How to Fix: Activation Key Damaged (Scam)

Infopackets Reader Jack F. writes:

" Dear Dennis,

My Edge web browser randomly displays a security alert stating that 'The server www[dot]mariopullmesdas.info is asking for your user name and password. The page reports an error code of 0x80070424, then says that my 'Activation key is damaged'. To fix the problem I need to call the Microsoft Help Desk at (855)-684-9323. A computer generated voice says that my computer will keep restarting every few minutes if I don't fix the problem and that my personal data is at risk. What do I do? "

My response:

This is a web browser fake tech support scam.

Here's how it works:

While surfing the Internet, your web browser automatically downloads malicious code (often through malicious advertising); this happens even when you are not visiting a malicious website. The malware then embeds itself deep into your web browser, which then automatically and/or randomly redirects you to the web page you're mentioning.

The malicious page is designed in such a manner that you cannot close it. In order to do so, you must either forcefully shut down the web browser using Task Manager or reboot the computer. However, the next time you launch the web browser, you will be redirected to the same page again.

Do not call the 1-800 number, as it is a scam. The scammers on the other end of the line are usually operating out of India, purporting to be from Microsoft. Oftentimes the companies responsible for this scam are Informatico Experts, also known as Live PC Experts.

The scammers will then ask for remote access to your machine. Once they gain access, they "scan" your machine, then claim your computer is infected with a virus. The cost to remove the fake virus is usually in the neighborhood of $150-$300, sometimes more; often they will up the ante and push for a lifetime fake tech support contract. What's important to understand here is that once they get into your system, they also install remote backdoors so that they can get back into your PC and steal files and propagate more scams.

A few days or weeks later, the scammers will continue to call you (repeatedly, at all times of the day), demanding access to your machine once again. At this point they usually claim that hackers have broken into your PC, then demand upwards of $1200 or more to "fix" the "problem" - as it turns out, this "fix" isn't covered by your original contract (scam!). This scam repeats indefinitely until you either run out of money or wise up. Some of my customers have lost tens of thousands of dollars to this unscrupulous scam - so please be aware.

Did You Call the 1-800 Number? If so, Read This!

As I have already mentioned in this article, once the scammers have gained access to your machine, they plant multiple remote backdoors onto your system. This means they can get back into your PC or laptop any time they want in order to steal your personal and financial information, commit fraud, and to continue scamming you (often claiming hackers have penetrated your system).

If you allowed the scammers into your machine, you need to have these backdoors removed. In this case you are welcome to contact me for 1-on-1 support and I will remove these threats for you. I have helped over 100 clients to date with this scam and know exactly where to look. I can also tell you what needs to be done to recover your money.

Please also note that the scammers use legitimate software to create these backdoors, then lock down the permissions so you can't remove the software - it requires an administrative command line to do so. As such, scanning for malicious software on your machine won't help to remove the backdoors.

In this case, you are welcome to contact me here and/or review my credentials here.

How to Fix: Activation Key Damaged (Scam)

As for the web browser scam, here is what you need to do to prevent it from appearing:

1. First, write down the website address that is displaying the fake error message. Later, you can report the malicious web page to Google. They will remove the listing from their search engine so that other users hopefully won't fall prey to this scam.
    
2. If the malicious website won't close from your web browser, you will need to forcefully close it using Task Manager. To do so, press CTRL + ALT + DEL on the keyboard to bring up the Windows Task Manager, then go to the "Details" tab (if using Windows 8 or 10), or "Processes" tab (if using Windows 7 or earlier). Now, click the "Name" heading to sort processes by Name. Next, look for your web browser in the Names column. For example: if you are using Firefox, close all the Firefox processes by selecting each process with the mouse (left click), then press DEL on the keyboard to end the task.
    
3. Finally, scan your system for malware. Use your favorite antivirus or antimalware to scan the system for malware. I personally use Avast! (free) and Malwarebytes (free) to do this. Once the scan completes, you can continue using the system. Hopefully at this point the browser infection will be gone.

Please note: oftentimes the malware is very stealthy and difficult to remove, which means antivirus and antimalware may not find anything. You will know if this is the case if the malware page shows up again even after you scanned the system. If you are unable to remove the malicious page, you are welcome to contact me to remove it for you using my remote support service.

I hope that helps.

Additional 1-on-1 Support: From Dennis

If you are reading this article right now because you've been scammed, I can help. I get emails all the time about this scam; some people even ask me "How do I know you're not a scammer, too?" My response to this is that you can read my articles I've published over the last few years and also review my resume. Based on that, you should be able to understand that I am in fact legitimate, compassionate, and am more than willing to lend a hand - simply contact me, briefly describing the issue and I will get back to you as soon as possible.

About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.