I think generally these people , after taking control of the machine, just try to extract credit card payments for fake problems they have created. Some, who are unsuccessful, then damage the machine. Others install malware, either directly, or by visiting a predetermined infected website,

.Chances are you are fine, however you may have a backdoor trojan , allowing remote control ( unlikely )

Nobody can offer the reassurance you are seeking. The only way, to know for sure, is to wipe the machine and re-install windows

The system restore was a big mistake. It does NOT remove infections, but it can remove the tell tales needed by anti-malware software to identify and remove infections. It may stop them running. Norton is NOT good at removing anything that has already got into the machine, and I would not trust it after someone else has had access to the machine, they can have changed settings on it, or even installed something to prevent it working. Your best option now would be to start into safe mode with networking on a wired connection and download the free scanner from http://malwarebytes.org, then run the full scan. I would advise uninstalling Norton and installing a new copy, so you know it is an unmodified original copy. Look at the program list to ensure there is no copy of any remote connection software installed. Also go to Control Panel/Administrative tools and turn OFF the services for remote access. Caution here, do not turn off Remote Procedure Call. It is unrelated. Then go to the Firewall and turn off any exceptions for remote access.

Then teach your father about computers : Reputable companies like Microsoft do NOT phone you to offer help, they do NOT know what is wrong with any individual machine, and they are NOT permitted to collect ANY personal information about whoever owns a machine. Even when you let it report faults after a crash it can ONLY pass the crash report, and details of the operating system it is running on. They would not know the phone number of the owner. This goes for ALL branches of computer support. Anti-virus, operating system, program developers and support companies as such.

2

As your dad now knows, those "Microsoft calls" are a scam. There are many YouTube videos showing people who pretend to fall for the scam.



The calls originate from Indian call-centre's and their intention is to persuade you to install some software that gives them remote access to your computer. From what I've read, they then demand money, with the threat of locking down your computer or deleting vital files from your hard disk. It's basically hacking, but they get you to assist them up front.



I'm not exactly an expert when it comes to hacking, but...



I run XP on my computer. If you run a different version of Windows, this path may vary.



Firstly, on your desktop click Start\Control Panel\System. Now click on the Remote tab.



Make sure there is no tick in the box labelled "Allow Remote Assistance invitations to be sent from this computer".



Make sure there is no tick in the box labelled "Allow users to connect remotely to this computer".



Now click the Apply button, then click the OK button and return to your desktop.



Also, whenever a web site asks if you wish your password to be remembered, always say no.



If you run Firefox, click Tools\Options\Security. Under Passwords, make sure there is no tick in the box labelled "Remember passwords for sites". Now click the OK button.



If you use a different browser, I'm sure there will be similar changes you should make.



Once that's done...



Try this:



Boot your computer to the Safe Mode menu screen. You do this by repeatedly pressing F8 as soon as you boot up. Once there, use the arrow keys to highlight Safe Mode with Networking. Continue to boot from there, by pressing Enter. You will now see some drivers being loaded. There will be a pause at some point. This usually lasts for no more than 30 seconds.



Now download this package.



When you click on the download button, wait for a few seconds and the download box will appear, without you having to enter your name or email address.



Save it to your desktop, unzip it...click on start.exe...then click on Emergency Kit Scanner. Wait for it to open (this may take a couple of minutes), then get updates and run a Deep Scan:



http://www.emsisoft.com/en/software/eek/



Hope this helps.

You are right its Fraud. Microsoft does not have your phone number and they do not monitor everyone computer. He should change his credit cards if he had any of that information on his computer and if he didn't he should call every day the 1800 number on the back to make sure his account balance is the same. If it changes notify the credit card company of fraud. He should do this with all his cards or just call the credit card companies and change all his cards now.

Use your recovery disk. Start fresh and hope for the best. Or better after restoreing your computer replace it with a new computer and do not use it for 90 days. And hope for the best.

It's was a scam. Scan your computer with anti-malware software. Next, time tell your dad that do not call their customers.

nicely evidently such as you have 2 probelems then, a million, you ahve a gateway, 2 you have a virulent disease. acquire avast antivirus (its loose, and registration is loose too) and set up it. it is going to instantaneous you to reboot and once you click definite it is going to... reboot. whilst it comes up back it is going to do a test and whilst it famous something you press "2" to delete all. just to be risk-free use spybot after it comes up and doa by way of test. better of success!