# My daughter did something stupid



## Danaus29 (Sep 12, 2005)

Yes, this is computer related. When you hear what happened you will agree that it was stupid.

I don't know the details about how this started. Apparently she was trying to convert something to an MP3 file, on line. I don't know if she was downloading a program for it or what happened but she ended up calling a phone number from a pop-up ad. Yes, it was incredibly stupid! I walked in as she was on the phone and downloading AnyDesk. Once I realized what was happening (after they asked for $200 to fix her computer) I turned off the access. Fortunately she does not do online banking on that computer but they did get my router access code and her email passwords for sure. She has cancelled her 2 cards, changed her passwords and will take the computer to my son who knows how to run virus and trojan scans. I have reset the modem and made a new password for it.

My tablet was not online and I did not download any programs.

I have 3 questions;
are my other devices compromised because of this?
Is my connection compromised after resetting the modem with the new password?
Is there anything else I should do to protect my devices? (other than taking daughter's computer away from her?)

Thanks for the help.


----------



## Nevada (Sep 9, 2004)

Danaus29 said:


> I have 3 questions;
> are my other devices compromised because of this?
> Is my connection compromised after resetting the modem with the new password?
> Is there anything else I should do to protect my devices? (other than taking daughter's computer away from her?)
> ...


I wouldn't expect other computers to get compromised. I think resetting the router password and scanning the computer for viruses and malware should do it. Of course there's no telling what might have happened during the AnyDesk session, but his concentration would have been on convincing your daughter to pay them $200. 

I've seen this before. A common ploy is to get the victim to go to the command prompt and enter netstat. The netstat command will show hosts that you are communicating with under the column "Foreign Address." Then he tells you that all of the IP addresses in the list are foreign hackers trying to get into your computer. But in this context the word "foreign" refers to hosts that are not in your subnet, so seeing a list of foreign addresses is normal and no cause for alarm.


----------



## Danaus29 (Sep 12, 2005)

Thank you. I value your computer expertise. 

He got real mad when I shut off the modem. I knew he hadn't got control of my devices at that point because nothing else was on so I figured severing the connection before he could do any more damage was a good move.

He did keep commenting about those foreign connections and kept saying there were other computers using the ip address and that he needed to look at those computers. 

When she cancelled her debit card at the bank, the banker told her about another person who did online banking who ended up helplessly watching as the person on the phone drained her account. Fortunately I stopped it before my daughter gave out banking information.

I just don't know why, and she doesn't know why, she called them. Apparently it was a pop-up window claiming to be from Microsoft offering to help her download a file she was trying to save. My son would have broke the computer over her head for falling for the oldest computer scam in the book. He still might. If he is off work this weekend he will look at it for her. 

Is Windows Defender a good spyware remover? She has that on the computer and is running it but I don't know if that will take care of the problem.

And what happened with the supposed firewall that Spectrum provides? I know it's garbage but I thought it would at least do something. I guess I better check into that.


----------



## Nevada (Sep 9, 2004)

Danaus29 said:


> Is Windows Defender a good spyware remover? She has that on the computer and is running it but I don't know if that will take care of the problem.
> 
> And what happened with the supposed firewall that Spectrum provides? I know it's garbage but I thought it would at least do something. I guess I better check into that.


When you install a 3rd party antivirus application like AVg or Avast, Windows Defender is deactivated. To be honest I don't have a lot of experience with Defender because it's always deactivated on my machines.

Workstation firewalls aren't very effective, but I don't know what the Spectrum firewall provided. The idea with a workstation firewall is that all of the ports that aren't being used legitimately are closed. That prevents malware from operating on a port that you aren't aware of. Hardware firewalls like the ones used in data centers do a lot more. For example they can subscribe to real-time blacklist services that will drop connections from hosts that have abused other data centers. They can also monitor for certain suspicious behaviors that can mean a hacker is at work.


----------



## Danaus29 (Sep 12, 2005)

But by downloading the software and letting them have control she circumvented everything that was set up to protect her. Even the person at the atty general office asked why she did something so stupid.

I think my son runs AVg. He keeps up to date on all this stuff. Since we now have no real computer to access the internet she has to wait until he is available. I have 3 laptops but they all have new operating systems which I haven't learned and trying to get used to them frustrates me to no end. $3000 worth of electronics and I can't even get them to play my dash cam video. So they sit, gathering dust. Nothing but expensive trash.


----------



## Gary in ohio (May 11, 2002)

Danaus29 said:


> $3000 worth of electronics and I can't even get them to play my dash cam video. So they sit, gathering dust. Nothing but expensive trash.


If they were not on when your daughter was online dont worry about them. You shouldnt need your laptop to be online to look at your video.


----------



## Danaus29 (Sep 12, 2005)

Gary in ohio said:


> If they were not on when your daughter was online dont worry about them. You shouldnt need your laptop to be online to look at your video.


The problem is I haven't learned how to do things on their operating systems. I can't figure out how to do anything more than turn them on, definitely can't hook them up to the internet. The new systems are not compatible with the format that the dash cams, trail cams and surveillance cameras use and I can't get those videos to play. I wasted 6 hours trying to copy windows media player from the old computer to the new one and the stuff still won't play.


----------



## 50ShadesOfDirt (Nov 11, 2018)

What OS is on these three laptops, one of which I'm assuming is the computer involved in the scam? It sounds like two separate problems here: 1.) different OS's, some of which you are familiar with, and some you're not, and 2.) need some way to get back to a known state.

While the scam software pieces don't sound as bad as getting some kind of malware virus, there is one sure way to ensure that things are cleaned up correctly, and that's to wipe it clean with a reinstall, or recover from backup in such a way that it essentially does the wipe/reinstall for you. This guarantees that there is no piece of malware missed, as you're setting it back to a previous known-good state. You also don't have to wait around for someone else to set it back for you, if you tackle the effort yourself.

This article, Computer for the Homestead, discusses the process ...

If, after reading the article, you find that the suggested steps are a bit out of your depth, just print it and take it to a computer shop, and have them do the suggested steps ... it's not the work that is important, it's getting to the end state of having a quick recovery process from these scenarios.

As for the different OS aspect ... without more details, I'm going to assume it's the different look and feel of Windows 8 or 10 to Windows 7 or earlier. If this is the issue, then you just need to apply a quick change to Windows 8 or 10 such that its menu system behaves like Windows 7. A quick google of "windows 7 menu for windows 10" will lead you to various solutions for this. I just use the program "open-shell menu", which does all the hard work for me.

Finally, the camera issue mentioned in the thread sounds like a missing "codec", a piece of software that tells Windows Media Player how to interpret a video stream from a specific kind of camera; these don't come with Windows ... they usually come with the camera or are available online from the vendor. There are also free codec "bundles" that have all the typical codecs in them, and once installed, your WMP can then play the security cam footage. In your case, you would want to include these codecs in your backup scheme, so they get recovered when the OS gets reinstalled.

Hope these things help ...


----------



## Nevada (Sep 9, 2004)

Danaus29 said:


> The new systems are not compatible with the format that the dash cams, trail cams and surveillance cameras use and I can't get those videos to play.


The other side of that is peripheral hardware manufacturers, such as printer and scanner manufacturers, eventually drop driver support for older operating systems. You can't really blame them, since there isn't a lot of revenue in discontinued operating system support. So sooner or later you'll have to join the rest of the world.

I remember when Windows 98 was reaching end of life I was busy with a project and really didn't want to upgrade to Windows XP. But it wasn't long before holding out was becoming more trouble than upgrading.


----------



## robin416 (Dec 29, 2019)

Isn't there also something about whether software supports IPV4 or IPV6?


----------



## Danaus29 (Sep 12, 2005)

Yes, it is 2 separate issues. Sorry that wasn't clear. The newer laptops are using Windows 10, which really is terrible because everything was moved around. The dash cams and the security cameras were made after Win 10 came out. Neither of the new computers has Windows Media Player. I tried running it from a copy of the program put on disk by my old XP machine and installed on the new one. It plays but does not function like it should, no fast forward, no pause, I can't remember if it did sound. I just use the XP because the new ones are too much trouble. Media Player was installed on the XP and ran just fine.

I don't know what OS the tablet uses. I get on the internet with the tablet because the new computers are too much trouble to try connecting.

The original problem computer is back from my son who ran virus and key logger and other scans. It had a couple minor bugs which have been fixed but no major issues. He thinks when I disconnected the internet I kept any potential problem software from being downloaded.


----------



## backwoodsman7 (Mar 22, 2007)

Danaus29 said:


> The dash cams and the security cameras were made after Win 10 came out. Neither of the new computers has Windows Media Player. I tried running it from a copy of the program put on disk by my old XP machine and installed on the new one. It plays but does not function like it should, no fast forward, no pause, I can't remember if it did sound.


As you discovered, you can't move programs to another machine like that. VLC is a better player anyway. It supports almost every format, so should play your cameras' videos, unless they're using some kind of proprietary format.




__





VLC: Official site - Free multimedia solutions for all OS! - VideoLAN







www.videolan.org







> The original problem computer is back from my son who ran virus and key logger and other scans. It had a couple minor bugs which have been fixed but no major issues. He thinks when I disconnected the internet I kept any potential problem software from being downloaded.


I wasn't clear on what exactly happened originally, but it sounded like you stopped her while the remote access software was still downloading. If that's the case, they wouldn't have had a chance to do any damage yet.


----------



## Nevada (Sep 9, 2004)

robin416 said:


> Isn't there also something about whether software supports IPV4 or IPV6?


No, your operating system's network interface takes care of that.


----------



## Danaus29 (Sep 12, 2005)

I wasn't real sure what was going on either. She had downloaded remote access software and he was trying to get her bank information when I pulled the plug. If she had given that I'm sure he would have drained her account. Not sure what else would have happened but he did see her email password. It has been changed.


----------



## 50ShadesOfDirt (Nov 11, 2018)

Timely (sort of) information ... one of my security websites lists this info on what it is, prevention, etc.:

*





Vishing - Phone Call Attacks and Scams - SANS OUCH! Newsletter - May 2021


While some of today’s cyber criminals do use advanced technologies, many simply use the phone to trick their victims.




www.sans.org




*
Where "vishing" (a play on phishing) represents phone scams and such.

Hope this helps!


----------



## mnn2501 (Apr 2, 2008)

Danaus29 said:


> The problem is I haven't learned how to do things on their operating systems. I can't figure out how to do anything more than turn them on, definitely can't hook them up to the internet.


If they were not hooked to the net, they're safe.


----------

