Click here to visit Original posting
Remove the Admin user is disabled Tech Support Scam
- Tue, 22 Nov 2016 18:06:12 EST
- Read 3483 times
The Admin user is disabled Tech Support Scam is a Trojan from the Trojan.Tech-Support-Scam family that displays a fake Windows login screen that pretends that the Admin user is disable due to malicious files being found on the system. This is done to try and trick the user into calling the listed remote tech support number in order to sell them unnecessary software and services.
The text of this alert is:
This user is disabled due to some malicious files found in system, ensure you have complete protection. Call Technician Now 1-914-465-0012
If you click on any part of the fake login screen, you will be shown an alert that states:
Your system is lock due to unauthorized activity on your computer. Need any help Call Technician Now at 1-914-465-0012 (Toll-free). unauthorized lock
This scam also includes a CMD button that when clicked opens a Windows command prompt. For those who have more advanced computer skills, this command prompt can be used to start task manager and terminate the malicious process.
How did the Admin user is disabled Tech Support Scam get on my computer?
It is important to note that this Trojan is installed by other programs that did not adequately disclose that other software would be installed along with it. Therefore, it is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Furthermore, If the license agreement or installation screens state that they are going to install a toolbar or other unwanted adware, it is advised that you cancel the install and not use the free software.
As you can see, this scam was created to trick you into calling the listed number so that the developers can try and convince you into purchasing unnecessary services or software. For no reason should you call this number, and if you have already have purchased services, I advise you to dispute the charges with your credit card company. To remove this Trojan and any related software for free, please use the removal guide below.Array
C:\Program Files (x86)\Power Cam\ C:\Program Files (x86)\Power Cam\fatalerror.exe C:\Program Files (x86)\Power Cam\sr60.bat
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell C:\Program Files (x86)\Power Cam\fatalerror.exe HKLM\SOFTWARE\Wow6432Node\Power Cam HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell "C:\Program Files (x86)\Power Cam\fatalerror.exe"