[SOLVED] Microsoft just called me!

Elmer BeFuddled · Elmer BeFuddled's Computer Specs

Further to the good advice given. I'd now run Malwarebytes in Safe Mode.

Capt.Jack Sparrow · Capt.Jack Sparrow's Computer Specs

Quote:

BEWARE - Users have been reporting they have received phone calls, some claiming to be from "Microsoft", telling them that that their computers are infected. The caller asks the User if they are online and if their computers are performing slowly.
If their computers are not running, they will ask the User to boot the system and report on the start up time or, if the system is running and online, they will tell the User that a tech can take over control of it and clean a "virus infection".
This is a scam !!!
If you happen to receive one of these phone calls ask the caller for the name of the company, where they are located, and their phone number.
Then hang up and report this to:
IC3 (internet crime)
The Local FBI Office ( if you're in the US)

Microsoft will never , repeat, NEVER , cold call people who use Windows. NEVER !!!

Do not fall for this latest scam.
NEVER allow strangers to take over your computer. NEVER !!!

Here's a thread from a Microsoft forum where a User fell to this scam :
Phone Call From Someone claiming I have a Virus

More Information : http://www.microsoft.com/security/on...one-scams.aspx
How to Report: http://www.ftc.gov/bcp/edu/microsite...d/report.shtml

**TrainableMan** · TrainableMan's Computer Specs

Spybot S&D only runs when you tell it to so it IS compatible with your AV and Malwarebytes. It is passive except that it modifies your host file to block malicious websites (and this will not effect malwarebytes or your AV software). Did you run the immunize option under spybot too? You should also do that part.

Microsoft just called me!-spybotimmunize.jpg

Here is my concern if you do not reinstall (I do not know they did this but I also can't be sure they didn't) ...
You gave them access to your machine so they could have installed anything. You didn't give them your banking or Paypal information over the phone but they could have installed a keylogger onto your computer that records everything you type. With this information they could watch for you to access your bank or paypal accounts and see what you typed for an ID and password. This could affect you directly and financially.

Another type of program that could be installed gives them total access to your files any time you are attached to the internet. If the keylogger doesn't automatically transmit the data then they may use this type program to get the log file from your machine or to access any other files you have on your computer.

A third type of program they could have installed uses your computer along with hundreds or thousands of other compromised systems to attack websites such as Paypal in what is termed a DDOS (distributed denial of service) attack. These people seem to be more inclined towards financial gain so this is less likely but none-the-less it is possible.

...

Now there are tools to look for unusual programs running or transmitting and I would use them if it were my computer. For example you can run msconfig and check all the non-Microsoft services loaded or look for new programs added to startup. And there is a program called HijackThis that rates those services and start programs and ranks them by threat level. There is another program called TCPView that can be used to watch for unusual transmissions to & from the internet. But these tools can require some experience to understand and recognize threats.

Now it sounds like Ace is offering to go into your computer and maybe have a look at some of these items by you granting him access to your computer like you did the bad guys on the phone. I only know Ace slightly better than I know the guys that called you and you don't know either of us so there is always some risk. The only risk with a reinstall is that it is a lot of work but it is the safest way I know and that is why I recommended it. If you are not going to reinstall then I would encourage you to let Ace have a look because I do believe he is sincere about trying to help and it "feels" like he has more computer experience and may notice something you don't.

Elmer BeFuddled · Elmer BeFuddled's Computer Specs

Quote:

Originally Posted by anna62

This is the phone number they gave me 00442071937899.

That's a London number.

**TrainableMan** · TrainableMan's Computer Specs

Quote:

Originally Posted by Elmer BeFuddled

That's a London number.

If you read the article Core posted it mentions they use the internet to forward the calls to places like India while providing a local number to the victim.

anna62 · anna62's Computer Specs

When I thought about it I think it has one too many numbers for a London Number.

**clifford_cooley** · clifford_cooley's Computer Specs

UK Phone Number Directory

Sadly though, I'm not gonna pay to see where the number leads.

linux731 · linux731's Computer Specs

I recommend you to let Ace take a look via either Skype or TeamViewer.

benonidoni · benonidoni's Computer Specs

I'd set up a voice machine to say you only charge by the hour?

**Core** · Core's Computer Specs

Closing thread and marking as solved.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Mysterious folders in my AppData>Local folder	brkkab123	Windows 7 Support	119	07-09-2011 10:37 AM
Fake Microsoft Security Essentials software on the loose. Don’t be fooled by it!	Nibiru2012	Security	4	04-16-2011 06:11 AM
Black Screen until Windows loads	elgardos	Hardware	44	09-07-2010 06:00 AM
Microsoft TechNet Plus Subscriptions Now Available at 25% OFF	Nibiru2012	News	30	05-14-2010 06:24 PM
Windows 7 is Fastest-selling OS in History, Microsoft Posts Huge Earnings	Nibiru2012	News	29	02-12-2010 01:12 AM