new here,and a bit of a dummy.spent several hours searching forums,but can't find anything relating directly to my possible problem.
got new computer 6 weeks ago,windows 8,64 bit.
after years of win 7 all i did was change a few things,add a start button,add 'my computer',and set it to boot to 'desktop',what i'm used to.
added my third party programs,and all seemed fine.
a few days ago i get a random phone call from a number in california with caller id showing 'microsmart' or something like that.guy says he's working for a microsoft partner company,gives me some long number that matches i think he called it my 'microsoft computer ID ' at this point i figure he's legit.
he says my system has possibly been compromised,taken over by hackers.
thinking i'm talking to a real microsoft person,i let him take remote control (yes,stupid,i know)
he goes 10 times faster than i could and leads me to windows system 32 and points to an icon for 'rundll32.exe'
i have no idea what this is,but all the icons around it are either gears or squares with green things inside,looking kind of official.
the rundll32.exe however looks like a blank sheet of paper with the top right corner folded over.he says this means it's either compromised,or vulnerable to hacking.
he then says 'for $150 we can fix this and give you a year of security,for $200,blah blah.
at this point it finally clicks in my head that this whole deal smells fishy.
i say hold on,let me check you guys out,he says 'i'll give you a link,i say no,i'll look on my own.
guy gets argumentative, so i just hang up and google his phone #.
he calls back twice,and by the second call i've found that his company is called 'fastheal',has no relation to microsoft and has a bunch of consumer complaints.
i end the second callback with a loud string of profanities.
i googled this rundll32 thing and found a site that says it is a problem(which of course i can't find again) and lists some highly technical stuff as how to fix it.
just reading the basics i think it's beyond my capabilities,but the icon looks off and i'm seriously paranoid now,so i call microsoft.
blah blah,$100 for a onetime fix,$150 for a year of support.knowing my history of doing stupid stuff i figure,in for a buck,why not a buck and a half.i pay.
some microsoft guy calls me,takes remote control while we're on the phone,does all this super fast stuff,then dl's and runs some program that he says will take about an hour,fix everything,and he'll call back and finalize.
ok says i.
zzzzz zzzzzt
finished,i reboot and....wham!
all my third party programs are gone,my little tweaks are gone,and the computer looks like the first time i turned it on 6 weeks ago.
and,that rundll32 thing still looks broken.
i wait another half hour in a state of rage for a call back to fix it.
nothing.
i call microsoft back.get a human who says 'i'd be angry too'
really?
i insist and they send me back the $150,took 3 days.
now i'm in a constant state of paranoia that i may be vulnerable,or already breached.
it may be coincidence,but since these events took place my isp speed has been slowed by maybe 65%.
i called them,rebooted the modem,blah blah,still slow,but i don't tell them i let 2 idiots remote my box.
my question here is : do i have a problem?
searching tells me that malware can hide in this rundll32.exe thing,but i have no clue as to how to find out.
any advice is more than welcome.
thanks
moron extrordanaire
got new computer 6 weeks ago,windows 8,64 bit.
after years of win 7 all i did was change a few things,add a start button,add 'my computer',and set it to boot to 'desktop',what i'm used to.
added my third party programs,and all seemed fine.
a few days ago i get a random phone call from a number in california with caller id showing 'microsmart' or something like that.guy says he's working for a microsoft partner company,gives me some long number that matches i think he called it my 'microsoft computer ID ' at this point i figure he's legit.
he says my system has possibly been compromised,taken over by hackers.
thinking i'm talking to a real microsoft person,i let him take remote control (yes,stupid,i know)
he goes 10 times faster than i could and leads me to windows system 32 and points to an icon for 'rundll32.exe'
i have no idea what this is,but all the icons around it are either gears or squares with green things inside,looking kind of official.
the rundll32.exe however looks like a blank sheet of paper with the top right corner folded over.he says this means it's either compromised,or vulnerable to hacking.
he then says 'for $150 we can fix this and give you a year of security,for $200,blah blah.
at this point it finally clicks in my head that this whole deal smells fishy.
i say hold on,let me check you guys out,he says 'i'll give you a link,i say no,i'll look on my own.
guy gets argumentative, so i just hang up and google his phone #.
he calls back twice,and by the second call i've found that his company is called 'fastheal',has no relation to microsoft and has a bunch of consumer complaints.
i end the second callback with a loud string of profanities.
i googled this rundll32 thing and found a site that says it is a problem(which of course i can't find again) and lists some highly technical stuff as how to fix it.
just reading the basics i think it's beyond my capabilities,but the icon looks off and i'm seriously paranoid now,so i call microsoft.
blah blah,$100 for a onetime fix,$150 for a year of support.knowing my history of doing stupid stuff i figure,in for a buck,why not a buck and a half.i pay.
some microsoft guy calls me,takes remote control while we're on the phone,does all this super fast stuff,then dl's and runs some program that he says will take about an hour,fix everything,and he'll call back and finalize.
ok says i.
zzzzz zzzzzt
finished,i reboot and....wham!
all my third party programs are gone,my little tweaks are gone,and the computer looks like the first time i turned it on 6 weeks ago.
and,that rundll32 thing still looks broken.
i wait another half hour in a state of rage for a call back to fix it.
nothing.
i call microsoft back.get a human who says 'i'd be angry too'
really?
i insist and they send me back the $150,took 3 days.
now i'm in a constant state of paranoia that i may be vulnerable,or already breached.
it may be coincidence,but since these events took place my isp speed has been slowed by maybe 65%.
i called them,rebooted the modem,blah blah,still slow,but i don't tell them i let 2 idiots remote my box.
my question here is : do i have a problem?
searching tells me that malware can hide in this rundll32.exe thing,but i have no clue as to how to find out.
any advice is more than welcome.
thanks
moron extrordanaire
My Computer
System One
-
- OS
- windows 8.1
- Computer type
- PC/Desktop
- System Manufacturer/Model
- Lenovo C440
- CPU
- Intel 2.90
- Memory
- 4 GB
