Results 1 to 8 of 8
  1. #1
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Cincinnati Ohio USA
    Posts
    139
    Thanks
    0
    Thanked 1 Time in 1 Post

    unrequested phone support

    Yesterday afternoon I received an unsolicited phone call from a company saying that Windows has detected that malware has infected my computer. He was difficult to understand due to his Indian accent. He could not tell me which machine (we have 5 computers in the house) was infected but only that it was from my IP address. He wanted me to download and install software to give him control of my PC so he could show me the infections and remove them. We never discussed a charge for his service. I have remotely connected with several companies over the years but always when I initiated the call. I have never had someone call me and offer to service my computer so I did not install or connect. Am I overly protective? Does Microsoft offer such a service? I have a phone number so I can call the company back if I need to. None of my computers seem to have issues with malware though I know some malware can be active and harmful while running in the background. Since that phone call, I have:
    - updated and ran a full scan with Avast
    - uninstalled Avast, rebooted, and installed and ran Microsoft Security Essentials
    -installed, updated and ran Malwarebytes - 67 non critical issues found and removed
    -rebooted and ran Malwarebytes overnight with a deep scan and found 5 non critical issues that were removed.

    My only other issues are the undelivered mail messages that I get from an old email address I have with Fuse.net, the ISP for Cincinnati Bell. I added *** to garble my email address. I do not use Outlook Express. That mail is forwarded to Gmail, my primary email provider. Here is one of those:


    This message was created automatically by the mail system (ecelerity).

    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    >>> 2019266013@qq.com (after RCPT TO): 550 Mailbox not found. http://service.mail.qq.com/cgi-bin/h...22&&no=1000728

    Remote-MTA: dns; mx3.qq.com
    Diagnostic-Code: smtp; 550 Mailbox not found. http://service.mail.qq.com/cgi-bin/h...22&&no=1000728
    Final-Recipient: rfc822; 2019266013@qq.com
    Last-Attempt-Date: Tue, 01 Oct 2013 04:48:37 -0400
    Action: failed
    Status: 5.0.0

    ------ This is a copy of the headers of the original message. ------

    Return-Path: <pd.hille***@fuse.net>
    X_CMAE_Category: 0,0 Undefined,Undefined
    X-CNFS-Analysis: v=2.1 cv=SKJ7CofH c=1 sm=0 tr=0 a=GXLC6H7/rpOZsOikvJ9pDQ==:117 a=GXLC6H7/rpOZsOikvJ9pDQ==:17 a=K-v-2zaBAAAA:8 a=BSR7J2NTy6IA:10 a=vYbi2SD7W5AA:10 a=jPJDawAOAc8A:10 a=w1lZMHalAAAA:8 a=lzvmYG2Pg1EA:10 a=r77TgQKjGQsHNAKrUKIA:9 a=9iDbn-4jx3cA:10 a=cKsnjEOsciEA:10 a=zQEyJsHI1bLYMyYssQ8A:9 a=QEXdDO2ut3YA:10 a=O6ZsqlLq-UcA:10 a=rcXLMVL4AAAA:8 a=uem0UcVvAAAA:8 a=Byx-y9mGAAAA:8 a=dZbOZ2KzAAAA:8 a=NtASUmoSAAAA:8 a=FU1zZRMGQgaYMMNWR3YA:9 a=kktMoekmPNMyvpSr:21 a=_W_S_7VecoQA:10 a=_k1gZOPk1qYA:10 a=7fluTXEBLbwA:10 a=lSQsbIguPOwA:10 a=5Z99knySVB4A:10 a=qeewGtg7jKoGyF-M7EYA:9 a=1Vq_FK4TplAA:10
    X-CM-Score: 0
    X-Scanned-by: Cloudmark Authority Engine
    Authentication-Results: smtp01.cincibell.synacor.com smtp.mail=pd.hil****@fuse.net; spf=unknown; sender-id=unknown
    Authentication-Results: smtp01.cincibell.synacor.com header.from=pd.hille***@fuse.net; sender-id=unknown
    Authentication-Results: smtp01.cincibell.synacor.com smtp.user=pd.hille***; auth=pass (LOGIN)
    Received-SPF: error (smtp01.cincibell.synacor.com: 114.96.81.158 is neither permitted nor denied by domain of fuse.net
    Received: from [114.96.81.158] ([114.96.81.158:3815] helo=vjmofrl)
    by smtp.fuse.net (envelope-from <pd.hille***@fuse.net>)
    (ecelerity 2.2.3.47 r(39787)) with ESMTPA
    id A5/6F-20605-16C8A425; Tue, 01 Oct 2013 04:48:36 -0400
    Message-ID: <1F4A4A2FC5E46DD7B823019209B0FF80@vjmofrl>
    From: =?utf-8?B?6YeR6ZGr54+g5a6d5a6Y5pa5?= <pd.hille***@fuse.net>
    To: <2019266013@qq.com>
    Subject: =?utf-8?B?55av54uC6ZK755+zIumSoumVmuS7tyIs6K+V5q+U6buE6Y eR6KW/55Oc5Lu3?=
    Date: Tue, 1 Oct 2013 16:48:16 +0800
    MIME-Version: 1.0
    Content-Type: multipart/related;
    type="multipart/alternative";
    boundary="----=_NextPart_000_0765_01BF02FC.1821A1B0"
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2900.5512
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512

    So, is this an indication of malware? What else should I run? Any suggestions are greatly appreciated.
    Thanks
    PaulH7436

  2. #2
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,753
    Thanks
    171
    Thanked 651 Times in 574 Posts
    Quote Originally Posted by paulh7436 View Post
    Am I overly protective?
    No.

    Quote Originally Posted by paulh7436 View Post
    Does Microsoft offer such a service?
    No.

    Quote Originally Posted by paulh7436 View Post
    So, is this an indication of malware?
    No.


    Bruce

  3. #3
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,335
    Thanks
    13
    Thanked 267 Times in 260 Posts
    Yes, what isn't protected by security software?...you.

  4. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    This was a pretty obvious phishing attempt. MS DOES NOT make these unsolicited calls, and in all probability could not detect problems with your PC(s).

    I would not worry about the undelivered email. I suspect somewhere someone got that old email address and tried to use it for spamming.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. #5
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,501
    Thanks
    30
    Thanked 205 Times in 163 Posts
    By now, every PC user in the US and around the world, should know to just Hang Up when receiving a phone call like that. Throw in a few expletives if you want, but HANG UP!!!

    It gets no more complicated than that.

    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

  6. #6
    Silver Lounger
    Join Date
    Apr 2010
    Location
    Montréal
    Posts
    1,797
    Thanks
    33
    Thanked 52 Times in 51 Posts
    Paul, this is nothing but a pain in the lower back. These persons abuse the non-educated user for their ill purposes, you were smart enough to see their point. If you initiate a call to MS as I had to, the techie might ask you to allow a remote connection then you know that it is legal. I do a lot of IT help to friends and family and I use Teamviewer, each time the far user has to allow the connection but then they know that I mean no harm on the contrary.

    The world is full of meanies ! Have a great day. Jean.

  7. #7
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Chicago, IL, USA
    Posts
    107
    Thanks
    22
    Thanked 1 Time in 1 Post
    I've gotten that phone call too. I believe there's no way someone could know that and that they were calling random numbers to, in effect, rob people. IMO they are criminals not techies.

  8. #8
    3 Star Lounger
    Join Date
    Feb 2001
    Location
    Willow Grove, Pennsylvania, USA
    Posts
    205
    Thanks
    4
    Thanked 49 Times in 40 Posts
    We got two calls from the same scammers in one day. I answered one and my wife answered the other. Despite the temptation to play games with them, each of us just hung up.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •