Microsoft Scam (Hacked)

Discussion in 'Malware Help (A Specialist Will Reply)' started by TheTick, Dec 20, 2013.

  1. TheTick

    TheTick Corporal

    Hi guys

    I hope this is in the right section

    I am here on the behalf of my dad.

    Recently he was called by a guy claiming to represent Microsoft. This evil character convinced my dad that his computer was about to crash and that it could be fixed.

    From what i can gather the person on the other end of the phone convinced my dad (who is 64 so not computer savy) that he needed a Microsoft licence. The guy got my dad to mess with Msconfig and told him he was going to take control of his comp. My dad reports his cursor was moving and the man was messing with msconfig and other windows. In the end my dad ended up paying £49 to the guys who actually took £100.

    I did not see any of this so can actually state what happened clearly

    Here is the issue, i am worried and my dad is worried that because this person has accessed the computer once he can do it again, as well as possibly installing keyloggers and other malicious stuff and have access to his bank details/personal information (we will change the passwords to these things).

    Is there anyway to stop this guy/company getting back into my dads machine and stealing more stuff?

    I have run the scans for malware etc and will attach them to this post.

    Hope you guys can help and offer assistance :)

    oh my dads machine is an:
    Acer travelmate p253-e
    Intel pentium 2.20ghz
    4gb RAM
    64x operating system
    windows 8.1
    500GB hd

    Thanks so much
     

    Attached Files:

    TheTick, Dec 20, 2013
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I have checked those logs over and I am not seeing anything suspicious at all. :)

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

    7. After doing the above, you should work thru the below link:
     
    Kestrel13!, Dec 20, 2013
    #2
  3. TheTick

    TheTick Corporal

    Hi Kestrel13!

    Thanks for your help much appreciated :) the clean up procedures have been done and i am going to install a firewall and do some of the recommended protection from malware :)

    I do have one quick question, do you think that the person who took over my dads comp can do it again? is there a way we can be sure that he does not get back into his system?

    Cheers
    Tick
     
    TheTick, Dec 22, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You need to properly protect this PC. I did not see any protection.

    Note the person may have used Remote Desktop to access the PC so make sure that any configuration settings that would allow access from remote PC user have been disabled/removed. See the below link:

    http://windows.microsoft.com/en-us/windows-8/remote-desktop-app-faq
     
    chaslang, Dec 22, 2013
    #4
  5. TheTick

    TheTick Corporal

    Hi chaslang

    Cheers for the reply, my dad was using windows defender which i was told was the same as security essentials is it not? if you were to pick an anti virus which would you chose? I have already installed comodo firewall.

    I think i managed to disable the remote desktop so no one should be able to get in again.

    Thanks again dudes

    :)
     
    TheTick, Dec 22, 2013
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Most welcome. :)
     
    Kestrel13!, Dec 23, 2013
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds