Son duped! How do I know if computer is infected by infosis.net scam?

4normans · 31 Aug 2014

Hi-- I am in need of technical expertise to assess for whether my computer has been attacked! My 13 yr old son was duped by someone calling claiming to be a Microsoft technician with knowledge that our computer was hacked. I was not home...

He did much of what they asked, typing windows + R, typing in 3 separate prompts at that window to see the evidence of hacking. He was told to type in "inf", then "eventvwr" and finally "www.infosis.net"

He says that the when the computer went to that website, he then told them he needed to call me, which he did, and I told him to not follow any instructions.

Unfortunately, he was scared to tell me he already HAD followed several of their instructions.

He tells me that once he knew they were bad, he just turned the computer off, but that was many minutes into the call and after he got to the infosis.net web site.

So, clearly, this is BAD.

I have no idea if they helped themselves to access my computer remotely or if they initiated a malware download. I am in the middle of running a full Norton 360 system scan as I type.

I pray there is a kind soul who can help me through comprehensively evaluating this problem, step by step?

Thanks,

Aimee

HarriePateman · 31 Aug 2014

Hello and welcome to sevenForums.

Here is some information i found on the web for you.

Information

The software that you’ll be asked to download is called the TeamViewer Client and is a reputable piece of software used for remote access around the world, it’s just that it’s being used in a scam in this instance.

Now that the indian scammers have access they can continue to convince you that your computer is in trouble. They may ask you to open a command prompt and ask you to type in a few commands. In this case they asked my friend to type ‘netstat’ to show her all of the connections from the hackers By now my friend was convinced and prepared to pay the ‘small fee’ for protection. The Indian tech support scam was almost complete

Please look at all your installed programs, and have a look for "teamviewer"

Also please download Malwarebytes and perform a full scan.

https://www.malwarebytes.org/

1PW · 31 Aug 2014

You may wish to download/install/update/run a Threat Scan with the latest free (v2.0.2.1012) Malwarebytes Anti-Malware (MBAM2).

If absolutely nothing comes of the MBAM2 Threat Scan, continue with an ESET Run ESET Online Scanner.

If nothing shows up in either scan, your system is likely quite okay. Please don't think the lesser of your son. He was just trying to help you. But a warning to him is likely a good investment.

https://www.malwarebytes.org/mbam-download.php

https://www.eset.com/us/online-scanner/

HarriePateman · 31 Aug 2014

1PW said:

You may wish to download/install/run a Threat Scan with the latest free Malwarebytes Anti-Malware (MBAM).

If absolutely nothing comes of the MBAM Threat Scan, continue with a ESET's Run ESET Online Scanner.

If nothing shows up in either scan, your system is likely quite okay.

I stated that in my first post

1PW · 31 Aug 2014

HarriePateman said:

I stated that in my first post

My typing wasn't nearly as quick as yours and then I saw your fine post, I decided to let mine stand as it includes ESET's Online Scanner.

IMHO with either of our posts, the OP is well served don't you think? :)

HarriePateman · 31 Aug 2014

Defiantly, Good advice

derekimo · 31 Aug 2014

Looking at the infosis website you mentioned it looks like they have three possible programs to access computers.

Teamviewer has already been mentioned.

These are the other two,

This one here Ammyy Admin - Free Zero-Config Remote Desktop Software, Remote Desktop Connection and Remote Access Software

And this one Remote Support, Desktop Sharing, Online Meetings: ShowMyPC

They both show warnings not to let unknown callers access your computers, so they know it is being used for nefarious purposes.

Important information on cases of malicious use of our software.

Responsible Use of ShowMyPC

Just some additional info for you and things to look for.

4normans · 31 Aug 2014

Hi HarriePateman, 1PW, and Derekimo,

Thank you so much for the replies. I will follow through on each point of advice.

Unfortunately, this has happened during a time when an ill elderly parent has been going in and out of the hospital for end of life emergency care (that's why I wasn't home during the initial phone call) and I have to again go attend to that matter shortly, so my ability to put time and resources into the computer problem is a bit strained at the moment. (My poor, sweet son feels so badly.)

Thanks again for helping ease my way to cope with this problem so that I can get right to it when I am able! Hopefully, I can do it later this evening.

Aimee

HarriePateman · 31 Aug 2014

Life is worth more then any computer :S

derekimo · 31 Aug 2014

You're welcome, sorry to hear about your parent.

That definitely has priority, tell your son not to feel bad those people are expert scammers and to take it as a lesson learned.

Wishing you the best in this trying time.