So I came in to my weekend job Friday night and found out that on Tuesday my coworkers got duped by a classic adware saying our work computer had been blocked by Microsoft. A quick search of the number 1-877-261-5407 reveals that it is a classic known scam. They called the number and paid them $199 with a credit card. They gave these scammers remote control of the computer and they changed things. They even have a call back number and they answer and pretend to be Microsoft support. It is 1-800-371-8964 if anyone is interested and the guys name is supposedly Raymond. A quick search of that number reveals it is also a known scam number that has pretended to be support for many different companies including Dell and Microsoft. So anyways, what do I do now? Can someone help me find what they did and remove it? I have not run any scans yet because I want to see the whole picture before I start removing parts of it. Maybe we lucked out and all they wanted was $200 but I doubt it. I would have to imagine they have complete control of the computer. Keyloggers, back doors, who knows what they did. There are a few things on the desktop that I don't recognize. They are 'Send Anywhere', 'Team Viewer 9', and 'Network Security.bat'. Do these guys typically just take their $200 and run or are they after more?'