Ammyy Scam

Hi

I just got a call a little less then an hour ago from a group called Ammyy saying that they were working for Microsoft.  They said that I had a bunch of problems on my computer and so they got me to download something called Ammyy remote software.  The longer in I got, the more sceptical I got.  At the same time I did download the software they gave and when the program opened I gave them the code to access my computer through the program.  They were in my computer for all of 10 seconds and did nothing but look at the desktop, which had nothing on it with information, when I imediatly shut down the computer and later disconnected from the internet.

The only saving grace here is that it was my ok laptop, not my new computer that I just made.

Anyways, I am worried about two things:  First and most importantly, were they able to get any information.  Seeing as they were only able to controle the mouse, and probably saw everything that I saw, I don't believe they should have been able to get anything, at the same time, better safe then sorry.

Secondly, I want to uninstall the program they got me to install.  The problem is that it is not under start or in the uninstall a program part of the controle pannel.

I can't believe I did what I did, and any help that anyone can give would be greatly appreciated.

Thanks in advanced,

Enahs

*facepalm*

firstly, i doubt they got anything. Next thing you want to do is turn it on again not connected to the internet. Then, open up task manager and see if there are any processes that you dont recognize and are taking up quite a bit of memory space. If you see it, end it.

Then, run ccleaner and malwarebytes. If you havent already installed them, get them on a usb from your other computer. If you still cant get rid of the program, you;ll probably want to do a reformat/reinstall of windows (i assume thats what you are on). YOu'll ned to back up all the files you want and then wipe the hard drive.

I would always reformat after something like that, it would give me more piece of mind. If you cannot find it in control panel, it's a pretty malicious bit of kit, no doubt.

You're one the lucky ones, but be warned, they may attempt to contact you again.

This is not a new scam, it has been going on for a while.  Microsoft will NEVER contact you via telephone about something like this; unless you personally ask for a representative to contact you, and that is about as difficult as pulling teeth.  The only other time Microsoft will contact you via telephone is if there is a really big security matter which they need to address, and they'll contact you through someone you already do business with like your ISP, but again, this does not happen often.

Look for either the TeamViewer logs or the AmmyyAdmin logs, they should both be left on the PC if they were sloppy.  You can see what they did and where they connected from (Remote Host ID and IP).

Some Indian company tried to scam me here in the UK, saying that my pc was packed with malicious shit and etc. I asked them what is my windows version? The guy said Windows 7, I said I don't use windows you prick I use Linux. They never called me again.

 

Basically do this or just claim to not have a PC, except it probably wont kill you to be a little more polite.

If your Antivirus Software shows no warnings restart the PC and make sure Ammyy Admin Service isn't installed and doesn't run in automatic mode. For this go to main window of Ammyy Admin -> Ammyy -> Service -> Remove. Then restart your PC again.

 Source

Now hopefully this should do the job and I can't believe these guys are stupid enough, not the original poster.

To think or say you're running Windows 7 when you're running Linux.

Maybe if they try it to anyone else here, limit the connection then take your sweet time back tracking there IP address and report them to there ISP and the authorities.

But if they are using a VPN or proxy you may be unable to do this unless they're dim enough to leave traces of there actual ISP IP address in the program files/logs uploaded to your machine.

Imagine if they tried connecting and it was a virtual machine, laugh my ass off.><

 

I got a similar phone call and I just asked the guy on the other end where he got the information that my computer was infected. He claimed that every time you start windows it sends a message to microsoft that tells them if there is anything wrong. I hung up instantly.

My father had a similar call, except my dad is very clued up on computing (despite never training in the feild nor been working in the feild for the last 15 years)

They said to him.

"Hello Mr.X, as we understand you have a microsoft computer *gets interupted*"

"No I don't!"

"But our records indicate that you do and it is reporting that there *interuptted again*"

"But I don't have a Microsoft computer."

"But our records *cut off*"

"No I do not, I have a HP laptop that is runs microsoft windows OS. Microsoft do not make computers just the software. It has been running fine for the last 8 years and i'll be sure it runs another damn 8 without you telling me bullsh!t. Good day" and puts the phone down.

I was pissing myself.

But yea watch out for those calls as people do fall for them. Next time they call have fun confusing them.

 

Lol yeah, I would just drive them nuts.><

With my tech talk.

"Oh really...well how about you prove it...oh wait remote is disabled on this machine".

"**Oh..."

What dumb asses, side note why Microsoft is stupid enough to leave all remote services either on automatic or enabled by default on fresh windows installs is just pure stupidity.

Sure come right in and take a look*sacasm*.

You would think they did this on purpose.><