Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious message: microsoft??


  • Please log in to reply
7 replies to this topic

#1 coaler

coaler

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 10 December 2015 - 10:50 PM

I havea pavillion 10 all in one 8.1

Internet was enabled but I was  doing a jigsaw puzzle on a program I have had for years. Never any problem.

All of a sudden through the microphone I got a message over and over saying my computer was comprimised, my passwords, banking, and so forth were at risk .

I should call this number 855-472-9850...to have it fixed.

I didn't know what to do...I did call the number. Some woman with a foreign accent asked what my problem was...that they could take over my machine and fix it.

I hung up on her.

Going to my homepage this message was in a box. I clicked it off with the x.

I asked another help group and they gave me a url to report it to the ic3.gov site. They scared me with the fact that I should contact my internet provider. get new id and access code etc.

My question is...what is  your take on this and is all this necessary. Was this a scheme to get my passwords and info? phishing scam? or what.

Thank you for your consideration. I add that my security program didn't pick up on this.


Edited by coaler, 10 December 2015 - 10:51 PM.


BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:31 AM

Posted 11 December 2015 - 06:49 AM

Coaler:

:welcome: to the Bleeping Computer Am I Infected? - What Do I Do? Forum. My name is Phil. If you would permit me, I would like to address you by your first name.

The message is not legitimate. You did the right thing to not permit the person to remote-access into your computer. :thumbup2: Many of these companies sell useless "security software" at an exorbitant price.

I think what we should do is run a few legitimate security scans on your computer and see what turns up.


:step1:

ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

*Click this link to open ESET OnlineScan.
* Place a checkmark next to "Yes, I accept the Terms of Use", then click the greenstart.png button.
* When prompted allow the Add-On/Active X to install.
* In the new window that opens, tic the radio button next to Enable detection of potentially unwanted applications.
* Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):

  • Remove found threats
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

*Then click the shieldstart.png button and ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
*When the scan completes, click List Found Threats (only if anything is found).
*Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
*Click back.png, then click finish.png to exit ESET Online Scanner.

Don't forget to re-enable your antivirus when finished!



:step2:

Download and install Malwarebytes Anti-Malware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup-2.2.*.****.exe and follow the prompts to install the program ( * = program version numbers may vary - always get the latest version).
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard
  • Paste the contents of the clipboard into your next reply.

 

 

I would like you to paste the logs from both scans into your next reply. I will examine those and determine what our next step should be. If there is evidence of serious infection, you might have to open a new thread in the Virus, Trojan, Spyware and Malware Removal Logs Forum, but let's not get ahead of ourselves yet.

If I haven't responded to your reply in 24 hours, please send me a personal message.

Have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#3 Gene_L

Gene_L

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 12 December 2015 - 11:59 AM

Deleted post, started new thread.


Edited by Gene_L, 12 December 2015 - 01:39 PM.


#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:31 AM

Posted 12 December 2015 - 12:55 PM

Gene_L:

 

I appreciate the fact that you have a computer problem, but it is not considered good "netiquette" to hijack a thread.  No two computers are identical and computer issues, while they may often seem similar, the issues are often due to different causes.

 

I would recommend that you open your own thread and someone here will be happy assist you, ... it might even be me, if I happen to be around when you post and I happen to pick up your thread.  Please post a link to this thread in your new topic so that the helper knows what has been done.  I am sure that Bleeping Computer personnel will be able to help you get your Chrome working properly.  Good luck.

 

Have a great day.

 

Regards,

-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#5 Gene_L

Gene_L

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:09:31 PM

Posted 12 December 2015 - 01:05 PM

OOOPS !  Sorry, will start a new thread.



#6 coaler

coaler
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 12 December 2015 - 07:19 PM

I SOLVED my own problem. I ran my security. Found 2 trojans..fixed that. Then I unchecked the remote access box . It was checked. Hopefully this is all I will have to do. I believe they came in on a bad java update. I still keep getting update Java but am ignoring it. I didn't think Microsoft would act like that. always some clown trying new ways to spy on you....thanks.



#7 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:31 AM

Posted 13 December 2015 - 05:16 AM

coaler:

 

I am glad to hear that you have solved your problem.  Congratulations!   :thumbsup:

 

You might want to consider whether you really need Java  ...

 

Quietman7 has an excellent post on that issue here.

 

Personally, I got rid of Java months ago, and I have not needed it.  I am happy to be without the security vulnerabilities that having Java installed, entails.

 

Once again, congratulations on restoring your computer to health.  Bleeping Computer was happy to help you and thanks you for choosing Bleeping Computer.

 

Have a great day.

 

Regards,

-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:31 PM

Posted 13 December 2015 - 05:26 AM

...I didn't think Microsoft would act like that. always some clown trying new ways to spy on you....thanks.

Microsoft does not contact users via web page messages, phone or email and instruct them to call tech support to fix your computer.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users