintain full backups of your data.

Do a full reinstall of the operating system.

Change all of the passwords on all accounts.

Good luck.

Bill
 
Posts: 723 | Location: Florida | Registered: October 01, 2004Reply With QuoteReport This Post
Member
posted Hide Post
Also, Rogue Killer Free.


***************************
Knowing more by accident than on purpose.
 
Posts: 14186 | Location: Tampa, Florida | Registered: December 12, 2003Reply With QuoteReport This Post
No Compromise
posted Hide Post
Avast Free runs, well, free, for a year. https://www.avast.com/en-us/free-antivirus-download

Malwarebytes runs for 14 days for free. https://www.malwarebytes.com/mwb-download/

Windows Defender is, well, free. Should already be on your system. Activate it.

These three software packages work well with each other, and play nice with others.

Don't forget to wipe Chrome and Firefox from your system, including any hint of history from your system. Reinstall Chrome and/or Firefox, and confirm all application data is gone.

Never surrender to ransom ware or pirate ware. Ever. You only encourage those that spread it.

H&K-Guy
 
Posts: 3720 | Registered: April 08, 2002Reply With QuoteReport This Post
Comic Relief
Picture of Eponym
posted Hide Post
Educate your wife on basic computer security measures.
 
Posts: 4816 | Location: Indianapolis, IN | Registered: September 28, 2005Reply With QuoteReport This Post
Semper Fi - 1775
Picture of Ronin1069
posted Hide Post
quote:
Originally posted by Eponym:
Educate your wife on basic computer security measures.


Yep. Shit happens and knowledge is power.


___________________________
All it takes...is all you got.
____________________________
For those who have fought for it, Freedom has a flavor the protected will never know

ΜΟΛΩΝ ΛΑΒΕ
 
Posts: 12304 | Location: Belly of the Beast | Registered: January 02, 2009Reply With QuoteReport This Post
Help! Help!
I'm being repressed!

Picture of Skull Leader
posted Hide Post
I agree with still_bill. It's always been my personal policy to nuke the machine if I feel it's been compromised and start over.
 
Posts: 11151 | Location: Big Sky Country | Registered: November 20, 2004Reply With QuoteReport This Post
No Compromise
posted Hide Post
Well, if you want to go with the Nuk-u-lar option. There is DBAN (Darik's Boot and Nuke). https://sourceforge.net/projec....0_i586.iso/download

Hell, nuke it from orbit. It's the only way to be sure.

H&K-Guy
 
Posts: 3720 | Registered: April 08, 2002Reply With QuoteReport This Post
For real?
Picture of Chowser
posted Hide Post
Don’t nuke unless it’s your final option. Also grab adwcleaner from malwarebytes and run that.

I haven’t had to nuke any computers yet. Last resort is for me to pull the hard drive and scan from a clean computer.



Not minority enough!
 
Posts: 7993 | Location: Cleveland, OH | Registered: August 09, 2007Reply With QuoteReport This Post
A Grateful American
Picture of sigmonkey
posted Hide Post
See if the there are still Windows Restore Points.

One of the first things the scammers do if they get control of the PC is to run a script that roots the admin account, or creates a new one (often hidden), deletes the System Restore Points, and also deletes Volume Shadow Copy and disables the process (if it is enabled).

Then they may also drop a "encryption time bomb", that will encrypt data after a specific time period, where they will try and take more money.

The other "side" of such things are the scammers that "hit and run". Taking a payment most people will "give up" and moving on, not doing any damage to the PC, but only responding to the "pop up" that was triggered by hitting a web site that has been compromised, or from a bad link in a web search, or from an email.

All the things other said are good to follow through, and what I offer is only a "symptom check" and may only tell if you have anything else going on.

As Skull Leader suggests, that is what I do.

Copy all your data, such as images, videos, music, Documents, Spreadsheets etc. to new external drive, then put that aside.
Don't back up Setup, Program installers or any other type executable files.

Make sure you have at least your network adapter drivers, put that on a thumb drive.

Nuke and Pave. Install good AV and update both Windows and the AV.

Windows requires quite a few update runs, and restarts until it stops fetching them, as some updates will not be picked up by Windows Update checker until pre-requisite updates are already installed.

There is no single roll up update.

After that, restart a last time and then connect and scan the external drive, and you should be OK with that data.




"the meaning of life, is to give life meaning" Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב!
 
Posts: 43810 | Location: ...... I am thrice divorced, and I live in a van DOWN BY THE RIVER!!! (in Arkansas) | Registered: December 20, 2008Reply With QuoteReport This Post
Live long
and prosper
Picture of 0-0
posted Hide Post
Ermagherd!

All bases have pretty much been covered. I'd go with the data backup and nuke and pave if you want to sleep at night.

It's all about educating the User. Nicely tell your wife that the voice at the other end of the line will never take resposibility for the mess in your PC simply because there's no way to tell hthe state of the machine before the help takes charge and the help will usually only take credit for success and not for making it much much worse.
First line of defense it a healthy use of the computer with some good products and then calling someone trustworthy and knowledgeable.

Tell her that logic says that likely Muhammad Patel would be doing something better of his life if he really had good computer skills other than phone support.


Backup. Nuke, pave and learn



0-0


"OP is a troll" - Flashlightboy, 12/18/20
 
Posts: 12090 | Location: BsAs, Argentina | Registered: February 14, 2003Reply With QuoteReport This Post
Optimistic Cynic
Picture of architect
posted Hide Post
quote:
Anything else I should do (aside restricting access to the wife)?

Reformat the disk and install Ubuntu? Smile
 
Posts: 6398 | Location: NoVA | Registered: July 22, 2009Reply With QuoteReport This Post
quarter MOA visionary
Picture of smschulz
posted Hide Post
quote:
Backup. Nuke, pave and learn



Backup for sure will help in future.
Nuke and pave is not necessary unless it has been hit by an Encrypted Virus.

Good that you stopped and are running the Malwarebytes.
Run until it tells you that you are clean.
Then make sure all updates are run.
Then clean out your Internet cache or reset the browser.
Re-assess.
Nuke and Pave is only a last resort or if you are clueless about computers.
 
Posts: 22857 | Location: Houston, TX | Registered: June 11, 2006Reply With QuoteReport This Post
Don't Panic
Picture of joel9507
posted Hide Post
quote:
Originally posted by dlc444:
restricting access to the wife

If you haven't already, might consider setting up an Administrative account and changing your wife's login to non-Administrator going forward. Limits some risks.

Lots of good advice above, but I didn't see that mentioned.
 
Posts: 15001 | Location: North Carolina | Registered: October 15, 2007Reply With QuoteReport This Post
quarter MOA visionary
Picture of smschulz
posted Hide Post
I might add that this sounds like the typical Java pop-up that tricks you to calling.

Generally, these are harmless and usually caused by a hacked/malformed website to cause the pop-up that won't close.
The usual procedure is to just go to the task manager and close the browser and then delete all Internet cache and Java cache.

Even with Mohammed getting on the computer I doubt he installed an additional virus but a Malware scan will tell.
He is only interested in getting the fee so installing a bunch of stuff is not going to help as he already has the recipients attention > all he needs to do is close the deal.

But do a scan to be sure.
Then use common sense in browsing.
 
Posts: 22857 | Location: Houston, TX | Registered: June 11, 2006Reply With QuoteReport This Post
Never Go
Full Retard
Picture of MitchbSC
posted Hide Post
For those users who cannot resist clicking a pop-up resulting in some Indian sweat shop jockey doing a syskey on your Windows computer, consider Linux Mint Cinnamon Edition. It looks like Windows and suits those who do mainly web-surfing and email. It's quite a bit more locked down than Windows and is not subject to the number and variety of virus infections as is Windows.

I'd suggest a Chromebook. But I am rapidly coming to the conclusion that Google should be rm -rf * erased from this existence like Facebook and Instagram.




They don't think it be like it is, but it do.
 
Posts: 4797 | Location: SC | Registered: January 27, 2001Reply With QuoteReport This Post
Member
Picture of dlc444
posted Hide Post
I would not mind an insertion of a special forces team into India or Pakistan or wherever these shitheads happen to live. I don't even mind some collateral damage to the internet infrastructure so that none of them can get online for a few decades.

Maybe an EMP, somewhat localized to fry anything that runs on electricity.

I am in the middle of reinstalling W-10, such a pain in the ass. Someone in my house deserves punishment as well.


-.---.----.. -.---.----.. -.---.----..
It seems to me that any law that is not enforced and can't be enforced weakens all other laws.
 
Posts: 4357 | Location: Tampa | Registered: August 19, 2007Reply With QuoteReport This Post
Live long
and prosper
Picture of 0-0
posted Hide Post
It's a matter or User education, mostly.
First, you must work with a User type account, no Administrator privileges. Secondly, you should not panic, be cool.
Do not trust what the internet/computer says right away. Take a stap back and assess.

In this particular case, I think panic took over common sense and rushing things made it worse.
Under the circumstances, I suggested the final solution more as a psychological treatment than a needed technical one. Without nuking you will keep this an open wound and the blame game will go one each time the internet or machine hicks up. Paving will provide peace of mind. Otherwise you might or not find issues to fix but will never be completely sure.

Just educate your significant one nicely. We all make mistakes. Do not forget the User account privileges and updating W10 fully before addind special drivers. Got one main update stuck for days because MS decided it no longer liked some stuff in my HD that was not even installed.

0-0

s


"OP is a troll" - Flashlightboy, 12/18/20
 
Posts: 12090 | Location: BsAs, Argentina | Registered: February 14, 2003Reply With QuoteReport This Post
Member
posted Hide Post
Would setting up a base Ubuntu OS, then setting up virtual OS for daily uses, be a good idea?

That way the virtual OS could be Windows.

Thanks
Bill
 
Posts: 723 | Location: Florida | Registered: October 01, 2004Reply With QuoteReport This Post
Member
Picture of fpuhan
posted Hide Post
quote:
Originally posted by still_bill:
Would setting up a base Ubuntu OS, then setting up virtual OS for daily uses, be a good idea?

That way the virtual OS could be Windows.

Thanks
Bill


This requires a Windows license disk. Many people these days don't have one, or they have an OEM version that came with the computer. It will be needed if a re-install is necessary.

I typically do it the other way: I have my base OS and install Linux or Windows in a virtual machine. Virtualbox from Oracle is free.




You can't truly call yourself "peaceful" unless you are capable of great violence. If you're not capable of great violence, you're not peaceful, you're harmless.

NRA Benefactor/Patriot Member
 
Posts: 2857 | Location: Peoples Republic of North Virginia | Registered: December 04, 2015Reply With QuoteReport This Post
  Powered by Social Strata  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Paging 0-0 or other Computer folks

© SIGforum 2024