Hello,

Recently I have been hearing about people getting cold called about a virus or some kind of problem on the computer. Then they take control of the computer through remote access and install various programs.

If this happens to someone is there a way for you to completely terminate the program that they may have installed?

Would Norton 360 detect and remove the program? If not would Norton Power Eraser remove the program?

Could this kind of remote access and various programs do damage to the network? For example: If there are 2 computers directly plugged in through one router could this damage the second computer?

Would Norton 360 and Norton Power Eraser safe mode with networking scans remove the programs? 

I wanted to get a better understanding about these cold calling issues.  Any feedback will be greatly appreciated!

Thanks!

Hi, ACS4500. No-one will cold call you about your computer, unless it's a scam.

If they do, do NOT grant them remote access. Just hang up.

If you have a router, then you should have a firewall in the router, as well as your Norton protection.

By all means run a Full Scan with 360, if you have any doubts.  You can start in normal mode.

However, we do not recommend using Power Eraser, as it is a last resort tool best used by someone with experience in using it, as it can delete critical system files if you don't know what you're doing.

Thanks for that information F4E

I'm not too sure about the firewall in the router though. I do have a secured connection but I'm not sure if the firewall is configured. Is there a way I can configure the firewall for the router? 

Thanks!

You can go to settings for most routers, using a web interface.

Not sure what yours will be. It depends on the router, and you will need to know your password.

Some use 192.168.1.1  for instance, which you enter in your browser address bar.

If you don't know or have forgotten your password, maybe your Isp can help.

Hi ACS4500,

I would second what F4E said: No legitimate company will ever cold call you about having detected malware on your system.  If you have allowed someone who called you out of the blue to remote access your computer, there is really no way to be assured that the machine was not compromised - and you can no longer trust anything that the system may be telling you about its current state.  It's a situation where you almost have to assume that the PC is no longer under your control, and then proceed accordingly, such as restoring to a disk image that was created prior to the phone call.

I never let anybody take remote control of my computer but I have received a cold call in the past and yes I did ignore them. I wanted to get a better idea of what could possibly happen to the computer and your network should they take control. 

If they where to take control can you break the connection by removing the ethernet cable?

Also if you use multiple computers can you remove the possibly infected computer before using another on the same network? 

Thanks again for your input SendOfJive and F4E

Hi, ACS4500. I'll defer to my more knowledgeable colleagues but I'd say if you removed the ethernet cable,  then yes you would break the connection.

However if you router is properly set up and you have both computers connected, then it's doubtful the hardware firewall would be breached.

If you use wireless,be sure to use the WPA2 connection.It's the most secure.

I'm also asking because I heard that these cold calls are still a serious problem.

I'm in Australia, and I get one every couple of months. I just say I don't have a computer, and hang up.

It's not a problem if you don't give them ANY info, period.

Adopt a suspicious attitude over any call text or email that was unsolicited, and you'll stay safe.

F4E,

My router does have wireless capability but I don't use that function for security reasons. I always use a direct connection through an ethernet cable and I never have both computers connected at the same time.

The last time I did any kind of work on the router was to secure the wireless network so it would not be open.

I'm not too sure about this router but I would guess that there is some kind of default setting for it's firewall.

Yes, most if not all routers nowadays, have a built in firewall.

I don't think you actually said, but do you have reason to think YOUR computers may have been compromised ?

I got a cold call a while back and shortly after I began getting a good amount of pop ups that said the same thing about the computer having a problem. Again I did not give any information and hung up but I was a little suspicious of these sudden pop ups after the call.

This router is very old by the way. I would say it is from 2007

Possibly sheer coincidence, if you didn't grant remote access.

You can always use programs like MalwareBytes Free edition ONLY, and CCleaner to keep your systems in shape.

Use a pop up blocker and maybe Adblock Plus, and you should be well covered.

Regular full scans are also a good idea.

Sounds like a good time to update that router !

No remote access was granted. I guess I will try MalwareBytes and CCleaner as second opinion scanners but will Norton 360 work well with 2 additional scanners running? 

Also by connecting one computer to the router at a time no information will be able to spread right? For example should a computer be taken over by a cold caller nothing on the router itself would cause it to spread to other machines?

You should only have Norton 360 as your real time protection. Use MalwareBytes as a secondary passive scanner only.

CCleaner is a very good cookie and temporary file cleaner, and is safe to use.

Don't use the Registry clean section, and stick to the default settings, until you get used to using it.

If you're only connecting one computer at a time to the router, then nothing can compromise your second system.

In answer to your last question, no.

Sounds good. Thank you very much for clarifying that. For the longest time I was wondering could something possibly hide within the router itself. Also I'm sorry for asking so many questions. I tend to watch very little details closely on my computer and I always like to be sure that all the systems are up to date and secure! 

ACS,

I'd just add one thing to the thread -- you ask about "cold calls" meaning by phone and there hanging up should be enough.

But if you meant popups on the screen announcing they have discovered 29,000 viruses on your computer and ..... bear in mind that what you actually see can be tricky and for example clicking on No Thanks can be enough to give them permission when the No Thanks word block is actually a hidden script.

Often ALT + F4 will shut a window down safely but if you are relly worried then shut down Windows itself ....... WINKEY will pop up the Shut Down command.

huwyngr,

So to shut down windows I just type in WINKEY in the run box? Thanks for sharing!

---

ACS4500 wrote:

huwyngr,

 

So to shut down windows I just type in WINKEY in the run box? Thanks for sharing!

---

You have not said what version of Windows you are using.

If it's Windows 7 just press the WINKEY on the keyboard and you should see a SHUT DOWN button.

If it's Windows 8.0 or 8.1 I use WINKEY + i (letter i not L or 1 at the same time and you will see a "Charm" pop out from the right with a Power button -- click that and select Shut Down.

But if it's Windows 8.1 then there's a more direct route to Shut Down but I'm not in Windows 8.1 at the moment. It's something like right mouse click on the bottom left of the screen and you will get a Shut Down button similar to Windows 7.