Take the above guidance seriously. Get the PC scanned by a service/pro please - and change your email passwords NOW. That is the first thing a hacker is after - with that - they can take over any accounts you access by requesting a PWD reset be sent to the email address.

I appreciate all the advice given.
I've downloaded Malwarebytes and this is all a scan found:
http://forums.pelicanparts.com/uploa...1662734627.JPG
I don't think I got any infection from my foray into that site.
I will be more cautious in the future. Brain fade on my part yesterday as I'm usually very leery of everything that goes on with my computer.
I think the tell tale that they were/are amateurs was the quick disconnect of the phone line. The number I had called wasn't the same as what is shown in the video linked above.
I don't do any banking on this computer, that happens on my wife's as she is the banker in the family. If they did get any password info from mine the list would be so short they probably wouldn't bother looking as it would indicate I live under a rock.
Thanks again for the help, and next time it'll be cntrl/alt/delete for me.

I use CCleaner which checks .dlls, finds and updates drivers (better than Windows), and shows running and/or installed processes (which for some reason Windows does not always do).


https://support.microsoft.com/en-us/topic/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files-79aa86cb-ca52-166a-92a3-966e85d4094e
At the command prompt, type the following command, and then press ENTER:
sfc /scannow

I am little late to the game for advice, but there are two better/faster options in windows to close programs.

ALT+F4 will close the active window/program.

CTRL+Shift+ESC will bring up the task manager for you to kill the process/app.

Better late than never works for me Shifter. Thanks!

yes you were hacked.

Should probably consider the pc suspect
best to hand it over to somebody who knows what he's doing, and who can reinstall the OS
and hopefully clear your data before it gets corrupted or deleted.

Folks, based on his description of events, he wasn't actually hacked.

He got a popup (those can happen without doing anything to the computer). He called the number and downloaded a "legit" software from a "legit" site. If he had performed the next step (install said software and then give the guy on the phone access) he'd have been screwed. Fortunately, he stopped just in time.

It's good to scan things.

If the popup was because his computer had been compromised (bad software installed), then they likely wouldn't have needed him to download the remote control software because that capability would have been included in the original bad software.

Still, better to thoroughly check things out and be sure.

Well I would assume he was since his PC frooze and he got a popup from a criminal source.
Till further notice I would not use the pc, if it wer emine i'de power off straight away and scan from a boot disk that is known to be ok

I assume the worst till proof of contrary

His PC didn't freeze because he hit Windows+R and got the "Run" box.

But, like I said better to thoroughly check things out and be sure.

I think since he never installed the remote access program, but only downloaded it, should be fine.

However to be safe, change your most important passwords using a different PC or your tablet or phone. Reboot, keep scanning until you are satisfied no Trojans were installed.

I agree. They were trying to get him to install remote access, but he never did.