Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer hijack attempt


  • Please log in to reply
1 reply to this topic

#1 jpau00

jpau00

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 20 March 2017 - 09:11 PM

This is regarding my parents’ computer. They are running Windows 7. I manage their pc from out of state using TeamViewer. I have an administrator account set up and they each have a user account.

Apparently my dad was having problems with his Roku. He went online to get their support number and called, only it wasn’t Roku. I’ll spare the details but it ended up with my mom giving control of their PC computer to some guy who told them they had a back door security breech and he could fix it for $149. (He convinced them the problem originated with their PC)

He also wanted their administrator password. He was obviously trying to install something. Fortunately I had set them up with standard user accounts. They called me about this time. Not knowing what all was occurring, I told my dad to unplug/replug the roku, which fixed it so they got off the phone with the guy. I found all this out later.

I am hoping this guy did not get into the administrator settings. I guess my dad was shouting the password to my mom, but she never typed it in, however I don’t know if the guy might have heard it and typed it himself. Probably not, because it is a weird password that might be tough to spell.

Once I got the story this evening, I immediately changed the admin password and I am running a deep scan with eset.

I can’t rebuild their system from out of state. I’ll have to wait for summer when I visit for that. I told them to go to their bank and put a security alert on their accounts. Also, not to do any banking on that machine.

Does anyone have any further advice? What types of activity are typical from this kind of hijack? If it is ransom-ware, I can deal with that until the summer. I am mostly worried about spybots and keyloggers.



BC AdBot (Login to Remove)

 


#2 jpau00

jpau00
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:01 PM

Posted 21 March 2017 - 07:06 AM

As a follow-up, I checked their browser history and the company my father inadvertently contacted was myfastpc.com. The fact that my dad was asking about a Roku box and they directed him instead to his PC and made false claims about infection proves the illegitimacy of this company.  At the same time, given the description of other people's scam reports about the company, it appears they are mostly guilty of charging money for bogus repairs. I am less concerned about installed malware/spyware now.

 

I ran a deep scan on the machine and I verified all the processes that were running were legitimate. I guess that is the best I can do. My poor folks, who are in their 80's are completely distraught over the experience. I wish there was a way to shut down these companies.


Edited by jpau00, 21 March 2017 - 07:07 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users