|
I'm worried I might've done something stupid...
I got a phone call from a company saying they work with Microsoft, telling me my PC had a trojan - specifically winlogon.exe. But they sounded legit because they knew the Windows license number, which I'm fairly sure they couldn't have obtained from anyone but the people I bought my laptop from, PC Specialist.
I then spent a nerve-wracking half-hour or so surrendering control of my laptop while they did various things to clean up my system, terminate foreign network connections and restart Windows services allegedly disabled by Russian hackers. I've also paid them a sum of dosh for network security software; I presume I'll receive an email link to download it. Has anyone else experienced this? If so, have I been conned? Is there any way a Windows license number can be fraudulently obtained remotely? Or am I being paranoid? But I can't help wondering how these supposed hackers got winlogon.exe past Norton. Plus I've been running https protocol for months and I now have a VPN. So what precisely have I done: the smart thing, or the bloody stupid thing? Just in case, I've changed my most critical passwords, plus the passcodes on my debit and credit cards. - I've just looked up 'remote access scams', and now I'm pretty sure I did something stupid. :dunce: |
Re: I'm worried I might've done something stupid...
Quote:
If your PC is not a "home built" one then it will have a generic product number. Contact your bank or credit cards company and cancel all payments. You will (or should) have to replace your credit/debit cards as well. Also contact the bank to change login details for online banking. Your PC will also have to be checked for any spyware/malware or virus which may have been installed by them. Your fault totally, NEVER accept anyone contacting you by phone knows anything about you. Thay will use social engineering to get you to believe they do unless it is actually a company you have dealt with and given your phone number to and give you the correct reference number. Sorry to be the bearer of bad news but don't shoot the messenger. |
Re: I'm worried I might've done something stupid...
Wouldn't dream of it, dude. Thanks for the advice.
Okay, I've cancelled the credit card and told Barclaycard what happened, so the ball's in their court now. The payment's still pending, so it shouldn't happen now. If it does, well, lesson learned. Right. Time for in-depth Norton scanning, so I think I'll go offline for a while and read a book. :p: |
Re: I'm worried I might've done something stupid...
I'd download Malwarebytes and scan with that too.
|
Re: I'm worried I might've done something stupid...
Quote:
NEVER, NEVER, NEVER, NEVER do this, Ever. ---------- Post added at 22:57 ---------- Previous post was at 22:56 ---------- If I were you, Id seriously think about re-installing the laptop from scratch, there is no telling what they have put on it. |
Re: I'm worried I might've done something stupid...
Well, I've applied updates to and run Norton, Spybot and Malwarebytes, and all they found were a few tracking cookies and some suspect registry keys. It would appear I've been rather luckier than I deserved, as I freely admit. Just goes to show even experienced users can be fooled, and I've been into computers since the days when MS-DOS had to be loaded from a 5 1/4" floppy.
Jeez, that dates me, doesn't it?! |
Re: I'm worried I might've done something stupid...
As Paul says format the computer asap.
|
Re: I'm worried I might've done something stupid...
Reformat and reinstall asap.
I had a call from this scam before. It's well known and been around for year as. As soon as I told them that's funny as there are no Windows devices here only 3 Macs, they actually went silent then hung up. |
Re: I'm worried I might've done something stupid...
Quote:
I admit I have used this once and I found it amazing tbh, saying that I called them and I think that is the key word you contact them not the other way around and no payment was needed or asked for in my case. My advice Anonymouse don't beat yourself up about this what's done is done, take care :hugs: |
Re: I'm worried I might've done something stupid...
Quote:
|
Re: I'm worried I might've done something stupid...
You may be able to boot from a Live Linux distro and copy any files you want off the PC, better than booting into PC and copying some nasty over.
|
Re: I'm worried I might've done something stupid...
Quote:
|
Re: I'm worried I might've done something stupid...
Thanks, peeps, lesson learned - I am going to reinstall everything on my next 3-day break from work (I work 5 nights on, 3 off);
I'm usually too tired while I'm working to think straight, so it'll have to wait till then. As a compromise I'm disconnecting from the Internet while I'm not browsing...so if there is anything that's been missed by Norton, Spybot, Malwarebytes and the Microsoft tool, it can't do anything significant. |
Re: I'm worried I might've done something stupid...
A good days work to sort this out.. good luck Anonymouse.
|
Re: I'm worried I might've done something stupid...
Terrible thing to happen to you, So sorry, Hope you have not lost a lot of money
|
Re: I'm worried I might've done something stupid...
I did lose a bit, but...oh well, lesson learned. Anyway the system nuking process is complete and my laptop's more or less back to the way it was...with several passwords changed, that is.
That Chrome feature to export/import passwords is very handy; I doubt I could've remembered them all. Same with bookmarks. But everything I'd installed was either backed up or could be downloaded again from source, so this was more of an inconvenience than a disaster. I still don't think they did anything drastic, to be honest, and I ran four different malware tools which found nothing except a few tracking cookies. But even if they did put anything on the laptop, it's well and truly gone. Before the nuke it did occur to me to wonder if my laptop had been turned into a bot, but an online check via Kaspersky said its IP address wasn't part of any known botnet. Nor is it now. |
Re: I'm worried I might've done something stupid...
Better to be safe than sorry though. :)
|
Re: I'm worried I might've done something stupid...
Quote:
|
Re: I'm worried I might've done something stupid...
Quote:
|
Re: I'm worried I might've done something stupid...
I got this call about a week ago. An Indian guy trying his best. I just said 'Oh it's you, you're that [half a dozen strong swear words] scamming [another half a dozen swear words] by then he hung up on me. I was actually annoyed by it though.
|
Re: I'm worried I might've done something stupid...
Don't feel bad you fell for this, some of them are very convincing on the phone.
Once they have remote desktop they usually check which Antivirus you have running and make some decisions based on that. Some are easier to temporary disable or hide malware from than others and sometimes they even have a slightly different .exe malware that works better with a specific AV. Sometimes they might just put a bit of loader software on which contains no malware at all but it's only job is to talk to a control centre every so often. At some point the control centre tells it to download the actual malware and run it. So until that happens, your PC might look clear from infections. The people doing the infecting have the bonus of being able to write some malware that no antivirus vendors are aware off and on one particular day letting it off to all those people who were prepped with the loader software, meaning a better infection rate. If they got the indian call centre guys to install the malware straight away, the AV vendors would be working on signatures for that malware and push it out at the end of the week meaning no one else would get infected unless they made changes to make the malware undetected again. So having the malware downloading software ready on a thousand machines to infect in the same hour is beneficial. But it means you might think you are clean from infection if the initial downloader isn't picked up as a nasty, which is often the case. |
Re: I'm worried I might've done something stupid...
I think I've got some malware on my phone, don't think it's that harmful but I'd still like it gone, other than factory reset is there anyway of doing this easily? It's one of those crappy browser redirect ones.
|
Re: I'm worried I might've done something stupid...
Get Eset's mobile version of Nod32..
|
Re: I'm worried I might've done something stupid...
Quote:
|
| All times are GMT +1. The time now is 06:37. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum