Do I have a trojan on my network?

[terryeatonb]

So I connected my printer to scan some documents but was coming up with an error so i went to the canon support page and chatted with the person online, they were unable to assist me so i got on the phone with a guy and he had me download gotoassist to assist me with my printer issue.

Well one thing led to another and he puts "netstat -sp tcp" in CMD and points out how i have 50 current connections and highlights 5 established connections which are not my local ip. Then goes on to type into notepad what I'd need done to have the trojan removed so me and everyone on my network is safe from hackers.

So what I'm curious about is if he was the hacker and that everything of mine is totally compromised now or he was serious and I do have a network trojan.

 

[helpstar]

Which number did you call?

uninstall gotoassist software
install malwarebytes and update it before scanning for malware


very helpful page would be:
https/www.consumer.ftc.gov/articles/0346-tech-support-scams

 

[terryeatonb]

Couldn’t actually find gotoassist to uninstall but I did download malware bytes and hit man pro and ran scans on each and not bad came up. Also the number that called me is ‭(364) 888-7032‬

 

[rgd1101]

https/www.scammer.info/d/6823-364-888-7032-technocare-technologies-tech-support-scam

backup your data, time to do a fresh install of the os

 

[helpstar]

have a look at your browser´s plugins/addons for "goto..."

most likely you donwloaded something like "GoToAssist Corporate Opener.exe" to your download folder. That´s a normal remote desktop software, but the one who logged into your system with it could have uploaded data or stolen data from you.

you should change any password on the freshly installed system you previously entered on your maybe infected system.

 

[terryeatonb]

Ok, decided on a fresh OS install. I’m curious though, is there an urgent need to change my password on anything I may have logged into as in my entire password history is compromised or would it be only for the point after my enounter. And also was he bs’ing the Trojan then?

 

[USAFRet]

Ok, decided on a fresh OS install. I’m curious though, is there an urgent need to change my password on anything I may have logged into as in my entire password history is compromised or would it be only for the point after my enounter. And also was he bs’ing the Trojan then?

An unknown stranger having direct access to the system...you have no idea what he scooped up or installed.

Copy all your browser setting, which likely includes passwords.
Install a keylogger....

Full wipe and reinstall, and change ALL passwords.

 

[elitech]

Ok, decided on a fresh OS install. I’m curious though, is there an urgent need to change my password on anything I may have logged into as in my entire password history is compromised or would it be only for the point after my enounter. And also was he bs’ing the Trojan then?

Yes, change your password on anything/everything you have, not just what was accessed after the call. As mentioned in a previous post, you do not know what kind of information was gathered. Even though you did not go to a certain site during that time, your credentials could still be stored somewhere else (i.e. cookie, temp files, browser...).

Cannot say about the trojan, but if it is a known scam, they will tell you anything...