Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | I'm worried I might've done something stupid...

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion

I'm worried I might've done something stupid...
Reply
 
Thread Tools
Old 31-01-2018, 21:25   #1
Anonymouse
RIP Tigger - 11 years?!
 
Join Date: Jul 2005
Location: Bolton
Age: 58
Services: EE Superfast Broadband
Posts: 1,424
Anonymouse has a bronzed appealAnonymouse has a bronzed appeal
Anonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appeal
Exclamation I'm worried I might've done something stupid...

I got a phone call from a company saying they work with Microsoft, telling me my PC had a trojan - specifically winlogon.exe. But they sounded legit because they knew the Windows license number, which I'm fairly sure they couldn't have obtained from anyone but the people I bought my laptop from, PC Specialist.

I then spent a nerve-wracking half-hour or so surrendering control of my laptop while they did various things to clean up my system, terminate foreign network connections and restart Windows services allegedly disabled by Russian hackers. I've also paid them a sum of dosh for network security software; I presume I'll receive an email link to download it.

Has anyone else experienced this? If so, have I been conned? Is there any way a Windows license number can be fraudulently obtained remotely?

Or am I being paranoid?

But I can't help wondering how these supposed hackers got winlogon.exe past Norton. Plus I've been running https protocol for months and I now have a VPN.

So what precisely have I done: the smart thing, or the bloody stupid thing? Just in case, I've changed my most critical passwords, plus the passcodes on my debit and credit cards.

- I've just looked up 'remote access scams', and now I'm pretty sure I did something stupid.
__________________
"People tend to confuse the words 'new' and 'improved'."
- Agent Phil Coulson, S.H.I.E.L.D.

Last edited by Anonymouse; 31-01-2018 at 21:41.
Anonymouse is offline   Reply With Quote
Advertisement
Old 31-01-2018, 21:36   #2
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 67
Services: With VM for BB 250Mb service.(Deal)
Posts: 11,646
pip08456 has a nice shiny starpip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: I'm worried I might've done something stupid...

Quote:
Originally Posted by Anonymouse View Post
I got a phone call from a company saying they work with Microsoft, telling me my PC had a trojan - specifically winlogon.exe. But they sounded legit because they knew the Windows license number, which I'm fairly sure they couldn't have obtained from anyone but the people I bought my laptop from, PC Advisor.

I then spent a nerve-wracking half-hour or so surrendering control of my laptop while they did various things to clean up my system, terminate foreign network connections and restart Windows services allegedly disabled by Russian hackers. I've also paid them a sum of dosh for network security software; I presume I'll receive an email link to download it.

Has anyone else experienced this? If so, have I been conned? Is there any way a Windows license number can be fraudulently obtained remotely?

Or am I being paranoid?

But I can't help wondering how these supposed hackers got winlogon.exe past Norton. Plus I've been running https protocol for months and I now have a VPN.

So what precisely have I done: the smart thing, or the bloody stupid thing?
The bloody stupid thing. You've given control of your PC to people you don't know who contacted you by phone. How did they get your phone number?

If your PC is not a "home built" one then it will have a generic product number.

Contact your bank or credit cards company and cancel all payments. You will (or should) have to replace your credit/debit cards as well. Also contact the bank to change login details for online banking.

Your PC will also have to be checked for any spyware/malware or virus which may have been installed by them.

Your fault totally, NEVER accept anyone contacting you by phone knows anything about you. Thay will use social engineering to get you to believe they do unless it is actually a company you have dealt with and given your phone number to and give you the correct reference number.

Sorry to be the bearer of bad news but don't shoot the messenger.
pip08456 is offline   Reply With Quote
Old 31-01-2018, 22:09   #3
Anonymouse
RIP Tigger - 11 years?!
 
Join Date: Jul 2005
Location: Bolton
Age: 58
Services: EE Superfast Broadband
Posts: 1,424
Anonymouse has a bronzed appealAnonymouse has a bronzed appeal
Anonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appeal
Re: I'm worried I might've done something stupid...

Wouldn't dream of it, dude. Thanks for the advice.

Okay, I've cancelled the credit card and told Barclaycard what happened, so the ball's in their court now. The payment's still pending, so it shouldn't happen now. If it does, well, lesson learned.

Right. Time for in-depth Norton scanning, so I think I'll go offline for a while and read a book.
__________________
"People tend to confuse the words 'new' and 'improved'."
- Agent Phil Coulson, S.H.I.E.L.D.
Anonymouse is offline   Reply With Quote
Old 31-01-2018, 22:22   #4
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 67
Services: With VM for BB 250Mb service.(Deal)
Posts: 11,646
pip08456 has a nice shiny starpip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: I'm worried I might've done something stupid...

I'd download Malwarebytes and scan with that too.
pip08456 is offline   Reply With Quote
Old 31-01-2018, 23:57   #5
Paul
Dr Pepper Addict
Cable Forum Team
 
Paul's Avatar
 
Join Date: Oct 2003
Location: Nottingham
Age: 61
Services: Flextel SIP : Sky Mobile : Sky Q TV : VM BB (1000 Mbps) : Aquiss FTTP (330 Mbps)
Posts: 27,612
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Re: I'm worried I might've done something stupid...

Quote:
Originally Posted by Anonymouse View Post
I then spent a nerve-wracking half-hour or so surrendering control of my laptop
Too late for you, but for anyone else ....

NEVER, NEVER, NEVER, NEVER do this, Ever.

---------- Post added at 22:57 ---------- Previous post was at 22:56 ----------

If I were you, Id seriously think about re-installing the laptop from scratch, there is no telling what they have put on it.
__________________

Baby, I was born this way.
Paul is offline   Reply With Quote
Old 01-02-2018, 01:02   #6
Anonymouse
RIP Tigger - 11 years?!
 
Join Date: Jul 2005
Location: Bolton
Age: 58
Services: EE Superfast Broadband
Posts: 1,424
Anonymouse has a bronzed appealAnonymouse has a bronzed appeal
Anonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appeal
Re: I'm worried I might've done something stupid...

Well, I've applied updates to and run Norton, Spybot and Malwarebytes, and all they found were a few tracking cookies and some suspect registry keys. It would appear I've been rather luckier than I deserved, as I freely admit. Just goes to show even experienced users can be fooled, and I've been into computers since the days when MS-DOS had to be loaded from a 5 1/4" floppy.

Jeez, that dates me, doesn't it?!
__________________
"People tend to confuse the words 'new' and 'improved'."
- Agent Phil Coulson, S.H.I.E.L.D.
Anonymouse is offline   Reply With Quote
Old 01-02-2018, 01:52   #7
SnoopZ
CF Resident Dog
 
SnoopZ's Avatar
 
Join Date: Mar 2005
Posts: 14,225
SnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny stars
SnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny stars
Re: I'm worried I might've done something stupid...

As Paul says format the computer asap.
__________________
PSN: Snoopzster
SnoopZ is online now   Reply With Quote
Old 01-02-2018, 09:22   #8
Stephen
Bah Humbug!!
 
Stephen's Avatar
 
Join Date: Feb 2004
Location: Glasgow
Age: 42
Services: Sky Q 2Tb, Sky Q mini, boxsets and Sports & Movies HD, Sky Fibre unlimited
Posts: 13,758
Stephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny star
Stephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny starStephen has a nice shiny star
Re: I'm worried I might've done something stupid...

Reformat and reinstall asap.

I had a call from this scam before. It's well known and been around for year as.

As soon as I told them that's funny as there are no Windows devices here only 3 Macs, they actually went silent then hung up.
__________________
AMD Ryzen 7 7700 | 32GB DDR5 6000 | RADEON 7900XT | WD 2TB NVME
Stephen is offline   Reply With Quote
Old 01-02-2018, 14:33   #9
weenie
Believe in yourself ...
 
weenie's Avatar
 
Join Date: Dec 2013
Location: Here & there ...
Services: tv phone mobile broadband V6 and tivo.
Posts: 5,252
weenie has a nice shiny starweenie has a nice shiny star
weenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny starweenie has a nice shiny star
Re: I'm worried I might've done something stupid...

Quote:
Originally Posted by Anonymouse View Post

- I've just looked up 'remote access scams', and now I'm pretty sure I did something stupid.
I think remote access can be a good thing as the technician can see the problem your having and investigate directly.

I admit I have used this once and I found it amazing tbh, saying that I called them and I think that is the key word you contact them not the other way around and no payment was needed or asked for in my case.

My advice Anonymouse don't beat yourself up about this what's done is done, take care
__________________
A smile is a curve that sets everything straight.

Last edited by weenie; 01-02-2018 at 14:36.
weenie is offline   Reply With Quote
Old 02-02-2018, 10:10   #10
TheDaddy
cf.mega pornstar
 
TheDaddy's Avatar
 
Join Date: Jan 2006
Posts: 18,782
TheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden aura
TheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden auraTheDaddy has a golden aura
Re: I'm worried I might've done something stupid...

Quote:
Originally Posted by weenie View Post

My advice Anonymouse don't beat yourself up about this what's done is done, take care
And it's good advice imo, if it can happen to him it can happen to quite a few others out there
__________________
Sports Babble
TheDaddy is offline   Reply With Quote
Old 02-02-2018, 10:52   #11
tweetiepooh
Virgin Media Employee
 
tweetiepooh's Avatar
 
Join Date: Sep 2005
Location: Winchester
Services: Staff MyRates BB: VM XXL TV: VM XL Phone : VM XL
Posts: 3,107
tweetiepooh has a bronzed appealtweetiepooh has a bronzed appeal
tweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appeal
Re: I'm worried I might've done something stupid...

You may be able to boot from a Live Linux distro and copy any files you want off the PC, better than booting into PC and copying some nasty over.
__________________
I work for VMO2 but reply here in my own right. Any help or advice is made on a best-effort basis. No comments construe any obligation on VMO2 or its employees.
tweetiepooh is offline   Reply With Quote
Old 02-02-2018, 10:55   #12
Maggy
The Invisible Woman
Cable Forum Team
 
Maggy's Avatar
 
Join Date: Jun 2003
Location: between Portsmouth and Southampton.
Age: 71
Services: VM XL TV,50 MB VM BB,VM landline, Tivo
Posts: 40,159
Maggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden aura
Maggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden auraMaggy has a golden aura
Re: I'm worried I might've done something stupid...

Quote:
Originally Posted by weenie View Post
I think remote access can be a good thing as the technician can see the problem your having and investigate directly.

I admit I have used this once and I found it amazing tbh, saying that I called them and I think that is the key word you contact them not the other way around and no payment was needed or asked for in my case.

My advice Anonymouse don't beat yourself up about this what's done is done, take care
I did the same with Eset when I had an issue that Nod32 couldn't resolve.. I contacted them,they emailed me back and suggested we talk over the phone and then used remote access to sort out the issue which was a virus hiding on my external hard drive. You have to be the contactee..not the other way round.
__________________
Hell is empty and all the devils are here. Shakespeare..
Maggy is offline   Reply With Quote
Old 02-02-2018, 20:58   #13
Anonymouse
RIP Tigger - 11 years?!
 
Join Date: Jul 2005
Location: Bolton
Age: 58
Services: EE Superfast Broadband
Posts: 1,424
Anonymouse has a bronzed appealAnonymouse has a bronzed appeal
Anonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appealAnonymouse has a bronzed appeal
Re: I'm worried I might've done something stupid...

Thanks, peeps, lesson learned - I am going to reinstall everything on my next 3-day break from work (I work 5 nights on, 3 off);
I'm usually too tired while I'm working to think straight, so it'll have to wait till then. As a compromise I'm disconnecting from the Internet while I'm not browsing...so if there is anything that's been missed by Norton, Spybot, Malwarebytes and the Microsoft tool, it can't do anything significant.
__________________
"People tend to confuse the words 'new' and 'improved'."
- Agent Phil Coulson, S.H.I.E.L.D.
Anonymouse is offline   Reply With Quote
Old 02-02-2018, 21:26   #14
richard s
Permanently Banned
 
Join Date: Jan 2012
Location: Near France
Services: Tivo XL 150mb broadband L phone
Posts: 1,817
richard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful onerichard s is the helpful one
Re: I'm worried I might've done something stupid...

A good days work to sort this out.. good luck Anonymouse.
richard s is offline   Reply With Quote
Old 03-02-2018, 18:57   #15
nashville
nashville
 
Join Date: Feb 2011
Location: Rutherglen. Glasgow
Services: Virgin Media
Posts: 5,174
nashville has a nice shiny star
nashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny starnashville has a nice shiny star
Re: I'm worried I might've done something stupid...

Terrible thing to happen to you, So sorry, Hope you have not lost a lot of money
nashville is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 15:59.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.