What is "Microsoft Protected Your Computer"?
"Microsoft Protected Your Computer" is a notification that is displayed on the website of a technical support scam. This web page is disguised as an official Windows Support website, however, Microsoft has nothing do to with it. The main purpose of this scam is to trick people into calling scammers who seek to extort money from unsuspecting people.
We strongly recommend that you ignore this scam and do not call the number provided.
According to this scam website, it has detected spyware, which caused error "0x80092ee9". Visitors are encouraged to call the "+1-833-292-5292" number immediately, otherwise the detected malicious software will cause further damage. It is stated that some information such as passwords, credit card details, and other sensitive details are already stolen.
Visitors are also informed that their computers were infected since the "System Activation KEY" (supposedly, Windows activation key) expired. This tech support scam essentially tricks people into calling scammers immediately. Typically, people who call them are encouraged to purchase software or use their remote 'technical services'.
Their main goal is to extort money from innocent people. Websites of this kind should never be trusted - if your browser opens them, they should be closed and never reopened. This particular website causes high CPU usage and freezes the browser and entire operating system.
To stop this, you must end the browser process through Task Manager. Restoring the previously closed session opens the same website and causes the system to crash again.
Typically, people do not visit such websites intentionally. They are usually opened by potentially unwanted applications (PUAs) installed on the operating system and/or browser. In most cases, these apps are designed to open dubious web pages, collect browsing data, and display ads.
Most PUAs collect details such as users' IP addresses, geolocations, URLs of visited websites, entered search queries, and so on. Developers share them with third parties who misuse private data to generate revenue. Gathered details sometimes include personal, sensitive information.
Furthermore, many PUAs display coupons, banners, surveys, pop-ups and other intrusive ads. If clicked, these open dubious websites or run scripts that download or even install unwanted software.
|Name||"Microsoft Protected Your Computer" tech support scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud.|
|Fake Claim||According to this scam page the visitor's computer is infected with spyware and a Trojan.|
|Tech Support Scammer Phone Number||+1-833-292-5292|
|Detection Names||Full List Of Detections (VirusTotal)|
|Serving IP Address||220.127.116.11|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
There are many technical support scams online. Some other examples include "Call Microsoft Helpline", "ERROR 0xC004FC03", and "VIRAL ALARM OF MICROSOFT". Generally, scammers use these to trick people into paying for various services or software.
They claim to be able to help people to solve issues that have occurred, however, all notifications about detected viruses, errors, and so that are displayed on these pages are fake and should never be trusted. The same applies to PUAs. Apps of this type deliver no real value and cause only problems.
People who use PUAs or simply have them installed on their computers/browsers risk becoming victims of identity theft, experiencing problems relating to browsing safety, privacy, and other issues. Apps of this type should be uninstalled immediately.
How did potentially unwanted applications install on my computer?
This usually happens when people click deceptive ads displayed on dubious websites or during download/installation of other programs. Developers distribute PUAs using a deceptive marketing method called "bundling". They use this to trick people into downloading and/or installing PUAs together with regular software by including the unwanted apps into the set-ups.
Typically, information about additional downloads or installations is hidden in "Custom", "Advanced", and other similar settings of the download/installation set-ups. Furthermore, many people fail to check and change these settings, thus allowing PUAs to be downloaded and installed by default.
How to avoid installation of potentially unwanted applications
Do not use various third party downloaders, installers, Peer-to-Peer networks such as torrent clients, eMule, unofficial websites and other channels of this kind to download or install software. The safest way to download programs is using official websites.
Check all settings available in any download or installation setup and dismiss offers to download/install additional apps (otherwise they are downloaded and/or installed by default). Do not click intrusive ads, especially if they are displayed on dubious web pages. For examples, on those relating to gambling, pornography, adult dating, and so on.
These usually lead to other untrustworthy sites or cause download/installation of PUAs (or even malware). To stop the browser from opening dubious web pages and/or showing unwanted ads, uninstall all unwanted extensions, plug-ins, and add-ons. Also remove any such programs from the operating system, then they should be uninstalled too.
If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in "Microsoft Protected Your Computer" pop-up:
Microsoft protected your PC
Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk. Call Microsoft on +1-833-292-5292 (Toll Free).
Publisher: Unknown Publisher
App: windows10manager (1).exe
Screenshot of a second pop-up:
Text in this pop-up:
** Windows Warning Alert **
Malicious Pornographic Spyware/Riskware Detected
Error # 0x80092ee9
Please call us immediately! Call Microsoft at: +1-833-292-5292 (Toll Free)
Do not ignore this critical alert.
If you close this page, your computer access will be disabled to prevent further damage to our network.
Your computer has alerted us that it has been infected with a Pornographic Spyware and riskware. The following information is being stolen...
Call Microsoft: +1-833-292-5292 (Toll Free)
Screenshot of a fake CMD window:
Text in fake CMD window:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1982-2001 Microsoft Corp.
C:\Documents and Settings\Administrador>DIR
El volumen de la unidad C no tiene etiqueta.
El numero de serie del volumen es: 241B-42B7
Directorio de C:\Documents and Settings\Administrador
30/05/2011 01:24 .
30/05/2011 01:24 ..
25/05/2011 10:51 .Virtual Box
19/04/2007 11:28 1.440.056 BricoPackSplash.bmp
19/05/2011 16:11 Contacts
29/05/2011 10:46 Escritorio
29/05/2011 01:49 33 log.txt
30/05/2011 01:42 Menu Inicio
21/05/2011 13:01 Temp
21/05/2011 11:47 VirtualBox VMs
2 archivos 1.440.089 bytes
8 dirs 3.421.655.040 bytes libres
C:\Documents and Settings\Administrador>
Screenshot of the background page:
Text in the page:
Call Support +1-833-292-5292
Your computer has been Locked
Call Microsoft : +1-933-292-5292
Your computer with the IP address 18.104.22.168 has been infected by the Trojans -- Because System Activation Key has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call Windows +1-833-292-5292 to protect your files and identity from further damage.
Call Microsoft : +1-833-292-5292 (Toll Free)
Call Microsoft : +1-833-292-5292
Back to safety
The appearance of "Microsoft Protected Your Computer" pop-up (GIF):
Screenshot of "Microsoft Protected Your Computer" scam forcing Google Chrome to cause high CPU usage:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "Microsoft Protected Your Computer" tech support scam?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.