1st Choice Tech Support - Did something in Windows trigger their appearance on my laptop?

I was online last Saturday when all of a sudden this page appears on my screen stating Windows 8.1 user please call xxx-xxx-xxxx as soon as possible you have malware/spyware!.  My first thought is that this was a scam and I attempted to close out the page, but found I couldn't.  I couldn't do anything to this page.  I exited Internet Explorer and brought it up again.  The page came up again.  I could open other tabs, but not get rid of this page.  I decided to look up 1st Choice Tech Support on my smartphone and found they are a legitimate company, part of Microsoft Partner Network. 

To make a long story short, I used their services.  After removing infections and giving my laptop a "tune up", they spent a about 45 minutes on the phone with me fixing my Bluetooth.  The price was a little steep ($250), but my Bluetooth now works and my machine is faster.  What I wonder about is what made their page come up?  Was this something in Windows?

Answer
Answer

Yep, it's malvertising.

At some point, you installed some program off the internet that had a hidden add-on for your browser hidden in it. The add-on throws you popups.

The guys who published the add-ons control their content remotely. They sell advertising space on these popups to "tech support" companies, which buy the space to put their ads on. The ad, obviously, tell you your computer has compu-AIDS and to call them ASAP. Then they sell you removal services, for as much as they can. If the tech support company is more legit, they will actually take the adware off. If not, they'll leave it on, or take some of it off, or whatever.

I have guys come in with this stuff on their computer all the time, flipping out, thinking their computer is about to blow up after North Korean hackers have stolen their SSN and banking info. Fortunately, adware (as opposed to cryptolockers and so on) is not that big a deal to get rid of. Usually it consists of browser extensions and folders in your AppData folder, where the adware hides and reinstalls itself if you delete it manually.  Deleting both the extensions and the AppData folders where they live is not very hard, although the folders may be hidden/read-only, and you will have to unhide them and make them writable.

The way to keep this from happening is to not download any **** from mass download sites. If you feel you need something, go directly to the manufacturer's site. Alternatively, you can use a tool like Reason Core Security, which automatically scans your download for add-ons and removes them. That feature used to be called Unchecky. The product also removes adware from your computer very effectively. I've been putting it on my customers' computers.

By the way,  both you guys and anyone reading this should get your money back. Call the "tech support" guys, tell them you want your money back now, don't take no or a partial refund for an answer, and tell them that if they don't refund, you will go to the bank and request a chargeback (that costs them more money, and too many chargebacks result in their bank account being suspended). If they waste more than 8 minutes of your time, hang up, call your credit card company and actually request the chargeback. Anyone can get cheated, but knowingly remaining a sucker is inexcusable in my book.

3 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

 
 

Question Info


Last updated May 25, 2020 Views 3,074 Applies to: