Our computer has been very slow, yesterday it froze up. Karen called Microsoft at a number on the screen (I was nervous, thought it might be a scam) and after the tech logged in told her our machine was full of viruses. Apparently the McAfee program we have been using is a phony and offered no protection. They called back at midnight ::) and said it has been fixed. Seems better so far but I had to set a new password for the FF, they had wiped out my tool bar which they said was a virus. We will see how it goes.
We had been using a free version of McAfee but now have the full on program. They charged 149 US which is the normal 1 year rate but gave us an extra year because of the exchange rate. The lesson we learned from all this is not to trust the pop ups and have a qualified tech set up the computer, I am not a geek and quite frankly have no interest in going that deep into it. Buyer beware.
Quote from: sawguy21 on October 23, 2016, 12:28:11 PM
Our computer has been very slow, yesterday it froze up. Karen called Microsoft at a number on the screen (I was nervous, thought it might be a scam) and after the tech logged in told her our machine was full of viruses.
That makes me nervous too. I just read a story about protecting your computer and they said to never use the contact info that appears on your computer without doing your own search for the company it is claimed to be from.
Sorry to say, you were scammed. >:(
I agree with Ianab.
I hate to say, but your computer may be even more compromised than you realize. Allowing remote access, and remotely installing software are methods used to take over computers completely. It is possible that they installed a root kit that sits at a low level in the operating system and allows access that is difficult to detect.
I would suggest that you bring your computer to a local repair shop for a thorough analysis. Tell them the whole story. When the computer is certified clean, change ALL of your passwords.
Sorry.
It is a scam.
I had same popup yesterday on my computer, and says something like 'internet provider customer (I have roadrunner), you computer has been blocked due dangerous virus, please call technical support at Microsoft at xxxxxx number'
However it is just text message in popup window, with no logo or anything linked back to microsoft.
I just close the popup window, my computer works fine.
JJ
We did confirm we were dealing with Microsoft. However we changed all the passwords to be safe.
How did you make that confirmation? I also feel you were scammed.
Another vote for scammed ;)
You are right, it was a scam. >:( I talked to Microsoft this morning, the number we were given as a contact is actually for an online hotel booking service. The computer has been restored to the settings before this went down, we are now working on getting the cc charges reversed. Too soon old and too late smart. ::)
You need that machine wiped clean and the operating system reinstalled. I would bet resetting isn't going to do it.
Do you have a backup prior to the issue?
The problem with back up is, they do not destroy files created after the backup date. This protects stuff you want to save. It restores the registry, system files and things like that, but the evil may still lurk in other files created that may live in some hidden directory some place, waiting to peak its evil little head up again after a restore, after a certain trigger, say by access or even time.
Here is a picture of the screen that I just got:
(https://forestryforum.com/gallery/albums/userpics/20011/IMG_1383.JPG?easyrotate_cache=1477420877)
Full screen.
(https://forestryforum.com/gallery/albums/userpics/20011/IMG_1384.JPG?easyrotate_cache=1477420893)
The message to the customer accompanied by a beeping tone.
Neither Abtiblock Plus, Malwarebytes Home Premium nor McAfee Live Safe prevented this screen from popping up.
Quote from: Jeff on October 25, 2016, 02:19:21 PM
The problem with back up is, they do not destroy files created after the backup date. This protects stuff you want to save. It restores the registry, system files and things like that, but the evil may still lurk in other files created that may live in some hidden directory some place, waiting to peak its evil little head up again after a restore, after a certain trigger, say by access or even time.
I was more thinking of him losing his personal files. Pictures etc.
Magicman,
That is same screen as popped up on my work computer, even with top of line firewall and virus/malware protection.
I think it is just text popup window with scarey warning. I just closed it, and turned on popup blocker.
JJ
What websites are you guys on when those things are popping up?
They often appear on legit web pages where they are inserted as paid advertising.
Jeff controls what adverts appear on these pages, so he's not going to allow some malicious scripts to be inserted. But a lot of web pages just sell add space to all and sundry via an advertising service. The adverts are hosted elsewhere and the page owner has pretty much no control over what actually appears.
Then of course there are always people trying to compromise any insecure web page to insert their own scripts. I'm sure Jeff has come across those guys too. >:(
I was on FF website, but I am sure unrelated, as they maybe coming through the internet provider. They had detail about my provider and location (likely from IP#).
JJ
My Home Page is https://att.yahoo.com/which has news items, weather, sports, etc. I was scrolling down and reading various articles when it popped up. Yes, several of them generally have something about "paid advertisement" or "sponsored" written somewhere. I was not logged onto the FF.