I had a great experience today.  I received a phone call from someone purporting to be from Microsoft Support, who was calling because my machine was infected with viruses.  

When he started down that line, I knew where this was going, so I spun up a virtual machine with Vagrant.

Here’s a rough transcription (from memory and cutting out gems like, “look for the Windows key, it looks like four little flags”)

“Support” guy:  I’m calling from Microsoft support.  Your computer is infected with viruses and has been alerting us.

Me:  Oh no!  How can I we check that?

“Support” guy:  I’ll walk you through checking for these error messages. 

“Support” guy:  Press the Windows key and the “R” key at the same time.  What do you see?

Me:  I see a little box pop up in the lower left hand corner

“Support” guy:  In the Windows box, type “eventvwr” and press return (which launches the Event Viewer)

Me: (I type eventvwr into the run window.)

“Support” guy:  Can you read back what you typed in?

Me:  “e” “v” “e” “n” “t” “v” “w” “r”

“Support” guy:  OK, press enter.

“Support” guy:  On the main page of the Event Viewer, look at the summaries of the types of event log entries.

“Support” guy:  In the Event Viewer, expand Windows Logs and click on Application.

“Support” guy:  Scroll until you see an error.  

“Support” guy:  These error messages were warnings from Microsoft about viruses on your computer.

Me: On no!  I didn’t know that..

“Support” guy:  Next, on the right hand side of the Event Viewer, there is an option to “Filter Current Log”, click on that.  What do you see?

Me:  (I describe the error log filtering box)

“Support” guy:  Select “Errors”, “Warnings”, and “Critical” and click OK.

“Support” guy:  What do you see?  Those are all attempts from us to warn you about viruses on your system.  These are why I’m calling you right now.

Me:  Oh wow. 

“Support” guy:  Right click on one of the errors.  Do you see a “Delete” option?  No?  That’s because the error is so critical, you can’t delete it.

“Support” guy:  I’m going to connect you to our “certified” Windows engineer.  We’ll remotely connect to your machine and help you fix the problem.

Me:  Thank you!

“Support” guy:  Press Windows + R again.  Delete the “eventvwr” and now type “www.infosys.net” and press Enter

Me:  Ok, I did.  

“Support” guy:  Do you see a Home link?  And the fourth item is “Suporte”?  Click on that.

Me:  Ok, I’m on that page.

“Support” guy:  Click on the download button for TeamViewer.

Me:  Ok, I’m downloading it.  It’s done.

“Support” guy:  Run TeamViewer and give me the code and password.

“Support” guy:  Now I’m going to transfer you to our “certified” Windows engineer.

“Engineer” guy:  Hi, I’m connected to your computer and going to try to help you.

“Engineer” guy:  So, you see all the errors in the error log?  That was us trying to warn you about your viruses.  Why didn’t you respond?

Me:  I didn’t know about them.  I’ve never seen that before

“Engineer” guy:  What anti-virus are you using?  

Me:  Just the built in Microsoft stuff.

“Engineer” guy:  (He then opened a command prompt and ran the “tree” command which printed out a long scrolling list of files and directories)

“Engineer” guy:  (After that ran for a bit, he broke the execution and quick pasted a line of text that said “system error…  system warranty expired”)

“Engineer” guy:  What message did the command output? 

Me:  It says something about the system warranty being expired or missing.

**“Engineer” guy:  Why haven’t you paid for your system warranty? **

Me:  (At this point, I acted indignant)  I did pay.  Look it shows that I’m running a genuine copy of Windows!

“Engineer” guy:  No, the system warranty is different.  You didn’t pay for that!

Me:  (I launched into a rant about why buying extended warranties was stupid, just to waste more of their time.  After about 5 minutes of that, I took a breath.)

Me:  Oh, and by the way, you guys are full of crap.  I’m a systems administrator and a damn good one and everything you’ve said is a scam.  (Then, I didn’t hear anything from the “engineer” again.)

“Support” guy:  Why would you waste our time like that? 

Me:  Why would you waste mine with your scam?

At that point, we went back to our own regularly scheduled days.  

Thanks for the laugh anonymous scammer guys!