Grandpa Fell For Tech Support Scam

[RadiatingLight]

RIP

My grandpa fell for a tech support scam on his PC. He already cancelled his credit card and all that jazz, but every time the affected computer connects to the internet, the scammers seem to reconnect. (screen goes black with text that says "ConnectWiseControl"

I've tried uninstalling whatever the scammer put on there, but it doesn't appear in programs and features and I can't find the installation location.

 

Other than a clean-install, is there anything else you'd suggest?

[Himommies]

7 minutes ago, RadiatingLight said:

but it doesn't appear in programs and features and I can't find the installation location.

Then you really don't have any other option do you

It will probably take a longer time to find where all the stuff is then it is to DBAN and install windows again

[unknownmiscreant]

You could try a utility I found called 'My uninstaller' seems to list software the doesn't always show up in programs and features. Can't remember the link but it should come up with a quick search.

 

Try look alt tab out of the black screen to taskmanager or something to find the location of the exe. Idk, you've probs already tried that.

 

But I'd just do a clean install to be sure its gone.

[Guest]

I use ScreenConnect/Connectwise, the temp installer is usually in appdata somewhere. It won't come up in a malware scan since it isn't malware.

Edit: That said, better safe than sorry. I cast my vote for a reload as well.

[Enderman]

Wipe the whole PC.

Don't think that uninstalling a program will completely remove any viruses or control software.

[SeanAngelo]

30 minutes ago, RadiatingLight said:

RIP

My grandpa fell for a tech support scam on his PC. He already cancelled his credit card and all that jazz, but every time the affected computer connects to the internet, the scammers seem to reconnect. (screen goes black with text that says "ConnectWiseControl"

I've tried uninstalling whatever the scammer put on there, but it doesn't appear in programs and features and I can't find the installation location.

 

Other than a clean-install, is there anything else you'd suggest?

nah, WIPE the whole PC.

[aezakmi]

don't wipe.

 

get an usb stick with total uninstaller and malwarebytes antimalware on it, unplug the ethernet wire from your grandpa's computer (so it doesn't reconnects) and run both programs, search anything weird with TU remove it and then run the antimalware

[Licorish]

Please follow the advice of the sane on here and wipe it out completely with a fresh windows install. Who knows what else they could have slipped onto the PC that your grandpa might not even had noticed. 

[RadiatingLight]

Yep, You guys are right. I'm wiping the boot drive.

[Canada EH]

dont trust nothing.

 

wipe it clean 188%

 

Tell your gramps to dont buy anything from nobody anymore who is door to door or over the phone. Tell  your gramps to tell them to Fuck off and dont call you anymore your not interested. Or if you got time to waste, you could just play along with them, if you have the time to do that. Also, maybe a neat trick is to ask for someone to show up at the house, wouldnt that be a blast to mess with them that way!

[ElSeniorTaco]

Ya that sucks,

I've got a number of people that have me on speed dial lol, they have called me before with stuff like this.

I've told them to not talk to people like that, no legitimate company has ever called an end user to fix a problem that they did not even know existed on their computer/did not call someone first ( that i know of).

I've told them if they really think its serious and legitamate, to put them on hold, and call me first to verify (which it never is).

I've dealt with this all to often, you gotta really hammer down this on your friends/family/customers, they get the scare of a lifetime from these guys because that is what they do, scare them into believing something serious is going on and they need to take care of this (pay them) right now or all hell will break loose.

 

Honestly these people call me sometimes even.

I just screw with them alot, for as long as I can, confuse them mislead them etc, lol.

Depending on your point of view, this might sound bad, but that is exactly what they are doing to other people.

And the more I waste their time, the less time they have to scam someone else.

 

You might have to wipe it clean, but I have found in alot of cases these people dont try to get back in from what I can tell.

You can probably do something like a netstat and figure out whats running and connecting or waiting for something to connect to it, to figure out if there is a link back to them hiding inside.

Alot of these companies get away with this stuff legally in most cases, but if they try going past the permissions that they are given, they will cross that line from legal to illegal, and risk losing their scamish operation to the authorities and jail time (if someone goes digging that is and depending on their local laws)

Technically at this point, they are not hacking, Instead they are tricking you and you are allowing your self to be tricked.

Once they try getting in after you turn them down, then they might be crossing that threshold.

[Ace McPlane]

12 hours ago, RadiatingLight said:

RIP

My grandpa fell for a tech support scam on his PC. He already cancelled his credit card and all that jazz, but every time the affected computer connects to the internet, the scammers seem to reconnect. (screen goes black with text that says "ConnectWiseControl"

I've tried uninstalling whatever the scammer put on there, but it doesn't appear in programs and features and I can't find the installation location.

 

Other than a clean-install, is there anything else you'd suggest?

There is no other solution I'd trust in this situation other than wiping the whole PC and installing windows fresh.

 

That's a sin though.

Screw scammers.