Malware from Microsoft Reseller
We have a Microsoft Surface 2 that now has a popup that says we must call this number to get rid of malware. My wife cannot even log on to the computer. If she dials the number she gets and Indian (India) who would not give her his name. He is from YAY Services and is a Microsoft Reseller Partner. They of course want to get into her computer. I have been there and done it. They don't get in but, she cannot start her computer.
Is there a way to get rid these people and stop the pop-up?
Is there a way to get rid these people and stop the pop-up?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That number is not from any m$ reseller. It is a commonly used hoax used to extract money from those who fall for it, and also to install further malware which can cause even more problems.
Restore the tablet to factory defaults. You should find instructions for doing that in the manual. You should also have made a factory recovery USB stick when you got the tablet, use that if the normal factory reset will no longer work.
After that make sure you give the account with Admin rights a new password, and create a normal user account, also with a new password, for day to day use. The admin account must only be used when UAC shows up, or in very rare cases when you can't use the standard account.
Then install software you need again, and restore any data from the backups.
Restore the tablet to factory defaults. You should find instructions for doing that in the manual. You should also have made a factory recovery USB stick when you got the tablet, use that if the normal factory reset will no longer work.
After that make sure you give the account with Admin rights a new password, and create a normal user account, also with a new password, for day to day use. The admin account must only be used when UAC shows up, or in very rare cases when you can't use the standard account.
Then install software you need again, and restore any data from the backups.
NOPOINTS: @rindi: that is the exact procedure I had to use for a customers PC.. It was a wipe and reload procedure ..if malware bytes and autoruns can't fix it.. I wasn't going to spend an inordinate time trying to fix it.. and then the question arises do you trust that machine in the future.
Something that might also be a good idea is to inform the authorities, along with the phone number you get. That could at least get the number blocked.
My wife cannot even log on to the computerThat's the point where you should take the tablet/computer to a repair shop.
I've seen too many computers after the owner tried to use the install disk to repair it, using internet guides.
A lot of times they managed to find the "Format" option...
ASKER
I have decided to let a good shop do this as advised in the solution that I picked as best. This is my wife's computer and I certainly don't want to screw it up. Thanks for all the solutions. I will let them deal with her if there are problems and they will if she is not happy. She is not a shrinking violet. Thanks to all of you.
You're welcome.
Glad I could help!
Glad I could help!
ASKER
My wife is retired from a university development office here in Bloomington IL. She was able to take it to the University IT help department and get it fixed.
Download these free cleaning tools.
Boot the PC in safe mode then run each of these free cleaning tools until the problem has beed removed:
1. Malwarebytes http://www.malwarebytes.org/
2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix
3. Rogue Killer http://www.bleepingcomputer.com/download/roguekiller/
4. Hitman Pro http://www.surfright.nl/en/hitmanpro/
5. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
6. SuperAntiSpyware www.superantispyware.com