Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: Nickbat on 28 May 2010, 12:56:54
-
My PC has suddenly started running very slowly. I just received a call from a man claiming that my PC is infected with malicious files and said he was from the Microsoft team (where you get the send/don't send report options when you get a crash). He told me that I needed to check my Windows Pre-fetch directory and said all the files there are malicious and that I should not click on them. He said he could clear it online. I went along with it for a while. He told me to login to www.logmein123.com but, of course, it needed a login code which I do not have and he then said that is because I did not renew my software warranty, but he could give me a 12-month warranty for £60. Needless to say, I then terminated the call saying that my kid had hurt herself (I couldn't get rid of him any other way) He says he'll call back later. The PC has been freezing over the past 24 hours, so I do have a problem. I've told the kids not to answer the phone!
Urgent advice, please!
-
Check the link out, it explains a but more
http://www.digitaltoast.co.uk/supportonclick-systemrecure-scam
at a guess you probably do have some malware on your pc which is causing the slow down and possibly reporting details to whoever is behind the scam so they can call you.
You could try malware scanners, or a port monitor to see if anything g is going out of an odd port, check the task manager and see if there are any unusual processes running, or processes with no name, which will point you in the right direction of what is on there.
If AV and/or malware scanners find nowt and you can't ID it yourself, and if the speed issues or calls persist, a rebuild may be the best option for peace of mind and for a solution.
If everything is backed up regularly a rebuild will probably be a quicker option than av scans and malware scans too.
-
sounds like a scam Nickbat - almost anyone can ping your IP address and from that get your address and telephone number -its a trick software security companies use to demonstrate how easy it is :(
run something reliable and free like Spybot (i called Dell helpdesk a while ago with a blue screen and the guy basically instructed me to install spybot and I'd paid him £36 for the priviledge :o - it does work tho - run it at least once a week :y)
-
Does anyone know what the Windows\Prefetch directory is all about?
(BTW, just checking system with SpyBot)
-
Check the link out, it explains a but more
http://www.digitaltoast.co.uk/supportonclick-systemrecure-scam
at a guess you probably do have some malware on your pc which is causing the slow down and possibly reporting details to whoever is behind the scam so they can call you.
You could try malware scanners, or a port monitor to see if anything g is going out of an odd port, check the task manager and see if there are any unusual processes running, or processes with no name, which will point you in the right direction of what is on there.
If AV and/or malware scanners find nowt and you can't ID it yourself, and if the speed issues or calls persist, a rebuild may be the best option for peace of mind and for a solution.
If everything is backed up regularly a rebuild will probably be a quicker option than av scans and malware scans too.
Thanks for that. I figured it was a scam, but I wanted to play along for a while until they asked for money! Found it bl**dy hard to understand the guy. I've had easier times dealing with regular call centres, if you get my drift!
I am more concerned about getting rid of the malware. Hopefully, Spybot should do the job. Don't understand how it got through, though as I have Bullguard running and it's been pretty good at stopping attacks, etc.
-
SpyBot only found 1 tracking cookie. :(
-
Does anyone know what the Windows\Prefetch directory is all about?
(BTW, just checking system with SpyBot)
It contains information about the observed behaviour of applications as they load used to optimise their loading in future.
An application might contain a large amount of code and there's no way of knowing what path it will take through that code as it initialises, so windows would normally load the whole thing (as far as available RAM allows) before starting it running.
As I understand it the prefetch file contains information that optimises this process . I.E. your word processor loads faster because it knows the parts containing printer drivers (bad example, but you get the idea) can be deferred until you actually try to print something.
It's harmless data and there's no value in deleting it IMHO.
Kevin
-
It's weird, because I've now checked my PC using various tools and there seems to be nothing wrong. This morning it was taking up to two minutes just to get the program list up after pressing Start. :(
Maybe there is no malware. :)
-
try online scanners like bitdefender, kaspersky etc..
and some freefirewalls can show you whats going behind..
but if you want to be completely safe, a format and re-install would be my option..
-
Everything's back to normal. The scammers tried calling back twice, but I gave them short shrift. I beginning to wonder whether my computer problems weren't part of the scam. Presumably they could try getting access to my port, slow the PC down somehow, then call you to tell you that you have a problem (which, of course you do at that moment) and offering to "fix it" for a £70 1-year software warranty.
I didn't need that sort of aggro today, especially with the little ones off school because of an INSET day.
>:
-
Sounds the same as what happened to my mate, they offered him a year at one price and cheaper for 2 years, he rang me and asked me to check out thier web site, but I wouldnt.
They create the problem and then ask you to buy into the scam. Makes you wonder what they copy off your PC during the scam. :-/
-
Everything's back to normal. The scammers tried calling back twice, but I gave them short shrift. I beginning to wonder whether my computer problems weren't part of the scam.
Hmm. :-/ I would regard that machine as compromised. If you suspect it's not a coincidence then somehow they have got control of (or at least the ability to DOS) your machine and tied it in with your phone number.
I think I'd be inclined to rebuild it before exposing it to the internet again, TBH.
Kevin
-
.. and, of course, anything else they could have sucked off that machine and used together with knowledge of your identity... Passwords, online banking details, EBay / Paypal identities, browsing history. Might be worth changing a few passwords. Can't be too careful.
Kevin
-
I had something similar happen some years ago, and ever since then I don't bother to report errors to Microsoft.
And a couple of weeks ago, I had a bloke ring up and tell me how badly my machine was running. It wasn't - my PC runs fine, it's just my internet that's rubbish. He insisted that I wasn't an expert, so I should listen to him. I told him I was an expert, then I told him I was terminating the conversation and put the phone down.
-
open msconfig
click the startup tab and remove any programs you don't need or recognise. click apply
click services and tick the box hide microsoft services and do the same (you can always activate them after if they are required) again click apply, ok and restart
you will get a message asking do you want to show this at next startup just tick the box and close it.
should remove any programs not needed. :y
-
open msconfig
click the startup tab and remove any programs you don't need or recognise. click apply
click services and tick the box hide microsoft services and do the same (you can always activate them after if they are required) again click apply, ok and restart
you will get a message asking do you want to show this at next startup just tick the box and close it.
should remove any programs not needed. :y
most of.. but it wont stop the tailed buggers..
most virus/worm codes can bind them to the exit/start function of frequently running programs..
-
A deep 3-hour scan by BullGuard found two infected Java files. I have now quarantined them and also set up a daily online backup. I have also taken Kevin's advice and changed all my important online passwords. :y
I also trimmed my start-up as per Plomien's advice. I take on board what Cem says in reply, but it's no bad thing to trim down the start-up anyway. :y
Thanks, everyone. All seems fine now (touch wood!). :y
-
good news Nickbat.. :y
most important change your passwords frequently..
-
Interesting & frightening thread :o
If i have any problems with my pc i go back to a time when i know the computer was running a-ok!
I use AVG anti-virus & think its brill so if i get anything popping up to say there's a virus found, and it doesn't flash up in AVG i just dismiss it! :y
Used to have a few anti-virus, firwalls, malware protection etc from different companies & all it did was slow my computer down as each site was fighting each other so a good pc doctor i know advised me to keep to just one & i've never had any problems since (touch wood) ;) ;) ;)