PC Support Security Scams – ZFSENDTOTARGET CLSID Trick

F1 Help button[toc]

Had another call today from a firm telling me that my computer was generating errors caused by malware, which was caused because my security warranty was out of date. I had a similar call the other day, and knowing it to be a scam I got rid of them pretty quickly. Today I decided to find out what exactly they are doing, so I played dumb, sounded very concerned at all times, and went along with the whole process while taking notes, just so I could raise awareness here.

Are You A Victim? Contact Action Fraud

In the UK you can report problems to http://www.actionfraud.org.uk – they may be able to assist, but most importantly if you get the name of the company, website details and telephone number, reporting them may actually lead to some action being taken against them – hopefully!

Many Companies Doing This Scam

I have had another call today from a company doing the same scam, i.e. telling me my computer is sending them errors. This time I said that it was OK and that my computer was working fine, thanks. They asked if I have an antivirus, and I said that I did. They then said that the antivirus was not able to detect this type of error. The new company is called 360 E Tech Support. I asked for their website details and they reluctantly gave them to me, and then said “ok,. so you will call the support number, thank you” and hung up. Lovely people.

So the companies I have dealt with so far have called themselves*:

  • 360 E Tech Support – www.360etechsupport.com
  • PC Support Care Today – www.pcsupportcaretoday.com
  • Windows PC care – The company mentioned in The Guardian’s news item
  • Microsoft Tech Support
  • Windows Security
  • Windows Service Center
  • teche4pc.com
  • logmein123.com
  • Puresomp.org
  • Computer Systems Worldwide
  • Windows care
  • Windows Technical Support
They sometimes call from 092318, along with many other numbers.

*Important Note – some of these names may be perfectly legal and trustworthy companies. One new trend that we are seeing is that the scammers use a known company name first and then direct you to a different website in the final stage.

In July 2010 London’s Met Police closed down 19 websites that were performing this scam. More are popping up though.

Microsoft have addressed this as well and stated clearly that Microsoft does not make unsolicited phone calls to help you fix your computer” on Microsoft’s website.

Hopefully you are reading this because you had a similar call and were concerned and Googled it. This is why I am posting as much as possible. If another company has called you with the same tactics leave a comment below and I will list them too.

Trusted Anti Virus Software

I trust these services. I also receive commission from any sales.

There are also some good free solutions that are listed further down the page.

The First Scam Call I Received

It started when a nice lady from the Indian subcontinent called me. This is more or less how the conversation went – I wrote most of it down as I knew it would make a good blog post for Webologist. These people are basically trying to do one of two things, I am not sure what, probably actually both:

  1. Just get you to “buy” a product to protect your computer, but really they just want your credit card details.
  2. Install illegal software to take control of your computer, install spyware, malware and hijack your emails, and send viruses out to other people.

In short, these people are probably scoundrels that try to con people into handing over their bank/credit card details and then infecting their computers with viruses. They tell you that they are calling from a “PC Support company”, explain that they have Microsoft Certified Engineers (they surely do, as running such a scam is hard without some good Microsoft know-how – but anyone can become a Microsfoft certified engineer, not just Microsoft employees!).

They started asking me what operating system I was using. I pretended not to know, so they told me where to go to find out. ALERT: If they really had received reports that there were errors on my computer, they would know the operating system already.

After finding out what OS I am using (asking me to left click start and then asking if I had “My Computer” or “Computer” listed – i.e. XP of Vista) they then went on to tell me more about the problem. I put in quotes what they said from now on (although it may not be entirely accurate):

“Your system is corrupt because your warranty has run out. As a result malware is getting on to your computer from unsecured websites. This is slowing down your computer and will eventually cause the operating system to fail”.

She went on to ask if my computer was slow to respond ever. As Windows computers age they do tend to get slower. The world gets faster, the harddrive gets filled, they slow down relatively and physically. This is normal. She also asked if I was the only computer user or if others used it (I guess trying to determine which product I should order so that they can control all users?).

The Computer Error Scam

She then directed me to Computer > Manage > Computer Management > System Tools > Event View > Windows Logs. It showed a list of events, with errors and warnings. She asked me how many errors there were. I said about 20. This is not really important.

She told me that these errors were serious and caused by the malware. On looking, one error was when I typed my password in wrong. Another was a video driver that does not work in Vista (ATI thing) that always gives an error when I boot up. Nothing serious there at all.

“There are malware files on your computer. These are creating the errors I mentioned earlier that are being reported to us. You need to remove these malware files. You cannot just delete them, you have to disable the link to the file.”

She told me that “users have been accessing unsecured websites …. downloaded malware …. corrupting files”.

She next led me to the temporary folder on my pc by doing:

Windows Buttom + R (to open a Run command box) then typing “temp malware” which just opens a Windows temp directory. Inside mine there was just about 6 items, adding up to 970kb. A tiny amount. This did not deter her, she told me that if this continues my pc will fill up and die. She did not ask me what was in there (there was Google Chrome, Avast antivirus and a few other things). She then did a silly calculation based on the “total size” and “size” and told me that the drive was already 90% full! I said “it is less than 1 megabyte, that is not much”. She persisted (obviously reading a script).

“We have to now share the operating system ID so that we are sure that we are speaking to the right person and the right computer.”

Here comes their most cunning trick to make you think that they are genuine Windows support.

CMD ASSOC ZFSENDTOTARGET CLSID

They ask you to open a command prompt, “Windows + R” again, then type CMD, then in the command prompt type ASSOC. This lists a load of programs and stuff, and at the bottom there will be something that looks like this:

clsid

They will then read out to you the CLSID, which will match, and this is the verification that they have the right person. THEY TRY TO MAKE YOU THINK THAT THEY HAVE TO VERIFY YOU! Classic scammers trick, really it is you that should be verifying them.

This number is not unique. It will be on most computers, maybe unique to Vista, but they have already confirmed that you are running Vista. So if they spell out 888DCA60-FC0A-11CF-8F0F-00C04FD7D062 to you, do not be surprised, as lots of people, if not all Vista users, have a CLSID of 888DCA60-FC0A-11CF-8F0F-00C04FD7D062. So another lie! Another SCAM!

“Does it match? Great, we can carry on safely now. We have Microsoft Certified Technicians that have confirmed that your warranty has expired which his why you are getting these errors. There are two types of warranty, a hardware warranty and a software warranty. Your software warranty covered your operating system, but has now expired and your computer is at risk from more malware.”

She told me all sorts of other scare stories;

“Malware has bypassed the Windows firewall”

I do not even use Windows firewall, I have a 3rd party one instead. I was then told that I had to add some software to extend the warranty. I said (in my most innocent voice) that I was under the impression that as Windows update was on I was getting all the latest updates. She said that these updates were not actually installing because my warranty had expired.

So, to remove the problems and protect my PC I just need to make a one time payment. Oh lucky me! I asked at this point how much it was, but she could not answer (was not on the script in front of her).

She continued to explain, again, how I needed to update my Microsoft Windows warranty to get the latest protection. I asked if it was just spyware protection, and she replied:

“Once the warranty is running you will not need any new spyware.”

A strange answer, a Freudian slip maybe? I guess she meant either “you will not get any new spyware” or “you will not need any new anti-spyware”, or “you will not need any new spyware protection“. The way she said it seemed to suggest that I was going to get some new spyware…. hmmm….

I pretended to be very worried, concerned, scared even, and asked how I get a new warranty. She said that I just need to visit their website and click “subscribe” (sounds so nice doesn’t it, subscribe, not like buy, or give away credit card details on an unsecrured site). So she next gave me the web address.

“You will have to type this into the address bar, not into the search box.”

Oooh, I wonder why…. maybe the site is not listed in Google? Maybe there is a spam warning? I obviously Googled it. They are actually listed in Google.

“Just type in www.pcsupportcaretoday.com

Now, a search does bring up a result:

pc support care today pcsupportcaretoday.com

I first used the handy Google preview tool to see the site. I quickly checked the “police crack down on computer support scam” from The Guardian. That report gives a different name (same scheme though).

So I then went to the site and acted all lost and confused while taking a look.

First thing, the home page looks different already. Second, in the footer it says “Copyright 2010, pcsupportcare.com. All Rights reserved.” Now that is interesting, as it suggests that they recently moved from pcsupportcare.com to a new website, with “today” tacked on the end. WHY WOULD THEY CHANGE THEIR ADDRESS?

www.pcsupportcare.com gives a 403 Error – forbidden. The site is offline, permanently. Not even redirected. Highly suspicious. What does Google say about the old domain? Strangely, not much. This is a pretty good sign that they keep changing their web address to keep bloggers and Google off their trial. Any repsectable business would be mentioned all over the Internet.

They also link to a Facebook profile and a Twitter page. The Facebook profile has 1 person liking it (an Indian chap who also runs a web design business) and the Twitter page has nothing – no tweets, no followers, not following anyone. Highly suspicious.

Logmein – Get the Code!

Theo Gray suggests (see comment below) that if the scammers send you to LogMeIn take a note of their LogMeIn Rescue technician code. This can be used by LogMeIn to help track and block them. From their website:

“Any violation shall be sent to LogMeIn via https://secure.logmein.com/support/submitaticket/.”

So pass them the details and they will hopefully ban the companies who are using the service to distribute viruses etc.

Online PC Care Helpdesk

After watching the Youtube video of the conversation with Online PC Care (after they called me) I decided to ask them about it. No reply yet.

I simple ask:

Is this true?
http://www.youtube.com/watch?feature=player_embedded&v=Aj1bjjAdx7A#!
http://www.securityitrust.com/tag/online-pc-care/

online pc care help

Online PC Care help ….. waiting ….

Still no reply from them …. been an hour now.

The Many Warranty Options

Like all good salesmen they give the victim many options to chose from, trying to make you feel like you are in control. So on their “subscription” page, you can elect to purchase any one of several items.

Now, I asked the kind lady how the product would be installed once I have bought it. Do I download it from their site, is a CD sent to me? No.

“One the warranty is running your computer will be updated automatically each month.”

So I do not need to do anything! Wow! Once clicking that “subscribe” button (buy/hand over personal data) they can then upload new applications to your computer remotely without your permission! Great.

Actually, earlier on in our conversation I was asked to check something and I got the Windows security alert come up, you know, the “do you want to run this / change setting / trust etc” I forget exactly what it said, but I asked her, “is this safe? Windows is saying I need to give permission to change settings”.

“Oh yes, that is safe, this is to ensure that your warranty is working properly.”

Phew! For a moment I thought they were trying to see if I could give them access to my pc!

Anyway, after being asked 10 times which warranty level I wanted to buy, I said that I was unable to to order at the moment as I did not have my wallet on me. She said that she could wait while I go and get it, and insisted. I said, “no, I will do this after lunch, I can pick up my wallet on the way back from lunch”. I asked if I could call her direct incase of problems, after a long pause she gave me a telephone number (checking with the boss no doubt) and gave me 0151 4402 7854. She said her name was Monica, although she did not sound much like a Monica.

0151 4402 7854 does not come up in Google, but 0151 4402 does: www.phonespamfilter.co.uk/phones.php/01514402

So there you go. In case that page is inactive when you are reading it, is basically lists a bunch of telephone numbers that have been flagged as nuisance / cold callers.

The Prefetch Malware and Inf Virus Filwr Scam

Today (10th August 2011) I had a call which used a slight different method to try to dupe me. They showed me a new list of harmless files and then told me that they were going to cause my computer to die. Chap even said “oh my god, 900 files, that is terrible”. I actually spoke with 3 people in the end. They called themselves the “Windows Technical Support” again.

Anyway, this time they tried to encourage me to press a button on www.ammyy.com which said “Start Working with Ammyy Admin (it’s free)”. I think that this will install a program to allow them to then take control of the PC. The button links to an excecutable file – AMMYY_Admin.exe

I asked what this was going to do and they refused to answer. After a while I got transferred to another person. Amusingly the phone call ended with loud beeps. They called back to ask me why I hung up, quite rudely, and I explained they they hung up on me.

Anyway, I asked why the connection was not going through Microsoft.com and that I did not trust the site. Chap then said “oh, Ammyy.com is not out site, it is just a secure site we use to connect to your computer”. So I asked what his website was, and he told me it is blazesoftwares.com. I asked how long they had been in business for, and he said 10 years. The domain blazesoftwares.com was registered on 4th June 2011.

The website blazesoftwares.com just seems to sell McAfee software. The chap said that their site was built by McAfee, which is why it is new. I shall ask McAfee if this is true (I strongly doubt it!). There website about page does state: “www.blazesoftwares.com is a part of “United Software Solution” located in India“. They quote 3 telephone numbers but these all direct to their Indian office: 020 3287 6725 (UK), 61 3 9010 6138 (AUS), 12134389746 (USA).

What Is All This About?

In short, a company calls you out of the blue pretending to know about your computer, and tells you that they are getting reports of errors from your computer. They essentially pretend to be Microsoft, although are actually careful not to say “we are Microsoft”.

They trick you into thinking that you have a problem – even when you probably do not.

They then convince you that your Microsoft Windows Warranty has expired. There has never been such a thing. If you have Windows, whether it be XP, Vista or Windows 7, you have already paid for the operating system and can download (ideally you have set it top automatic) the latest updates to the operating system.

You can, and should, use better Anti-virus, anti-spyware and firewalls than those which are bundled with Windows. Why? Well, for the largest, richest and most powerful Operating System, Windows for some reason never seem to bother much with security. Instead you need to use third party software. OK, for average use, Windows firewall and Defender may be OK, but there are so many sneaky virus writers out there now that you can land on a website with a trojan/virus on it from a Google search. So no site is really safe.

If you Google “ZFSENDTOTARGET CLSID ~scam” you will find many other references to this trick.

There are many very good free products that you can use. Here are the ones I have been pleased with over the years:

Professional Services

Free Anti-Virus

Free Anti-spyware

Free Firewall

All of these free tools have premium versions too. That is how they make their money – provide good free tools so people like me mention them, and then also provide premium versions. Really, you should be mostly safe with the free tools.

Windows Security Tips

  • OK, Microsoft will never call you to say you need update your computer – so if you get a call, its a scam.
  • Set Windows to automatically update
  • Never do anything on your computer that you do not understand, especially if someone phones you and tells you to!
  • Never install software if you do not know what it is or why you are installing it. Most of this scam is designed to make you think that you know what your are doing and why. That is how scams work!
  • Install some 3rd party anti-virus, anti-spam and a firewall, and keep them up to date.
  • Never click on links in emails that you do not know to be OK.
  • If you land on a website and you see some sort of “scanning for viruses” come up – close your browser immediately. Close all apps. Disconnect the internet. Run a system clean up (like CCleaner – http://www.piriform.com/ ) run anti-virus, reboot, run again. This is belt and breeches, but be careful! Some scam sites pretend to be an anti-virus site but are in fact just a website tricking you into giving them your credit card details. Often after “buying” the product that they recommend you get nothing, just a virus and an expensive credit card bill a month later.

So there you go. Be careful, be vigilant, stay safe. Microsoft will never call you. If you get a call from anyone claiming to be a PC Support / Windows Support or anything like that, they are probably out to steal your hard earned cash or worse, take control of your computer and turn your PC into a zombie spambot.

  468 comments for “PC Support Security Scams – ZFSENDTOTARGET CLSID Trick

  1. omfg
    November 25, 2010 at 8:06 am

    If only people search Google before handing out their credit card details.

    They managed to trick my technology challenged sister into believing that they had received all of the Microsoft software fault notifications that she had sent over the years.

    She thought that it was great that they were finally taking her issues seriously.

  2. Webologist
    November 25, 2010 at 9:37 am

    Sorry to hear that. These people are despicable. The sad thing is that the people making the calls probably do not know that it is a scam. Well, they might.

  3. Nick Belfast
    November 26, 2010 at 12:12 pm

    Had a call today along the same line.. If you ask for their IP address they clam up.. also advise you are reporting call to police will shut them up.

  4. Webologist
    November 26, 2010 at 2:10 pm

    What company name did they give? I just had a call from another company and got their website details. If you remember the name please let me know.

  5. wendy
    December 2, 2010 at 4:29 pm

    Had a call today from a guy who called himself “Calvin Smith” (he had a very strong asian accent so the name didn’t match) and he said he was calling because of someone trying to download malicious software on to my computer via the internet connection. He spoke really fast and told me to log on now because he needed to talk me through how to get rid of it. I asked which computer, he asked how many i had and if they were all connected via the same internet connection. I said yes so he said it didn’t matter which one because the malicious software was coming through my internet connection. I asked for the name of his company- 360 etech support, and a telephone number -02033183462. He asked when I was going to ring back, so I said in a minute after I have spoke to my husband. I informed my husband who attempted to ring the number which didn’t work!

  6. Webologist
    December 2, 2010 at 4:56 pm

    Yeah, they know that as soon as a person is off the line they have lost them. The rely on making you think that your computer is in trouble, show you “errors” that are really quite normal in any computer, all just to get you to buy their service, which really does nothing at all. Its a scam. They take your money and that is the end of it. You cannot take the to court as they are in another country far away. Maybe some credit card companies will refund the money, but I doubt it, as you are agreeing to buy their “product” after listening to their sales talk. Most people are left feeling safer too, which is a joke really.

  7. sarah
    December 6, 2010 at 6:00 pm

    hiya – just had a call from an international number, bad line, male, indian type accent calling from Windows Security. it sounded like Indoor Security. i wass instantly suspicious,told me i had a virus on my computer which they had found and could i switch my computer on. said didnt have time to do it, he ignored me, then i said wanted proof of who he was, and he said pass me onto someone else. another man came on asking me to go to my internet explorer. decided that this was well dodgy and hung up, googled this site. phew.

  8. Webologist
    December 6, 2010 at 7:33 pm

    Glad you did not get scammed Sarah, well done for hanging up.

  9. Mary
    December 8, 2010 at 11:09 pm

    I got called just, 8th Dec 2010 by an asian sounding man who claimed to work for ‘Global computer support’ which was ‘Microsoft Certified’. I was very suspicious and didn’t give in to the scam, however I can see how the error reports thing can go some way to being convincing if you don’t realise that Microsoft are too brand precious to let any other companies cold call on their behalf. However, I’m worried that I may have fallen into a trap at the early stage of the conversation. I opened my run folder, typed in %temp% as directed and clicked the delete button. It only deleted a couple of items until I realised some of these files were too valuable to delete. Is there any significant damage that could have come from my actions there? I hung up soon after.

    Just to add to the information we’re collecting about this scam, the names of the three software packages he claimed to be selling me were ‘Advanced System Protector’, ‘Advanced System Cleaner’ and ‘Advanced System Remote Desktop’.

    I’m a technology novice but I presume that the remote desktop part was particularly dangerous, providing remote access to all my details? Luckily didn’t fall for it and hope this goes towards helping other people in their google searches. M.

  10. Webologist
    December 8, 2010 at 11:54 pm

    Cannot say what the “remote desktop” is, seems odd for them to give it such an obvious name, but maybe that is how they avoid getting prosecuted for miselling? If they tell you what it is, you cannot sue them for selling you software that lets them access your computer.

  11. Michael Parker
    December 11, 2010 at 7:11 pm

    Another call. I quickly googled what they were asking me to run and found this site. I managed to get put through to a supervisor who told me to search for the Kalsoft Tech Solution and then told me to click on www. ekalsoft.com/kalsoft/ks/company_profile.asp – KalSoft, if you are in fact a legit comapny with a terribe l website then I’m afraid someone is using your name to scam people.
    I managed to get him to look at this page… he told me that he was legit but scammers were copying his company’s methods.
    Phone number he gave me was 01865600897 (which is in Merthyr Tydfil)

    Also worth noting that they were careful to say they weren’t Microsoft, after I said they were, but were instead calling from Windows Operating System.

  12. Webologist
    December 12, 2010 at 4:16 pm

    That sounds a confusing call. So are they Kalsoft or “Windows Operating System”? Cannot see anything on the Kalsoft site that mentions “windows warranty” or “anti-virus”. All looks like the real deal. I am confused!

  13. Bmonsterboy
    December 22, 2010 at 3:35 am

    The CLSID is aslo the same in Windows 7. I think that there is a microsoft related forum on this topic as well.

    Thanks for the info. Needed to confirm that this was a scam.

  14. Bmonsterboy
    December 22, 2010 at 3:37 am

    Down to the website for showing adds that are obviously fake and scamms, even on the pages about them.

  15. Webologist
    December 22, 2010 at 5:16 am

    They are devious indeed.

  16. darkamazon
    January 4, 2011 at 8:22 am

    i just got the CMD ASSOC ZFSENDTOTARGET CLSID phonecall
    was an Indian named victor claiming to be a service provider for windows living in the USA followed the exact same procedure as described.
    I knew it was fishy from the start, i mean why would Microsoft call? i was hysterical when he started explaining i needed to renew my software prediction warranty with a certified Microsoft windows technician
    these are the prices he gave me
    6 months – $156.00
    1 year = 249.00
    2 year = 391.00

  17. Rob
    January 5, 2011 at 7:35 am

    I just had a similar call from a place saying they were teche4pc. They have a site which looks reasonably legit. I was almost fooled but something didn’t seem quite right. As soon as he said Trend Micro was terrible security and that his “advanced security” was far better, alarm bells rang. I then realised it was a dodgy sales scam and hung up. I only found out it was an actual scam after seeing this site. Anyway, spread the word. It’s obviously a growing fad.

  18. Webologist
    January 5, 2011 at 9:34 am

    Yeah, and we need to be ready for the next trick that they will start using too, always be prepared. If you have Facebook you can always post this page to your wall then at least your friends will know more about it.

  19. January 5, 2011 at 5:20 pm

    just wanted to say thank you for your page. I had a call on the line and looked you up at the same time. I faked a poor phone line connection, and I got him to call me back.

    I recorded both conversations so you get an idea of just what is going on. I also think you will find it quite funny, as he begins to question me about how I know he is Indian….

    Enjoy

    Tom

  20. v knott
    January 5, 2011 at 9:57 pm

    Thanks for information. My elderly Dad has been phoned today by a caller similar to above called on line tech mate. He was conned out of 170 pounds and gave his credit card details. The phone number of this scammer is 08442720796 and has recorded message. I am worried his computer is taken over. All this happened when security is being transferred to virgin and during the mix up he thought he was being contacted by someone official. Can anyone suggest how he endures his computer is safe? It seems a good idea to cancelling the Barclaycard. I hope this helps someone avoid same nasty expensive experience. Thankyou Vicky
    Y

  21. Webologist
    January 5, 2011 at 10:06 pm

    Probably best to uninstall anything that he downloaded, and failing that, run some AV, such as Avast, then Malwarebytes.

  22. v knott
    January 5, 2011 at 10:31 pm

    Thankyou. I have a bit more detail for readers. The scammer told Dad not only were they microsoft certified but they needed to do something to his computer which was free and cost nothing etc. Then having gained access remotely insisted on payment to cure the problems and at this point the computer is messed up and one is most vunerable to paying up and afraid it will be left in a mess. The scammer was very convincing .Vicky

  23. Webologist
    January 5, 2011 at 10:40 pm

    Yes, they do confuse well. As I mentioned above, anyone can become Microsoft Certified, it does not mean they are employed by Microsoft.

  24. Alan
    January 6, 2011 at 7:00 pm

    Hi
    Just got a call from a 75 year old who attended my U3A beginner’s computer group. He had a call from a man with an Asian accent who professed to be from KalSoft saying that they had detected that he had “worms” infecting his computer. He gave them info and they gained remote control over his computer and he said that it was doing all sorts of things without him touching it. They then went on to tell him that his computer was definitely infected and that they would get rid of the problem for £72. Fortunately at that point he smelled a rat and did not give his card info. I advised him to go to his computer expert friend who would check if they had put spyware on his machine and then get rid of it for him if they had.
    Kalsoft, I believe, is a legitimate computer firm – so if anyone did a Google check, they would think all was OK.

  25. Webologist
    January 6, 2011 at 7:02 pm

    Yes, I think some of these people are using very similar names to proper companies to help trick people.

  26. Brad
    January 8, 2011 at 12:45 am

    I just got off the phone with an Indian guy. Claiming to be from Microsoft support… i asked him to verify my windows OEM number just to see what he would say. he got me to verify this CLSID number. he ALMOST had me, but then he wanted me to go to logmein123.com and there was no way i was going to let a guy who called ME log into my PC.

    Bloody scammers!

  27. Bob
    January 8, 2011 at 2:11 pm

    Just had the same thing – I have flu so didn’t catch everything and heavy Indian accent. Asked me what operating system then got me to “Rub” eventvwr which showed loads of stuff and a few errors then told me to close quickly because my computer was vulnerable ( I assume this is so that I don’t look at the errors to see what they actually were – because I already had and they were just innocent things like not being able to log onto my mobile, and where laptop battery went flat and I hadn’t closed programmes properly on reboot). Then told me to “Run” inf which threw up a load of files – told me that these were all things that hackers had downloaded onto my computer and infected it and that I should delete them all. It was at this point that I told hiim to go away and there was no way I was going to delete anything on the instructions of someone on a cold call who I didn’t know from Adam. Protested that he was genuine and was merely trying to clean my computer of malware, but I repeated my assertion and put the phone down. Then googled and found all this – I’m pleased I didn’t get conned first and looked after. Must inform my sister who isn’t as computer savvy as me!!

  28. January 13, 2011 at 7:17 am

    Thank’s for the advice. I googled, while the Indian fellow tried to convince me that he knew about my computer using the CMD Assoc.

    For your records teche4pc.com

  29. Webologist
    January 13, 2011 at 10:05 am

    No problem Frank, seems that I have now helped a few people avoid the scam.

  30. Webologist
    January 14, 2011 at 10:49 am

    “Windows Service Center” just called me. They asked to speak the the “owner of this telephone number” so I told them that they were. They asked then for me to confirm who I was, and I reminded them that they had not introduced themselves yet. They then told me that they were working for Microsoft and were receiving malware errors. I asked the chap, “Do you actually believe anything you are saying?” and he hung up.

    Idiots.

  31. Mohammed Raja
    January 19, 2011 at 1:45 am

    Just had a call this morning too from “windows operating system” by an asian accenedt man called David Smith with the same story of errors and notifications sent from my computer,I nearly thought it was genuine until they started asking for £84 for a two year protection and support services. Btw I even fell for it and they even logged onto my computer by a so called Mr Bhatti from Microsoft . Please be aware

  32. Mark Elwell
    January 24, 2011 at 12:32 pm

    Just had another call from Kal Soft Systems (they rang last week)and went through every step described above. I told them I was suspicious so they “allowed” me to Google them as they waited on the phone; must say, their internet site looks legit. These guys are very persistent and I can undestand how people fall prey particulalry so when they quote back to you the CLSID number! They are ringing back this afternoon after I informed them I want the afternoon to verify their intentions. Guess my reponse!

  33. John Murn
    January 25, 2011 at 12:52 am

    The bunch that called me gave the name “24/7 DC House”, said they were an agent for Microsoft, had received a series of error messages from my computer and were calling to assist with the errors.
    It was some time into the conversation before they mentioned “software warranty”. I said I hadn’t heard of anything like that previously and was deeply suspicious. They said I was “correct to be cautious”.
    I’d already asked for a phone number and was given “3052803310” which was said to be a Florida number. I also asked for a web site and was given “www.24/7.dchouse.com”. I’m not sure about the dots and slashes as the woman had an Indian accent and was a little hard to follow. She did sound very professional and I could hear other callers in the background making similar calls.
    When she wanted me to go to “logmein123.com” I said I wasn’t comfortable with doing that and she just said “fine” and terminated the call.

  34. Webologist
    January 26, 2011 at 3:35 pm

    Just had a call from “Computer Maintenance Windows Operating Systems”, another person from India in a very busy office. Said the same thing – my computer is sending error messages to them and I need to install some software to allow them to access the computer to clean it.

    I asked, “you need to access my computer?” and he said “yes”. I asked “you are from Microsoft, yeah?”, and he hung up the phone.

    I think if you ever ask them if they are MS they just hang up straight away.

  35. jb babey
    January 26, 2011 at 9:40 pm

    Yep! Just had the same kind of phone call, from KALSOFT etc etc. These, people are totally bogus and fell apart after a few tech questions. I am a programmer of around 20 years experience, when questioned, they totally failed, in every way. These people are liars in every sense and try to use bull s—t to baffle folks. DON’T be taken in, MS and all other OS providers would not use such a call centre to hassle people in this way, why do you thimk you get regular updates to remove “malware”. DO NOT FALL FOR THIS! This is the first internet blog etc I have ever written to, but this one really annoyed me! nobody will EVER contact you to tell you that your PC is infected, remember that!

  36. Webologist
    January 26, 2011 at 10:08 pm

    You did well to ask questions, whenever I have done anything but sound worried they have hung up. Today I was so tempted to ask “is it because of all the p0rn0graphy I look at?” and see what response they have written on their card for that.

  37. jb babey
    January 26, 2011 at 10:33 pm

    To: weboligist:
    LOL! you may have a point, I am new to posting stuff rather than doing the code to let other people! This bunch annoyed me becuase they worried my wife first and then had the balls to be on the telephone to myself for around an hour before I hung up. They are supposed to be phoning me back tomorrow “after I have checked their credentials”. Yeah right, no call back then. Pitty. I was looking forward to that call. I just hope that people read this stuff and don’t get taken in by con artists.
    Did well to ask questions?!! i think they deserve an award for that amount of bare faced BS! PLEASE, nobody be taken in by this stuff.
    Must clean my hard drive ….. LOL!

  38. Paula
    February 1, 2011 at 7:14 pm

    Hi there. My problem is a little different, but perhaps you can help. I clicked on a link in a web site and immediately got a page pop up saying I had potential malware with a link to start a scan. I clicked that and got a page that indicated it was scanning my computer because it had become infected. It says it has found 9 viruses, and had a pop-up box with a link to uninstall the malware. I clicked that and I got the standard pop-up box that asked if I wanted to run the software. (I have my computer set to always ask before it installs anything.) I said yes, but a few moments later got another box asking, “Are you sure? This site can’t be verified.” The web address looked sketchy, so I cancelled the action, and clicked the link at the bottom of the “scan” page for “Start Protection”. That ran me through the same series of pop-ups as the first. The scanning page had a web address that started www1.strong-scanmaster.in and then followed with a LONG list of gibberish. (Long addresses always make me suspicious, and doesn’t the “.in” stand for India?) And I don’t see anything on the page that indicates a company name I recognize. Furthermore, my McAfee program hasn’t sent me any alerts.

    What first tipped me off was the web address that came up in the second pop-up, which was short but of nothing coherent. (Real companies usually use real words in their addresses.) A Google search provided nothing on “strong-scanmaster”. The address in one of the pop-ups was www2.smartclean-holder.net, which does show up in a Google search. Curiously, though, it came up here http://whois.domaintools.com/smartclean-holder.net The smartclean site seems to be owned by some guy in Belgium (?), but the Wiki article link isn’t legit.

    So anyway, what do I do now? I’m hoping that since I didn’t actually run any of their .exe programs, my computer is still safe, though I did hit the initial “scan now” or whatever button. What do you think?

  39. Webologist
    February 1, 2011 at 7:28 pm

    If that happens to me, and sometimes it does – these pop ups can be aggressive at times, I do the following:

    1. Close all browsers, often all programs
    2. Run Ccleaner – http://www.piriform.com/ – this clears out all recent temp files and cookies.
    3. Run Malwarebytes in fast mode – http://www.malwarebytes.org/
    4. Run my antivirus in normal mode – I use Avast! Free Edition – http://www.avast.com/en-gb/free-antivirus-download
    5. Make a cup of tea

    There is also Spywareblaster – http://www.javacoolsoftware.com/spywareblaster.html – which cleans stuff up too.

    If Malwarebytes and Avast come up clean, you should be OK. Do all this with noting else running. If some is picked up and the anti-virus says that it needs to run on boot, would you like to reboot, say yes.

    When I last had a virus I ran most of the AV programs in safe mode, but that failed to remove the virus in my Vista machine. Persistent malwarebytes seems to do it.

    As for those domains, the whois is a sure sign it is a virus – look down the bottom and you will see “Created: 2011-01-29″ – they only registered the domain 2 days ago. The first site you mentioned was also only created on 2011-01-27.

    They will probably use these sites for a few weeks or so and then move on to new ones.

  40. Ben
    February 7, 2011 at 3:39 pm

    2nd call I’ve had from these guys today. I just love to wind them up: “I am running a server farm here, you’ve got to tell me which of these PCs I’ve got to go to in order for me to do what you’re telling me to.” The first time I managed the trick the women (who really sounded as if she had about as much clue about computers as my grandmother) into saying “the one running windows vista” WRONG!! No vista PCs here love, jog on!! Today I let the guy go as far as getting me to type in the assoc, pretended I was reading the list and just lay the phone on the desk.

  41. Donal John Kinsella
    February 8, 2011 at 2:20 pm

    Well guys
    it looks like these people are still alive and kicking, i just got a call from a guy purporting to work for Windows and calling me from San Jose California and indicating our pc was full of “gremlins”, i queried him for a few minutes, pleaded ignorance and being uncomfortable with calls like this, He got shirty with me then and said if i wasnt happy to just hang up the phone, well thats exactly what i did, then googled cls id for computers and ended up here, keep your guard up people as it could be YOU next

  42. wayne
    February 8, 2011 at 5:12 pm

    Yep im in London and received the same scam call 3 times now 2 from Indian accent on one with an American accent, I assume they get my number from the phone directory as I’m registered with every other call preference lists. I am actually a certified MS engineer and this doesn’t deter them – its so scripted. I asked how do you know my computer has malicious software – they said it was a result of a survey. I’ve asked to be removed from their list etc but to no avail – I’m out of ideas how to get these to stop – anyone had any success?

  43. Webologist
    February 8, 2011 at 6:24 pm

    Well, I have not had a call for a week or so now, or maybe it was more recent than that….. but seems quieter. I guess that there are only so many firms out there and they do not call the same people twice.

    Like all calls of this nature, as soon as you recognise the call, hang up. I only listen if I am having writers block ….

  44. Ted
    February 15, 2011 at 11:13 am

    Just finished talking to one of them ,company name was WINSOLUTION I did google it while I was talking to them and such a company egsist , they also left me a ph no. 03 90187863 , I didnt call as i suspect it will be genuine number to some company?
    Indian speaking people very pushi.

    Regards
    Ted

  45. Webologist
    February 15, 2011 at 11:17 am

    Interesting. A quick Google for that number brings up several pages, this is first: http://whocallsme.com/Phone-Number.aspx/0390187863 :

    “Just got a call with no number display and they said they were the Windows Service Centre and they received a report that we had downloaded malicious files. I didn’t trust it, thought it was telemarketing, and they gave me this number to call them back on. I won’t call them, but was curious to see if anyone else had heard from them.”

    So these companies often change their names to hide their tracks.

  46. Webologist
    February 15, 2011 at 11:19 am

    Also seems like they use other people’s business names and brands to draw people in. A very dodgy practice that is probably illegal, but then most scams are!

  47. Veronika
    February 17, 2011 at 10:54 am

    I just had a call – Indian sounding lady – and she said she was calling form a company Support for PC (or very similar, sorry I got the flu and sinus infection, so my hearing is not the best) that was working together with Microsoft and she was following up on error messages sent from my PC. She said my computer was slowing down and she would show me how to slove the problem. When I asked if she either called from Microsoft or Acer, she insisted that she was not calling from any of them, but they were working in association with Microsoft. Then I said that I never recieve support from Microsoft over the phone, but always via updates over the PC. She still insisted that I switch on my PC to get it sorted, at which point I told her that I was home with the flu and that I really did not want to have a long conversation at which point she said good-bye and hung up.

  48. Benit0
    February 18, 2011 at 9:00 am

    I just received a call from these guys this afternoon. Something about “ClickOnSupport”? The moment anybody asks me to do something at my computer, without ME having called THEM first; it’s surely a scam.

    I am in Sydney, Australia.

    DO NOT let anybody talk you thru so-called “fix your computer” procedures unless you have called them and know who they are and trust them.
    Your computer holds lots of YOUR information – which can be used AGAINST you if it falls into the wrong hands!!

    I am emailing everyone I work with regarding this, as well as putting it on Facebook.

    My 2cents for the day.

  49. Webologist
    February 18, 2011 at 9:03 am

    Good work, the more people that know the better. It seems to be on the rise, which suggests that they get a lot of success from it. Crazy really, a few years ago the risk was people directly hacking or installing trojans, now they just pick up the phone!

  50. Lindsey
    February 19, 2011 at 5:47 pm

    Hi, just received a call from an indian guy, international number, said he was calling from 24/7 pc support company in Manchester and that I was having problems with my pc and that it needed fixing. I said that there was nothing wrong with my pc and he said that it might not be showing any errors. He said I needed to sit in front of my pc and he would talk me through what to do. At this point I said I didn’t have a pc only a mac with that he sort of stuttered and said that they only “supported pcs. He hung up no doubt trying to find someone unlucky enough to fall for the scam!

  51. Ann
    February 21, 2011 at 3:54 pm

    Just had a call from someone with a very strong Indian accent who claimed to be calling from ‘Oxfordshire’. Told me that he was working with Microsoft and that they knew my computer had a bad virus related to my wireless router. I questioned him closely and managed to find out that he was calling from KALSOFT Tech Solutions who he claimed had branches all over the world – this was after I asked him how many millions of people they were going to phone in one day! He asked me if I was sitting in front of my computer and I said no and that I didn’t have time right now to do so. Asked him for a phone number which he gave as 01865 600 898 and an address in Oxford which sounded like 567 Ballyburn Road. I googled KALSOFT and they seemed to be linked to a company called Oxford Technical Solutions. I called this company and the person who answered the phone (English) said she had never heard of Kalsoft. I told her that I believed it was a scam and that they seemed to be linking themselves to her company. I NEVER let these people trick me and I have had calls from so many over the weeks I simply tell them I am going to switch on the computer and then I leave them holding on.

  52. Webologist
    February 21, 2011 at 4:59 pm

    Just had another call – and a new strategy uncovered by Webologist!

    Today the caller told me that they were calling from “the technical department of your broadband”. I asked which broadband, and he said “Virgin Media”. So I said “OK, what is the problem?”. And once again, errors with the Internet connection. He asked “how is your computer running” and I said “Excellent” and he said “OK then” and hung up.

    So now rather than pretend to be calling from Microsoft endorsed company they now try to make you think that it is your broadband supplier.

    Spread the word, these scammers are changing their tactics. Keep one step ahead people!

  53. February 22, 2011 at 1:06 pm

    Well I am a customer of pcsupportcaretoday. Since past seven months, I am with pcsupportcaretoday and they have really helped me regarding my computer as well as my husband’s computer. I do believe that pcsupportcaretoday gives the best online technical support services, at a very low and affordable cost, that one may ever receive. Whenever me or my husband faces any problems, regarding our PC, we easily call up the pcsupportcaretoday customer service and our problems are solved immediately. pcsupportcaretoday provides installation of the anti-virus software and removes the application errors and corrupted junk files which effects the system. pcsupportcaretoday provides the fastest and easiest online computer help and support.I want say thank you and wish pcsupportcaretoday all the best.

  54. February 22, 2011 at 1:07 pm

    Well I am a customer of pcsupportcaretoday.com Since past seven months, I am with pcsupportcaretoday and they have really helped me regarding my computer as well as my husband’s computer. I do believe that pcsupportcaretoday gives the best online technical support services, at a very low and affordable cost, that one may ever receive. Whenever me or my husband faces any problems, regarding our PC, we easily call up the pcsupportcaretoday customer service and our problems are solved immediately. pcsupportcaretoday provides installation of the anti-virus software and removes the application errors and corrupted junk files which effects the system. pcsupportcaretoday provides the fastest and easiest online computer help and support.I want say thank you and wish pcsupportcaretoday all the best.

  55. Webologist
    February 22, 2011 at 1:34 pm

    When they called you, did they make it clear they were not Microsoft? I just had another call, this time they told me they were calling from the “security department of Windows operating system”, which can only mean Microsoft, as Microsoft own the TM for windows operating systems.

    Again I was told I had errors (which I do not). Again I was told I need to install new software to resolve these errors (which I know that I do not).

    Maybe some companies do provide a good service, however, when that is mis-sold then you have to question their motives. The is plenty of FREE anti-virus software which is easy to install and has good support communities attached.

    When I was first called they told me that I had errors, and these errors included the dangerous viruses Skype, Avast and Chrome…….. which suggests that the person selling me the product knew nothing about computers.

    How much do they charge you Lara? Where are they based? Do you get a free phone number for support, and do they access your PC to help clean it? Because if they also consider Skype, Chrome and Avast malware, then who knows what they may be kindly deleting from your system!

  56. Webologist
    February 22, 2011 at 1:43 pm

    The other thing is, if the product really is a good value and good quality product, why do they use a trick to scare people into buying it? Why is it not on the shelves in PC World or on Amazon?

    Getting people that know nothing about PC’s to navigate to a junk folder and then tell them that what they are looking at is malware, when they are just cookies and temp files or no threat at all, is nothing but a sneaky, scammy trick to get people to order a product on the phone. And a CD is never sent out either….

    Much better anti virus and anti malware:

    http://www.avast.com/
    http://www.avg.com/
    http://www.malwarebytes.org/

  57. February 22, 2011 at 1:54 pm

    Did “lara jones” say that she worked for pcsupportcaretoday, or was that just implied.

    The scams have come along way from a few months ago, especailly seeing the interest in your blog….

    I’m sure that they help people like lara jones every day, and no doubt they make their PC run really better (pun), but in the end, a scam is where someone uses deceit to fool you into purchase – whether legitimate or not. Maybe PC Support care today, should stop misrepresenting themselves, if they are indeed a bonefide corporate provider of network and compute solutions.

    So to you lara croft, may you enjoy fraud free internet banking, as your PC is now clean of any wrong doings from Microsoft.

    LMAO

  58. Carol Bridges
    February 28, 2011 at 8:36 pm

    I had one of these calls today from a company called Puresomp. I initially suspected it was a marketing call and told them I was subscribed to the TPS and shouldn’t be receiving such calls but they insisted their call had been generated from Windows. I could barely understand the asian woman and several times asked her to put me on to someone else. I even put the phone down on her, but she called back…which conned me into thinking it was a genuine call and I really must have problems. Eventually she transferred me to one of their supposed tech guys. He wanted access to my PC, which I refused at first, he said he understood my concerns and offered me his contact details etc. which stupidly convinced me to allow his access. He said I had all these errors and tried to sell me their service to correct them. I finally grew a backbone at that point and told him I would not be buying anything off them and had been assured this was not a marketing call, he insisted it wasn’t a marketing call and after a few more words we ended the call. I have now ensured remote access is switched off on my PC, added a password to my administrator account and am in the process of scanning with my Kaspersky antivirus as well as Adaware, Spybot and Malwarebytes. Can anyone advise me if it’s likely they have added anything nasty to my PC or is it just a marketing scam to get your money? Should I do a total clean install to be on the safeside?

    Anyway, just to let you all know there is a new name doing this scam Puresomp.org

  59. Webologist
    February 28, 2011 at 8:44 pm

    Thanks for sharing your story Carol. I actually had a very aggressive call the other day. I hung up and they called back 3 times, asking me why I kept hanging up. I told her I was going to contact the police about the calls. She did not call back after that. They are very bold now. Before they just implied that they were Microsoft, now they tell you that they are and call you back to have a go at you for hanging up.

    Really Microsoft should be taking action against these people, they are a multinational business now aren’t they? They must have lawyers in the countries that the scammers are operating in.

  60. Peter
    March 2, 2011 at 3:14 pm

    Well, I just had an unsolicited call from “the international hub” saying they had seen quite a few errors being reported from my PC, from a heavly accented indian chap. They got me to open up run box and confirmed my CLSID, then took me to event logs to count my errors. Then to the INF directory, saying if I had files that had the same name but different extentions and that they were virused and it would require a certified microsoft technician to determine which one was real. Transfered me to a supervisor, at that point they went through the same stuff then directed me to a web page: windowspccare.info and if i could see three blue boxes, then asking me to press blue button 2, this wanted to download something on my PC. at this point I realised something is not right here, so I politely said I had to confirm something asked for their phone number and thought I’d check it out. Phoned up my broadband provider, of which they were no help, so I started googling I am so glad I did, found this page and looks like I had a lucky escape.

  61. Webologist
    March 2, 2011 at 3:37 pm

    Lucky escape indeed. And they seem to be getting even more cunning. Not only does that site look very much like a Microsoft site, they also have the domain registered to Microsoft’s address, i.e. 1290 Avenue of the Americas, Sixth Floor, New York, NY 10104.

    This one was only created on 04-Oct-2010.

    I have just sent Microsoft an email, will be surprised if they reply. But asked them this:

    Windows PC Care – is it Microsoft or Not?
    Had a call from Windows PC Care about updating my PC security. I see that their domain is registered to your offices, i.e. 1290 Avenue of the Americas, Sixth Floor – http://whois.domaintools.com/windowspccare.info – but it seems a little strange. Why do I need to upgrade, I thought updates were free? Is this really part of Microsoft or something a bit dodgy?

    I wonder if they have a team that takes action against these people. Surprised there is nothing on their site about these cold callers.

  62. Webologist
    March 2, 2011 at 3:43 pm

    Ah, this discussion thread over at Microsoft discusses these problems: http://answers.microsoft.com/en-us/windows/forum/windows_xp-system/online-pc-care-a-sacm/59bef354-16b3-4bbe-98ad-75b94bbe7d84

    “GMRC” …
    What information could “online pc care” a India cold call extract from my computer? They said they were Microsoft, I allowed them remotely into my computer, to fix a so called problem. I did not allow them to finish and disconncted when i contacted MSN to varify this procedure. I am recieving numerous threat calls from this person from India.

    As you’ve realised – it was a scam!.
    You now need to notify your bank, and anyone who you’ve had dealings with over the internet, shut down your PC, and do a reformat.reinstall – there is no telling what the scammer has installed on your PC without your knowledge.
    If there’s one thing certain in life, it’s that MS doesn’t have time to cold-call people. They spend too much time trying to catch pirates for that!

  63. Webologist
    March 2, 2011 at 5:15 pm

    A reply from Microsoft:

    Microsoft Online Customer Service to me show details 15:37 (35 minutes ago)

    Hello,

    Thank you for contacting Microsoft Customer Service.

    I understand that you received a call from an authorized PC Safety program. As you may have rightly guessed the call you have received is known as scam or phishing email and you should avoid it.

    We appreciate the fact that you have taken the time out to bring this to our notice. I have added a few links that will help you report this type of emails/calls and also gain additional information on phishing.

    Report Phishing Scams: The link below provides you with details on how you can report these emails/calls and help fight against phishing scams:
    http://windowslivehelp.com/solution.aspx?solutionid=e1e87293-909f-45e9-9dcd-920a04719bc3

    Additional information: The links below will provide you with additional information on phishing emails/calls and ways you can protect yourself from phishing scams:
    http://www.microsoft.com/protect/fraud/phishing/Msname.aspx

    http://social.answers.microsoft.com/Forums/en-US/vistasecurity/thread/4489f388-d6de-416d-9158-0079764bb001

    http://windowslivehelp.com/solution.aspx?solutionid=865a6311-3f1c-469f-9c2b-77664ea59623

    Phishing is a type of deception designed by scammers to steal your valuable personal data, such as credit card numbers, Windows Live IDs other account data and passwords, or other information. Often phishing scams rely on links in e-mail messages, on Web sites, or in instant messages that seem to come from a service that you trust, like your bank, credit card Company, or social networking site.

    Unfortunately, these scam artists often target Microsoft and other large companies. Largely as a result of customers like you, Microsoft is aware of this issue and working to improve online safety and to put the spammers and scammers out of business.

    You can read about the steps Microsoft is taking to promote online safety and pursue cyber criminals, by clicking on the link below:
    http://www.microsoft.com/mscorp/safety/default.mspx

    Jon, I certainly understand the discomfort the email has caused you and also hope that I have been able to answer your questions and provide you with the information regarding phishing emails/calls.

    I hope the above information is helpful. Please contact us if you have any customer service related questions.

    Thank you,

    ****
    Microsoft Customer Service Representative

  64. Carol Bridges
    March 2, 2011 at 9:02 pm

    I have now done a complete new install so am relatively happy my PC is clear of anything they may have planted on it. I have also changed my online banking pass number as well as a few other website passwords such as PayPal, but remain nervous that I may discover they have gained access to some of my details that will allow them to complete their scam further down the line. I have also reported the incident to http://www.actionfraud.org.uk/ . A lesson hard learnt! I’m now kinda hoping they or another such fraudster call back so I can have some fun with them!

  65. Peter
    March 3, 2011 at 7:15 pm

    Hi Webologist,
    thanks for taking the time to look into this,
    & starting this page, hopefully it will save a lot of people from nightmare phone scammers, thanks again saved me (thanks to google to for getting me your web page):-)

  66. Chris Grant
    March 5, 2011 at 2:24 pm

    I have had many calls from these criminals, the latest just this morning. As a computing professional I know exactly how to string them along and I enjoy seeing how long I can keep them on the line before they give up, hang up or ask me to call them back.
    Try delaying them by saying you need to answer the door and come back five minutes later. Make a cup of tea while telling them your washing machine has just stopped and is bleeping so you need to turn it off. Pretend you have accidentally rebooted and it takes ages to restart (They like this one because they blame it on all the evil programs infecting your computer from the internet!)
    After being passed on to a supervisor you know you have limited time.
    Current call time record = 32 minutes! Let me know if you can beat that!

  67. Webologist
    March 5, 2011 at 2:47 pm

    The last time someone called me I said that I needed to put the phone down while I started the computer (which was on already) then put on a really annoying Youtube video, put the phone on speaker, and carried on working. Must try to find a funny video that can be left on… need someone sounding confused……

  68. Silvia
    March 8, 2011 at 1:22 am

    I have just fallen for this as I am not very computer savvy and the script was v.convincing. Said they were Kalsoft Techsolution & got me to pay £110 for 2 years cover through Pay Pal. They left me unable to access AOL so I called them on 01865600898 & they did sort it. I printed out a convincing-looking payment statement,but after getting doubts, tried their website advancesupports.com to find the site banned & trying to go to snegyear.ru As I paid by credit card I will try to stop the payment but am afraid they could access my online banking etc. Any advice?

  69. Webologist
    March 8, 2011 at 1:30 am

    Phone or visit your bank and tell them theat you have been the victim of a scam and are worried someone has your banking details. Ask for passwords to be changed and payments stopped. In the meantime uninstall anything that was installed, run your av (or download and install Avast! Free edition) and hope for the best!

    Not sure what paypal’s policy is on these transactions. Hopefully your bank’s credit card fraud department can help though.

  70. Chris Grant
    March 8, 2011 at 1:43 am

    Sorry to have to be the bearer of bad news but (these people) are criminals. Follow the advice from Webologist and I would also advise a completely new install of your operating system. If they have been able to access your current set up your entire system could be compromised.
    Contact your credit card issuer immediately and tell them you have been scammed. They may be able to follow up on this and you may be protected against claims.
    Good Luck!

  71. Silvia
    March 8, 2011 at 1:53 am

    Thanks Webologist -it’s nice to know someone else is up at this hour!

  72. Webologist
    March 8, 2011 at 2:08 am

    No problem. Just to add to what Chris said, you should still be able to back up anything valuable should you wish to reinstall Windows. Best thing to do is unplug the Internet cable and boot in Safe Mode (keep press F8 while booting usually does the trick). This will start the PC with minimum programs running, which should mean anything installed will not run. You may be able to uninstall the program at the stage also. But if you reinstall, you could backup emails, photos, documents etc. to DVD / external drive.

    Chris, I slightly edited your message as (these people) that you mentioned may just be victims, as other people use their name. Cannot say such things without proof etc. as that would be deemed defamatory. Just thought I’d explain why I removed the name you put there.

  73. Webologist
    March 8, 2011 at 2:12 am

    Here is some information in Kalsoft, the “premier Microsoft Gold Certified Partner” based in Pakistan – http://www.microsoft.com/middleeast/pakistan/isv/kalsoft.aspx

    The scammers seem to mention them, but then direct people to different sites, which are shut down on a regular basis it seems. So do not blame the company that is mentioned on the telephone sales call, as this seems to be a part of the trick, just like saying that they are Microsoft engineers etc.

  74. March 11, 2011 at 4:09 pm

    Never had one of these calls before but had Puresomp.org on the phone this afternoon trying to sell their particular brand of shite.

    You can add them to your list.

  75. Ben
    March 17, 2011 at 9:23 am

    Thankyou for this article, it was the google result to a search I did regarding the CLSID while I was on the phone with a “representative of computer systems worldwide” I wanted to understand what it *actually did* while they were telling me it was some kind of unique identifier. I succeeded in keeping the scammer on the phone for half an hour, bluffing my way through their prompts as best I could untill I hit a wall where I couldn’t coax out of them what I was “supposed” to be seeing which would allow me to say that was what I saw. Then I put them on “hold” for long enough to collect myself before I told them what I thought of them and what they do, how I’d deliberately stalled to waste their time so one less person would be a victim of their heinous fraud. I feel disgusted and dirty, these people are scum, but we should do all we can to frustrate their efforts.

  76. John
    March 17, 2011 at 1:12 pm

    Just had Anobe calling from London saying the usual magumba about my system being infected.I managed to convince him we had a connectiom problem with the phone and had him call me back eight times whilst putting the phone on top of a running tumble dryer every other time i replied. i got a phone number from him 01614082873 for me to contact him back and the puresump.org site. I got bored after a while and told him where to go. Havent tried the number yet

  77. Roy
    March 17, 2011 at 4:15 pm

    I was taken in by this scam on 15th March, company calling themselves Windows Services Online. They suggested that I could pay by Paypal in order to get a refund if I was not completely satisfied.

  78. graham
    March 17, 2011 at 6:07 pm

    hi there, just had a company calling themselves ‘ puresomp.org ‘ saying i had loads of errors on my computer, and they would give me 6 months policy for £99.99 or 2 years for £199.99. tried to hack into my computer by telling me to hit run and go to there website and all that crap !!!

  79. Chris
    March 17, 2011 at 7:40 pm

    Word of warning to anyone thinking of playing the “How long can I keep them on the line before telling them to F off” game.
    Having been less than polite with one of these criminals last weekend I received multiple (8 plus) calls immediately after I told them where to go.
    They tried unsuccessfully to harass me by quoting my address and telling me I had been abusive – you couldn’t make this up!
    I then received further calls from people mumbling and shouting.
    They only stopped when I let the calls go to voicemail several times.

  80. andy
    March 18, 2011 at 4:11 pm

    Hi, thought I should post this as its pretty relevant.
    Had a call today from indian sounding guy who said he was from 247 pc care in manchester, and that my windows based computer had a problem, and if I turned it on he could help me fix it. I was suspicious straight away so I ended up asking him more questions than he was asking me.
    To cut a long story short he became abusive and ended up saying he would come and *$%! my mother and *$%! me in an inappropriate area of my person, confirming my address and postcode. cheeky blighter!
    I invited him to ” give it a try by all means and see what happens ” then he swore at me again and hung up the line.
    Don’t think I’ll hear from them again!
    BTW 1471 on telephone reveals a “network which doesn’t supply numbers” result , so you can’t call them back.

  81. Brian Davey
    March 21, 2011 at 9:14 am

    Here’s another company doing the same thing:

    http://www.pc24by7support.com

    Had a call from them tonight. I’m in Australia. They claimed to be calling from San Jose California, though the strong Indian accent may suggest that was not so. I talked long enough to get their website then hung up.

  82. Niki Chalmers
    March 23, 2011 at 5:00 am

    I am also from Australia and have had similar calls. I keep telling them not to call back but unfortunately they do not take the hint. After speaking with the first Anna Wilson that I have ever heard of with an Indian accent today. I decided to threaten taking it to the police. She even went to the extent of giving me a dodgy phone number. Hopefully this means I will never hear from them again!!!! :) They claimed their company name was PC Security Queue.

  83. Bryan
    March 25, 2011 at 10:26 am

    Oh no I think I’ve been scammed, I bought some program from them and they downloaded ccleaner on my computer. Now that i think of it they gave me a melbourne number but when i rang it there was noone there, then they called me back god im such an idiot. Should i uninstall the program? My claimed company name was kalsoft tech solution. Good thing i used a debit card that only has $70 p/week in it.

  84. Webologist
    March 25, 2011 at 10:42 am

    If it is CCleaner from Piriform then it is not a problem, is it this one: http://www.piriform.com/ccleaner ?

    However, that is a free program from Piriform, so this company (the pretends to be Kalsoft) had no right to sell it to you. Probably best to uninstall it and then download direct from the Piriform website to be safe.

  85. Webologist
    March 25, 2011 at 10:44 am

    Just to add, I actually use CCleaner, it is a quick way to delete cookies and cache trash, it certainly helps to speed up Chrome browser.

  86. Carol Stevens
    March 26, 2011 at 9:13 pm

    Had something similar several weeks ago. I couldn’t hear the name of the company even though I asked several times it was the Indian accent and the very bad line that made it difficult. They wanted to sell me a year’s contract to keep my computer safe at a cost of £78 I said no thanks and put the phone down but they did waste a lot of my time which I can never get back.

  87. Olly
    March 29, 2011 at 4:44 pm

    I’ve just had a very similar call from an Indian lady, claiming to be from windowsservicesonline.com , asking for one off payment of £70. She wasted a bit of my time but I politely told her I wasn’t interested, but was very persistent. Beware!!

  88. kaz
    March 30, 2011 at 8:35 pm

    Had a call today from heavy Asian accent man today from 306etechsupport.com I did do everything the man told me except give him my card details. I feel so vialated as being pregnant and not understanding all that was going on. I am gutted at how stupid I was. I haven’t had a chance to read all these storys but really need to know could they have gained any personal info from computer like online banking etc

  89. Webologist
    March 30, 2011 at 8:42 pm

    Did you install anything? Did the Windows “confirm” action box pop up? If not, then you should be OK. When I went to the end with them they just wanted me to buy something, everything before was to trick me into thinking that they were calling from Microsoft. Although some people do seem to have had stuff installed before buying anything.

  90. kaz
    April 1, 2011 at 10:26 am

    I can’t really remember they did take control of my computer. I think they may have. They called back asking for me but my husband answered and kept quizing them on what they were doing and how they got our details ( were ex directory) they said Microsoft but avoided answering any other question. They kept asking to speak to me then my husband asked them not to call any more as i was in such a distressed state.

  91. Flux
    April 1, 2011 at 2:07 pm

    Just had a similar call. Worked out pretty quickly what was going on, and played along for a while. When I got bored with it, I started a tirade of verbal abuse at him, trying to fit every obscenity I could thing of in before he hang up.

    It’s not often you can vent all the pent up anger that modern life generates at a real person who genuinely deserves it…

    Please call again! I have a degree is CS, so am probably fairly safe from their made up problem fixing, and I had SO much fun!

  92. Carol Bridges
    April 5, 2011 at 6:55 pm

    Had another call today…maybe my name and number has gone on some kind of list now as I was stupid enough to fall for most of it last time! Couldn’t catch the company name despite asking twice. Slightly different approach this time saying it was my email programme allowing viruses into my PC, and they could check it for me to see where my vunerabilities were. I couldn’t decide whether to unleash a few very unladylike expletives at her or play the game, decided to play the game for a while but when I asked her exactly where her company were based she hesitated for a moment and then hung up….spolisport!

  93. Webologist
    April 5, 2011 at 6:59 pm

    Yep, the moment they realise that you know it is a scam they hang up. Sure sign that they know that they are doing wrong.

  94. Etienne
    April 7, 2011 at 7:18 pm

    Got a call today. We’re from the Mirabel, Quebec area.

    They gave their website as “supportforpc.info” That was a weird experience. Now I’m hoping they call back some time so I can waste their time some more.

  95. Pav
    April 9, 2011 at 10:15 am

    Hi, Just had a call from So called “Global Tech Support” based in Melbourne and nearly convince me with their CLSID 888DCA60- bit and my home address.
    Being in IT, I never had come across this before was bit surprised at their persistent talk of, from Windows Operating system co. I will try to get this info out to a local radio for awareness. Keep it up, hopefully some IT Security pro person can tell us how to “snoop” their connection if you do allow those “pest” to connect to your computer.

  96. A White
    April 14, 2011 at 9:45 am

    RJ PC SUPPORT SCAM – rjpcsupport.com

    I recently got a call from someone called Mark from rjpcsupport and they said that my computer is infected with viruses and malware. I immediately hang up and called my computer technician who visited my place and said my computer is absolutely fine.. this chap Mark said he is a Microsoft employee too which i highly doubt. he was asking me to download something which my antivirus detected as virus..

    I would like to ask microsoft to look into this

  97. Dominic
    April 14, 2011 at 12:03 pm

    SCAM!

    a lady called me yesterday (13 Apr 2011, London) from an Indian call centre. she asked if i had a pc, implied her company worked with microsoft, to help people with computer malware. she asked me to check my computer for warnings/errors, and once identified, stressed the toxicity of these warnings/errors (to get me scared/pliable!), and then tried to get me to launch a .exe programme (logmein123) to give them control of the computer

    keeping them on the phone, a quick google search came up with your article above, and a guardian article. when i mentioned this to them on the phone, they kept their cool – and were completely unashamed – insisting it was all on the level!

    obviously i didn’t launch the .exe programme. what was striking was how convincing and professional the lady and her colleague (the ‘IT’ specialist) were, well-spoken etc – i can imagine this scam could easily fool a good many people if they were to ring up enough people

    Anyway, i bid them adieu and am now telling everyone about this scam. Hope your article (and this comment) raises awareness, and helps other people

  98. Brenda Holden
    April 15, 2011 at 7:35 pm

    I have just received a call from an Asian-sounding man claiming to be calling from Kalsoft Technical Solutions Ltd on behalf of Windows. He was very convincing, using the CSLID number scam – they appear to always give you the same last 5 digits – 7D062! When I very politely declined his offer of help and explained that I have a very competent IT department in the lawyers office I work for which I would take my PC to, he became quite rude! However, it did get rid of him – and when I then googled the company name I was SO relieved not to have been taken in. Thank you to the posters on this site.

  99. Webologist
    April 15, 2011 at 7:57 pm

    Glad you avoided the trap Brenda. For the record, I believe that Kalsoft are actually an innocent party in this, their name just gets used as does Microsoft’s to give the impression of authority. Here is the info on MS website: http://www.microsoft.com/middleeast/pakistan/isv/kalsoft.aspx

  100. Anon
    April 18, 2011 at 6:04 pm

    Some Indian guy called ‘Alvin Briggs’ calls me today from a withheld number. He says he is calling from the windows support and that their company ‘Kalsoft Tech Solutions’ has had reports of malicious software or viruses on my computer and about an IEM file. I ask him for his name and number which he gives me as this number. He says the company is based in Oxfordshire, and says he has my unique windows operating system id which is a 8 digit code. He wanted me to type ‘cmd’ in the ‘Run’ command box and to help me remove the alleged software or files I have that is causing my computer to run slow. I knew immediately to take his name and contact number and the company he works for at the start of the call as I do with all strange unexpected calls such as this. I was surprised he had my full name, address, and home telephone number. I asked him if he had my mobile number but he said they didn’t have the authority to call customers on their mobiles. I don’t know how they obtained my details since my number has been ex directory for some time now. I told him I would ask my brothers about them as they are very good with computers, and that I would call him back. I googled their company and the number he gave me and called him back to explain to him that it is a scam from the information I have read. It is strange that when I called this number it rang for a long time then they eventually picked up and it was a different guy. He said he would get ‘Alvin’ to call me back and asked for my number which they should have had already. It seems like it is a small number of scammers working together and not from a call centre. When ‘Alvin’ called back it was from a withheld number again. I told him I would have to report him and he said it didn’t worry him because he had my details and it was a legitimate company. He asked if I wanted to continue erasing the files and I asked him what he wanted me to do on the computer…I think he then realised I was wasting his time because he hung up…I only wanted to find out the nature of how they operate though lol. Anyway beware of this company. Alvin Briggs doesn’t sound like an indian name….lol

  101. Webologist
    April 18, 2011 at 6:33 pm

    They really have not thought their story through. Kalsoft is a company in Pakistan, so why would they have a call centre in Oxfordshire!

  102. Andy
    April 22, 2011 at 2:41 pm

    I get fairly regular calls from these “helpful” companies.

    I managed to keep them busy for 45 minutes the other day. I took it right to the point where they want me to pay, and I then make them realise they have not only wasted my time, but their own.

    They way I look at it, if I am not busy doing anything, I can be of help to others by keeping these criminals occupied for as long as possible. It can also be of help to myself, because unless they are really stupid, they won’t call me again.

  103. Webologist
    April 22, 2011 at 2:43 pm

    Good work Andy, you are doing the community a great service! Just realised that I have not had a call for a while now.

  104. Andy
    April 22, 2011 at 2:51 pm

    It’s quite good fun “playing along”. I sometimes throw in a line or two to see if they are “on the ball” or not. Not suprisingly, they don’t always take the hint when you tell them that I didn’t buy the PC from a shop, but built it myself.

    One time I had one of these calls, I got to the point where he offered me the solution (for a price), and I just said “well if my PC does play up due to these issues, I’ll just re-install Windows myself, like I did when I built it”. Bless him, he still tried to convince me, before getting rather annoyed when he realised that I had wasted his time.

  105. Webologist
    April 22, 2011 at 2:58 pm

    Yeah, I once asked them “which computer is sending the errors, we have about 300 in this office?” and that puzzled them, as they thought that they were calling someone at home (which they were). Once I listened to them and then said “Windows, oh, I only have a Mac.”. Only once was I just rude, suggesting to the lady on the phone that she should get a proper job rather than spend her day trying to rip people off.

  106. Andy
    April 22, 2011 at 3:02 pm

    I have just thought of a couple of other ways to make their day a little less productive.

    I mean, just imagine their response when you are just about to make the payment, and you have a power cut. Still, you can ask them to call back again later. If they do call later, it would be such a shame if you got to the point of payment again, and one of those nasty error you are trying to sort out caused your computer to crash.

    Just a couple of ideas to amuse yourself with.

  107. Andy
    April 22, 2011 at 3:19 pm

    Another one (when you get good at knowing what responses they expect from you) is to play along until payment time. When they ask you to transfer funds by pappal or credit card, say “ah, there seems to be a problem”. When they ask what, say “I’m not in front of my computer, but sitting in the garden enjoying a nice cold beer and a chat with you”.

  108. Webologist
    April 22, 2011 at 3:35 pm

    Talking of which, the sun is shining and the garden is calling me (well, my wife is calling me).

  109. Andy
    April 22, 2011 at 3:39 pm

    Take the phone with you, just in case “Microsoft PC Care” call you too.

    And don’t forget the factor 15.

  110. Rose
    April 23, 2011 at 6:14 pm

    I was phoned by Kalsoft about my computer running slow which at the time was. I was completely taken in by them and I paid £160 for 3 years cover which came out of my account by paypal to a company called kalsoft tech with a ref number 35314369001 I looked on the web and to me being a novice thought they were fine. They even gave me a phone number (the same as many have already stated) and a email address that I could conform that all was fine and correct like the phone number no reply when contacted. What a fool I was in my defence ill at the time with this dreadful sickness bug and not really paying much attention to what I was doing. Like many others they talked me on how to allow them to get into my computer with a pass key 569527 because my original subscription had run out on the 31/3/2011. After doing what they asked and paying the money they then took over my computer for about 2hrs with them controlling it doing weird and wonderful thing at the end an engineer popped up on the screen saying they had finished and to sign them out because my computer was again safe and secure. Please could you advise me how I can tell if they still have control of my computer when it is on and running I have also done so many anti this and anti that checks I also cancelled my Internet Banking detail on th.e account that I used to hand over the money. What as happened to me is weighing heavier on my mind as I can not tell the rest of the family who thank goodness do not use my computer Why do these horrid people do these scams I know there are idiots like me out here. Thank you for your help in this matter

  111. Webologist
    April 23, 2011 at 6:24 pm

    Sorry to hear that Rose.

    If you have a Windows recovery disk (should have come with the PC) then really the only way to be sure is to do a clean install. Copy all your personal data (photos, videos, documents, emails – every) to a safe disk (DVD, external hard drive etc.) and format and start over.

    Take your time though. I reinstalled Windows on my PC earlier this year, I spent about a week making sure I had everything safe (I actually never save anything important on the C drive, I have a 2nd HDD inside the PC where I store all data – less likely to lose it if not on the C / operating system drive).

    When you are ready, and have checked the files work on the new disks or drives, re-install Windows.

    A nightmare, but I honestly do not know any other way to be sure that it is clean.

  112. carol
    April 25, 2011 at 11:20 am

    hiya i recived a phone call today from 09234765437 claming too be from windows sayin i have loads of errors showing up on my computer me bein little silly let them take control ov pc around 20mins it was only when they asked for the sum ov 300 pounds me clicked on so me ended call rang police and got told windows dont ring u at home me rang bank stoped all cards wiped computer back one munth and goin 2 change me email have me done everythink too safe gard myself

  113. Tom
    April 28, 2011 at 7:51 pm

    I just had a call from my mother, she has just been scammed by this. They used the name fullpcsupport.com. They even gave her a username and password to be bale to access their products or something which of course does not work. They took £150.

    I am more concerned by the threats that still remain (the £150 is a large amount of money but nothing compared to what they could get). I’ve had here call her credit card company who report no other suspicious activity and have noted they transaction to fullpcsupport.com and will continue to monitor it. As well as notify her debit card and other card companies just incase they have managed to steal other information.

    I have requested she has the pc formated by my brother to fully guarentee there is nothing left running on the system.

    Also to change all her passwords to email accounts etc incase they have keylogged her since this happend a week ago and she only just got the courage to tell me (she says she feels really stupid and is very upset by it, it has knocked how confident she is computers back again)

    Anything else I can do to protect her agaisnt it? Does anyone else who has been scammed been hit by other card frauds/scams after falling for this one?

    Thanks

    Tom

  114. Andrew
    April 30, 2011 at 10:02 am

    Same scam is now operating in Australia. almost to the letter. It is tricky getting their ‘customer’ to run the command prompt multiple times then ended with type logmein123.com a Web-Based Remote Support service. Very well rehearsed!

  115. Evrol Keeys
    May 6, 2011 at 6:02 am

    I had one of these calls today and he wanted me to give access to my computer via logmein – thats when I got really suspicious.

    He gave the company name as Windows service Centre – based in Melbourne – with his name as James Clark – contact phone no 03 90163061 – he even answered when I called back to let him know that he had been sprung.

  116. Will
    May 10, 2011 at 2:53 am

    I’m in South Australia and I had a call yesterday (May 9th) from a man calling himself Mark (is that a common name in the sub-continent? I wouldn’t know.)asking for my father (whose name is on the account for the phone) when I said that he wasn’t in. This man said he’d call back when the “primary internet user was home” So I told him I am the sole internet user in the house and that there was no need to call back. This man actually DEMANDED how I was related to the account user.

    So I told him “I was related to him by blood and what is the issue?”

    He began by telling me that there was a “Dire Emergency regarding the security of my computer” (BS detectors registered 11/10 on that) then started about that they had detected a lot if downloading on my line etc etc

    When I assured him there had been no downloading in the past 4 weeks save for updating programmes and the usual batch of patches from Microsoft he then told me oh you only have to surf social network sites and check my email for it to occur.

    I assured him it was not possible unless he was calling from Microsoft to tell me that there was a massive security breach and every computer running on Windows software was infected. This clown still tried to tell me no just being online was enough for these ‘dangerous viruses and malware to get onto the system’ – need I go on?

    When I demanded the name of his company and his name, he hesitated then said it very fast. So I asked him to spell it out. At first he didn’t want to so I told him all he needed to do was to answer ‘a couple of questions’ (which in Australia can mean any number up to 5) so he agreed and spelled out KALSOFT TECH SOLUTIONS. I asked him where it was based he said Victoria, Melbourne. But, when I asked for the company phone number, so I could call them back after I had called all of my friends to see if they also had this “dire emergency”. He then told me he only was asked to answer 2 questions and promptly hung up.

    Of course directory assist told me what I already knew – There is no company of that name in Melbourne or anywhere else in Australia. I put out the BS alert to all my friends then thought I’d check up on line despite how “DIRE!” (insert scary music) it would be to see if thing was the usual Scamware it sounded like.

    Perfect fodder for ACA or TT.

  117. Webologist
    May 10, 2011 at 3:01 am

    What is so worrying is that they continue to use Kalsoft’s name. Why them all the time?

    What is ACA or TT?

  118. Will
    May 11, 2011 at 1:48 am

    Apologies ACA (A Current Affair)and TT (Today Tonight)are “current affairs” shows we have here. They show them after the news and pass themselves off as ‘real news shows’ They’re full of tabloid-esque stuff on scams (funnily enough using words like DIRE and EMERGENCY to describe such things), celebrities, miracle diets, what’s hot in fashion for the season etc.

    It’s why I don’t watch commercial television.

    In Australia we have a ‘Do Not Call’ registry. It’s an opt in service set up by the government or ‘Nanny State’ (what ever your preference)that will take names and numbers off cold call lists.

    Naturally I called it and if anyone else in Australia would like to opt in; the number is – 1300 792 958 you don’t talk to anyone it is all via the key pad on your phone.

    I apologise for not being specific Webologist, being a colonial I sometimes forget that the rest of the world may not know about our TV shows.

    I hope no one else gets scammed, because they (or at least the one I spoke to) was quite aggressive and his attempts to intimidate me (I assume he felt he could my being female n’all) into giving over who I was may be more effective on people who don’t get riled up as quickly as I do.

  119. Webologist
    May 11, 2011 at 1:53 am

    Glad to hear that the colonies are thriving! All I know about Aussie tele is Neighbours and Home and Away, and not watched either of those for about 20 years.

    One of the ones that called me was very persistent, they actually phoned back twice to ask why I hung up on them! Funny people. Well, sad really. I try to remember that the people on the phones are rarely the scammer, they are just making ends meet in a call centre, reading off a card. Well, some of them are probably a bit clueless. I wonder how it works? Do they know?

  120. Webologist
    May 11, 2011 at 11:38 am

    Being told now that I may be arrested because of criminal activity! Luckily Windows Office support are going to run a report and fix my computer. Phew. Microsoft gave me a personal call to help me, as they do not want me to get arrested. Criminals have hacked my computer and are using my IP address to conduct criminal activity. I could be ARRESTED at any time if I do not let them fix it!

    I told the gentlemen on the phone that I was not interested in seeing the reports myself, and asked if they could just send an engineer to fix my computer. He did not like that. He wanted me to run the reports, then given him access to install malware on my PC. Not having none of that matey!

    I put him on speaker phone and did the whole “booting up now, computer really slow, oh, got my password wrong again!” thing while typing. Did not get to the phone number / website stage as the connection was lost.

  121. May 17, 2011 at 6:00 am

    Bugger they just rang me and I did up event eventvwr
    and yes very nice lady
    Then I ask her where did she get my number form
    she said DATABASE
    I said who did the data entry
    she went back the Problems
    I ask her again where did you get my number
    she said DATABASE
    I said who did the data entry
    she went back the Problems

    she was losing her cool

    Then I ask her where did she get my number form
    she said DATABASE
    I said who did the data entry

    phone went Quiet

  122. Webologist
    May 17, 2011 at 8:17 am

    Well done, your wore them down!

  123. Evan
    May 17, 2011 at 2:15 pm

    Hi – I just got one of these, wanted to share.

    A lady called me at home telling me my computer was transmitting all sorts of viruses and malware. She also asked to confirm my CLSID code. I asked what company, she said “technical support for 24/7 help”, I asked where, she said Miami, I asked for a phone #, she gave me 1-305-280-3310.

    I kept telling her the CLSID code didn’t match, and she kept reading it to me (it matched of course), was entertaining for a while then I hung up. They called back, I picked up and hung up right away, nothing since. Wishing I had just put her on speaker and wasted her day because she is trying to fool someone else right now.

    Is there any legal recourse? Who can I report this to?

    Cheers

  124. Jack
    May 19, 2011 at 2:16 pm

    thanks for all these informations.
    i was really worried and actually thought it was real but as soon as they talked me to the products i needed to buy, DING alarm rang and “scammer” came on my mind. but i must admit they played really really really well! good talker lol. but still they followed the script coz when i asked questions, they answered other stuffs, just like continuing their script haha.

    i read thru this whole page and laughed alot coz this is a very funny story that actually has what i did too. and also a lesson to teach others NOT TO FALL FOR SCAMMERS!

    I definitely will play dumb with them next time they call, then just hang up when i get bored. i really hate scammers!

    thanks again, and i wish you guys the best =)

  125. Entangler
    May 24, 2011 at 7:26 pm

    I cannot believe that after all of the press about scams, security, and protecting your credit card info that people still fall for this.

    I’ve received about 3 of these calls in the last few days, and am always impressed by how much they “know” about my computer.

    The last time I got one of these, I just expressed horror at the fact that “so many viruses and malware were being sent from my computer”, and said I’d need a couple of minutes to boot my computer up so that he could “help” me.

    Then I put the phone down and went and made lunch. Amazingly, in 20 minutes when I picked up the phone, he’d hung up!

    Just a reminder to make sure you’re protected against spyware, malware, viruses with a reputable AV suite, and keep it updated!

  126. Neil Todd
    May 24, 2011 at 8:43 pm

    First of all, many thanks for this site! I had a call yesterday from a fella with an Indian accent, claiming that unscrupulous types had planted malware on my computer. Foolishly, I allowed one of his ‘technicians’, a ‘James Handerson’ to access my computer remotely.

    I was then sent an email with details of how to pay for ‘Kalsoft Techsolution’ antivirus software via PayPal. The caller reassured me that PayPal was a trustworthy method of payment and urged me to press the ‘Pay Now’ link. By this time I had smelled a rat, and put the phone down on him before Googling Kalsoft.

    At this point I saw your weblink amongst the search results, and instantly recognised many of the scripted phrases I’d heard. I had forgotten that the erstwhile ‘James Handerson’ still had remote access to my computer, and the next thing I knew he was trying to close the link to your site! I then attempted to shut my computer down; he cancelled this operation! At last I was able to shut down, only to receive another phone call. At this point I let our helpful scammer know exactly what I thought of him.

    Along with all the advice from the many others who have posted on this page, I’d say watch out if a caller mentions a technician called James Handerson!

    Thanks again for all the advice and for alerting me to these ars3hol3s!

  127. Webologist
    May 24, 2011 at 8:58 pm

    And now they know about my blog – oh joy!

    Little tip – if someone has access to your PC, if you want to stop it, pull out the Ethernet cable, or unplug the router – do something which they cannot stop! Quickest way to close the connection, then you can try to fix the mess afterwards.

  128. Benit0
    May 25, 2011 at 2:22 am

    Yesterday I received yet another call from these idiots.

    Didn’t get the company name they are using this week, but they called on the fax number – tricky!!

    I was thinking about how to lead them on and waste their time, but I actually couldn’t be bothered. I just told them they must be stupid to think that I would give them access to my computer.

    The guy got a bit tense about being told by me what HE was about to do, and tried to deny it. Saying “No sir, you are going to do this all yourself”. Yeah right. Until I run something that gives them remote access and then they dive in and hack around.

    Next time I’ll think to pretend to go thru the procedure and waste their time. If I can use up half an hour, I’ll tell them I am having trouble getting my Linux computer to understand the commands they are asking me to input ;-)

    Maybe you could plant malware on your computer to infect them when they log in remotely? Hmmmmmm….

  129. Neil Todd
    May 25, 2011 at 5:48 am

    What does one do if one has a wireless connection, so that there’s no cable to remove? Wave a coat hanger in the air to disrupt the signal? :)

  130. Webologist
    May 25, 2011 at 7:33 am

    Yep, that should work! Unplugging the router will disrupt the wireless connection. There is always the computer power cable failing everything else. I suddenly remember a conversation from years ago. A friend of a friend used to compete online playing Starcraft (a PC strategy game) and sometimes when someone was doing badly they would rip the power cable out of their pc to instantly close the connect. If a laptop, maybe closing it would close the connect? Although my laptop has a wireless button you can press. No idea about tablets. But then, they are only targeted Windows PCs at the moment.

  131. Neil
    May 25, 2011 at 7:37 am

    Hello Webologist – re my last comment about wireless connections. I just read your reply more carefully and spotted the word ‘router’. Silly me.

  132. Alyson Klein
    May 25, 2011 at 12:19 pm

    I had a presistent caller for past 2 days, eventually I spoke to supervisor using the name Kahlil Chahin quoting MCP 6290268 and the phone number 0844 2720796

    very persuasive but I would not play ball.

    Left me feeling very unsettled though, I do feel sorry for less aware people that they might be ringing!

  133. Webologist
    May 27, 2011 at 2:36 pm

    Just had another call, this time they used another tactic. This was what they (Paul, from Windows Technical Department) said.

    Started with the usual “we are getting errors from your PC, you have viruses, your anti-virus cannot stop these ones though” malarky,

    Then got me to Windows-R to open the Run command box, then type in “eventvwr” to look at stuff in application, and informed me that this was a lot of errors.

    Then he got me to run “inf” (Windows R to run again) and told me that what I was seeing was more viruses.

    Then explained how an engineer will have to log in remotely to help fix the errors.

    He kindly advised me that “as you are our existing customer from Windows we do not charge for this service. However, if the engineer has to fix or install anything there will be a fee”.

    Next he got me to open Internet Explorer and type into the address bar: www. logmein123 .com. (I have broken the link to avoid boosting their site)

    This domain was registered in 2005, but it actually now redirects to:

    https: // secure.logmeinrescue.com/Customer/Code.aspx

    This displays a simple box with a pass code (Enter your 6-digit code:), here is a screenshot:

    scam

    He gave me a code, but I did not enter it, I entered a different one which gave an error message. I told him this, and he gave me another code. The two codes I was given were 382325 and 310002. If anyone that knows computer security wants to take a look at what happens next, please have a go and let us all know!

    I told the chap that I had a client arrive so had to go, end of call.

    I just looked at their website, and they offer this service:

    “LogMeIn Rescue Yearly $1,188.00″

    I guess that they trick people into thinking there is a serious problem and then scam them for
    $1,188.00 every year. Most worrying really is what happens after you allow them access through their “Support Connection”

  134. Dwnicho
    May 28, 2011 at 5:17 pm

    Accolades to Webologist for so much info.
    I’ve had so many calls from these people that I can usually tell what page of script they are on.Ask a question and it takes a while for them to get back on track.
    I’ve usually gone right through to Event log viewer which I clear first and they allways seem surprised no errors are recorded-usual response is a Malaware virus is preventing the logs from updating-Of course they could’nt explain why their computer was showing so many errors on my PC when mine was clean.
    Anyway-good fun when your retired.
    However one thing concerns me-Webologist lists http://www.pcsupportcaretoday.com in list of suspect sites.
    This sight actually offers a free remote access program TeamviewerQS.exe which is now in it’s 6th version.
    Any chance the Spammer is including this as a legit. download to throw us off the trail.
    I have downloaded the exe into a Sandbox and compared it to the TeamviewerQS file from the Teamview site-byte by byte comparison shown no change.
    At least the official site http://www.teamviewer.com gives other files you can download which run as host/server without install-but I guess that does’nt stop a program from leaving an unwanted cookie to activate later.
    Not sure If I have gone off track-these spammers are dangerous and your advice is welcomed by all.Regards Dwnicho

  135. Webologist
    May 30, 2011 at 12:46 am

    You may be right Dwincho, will have to try to dig further. I will also amend the info here.

  136. Jono
    June 1, 2011 at 9:15 pm

    Still happening. Got a call from an Indian Mark Webber of Kalsoft Tech Solutions today. Same number and website given. Can’t believe how persistent these parasites are. Same website and same number as other posts.

  137. Christopher Jolliffe
    June 4, 2011 at 8:31 pm

    Hi,
    Have just had a very persistent man Robin for “Kalsoft Tech Solutions” Two calls in less than two Hrs. Told him I was going to check who he was.Ver nice man, gave me a number to call. Derr. He said he was going to ring me in a weeks time! Who should I give this information to? I was not convinced. Hence finding this site.

    Cheers.

  138. Jimmy
    June 11, 2011 at 3:00 am

    I have been getting these calls on a regular basis for several months now. They get quite upset when I tell them that I am speaking to them on the phone, but the phone is in a different building to the computer – and no, I do not have a mobile phone. Funny really, they seem to suddenly stop wanting to help me. Today, Frank from India, was trying to persuade me to renew my warranty for Windows. Strange really, as I have never had any warranty over the many years that I have been operating with a windows system. Does he really expect me to pay to renew something that does not even exist? I wonder what my next problem will be!

    Jimmy (Suffolk, UK)

  139. Mark
    June 15, 2011 at 11:34 pm

    Just had a call with a guy named Daniel Robertson, recognized that he was East Indian

    Did the same thing to me, while I was on the phone I googled the error he was telling me and when I saw this site .
    I dropped the call purposely and he called back immediately and I just reasoned with him that I got to go and dropped the call. He told me that my computer files are corrupted by 95% because my warranty is expired yet I just got my computer this year.
    He gave me a number so that I can call him back. 1-877-523-2355
    I hate it when these type of callers try to scam me.

  140. Webologist
    June 15, 2011 at 11:39 pm

    So annoying, and they have been doing this scam for ages now. Make sure you spread the word, tell your frinds on facebook and twitter, you can share this page if you like. The more that know about it the fewer that will be scammed.

  141. Carol B
    June 18, 2011 at 1:31 pm

    Haven’t had a call for a while but just had one. The woman I spoke to actually spoke pretty good english, but the phone kept going dead like she was muting it while checking her next step. I played along for a few minutes, telling her my event viewer was totally blank, before getting bored and asking her the company name again, she told me they were called PC Masters and they worked for Windows. At that point I told her Windows did not call people about errors on their system, nor pass on users details to outside companies, she tried to shout me down but I just kept talking over her and repeating the same thing until the phone went dead. Googling them it seems PC Masters have been around at least a year, but as yet haven’t made it to your list.

  142. Webologist
    June 20, 2011 at 7:26 pm

    Thanks Carol. Looks like someone at MoneySavingExperts took a call from them once too; forums.moneysavingexpert.com/showthread.php?t=2687843

  143. Webologist
    June 20, 2011 at 7:29 pm

    Oh, just found this:

    Technical Support Phone Scam from symantec:

  144. Webologist
    June 21, 2011 at 12:13 pm

    Just had a call from microsystemtech.com who are adamant that they are partnered with Microsoft. Also adamant, again, that my computer is sending them messages. They could not say when these messages were sent. But I have MALWARE and SPYWARE which is much more dangerous than viruses!

    The woman started getting a bit frustrated with me in the end as I kept asking questions and then asking her why she was not answering them. She decided to get her boss involved so I hung up.

    What was funny is that she tried to prove that Microsoft were their partner by sending me to Microsoft’s website and searching for microsystemtech. They are not there.

  145. Maxine
    June 22, 2011 at 3:49 am

    My mum has just been duped out of $420 for believing that these people could help her speed up her machine. Her computer is over 15 years old and the speed of her machine is normal – no upgrades given. They pretty much claimed everything that has been listed in the blog so far except the company name is advancesupports.com – another one to watch out for!

  146. Webologist
    June 22, 2011 at 8:11 am

    Oh Maxine, that is terrible. Makes me angry to hear that. These people should be hunted down, they are nothing but thieving con artists.

  147. debbie clark
    June 22, 2011 at 11:48 pm

    Hi there,am ashamed to say have been taken in today by a man with a broad Indian accent,saying he worked with Microsoft for a company called Kalsoft Tech Solutions(surprise!) he done the usual ‘run eventvwr’ showed me the “malicious” corrupted files,and checked the CLSID -ashamedly impressing me and letting my guard down to believe him.
    I wasn’t however asked for any money/card details,(thank god)but he did get me to type some command in run,which brought a box up to which he said press continue.the box wanted my permission for this? (sorry I’m completely tech- illiterate:( Then the phone went dead!I knew then,(what an idiot) so I turned computer off quick,tried to turn it back on to which balloons were popping up saying you computer is at serious risk? I have taken the laptop to shop to be cleaned to be sure they haven’t planted stuff on there get it completely checked.At the cost of £40! My question is this..would they have been able to get to all my stored passwords,saved personal details etc? and will the computer be safe to use afterwards? I am now on my desktop having changed paypal,ebay passwords.Have been told seing as I bank with pin/card and reader(pin changes every log in) I should be ok.Am not sure if they gained remote access.It all happened so quick…feel such a fool:(

  148. Webologist
    June 23, 2011 at 12:10 am

    Hi Debbie, don’t feel a fool, I reckon you did OK under the circumstances. Sounds like you should be OK too. I seem to recall that they asked me to do something like you describe, where I had to confirm. This, I think, was to just gain access to the next step. Still no harm as far as I recall. Maybe. Not sure why you had the popups though. Did he ask you to go to a website at any point?

    There are certainly a few different tricks that the companies employ, some send you to a “support site” where you then actively agree to connect to their computers, some just get you to download and install stuff, others sell you stuff. Hopefully your site is clean, such a pain it costs you £40 to get it checked out.

    I cannot say whether your passwords were safe but if you have changed everything then they should be now. Really the only ones to worry about are payment systems and email. If you use webmail, change those passwords too, just to be safe – and especially if you use webmail to manage your paypal and ebay accounts – if someone has access to you webmail they can search it for services such as paypal and ebay, then go to those sites and request a new password to gain access to the accounts.

  149. debbie clark
    June 23, 2011 at 12:44 am

    Thank you kindly for your reply:) No,I wasn’t asked to go to any websites,thank goodness!nothing was entered anywhere except after the ‘run’ box.I can’t remember exactly what he asked me to enter to bring this continue option up?Just that when I did turn the computer back on ,it showed my security had been compromised in that I think my talk talk f-secure had been mucked up? I must admit I didn’t really hang around to see very much,just shut it down quickly again! lol.It also was making a peculiar noise?
    i am just worried that they got all that they needed as they hung up on ME after I pressed continue? strange:/
    I will certainly take heed of your advice thanks so much,a BIG UP!! to your site! lol…we all need to stay aware.I’ve posted all about this on my FB page.Thankfully there are more people than not who fall for it.Keep up the good work!! well done:)

  150. Ralph
    June 29, 2011 at 2:38 pm

    Kept getting these calls and always told them to p.off but I was bored today and decided I’d let them get charged with a nice long interntional call and was a little curious to see how these people work.
    There was a lot of talk and time spent on convincing me to part with money, but technical information was given with a heavily accented dialect so had no idea what they were saying – and as I read here – it’s all rubbish anyway!If you get a cold call (not a call back you have requested) from a stranger, the only thing they want to help is themselves to your money. Never give money to cold callers! Thanks for having somewhere to check this stuff out.

  151. QuestionColdCalls
    July 3, 2011 at 3:07 am

    I have gotten several of these calls this month. The first time the call woke me up and her dire warnings sent me into giggles. That upset her. “You think this is funny? This is serious!” I told her the only threat to my computer seemed to be her. She actually used my name before she went into the scam spiel, and she said she was working for Microsoft. It is a major con. I can see how people would be taken in though. She said she was with MicroAssist UK. There is no such thing of course.

    The guy who called today, I didn’t even let him get past a sentence before I told him “I have already checked out my computer, it’s fine, thanks, bye”. I wasn’t in the mood to play with him. I am sure I will get several more calls though. I am torn between screaming at the top of my lungs and becoming so friendly they waste the entire conversation. Mood will dictate.

  152. July 7, 2011 at 2:53 pm

    I like to play dumb with these guy, just to find out what they playing at, mostly a repeat performance of the above the company name he used was Pc-connect.com base in Worthing, West Sussex. but he couldn’t tell we a name of any street. Excellent page, thanks for the info

  153. john
    July 8, 2011 at 8:26 am

    i just recieved a call from kal softteck solutions melbourne(partners with microsoft windows) ph(03 90159554)his name was (nick smith)he was trying to tell me that my pc had contacted him.so to cut a long story short when i asked him how he got my home no he got all cunfused and hung up.

  154. sharon
    July 9, 2011 at 8:04 am

    Hi, Just had these guys call my mother. Luckily Mum is a computer novice and immediately handed the call over to me. As I’d missed the first part of the call, I went through the ‘My Computer’ vs ‘Computer’ difference (them trying to work out which system I have). Apparantly my tone by this time wasn’t suitable for the guy (sounded Indian) and he put me through to his supervisor. Admittedly they both sounded like the same guy to me…

    He did the whole verify by the unique number thing too. Unfortunately for him I work in IT and know this isn’t a unique number. I then insisted he verify who and where he worked and they’re link to Microsoft. Eventually he said ‘Kalsoftech Solutions’ also known as ‘Advance Support’ and 03 9015 9554 to call him ‘Albert Smith’ back on.

    Did a quick search and came up with this and a few other sites proving a scam. But he called back to see why I hadn’t rung him immediately back. Told him I knew it was a scam and he hung up.

  155. Linda
    July 15, 2011 at 2:30 am

    Just got a call from someone with an Indian accent with much the same story as noted above. Stated he was a Windows Service Provider and wanted me to run cmd and assoc. I would not turn on my PC and told him I’d right the details down – was very suspicious. He put his manager on who told me his name was Andreo Peterson(again with an Indian accent), gave me a toll-free # – 1-888-670-5066 and company name given as 24x7PC TECH. He asked me to check the CLSID and gave it as noted above. He told me that they were receiving information that my PC was infected with a virus and would crash in next few days. I told him I’d like to investigate his claims a little further on the Internet and that if there were any problems, I’d take my PC to local company to check it out. He warned me that it would cost me money to do so – I replied at least I know who they are and I have no idea who he is. Glad I Googled this – can’t be too careful these days.

  156. Webologist
    July 19, 2011 at 2:58 pm

    I just had a call, first for a while. Terrible line, but an accent from the Indian subcontinent. Claimed to be Microsoft again, said I was sending them errors. I asked how I was sending them errors and they just said that I was and they could show me!

    They asked if I could see the Ctrl and Windows buttons and I said “Windows?” and she said “Yes” and I replied “but I do not have Windows”. She asked “what do you have then?” and sounded a bit incredulous at the idea that someone may have a computer that is not Windows. I told her Linux, “what?” she asked, “Linux” I replied. She then said “Oh, very sorry for disturbing you” and hung up. That was a surprise – she apologised for calling!

    A complete lie of course, as I use Windows Vista.

  157. Andy
    July 19, 2011 at 6:58 pm

    My PC must be behaving itself, as they haven’t bothered me for about three or four weeks now. I suspect that it won’t be long before they are on the phone again, warning me that my PC is about to pop it’s clogs, unless I send them some money. Like a previous contributor said, depending on mood, I might have a little fun with them when they next call. Mind you, they might be finally getting the message now that a call to my number will result in a half hour conversation, ending in me telling them that I know what they are up to.

  158. Tyler
    July 27, 2011 at 4:13 am

    Excellent article, as a previous Microsoft Support Technician I spotted the scam right away. As I am also aware that time on call is everything to these people I played dumb much as you did and when we got the the end of the scam, I told her “I have no internet”… she hung up on me. 2 minutes later she called back and proceeded to give me hell for wasting her time… I asked for her supervisor (if it was really MS they would get you one ASAP) and she said no… and hung up again… was quite entertaining all things considered :)

  159. Andy
    July 27, 2011 at 7:25 pm

    Hi Tyler,

    It is rather “fun” to turn the table on these crooks. Dare I say that the calls have still ceased, so maybe they have finally given up on me. I hope so. The irony is that although I’m not MS trained, I do have a lot of PC experience, to the point that I am now offering a service to the general public in PC help and maintenance. My customers simply pay a reasonable fee for my time and advice, and I do not offer to sell them any software or any service that they don’t need. It isn’t rocket science really, just keep Windows updates up to date. Make sure you have decent Antivirus software running, and up to date. I recommend using one of the free Malware cleaners once in a while too. This seems to keep my PC running fine, and my customer’s too.

  160. Webologist
    July 27, 2011 at 7:46 pm

    Good advice. I have Vista, and other than that I use all free software – Avast! AV, PC Tools firewall, Ccleaner sometimes. The worse that has happened is that my hard drive failed at the weekend!

  161. Andy
    July 27, 2011 at 8:54 pm

    I’m another fan of Avast, and recommend it to my clients. I`ve no doubt that there will be those that disagree, but I have found it to be very good at keeping bad stuff out, and it’s “fit and forget”, apart from the yearly registration.

    Having just re-installed Vista on a customer’s laptop, I can’t say that it changed my mind about that particular effort from Microsoft.

    If your hard drive has just failed, then there is no excuse not to treat yourself to Windows 7 and a nice, new SSD ! Go on, you know you want one !

  162. Martina Hardaker
    July 29, 2011 at 6:06 pm

    I have just had a phone call from someone who said they were from a Windows company called Kalsoft and that my computer was sending them errors. He wanted me to go into my computer but I told him I wasn’t comfortable doing this and I asked for a phone no. He gave me 01865600898 and his name as Kevin Paul. I phoned it and it is a valid no and a company called Kalsoft answered but I couldn’t get any sense from them as it was a foreign accent.

  163. suresh
    August 5, 2011 at 12:53 pm

    I just had call from these people saying same issues as above, I felt suspicious initially but I went with them up to the part where they verify the CLSID – I surprised to hear the Guy actually given this number correctly, even though I wasn’t sure this was same for all vista computers – but luckily before proceeding further I ask the guy to provide his name and phone number – he gave his details reluctantly as name as Mark Taylor and he was calling from Sydney but actually he had an Indian ascent – but I insisted to give their website so that I could verify their genuineness but he didn’t want give that information to me – hanged up on me not to my surprise anyway thanks for all the information posted about these type of scams – it’s really helpful and thanks again for education others.

  164. August 6, 2011 at 11:46 am

    I have just had a call from a company called Kalsoft Tech Solutions, who said that my computer had a virus. The guy wanted me to run a programme with him but I would not do anything. He even knew the identification number of my computer. I told him that my computer was fine and I had not sent any error messages to microsoft, and that all my security features were fine. Anyone know this company, they claim to be with Microsoft !!

  165. Webologist
    August 9, 2011 at 12:48 pm

    We think that some companies just use the Kalsoft name as it is a business which is in partnership with MS, so when you looked them up online all looks OK. If you got to the closing sales pitch you would have been sent to another website to set up the transaction.

    It’s all part of the confidence trick. To make you feel that they are trustworthy.

  166. JP
    August 9, 2011 at 4:48 pm

    Just had a call from someone claiming to be from Microsoft – he got me to google his MCP number which brought me to your site – so thanks. I think I was already getting to the point of not believing him but those messages are a good way of creating a doubt in your mind! Clever stuff! Anyway his name was Kahill and his peusdo-nom was Paul Smith – gave me a phone number to call – which i haven’t 08442720796. Website he wanted me to type was ammyy.com and his MCP number is 6290268. I told his it was a scam and although he argued with me – he gave me numbers and said would phone me back once I had checked him out. So far he hasn’t!

  167. Webologist
    August 10, 2011 at 11:18 am

    2 calls today, both Windows Technical Department. One from Blazesoftwares (domain only registered in June) and they also use Ammyy.com to connect to our computers.

    They claim to be working with both Microsoft and McAfee, but just seem to sell McAfee products – or pretend to sell and then send a dud file / something totally different.

    If you want to buy PC anti-virus software, go to the shop or order from a trusted source like Amazon.

  168. Webologist
    August 13, 2011 at 9:27 am

    Today I told a woman to F Off. At 8.45am she called me, talked down to me, was not interested in anything I said. I asked her if she knew what day and what time it is, she replied “no, I don’t know what time it is, I just know that your computer has a problem”. I then asked her to stop talking for a moment so I could ask another question, and she said “No, you stop talking”. That is when I told her to F Off. She has not called back :)

  169. Iain Pryde
    August 16, 2011 at 8:58 pm

    Had a “wonderful” hindi gentleman come online representing ‘pc support care today. After what seemed a rush introduction, he was asking me to check in the dos prompt for file associations looking specifically for an entry with “clsid” in it. We spent several minutes looking for the entry because it was not where they said it would be. Once located, and the “magic” number was confirmed, the gent on the line had me surf to “www.ammyy.com” so that I would be able to give them remote access to my pc. At that point, telling him that I didn’t know him from Adam, I was not about to give him access to my PC and hung up. From what I’ve seen of prior messages, I’m glad I did. I hope these people get what’s coming to them.

  170. Webologist
    August 16, 2011 at 9:03 pm

    I sometimes now tell them that they breaking the law in my country and that the police are tracing all calls and arrests will follow soon. This seems to worry them a little.

    The sad thing is, half the people making the calls probably have no idea what they are doing and are just working in a crappy call centre 20 hours a day to put food on the table. Sad, but true.

  171. Adam
    August 17, 2011 at 7:02 am

    I had a call like this today. As a software developer, I knew it’s a scam – these things just don’t happen. Firstly a company cannot identify you and get your phone number simple because you’re a Windows user, as if everyone who uses a computer is identified and tracked all over the world. Well, not yet anyway. :)

    I played along and was passed to a supervisor when I asked some pertinent questions, like “how did you get my number”. And my god, she went to *extraordinary* lengths to convince me it was all legitimate. I wasn’t convinced, but it became quite hard to argue with her reasons for everything. She insisted they are not “one of those scam companies”. She did a very good job.

    She gave me a phone number to contact, an address in Sydney (I’m Australian) and a web site to go to: globalpcsupport247.com

    That may be a legit company, but it’s certainly not her employer. I asked what the process was, and she said they will help me install a program so that a technician can access my computer to protect it.

    They’ve called me previously as well. I don’t know why they keep trying, although it may be a different racket each time.

  172. Adam
    August 17, 2011 at 7:47 am

    There’s actually a Facebook page someone set up recently to collect stories about these phone PC hacking scams.
    http://www.facebook.com/pages/Indian-PC-Hacking-Scam/276268562387437

    Post your stories there too, to show how prevalent this sort of thing is.

  173. Mark Scott
    August 17, 2011 at 9:31 am

    I have lost count of how many times I’ve been called with this scam. This morning I decided to play a straight bat with them. When they asked me to press Windows+R I told them, perfectly truthfully, that nothing happened. After trying to convince me that my computer was turned off, or that I’d pressed the wrong keys, the agent eventually fetched his “supervisor” to talk to me. I asked him the name of his company and was told “Global Tech Support” – they claim to be “trusted” by Microsoft but they admit they are not Microsoft. I asked him what business of theirs (or Microsoft’s for that matter) what state my computer was in? He had no answer for that, just repeated the line about my computer having problems. I pressed him on why he was calling — who was paying him to do this? Eventually he admitted that I would have to pay. I asked him why I should pay, since I’d not asked him to call me, it was up to him to justify to me why I should pay. At that point he hung up. I guess it’s just not worth their time to persist with a difficult customer; there are plenty other suckers out there to prey on.

    In case anyone’s interested, Win+R does nothing on my PC because I run Ubuntu Linux. They never bothered to establish that I was running some flavour of Windows. Presumably mention of the Windows key filters out Mac users, but they do need to sharpen up their act a little!

  174. Webologist
    August 18, 2011 at 10:35 am

    I suspect a different racket. The BBC (I think) reported a while back how the police had shut some down already, but I guess now they all work out of far away lands. I guess this is the price we pay for cheap phone calls now. 10 years ago they would not have been able to afford to call so many people for the odd £50. I think one reader here mentioned that they paid out cash to have CCleaner installed (a free piece of software that just clears cookies and temp files from your system!). Those are not so dangerous as the ones that gain access to your computer. The last that called me (well, the one before the one I told to F off) tried to access my PC. Mad.

  175. Suzanne
    August 30, 2011 at 11:59 am

    I have had 3 calls in 3 weeks. One was to tell me I had errors on my website (which I don’t have)
    Toight I played along … it was a company representing Microsoft and all ISP’s.
    I have an error and harmful files on my PC.
    I played along and the end game was for me to allow a Microsoft techician access to my PC to fix the problem…… Yeah right.
    Will tell them next time my calls are being monitored by the police!

  176. Joe Connors
    September 6, 2011 at 5:04 am

    Thanks for this thorough discussion. It saved me much grief. I was phoned twice today from a “technician” implying he was phoning from Microsoft because my Windows system was sending them messages saying my computer was running a virus that was slowing it down. When I asked for verification of his identity he instructed me to use Start, Run, CMD ASSOC to determine my computer’s unique CLSID number, which he indicated would be 888DCA60-FC0A-11CF-8F0F-00C04FD7D062, and he recited my home address. He wanted me to perform that “test” while he remained on the line. I told him to send me an independent verification that he was phoning from Microsoft to my email on record with Microsoft (I did not give him my email address) with contact information within Microsoft that I could reach to verify his legitimacy and then I hung up. I did not perform his “test”. I then Googled “CLS ID scam” and found your website. Thanks very much for alerting me to this scam. I will warn my family and friends not to be taken in. It is disturbing that he knows my land line phone number and home address but I suppose they are not difficult to find on the internet.

  177. Webologist
    September 6, 2011 at 8:00 am

    I suspect that someone has sold our information on to various parties.

  178. Adam
    September 6, 2011 at 8:36 am

    Joe, it’s very easy to buy a DVD of “White Pages” address & phone information, then go through it calling everyone in a certain area or whatever.

    Unfortunately a lot of people don’t question when someone tells them Microsoft wants to help them personally fix their computer. Yeah right! Or even that they can somehow find out where you live just because you’re connected to the internet. Maybe one day, but not just yet. :)

  179. radlebb
    September 8, 2011 at 10:29 am

    I just got a call from Windows PC Care. I asked how he got my number. The Indian “support” bloke replied that my copy of windows was registered in my name and therefore had my phone number. He’s right, it is in my name but it’s not registered with my home number. Woops.

    He then asked me if I had a desktop or a laptop, which I thought was weird. I told him it was a laptop as I don’t see how that makes a difference.

    He asked me to run assoc from a cmd prompt and verify I had the zfsendtotarget value. While he was reading it out I googled it and found this article.

    He asked me if the number was correct to which I replied “I’ve just googled it and this is a scam so I don’t think I’ll talk to you any more.”

    “I’m sorry?” he said, and the line went dead.

  180. Ray Hnd
    September 8, 2011 at 12:38 pm

    I go a call today from John Morris supposedly from Megabytes Solution in Miami following roughly the same format. Told him to email me full details and I would take it further. He then said that by the time I got the email my computer would not work!

    Asked him what operating system was reporting the errors and he said Windows 7… Surprise, Surprise I don’t even have a computer using anything more recent than Windows XP.

    Told him to go soak his head!

  181. Ian
    September 9, 2011 at 12:15 am

    Just got a call with this same scam from “Hyper Solutions.”

    Screwed with him for a bit, he refused to answer how he got my phone number – since if I had registered it with Microsoft (I hadn’t) it would have told him what version of Windows I was running (which they have to know to pick out the CLSID number). Luckily they picked the wrong person since I was very certain CLSID wasn’t a thing.

  182. Amy
    September 10, 2011 at 5:52 pm

    Received a call today from an East Indian woman reporting that my computer was downloading and sending errors to their webserver. She stated she was with Window Service Center, and she was agent 001. She tried to pressure me into going to my computer so she could remote to my workstation and provide assistance. I explained I had seen no errors on my PC recently, nor had I seen any error messages with the prompt to send the errors to Windows. She explained these types of errors did not generate that prompt. I asked if I could call her back and she provided phone number 855-243-6804. Since I knew this was a scam, I called the number she provided after I hung up and it was the number to free 411.

  183. soon hoe tiang
    September 14, 2011 at 8:07 am

    Hi mate,

    Thank you for your posting. I have the same experience on ammyy.com.
    I am in IT line. I try to pretend that I was really worry on my computer probkem. I told them that my computer has a lot of problems.

    On the “Start Working with Ammyy Admin (it’s free)”, I asked how much i have to pay for your to solve my computer problem. They said “You don’t have to pay, it is free.”.
    This is an EXE file, it can do all sort of things on the EXE.
    Man, please be realistic. In the world, nothing would be FREE. This Indian scam is smart BUT still not good enough when try to fool people with IT knowledge.

  184. Webologist
    September 14, 2011 at 8:35 am

    One thing, I think that Ammyy is just be a tool that the scammers use to gain access to computers. They are not necessarily at fault themselves – that would be like saying the Internet Explorer or Windows Vista were at fault as the spammers gain access by using these “tools” too.

    We need to be careful about what we say as we would not want to harm the reputation of a good company. It is the people making the calls, what they call themselves and the tricks they use to deceive people that is important. Of course, often they use made up names like “WIndows PC Support” to sound genuine – there are real never companies by this name.

    There is more advice on this problem on the Microsoft forums: http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/ammyy-administrators/8c4cede9-bc9f-49d8-92ef-bdbd3b65aacf

  185. Brigitte
    September 14, 2011 at 9:27 am

    This happened to me yesterday. I am in South Africa so it is obviously happening here too.I received a call from a heavily accented woman saying she was from Global ET technician protection they help windows operating systems and they have detected viruses on my computer. I stupidly gave them access to my computer, where they showed me all the warnings of corrupt files, but i must not worry they will fix it, but only if i choose a security package of 1yr, 2yrs or 5 yrs. 1yr will only cost me R1075. Thats when i realized it was a scam. The woman was very persistent even saying she would hold while i phoned to ask my husband if loosing my computer is worth it cause according to her in less then 2 months its going to crash. I then put the phone down and turned off my computer. Phone number she gave me was 023007901.

  186. Adam
    September 14, 2011 at 9:51 am

    > I then put the phone down and turned off my computer.

    No need to turn off the computer. :) They can’t get in unless you followed their instructions. They are just getting phone numbers and details from some database, perhaps the phone book or perhaps someone’s computer sales records.

  187. Lee-Ann
    September 14, 2011 at 10:51 am

    I just spoke to a lady with a Indian Accent and said she’s calling from E.T Protection. They have received calls from people in the area about spy/malware and asked me to check. Asked if there were any error messages on a certain area and there was and she told me a technician will now assist but I have to give them access first. Then I just hung up.
    Be careful

  188. Tim J
    September 15, 2011 at 6:14 pm

    Just got the call, September 15, 2011. A friendly guy “named” Dennis Foster (847)531-9241. I participate with Microsoft playtests and software trials (trained monkey) so I thought at first it was legit. After I realized it wasn’t about an upcoming test, I started to think this was a scam and told “Dennis” this sounded like a scam and I did not trust him, repeatedly! He went through all of the tells that my computer was doomed and spamming the world wide web with viruses. When he directed me to the aammy.com site, it really hit the fan. I said get off my GD phone and stop trying to scam me. I called back and they actually picked up but when I asked for Dennis, the guy asked if I wanted to talk to Patrick? Thanks for the alarm. Stay vigilant!

  189. range spy
    September 17, 2011 at 10:24 am

    Glad to read your site. Had a call (from microsoft) and kept them going for 40mins. Told me they were from microsoft, and that I need to take our the extended warenty they were offering. But they needed a credit card, a cheque was no good. Same old CLSID con (by sounds of the above comments). Told me my computer was going to crash in the next 30 mins. Then when they didn’t have any success, they told me they had the CLSID no and would crash my computer. Have to give them points for persistance, and it sounded like there was a whole room of them (in India probably). Can’t wait till they call back again.

  190. kyle bevan thompson
    September 19, 2011 at 11:58 am

    hey i just want to thank you so much dude. i was on the line with this scam people and i googled it because im studyin computer science and i have never heard of this expiry of clsid and microsoft advertising it. It got more and more obvious to me because i know my stuff. but my sister who is not so technically savvy just fell right into the trap. luckily i answerd the phone. I hung right up when i found this page and started reading. They phoned my sister at work and i asked them how they got the number they have an excuse for almost everything. Quite clever. but we have to be smarter nowadays.

    Thank you so much.

  191. Sarah
    September 20, 2011 at 8:12 pm

    Wow! thanks so much for all the information on this website!! I just got off the phone with these same scammers who said they were from the company megabite solutions and that they were authorized technicians from Microsoft. They were feeding me all the same stuff you have posted above and trying to make me real scared about the amount of viruses I supposedly had. I ended the call when they directed me to ammyy.com and where trying to take over my computer – I don’t think so Mr. Michael Murphy!! – that’s what he said his name was lol..whatever!!

    They also gave me the number of 1 877 523-2355 to call back when I was ready to work with them. Everything about this screamed of a scam to me and I wanted to do some investigations first – so glad I did.

  192. Adam
    September 22, 2011 at 6:05 am

    This is interesting. Microsoft has just dumped a partner for being involved in these “PC support” scams.
    http://www.pcpro.co.uk/news/370054/microsoft-dumps-partner-over-support-call-scam

    The company is an India-based support firm called Comantra.

  193. Webologist
    September 22, 2011 at 9:00 am

    That is interesting, as I had assumed that all of these companies had not real connection with MS at all. Nice to know that MS is taking action to try to stamp out these scams.

  194. Donna Nickisson
    September 27, 2011 at 4:30 pm

    Help! I’ve just allowed someone access to my computer. Do they still have access or can I stop them? I didn’t buy anything. Was that what they were after? What should I do now to protect my PC?

  195. Webologist
    September 27, 2011 at 4:36 pm

    Close the connection if you have not done so already. If in doubt remove the ethernet cable or hit the wireless button if you are on a laptop. Then look for signs that the access to your PC has stopped. Close down any remote desktop programs that may be running still.

    If you have anti-virus run it. Look for any strange new programs in your Control Panel > Programs > Uninstall a Program (Vista).

    If you do not have AV then install Avast! free edition – http://www.avast.com/free-antivirus-download – then run it. Obviously will need to start Internet connection again or plug the ethernet cable back in.

  196. Adam
    September 27, 2011 at 5:18 pm

    “I’ve just allowed someone access to my computer.”

    What do you mean exactly? You let physically someone sit down and use it? Or did you follow instructions given to you over the phone by these scammers?

    You can follow Webologist’s advice above, but also if you can describe the program they told you to install, that would help. If you can just provide the web site URL they made you download the program from, that would help to identify what program you should un-install.

  197. blake johnson
    September 28, 2011 at 10:48 am

    This is not a scam cauz u do get services.

  198. Webologist
    September 28, 2011 at 10:56 am

    Sorry Blake, but it is a scam. If you are told that your computer is sending warnings when it is not, that your PC will crash within days when it will not, that you have malware when you do not, and the way to fix that is to purchase some software that you can get for free, then that is a scam.

    Just like it is a scam when a builder knocks on your door, tells you that there are loose tiles on your roof and then replaces your whole roof and charges your £10,000, when in fact there was nothing wrong at all. It is the same old scam or putting fear into people to make them part with their money. Cold calling, worrying the client, building trust (we are Microsoft reps etc).then going the hard sell. It’s a scam. If it was not then the police would not have shut down many operations already, domains would not be constantly changing and the calls would come from real PC support businesses not massive call centres in India with people reading from scripts. I have done cold calling myself (I did not enjoy it, I lasted 2 days as a student and went back to washing dishes after), so I know how the deal works.

  199. dean
    September 28, 2011 at 12:30 pm

    Just had a Indian guy on the phone for 25 mins saying he was from Micronix and they were afiliated with Microsoft asked to confirm my CLS ID and said my operating system needed updating and i could pay through pay pal, switched my internet off when he was asking for the information,this is a total scam and now they are using paypal to get payments its a bit strange beware his number was 00911800180012.

  200. dean
    September 28, 2011 at 12:53 pm

    Re last comment just contacted paypal fraud dept and yes they are aware of this scam people are giving them there paypal emails and they are emptying there accounts have given them the phone number they used as before beware.

  201. Webologist
    September 28, 2011 at 1:33 pm

    Just had the best call yet. As usual I was told that my computer was sending error reports due to malware. So I asked when it had sent reports, and the lady said during the last week. So I asked for specific dates, and she said all the time. I then told her that my computer has not been switched on in 2 weeks. She replied that “EVEN WHEN THE COMPUTER IS TURNED OFF IT CAN SEND THESE ERROR REPORTS“.

    I asked her to admit that she was talking complete nonsense but she hung up on me. Didn’t even bother to say goodbye. A sure sign of a scammer!

  202. phil
    September 30, 2011 at 2:30 pm

    So I bit… almost all the way. Stopped at purchasing anything, but stupidly did allow a remote “support session”.

    I immediately went out and purchased and ran McAfee Internet Security as well as Microsofts free virus, spyware, malware. Nothing showed up, but still not comfortable that something wasn’t left behind from the remote session.

    Feeling sheepish for the poor decision, but more concerned that something was left on my PC that McAfee maybe didn’t pickup.

    Suggestions?

    Oh and add geeksforsupport.com to the list 1800 627 0593.

  203. Webologist
    September 30, 2011 at 2:42 pm

    Install a firewall so that if a program attempts to access the Internet it will have to ask first. I use PC Tools’ free firewall. Hopefully that will suffice. I am not a security expert by any stretch of the imagination though!

    It is always worth booting up in safemode (pressing F8 when booting and chosing Safe Mode without Networking) and check the control panel / programs for Ammyy or anything else new and remove it.

    Ideally run some scans from the likes of Malware Bytes too. Run CCleaner (another free temp file remover) to get rid of anything that may be sitting in a temp file.

    As a safe option you could first delete any saved passwords from browsers and then run CCleaner again to ensure any possible temp files are removed. Hopefully that will be enough. If there is no data worth stealing then you are OK, just monitor and run regular checks.

  204. Dee
    October 1, 2011 at 6:54 am

    Their calls are coming to Hawaii now. I wasn’t able to drag it out quite so far, but I started with “Donna” and went though one other male representative before getting to the third guy that started screaming expletives at me. I hope they ran up a good phone bill on their international call. They never could explain how they matched my computer to my home phone number since it wasn’t on any receipt or software registration. However, they did tell me that my software warranty had expired although they could not name the software or the date of expiration.

    Nothing but ‘unknown’ on the caller ID. I let the phone company know, but that may be useless.

  205. Webologist
    October 1, 2011 at 10:01 am

    I actually had another call yesterday. I have stopped noting the names down now. This one I again asked when they had received the errors and then told them that I have not had Internet access for the last 6 months. He asked me if I was sure …. yep! Then said something like “oh” and hung up.

    As for the cost of calls, I assume that they are just very very cheap lines. You can call the other side of the world for 1p a minute now, these call centres probably have even cheaper tariffs. Practically free to call anywhere.

  206. Ross
    October 2, 2011 at 3:07 am

    Thanks for this helpful information. Over the past few weeks, I’ve received many many calls from people claiming to have received error messages, etc. etc, from my Windows XP, Vista or Windows 7 OS. Should have been my first clue that they didn’t know which one… Obviously, I’m not alone. This caller identified his company as Megabite Solutions. After the aforementioned scare tactics, they directed me to a message on my computer saying that my security warranty had expired. I was not aware of any such thing, and thought my McAfee Internet Security was protection enough. They are quite persuasive, but at least I didn’t buy their $220 ‘security warranty’. I’m glad I decided to put them off until I did some digging. Thanks again, Webologist. I owe you a pint.

  207. neill
    October 8, 2011 at 3:37 pm

    Fortunately I have 20+ years at the code face.
    They claim that they have linked my computer to my phone number with class ID
    So how do they get my name? Just from a phone list which has my partner’s previous family name.
    Ask them for the IP of your computer (find your own at http://www.showmyip.com)
    Ask them for a phone number to call back on (it will be a number that looks like a geographic number but is in fact linked back to an overseas exchange or Skype – it might even be the company they are pretending to be) Check on http://www.ukphoneinfo.com
    At least I have wasted some of their time.

  208. Patrick
    October 12, 2011 at 2:29 am

    I got a call tonight from a guy with a heavy East Indian accent. He was using the same clsid scam many of you have experienced.

    My question is… How many of you recently had your hotmail compromised (my hotmail sent out spam to all my contacts) JUST PRIOR to receiving these scam phone calls?

    I’m asking because for the first time ever, someone called me by name when I answered the phone. I’m listed by initials only, so most “databases” do not have my first name. My hotmail account is the possibly the only site where I’ve listed my full name.

    I’m wondering if there’s a connection between the people who made the virus / malware, and the people trying to convince you to give up your credit card info (ie. perhaps this is a very organized fraud ring).

  209. Emily
    October 12, 2011 at 5:59 am

    hi, I just got a call form the same people, they referred me to a site – support.me it takes you to a page where you put in a code they give you to link to their technician. I listened to her up this point but got worried about it probably being a scam and googled before going ahead. Thanks for your page, it warned me it really was a scam so I just said ‘sorry I have to go’ and hung up.

  210. Webologist
    October 12, 2011 at 10:43 am

    Patrick, I would guess that this is a coincidence. I am sure that your name must be on some databases. Any business you have dealt with may have sold a contact database of their clients. I have a hunch mine was shared by a less than honest telecommunications company.

  211. Kellie
    October 19, 2011 at 11:57 am

    haha, had one phone me today, pretty much line for line from your site, I found it hard not to laugh down the phone, He got rather snotty with me when I said that I knew it was a scam and called me “stupid” so i pretend all hurt and got rather aggressive about being called stupid, saying it was malpractice to call possible consumers stupid.

    He then ended up saying “well it was nice having a chat with you but your wasting my time” and hung up on me! and I thought we were making progress!

  212. Andy
    October 19, 2011 at 1:38 pm

    “well it was nice having a chat with you but your wasting my time”

    Not that he wastes anyone else’s time !

    I haven’t had any offers of help to solve PC problems for a while. Maybe my PC isn’t reporting any errors to them, or maybe they’ve finally got the message that if they call my number, they spend 20 minutes trying to convince me before I inform them politely that I know my PC is fine.

  213. Adam
    October 19, 2011 at 4:11 pm

    Nice one Andy. I definitely think wasting as much of their time as possible is the best approach. The more money they lose the less they’ll think it’s a viable business.

    I once asked a guy to hang on while I “booted up my computer”. Left the phone on the table for 10 minutes. Picked it up, he’s still there. “Sorry, it’s just doing a Windows Update, won’t be long.” Came back after a cuppa and he’s still there. Then I told him I needed to go to the toilet. He hung up after that.

  214. Webologist
    October 19, 2011 at 4:29 pm

    Ooh, I like that Adam, I will use that one. They are always surprised to learn that my computer is already switched on, I guess most people do not sit in front of their PC all day like I do!

  215. Kel
    October 19, 2011 at 7:38 pm

    I just had a call today and I questioned them repeatedly about wht they were calling for and what kind of messages they were getting, but unfortunately I had tried to change my antivirus and have been having a lot of problems. I thought maybe that was what it was about. I let the have the remote access. Sigh… Sometimes I would like to just kick myself. Anyway I hope that They stay away, but who knows.

  216. Jimmy
    October 19, 2011 at 8:13 pm

    I must be on all their lists as I am getting at least one call per week. I have given a range of responses. I have simply played along but rather dumbly. I have said that I cannot carry out their instructions as the computer is in a different building from the phone, and no, I do not have a mobile phone. I have said it is a dog resue kennel, what sort of dog did they want (that made him go spare!). I have said sorry, I cannot put the computer on as we are in the middle of a power cut. I have said I welcome their call as I am testing some new anti-hacking softeware for Microsoft which will backfire and destroy the harddrive of any computer that hacks into it. Having assured me that she was not trying to hack into my computer, she did not stay on the phone long enough to try it out. Yesterday, I said how nice to hear from you again, you rang me yesterday. That was the shortest phone call ever. Now, what can I tell them next time?

  217. Adam
    October 20, 2011 at 3:56 am

    Kel, bring up your System Restore window:
    Start -> Programs -> Accessories -> System Tools -> System Restore

    Find the date they got you to install the remote access program. On that date it should show you the name of the program. Restore your system to the time before it was installed.

    That’s a quick way of reversing what they did, though it’s not foolproof. After doing that you should run a complete virus scan.

    If you’re having trouble with your virus software, uninstall it, and install the free version of Avast (www.avast.com) that’s what I use and it’s been great.

  218. Adam
    October 20, 2011 at 11:21 am

    “Now, what can I tell them next time?”
    Heh, nice one Jimmy.

    Maybe next time, pretend to install the remote-access software, and then tell them you are getting error reports from their computer saying they are infected with viruses.

  219. Sarah
    October 21, 2011 at 2:33 am

    Supposed company name: ET Protectors. Supposed phone number: 44 12 80 26 37 58. Called my workplace, claimed that my computer was registered with his company and he wanted to walk me through the disinfecting process. Was brazen enough to ask for my personal phone number before I hung up.

  220. RobH
    October 21, 2011 at 10:07 pm

    I just got a call from folks running this scam and went along until they wanted me to enter a website address in the cmd line. He was supposedly living in Los Angeles. I finally asked him what his zip code was and he balked and hung up. But don’t be surprised if they have already updated their scripts with a valid LA zip code!

    Very persistent. Even when I called him a thief and a liar on his test of the CLSID, he just kept on going with his script.

  221. Bob
    October 22, 2011 at 2:36 pm

    I had a call today from “Windows Service Centre” claiming to help me with malware attacks. He told me my name. Very official. I visit India frequently so I talked to the culprits in a vague manner for about 5 mins whilst they asked me to run up association files via the command prompt and quoted “my” target number. I told them I was very impressed. They were not so impressed with me though when I was offered a choice of putting my PC right or giving them access. I chose the former and they hung up.
    We have a TPS barring sales calls, so we do not get so many silly calls these days. When my wife picks these up she offers to sell them some rhubarb from our garden.

  222. Ed
    October 25, 2011 at 10:50 am

    Had a call from someone with a strong Indian accent calling himself Justin, strange they all have English names, said he was from 24 hours support and that I had downloaded something that could harm my computer. I asked what company did he represent, to see if he mentioned by internet service provider, he said 24 hours computer support, I told him he was talking a load of crap and hung up. To be sure I did full anti virus and malware scanz which detected some adware trackers.

  223. Callie
    October 28, 2011 at 11:31 pm

    Shane Robinson – u guessed it Indian voice – gave me a telephone number and web address for a company called 360 E Tech – which looks legit but his pitch was the same as many others i have received so i informed him that I would be passing the information to the police since i believed it to be a scam – guess what he put the phone down!!!!

  224. Andy2
    October 29, 2011 at 8:43 pm

    I just spoke to these people. I asked for exact details of the error codes they had received. They obviously couldn’t give them to me. They tried, quite forcefully, to make me switch on my PC. When I asked for more details of the error codes they switched phone operator. The next person said they did not have error codes to give, go and turn on my PC, blah blah blah. I laughed at this. The phone call then took a bit of a strange turn, with him telling me off for laughing at him. “It’s not funny, we are trying to help you” I obviously apologised and said I wouldn’t laugh again – whilst trying not to burst out laughing at him. He said that if I didn’t want the service I could hang up at any time. I couldn’t help but laugh at him almost uncontrollably, he then hung up. Just over 15 minutes on the phone. Not a personal best but another 15 minutes where these scum bags can’t con someone.

  225. Andy
    October 29, 2011 at 9:13 pm

    Andy – You’ve just given me an idea. Instead of getting annoyed by these pests, we could turn the tables and make this a bit of a competition. Let’s see who can keep them on the line for the longest. I reckon I`ve managed well over 20 minutes in the past. Although we can’t prove our “score”, at least we could keep our own personal record, and try to beat it each time these chancers phone us up. They often sound so desperate, I reckon if you act dumb (“sorry can you repeat that, i`m a bit deaf”, or “sorry about this, my typing is very slow” etc) you could keep them on the line for ages before letting them know that you know what they’re up to.

  226. Andy2 - 15 min 8 sec
    October 29, 2011 at 9:29 pm

    That sounds like a plan. Baring in mind that I kept them going for 15 minutes without going near my PC, I think I am in with a shot of getting the title. Can’t wait for them to phone back! I have updated my name accordingly. I’m looking forward to seeing people update there names with increasingly large numbers. VIVE LA REVOLUTION!!!!!

  227. Webologist
    October 29, 2011 at 9:39 pm

    This is a great idea. Seeing that the only 2 people that are currently timing their efforts are called Andy, may I suggest that an initial is used to avoid confusion? I will try to remember to note the time on the next call I get.

  228. Andy2 - 15 min 8 sec
    October 29, 2011 at 9:42 pm

    Very good point.

  229. Webologist
    October 29, 2011 at 9:59 pm

    OK, updated Andy2’s previous comments.

  230. Andy
    October 29, 2011 at 10:12 pm

    OK, let’s see how we go. Andy2, you could have chosen Andy1, as I have no number after my “Andy”. Andy1 sounds better, a bit more important than Andy2. I’d claim the “1” before another Andy sneaks in and grabs it. In fact, I feel a little left out, without a number after my name. No, go on, you can have the 1, I’ll just be plain old Andy.

    15 minutes without going near the computer ? You set a high target already sir. I am going to have to devise a cunning plan. Time to bust out the old Blackadder DVDs for inspiration !

  231. Webologist
    October 29, 2011 at 10:13 pm

    Lol, I am not going to go and change the name again. If I do before I know it EVERYONE will want a number after their name and I will be up all night!

  232. Andy
    October 29, 2011 at 10:18 pm

    “Up all night”.

    Now there’s a target to aim at. If they phone me up in the early evening, I wonder if that is possible ?

    I’m actually looking forward to the next “helpful” call I get from Windows Care Centre, or whatever they decide to call themselves.

  233. Andy2 - 15 min 8 sec
    October 29, 2011 at 10:35 pm

    Self deprecating as ever, I chose 2 because you (Andy) were here first. Think of me as a movie sequel. (Godfather 2/Terminator 2, not Caddyshack 2/weekend at Bernies 2).

  234. Chris
    October 30, 2011 at 3:20 pm

    I had a phone call yesterday from some woman with a strong Indian accent claiming to be called “Eileen”, similar stories to above. I have had these calls before but they stopped for a while, I interjected in a very loud voice claiming that “if she called me ever again I would report her to the police”.

  235. David
    October 31, 2011 at 5:13 am

    I got another call this morning in Hawaii. “Jeff” started off with: ” Good evening sir”, I guess they don”t understand the concept of time zones in Indian call centers. I informed him that I knew it was a scam and that I would notify the police if they called again. Another voice popped on the line, told me to “F*uck Off” and dropped the call. Of course I realize that the police can’t do squat on a call coming from criminals overseas, but I liked the response it caused. I’lI have to work on my telephone gab a bit to reach the mark set by the two Andys.

  236. Raymie Collins
    November 1, 2011 at 11:23 am

    Hi

    Just took yet another of these wonderfully helpful calls. This is more or less the gist of what was said:

    Me: Hello
    Him Hi, this is Mark from Megabyte Solutions. (Indian Accent)
    Me: Hello Mark
    Him: I have details of malware and viruses which are on your computer, can you please turn it on.
    Me: You have a list, where did you get it from?
    Him: Your Service Provider
    Me: Oh, thanks very much for calling. Has someone stolen my Internet?
    Him: You have viruses and malware, I can help remove them.
    Me: Where can I buy a new Internet?
    Him: What?
    Me: You said that someone has stolen my internet, where can I buy a new one?
    Him: No, no, no. . .. .
    Me: Where is your office?
    Him: Manchester
    Me: Can I have your phone number so I can call you back later?
    Him 7 ……
    Me: Thats not a manchester number
    Him: Yes it is.
    Me: Sounds like an international number over Skype or similar?
    Him YOU DON’T KNOW WHAT YOU’RE TALKING ABOUT

    At this point I made my concerns known to him and he hung up. Not quite 15 minutes, but with a bit of practice (get enough calls to do so) I could be a contender.

  237. Andy
    November 2, 2011 at 7:07 pm

    Raymie,

    Maybe not quite 15 minutes, but the quality was there. “You said that someone has stolen my internet, where can i buy a new one?”. I think that’s worth a 10 minute bonus.

  238. Webologist
    November 2, 2011 at 7:24 pm

    Had a call today but was too busy for games so just ran with the line “computer? but I do not have a computer”. He persisted with “do you have a laptop?” and I said no. He hung up. Very brief. If anyone can beat the reply I once got that even though my PC had been switched off for a month it could still send messages, then that would be good to hear.

    Maybe we could make a league table of the most stupid things that “Windows Microsoft PC Support Tech” have said to try to convince us that they can help.

  239. Andy
    November 3, 2011 at 2:38 pm

    Just had a call to my mobile……

    “Its about your computer, blah, blah, blah”.

    Me: (thinking I’m going to go for at least 15 minutes) Yes, OK I’ll switch it on.

    “OK, now it’s on, can you see your icons ?”.

    Me: Yes

    “I’ll hand you over to one of our MS certified technicians”.

    Me: OK.

    “Hello sir, can you hold down the windows key + R”.

    Me: (giving her a chance to realise my little game) Are you going to get me to run the Event Viewer ?

    “no sir, please type inf viruses”

    Me: Done that..

    “What you can see is a list of viruses that are infecting your computer.”

    Me: But I`ve got a good AntiVirus program.

    “But sir, you AV program will have been disabled by the virus”.

    Me: Oh dear.

    “yes sir, we can help you clear those virsues”.

    Me: It just looks like a list of files and folders to me.

    (And this took me by suprise) “You are not a technician are you sir ?”.

    Me: Well, I sometimes build PCs and I’m currently studying Java programming. I’m doing a degree in IT.

    At that point she rudely put the phone down on me. I think I barely got to the 5 minute mark.

  240. Webologist
    November 3, 2011 at 3:25 pm

    Lol, I like that. I wonder if there is a suitable youtube video of someone in a dizzy panic that we could just play at them over the phone ….. cannot find anything suitable. Maybe this will work, just because he keeps talking and laughing …

  241. Andy2 - 15 min 8 sec
    November 3, 2011 at 10:29 pm

    Keep up the good work. I feel more than a bit disappointed that they haven’t called me again. “You said that someone has stolen my internet, where can I buy a new one?” Pure genius. By the way, just in case, where can I get a new internet if mine gets stolen too? ;-)

  242. Webologist
    November 3, 2011 at 11:33 pm

    That is simple Andy2, if you send me a billion Greek drachma I’ll email you a new Internet.

  243. Andy
    November 4, 2011 at 9:48 am

    The way things are going a billion Greek drachma will soon be legal currency, and will just about buy you a network cable to connect to your router.

  244. Andy2 - 15 min 8 sec
    November 4, 2011 at 7:04 pm

    I’ve got £2.76 in my pocket, i’ll go to currency exchange now.

  245. David
    November 5, 2011 at 7:49 am

    Got a call from “Mike” warning me about viruses being sent out by my computer. I spent about five minutes with him talking slowly and faintly so he was forced to ask me to repeat myself several times — I hope I sounded like an old geezer.
    Mike: Sir do you have a computer?
    Me: Computer?
    Mike: Yes sir, do you have a computer?
    Me: It’s upstairs.
    Mike: Can you turn on your computer?
    Me: It’s upstairs.
    Mike: Can you go upstairs and turn on the computer?
    Me. It’s upstairs.
    Mike: Sir, do you have a laptop?
    Me: Computer?
    Mike: Yes, is your computer a laptop or a desktop?
    Me: It’s upstairs.
    Mike: Sir, can you turn on your computer?
    Me: It’s upstairs.
    Mike: Sir can you turn on the computer while I have you go to a site?
    Me: I can not talk on the phone while I use the computer.
    Mike: Sir, do you have another telephone where I can call you near the computer?
    Me: The computer? It’s upstairs.
    Mike: Sir, when you use your browser on the internet you are sending out viruses.
    Me: What’s a browser?
    Mike: Sir do you have another telephone line where I can call you near the computer?
    Me: No, I can’t afford one, I have no money.
    ….CLICK …

    I only wonder why they continue to call the same numbers over and over again, don’t they realize that they are losing time and money on us?

  246. Jeff
    November 5, 2011 at 12:32 pm

    Hi,
    I have had so many of these calls. Thing is they ask for my step sons father every time who sadly died 4 years ago. Each time they call and one of my lads answer they get upset at having to tell them that thier father is dead!!!! I have told them so many times but they just keep calling.

    The last time they called a very pleasant lady from MSN protection, said that they had had an error report sent to them from my computer and asked if my computer was very slow. I replied that it probably was caused by the amount of porn I watch!!!! Line went dead???

  247. Ruth
    November 10, 2011 at 3:34 pm

    Thankyou!

    These cnuts rang me and before I did anything I quickly googled this CSLID – am pleased they said that as it gave me a quick hit on google. I’ve only recently plugged my landline phone back in (since everyone I want to call me rings on my mobile) and I’ve had nothing but sales & scamming calls. Time to unplug again!

    Anyway, thankyou so much for this info – I did ask the lady on the phone whether she had children, and whether the ends of scamming people halfway across the globe is a justifiable way of putting food on her family table…

  248. Webologist
    November 11, 2011 at 1:04 pm

    This scam made it to Radio 4 – http://news.bbc.co.uk/today/hi/today/newsid_9637000/9637033.stm

    Rory Cellan-Jones recorded the telephone call and was even accused of wasting their time.

  249. kevyn
    November 11, 2011 at 2:44 pm

    same here, i took a similar call from these twats telling me that my pc was running these harmful files. pressed the windows key holding down r key. i went through all what he was asking me to do. (although i was questioning things during the operation). it got to the stage where he asked for me to pay for 3yrs or 5 yrs protection at that point i pulled the internet cable from my pc an told him that i was unable to give him what he was asking and hung up. he called back to which my partner answered as i was furious with him. my partner also told him that we weren’t prepared to pay which he got very irrate saying i should have told him at the beginning of the call. i have left the internet cable out of my pc because i’m affraid that he will have access to my pc with some confidential details. i have done a system restore from before he did what he did and also ran a disc cleaner on my pc. i need to know if i need to do a complete restore by uninstalling windows or have i done enough?

  250. Webologist
    November 11, 2011 at 3:18 pm

    I guess that they did have full access to your PC? Did you see / watch what happened? Did anything get installed or was this just a case of buying for something that you never received? If you go to control panel / uninstall programs then you may see new programs that have been added.

    To be safe I would suggest running Malwarebytes in safe mode (press F8 when booting up) – http://www.malwarebytes.org/products/malwarebytes_free

  251. Webologist
    November 11, 2011 at 3:19 pm

    If you can do a full windows reinstall that will definitely solve the problem, but then you need to backup all saved data etc. first, including emails and browser saves, before you commence. I recently reinstalled Windows, amazing how much stuff is on a PC that you need to keep backed up.

  252. Andy2 - 15 min 8 sec
    November 17, 2011 at 7:29 pm

    Just had another one. I feel like I let myself down a bit – only 7 minutes 8 seconds. Made the mistake of telling him that I don’t have an internet connection. He instantly hung up. Gutted. I’ll try harder next time!

  253. john
    November 18, 2011 at 2:28 pm

    I have had several calls from ‘windows technical support’ or somesuch over the last year or so. They usually put the phone down when you start asking for details of the ‘problem’. But today I encountered a rather more persistent gentleman who called back twice after I put the phone down on him. The third time I played along with him for a while, and let him take me as far as looking up the zfsendtotarget clsid. When we got this far I said that I still had no evidence that the call was genuine, and after a while (about 10 minutes, I think), I said I had had enough and put the phone down. He claimed that the CLSID was a number assigned when I bought the computer, known only me and Microsoft. So after I had got rid of him, I googled CLSID which described it as a reference to a COM object; I then google zfsendtotarget, and found this site. Glad to have my suspicions confirmed – he was so persistent, I was almost starting to believe him!

  254. Johnny Canuck
    November 22, 2011 at 11:39 pm

    Just got on of these call to my home in Canada. Since I work in the IT industry, I suspected it was a scam from the start. Usually I just hang up, but I followed along with his CLSID trick (which seemed impressive). Of course, then he wanted my to login to a website http://www.ammyy.com directly in the URL address bar. But, I put it into the google search instead, and got a whole page warning of the scam.

    I kept telling him I that the browser was saying “Page Not Found”, and he kept spelling it out again so that I could type it in correctly.

    I will have to warn my wife and kids about this one — to a non IT person, the CLSID trick could be very convincing!

  255. Webologist
    November 22, 2011 at 11:49 pm

    It is, I was unsure at first. After the first call I had I asked some IT friends in a forum about it and they had no answers. It was only with some digging that I got to the bottom of it. It is becoming more well known now, it was discussed on BBC Radio a couple of times and has appeared in some newspapers, but still many people are clueless. It is the worse sort of intrusion, not really any different from people pretending to be from the gas board and stealing the family jewels from under your nose.

  256. Webologist
    December 1, 2011 at 1:11 pm

    36 minutes!
    I just had a call from West Bengal, lasted 36 minutes. Two technicians, I spent most of the time asking them to explain why these “errors” were really a problem. Second technician got a little annoyed at me when I laughed at him. He showed me their website, which is onlinepccare.com, and I asked how long they had been in business. “6 years” he told me, and confirmed that they have ALWAYS been on that domain. I pointed out that it was only registered 2 years ago, he seemed not to understand.

    He was a bit rude too, accused me of wasting his time and knowing nothing about computers (true really!). I did tell him that it was my everything intention to waste as much of his time as possible and that I often report companies such as his on the Internet, and he seemed not to know. He did not believe I was a web designer either (maybe he has seen my work….) and asked me to “tell him something about computers” to prove that I was not just making it up. Funny.

    Oh, he tried me to allow access via logmein123.com (Windows-R, then enter a URL direct in the Run box). I popped it into my browser instead.

    In fact, he directed me to logmein123.com which when entered into a browser redirects to https:/-/secure.logmeinrescue.com/Customer/Code.aspx – these appear to be legitimate remote PC servers, much like the Ammyy one, they just use them to gain control of a PC, delete vital files, steal credit card details, laugh at your personal photos and install trojans and viruses on your PC, all with a smile. :)

    Some probably do not do that, they just sell you some software for £199 that you can download for free. Think I am joking? Online PC Care offer the following as part of their SuperSaver Plan (£192 for 12 months):

    Ad Aware – free!
    Spigot – described as “Potentially Unwanted Software” by http://www.spy-emergency.com/research/malware-database/searchsettingsexe-searchsettings-spigot.html

    They “support” many programs, like Norton and Symantic, but do not provide anything. All they, at best, is access your P and run the programs you already have. Basically, they charge you £192 to access your computer and press the “scan now” button. Plus, possibly, install something.

    Oh, I also asked the technician how my computer sends error reports to his West Bangal office, and he could not answer that without be arrogant and spouting BS.

  257. Webologist
    December 1, 2011 at 1:26 pm

    I think this guy wins! 3 minutes in he reads the Google results for their company – “Google says you are a scam!”.

    “It says fake Indian Computer Repairs claiming to be from Microsoft, is that, is that you?”

    Great delaying tactics used too “there’s a dead rat in the cupboard”

    http://youtu.be/Aj1bjjAdx7A

    From this website: http://www.securityitrust.com/tag/online-pc-care/

  258. bob
    December 7, 2011 at 1:50 pm

    3 calls this week from the same guy. Claims to be from a company “Global ID Technicians” wanted me to log on and he would miraculously fix all my long buried viruses and other malware that only he knew about. Told him I was not logging on and said I would investigate his claims and company details and ring him back if he was genuine. He gave a name of Paul Henderson – very Anglo-Saxon for such a foreign geezer – company as above working apparantly for free to fix all microsoft’s application problems within my computor from an address in St John’s Street, London, EC1V 4BW and a telephone number 0203 514 0065. I have to say that he was VERY plausible and I only got rid of him after stating I was a confirmed sceptic and did not trust him without fully investigating all his details at which point he gave up and moved on to the next victim.

  259. P V
    December 15, 2011 at 11:21 pm

    I had an Indian lady phone me today [I should say at this point that I have had many calls before of a similar nature].

    I immediately recognised all the signs of it being a scam call.
    Depending on how busy I am when I get these calls I tend to vary my tactics dealing with them.
    Today I went with the “waste THEIR time routine”. They are paying for the call so I try to keep them on the phone as long as possible…

    … after about 15 minutes of playing the dumb PC user I could contain myself no longer. I basically extracted the **** by explaining to HER what the scam that she was using was trying to do. On THIS occasion the caller hung up without speaking! They are not usually very polite when they realise they have been rumbled, so if you are easily offended – be prepared!

    Less than 5 minutes later an Indian gentleman called, this time to inform me I had been involved in an injury accident (news to me) and his company would take action to get me compensation!
    Coincidence or not?

    Both callers had withheld phone numbers. My phone is registered with the T.P.S. and my name is not listed in the directory.

  260. gingercat
    December 16, 2011 at 2:32 pm

    Just had a call from “internet security department” (international number, Delhi I guess!) warning me my computer was “sending them errors”…
    Me: “You’re going to try and send me some security software aren’t you?”
    Scammer: “No, I just want to make you aware you might have a virus”
    Me: “Bullsh’t, you have no way of matching my phone number to my ip address, goodbye!”

  261. Andy
    December 16, 2011 at 8:11 pm

    Before I get put behind bars, I would like to make a public apology.

    If any of you have been experiencing poor broadband performance, then it seems that I am the cause. I got a call from an Asian lady earlier, who informed me that my PC had been sending error reports to “Global …..” (couldn’t catch the rest of the name). Anyway, after telling me the serial number of my copy of Windows, she kindly passed me on to a technician who got me to confirm the serial number. He then told me that my computer had been storing errors and this had created a “massive virus”. Not only that, but because my PC was in such a bad state, it had “blocked up the server”. I was tempted to call Dyno-Rod at that point, but the clever chap told me he could identify the errors. He got me to download a program that would connect me to their server. When I ran the app, he asked me for the ID number. For some strange reason, I felt compelled to make up the number (several times) before telling him that I did not wish him to have access to my PC. Apparently, because I wouldn’t let him “fix” my PC, I am committing a crime, and he is reporting me, which will lead to my PC being “blocked”.

    So not to worry folks, very soon your internet connections will be much faster, and the world will be a better place with me locked up. I bet my email contacts will be a lot happier too, as he said that my computer is spreading viruses through the email system. In fact, reading this post will probably cause your PC to crash and spontaneously combust. Sorry about that.

  262. Webologist
    December 16, 2011 at 9:54 pm

    Hey Andy, earlier today my computer was running slow, and I assumed it was the mega zombie botnet I was running from my PC without my knowledge, but it was you! Clean up your computer, you are slowing the whole world down. Revolutions are being delayed because people cannot tweet, and it is all your fault!

  263. Andy
    December 16, 2011 at 10:20 pm

    Webologist – You certainly know how to kick a man when he’s down. I’m about to be “blocked” (and almost certainly jailed), and you remind me of my terrible crime. If only I’d taken up the previous offers of help from “Windows System Care”, then I wouldn’t have done so much damage to the InterWeb.

    I suppose the only thing to do is to format my hard dri………

  264. Andy2 - 15 min 8 sec
    December 17, 2011 at 12:21 am

    “Raymie Collins on November 1, 2011 at 11:23 am
    – Where can I buy a new Internet?”

    Andy, perhaps if you bought us all a new internet it might keep you on the right side of the law.

  265. Maggie
    December 18, 2011 at 12:45 pm

    Hi I had a call yesterday from one of these companies calling themselves Global IT Technicians. A man with an Asian accent said his name was James White and gave the same helpline number as in previous messages. I played dumb and was told I my computer was sending red error flags, I asked how they knew and he said they worked with Microsoft. I then asked him what computer was having problems and he asked how many I had, I knew if he was real he would have known so I asked again which one and he said all of them. He said it was coming from my router. He was persistant and kept trying to get me to log onto my computer. I said I would check it out and call him back. He then phoned again the next day, but I hung up. As before with the companies he was very clever and if you had not heard of these scams he would have been convincing.

  266. Jimmy
    December 20, 2011 at 11:03 am

    Got one of these calls tonight. When I asked how they got my number they said they knew everything about me and recited my street address and mobile number. Very scary.

  267. Webologist
    December 20, 2011 at 11:08 am

    Don’t worry, that is all you have. If you ever bought anything through a 3rd party, such as insurance, a mobile phone, Internet services etc. you name and address is probably on a database that is now sold on to other people. People basically pay for lists of names, addresses and numbers.

  268. Trixie
    December 27, 2011 at 11:07 pm

    I just got the second call in a week from this same scammers. Today the nice foreign man said he was calling from Opt In PC Care. Phone number he gave me to call back was 702-583-5515. He said he was calling, ‘on behalf of Microsoft.’ I know this to be untrue. He said my system was generating malware and they wanted to help me. I asked him if he was in fact hired by Microsoft (he answered Microsoft hires lots of research firms and calls people all the time). I told him I was going to call Microsoft and ask them. He was fine with that. The one last week hung up when I told him I would call the police.

  269. Jimmy
    December 28, 2011 at 12:48 am

    Still the calls keep coming. There must be numerous groups of these scammers trying to part us from our hard earned cash. Presumably, they get their information about us by purchasing lists from online retailers. Once you have purchased something on your computer, you are at risk of your details being sold on to anyone willing to pay for them. The sad thing is that they only have to get lucky now and again to make a good living. At least, my last caller was original. I was asked if I remember making an online subscription payment of £168 to Microsoft last March. No, I said, as no such payment was made. Well, she said, Microsoft has decided to refund my payment. No reason was given, but I was required to switch my computer on. After this, the procedure was as per usual. However, my computer is very slow, and it took a long time to get it ready for their instructions. Just then, the trip switch went off and so did the computer. I assured her that it would not take too long to get the electricity back on. Sadly, she did not wait long enough. So, I wasted half an hour of her time and blew my chances of getting back my non-existant £168. Happy New Year.

  270. Lee
    January 2, 2012 at 12:32 pm

    Another waste of time for me for 40 minutes going through my event viewer until eventually my warranty had expired and they wanted money.

  271. Sangeeta
    January 14, 2012 at 12:06 pm

    Just got rung by a company, eventually after 40 minutes, they were trying to “sell” and extended warranty. Told me that they were a windows support service which was free…no I didn’t need to buy anything..They were support4windows.us. I spoke to 3 people (sounded Indian- I can say this, since I am of Indian origin!) who kept telling me about my infected pnf files..
    Wish I had read this before I wasted 40 minutes!

  272. Andy
    January 14, 2012 at 9:10 pm

    Sangeeta,

    Well done for wasting 40 minutes of their time !

    I’m kind of getting bored now, as I haven’t had a call for a few weeks.

    I have a new tactic for the next time they bother me, I shall report back with the results.

  273. Mikey
    January 20, 2012 at 11:42 pm

    Date 20 January 2012 – Time approx 18:00Hrs GMT
    Landline rings my wife answers and an asian accented male – speaking a mixture of mumble and fast pace english greets her by saying hello is that Mrs xxxxx my wife er yes (as she had noticed the caller ID come up with just the following numbers 01200) *this is from a network that is unable to transmit numbers* asian man says there is some errors with our internet – as when we connect it is hitting on there servers and causing errors. He then went on to say he was working on behalf of the following companies {this after avoiding simple questions along the lines of who is it you work for – where did you get my telephone number from (answer was from our ISP themselves)} BT, Telewest, Virgin, Sky etc. My wife asked him if he had gotten our telephone number from our ISP then who are we with – he could not or rather did not have any answer to this – my wife when he gave the list of companies he was working on behalf of was skill full enough to say we are not with any of them thanks – even then saying you should not actually be calling us as not only are we ex directory but are TPS registered as well so you should not actually be calling us should you – aisian male so Mrs xxxx you are TPS registered? Oh er ok – My wife then HUNG UP.
    This is the first call we have had about these scams and i know from googling the number the STD 01200 is the Clitheroe area of Lancashire NW England UK – also a tip i will give anyone who uses the internet say surveys or competitions – if need to leave a telephone number make one up or use an old one you used to be it landline or mobile. – And every quarter at least update or refresh your details on sites such as TPS and MPS (mail pref services) and report these calls via TPS or blogs or even facebook – spread the word – Phishing is rife and chancers are everywhere – if it is genuine then ask for name and tel no and address of company and anything you can use to research then – genuine companies wont obnject to you being security concious – if they are bogus they will avoid questions – so keep asking keep them talking even put them on ‘hold’ they waste youre time so why not waste theres – 5 or 10 mins after periodically saying wont be long just hold on – hang up – treat them like the plague avoid at all costs!

  274. Andy2 - 15 min 8 sec
    January 21, 2012 at 12:55 am

    Well done Mikey’s wife. There are a lot of people out there who do not have the knowledge to realise that they are being scammed. If these companies can fool even 0.1% of the people they call they can make a good living from it. Keep these idiots talking as long as possible, waste their time and save the 0.1% of people who don’t know they are being scammed.

  275. Andy
    January 23, 2012 at 1:24 pm

    They’ve recently made their monthly call (nice to know they are still trying to help me with my bug ridden PC).

    Apparently, my PC is still sending reports of trojans and viruses. I told them that they’d warned me several time about this problem, but my computer was still running fine. I then went on to say that when they last called me, I refused help and that they were going to report me to the authorities and get me disconected. I suggested that they hurry up and do this, before I bring down the whole internet. The phone then went silent.

    Only a couple of minutes, but I quite enjoyed them.

    I now need to conjure up a good response for when they (no doubt) call again.

    See you in another month or so.

  276. Hang 'em High
    January 27, 2012 at 12:54 am

    Received typical (with a new twist) call, coincidentally a couple of hours after my monitor ceased functioning for no appparent reason. I quite literally was getting up off the floor from installing my spare monitor when the call came, and as i got up i noticed my internet light was off. (I’d also been woken up twice in the middle of the previous night so i was not at my best)! Even so, my ‘internal alarm bells’ were ringing immediately as they do with any cold call and i slammed the fone down without speaking. He immediately rang back and ‘told me off’ for putting it down on him! I have to give the scum credit; they are by miles the most authoritative so-and-sos i’ve had the misfortune to encounter. Did the windows + R thing, the ‘alerts’ & ‘warnings’ thing and when i entered the url they asked for i was very very fortunate that my internet (I’m guessing from an unbelievably fortunate coincidence) was down. They didn’t like it when i told them my internet was down and that i couldn’t connect. So they gave me the ‘toll-free’ number 02030510987 to call them back on my ‘cellphone’. Are these phrases native to India or does it seem like the scripts were written by North Americans? The URL they asked me to go to direct from the ‘run’ box was iexplore support.me . I was lucky i couldn’t connect to it but I immediately did a full AV scan, a system restore, and then found this site! My compliments to you all for helping to limit the damage these reprehensible thieves can do; criminals whose sole aim to is to rob vulnerable innocents of their life savings through fear should simply be hanged and hanged high. Hopefully, my including the above details might help even one poor soul from falling into their evil clutches.

  277. Eema23
    February 1, 2012 at 12:01 am

    Thanks for posting this. They called me today, “Alex Skinner” a male with a heavy Indian/Pakistani accent and non native speaker misuse of English verbs. I answered the phone away from my computer and explained that the computer was off. I kept asking how they knew it was MY computer that had a problem but no good answer. I was told the problem was in my Windows operating system and even if I replaced the computer the new one would be affected. But when I asked if replacing my computer with an Apple would I still have the problem I was told they need to work through the root file to see. I asked for the phone number to call back when I have the computer on and the time to deal with this problem. I was given 760-429-2871 as the toll free call back number in North Carolina. I never heard of area code 790 being toll free and on checking discovered it is a southern California area code and is used for Google voice.

  278. Webologist
    February 1, 2012 at 12:11 am

    That is interesting Eema23, so some of these companies are routing calls through Google Voice to evade authorities?

  279. February 1, 2012 at 12:28 pm

    Yep, even in 3rd World South Africa we’re starting to get the calls. While he was on the phone I googled and then asked him to explain why ‘scam’ comes up so often around CLSID. He hang up.

  280. Eema23
    February 4, 2012 at 11:46 pm

    He called again yesterday (Feb 3) asking for my husband by name. I took the call, explaining I was the chief computer user. He gave his name as Alex different last name starting with an S, same voice as two days ago. I strung him along for a while; acted totally shocked when he wanted me to type a CMD line into my computer, telling him my systems administrator would kill me if I did that. I ended the call because daughter needed me, if he calls back I will try to waste more of his time. What will it take to get off their call list?

  281. Webologist
    February 4, 2012 at 11:48 pm

    I doubt it is possible to get off their lists, they do not abide by any rules.

  282. Sasha
    February 8, 2012 at 1:12 pm

    I just received this call from “Windows Care” and got as far as the laughable verification by zfsendtotarget bit before I cut them off.

    Strangely I was on the phone to BT support last night (in India) about their rubbish broadband service, and gave my second name as my partner’s (as she couldn’t be bothered to go through the whole 45 minutes of being told to dismantle the phone socket etc. – but we’re not married so I never use that name under other circumstances). However Ms “Windows Care” (in India) immediately addressed me by that name…

    Probably a coincidence… But “Windows Care” for the list…

  283. Andy
    February 8, 2012 at 6:48 pm

    They don’t give up, do they ?

    While working on a new laptop for a customer, finalising the installation of Windows 7 after fitting an SSD (turns a £300 laptop into a “£800″ laptop, almost !), the phone rang.

    Surely this brand new laptop, with a fresh install of Windows can’t be “faulty”, can it ? Oh yes it can, as the helpful chap on the end of the phone tried to prove, when he got me to open eventviewer. He explained that these errors would be slowing the machine down. I informed him that I’d just finished fitting an SSD, and this laptop was anything but slow. I even told him that I do a bit of IT for a living, and these errors are on all PCs. Undeterred by this he tried the old http://www.ammyy.com trick. As I downloaded and ran the app, I told him that he was going to ask me for the ID number, and that I wasn’t going to give it to him. He said that if I didn’t the apps on the machine would be slow. I told him that I didn’t believe him, and then he gave up on me.

    Pity that I had things to do, otherwise I was in the mood for a long conversation, followed by an explanation that I had been wasting his time, as much as he had been wasting mine.

    I’m really going to try to have some fun the next time they phone.

  284. Webologist
    February 8, 2012 at 8:28 pm

    If I had the time I would do this: Grab one of the many boxes laying about here and install a fresh Windows then have that ready for the phone call, just to see what they do with Ammyy access, and also see if they mention anything regarding the PC being empty. Maybe a really strange desktop image would be amusing too, maybe something that looks like an FBI logo … “FBI computer fraud investigations – 1,000 scammers traced and imprisoned this week”. Yeah, I may do that …. :)

  285. Andy
    February 8, 2012 at 10:46 pm

    Sounds like a good idea.

    I also thought about rigging up a “dummy” machine, but I don’t like the idea of them knowing my IP address, even if it is a dynamic one. I believe they can identify your internet provider and get a rough idea of where in the country you live from your IP address, and the less they know the better.

  286. Webologist
    February 8, 2012 at 11:33 pm

    Good point. Don’t want them knowing any more than my name and telephone number really.

  287. clifford creighton
    February 12, 2012 at 4:15 am

    support4windows

    Attempted to sell me a warranty for my computer telling me mine had run out and I had 10000 viruses as a result. Told me they were Microsoft gold certified, good thing i did not have enough in the bank to pay. They then wanted to know how much i had in my account , that’s when i hung up. My bank called moments later to see if i authorized them to scan my card no. three times. Monday I will cancel card no.

  288. Adriana
    February 14, 2012 at 6:02 pm

    Help!

    I’m Spanish, I have 2 weeks living in England, not even speak English well, and today someone called me from a company telling me that Microsoft had reported that my security license had expired.

    But they asked for my husband, with his name (how could they know?) I think that’s why I believed them all. We begin the review, and as I understood nothing, finally gave them access to my computer (my God!). The access what made ​​through Citrix.

    I deleted and something installed, but I guess I have been able to steal all the information! They asked me if I used facebook and bank account, which if so, were unprotected, now is not whether they will have my keys …

    Because obviously, in the end wanted to sell the license for £ 200 for 5 years and by 300 the indefinite. I said I’d rather shut down the computer to pay that, and still insisted. In the end I told them to call me next week.
    What do I do with my computer? of time I run CCleaner ….

  289. Webologist
    February 14, 2012 at 6:27 pm

    Hi Adriana, so sorry to hear this.

    First I would change all passwords and maybe contact the bank to say that the online account may have been compromised. Change webmail passwords such as Yahoo, Hotmail and Gmail. Change Facebook and any other sites too, like Paypal, eBay and Amazon.

    Then install and run some anti-virus and anti-spyware, such as Avast! free edition (linked above in the article) and install a new Firewall, such as the PC Tools one, also linked. If something unusual requests access, deny it.

    If you are sure that someone was installed on you PC reboot in safe mode (generally involves pressing the F8 button on reboot and then boot without networking (no internet connection). Then open Control Panel and look at the Programs list and see if there is anything new / strange that they installed. It is best to also run anti-virus and anti-spyware is Safemode too, as some viruses will “hide” from these checks in normal mode.

    Hopefully you will remove whatever they put on the site this way.

    As for how did they know? Well, one of your service providers probably sold the information – mobile phone companies are often guilty of this – not the main ones, but the resellers. If you have ordered anything online and given name / telephone number then they may have got your information this way.

    Also, the advice on the Microsoft forum is;

    “Restoring the system to a date before the call will remove all executable code installed after the date of the restore point.”

    Are you able to do that? If you have a system restore point it is worth trying that out, but also running the anti-virus.

  290. Adriana
    February 14, 2012 at 7:59 pm

    Hello

    Thanks for responding. I went to control panel, uninstalled remote access and I found a program (Intel, 52 megs), installed with today’s date, so uninstalled. It seemed strange, since Intel never updated. I looked at my other computer, and Intel had nothing (except the one coming from the start). I am running McAfee full scan (as recently installed Sky, came the antivirus and put it on that computer), and when that runs out I will do the beginning in safe mode and system restore (I have a restore point from yesterday). Whew, what a mess. And follow the advice of key change ….
    Indeed, as I did not buy the license today, they said to call next week, so I’ll take advantage of them to practice listening and speaking in English, lol. If today’s call was 1 hour, try them a little more, free English classes! and when I tire, I will say that I had called the police and that the conversation is being recorded for them!

    Thanks, I’ll tell you if I find something else!

  291. Webologist
    February 14, 2012 at 8:20 pm

    I hope that Intel was a rogue program and not something important! Sounds a good plan, keep them talking for free conversation lessons!

  292. andy
    February 14, 2012 at 8:50 pm

    “Intel, 52 megs” sounds like it could be a graphics card driver.

    I doubt they’d install anything of that size anyway.

    I also doubt that they’d gain access to your passwords, but taking Webologist’s advice would be a good idea. Changing bank account passwords would be the first thing to do, just in case.

  293. Eema23
    February 21, 2012 at 7:00 am

    I haven’t heard back from them so I may be sending this from an infected, error ridden machine, but hey it works. Our daughter/systems admin sent me this and I thought you might enjoy reading it. The whole video is pretty long so it didn’t get watched, might be funny though.

    http://www.troyhunt.com/2012/02/scamming-scammers-catching-virus-call.html

  294. ammy32
    February 24, 2012 at 11:37 pm

    I cant believe this!i had a call today too it was a lady speaking with an indian accent she said she was from microsoft and had recieved lots of errors and notifications from my computer.She also said that my software warrnty has run out and asked me how old my computer was and who used it mainly.I have to say i was completley sucked in and was then transferred to a male technician who also had an indian accent and finally convinced me to buy software @£135 for a years warranty £185 for 2 years £265 for 3 years and wait for this £485 for a LIFETIME WARRNTY! but luckily me being a bit stingy and very careful about my bank details i told them i had no money in my bank ant to call me back in 3 days and i may have some money then.They tried to convice me even £60 will cover me for 6 months and that the computer will crash if i dont do something soon,also any other pc or laptops used in the household will soon too as we are using the same connection.i didnt pay all the same.My computer however does have problems it is running slow and does have red triangles and errors.

  295. Jack
    February 27, 2012 at 11:11 pm

    I just received a similar call from the ‘Windows Process Server’.
    “My machine has been generating errors, blah,blah.
    We have your CLSID and you are exposed, it’s like letting your social security number out and you are a great risk… Asking them “why are you calling me and who are they quickly exposed them as scammes. They were quite upset when I told them they were a scam and revove my phone from your database. “you will be need us soon as you machine will stop working… Yeah right, It’s still working as you can see.

  296. Paula
    March 11, 2012 at 12:05 pm

    I had one of these calls yesterday, usually they are during the day and my husband who works from home just hangs up on them. However I was just doing housework so thought I would play them along a little. I put the phone on loudspeaker and carried on cleaning. They didn’t call themselves any of the names mentioned here, it was sompething like computer security systems.She started off saying do you know what computer hacking is and that my system had errors on it and i needed to turn my computer on. I said ok but which computer? That through her a bit, so I said I had 5, which one? She eventually said any one so i said ok but it’s very slow and would take a while. She replied that was because of the errors on it.After about 5 mins I said computer has booted and she was trying to get me to type WINDOWS-R then TEMP. I acted really dumb and made her tell me several times, then made out my computer had blue screened. Said what have you done to my computer it was alright before, accused her of crashing it etc. She just said you need to go back to the previous command. I asked her if she actually knew anything about computers or was just reading from a script. She then said she would put me on to a supervisor.So I thought I would waste a bit more of her time and asked pointless questions and where she was, to which she skirted around the issue a bit, then said she was in Asia. As if I didn’t already know. Then i muted the phone and left them saying Hello, Hello, eventually they hung up. When they rang back a few minutes later I ignored it. Then they rang back again and my daughter pretented to be a chinese restaurant. Are they that stupid that they don’t know when people are stringing them along! Well we had a laugh and maybe it stopped someone else being conned for a little while.

  297. D Brady
    March 15, 2012 at 1:15 am

    I got a call today and they referred me to their website: MicroWindowSupport.com and they started with the same jargon, my computer has viruses and for a one time fee…. they also offered me a lifetime remedy for 300.00. I told them that I would first do some research and would consider their help later. THey hung up on me.

  298. Monica Metty
    March 15, 2012 at 3:12 am

    I got the same phone call this evening. They said they were calling from a company called RTI – using just initials. I told them I knew about their scam and said I didn’t believe a word you are saying. She tried to tell me my computer was sending errors to her. I asked her which one since I have 6 in my house – of course she knew I was on to her scam so she hung up on me.

  299. Robert
    March 16, 2012 at 11:32 am

    I’ve had two calls in the last month – the last call was a business saying they were PC Security Care and they wanted to log in via Logmein123 and gave a passcode of 486616.

    The name of the technical engineer was transferred to was: Austin Wells and he gave the telephone number company listed at the above website 0203 286 6214.

    They asked me to run ‘eventvwr’ – which is the event viewer which does list a number of errors and when I did google searches on these errors various tech help lines advised most of them were where I had unplugged a bit of hardware – eg printer abruptly

    When you read the details on the website for this company, you get the feeling they are being helpful, then you get on to the fact that they start to charge when they start to fix the errors, most of which were harmless.

    If they can’t fix it on line they will go away and research it, all the time you are being charged.

    A BIG THANK YOU for setting up this blog you have put my mind at rest and I now know to kindly tell these companies to go away.

    Cheers

  300. Robert
    March 23, 2012 at 10:46 am

    Hi, I had a call yesterday from “Jason”, who asked me to go through this procedure. I’m computer literate(30 years, phew…) so I didn’t have a problem playing along just to find out how this scam panned out. After some really bad acting on my behalf we were getting to the part where he asks for an email address and my phone cut out. He gave me a phone number 020 8144 9106, I’m not even goin to try it. They tried calling back a couple of times but by that time I couldn’t be bothered anymore, job done.
    Don’t fall for it, play along and pretend to be Scooby Doo, interject a “Reary!” or a “Huh!” now and again. It’ll give you an insight into how these rats work as well as build your confidence into dealing with them.
    Thanks for posting this blog. I see it’s been here for a while so they are persistant if nothing else, which means we have to be vigilant.

    Cheers

  301. :paul
    March 23, 2012 at 4:28 pm

    Just had a call from Jack (asian accent)i knew straight away it was a scam because they have phoned b4. Anyhow i had a good laugh with them stringing them on. http://www.pcsupportonline.com was the address he gave me. Started the convo by saying he was from windows support and that they had received error messages from my computer, that i had to goto my computer and they would help me ressolve the problems,
    i said windows? i already have double glazing and im not interested in changing them…..
    no no computer windows for your PC it is sending errors to us and we need to fix this for you…
    ahh ok so what problems are being sent?…
    internet protocol errors…
    really? what will happen then if i dont fix this will my computer blow up? or explode?…
    no but the wires may crack! your computer is running slow and we can fix like new!…
    its ok i will just buy a new computer then…
    how old is your computer?…
    its 10 years old so its about time i bought a new one anyway ill go out now and get one!…
    if u goto your computer now we can fix it for you like new!…
    well my son is using it at the moment and anyway if i buy a new computer it will work just like new, do you want to buy my computer? u can have it for £20!…
    we can fix your old computer so it will be like new!…
    are you trying to get into my computer so u can obtain my credit card details etc?…
    no no we want to fix it for you….
    so at this point he said i had to goto the afformentioned website i asked him to hang on while o got a pen and paper to write down the address to which he said no just type it into the address window…i pretended i had and then shouted down the phone Oh my god my computer has just burst into flames!!! whats going on? then hung up hahahahaha
    2 mins later he phoned up again and asked for me (by name i never told him my name)i said in a very bad chinese accent so solly u have wong number (no offence intended to anyone) and hung up again at this point my mates were on the floor in stitches! Now back to him asking for me by name, a few months ago i had to use Talk Talks tech support!! guess where they are? u guessed it asia! wonder if they are responsible for my data and details being passed around? after all Jack mentioned Internet protocol problems and i was having trouble getting online when i called Talk Talks tech support!! (turns out they had upgraded their sevice to ADSL2 and not bothered to tell their customers they may need a new router)

  302. Webologist
    March 23, 2012 at 5:27 pm

    I’m a Talk Talk customer. Any other Talk Talk customers here?

  303. Andy
    March 23, 2012 at 6:07 pm

    “I’m a Talk Talk customer. Any other Talk Talk customers here?”

    Guilty as charged. I’ve had a suspicion about TT, but so far it is only a suspicion.

    BTW. It’s been a bit of a quiet month or so for me, apart from a call from a funny looking number that I answered a couple of days ago, the line went dead after a few seconds. It won’t be long though, I’m sure I’ll be back with a tale to tell !

  304. Andy2 - 15 min 8 sec
    March 23, 2012 at 6:55 pm

    I haven’t had a call from them for ages – not since I told them I don’t use the internet because it is too dangerous. I’m not on talk talk, I’m on the 3 network.

  305. Linda W
    March 24, 2012 at 12:03 am

    I was contacted less than an hour ago with the CMD ASSOC ZFSENDTOTARGET CLSID
    scam. I didn’t let them (her) take me all the way thru the process but after reading the script on your site it is identical. I could another person talking in the background with an Australian accent. Their call back number is 1 347 352-0133 Global PC Support 2-4-7 if anyone wants to talk to them. The guy who answers sometimes forgets the business name just give him a few tries and he’ll get it right.

  306. ray
    March 31, 2012 at 2:11 pm

    i just had a call, the Indian guy said he was a windows technician, i said what company is this, he said windows, i said windows what, he said Microsoft
    i knew it was a scam
    but i let him run through the script, until i reached the part where he wanted me to go to a website, i never went to the site but i told then im getting a security alert, they tried several times but i just kept saying i cannot access the site im getting security warnings
    they passes me to a senior technician who tried a bit harder, but i just kept saying no i cant continue because i get warnings from my firewall
    he said this i very unusual and my pc is very secure and this puzzled them
    and the call quickly came to a close
    so beware, this is the 3rd call ive took in less than a year, each time i wasted their time for a log time, so may have prevented someone else from the scams.

  307. Anne-Marie Grange
    April 2, 2012 at 1:09 pm

    Before Christmas 2011…can’t remember which month…got a call from an Asian guy working for Microsoft….took over my computer by remote control after telling me how damaged my computer was and I could lose all my information…told me what to click on to see all the damages etc. I was on the phone almost an house with this guy…..eventually the MONEY was mentioned to keep me involved with them and their ‘free’ assistance. Western Union were to send it to some man in India and I was not to send it to their head office in Canada….Hmmm! Strange. Told him I didn’t have a Western Union office nearby…he gave me the address of a branch in the next small town. I don’t spend a penny without consulting my husband.

    When they took over my computer and my session (I was writing a story for a site I belonged to) it disapeared and I became angry. I phoned a number he had given me…another Asian voice….I yelled at him that I wanted control of my computer back and ‘I mean RIGHT NOW’. He told me I had the wrong number….I had reached the New York Police Department. Now I was so angry I asked to speak to an officer….Apparently THEY HAD ALL LEFT THE BUILDING FOR LUNCH……I almost laughed but was so angry.

    Heard again last week and just spoke two choice words and put the phone down.

    Just reported another attemped scam…nothing to do with computers…..it’s ended in a DEATH THREAT if I contact this guy again….

  308. Joe
    April 2, 2012 at 8:39 pm

    I received a call today from “Jack” in India. He said his company is “Agent 001″. I checked later, and there is a website for such a company, a bit sketchy looking, but not too bad. He said he represented Microsoft, and errors had been reported on my PC. I should go to my PC and he would help me. He attempted to legitimize this by saying the computer was connected to my name, address and phone number, which he stated to me. My info is not a secret–it’s in the telephone directories; so I believe they were just making random cold calls from the telephone directory. I told him this sounded like a total scam, but he kept claiming it was all legit. What nailed it down for me: I do not have a PC. Both my wife and I use Macs. I rang off and reported this to the U.S. Federal Trade Commission.

  309. Webologist
    April 2, 2012 at 8:58 pm

    Reminds me of the time when I pretended that I did not know what a computer was. The woman turned to her colleague and said “this man does not know what a computer is! how stupid is he!”. Ok, I made up the stupid bit, cannot remember what else she said. Probably written up there somewhere ….

  310. Anne-Marie Grange
    April 6, 2012 at 12:01 am

    Can’t remember if I left a comment or not when I was here before. Anyway…they didn’t get a penny out of me…..That was before Christmas. Someone called last week and I just said “Oh no! Not you lot again.. EFF OFF! ” and put the phone down. Actually this ‘sweet lady’ actually SAID the ‘F’ word. LOL….

    Also had a guy on facebook and my email and phone….romancing for for 3 weeks….I was kinda lonely and he seemed kinda cute…sent photos…probably not him….then came up the $$$$$$ and Western Union. Wonderful intricate story (web of lies) he wove…but I began to see holes in his story and he would get upset when I questioned him. $750 he needed (long story). Didn’t get one penny…..I went from being ‘babe’….to…well I won’t even repeat it.

  311. colin hamill
    April 12, 2012 at 11:59 am

    thanks for your advice on this subject . i,ve just had the same call from a indian guy saying that i have been sending error messages to microsoft and that he was from world wide web services and my computer had been infected and he was going to help get rid of these infections it all seemed so real and he caught me on the back heel as i was in a hurry to go out .as he started to show that there was errors on my computer i started to get worried thinking maybe this guy is real until he sent me to a page called join me and i smelt a rat right away and told him im going out now and he would half to ring me later and he did but i wasnt in and he told my wife he would ring me back tomorrow ,i hope he does after reading your forum i,ll no be so pleasn,t

  312. Malcolm Baldwin
    April 16, 2012 at 1:22 pm

    Just finished an entertaining 48-minute phone conversation with ‘windowspccure.com’ who tried out the CLSID scam with me. I was interested to learn that CLSID means ‘Computer Security License ID’ (don’t worry about the letter order) and not Class Identifier. I also learned that it can uniquely identify my PC and associate it with my landline phone number. Those philanthropic folks at windowspccure.com then offered to clean my computer of a new type of malware which had somehow bypassed all my security and was triggering reports to the Windows Service Centre. Apparently this is a not-for-profit organisation operating on behalf of Microsoft. When the first caller got bored with me she referred me to her Senior Manager who tried to get me to log into their website. For an organisation claiming to advise users against disreputable websites, their own home page does not look at all trustworthy! When I feigned difficulty entering the Secure Login I was then passed to the Senior Manager’s Senior Manager. How many levels of management do they have in this call centre? Slightly worryingly, this Senior Manager seemed to have forgotten all his customer relations training. First he threatened to disable my computer in a few minutes (still waiting…). He then read out my address and threatened to ‘send the police’, asked how many were in my family and threatened us with The Taliban and Al Quaeda (really!). When I asked quite politely how a Windows support call had taken such a dark turn he told me not to waste his time and finally hung up on me. And just as we were becoming good friends…
    At least I distracted them from scamming another innocent member of the public for 48 minutes!

  313. Webologist
    April 16, 2012 at 1:31 pm

    Well done Malcolm! 48 minutes, better than my record I think.

  314. Andy
    April 16, 2012 at 3:28 pm

    I’m almost feeling a bit “left out” here. No phone calls from WindowsScare.com for quite a few weeks now. I wonder if I have made it onto their list of “don’t call this number, he’s got us sussed” ?

    Mind you, it’s just as well, because I`ve been so busy trying to work out which offer of help I should take to claim compensation for all the accidents and PPI that I am entitled to.

  315. Webologist
    April 17, 2012 at 7:53 pm

    Me too Andy. I have had some nice calls about Loft Insulation and a few “surveys”, but it is not the same.

    Survey was funny actually. After I mentioned I was not interested the lady said that it would only take a minute. So I opened the stop watch that I use for timing jobs, and said, “OK, you have 1 minute to ask your questions”. Well, needless to say she did not get very far before I had to stop her. She seemed a bit confused. She probably could have got all the answers in a minute if she did not mumble so much. I did manage to answer the questions about who owns my house and if I have a job or not, but fear I may not have passed the test, as in hindsight I realised that I gave all the wrong answers!

  316. Tom
    April 18, 2012 at 3:53 am

    Got a call from Service Providers of Windows last night. I asked where she was calling from and was told Florida. She had a strong Indian accent. Got the usual song and dance which led to the CLSID on my computer. We went through it several times and each time I told her that this was not the ID on my computer. She insisted that it was. Do you suppose she might have thought I was lying? I noted growing anger in her voice as we rapidly approached the end of our conversation. I don’t know how long I kept her on the line but it was definitely longer than she wanted to be there. I propose we start a contest in which we see who can keep these guys on the line longest with some sort of prize to the winner, perhaps an app for the phone that blasts annoying scam callers with a 150 dB sonic boom.

  317. nixi
    April 21, 2012 at 1:57 pm

    Just received a phone call from ‘MS Technical Support’ with strong Indian accent (not unusual for people round here though). They knew our name (used to be on electoral role) and when we asked why they were calling they said they had received a message about us requiring help, and then reeled off our address to “prove” we had sent our details. When we told them we definitely did not he started claiming (sounded like he was getting irate) that we must have a virus that had contacted them with our details and that we needed to get rid of it. At which point we informed them we were computer scientists and there could be no such breach on our computers and that therefore the call must be illegitimate and hung-up – needless to say they did not ring back, which they would have done had they been MS? They picked the wrong people this time we didn’t even get to the part where they were instructing us to go to our computer (and we have never heard of this scam either) but ‘next’ time we will play games with them :) hehe

  318. Lucy
    April 23, 2012 at 5:28 am

    Mother warranty centre for Mildwave support number 888-611-4478 in United Kingdom are mt scammers..Received a phone call from supposedly Windows Antivirus support telling me my computer was getting hacked from New York.
    The person on the line had a strong Asian kind of accent.
    They were very patient because I am a computer novice. I was a bit suspicious and asked a couple of questions about their identity and reason for calling. They seemed annoyed and shot back convincing answers.
    I went along all the way. They said their name was Ricki Anderson contact number 011442032396250 which didn’t work when I tried to ring. $241.49 was taken out of my credit card from Amazon payments USA plus $7.24 foreign transaction fee. They were very convincing and all their little computer tricks did the job of convincing me to pay for two years protection which is ongoing, never to have to pay again…I won’t be..hard lesson to learn :(

  319. Webologist
    April 23, 2012 at 7:50 am

    Hi Lucy, have you spoken to your credit card fraud department? They may be able to do something.

  320. Jane Downing
    April 28, 2012 at 1:51 pm

    I have received numerous calls from India telling me of my computer error issues etc And yes, they make you go through all the procedures mentioned in your statement. I followed all the instructions as they said them to me and writing all down. To finally be sent to a site to purchase various products to eliminate my issues from 6 mths to unlimited use!! This website was www. swaptech4u. com. I told them I couldn’t afford these products at the present time and they put the phone down. They called again the following day, giving me all the same infor as before, and I replied ‘You have been telling me about this problem for weeks and I am not going to buy your products’ and then the phone was slammed down.
    So I think this is another website to add to your list.
    It was only when seeking advice from my work IT technician querying this issue and that I was prepared to buy a new PC or motherboard because I had been hacked into!!!
    Thank god I had someone there to help, as I can see how easily we can be persuaded to buy products and PC’s when there is no need.
    Thank you for this advice above.

  321. C Alexander
    April 30, 2012 at 3:06 pm

    Just had a call from these type of people.
    Company called themselves 24x7support
    trying to mess me about – I’m not a novice, and I’m not stupid.
    Website was: www. support. me

  322. Lois Buckingham
    May 3, 2012 at 10:37 pm

    I didn’t go on a website, but had a call from a man with an Indian accent who said he was called Zac & was a Microsoft engineer from a company called Universal IT Hub. He told me they were getting error reports from my computer via it’s CLS ID, that it was infected with malicious & junk files & needed me to turn it on so he could help me get rid of them.
    When I said I didn’t know him & thought it would be foolish to do that, he said why would he phone me if he was a scammer because if he was, he wouldn’t need to speak to me to get into my computer.
    I told him I would rather speak to somebody at my work that is a IT technician, & he said nobody would know anything about it or be able to do anything unless they were a Microsoft engineer as he was.
    I said I still didn’t want to speak to somebody I didn’t know on the phone anyway, & hung up.

  323. Tom
    May 4, 2012 at 9:23 am

    Not long ago I suggested we start a contest to see who could keep these guys hanging the longest. I think I can claim the record. Got a call from James at “Advanced PC Care, the service provcider for Windows operating systems”. Before it was over I had been transferred from James to William (a supervisor) to Kurt (the mother of all supervisors) In all I tied them up for 1 hour and 46 minutes. Here is how it is done. Play dumb…you know very little about computers. Follow along but explain that you have a very old computer (6 years in my case) and complain a lot about how slow it is. Pretend that everything is happening in verrrrry slow motion. Unplug (turn off) your internet connection. At some point they will be trying to get you to their web site or hooked up to remote access to your computer. You want this to fail no matter what they ask you to try. Finally when all their efforts have failed, they will try to get you to give them a credit card number. Explain that you don’t give this out to people who call you. Ask for a number where you can call them. Don’t call them. They will eventually call you back and this is where you explain that your computer is very old, slow and full of all the mal ware they found and they have convinced you that it is time to but a new computer. They will tell you that your computer could crash at any moment. Explain that you don’t care if it does because everything is backed up on external hard drives. They will try to convince you that you need to renew your software security agreement. Tell tham that you are not going to spend any money on an old computer that could go at any time. All your money is going into the purchase of a new computer and stick to your guns no matter what they say. Good luck. Bet you can’t beat my out of sight record!

  324. Andy
    May 4, 2012 at 10:15 am

    I think we have a winner !

    Tom, if I were wearing a hat, I’d take it off to you. Well done sir.

    Although I don’t mind wasting a few, or not so few minutes of my time “entertaining” these crooks, I don’t know if I could keep going for much over 30 minutes.

    Mind you, I do love challenge……..

    Also, I am seriously thinking about setting up a “clean” PC and allowing them access to it, just to see what they get up to. I know they could discover my IP address, but a quick reset of my router will change that.

    Does anyone think this is a bad idea ? I reckon I’d be “safe”, and it would be interesting to see if they do anything useful or harmful.

  325. Webologist
    May 4, 2012 at 10:24 am

    I have been tempted to do this. I used to have Windows XP installed inside a Linux virtual box. They would not get far in there. Could also set a really silly desktop image, such as one with a background like this:

    FBI cyber crime

  326. johngross
    May 4, 2012 at 10:53 am

    Good for you, Tom.

    I had a call from these guys today. I got rid of them eventually, but I wish I’d thought of your idea of unplugging my internet connection and then telling them that nothing they were telling me to do would work. The best I could do was to deny that the CLSID they were quoting was the one I could see on my screen… which could have been true, considering the heaviness of the accent, plus the terrible backgorund noise.

  327. danny
    May 5, 2012 at 12:07 am

    hi been to mums tonite as she had a guy called eric smith he told her that her comp was under attack and out of warrety so i jumped in the car and went to talk to this guy on the phone but mum had already given him remote acsse to her laptop as she didnt not :( so i goes on the phone and says whats going on why do u have accsess to laptop ?? he said i need u to take this warraty out as it will not turn on next time i switch laptop on hahahaha never heard so much BULL ………….

    ok i said can i have ur customer sevices number i got a number while i was talking to him i was looking on google at the number it was a german number so i told he id looked and said its a german number u have given me and u told me u was calling from london this is a scam i said no no no sir its not

    so my next line was why are u calling me at 10.30 pm on a nite ??? he said to help me hahahahahah BULL convo got a bit heated and he called me a loser thats wen i new i had him i said im on the line to police now and the are recording ur call he started to right on laptop at this point say fuck you in big red letters i new it was a scam i said

    but the best bit about it is i had him on the phone FOR ………….116 MINS

    ALL THE BEST DAN

  328. Tom
    May 5, 2012 at 12:04 pm

    Happy days are here again. Dan has broken my record of 1 hour and 46 minutes handily. Congratulations are in order!! Here’s to a job well done!
    Tom

  329. Jack
    May 8, 2012 at 12:57 pm

    I have been reading about these scams for a while now, however just today my mother received a phone call stating that our computer was sending errors to them. As usual all computer related issues are directed to me, so she gave me the phone and I answered. As soon as the man on the phone said “Your computer has been experiencing faults and these have been sent to our company”, I knew it was a scam.

    I asked him several times “Where did you get this number from?” and all I got was “We a Microsoft Qualified technicians and will assist you with the issues”.

    I threatened him that I would contact my telephone company to obtain his telephone number and provide it to the relevant authorities he then hung up.

  330. Glen
    May 10, 2012 at 5:55 am

    If anyone wants to know, the file type associations have nothing to do with anything and these guys get very frustrated when you simply tell them the CLSID they are looking for does not exist, their story just falls apart and they hang up on :P

    http://msdn.microsoft.com/en-us/library/windows/desktop/ms691424(v=vs.85).aspx

    A CLSID is a globally unique identifier that identifies a COM class object. If your server or container allows linking to its embedded objects.

    The HKEY_LOCAL_MACHINE\SOFTWARE\Classes key corresponds to the HKEY_CLASSES_ROOT key, which was retained for compatibility with earlier versions of COM.

    This really has nothing to do with anyone EVER selling you anything and if you are crazy enough to think it’s Microsoft calling you… wow… just wow!

  331. Caitrìona
    May 10, 2012 at 9:32 pm

    Four calls today, all Indian-accented voices addressing me as my husband’s late wife whose name was removed from this number over six years.

    On the average day we are bothered by two to three of these calls. At least one, but often two of them are the ‘We-are-from-Official-Microsoft/Windows-and-we-have-detected-errors/malware-in-your-Windows-computer’ scam.

    That is impossible as I work with a software development team over a VPN. My personal Windows PC connects through a very good router, and is otherwise well-protected. I also have a Mac and Linux box. I tell them this and their replies sound like this: ‘Yes. Your MICROSOFT Linux has malware. And we also see errors on your Windows Mac’ (Microsoft Linux, my &*%!) I have been threatened on occasion, as they get very nasty when I inform them that there is no MS Linux, adding that I know a scam when I hear one.

    Non-computer related calls inform me that:
    1. they have been informed that there has been a recent injury/accident in our house for which we are entitled to compensation. (That’s a surprise to us. The only accident we had here resulted in the birth of twins in February.)
    2. the government REQUIRES them to take a survey of our loft insulation, and it will only take a minute. (Oh aye… sure. The government has hired people with heavy Indian accents to survey people with heavy Glaswegian accents on loft insulation.)
    3. one of our stocks should be sold as there is about to be a takeover. (Strange, this one. The address they gace us in Canada was a car park. I followed this one through and it turned out to be a scam to depress the value of a legitimate stock.)
    4. other scams, which I’ll recall during the 5am feeding.

    These interruptions have become a real bother, as some days I receive as many as seven calls. There should be some way to block them. If this continues I will get rid of our home phone.

    Inexperienced computer users MUST be given the simple warning that they will NEVER, EVER receive a legitimate call from ‘Windows’ or Microsoft. NEVER. (Yes, I’m shouting. The emphasis is important, especially for the elderly.) I give people my phone number and tell them if they’re frightened that there is a problem with their computer they should shut it down and call me.

    I don’t mind assisting people who need a bit of reassurance or advice. I draw the line at spending a weekend rebuilding a computer because some gullible fool who I warned thought the caller sounded ‘so nice’.

  332. Webologist
    May 10, 2012 at 9:56 pm

    That is funny Caitrìona, I also have had the loft insulation calls. I wrote about that here: http://www.essexportal.co.uk/essex-information/roof-insulation-scams-in-essex

  333. sone
    May 15, 2012 at 9:10 pm

    lets me have the truth,,,,
    here i am from India i m a graduate an a jobless person so i finally landed in this BPO call center which was the easiest way to make pity money wic we call here a pocket money. I got an offer letter from a company (tht i ll nt disclose nw which hav claim as a Tech Support BPO) and this kind of company recruit only to those with good computer knowledge. I m a fresher and i have only ten days experience working out there(my company) i thought it was a genuine company.
    As a fresher Our duty is to consult and convince the customer and show them their CLSID and “eventvwr”-Application-Error & Warning, bt this ok to me,,, after all business is business and who ever use without valid license should have to pay as far as Microsoft or any other company is concern. Every month our company used to give assignment to every employees and my target is 1050 in US dollars i was happy with that because if i cross beyond tht i got an incentives of 10% of every sale…
    however i started doubting about my company our works is more or less like a scammers,so i find restless in my mind and i started to browse about company windows support group, technical support groups, etc and i finally found this page…
    but i still do’nt know what i am doing,, wish to share you more bt i m just a fresher so far very less ideas ,,,,,,,

  334. William Jago
    May 16, 2012 at 9:20 am

    I am in Melbourne, Australia. They have called me twice today with the same script as described above. They said that my computer was sending their server messages telling them it was having problems, but could not tell me their IP address or website URL. They gave me an address in South Melbourne that does not exist and could not tell me the postcode. I was passed to three different people. I asked for their phone number and they gave me a number that does not respond. I have to admire their persistence. Even after I told them several times that what they were telling me was incorrect and did not make sense, they kept to the script and tried repeatedly to get me to load AMMYY and Log Me In – both remote control programmes. I eventually suggested that they should resign and walk out now because either they incompetent or are working for criminals. When I asked whether they thought I was a moron they hung up.

  335. Webologist
    May 16, 2012 at 10:06 am

    That is very interesting Sone. For other readers, Sone’s IP address is from Delhi, so looks like a real account.

  336. Perry Moore
    May 17, 2012 at 4:39 am

    Hi from Vancouver BC Canada

    Got a phone call with an Indian Accent telling me about the error messages and that i needed to pay a one time subscription fee followed by 5 minutes spent following a technicians instructions. Wow! first they took me to the the admistration Event folder to see the messages and asked me to tell them how many were in the folder to test them i gave them a wrong number, if they were tracking my computer they would know, they said that was right.

  337. sone
    May 17, 2012 at 9:05 am

    Dear,
    Webologist i never encourage lying, an yes this is me with my real account (i used difference name during call) that i m using here, i have being assign to UK an i want to learn more from yours side what actually is happening. As i have mention earlier i am new to this kind of company. Also i have found in some other blog that people commenting is a scam company and some says is not. So here i want to know the truth, an there are also thousand who do’nt know what they are doing.

  338. Webologist
    May 17, 2012 at 9:15 am

    Hi Sone, could you share how you are briefed? That would be interesting to hear.

    The scam is simple – when you call people, none of them actually have problems with their PCs. Your company is not receiving any errors (this would be impossible). You have no real working partnership with Microsoft / Windows. You trick people into thinking that there is a problem by showing them completely ordinary PC errors – not errors that do any harm at all, just simple errors that are reported by a PC when a page does not load or a computer is turned off instead of shut down.

    Some companies like yours will sell a “warranty”. People purchase this. But it is nothing. Some companies will gain access to a person’s computer using a remote login program (like Logmein) and then install software onto a computer. Sometimes the software is malicious., Sometimes harmless, but pointless. One person once had CCleaner installed after paying the “warranty” upgrade. CCleaner is a completely free piece of software.

    The whole scam is really no different to people knocking on a door to say that they are from a government department responsible for insulating homes and selling cheap loft insulation to vulnerable people for thousands of pounds.

    The scripts that staff have to follow are designed to confuse, worry and panic people into taking immediate action and parting with their cash.

    As you will see from the start of this article, the police have shut down some operations, as they are probably illegal under UK law (and many of the other countries that are targeted) but new companies keep opening.

    People all over the world are being conned and scammed into paying a lot of money for absolutely nothing. A real shame.

    If you can share anything that you are told that would be great. Would love to hear how the management trick their staff into thinking that they are working for a proper business.

  339. sone
    May 17, 2012 at 9:51 am

    Webologist our company management department did’nt explain us anything about what they are doing or we actually are doing. i was recuited at first by this company saying they are dealing with some anti-virus (N360), but work are totally difference, so i started to doubt them. Also as far as my knowledge is concern about this company works is that they first show the Error and Warning from the Computer Event Viewer dialog box and computer CPU performance from task manager after that they will ask to connect directly connect to our Microsoft technician with Live Chat or Team Viewer also they always ask customer to renew thier Microsoft OS License and once the customer agree to renew they will give us our level of achievement.
    i have lot to learn as i said i m just a fresher my duty is just an opener and then transfer my call to senior supervisor after i show Event Viewer-Error & Warning….

  340. sone
    May 17, 2012 at 9:57 am

    our company attempt is to convince our customer to renew their MS-Os (1yrs,2yrs,3yrs,5yrs, lifetime)and sale license to them.

  341. Webologist
    May 17, 2012 at 9:59 am

    Interesting. Well, as I am sure you know, there is never a need to renew a Microsoft OS License – once you buy Windows you have it forever. Microsoft charge once only.

    And the sort of “errors” in event viewer include many totally innocent errors. For example in my log there are errors for when Windows Update downloads a package that is not compatible with the computer (i.e. a totally normal event and not strictly an error at all). Another “error” is that a computer shutdown was unexpected – i.e. power turned off.

    It must be hard for you. Jobs are hard to find and you are torn between earning money to live and doing an honest job. I hope you can find a good solution for yourself.

  342. sone
    May 17, 2012 at 10:13 am

    i do’nt know about other’s country bt here in india PC use for home which used Microsoft, 80% user are not genuine copy of Microsoft they use without license key………..
    an i also believe that once we use a genuine Microsoft product in our PC there is not need to renew again and again……….
    anwy i got to go now my work is ringing again,,,,,,,haha see you

  343. The Donk
    May 17, 2012 at 12:17 pm

    I’ve Just had one of these calls – very very plausible.

    As they cold called me so I refused to provide any details and got as much as I could out of them including a phone number and web site.

    07937413447
    http://www.microsoftwindowscare.com

    Their web site looks very good so they must catch a high proportion of people they call – it must be a lucrative business and I wonder how long it will run before being closed down?

  344. Webologist
    May 17, 2012 at 12:34 pm

    Never be fooled by a professional looking website!

    If you look at the WHOIS details you will see that the website domain was created on 07-Mar-2012. They have set up “privacy protection” so that there is no public record of the person / business that really owns the site.

    They tend to move from one domain to another on a regular basis to avoid coming up in Google for the bad reviews.

  345. Richard Granucci
    May 30, 2012 at 11:50 pm

    I of course work in IT for a large govt/county and we have zero problems with what those ‘pros’ suggested. I walked into an associates office, a most SR IT in Tech Svcs, and he got this call an just couldn’t resist to play them along. The first voice did all the above usual…scan, found errors etc. and we of course were not impressed especially when prompted to ‘login into’ thier site [•logmein123.com ], which looked to be a legit site of sorts, they were just using: don’t know. No matter. Asking for a supervisor, we actaully got someone we ‘just’ barely understood. A bit better and we went into this routine to get the SFSENTTOTARGET association, which of course is the same on all computers. We were only slightly impressed they had a script down a bit better than most. Of course they were NOT Microsoft employees, just Microsoft techs. Asked for another supervisor after what is now 15 min and REALLY got a person who spoke good English. Impressed. Same routine. We asked for phone numbers, web sites, certifications and we played dumb as much as possible.
    Finally after almost 30min we became bored as knowing the entire routine and statedn to them that the reason they could not get our phone number [we hide our numbers] is we are a govt. agency and tracing their call………big hang up. we LOL.

  346. Gibbo
    June 2, 2012 at 10:10 am

    Small provincial town in New Zealand, 7:00pm Saturday night, Chiefs about to take the field against the Blues, phone rings:

    Wife: “Hello?”

    Technical Support Centre (TCS): “Good evening, blah blah blah, we have reasone to belive your computer is injected, blah blah blah”

    Wife (smiling knowingly): “Oh dear…”

    TCS: “Yes, this could be very serious, blah blah blah…”

    Wife (Trying not to laugh): “You’d better talkk to my husband.”

    Me: “Good evening?”

    TCS: “We are some [enter name of your preferred legit sounding support centre here] and have reason to belive that you’re PC could be infected.”

    Me: “Oh, what could have happend?”

    TCS: “You or someone in your family could have opened an infected file and put your computer in danger. Have you been using your computer in the last 4 days?”

    Me: “Yes, what could have happened? What could be the problem? Is it serious?”

    TCS: “Sir, this call is being recorded for training and montoring reasons, there is no need to tack a scarcastic tone.”

    Me: “I’m not, I’m really concerned blah blah blah…”

    TCS: “Are you at you computer at now?

    Me: “No, let me go a and start it up…”

    Long pause while I sit watching Country Calendar and start my pretend computer…

    Me: “Ok, now what?”

    TCS: “Can you opent he run box?”

    Me: “The what???”

    TCS: “The run box. Press the windows button and r at the same time.”

    Me (While opening another Heineken): “OK, right, I see a a funny little box, what is it?”

    TCS: “What do you see?”

    Me: “ummmmmmm, I see a window, I see a cursor flashing…”

    TCS: “OK, type cmd and press enter”

    Me: “OK, cmd right? OK, enter, right? OK, oh I haven’t seen that before, a black window…”

    TCS: “Good, do you see a white cursor? Yes? Good. Can you please type assoc and press enter.”

    Me: “a? s? o? e?”

    TCS: “No sir, a s s o c”

    Time passes and many different vowel and constanant combinations are enetered into the imaginery dialog box….

    Me: “Ok right, a s s o c, enter. Oh wow! Look at that!”

    TCS: “Sir, what do you see?”

    Me: “www.fuckoff.com”

    I hang up and opening another Heineken and watch the Chiefs thump the Blues. (www.superxv.com for you American types)

  347. Ed
    June 2, 2012 at 9:53 pm

    888 ASSOC SCAM Windows

    Received a similar call just now. John with an Indian accent insisted that my computer has been sending them messages, on a computer with a license number that started with “888”. Otherwise, the script is similar (run cmd, then type assoc). It so happens that my assoc list is empty, he was put off by this; asked to type “cd ..” and repeat (which of course does nothing). At this point backed off, claiming they must have made a mistake. I pressed for his details. Claimed to be working for Techglor, a “backup support provider for Microsoft”, phone number 408-716-0601 (408=California). In fact, caller ID said 404-891-5565 (Atlanta, Georgia). When I asked him to convince me that he was not a scammer, fell back on knowing my “license” that begins with “888”. I tried to steer him towards the Microsoft terminology (“registration”) but he would not deviate. Was not able to identify the version of Windows that sen the message. To cut losses, suddenly said, “let me check if I called the right number” and mis-spelled one digit when reciting my phone number.

    One interesting detail. The computer in question, is registered to Xxxx Yyyy, but the user name who is on it most frequently is Zzzz. He correctly identified the initial of the first name, claiming to have received from some international internet body. My IP is registered to the subscriber name Xxxx Yyyy, and so Z should not be available publicly, though my home phone number is registered with the phone company against “Yyyy, X & Z”. He chose “Z” as the identifier to have communicated with them.

    I promised to report them, but I think this is a better place than any, the first google hit on ASSOC WINDOWS SCAM.

    Cheers, everyone.

  348. Pat Mahoney
    June 6, 2012 at 4:20 pm

    I have had several of these calls, and each time I tell them I am not interested and remove my number from their database. Today two calls from the same Indian gentleman. At the second one I got very annoyed and asked for the name of the firm and a contact number. He refused to give these, just saying he was phoning from London. I told the person in no uncertain terms I was not interested.
    He had the audacity to keep phoning me back to say he was not happy with me and ended up making a very loud noise at the end of the phone – luckily I did not have the phone right next to my ear, I was using the speakerphone as I have a hearing difficulty

  349. ian softley
    June 15, 2012 at 3:31 pm

    I got one of these today telling me my windows computer was corrupt and sending error messages. I kept asking what computer and how he got my details. He got so annoyed with me asking when he didn’t give me a satifactory reply he told me to “Fuck Off” and then hung up.

    Kept speaking very quickly and very difficult to understand his asian accent on a very poor line.

    Thanks for publishing this I will pass it on to my friends

  350. Tony
    June 16, 2012 at 12:09 pm

    I received this call today, quickly booted up my VM and followed their instructions to the letter. Installed their software on a VM after snapshotting it first and then watched what they were doing. Took IP addresses et al. and forwarded this off to ActionFraud. Scanning my computer with malwarebytes just in case they were more intelligent than they seemed and found a way from the VM to the Host. Should be interesting.

  351. Caroline Sharp
    June 19, 2012 at 12:17 pm

    I just had one of these calls! They first phoned my brother who lied and said his computer was at a friends to get rid of them. When I answered they told me there where corrupted files on my computer and that they got this information from my service provider and had my IP address, name and telephone number, scary huh?

    He didn’t actually refer to which computer (we have about 10 in my house including laptops) I assured him that there was nothing wrong with my computer, he then reassured me that he had this information from my service provider, so I asked him who my service provider was, he then laughed and said it was a silly question, I then got a bit angry as anyone would, I replied “well i dont think it is a silly question, you must know who my service provider is?” he then carried on with the script and tried to give me instructions on how to get rid of these scary files.

    I told him again that I knew there wasnt anything wrong with my computer, he then got a bit annoyed and asked me how I knew this, so I told him “because I have a degree in computing” (Im part way through but if hes lying I might aswell too lolz), he didnt understand what a degree was (not suprising) so I repeated “a university degree in computing, so I think I know a bit more than you”……the phone went dead, hopefully not going to ring again haha.

    I feel really sorry for the people who will worry about this and do whatever they say, overall the man on the phone was patronising and you could really tell he was thinking “oh your just a woman, go to the machine that makes the pretty pictures”, the government should educate people on how to deal with these people, there so bothered about online security that they forget about offline security! And surely it is more damaging because of all the horror stories of people being scammed out of loads of money over the phone.

  352. Anonymous
    June 20, 2012 at 12:02 pm

    Had the same call, they directed me to ammyy.com, a zero-config remote desktop solution. At this point I hung up.

  353. Brendan
    June 26, 2012 at 8:13 am

    Thanks guys, while she was rattling off the CLSID, I was able to research, find this site and tell her what she was going to to next :)

    I’m in New Zealand and we’ve had this thing going for a couple of years. Last time I spoke to them, the chap got a very loud yell in his ear from me – afterwhich he hung up. Tonight, since Jennifer was so lovely to talk to, I thought I would find out a bit more. Unfortunately I scared her off when I predicted her next move – though I was impressed, she did say ‘well sir, if this is a scam, how come I know the number’.

    The company she ‘represented’ was Blue Systems Care. 25 Queen street Auckland, 09 8 eight 9 25 five 6. I haven’t bothered calling it, didn’t want to waste some other poor buggers time if it did go somewhere legit. She did assure me though I would end up talkig to her if I did ring. She sounded hot though, maybe I will try and ring it. Hah, an Indian chick named Jennifer :)

    Needless to say, http://www.bluesystemscare.com doesn’t exist – I did check that out. Disappointed actually, I thought they may have gone to some effort.

    Til next time
    Keep the funny stories coming

  354. Jon
    June 28, 2012 at 10:31 pm

    I just got called for this very scam. Pretty sure it was a scam, I slowed him down so that I could Google bits of his approach and came upon this post while he was still giving innocuous commands. THANKS!

    For sport, I kept him on the phone for as long as I could. My gf and I were suppressing giggles as I dumbed down my end of the conversation. The “dumber” I got, the more he thought he had a live one on the phone and the harder he tried.

  355. Webologist
    June 28, 2012 at 10:37 pm

    Good work! And glad you did not get caught in the scam.

  356. CeeJay
    June 29, 2012 at 6:22 pm

    Good afternoon Webologist.
    Several weeks ago I received a phone call from an asian claiming that my computer was suffering an infection, I could barely understand him, but realising it was a scam I told him I was professor of IT at Birmingham University (UK)he persisted, I cut him off and dialled 1471 his phone number was 002063971126.
    This afternoon I received a phone call, I am sure it was the same asian, I again informed him that I was professor of IT at Birmingham University, he said that he had studied IT at Birmingham Uni, I told him that I knew he was operating a scame and again cut him off and dialled 1471 number provided only 01922 which is the area code for Walsall West Midlands.
    Of course I am not a professor of IT, neither am I stupid but I have not got time to talk to idiots, being an automotive lecturer I will press buttons and click mice until it works, failing that I will take it into my workshop and adjust it with my trusty sledge hammer.
    All the best CeeJay

  357. Fredrik Walter
    July 2, 2012 at 3:09 pm

    Hi Webologist!
    I’m a software developer and I just got a call from tech4pc. I´m “quite” good at computers and software etc, so I was a bit amused by the call from the tech4pc guy with the indian accent. He made me open the command prompt for typing “accoc” to find the CLSID 888DCA60-FC0A-11CF-8F0F-00C04FD7D062. He immediately hung up when I asked him what “zfsendtotarget” (the word preceeding the CLSID) stood for.
    Thank you webologist for confirming my suspicion.
    Regards, Fredrik Walter, Sweden

  358. July 4, 2012 at 1:22 pm

    Hello Jon,
    Just found your writeup, and if you’re interested in another few hundred comments from other people, please take a look through http://www.theogray.com/blog/2010/07/international-routing-system

    I’d not had the CLSID step pulled on me until today, but have had many different conversations with these people over the past 2 years.

    I am told that if you can get them to give you a LogMeIn Rescue technician code (logmein123.com is a legitimate website, but don’t go any further than writing down the code they give you and the time of day!), then that may be of use to LogMeIn in tracking down these people, although I am yet to have that confirmed by LogMeIn directly.

    Kind Regards,
    Theo Gray

  359. Webologist
    July 4, 2012 at 1:43 pm

    Good tip Theo.

    I had another call today but got impatient and the lady hung up after I told her that she was the most incompetant IT professional I have ever spoken too. She spent about 2 minutes asking me to press Windows-R without actually saying it direct (“find the button on the keyboard with ctrl on it, next to it there is a button with black squares on it, press and hold this with one finger while pressing the r with another finger”) – I actually wrote that about 10 times quicker than she said it. I asked why she didn’t just say “press windows-R” as this is the phrase that Microsoft usually use. She ignored that question and asked me what I could see on the screen now, to which I replied “surely you must know what happens after I press Windows-R?”, and she got upset that I did not tell her what was on my screen. Anyway, a few minutes of sillyness. Always nicer when they hang up.

  360. Eric
    July 9, 2012 at 10:37 pm

    Just had one of those as well and played along out of bordom.
    Some quotes:
    “Press the windows key, and then press r”.
    “type in C , then M, then D , and click ok”…
    “Type in a, s, s. Can you spell that for me? ”

    Eventually I got bored and asked him that if the clsid was my systems unique id, why my other systems had the same id. He hung up

  361. Alex
    July 12, 2012 at 5:43 pm

    I’ve got such a call today for the first time. I’m living in Switzerland and they called me on my private mobile phone!
    They told me that they were working for Windows, and that the company name is Tech Web Solution, based in London…

    Same process :
    windows key + r
    eventvwr – Waou! So many errors and warnings!

    cmd and assoc… CLSID… Waou! They got my windows ID!

    Quite impressed until I typed it on Google and came to this article. I told him that my mother was feeling bad and I’d call him back. So I got his phone number.. which I gave a few minutes later to UK Action Fraud…

    Hope they won’t call back!

  362. David
    July 19, 2012 at 7:35 am

    They’re baaaaaacckkkk. Just got another call in Hawaii allegedly from Kirkland, WA (probably redirected from india) telling me that my computer had downloaded junk files from the Internet. When I asked which computer He said: your windows computer, either windows 7, Vista or XP. Tired to play along for a few minutes but got bored and interrupted him in the middle of his script (a script that seemed to be punctuated with “okay” at the end of each sentence) to tell him I was aware of the CLSID. He asked what I knew and hung up with a “get lost” before I could finish. You would think they would be happy about the way they are educating the public on obscure windows features, but I guess not.

  363. Mats Tande
    July 25, 2012 at 3:51 pm

    Just got a call from a guy with strong Indian accent, who claimed to call from Microsoft Windows 7 Customer Support Center. I immediately understood what was going on, so I played along for 10 minutes or so. He blew his cover a number of times: When I said I had many computers and asked which IP address was the problem he said the report came from 192.168.0.1 :-) When I asked where in the world he was, he said Microsoft Customer Support Center in Salt Lake City. I then asked him what the local time was there, and he said “midnight”. After ten seconds he changed that to 4 am :-) I eventually let him know that he’d been busted. He became very rude and hung up on me.

  364. cc
    July 26, 2012 at 4:13 pm

    Very appreciated to the person who spent the time to put down all the details.
    I got the similar call today in Canada, Toronto. I guess this is spreading.
    The phone number they give me and actually I call back and can reach them is 416-915-3536 (Toronto Phone number), but the call will route to Asia, India.
    I will let more people know so they can prevent it. This is a well planned scam, I think even people with some computer knowledge will fall in.

  365. Webologist
    July 26, 2012 at 4:17 pm

    The best way to educate people is to share this page with them and keep updating in the comments with any new company names that are used.

  366. LittleRedHammer
    July 27, 2012 at 5:46 pm

    EVIL SCAMMERS SUCK.
    Wife just got the call. Wish I had this information, but I asked for his callback number and the “computer ID”, then I hung up. EVIL SCAMMER didn’t keep me on the line.
    Thank you very much for this page!!!

  367. Hank Cohen
    August 4, 2012 at 8:19 pm

    Thanks for the write up. I got the call today and your site was a big help in sorting it out. The error scam was interesting, running event viewer I had lots of errors but hothing to worry about.
    Interesting thing about these guys, they wouldn’t be dissuaded. I basically told them that I knew that they were running a scam and should find honorable work and they didn’t hang up. If they were in the US and subject to the don’t call registry they wouldn’t have stayed on the line once they realized I might complain.

  368. JJ
    August 8, 2012 at 1:00 pm

    Just got of the phone with a scammer, indian judging by his accent, he will be calling back in the morning. Thinking of a way to make fun of him, i.e. saying i only use apple or linux

  369. Deepak
    August 13, 2012 at 11:57 am

    Thank you for the wirte up. My wife got the same type of call a couple of times as well spread over 2 weeks by different people.. very dodgy and slightly scary that they they somehow have your number and name, especially since this number is a ‘new number’. They claim they work for ‘Windows Operating System’ or something give some nonsense about CLSID number etc.

  370. Chris
    August 14, 2012 at 7:03 pm

    Received a call 8-13-12 from an India Indian voice – said his name was John Anderson – red flag right there! (Ha Ha) Said he was with P.C. Secure – had something to do with Microsoft, and that I had serious things wrong with my computer that they needed to show me how to fix. (Said that they had been alerted by Microsoft.) When I was skeptical, he gave me “www.123pcsecure.com” as their site…phone #1-800-878-2302. He was quite pushy, and talking fast, and wanted me to push the button on the bottom of keyboard to left of “shift”, with the flags on it, AND the “R” button at the same time. I said, “You know, I am not at all comfortable with this, I’m going to check this out” – he said he’d call back tomorrow…(which is today) – will see if he does. Wanted you to have another name being used: P.C. SECURE

  371. sone
    August 16, 2012 at 5:26 pm

    its, good to know tht you all are not scam by us,,,, By the way can somebody do have the ability to do something against this??/.. remembers this scam process is running for almost ten year an they are expanding thier network everyday, and they have already build thier foundation in India an now they are on move in differn part of asia,thier main target was with non-English speaking person in Europe , america etc,,, ,
    an yaaaa i was with this company for three month, and i left aftr knowing this is a fraud,,,
    if you need any help/information do let me know…………..

  372. Dan
    August 17, 2012 at 8:20 am

    had 2 calls within half an hour! I played along just for fun…and to keep them busy enough not to call anyone else for a while.

    One who directed me to http://www.support.me.

    The other was identified their company as “Best Help”.

    Both eventually got frustated with me and hung up. How rude!

  373. George
    August 18, 2012 at 4:27 am

    When I halfly slept, I got a call from “Windows Care”, his name was David Jefferson with Indian accent. This happens in Canada, particularly in my area.
    He pushed me to open my PC and tried to persuade me to run “Ammyy Admin”, remote desktop software. Meanwhile, I asked again and again, why I have to trust someone who just called me as a private caller. He used CLSID, as you mentioned. It sounded strange to me because he insisted he was a real person where I asked for his identification or something to prove I could trust. Anyway finally he gave me an email address “[email protected]”. I quickly checked the domain, and found the warning that it is a fraudulent site. Big Caution! Immediately I goodbyed him, but he called me back in a minute. I noticed three different voices were in background, all in Indian accent.
    I was confused for my Internet Provider’s follow-up on an issue I had recently. So I wasn’t so cautious at first.
    Thank you for the posting.

  374. Gloria
    August 22, 2012 at 12:35 am

    This afternoon I got a phone call from 416-915-3536. The moment I picked up the phone, someone on the other side told me that my computer was hacked, and he could help me fix it. The reason I was suspicious right away was that I actually have three computers at home. But I continued the conversation. He said he was from Microsoft company, and found my computer had serious problems, since it was hacked. He urged me to log online and he could help me to solve those problems “right in front my eyes” (his words). I told him I knew nothing about computer but would like to write down his name and reference # so I can call back. (he said his name was Mac William, but he had an Indian accent).

  375. Ian
    August 23, 2012 at 11:41 am

    Good morning,

    I’ve just had what must be the fourth or fifth of these scam calls, the first being about 18 months ago. Calls seem to be getting more frequent as time passes. This one claimed to be from “Windows”, the caller and supervisor both having strong Indian accents with lots of loud call centre type cross talk in the background. Others I’ve had have been from people with what I think to be South East Asian accents.
    I managed to waste about three quarters of an hour of someone’s time before claiming a call coming in on my other phone, could they ring back in 1/2 an hour. What chance the callback I wonder?
    Ian {Leeds, UK)

  376. thelr
    August 23, 2012 at 5:07 pm

    Got one of these calls yesterday in Indiana, USA. Was suspicious from the start, but the first step they tried was to Run www. ammyy.com/AA_v3.exe. Obviously that would download an executable, so I copied the address (without the file) into my browser, then proceeded to give the “technician” the runaround for 5-10 minutes.

    When I asked for verification, I got the CLSID trick, which led me here. Thanks for documenting these scams!

  377. Andy
    August 29, 2012 at 8:20 pm

    Been a little more “quiet” round here recently, but that might be something to do with me being away from home a little more often recently. Having said that, I just had a call to my mobile…….

    I was told about the errors, and some new virus. He then quizzed me about which antivirus product I used, and if I had recently scanned my system. I informed him that I have Antivirus protection, and it is updating daily and working properly. I added that I also regularly scan with Malwarebytes. I think he got the message that I might be a bit tricky to deal with, so he asked about my friends’ computers. He certainly got the message when I replied “they all seem to be fine, I built and maintain most of them”.

    These crooks never give up, do they ?

  378. Webologist
    August 29, 2012 at 8:28 pm

    Hi Andy. Interesting. Been quiet here too. No mobile calls yet though. Could have fun with that!

    Scammer: “can you go to your computer and turn it on”
    Me: “sure, OK, hang on …..”
    Scammer: “is it booting up?”
    Me: “no, not quite yet”
    Scammer: “ok, let me know when you are logged in.”
    Me: “Ok, will do. …….”
    Scammer: “Hello? any progress?”
    Me: “Yeah, I have just bought my train ticket home, should be there in 2 hours, you want to hold?”

  379. Andy
    August 29, 2012 at 8:32 pm

    Nice one !

    I`ve lost the will to “play” with them recently, but if they catch me in the right mood, and with the time on my hands, I’ll try to keep them occupied for a while. I consider it my duty (and it’s quite good fun)!

  380. MaX
    August 31, 2012 at 6:23 am

    Hehe, held one off today too :) A little contribution to protect people like my parents (over 70)

  381. Caitrìona
    September 3, 2012 at 2:45 pm

    After a haitus, they’re back.

    Last week I stopped counting the number of calls, sometimes as many as three a day, after ten. From somewhere they have dredged up my husband’s late wife’s name, and they’re asking for her insisting it’s her computer that is giving errors. The woman has been dead for nine years. I notice that they ask for her using her formal Christian name, when she always used her middle name including in her business dealings.

    I just now received another call.

    This is a terrible bother. There must be some way to make this stop.

  382. Glen
    September 3, 2012 at 9:43 pm

    Anonymous Call Rejection. This service will play a message, notifying the blocked caller, “the person you are calling is not accepting anonymous calls. Please redial without withholding your number”.

    Nearly all Telephone companies offer this service, mostly for a monthly fee.

    Products such as “TrueCall – The Nuisance Call Blocker”, work with your network’s Caller ID function to provide the same effect.

  383. Caitrìona
    September 3, 2012 at 10:36 pm

    Glen, how do these devices handle incoming Skype calls? My family are scattered across Europe and the US. They call me using Skype.

    *sigh* I received another call about two hours after the first one: two calls today.

  384. Glen
    September 3, 2012 at 10:57 pm

    Caitrìona, in Skype – you can prevent calls from people who are not on your contact list by disabling the “Skype Me” mode.

    Skype > Preferences > Privacy.

    Choose to Receive calls to my Skype Number from, select one of the following:

    Anyone – allows all incoming calls.
    Known Numbers – numbers not withheld, show up as caller ID.
    Contacts – allows calls from people in your contact list with a saved number.

    Known Numbers will have the same impact, as without a caller ID they can no longer call you and as a bonus, you don’t need any additional software or hardware! :)

  385. Susan
    September 13, 2012 at 12:36 pm

    I just received a call from indian gentleman telling me he was from Microsoft and that my computer had errors. He asked me to enter cmd prompt and then read back my CLSId number. Meanwhile I googled the scam and found this site!! Once I started to ask for the web address, company name and contact telephone number he put me through to his supervisor. I go the detail and then the supervisor hung up on me (unsurprisingly – they obviously realised I decided it was a scam)
    honestly do we not get enough junk phone calls without this too.

  386. Andy
    September 13, 2012 at 1:48 pm

    The lady that just called me must have been at least a little suprised when she told me to press the Windows key and “R” at the same time, then type “E”……. I interrupted her and said “V, E, N, T, V, W, R”.

    “That’s correct sir” she replied.

    I then said “how did I know that ?”.

    She didn’t really bite.

    After pointing out the terrible errors on my machine, she offered to help me to remove them. I declined, stating that my PC is working fine. She then gave up very easily. Quite poor on the entertainment value. Still, I’m sure it’ll be better next time.

  387. Naeem
    September 29, 2012 at 6:12 pm

    yah, you are absolutely right some alias semantic infoteck from this number 1 213 412 0012 called me several times and asked me to confirm the CLSID of my PC, luckily I did not answer any furthur questions and hung up on them because I have been using Microsoft and Microsoft never called individuals whether their software is updated or not to me they sounded like scam to begin with. thanks for your article meant a lot keep up the good work

  388. Webologist
    October 2, 2012 at 1:00 pm

    Just had a call from Dennis from the PC Security Depart of the Microsoft Windows Operating System! He told me that my computer had been sending them reports as I had malware as a result of surfing the Internet. The conversation:

    Me: “so, when did you receive these reports then?”
    Dennis: “A few weeks ago”
    Me: “A few weeks!!! You have been sitting on these report for 3 weeks and you only call me now! I demand to speak to your manager. I wish to make a formal complaint. You should have called me IMMEDIATELY!”
    Dennis hung up.

    He he he.

  389. Catherine J
    October 2, 2012 at 6:59 pm

    I have had at least 12 calls in the last 3 months from “Mike Jones” who has a very strong Indian accent. Says he is based out of Washington DC. Gave me instructions on what to do with my computer in order to “protect” it. Instead of actually doing it on my computer, though, I wrote the instructions down. He had a hard time understanding that I have dial-up internet and couldn’t speak to him on the phone and connect to the internet at the same time. I wouldn’t have done it anyway. He told me if I didn’t do exactly as he said, my computer would crash. When I told him (on call #11) I didn’t trust him, he said “FINE, LET YOUR COMPUTER CRASH!” He also threatened to disable my computer! I told him he couldn’t do that because I wasn’t connected to the internet! I also told him to never call me again. He didn’t. Until yesterday. He sounded so convincing and I am so ignorant of computer issues that I decided to google this just to make sure it was a scam. Glad I did. I wish he would call once more so I could give him a piece of my mind…

  390. Webologist
    October 2, 2012 at 7:03 pm

    Cool. And glad you can access my site on dial-up. How long does a page like this take toe load? Not used dial-up in years.

  391. Richard
    October 3, 2012 at 10:32 pm

    I also just got a call saying that my pc have a very bad problem, apparently they said there were 8 comps running in my house when I only have 4, lol. So this indian guy tells me my CLSID and makes me check it in CMD, it matched. Needless to say They said they were from Microsoft DNS, so I called Microsoft and they said they wouldn’t call and free of charge installed web security essentials. Only free in Canada first time and for some reason microsoft charges U.S clients $99 dollars even on the first time but thats another topic for discussion. So the hackers told me to visit semanticinfotec.com where I was supposed to download the program for them to hack and rinse me of my identity. They were very persistent when I told them I was going to call Microsoft they prompted to give me a fake microsoft number 213-412-0012.
    The funniest thing I thought was when an indian voice is telling me that his name is Max Cohen lol.

  392. Mark
    October 15, 2012 at 4:53 pm

    I received the out of date Windows phone call today. They checked the .zfsendtotarget trick. They wanted their tech support to remote into my computer. RIGHT.
    The website he said to visit was pcpestfix.com and their phone number was 1-888-347-6441.
    They have phone 3 times in 3 days. Very annoying and clearly B.S.

  393. Steve Elliott
    October 20, 2012 at 4:18 pm

    Thanks for this page.
    I found it while on the phone with one of these guys.
    After 8 minutes, I took the advice and asked him for his company name and phone number.
    He hung up.
    At least that was 8 minutes less he could spend with some more gullible person

  394. Annie Elizabeth
    October 24, 2012 at 11:52 am

    Hi there – have had similar problems. Today the company was called “ETechCo” apparently. A lady phoning with an asian accent, from a number that was withheld when I checked afterwards. Having had loads of similar calls in the past (the person who had our number before us was elderly and we get loads of calls from dodgy people trying scam old ladies :-( ) I didn’t even let her read through her script, I asked her about the company – where it was based, what it did – she got rattled and said “you’re not letting me talk”. I said “of course I am, but I want you to answer my questions not read from a script”. She claimed that she was calling from London. I said “so if I put my phone tracer onto this line now it will show a London number?” … and she hung up. The invisible magic “phone tracer” did the trick.

    In the past I’ve just played really really dumb. What computer? What broadband? I don’t understand. Inter-what? You must be mistaken. My kids think it’s hilarious.

  395. Webologist
    October 24, 2012 at 11:56 am

    Once I told a caller that I did not know what a computer was. She turned to a colleague (obviously thinking I was deaf too) and said “this stupid man does not know what a computer is, where does he live, on a farm?” or something like that. When she came back to me I informed her that I could hear what she was saying, she did not like that much!

  396. Stephan (Netherlands)
    October 25, 2012 at 11:15 am

    Hi,

    Earlier today I received a phone call on my home address from a girl with a very strong Asian accent, located in (what I could hear) an very busy office, representing ‘a company that was hired by Microsoft’ (unfortunately I can’t recall the name of the company, also the connection was very bad). She told me about the error messages that they were receiving from my computer.

    At first I was very suspicious. But when she spoke out the same CLSID number as the one that was shown in my windows command prompt, and the first Google result on ‘CLSID’ showed me that het CLSID was ‘a unique number’, I gained some doubts about my suspiciousness.

    She guided me to the error messages on my computer, and said ‘we’ve received so many error messages from your computer, how many do you see?’ At that point I came up with a little trick. I saw 162 error messages, but told her that I saw as many as 245 messages. She pointed out that ‘her company have received more than 200 messages from my computer and because of that, her supervisor would guide me through the rest of the process, to make sure that this problem would not occur to me in the future.

    Her supervisor had a typical English/American name (first name Richard, I can’t recall his last name but you’ll get the point) which was very strange in combination with his obvious strong Indian/Pakistani accent. He was unlike his female collegue very hasty and wanted me to type in an address in my Windows command prompt. It was something like ‘www.yco’ and at that point I said ‘hold on for a minute, there is someone at my door’. At that point I googled ‘CLSID phone call’ and the first result was the title of this blog, which took away my last doubts whether they we’re trying to scam me or not.

    So I asked the guy why he wasn’t trying to make me go to a Microsoft website. He came up with the ‘partner’s story’ and I asked him why he was trying to scam me. He instantly hung up the phone.

    This is not an common scam in my country. I’m from the Netherlands and the Google does not show me any Dutch search results of (Dutch) sites where this scam is reported or being talked about. Therefore I don’t think this scam has occurred much to people in our country, unlike other scams like the fake login sites of banks and stuff. These login scams have caused a lot of trouble in our country and because of that, the media are constantly reporting about these scams and are informing the people about how to protect yourself against these kinds of scams. I can only hope that these messages from the media did their job.

  397. Webologist
    October 27, 2012 at 11:07 am

    This is good: The cold call victim who fought back – BBC News

    “I said to them, you need to stop calling me and, I said, if you keep calling me, I’ll charge you £10 a minute for my time to be talking to you,” Mr Herman said.

    “I presumed that would be the end of it, but to my astonishment they called me again.” – Richard Herman

    He sent an invoice and they paid up. Although he had to wait for the overseas call centre to pass him on to the UK offices.

    In the Internet security scam the whole thing takes place overseas, so not possible to do in this case. But a good lesson – we should all do this!

  398. Ian
    November 10, 2012 at 12:27 am

    Got a call today from one of these things. Think they said they were from microsoft. They used the website fastsupport.com to open screenshare on computer. unfortunately i fell for it. Luckily i didn’t have money to buy anything and the guy got pissed when i told him i couldn’t buy their stuff.

  399. Josie Familia
    November 13, 2012 at 9:20 pm

    This also happened to me, but I let them onto my computer using ammyy. I can’t believe I did it, and now what can I do? I have turned off that computer. Can they get onto another one in my home? I didn’t buy their product but told them that I would call them another time. They were not happy with that. The person said that his name was Shane Watson (he didn’t sound like his name) and the phone number that they gave me was 786-600-1027, off of the website (PCsupportsquad.com) that they led me to.

  400. Webologist
    November 13, 2012 at 9:35 pm

    Hi Josie, did you see what they did while they had access? Maybe start by running your anti-virus software (update it first) and see if that picks anything up. Check your Programs list in Control Panel to see if there is something different / new. I am digging to see if I can find anything.

  401. Andy
    November 29, 2012 at 12:15 pm

    like others I have been plagued by these over the last couple of weeks, the same old story your computer is at risk we are working for microsoft looking after you operating system etc etc..
    This will be at no cost..anyway i told them I work for action fraud and could they give me more details…After a while on the phone of me saying but how can you not charge etc etc, the supervisor came on line and said if the probelm was serious then there would be a charge..they called themselves
    UNIVERSAL IT HUB..
    I kept them on the line for a good while and even told them time after time (little white lie) that I had an Apple machine, so didn’t understand the microsoft bit..they still persisted..Again the vulnerable or non i.t. people (like me) will get caught out and that is why I would like to get hold of these people in the flesh…

  402. Webologist
    November 29, 2012 at 2:05 pm

    I had 3 calls today already. And one a couple of days ago. I also told them I had an Apple, and the chap said that he will get the Apple team to call me later. I was less nice on the second call, which came about 5 minutes later. I made a suggestion that the caller will not go to heaven if he keeps lying to me.

  403. Louis Hughes
    December 3, 2012 at 11:40 am

    Had a call today from someone (strong Indian accent) purporting to be from World Wide Web Services (Number ——— on my phone display), telling me my computer had problems. I was immediately suspicious, and when they asked me if I was the main computer user, I said No. The caller just hung up straight away!!

  404. Dale
    December 9, 2012 at 7:17 am

    I recently got one of those phone calls and I did what you did. I played dumb and went along with it until they asked me for money. I then looked up their site and it looked like a real website but I did not click on anything. I then exited to my desktop and left my house for a few hours. When I returned all my desktop icons were gone! And my computer will no longer let my create shortcuts on my desktop. I don’t know what to do. Can you help me?

  405. Diane
    December 20, 2012 at 2:50 am

    Hi, I just got my second call from such a scam. The first was a few months ago, she was foreign and very abrupt with me, leading me to beleive she was an official and I was in deep trouble because my PC was sending out malicious messages to people who were complaing. She wanted me to go to my PC imediately and type in some web address, I said ” and allow you into my PC, are you nuts???? She hung up. the call I just got was from Sam, sounded like he was from India, he gave a similar speal and I stopped him and asked his last name…he said…ummmm Williams, I asked for his company name he said Global PC support 247, I asked for a phone number, he gave me 347-352-0133 ( I looked it up and there was a warning VoIP phone from NY,NY.) He said ” I know you will hang up and not call me back, I asked ” Sam, what was your last name again”? He hesitated and said Williams…I said ” you dont sound sure of that” He laughed and asked me if I were with the CIA….he asked me again to go onto my PC and I said I was busy, he asked me what I was doing….I said it was none of his business, we both laughed. I think at this point we both knew he was getting no where with me so he decided to flirt with me instead…moron.. I said good night Sam and hung up. I looked at the caller ID and looked that number up ( 212-456-7890 ) and it came up as TRASK INDUSTRIES 488 Madison Av, NY, NY. Not being very computer saavy I opted not to go into that web sight though, but looked up the “company” he gave me and I ended up here….hmmm I wonder if this is in itself a broader scam, I hope not. I will let my mom know about these calls though because she loves going onto facebook and she would be very trusting….Sam also asked me how old I was, I would bet he was hoping to target a much older person. thanks, Diane

  406. Webologist
    December 20, 2012 at 11:04 am

    Hi Dale, not sure really. Is the problem still there? If you did not grant them access they could not have done anything. Unless you downloaded something. If all else fails, reinstall OS after saving all important data to a secure drive / disk.

  407. Monica
    December 20, 2012 at 1:51 pm

    Hi there,
    I just wanted to let you know about a new scam. This was the second phone call in 2 days. The phone number comes across as an 866-xxx-xxxx. They asked to speak to the owner, which I said was me. They said they were calling to improve my website – I don’t have a company website. He asked me to go to my computer and type in something so that he could take control of my computer to improve my website. I told him I don’t have a website again, he then offered to make one if he could get control of my computer. I know that you should never allow anyone in your computer, I told him I’m not interested and hung up. 2 days later my husband answered the phone (he’s designs circuit boards) and got the same call. He told them to stop calling. Since their phone numbers are coming up on the caller ID, do you think there is a way to trace them and turn them in to anyone?

  408. Webologist
    December 20, 2012 at 2:06 pm

    Sounds odd, even if they can access a computer they should not be able to access a website to change it. Unless they hope to access a CMS like WordPress. No idea about turning them in to anyone, I think all we can do is talk about it to spread awareness.

  409. Monica
    December 20, 2012 at 2:17 pm

    I don’t think they could do anything to a webpage from my computer but wanted you to be aware of another type of scam – trying to get into our computers to access our personal information. Thanks for posting! Happy Holidays!!

  410. Claire
    January 7, 2013 at 7:40 pm

    My dad has been conned today out of £157.00 from a company called Blaze Software. They said as he Had not registered to Microsoft with his new laptop, he has files that would corrupt his whole system if he did not download there software. Have told him to stop any payments from his credit card and take the pc back to pc world for them to check. Hate people like this that pray on people who are not technically minded. Thy even gave my dad a website to look at to prove they were who they say they are.

  411. Sam
    January 9, 2013 at 2:25 am

    I managed to keep the guy on the phone for 20 minutes and he finally asked why I didn’t just hang up since I was wasting his time! I told him that was the idea, to see how long I could keep him on the phone so he couldn’t call someone who might buy into his scam. After berating me he hung up. It felt good.
    It’s my mission in life to see how long I can keep a telemarketer on the line when they call me. My personal best is 42 minutes!

  412. Caitrìona
    January 14, 2013 at 5:07 am

    The Asian computer scam calls lessened somewhat for a wee while at the end of last year, but now they are back calling me each day starting in the morning with a few more calls throughout the day.

    I have reached the end of my patience and am on the verge of saying something truly vile.

  413. Webologist
    January 15, 2013 at 11:21 am

    Speak your mind Caitriona. There is not much I have not said to them! On one of the last calls I asked if they were religious, and when they said yes I asked if their religion punished people who lie and deceive others for financial gain. They hung up.

  414. Caitrìona
    January 15, 2013 at 9:38 pm

    “Speak your mind Caitriona.”

    A wee word of warning, Mr Webologist. Never, ever tell a Scot to speak his or her mind. We’re an outspoken lot, and it will only end in tears. ;)

    So… we received another call this afternoon at 3:20pm. I told the scammer that I had a Mac. The last time I tried this it didn’t work. That time the man kept haranguing me, repeating that I was lying and I really had a Windows PC. This time he thanked me and rang off. (Truth is, I have both.)

    I’ve often told them that we have no computers, adding a demand that these people stop bothering me. That usually results in a tirade from the Indian scammer where he keeps repeating that I do have Windows computers and am lying to him. (I WAS lying.)

    Telling the scammer that I’m onto his scam only results in a tirade of abuse.

  415. Webologist
    January 15, 2013 at 10:15 pm

    Sometimes you can just tell when it will be fun to play with them, often best to just hang up. I have tried telling people I do not own a computer, that I use Apple or Linux, that I surf porn all day and expect viruses, that I blog about scammers such as them. I am actually starting to get a bit bored of it all now. I once even asked when someone will come to clean my windows for me, and what sort of virus is on them, SARs? That was a while back. Maybe I will do that again.

  416. Stan
    January 26, 2013 at 5:52 pm

    Hi Webologist

    Have you had any of the scammers called ‘swaptech4u’ or ‘swappccare.com’ as I think i have fell into the trap.

    Kind regards
    Stan

  417. Webologist
    January 26, 2013 at 6:43 pm

    Hi Stan, I have not heard of them, but looking at the swap pc care website, it looks like the usual rubbish. The domain has been around since May 2011, the domain owner is based in West Bengal, India.

    Do you know what software they have installed? Sometimes there is nothing “bad”, it is just not required and a waste of money.

  418. DudeX
    January 31, 2013 at 1:56 pm

    I also got a similar call today.
    Something about my computer sending malicious packet somewhere.
    I asked what Ip address it was coming from (ie my ip address)..he wasnt allowed to tell because he need to verify im the owner, huh?
    I asked what OS it was coming from, he couldnt tell because the unique number apparently could be on any OS, huh?

    I ended by saying he was a scammer and his parent probably wasnt proud of him.

  419. SF
    February 6, 2013 at 11:32 pm

    Hi,
    Have you heard about the site rapidpccare.com ? They called me today and pretended to be from Microsoft. Unfortunately I fell for it and then they made me go and download ‘technician 3′ from their website at which point the guy on the ph who was obviously from India but was pretending to be from New York, ran some stuff on my computer. They told me my windows 7 backup system had expired, and I had a bunch of different spyware on my computer. Very slyly and only once he told me that for a one time subscription I would get lifetime worth of protection. I was so confused. I was even on the website and it did not seem legit. I got worried. I mean all he talked about was that my computer was full of spyware. At that point I was said my brother who is a computer engineer will help me and I’ll ask him and call you back. At that point he got really worried and started to delete the system called “IOBIT” or something on my computer that was letting him control it and hung up quickly.
    I am worried now. Can they have access to the files on my computer because my bank information is on it and a bunch of other things.
    Please help!

  420. Webologist
    February 6, 2013 at 11:49 pm

    Gggrrr.

    OK, the first step would be to boot up in Safe Mode Without Networking (usually pressing F8 when booting to get the option) and then opening Control Panel and looking at the programs. See if there are any other new ones installed and if they are not ones you added, uninstall then.

    Then run anti-virus and anti-malware (see the Free Anti-Virus and Free Anti-spyware links in the article). Hopefully these will all come up clean. Then install a Firewall. This should not allow any program to access the Internet unless you confirm – and if one tries to access the net you will see it.

    Now, as an extra measure, you may want to remove any banking details from your PC. Not sure what you mean as such though. Personally, I store no banking details on my PC. I also do not allow browsers to save logins/passwords for banks, PayPal etc.

    If you think something is still there, then the only really 100% full proof option is to back up all your data (emails, photos, docs – everything) and do a full Windows reinstall, wiping out the current OS.

    This is of course a big PITA. But, if you do not currently backup your data off the main hard drive, what would you do when that fails (note, not if it fails – no computer hard drive last forever)?

    It is good practice to back up on a regular basis for these 2 reasons – to save you data from total system failure and to save your data from hackers.

  421. Hans van Haren
    February 9, 2013 at 9:42 am

    Hello,

    I got a call today from this scam. I have his phone number. Is there somewhere I can report it in order to stop these people ?

    Regards,

    Hans.

  422. Webologist
    February 9, 2013 at 9:50 am

    In the UK you can contact http://www.actionfraud.police.uk/

  423. Simon
    February 16, 2013 at 6:10 am

    I just got the call. Asian lady claiming to be Microsoft support. I knew it was a scam but played along. Got to the CMD/ASSOC command and she read back my ZFSENDTOTARGET CLSID number (I am running XP on a 2003 computer and the number is the same for that as well.) At that point I googled ZFSENDTOTARGET and sure enough it is a scam.

    I’m a pretty sophisticated computer user, computer programmer by profession, had a computer since 1986. But I wonder how many people are going to fall for this scam?

  424. Hennie
    February 18, 2013 at 3:24 pm

    Just had a call from them as well, in Germany. Typically Indian accent, mostly the standard protocol as described above. I did not believe it all, but as I had had some correspondence with Microsoft last week about blacklist issues, I thought there was a small chance this was a followup. I mean: if there really was some virus on my PC, that one could be sending out emails and thus getting me on blacklists. So I decided to play along and see where we’d end.

    After the intro, I asked him where he got my phone number and got some answer like “We are responsible for Microsoft support.” Hm. Then he went into the Assoc verification. That got me a bit more suspicious, because I told him we have 5 PCs on our home network sharing the same IP, how could this guy be so sure the code would be on this one PC I was using and not any of the others?

    Then e started talking like “Now look at the left bottom of the keyboard. You will find a key with CTRL on it.” I told him I am a computer engineer and use the command box everyday, so he didn’t have to go into that much detail. He then read out the zfsendtotarget code which matched. I replied: “That’s correct”, and then he suddenly disconnected. No idea why. Maybe he suddenly realised that I’d be a difficult victim?

  425. Stein Goering
    February 20, 2013 at 9:55 pm

    I’m in the USA, in Wisconsin. Just got one of these calls today – it sounded suspicious from the start but I went along for a while just to see where they’d go. Got as far as the CLSID thing – at which point I asked him to give me my IP number. If he knows that there are problems with my computer, then he’d surely know that. He said he’d have to transfer me to his supervisor, at which point I’d had enough and hung up.

  426. Michael
    March 5, 2013 at 4:23 pm

    i just had a call from these guys and they didn’t even block their phone number: 0097482013. they said they were from microsoft and that i was being hacked by people. they wanted me to go to a site which had logmein hamachi and a 6 numbered code but they hung up on me.. hope it helps a bit.

    michael

  427. Maria
    March 17, 2013 at 1:45 pm

    I was in the middle of dealing with children when a company called WINSOLVESUPPORT called me. He told me that my computer was sending windows alert and they had been given my name to help me resolve the problem. I can’t remember what he had me type in but sure enough I had a bunch of error and alerts show up. He told me that he could fix this for me. He told me to go onto a site called AMMYY. Not being computer wise I thought he was going to show me steps to fix the problem but when I used AMMYY it then gave him complete access to my computer. Stupid me. I finally caught on to what was happening. He showed me names of people that were hacking into my computer and stated that the computer needed to be fixed and stated it would cost $299. When I told him that I had to talk to my husband before making the purchase he became very persistant. I tried to make excuses but knew that he had complete control of my computer and I was scared he was going to do something to it. I ended up paying him $150. I know I know stupid again. When all was done and completed, I had software put onto my computer. I contacted a company “MY CURED COMPUTER” to check my system out and fix it. WINSOLVESUPPORT did not remove virises but left me with some. I hope that my mistake will help others with this post.
    Maria

  428. Webologist
    March 17, 2013 at 1:47 pm

    So sorry to hear that Maria. These people are complete scum.

    Tell everyone you know, get them to tell everyone they know. Maybe in time we can beat these scammers.

  429. Robin Hewitt
    March 20, 2013 at 2:10 pm

    I just had the Windows Support Centre in India calling about my PC which has been hacked, Windows cloned and if I don’t cooperate they are going to cancel my licence.

    I run Win98, XP, Win7 and Win8, which is it? Win7.
    Where did they get my phone number? Through my ISP.
    Which ISP? I have 2. Changes the subject.
    Do you work for Bill Gates? Doesn’t know who I am talking about.
    Do you work for Microsoft? No, he works for Windows.

    He accuses me of being uncooperative and uneducated after which I start having fun.

    Eventually his buddy has a go then they give up and my Windows licence will be cancelled next week.

    I did this search to try and find out what cmd they were trying to get me to type. Thanks for the info.

  430. Christine
    March 27, 2013 at 9:15 pm

    Thank you forosting this useful information! I received a phone call today from “United Protection Services Organization”. They told me that they were receiving notifications that my computer has been hacked and offered to help me solve the problem, but they need to make sure they have the right person. It sounded really crazy, but I wanted to know what was it about. They made me check the “Unique ID Number” which according to them is unique to every computer… I checked and it she read the one she had, of course it matched perfectly (Start – Search – CMD – assoc). Afer this she guided me to google to download ammyy, a software for remote control. I stopped inmediately because I lnow what it means (my husband works with this kind of softwares at his office) and asked her how she related my ID unique number to my name and phone number, she skipped the question talking about the download. I told her that I was not feeling confortable with all the situation and that as I dont know much about computers, I prefer to wait until my husband comes from work so he can deal with it. She reacted very rude saying they are trying to help customers and they dont have time to deal with people that are not interested, and asked me if I want her to just hung up… I started laughing and said “are you serious?” She got mad and told me she’ll better call later to deal with my husband directly. I could not believe my ears… This was the worst scam ever… They need training in customer service lol

  431. Ludovic
    April 2, 2013 at 5:27 pm

    Got a similar call today, from 24 pc solutions. The caller even gave me a company registration number. But it is not a UK one, if it is a real one at all. They even have a website, but no contact details.
    Anyway I hung up quickly.

  432. Dale Battson
    April 5, 2013 at 3:15 am

    Windows Care tried the scam from telephone 866-539-8674. Said I had 300+ attacks on my ip address and asked why would that be? Said I had to run and I’ll call back. I won’t call back.

  433. Charliegirl
    April 8, 2013 at 4:58 pm

    Have fallen for these scams and have written money off. However, I have had a phonecall from 247pcsupport who want to refund my money as they have had a problem with the software they installed (remotely). Last time they tried this they actually tried to debit my accounts. I have had to change both credit and debit cards, taken computer to a local shop, paid for Kaspersky and for a complete clean of all software that I don’t need etc… I rang my bank again today and I could give them my account details (not security code or long card numbers) and see if they do actually credit my account. I am apparently not putting myself at any risk. I shall now await their phonecall again and try this. PLEASE BE WARNED everyone – I have been very vulnerable in the past few years ad have paid the price.

  434. Webologist
    April 8, 2013 at 5:15 pm

    Charliegirl, I would be surprised if they refunded you, but if they do let us know. Maybe consider setting up a PayPal account and sending them an invoice by email (get will need them to give an email address). They can pay your invoice however they like and your money should be sage in Paypal. You can then transfer to your bank. This may be safer than giving bank details – although I am sure there is nothing anybody can do with a sort-code and account number. You will probably need to give more than that though for payment from overseas though, which makes it sound a bit fishy to me.

  435. Charliegirl
    April 8, 2013 at 7:36 pm

    well – received the phonecall and as i assumed – they won’t pay back directly into a bank account. They wouldn’t do a paypal account either as ‘they have had problems in the past’!! said something about going to a local Western Union shop – i suppose this is to do with them being abroad. they also said that my bank would be contacting me to ask me whether i would want to accept this money – assume they are tryng to convince me it’s not being laundered. Anyway – i terminated the phonecall was not prepared to give them my card details and security number. THEY ARE VERY CONVINCING. Just hope no-one else gets caught as i did – but i’m afraid they will.

  436. James Watt
    April 11, 2013 at 8:31 am

    Mr Webologist can u tell me what is windows error reporting

  437. Webologist
    April 11, 2013 at 9:12 am

    Hi James, from Microsoft:

    “(WER) is a set of Windows technologies that capture software crash and hang data from end users. Through the Winqual website, software and hardware vendors can access these reports in order to analyze, fix and respond to these problems.” http://msdn.microsoft.com/en-gb/library/windows/hardware/gg487440.aspx

    This is something that you elect to turn on when setting up your OS. However, the errors that the scammers show are really minor errors most of the time – like getting a password wrong, force closing a program or other unimportant errors. And they certainly do not get any error messages from your PC.

  438. Carri-Ann
    April 16, 2013 at 12:47 pm

    I’m from South Africa and my mother and I were scammed this morning. Indian guy called my 60+ year old mother who isn’t very tech savvy. She called me to assist. Though my instincts were screaming that something was wrong, after reading repeated warning about computer scams, at the insistence of my mother and my lack of knowledge regarding the more technical aspects of the computer, I gave the scammer a listen. He pointed out the exact same errors and got me to go to http://www.startcontrol.com. He never once explain what he was about to do and I never asked. The minute he took control of the computer I wanted nothing to do with it. Unfortunately, he insisted on speaking to my mother who cooperated while I frantically scanned google. Various programs were loaded as he guided my mother through her PC, giving her a false sense of control by allowing her to click buttons he could very well have clicked himself. When he asked her to input her Visa card information, I stepped in and ended the call. While no card information was exchanged, I’m worried about what he could have removed or what he can access now. How do I protect that computer?

  439. Webologist
    April 16, 2013 at 12:54 pm

    Run anti-virus. Look at the programs in control panel and remove any new ones. I assume that when you use StartControl you have to enter a password or click a button to allow the other person to access? If so, you should be OK. Maybe consider setting up a free firewall (links above) to ensure that if a program requests Internet access you know about it.

  440. Carri-Ann
    April 16, 2013 at 1:28 pm

    It did require a password/code, generated by them, but I disabled their control as soon as I hung up and deleted all the programs they had loaded. Also ran the anti-virus and rebooted the laptop…twice *laugh*. Currently downloading firewall software. Thank you so much for your assistance and for this web page. Great job.

  441. Webologist
    April 16, 2013 at 1:31 pm

    Do you remember the names of the programs that they installed?

  442. Carri-Ann
    April 16, 2013 at 1:35 pm

    Unfortunately not. I was so scared and frantic about getting rid of it all, I didn’t pay much attention. I’ve simply spent all morning changing passwords and running every security scan I have access to.

  443. Geoff
    April 19, 2013 at 12:02 pm

    This was surreal! Just had a call from 002538020308 (which is apparently Djibouti) telling me the usual speel about my PC being infected etc. They usually ring when I tell them I’m an I.T. consultant and they are talking rubbish. This one didn’t, he passed me to his “senior technician”, he claimed to be from the “Windows Operating System Support Centre” at Microsoft. He waited while I powered up my PC, then took me through ZFSENDTOTARGET bit. I asked him how he could possibly know who I was from this code, could he tell me my ISP’s name etc. He siad the details came with the PC when I bought it. I told him (quite truthfully) that I’d made it. He just carried on (this guy had some balls!) he then took me into the Event viewer and starting asking about warning messages, and did I know what they meant. I told him again that I was an I.T. consultant and gave him chapter and verse about windows events. At this point he gave up and admitted quite calmly that he had no chance of scamming me, and that it was kind of a relief to be honest about it with somebody. As my 91 year old mother has been plagued with these type of calls, I laughed and asked if he could be a good guy and not keep pestering the elderly. He said “but they’re our best customers” and gave me the name of a 76 year old gentleman that he had so far had £1000 from. What can you say! I told him that he’d given me a very surreal start to my day, and rang off.

  444. Webologist
    April 19, 2013 at 12:05 pm

    That is shocking Geoff. £1000 scammed.

  445. Ashley
    April 27, 2013 at 1:08 am

    Got a call from BT TEC asking me if my computer was runing slow.
    I sead a bit he sead it is because i have got lots of spywear on my computer.
    I new this was a scam so went along with it for a bit to see if thay ask me if i am in front of my Computer and thay did then i sead bye.

  446. Mike Williams
    May 1, 2013 at 1:28 pm

    I can confirm the the same CLSID is present in both Windows 7 and Windows Server 2008 R2.

    As far as I can tell it’s the MS CLSID for the Send To “Compressed (zip) Folder”, which will be on all versions of windows since XP (might be vista though).

  447. Webologist
    June 3, 2013 at 1:13 pm
  448. Karen
    June 5, 2013 at 12:08 pm

    Just had a call from Rapid PC Care (www. rapidpccare. com) claiming the usual rubbish as per many comments above, including that they had my “customer licence ID”. I calmly collected various bits of information, then asked for a number so that I could check with Microsoft and call them back. Number was wrong but they were easy to find on the web.
    When I called back I chatted to the person who answered the phone, pointed out that I was a computer journalist and that they would be getting a call from my publication requesting quotes as to why they were claiming to have information about my PC that they couldn’t possibly have. He claimed the usual misunderstanding, so I advised him to change their company script for cold calling and also that they were in breach of the Telephone Preference Service guidelines as my number is listed on there.
    I doubt it will stop them but great to hear them even just slightly concerned – though I expect the next step will be just to change the company name they use to call people. But I don’t know why people are happy to let anyone access their PCs remotely without knowing who these companies are – you wouldn’t let someone walk off the street and start fiddling with your PC, so why would you let them do it over the phone?

  449. David
    June 16, 2013 at 7:55 am

    Friday night I received a call in Hawaii from “Lloyd Andersen” of Microsoft – the Caller ID indicated “Home Security” 971-217-9508. This tracks to a sprint number in Beaverton, OR. Since I have received these calls numerous times in the past, I didn’t stay on the line with Lloyd very long. I did ask him about the weather in India and he said it was raining. I wonder how someone in Beaverton is so in tune with the current conditions in India. After getting the updated weather report, I let Lloyd know that there was nothing wrong with my computer and hung up on him.

  450. Anton
    July 1, 2013 at 12:19 pm

    Thanks for the blog W. I had a call today following the same script. As a security specialist I was curious to find out what they wanted and how they’ld get it. I became intruiged when they asked me to open a cmd window dan list the file associations. At that moment I pull-up a browser and searched for zfsendtotarget and hit on your blog. Quite a disappointed, just a simple scam. And I was hoping to learn something new LOL.
    I kept them for about 25 min on the line simply by returning answers which were slightly off, instead of confirming I was running windows 8, I told them it was 7. Instead the copyright year 2012 I claimed it to be 2013 (LOL). And I made a small mistake in every GUID they asked me to confirm.
    That took 20 minuts of their time and I learned a lot on how these guys operated.
    I called it quits, when they told me(!) what my name was. I’ve a Dutch name, which is most of the time challenging for non-native speakers to handle ;-) For everybody out there; never, ever confirm by giving them the correct answer, the
    Altough I’m over 50, I’ve been one of the first programmers making applications for Windows version 1. Don’t try to fool me LOL.
    @W, great job collecting all these stories, I hope some people pick up this one, use it, and keep the scammers busy with less gullible people: let’s scam them back.

  451. SSNS
    September 25, 2013 at 4:41 am

    Thanks a lot for blog Webologist. We fell in to these guys trap over last weekend. We had an issue with yahoo email and tried to find help online. We found a link (in google) that directed us to a spoofed up web page that looked exactly like yahoo. It listed a customer support number for yahoo email issues. We just called that number and a jerk with thick accent answers the call saying that I reached yahoo customer service. He took my email address and told me that he will help to resolve the yahoo email issue. He told me that my computer could be infected or our home network is compromised. In order to resolve, he told me to go to 123rescue.com so that he can connect to my laptop and look at what’s going on. I did a quick look at the site and read briefly about. This site is being used by well know companies for customer support. Thinking that Yahoo started using this site to resolve the customer issues, I followed the jerk’s directions and entered the number he gave and clicked OK to grant access to my laptop [I know that I did stupid mistake]. He told me to enter my email address and phone number in the logMeIn Applet (chat window!!) that got downloaded. Then he handed the phone over to another jerk with thick accent who then told me that my laptop is infected and network is compromised. In order to fix, he will charge me $99. At this point, I realized that something is wrong and I closed the applet saying NO to accept any help. [I am not sure what the other was doing while th second guy engaged me in to talk]. He told me that we are running Norton Anti Virus with smart firewall turned on. Then that guy hung up and I cleared all cookies and cache before shutting down my laptop. Later on, I started my latptop in safe mode and deleted the downloaded applet. I changed my yahoo email password and my laptop login account password. I also searched in C:\Temp directory and found prefetch file LogMeIn.pf. I disabled some of the unwanted IE plugins (there wee no new plugins added by these guys). I deleted that file too. Later on I changed the SSID and WiFi password. Once I booted the laptop in normal mode, I found missing icons in the system tray: wireless, synaptic mouse controller, volume control, etc. I had to manually install the drivers for all of the missing one to get them show up again. All in all, I shared my laptop for about 5 to 10 minutes. We are concerned to know what could those jerks could have downloaded or installed within 5 to 10 minutes. Is there anyway to find out? Is it better to reformat/reimage? Please let us know. Appreciate your help.

    Thanks

  452. SL
    September 28, 2013 at 8:21 pm

    Okay, as of end of Sept 2013, they are still at it. But a few new twists. They have tried me twice now. First, the Indian accent is a dead giveaway. The first time, they said they were calling from Microsoft, the second time they said they were calling from Windows. I wanted to ask them if they would please come clean the dirty windows in my house!

    Anyway, the new twists is that they either try to convince you that the errors in your event log is being generated by some rogue program, or they tell you to go to TeamViewer.com to download and install the software. Now, for those who are not familiar with it, it is a remote control software that gives a remote person control of your PC. You can guess what the next few steps would have been.

    I wish I had more time to play along. Unfortunately, I had to cut the call short because I was laughing so hard I dropped the phone. As to the errors in your event log, there are some errors occasionally that is generated by Windows, but many of them do not need fixed. Oh yes, ask for exact date and time stamp of the event log they are referring to. That will shut them up or most likely you will find there are no error logs on your system with that date and time.

    Apart from that, I advise playing along. Sound unsure, hesitant to touch a computer. Be exclamatory. But do not install any software they ask you to install, or preferably do not go to those websites even. Maybe pretend that you are seeing a different page than what they expect. Play with their heads instead. The next time I think I might record the call – the pleading tones and babyish instructions are too funny. In other words, have a little fun at their expense.

  453. Andy
    October 12, 2013 at 9:58 pm

    Thanks for this info. I had a guy call yesterday. Indian accent. Decided to play along these time, and see what they’re trying to do. They went by the name “Cyber” something. Asked the guy where they are located. He said New York. (I’m in the States but no where near New York.) I asked what their street address was. He could only give me a zip code. He says he’ll call me back, then a supervisor, with another Indian accent calls. Sound very self-assured, gives me his name, and finally gives me an address in New York. I said “if you’re getting all these error messages from my computer, you must know my IP address”. But he couldn’t tell me that. He gives me a big long number, my “CLS ID #”. That’s what led me to research more, as I’d never heard of such a thing. The supervisor was really rude – called me a liar when I told him the name that the other guy had given me. Not very good salesmanship! I don’t plan on talking to these types anymore, except maybe to tell them to get a real job.

  454. Kathleen
    October 17, 2013 at 2:57 am

    I got a call today, and I played with the guy, he was following a script and told me he was subcontracted by Microsoft to call. I told him wow, I work at Microsoft (true) and I asked him what his email alias was. He asked be to run event viewer to see if there are errors, I said yes, then he told me he needed to confirm the License and I told him that this is not a unique #

    Then he started yelling at me saying that I thought I was all smart and I knew nothing about Computers. I told him I work for Microsoft and I hate scammers like him. Did he realize that he was stealing from innocent people and he was a loser. I hung up. He called back and was vulgar to me telling me he wanted F#$k my p**sy, that is where my husband picked up the phone and told him to get lost.

    Unbelievable that this poor guy, was so intimidated by a real Microsoft person and who told him he was a loser.

  455. sleep
    October 17, 2013 at 1:33 pm

    got a call from someone from india. they said I had errors and my computer was a slave to hack material . I had errors in viewer and they was proof of it. wanted me to use teamviewer to see the errors.
    repair one time 99.00, 2 years 150.., 10 years 499.

  456. Anita
    October 17, 2013 at 8:54 pm

    Hi Webologist,
    From Vancouver, Canada
    I had a call yesterday saying that they are from the Public Safety Canada from the department of Canada US cross Boarder Forum CBSF saying that my wireless and pc has been hacked and from seven computers through my PC hackers are accessing the banking passwords of other people for which I will be held responsible. We had a long conversation as I tried to make sure that I am dealing with a genuine call. Since they used a legitimate agency name telling few things about it make one feel that it is a legitimate call. They gave me a 18778984236 number to reach which I tried, no one picks up and when asked about it, they said they don’t want public to call them as it will spam their system and they can’t attend to genuine threats. They told me that they are calling me from Ottawa and there is no local office ( when I asked why local office is not trying to contact me). I tried the local non emergency police number to see if it is a genuine call, asked if they can give me a number to report this to a proper agency to make sure if this is genuine or fraud, the officer didn’t know and told me try later and report if I have again concerns (also asked me to try the phone number which scammer gave me). Some of the stuff scammers told is genuine which anybody can find it from the web; they also told me that CBSF doesn’t privide the contact details as they do not want them to contact them saying petty complaints like hacking the computer or virus in their system. They only call the targeted victims and rectify the problem. so they asked me to run windows r (run command prompt) and run assoc comand, later they asked to run http://www.ammyy.com from the command prompt which I did, then a web page opened which is ammyy.com. At this stage I understood that they are asking me to connect to a cloud server and I didn’t yield.
    I tried to contact public safety Canada and left the message, they called me back today and left the message that call does not look fraudulent!!. Luckily they also gave me the phone number of the Canadian Antifraud Centre. When I called they said that it is a scam. Also found this website to confirm this (Thanks). In this case they were using a legitimate safety agency’s name and doing fraudulent activities..

    What made me suspecious; 1. No local authority calling me to report it;2. Came as an Out of area call,3. Line connection is getting lost many times and infact they were asking me why I am hanging up on then, when I was not.
    I am running antivirus AVG now, will remove any recent unknown programs installed and a system boot up to few days before configuration.

    Now I have a question to you, if you can help me with that it will clarify some of my thinking..
    By running cmd prompt typing http://www.ammyy.com, did I already run their programs on my computer?. My knowledge is that I just opened the web page using cmd prompt; no programs are automatically downloaded. I have not downloaded anything myself even though they were aggressively asking me to download it.

  457. Webologist
    October 17, 2013 at 9:33 pm

    Hi, you should be OK Anita. Ammyy.com is a Remote Desktop Software service. The next stage would have been for you to authorise a them to connect to your computer and they will then be able to access your hard-drive and install programs etc. Sounds like you stopped them before that stage – well done!

  458. Lynne Roberts
    December 10, 2013 at 8:51 pm

    This morning I got a phone call asking me if I was Mrs.Roberts.I said”yes”.The woman who said she was called Margaret in broken English told me she could speed up my computerand said she was from P.C. Wizard.she asked me if my computer was in front of me I said”no”.She then asked me to turn it on,to which I replied “no,I think this is a scam and if so this is illegal and she said it wasn’t in an alarmed voice.I said “goobye” and hung up.My phone displays call numbers and hers was 01923770100

  459. James
    December 28, 2013 at 9:39 pm

    I had them call me today to tell me that there was someone hacking my computer.

  460. EV
    January 23, 2014 at 6:49 pm

    Got a call at 12:14 PM EST on 01/23/2014 from 783-114. The caller(Indian) on the other end stated that my “personal” computer was generating errors on their system. I asked how he got my information and he kept insisting on that he got my name and phone number from my CLSID. Absolutely b*******. Being an IT administrator myself, I knew this was a scam from the start, but I was really curious…

    What company are you calling from? “Windows Desktop Services.”

    Are you soliciting services? “No.”

    Then what is the purpose of this call? “Your personal computer is generating errors on our servers.”

    The caller then asks me if I am a certified Windows professional. “I am an administrator.”

    What is the originating IP address? “I cannot give out that information.”

    You called me and said that my “personal” computer is generating errors on your servers. What do you mean you cannot tell me the IP address? “If you don’t want our services, then hang up!”

    Oh, so you are soliciting services? “No.”

    Hangs up.

  461. Nick
    February 22, 2014 at 8:46 pm

    Called today during evening meal (which then went in the bin). As described by EV above, but I kept her talking long enough to go through the CMD->ASSOC->ZFSendToTarget CLSID “validation”. Not heard of this before and my skepticism shamefully took cover at this point, but not entirely: she then talked me through viewing my event logs (which I do every day anyway – nothing new in there). At this point, she realised she was losing and passed me to her “supervisor”, who tried to use his “gravitas” and sounded very official. The call ended after 5 more minutes with me shouting blue murder at him while he talked over me constantly. He hung up. And I’d like to think took an overdose of paracetamol. Claimed to be OnlineTechGuys.com but who knows. Malicious people whoever they are. Come back double glazing salesmen, all is forgiven.

  462. Chris
    April 23, 2014 at 2:45 pm

    Had a fun 25 minutes on the phone with “Telstra Technical Support” who rang to advise me they will be “cutting off my internet as my computer was infected and sending viruses to the internet”. For some reason, Telstra outsource this service to people with very heavy Indian accents. I was told that unless I allowed them to fix my PC it would be disconnected within a week. When I tried to tell him that my ISP was not Telstra but another company, he insisted that this other ISP used Telstra. To prove that they had the right PC, he got me to open a command prompt and type the assoc command. As you’ve already said this command just shows the existing file associations on the pc. Near the end is one for .zfSendToTarget which points to the CLSID for accessing compressed folders. This CLSID was apparently the licence key for my PC, which he read out to me over the phone. BTW, this so-called “unique ID” is the same on almost any Windows PC, so its not surprising that they were able to quote it to me. After “proving” this was the right PC, I was then passed over to their “technical support” team. This new person [Freddy], also with a heavy Indian accent, asked me to open event viewer so that I could see “all the errors” my PC was experiencing. I was then asked to open the %temp% folder so that I could see all the “dangerous files” that were filling up my hard disk. As I regularly clean out this folder there were only a few files of a couple of MB. However he insisted that these files would only grow in size.

    When he asked me to open a browser and navigate to their “web support site” so that I could download some “important updates”, I had had enough fun. So I started asking him some questions of my own. I asked what Operating System my PC was and he told me it was Windows, but couldn’t tell me what version. I then asked how they identified my PC and he tried to spin the CLSID line again. So I asked what IP address the errors were coming from. He read out a string of about 20 numbers and characters that were nothing like an IP address. Then I told him I have a static IP address and that what he had just read out was not an IP address and did not resemble my IP address. Still not fazed, he asked me to open up another command prompt and type ipconfig to prove he was right. This supposedly showed the IP address where the errors were coming from. When I told him that was a private ip address he showed the first signs of hesitation and I then suggested to him that he was trying to scam me. He insisted that he wasn’t and repeated the Telstra Technical support line and that my internet would be cut off if I didn’t cooperate. When I persisted he actually told me off for wasting his valuable time and then he called out to someone near him to commence procedures for cutting off the internet at my address and he cited my actual home address in his instructions. And then he promptly hung up.

  463. Webologist
    April 25, 2014 at 9:39 am

    Well done Chris. The last one to call me was really rude. When I asked her what OS I was using she said “operating system eff, you,. cee kay, oh, eff, eff” and then hung-up. I considered that a great victory.

  464. Marie
    April 28, 2014 at 4:29 pm

    Also got this call today from 855-262-8296, she said she was in Illinois. I asked her if she worked for Microsoft, she said yes. It was the Windows Security ID scam and that my computer emailed her that there was a security problem. Same old Look in Event Viewer lines… I like to keep them on the phone as long as I can to prevent them from getting someone that will actually believe them. Longest I have kept them on line was over 30 minutes :)
    At the end, I let them know they are doing bad things and causing problems. Some of them seem genuinely surprised, and I have had a few argue with me for a few minutes.
    Once I tell them I work for Microsoft, they hang up pretty quickly.

  465. Gerry
    July 15, 2014 at 6:29 pm

    I just got one of these calls .(from microassist) I am always skeptical of any email or phone call so i just played along to see, being careful not to give any information. When i said i wanted to do some research he said he was going to cancel my certificate with microsoft immediately if i didn’t do as he said. I said ok . i’ll call you back after i contact microsoft. He said “i could put my computer in my ass”. Nice talk for a respedtable business rep..LOL

  466. Kelly Kanellakis
    October 7, 2014 at 5:44 pm

    Today I had a VERY similar call – Using the CLSID Scam. I knew it was a scam but played along for a while. It was quite interesting.

    They followed the script almost to the letter.
    This time though they claimed to be from Public Safety Canada – which is quite entertaining. Here is what Public Safety Canada had to say:

    “Q: Respond to a call from Public Safety Canada wanting to access my computer.

    A: These callers do not represent the Government of Canada. If you get such a call, hang up. Never give remote access to your computer in response to an unsolicited call. For more information, visit Get Cyber Safe’s Fraudulent Calls [ http://www.getcybersafe.gc.ca/cnt/rsks/scms-frd/frdlnt-clls-eng.aspx ] page.”

    Anway – they eventually gave up and hung up on me once they realized I was wasting their time more than mine :-)

  467. Caitrìona
    October 30, 2014 at 5:11 am

    I just returned from our other house which happens to be in rural France.

    One afternoon a cold call came in on the French landline. I answered in French, as I always do. The caller responded by asking in ENGLISH whether I speak English, before proceeding to give me the usual ‘I’m from Vindows’ spiel. (I noticed that he had a heavy Indian/Pakistani accent.)

    This call sounded exactly like the calls we get at the house in the UK in style, form, and content.

    How did these people get that number? We seldom use it. Furthermore, this house is located in the arse end of Brittany in a village is too small to have a church or a post office. No one speaks English here. (They barely speak French.) We are not in an area where there are colonies of expat Brits. There aren’t even any individual expats. (If there were the neighbours would tell us about it.)

    Are these parasites now targeting the French? If this call is typical, these callers appear to not speak any French. They would have to call many thousands of uncomprehending French locals before finding even one other Anglophone. I don’t see how this can make economic sense to them.

    As for the situation in the UK… it’s as bad as ever. :(

    Today an Indian cold caller asked me whether I am bothered by unwanted telephone calls. He went on to offer me a service to prevent these calls. (Oh the irony!)

  468. Webologist
    October 30, 2014 at 11:25 am

    That’s crazy Caitrìona.

    I too had a call to sell me a service that stops cold calls. We probably had a very similar conversation, mine went a bit like this:

    Them: Do you receive too many nuisance calls?
    Me: I am receiving one right now, so yes
    Them: Our service can help prevent these calls
    Me: Really? I am already signed up to the telephone preference service
    Them: But we are not like that company
    Me: No you are not. For a start you totally ignore the fact that I signed up
    Them: Well, we can help reduce your calls
    Me: How? How can anybody stop another person dialling my number?

    He failed to explain how it worked so I declined his generous offer.

Leave a Reply

Your email address will not be published. Required fields are marked *