Microsoft Phone Scam eradication

  Batch 18:48 09 Jan 2011

It seems highly likely that my SIL's sister and her husband have fallen prey to the Microsoft Phone Scam (where they've handed over their credit card details and control of their computer to a cold caller).

So two questions really:

A) Does anyone know of any way of explictly telling if they have rogue software installed (by the cold caller) on their PC?

B) If they have fallen prey and have such afore-mentioned rogue software on their PC, does anyone know if there is any means by which it can be removed with certainty (e.g. by anti-malware software) or is the extent and nature of the rogue software (typically) beyond such removal and therefore requiring more drastic measures (such as using system recovery or re-installing from scratch)? I gather from other threads that such rogue software often removes system restore points and so that option may well not be available.

BTW, I haven't seen the PC myself and so can't vouch for what software might "appear" to be on there.

  Ian in Northampton 19:28 09 Jan 2011

I'd strongly suggest they contact their credit card company first and explain the scam they've become prey to, and ask for the transaction to be cancelled. I doubt it'll be the first time the credit card company has heard of it.

I'd take a look at their PC. Chances are, if any software has been remotely installed, it will show up as what looks like a legitimate program.

  Batch 19:36 09 Jan 2011

Thanks Ian, the credit card was first thing I told them of (and the fact that all usages of the PC, including bak account logins, must be considered compromised).

They don't live near me, so I can't see the PC.

At the moment I'm just trying to advise them as to whether they have been affected and, if they have, what the options are to put them back in control.

I really just need the two questions that I've posed above answered, that's all.

  VCR97 19:58 09 Jan 2011

As you know the date you could try this to locate any files installed on that date, but it's just wild guess.

Start, Search, For files or folders, All files and folders, When was it modified?

  VCR97 20:01 09 Jan 2011

No that won't work. I thought it was just looking for a date window but it needs the name. Sorry.

  Batch 20:19 09 Jan 2011

I've reviewed a number of threads here and other articles on the topic. Very few get to the point of discussing the removal of the rogue software and of those that do, none that I've seen have addressed the removal of the software other than by means of the likes of a System Recovery. Hence my questions.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Intel Coffee Lake release date and specifications

These beautiful, mesmerising & subtle GIFs celebrate 30 years of the artform

watchOS 4 review

Les meilleurs navigateurs internet 2017