Remove the Microsoft Help Desk Tech Support Scam

Click here to visit Original posting

Remove the Microsoft Help Desk Tech Support Scam

  • Sun, 04 Dec 2016 16:24:12 EST
  • Read 1179 times

The Microsoft Help Desk Tech Support Scam is a Trojan from the Trojan.Tech-Support-Scam family that displays a fake Windows screen stating that Microsoft Security Essentials detected 5 threats on the computer. This alert will cover your screen and not allow you to access your desktop and programs while pretending to be an error message when trying to boot Windows.

This error message further states that there is a problem with the gv3.sys file and that you should contact 1-888-828-697 in order to get help.

In reality the computer is infected with a Trojan that displays this fake alert, and other than this scam, there is nothing actually wrong with the computer. This alert is being shown solely to scare you into calling the listed phone number so that the scammers can try and sell you unnecessary services and software.

The text of the Microsoft Help Desk Tech Support Scam is:

A problem has been detected and windows has been shutdown to prevent damage to your computer.

DRIVER_IRQL_NOT_LES_OR_EQUAL

Contact your system administrator or technical support group for further assistance.
for Contact us Toll Free +1-888-496-5150

If this is the first time you've seen this stop error screen, restart your computer, If this screen appears again,
follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation,
ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software.
Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components,
restart your computer, press F8 to select Advanced Startup Options,
and then select Safe Mode.

Technical information:

*** STOP: 0x00D1 (0x00C,0x002,0x00,0xF86B5A89)

*** gv3.sys - Address F86B5A89 base at F86B5000, DateStamp 3dd9919eb

Beginning dump of physical memory

Physical memory dump complete.

Contact your system administrator or technical support group for further assistance.
for Contact us Toll Free +1-888-828-6971

The text of the Microsoft Security Essentials alert is:

Microsoft Security Essentials detected 5 potential threats that might compromise your privacy or damage your computer. Microsoft Security Essentials wasn't able to block virus.
Helpline: +1-888-828-6971

This scam includes a button on the fake alert that is labeled Microsoft Help Desk. When you click on this button, it will minimize the fake alert and open Internet Explorer to https://www.fastsupport.com. The good news is that while this screen is minimized you can access your computer as normal. Using this technique we will remove the infection from a computer.

How did the Fake Microsoft Help Desk Tech Support Scam get on my computer?

It is important to note that this Trojan is installed by other programs that did not adequately disclose that other software would be installed along with it. Therefore, it is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Furthermore, If the license agreement or installation screens state that they are going to install a toolbar or other unwanted adware, it is advised that you cancel the install and not use the free software.

Without a doubt, this scam was created to trick you into calling the listed number so that the developers can try and convince you into purchasing unnecessary services or software. For no reason should you call this number, and if you have already have purchased services, I advise you to dispute the charges with your credit card company. To remove this Trojan and any related software for free, please use the removal guide below.

Array
View Associated Fake Microsoft Help Desk Tech Support Scam Registry Information

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell [path_to]\bsodc23x1.exe a:1:{i:0;i:1223;}