How To Get Rid of Scamware

In the past year, it’s not uncommon to see a message similar to the above plasters on your PC screen. Scam artists have long tried to evade the myriad of anti-virus and anti-malware software and this is one that slips through.

The following steps will remove this type of scams in majority of the cases.  Otherwise, your computer would need more in-depth cleansing. The idea is to cleanse all your web browsers as well as identifying and removing any modifications to your computer registry settings.

Here are steps to cleanse each of your web browsers:

  • Download the three free programs onto a flash drive using a separate PC if you can:
    1. CCleaner – 
    2. Malwarebytes –
    3. Zemana –
    4. Remove the flash drive and insert into the infected PC.
  • Cleanse Your Browsers’ temporary files, cache and cookies
    1. Install CCleaner
    2. CCleaner will start after installation.
    3. Make sure you close all your web browsers
    4. Click “Run Cleaner”
    5. Click “OK”
    6. CCleaner will run for a while.
    7. After it finishes, “X” out the application.
  • Scan for malware
    1. Install Malwarebytes
    2. Application will start after installation.
    3. Click “Scan Now”
    4. It may take up to 30 minutes depends on your system
    5. “Remove” or “Quarantine” all found abnormalities.
    6. Restart your computer.
  • Scan for registry and browser hijack devices
    1. Install Zemana
    2. Application will start after installation 
    3. Click “Scan”
    4. Program will scan and when it finishes scanning, click “Next” to quarantine all found traces of suspicious entries.
    5. “X” out of the program
  • Restart your computer.

Use your computer to see if the problem has gone away.  If it has, congratulations!  If not, we have to perform additional steps to remove the pest.

At this point, you have 3 free programs installed and they will remind you to purchase their software.  If you want to remove them, go to “Control Panel”, “Programs and Features” to uninstall them.

Good luck.

Email Scam Log Entry #6: Why am I so lucky?

Email Scam: Boston Globe recently was reporting on a woman receiving an email from Publishers’ Sweepstakes she won but need to pay taxes and some fees first.  She called the phone number and a nice young woman congratulate her and urged her to keep it confidential and don’t tell anyone, even her family so it can be a surprise.  Right?!  Below is excerpt of another email received this past week.

“My name is Warren E. Buffett an American business magnate, investor and philanthropist. am the most successful investor in the world. I believe strongly in‘giving while living’ I had one idea that never changed in my mind ? that you should use your wealth to help people and i have decided to give {$1,500,000.00} One Million Five Hundred Thousand United Dollars, to randomly selected individuals worldwide. On receipt of this email, you should count yourself as the lucky individual.”

Visiting Geeks: Am I lucky or what?  Who doesn’t know Warren Buffett, the oracle financier hailed from Omaha?   Forget about grammatical mistakes and typos.  I’ll take ‘United Dollars’ whatever that is.  Smile and hit your <delete> key.

Email Scam Log Entry #5

Scam Email #5: this appears in inbox…”

Good morning.

Dont regard on my English, I am from Japan.We loaded our malicious program on your device.After that I thiefted all private background from your device. Moreover I received some more evidence.The most amusing evidence which I got- its a videotape with your masturbation.I put virus on a porn page and after you loaded it. As soon as you decided with the video and tapped on a play button, my deleterious soft immediately loaded on your device.

After adjusting, your web camera shoot the videotape with you masturbating,  additionally I saved the video you watched. In next week my virus collected all your social media and email contacts.

If you wish to destroy all the compromising evidence- transfer me 980 united state dollar in BTC(cryptocurrency).

I provide you my Btc wallet address – 1FkizUB6vgJzUz6fQyTRZckcu3QBT

You have 24 hours to go from this moment. If I receive transaction I will destroy the evidence forever. Otherwise I will send the record to all your friends.”

Visiting Geeks: This sounds pretty alarming for the recipient but it’s a scam. Unfortunately, scammers can buy emails by the thousands and simply blasts this type of scary emails out to demand money. Ignore it.  We are testing email screening software to cut down these types of nonsense.  Stay tuned.

Top Robocallers According to YouMail

Estimated volumes of top phone scams in March 2018.

Category Type Volume
Interest rates “0% interest rates” 122.9m
Credit cards “Problem with your credit card” 82.5m
Student loans “Forgive/lower student debt” 71.0m
Business loans “Preapproved for business loan” 53.4m
I.R.S. “Owe money to the I.R.S.” 43.4m
Search listings “Listing has a problem” 31.0m
Travel “Free/discount trip” 27.0m
Preapproved loans “Ready to wire – just need info” 26.2m
Home security “Free service/installation” 26.1m
Utilities “Save money – need your info” 19.2m

Source: YouMail

Computer Scam Log Entry #4

Fake Email #4: Accountant receives email from colleague with invoice to pay vendor via wire payment.

Visiting Geeks: The from email address was correct and clicking the blue “from email” link shows colleague’s correct email address.  Forwarding the invoice was also usual procedure except the content to wire payment raised suspicion from the accountant and alerted Visiting Geeks. Visiting Geeks examines the email message routing details and determined that it was sent from Lagos, Nigeria.  This kind of spoofing is done frequently by criminals and not too difficult to carry out.  It doesn’t necessary mean that the colleague or the accountant’s  computers were compromised.

Take Away:  Even legitimate looking emails could be a scam. Anything out of the ordinary should raise an alarm.



Computer Worm Log Entry# 4 – WannaCry

Worm #4:  The message “Oops, your important files are encrypted.” or “Hello, dear friend! All you files have been ENCRYPTED.” displays on your screen and a ransom is demanded.

Visiting Geeks: These are classified as ransomware. Some computers at the City of Atlanta, Baltimore’s 911 system and Boeing were all attacked recently with a crypto-virus derived from a vulnerability uncovered by the NSA.  This type of malware is classified as a WORM.  Once a computer is infected, this WORM will seek out other computers on the same local network and try to infect them as well.  Phishing is the typical way of gaining entry.  Data is encrypted and cannot be recovered unless ransom is paid. To protect your computer, be vigilant on incoming emails, apply latest Microsoft security updates as well as having a real-time anti-virus protection, plus a off-site/cloud backup for your data.

Computer Scam Log Entry #3

Fake Zeus Virus Warning

Scam #3: A message from “Windows Defender Alert” on your computer monitor proclaims a Zeus virus has been detected and your data has been compromised.  The message says your computer is infected due to downloading adult/porn videos. Do not shut down the computer and contact Microsoft at a toll free number on the screen.

Visiting Geeks: This is a very common scare tactic used by the scammers.  Do not call the toll free number. They want to sell you “services” to remove the virus for you and then up-sell you a multi-year maintenance contract. Just the opposite, your computer most likely is not infected by the Zeus virus. Instead, the message is caused by adware surreptitiously installed in your computer.  You need to uninstall suspicious program, remove dubious web browser extensions, add-ons  as well as doing a detailed scan using one of the reputable anti-virus program.  To learn more, click here to read an article with more detailed information.

Computer Scam Log Entry #2

Scam #2: Email with title “Automated Intuit Invoice Message” from that payment is due for an invoice.  The message says:

‘Dear customer,

This invoice email message is being delivered to you by Intuit Inc. on behalf of Transamerican Credit Group Ltd. Please click the link above to view an invoice’

It also includes a trademark acknowledgement and a link to Intuit’s privacy policy.

Visiting Geeks: This is a scam or phishing expedition. There are obvious signs of malfeasance in the email, including the sender’s email address from a company you don’t know, the name of the company sending the invoice is different from the email sender. Furthermore, hovering the mouse over the links reveal long and gibberish web addresses.  Bad guys know it’s tax season and use Intuit as a trusted brand. Smell fishy. Delete email right away.

Computer Scam Log Entry #1

We receive customer inquiries almost on a daily basis whether an encounter is a scam, virus or what not. I’m going to keep a simple log entry whenever our customers or friends call in.

Scam #1: A voice mail claiming that your Microsoft License expired. Call a toll free number right away to avoid loss of data.

Visiting Geeks: Microsoft does not call. Your computer’s Microsoft operating systems license has been activated by the computer manufacturer at the factory.  In theory, it should never ‘expired’.  However, license of a new Microsoft operating system improperly installed due to hardware/software error will expire after a period of time and the computer will display a warning message.  Still, not Microsoft calling you.