0

A friend of mine had her mother allow a "telecommunications customer support agent" (a scammer) to access her computer via TeamViewer.

What should I do to secure the system/ensure the computer is free from any malware?

I've checked msconfig and there are no strange processes starting up which seems good so far.

However, when running the Windows Run command I noticed a shell script "shell:::{}" being run which I'm not too familiar with.

The computer is currently on safe mode with no internet.

Would appreciate any thoughts.

Oliver Kuchies
  • 141
  • 5
  • Thanks Mech, looks good. Just wondering, are you aware what the shell command would be executing? – Oliver Kuchies Apr 14 '20 at 12:25
  • In which context did you see it? Powershell, cmd, VBS, etc.? –  Apr 14 '20 at 12:37
  • In the run window (Win + R) so assuming that's cmd? – Oliver Kuchies Apr 14 '20 at 12:49
  • This didn't result in anything when running on my machine. It would be worth asking a question on its own, but my guess is that it may just have been a typo by the scammer. Also, [this site](https://ss64.com/nt/shell.html) doesn't mention `shell:::{}` at all –  Apr 14 '20 at 12:51

0 Answers0