Help, I may have been hacked

I logged into my laptop this afternoon and when I click on the icon for my browser, my PC locked up.  A window came up indicating it was from Microsoft and another smaller window that said Microsoft locked my PC because they felt a hacker was trying to get into my PC. It gave me a number to call to get it unlocked.
I called that number and got someone with Indian decent and was hard to understand him.  I told him I was thinking about shutting down my PC and starting it back up. He said not to do that because I would possibly lose all my data. He said he could help me. He had me click on the Microsoft key then the "R" key. The run window came up. He had me type in a address and had me do some other steps. He said it was probably a Chinese or Russian hacker trying to get into my PC.
When he was done, he said to go to my Emails and see if it looked normal and I did that and it looked OK.
He then said to get into my bank account and see if it looked OK. At that point I froze and told him I don't do banking on my PC and I only do it at the bank. He questioned that again and then I hung up. Before hanging up, he did give me his name, ext and tel number and said to only call that number if I need support. The number was 1-800-102-1110. If I  go to that Run window now, and click on Run or OK, It comes up a picture of him, his extension  all on some type Certificate from Microsoft which made it look like he was assigned and trained by Microsoft.
I then got on-line and googled Microsoft Support and found a support number. 1-800-642-7676. I called that number and got another person from the same country and he was hard to understand.  He said Microsoft would never notify me of a possible hacker and would not just lock my computer. He assigned me a case number (1502452976) and we talked a little more and he was just about ready to help me when I didn't feel comfortable at all and I told him I had to leave and would call back later.

Now here I am with you guys. Does anyone know a true and legitimate tel number for Microsoft?  I want to call them and see if the case number is legit and see what I should do. My DW is going to call the bank tomorrow and see what we should do about our accounts.

I purchased my PC from Staples along with a virus program. I went to them tonight to see if they can run some scans to clean up my PC but because of the virus, they have very limited employees and to please come back tomorrow and the Tech Supervisor will be there and he could help me.

Until I talk to them (Staples) tomorrow, I will not be looking at my bank accounts on this PC but I will keep an eye on them with my phone. My DW did look at our accounts on her phone after the first call and everything looked good at that time.

That could be a scam Rene, I think you have done the right thing. Sounds like he could have been mirroring your PC so if you had logged into anything  he could have viewed it.  This may still believe so make sure your computer is checked out before you do anything of a personal or financial nature. You may even want to change your email account.

Hopefully a PC guru will be  along to offer advice.  Good luck.

Update

Steve says you would need to carefully copies off your user files, photos, docs etc on to a drive or a Google drive or one drive account (Google drive won't allow you to install any dodgy programs onto it and it checks the items under 25MB that you are uploading so no viruses are copied over) if you see any program asking for permission to the Google or one drive DO NOT allow it access.

Make sure you copy everything you need off as you need to delete everything from computer.

You will then need to perform a clean install of whatever version of windows you have. Look this up online.  Reinstall will allow you to keep old files but you should NOT allow it.

After that you can copy stuff back from the Google or one drive.  Once you have done this use an anti virus program to scan all files to cross check for viruses etc.  AVG is a good free program if you don't have one.  You can install after clean up.

We are just going to bed but hopefully the Staples folks can help, if not let us know.

Thanks Jackie.

If Staples fixes it, or once they do, Steve says you should change all your passwords. A pain but a necessity.

Anyone asking to access that Run window is doing something dodgy!

Rene, that is 100% a scam. Microsoft will never take control or lock your PC. You probably assisted a hacker install a virus onto your computer.

Start by unplugging your Internet connection, then boot up your machine and run your anti-virus software.

Google shows a lot of scam reports associated with that and similar numbers. Taking the PC offline and running anti-virus or anti-malware software is a good suggestion. I use Malwarebytes to both protect my system and clean other folks' PCs. I've had cases with other folks' PCs where their newly contracted malware prevented running or even installing anti-malware or anti-virus software. In these cases, I downloaded/saved a copy (of anti-malware software) to a DVD/CD on another PC, and ran it on the affected PC from an external drive.

Rene T said:

He then said to get into my bank account and see if it looked OK.

Click to expand...

SCAM-- 100%.

Myself, I would be very hesitant to connect this computer to the Internet until a thorough "scrubbing" with multiple anti malware apps. Even then, personally I'd be more inclined to wipe the HD and start over.

Definitely a scam.  What he likely had you do was install a key-logger program.  That way he didn't need to outright ask you for your bank account number.  He could just ask you to log in to it (he can't see over the phone, right??).  Well, as you type, he is logging your keystrokes. 

So, the above advice to scan your computer is spot on.  If you can get to another computer to download a program like Malware Bytes (it is a good one), that's the best way to do it.  At the very least, run the one you have, while NOT connected to the Internet.  See what it turns up.

Change your password or passwords.  The one you use to log into your service provider (internet), your bank accounts, anything else you may have gone to while you were online with this hacker.  If you typed a password while talking to him, he has it now.  Change them anyway just to be sure.

If you still want to take it to Staples, that's probably not a bad idea also.  I don't know what their techs are like, but I know the Geek Squad at Best Buy is pretty good.  I imagine Staples has some competent folks also.

And learn from this.  Microsoft is never going to call you unless you called them first.  You done good by hanging up when you got suspicious, but you got suspicious a bit too late.  Good luck, and I hope all is well.

Absolutely a scam. He wanted your bank account information. Run a scan with the freeware versions of malware bytes and superantispyware. Look here for clean freeware applications  https://www.techsupportalert.com/pc/security-tools.html

I echo malwarebytes and have also used AdAware (free version) for several years with good results... although I don't keep it installed full-time on my systems anymore because it used a lot of resources/RAM always running in the background. Windows Defender (Microsoft's) built in malware detector should be able to run a scan and look for anything suspicious also.

You can always do a Windows reset, which clears the hard drive and reinstalls Windows. That function is built into Windows 10 now. Just back up your photos/videos/documents first to an external hard drive (or similar) so you can do the full wipe reset.

One additional thing I suggest is use two step verification on important on-line accounts if available. If a hacker manages to get your user and password they still won't be able to access your account because a temporary code is texted to your phone which needs to be entered into your PC. If the code isn't entered you get a notification of a failed login attempt. If it wasn't you, someone has your user and password and you can take appropriate steps to shut them down.

I use Webroot which protects both my PC and phone.

Odds are you were not hacked at least till you made the phone call
Did you give the person at the other end (With the Indian accent) access to your computer
If so YOu are hacked.

Mistake #2 was making that call

Mistake #1 was not just ignoring that pop up to the greatest extent possible

Sometimes I"ve had to shut down the comptuer to get rid of it. Other times I can bring up Task manager and close the browser from there... Never has there been any actual intrusion.. Never have they gained access to the computer

It is a scam. not a hack .

THe hack comes after you make the phone call and grant them access.

    In the past week I have had that same notification, plus 2 different emails from people I know, there was no subject, no message, only a link.  Those are all warning signs that you have been targeted by scammers.  One of the emails had my friend's name in the from section, but I noticed the email address was not his as his has his name in it and this one didn't.
    As others have said, never click on pop ups from google, Microsoft, etc as most likely they are viruses.  Certainly never call or give control of your computer to someone you don't know, often it is not a virus, but only a scam to extract money for cleaning of your computer that does not need it.
  During today's time of stay at home with heightened anxieties over covid and protests, the last thing any of us need is to have some low life hack, or scam us.  Although I am basically nonviolent, I would love to get my hands on all of them and teach them a lesson.

Ed

I am so glad that I use Chromebooks which are unhackable. And all my data is in the cloud where it is safe and sound. I gave up on MS products and this is one of the reasons why.

Microsoft does not, will not, and never has contacted individual users about computer problems. Any contact with anyone claiming to be Microsoft, or Microsoft technical support is a scam, Scam, SCAM

SeilerBird said:

I am so glad that I use Chromebooks which are unhackable. And all my data is in the cloud where it is safe and sound. I gave up on MS products and this is one of the reasons why.

Click to expand...

I would not say they are "Unhackable" but they sure are easy to fix when they get hacked.  (Just takes a few minutes you loose anything you have store ON BOARD but if you can remove a hard card (I can) nothing lost)

I've had mine get infected 2 or 3 times..  Power washed 'em back to "out of the box" and back in business. I pop the memory card out first.

AND MOST hackers target Windows or IOS so Chrome won't know how to deal with it.

Thus it goes into a reboot loop

I went to Staples today and he felt I was OK. He?s going to do a scan tonight to clean out everything that shouldn?t be there. He said to keep an eye out on my bank account. I do check them every so often and everything looks good right now. I think if I was hacked, they would have cleaned me out before now. I?ve been checking them on my phone and not my PC.  He said that was good. My DW called the bank today but the person she wanted to talk to was out today so we?ll connect tomorrow and decide what to do if anything. Thanks everyone for your input.

For due diligence, I agree with Jackie that it's a good idea to change your online banking password(s). It doesn't sound like any kind of breach/keylogger was installed, but it can't hurt to be extra careful.

scottydl said:

For due diligence, I agree with Jackie that it's a good idea to change your online banking password(s). It doesn't sound like any kind of breach/keylogger was installed, but it can't hurt to be extra careful.

Click to expand...

I did that last night

Rene, I recommend "Keypass" on a flash drive. I'm not comfortable with cloud based password managers.