|
|
|
|
Hi,
You did not say you actually had installed anything, I though you were checking before you did,
1. Uninstall their software NOW!
2. Do a System Restore back to before you did that NOW! (after 1. we want to be as sure as
possible it is gone though these are not 100%.)
3. Change ALL your passwords and contact any on-line sites such as banks, credit cards, and
others by PHONE (not using the computer) to notify them of a possible breach. Those such as
email and others you have to change on-line do so after (6) if possible but do not waste time
on Credit Cards and Banks (call them NOW).
4. Contact the previously mentioned organizations for information to help.
5. Contact the various credit bureaus.
==========================================================
6. After the Uninstall and System Restore run these :
If you need to check for malware here are my recommendations - these will allow you to do
a thorough check and removal without ending up with a load of spyware programs running
resident which can cause as many issues as the malware and maybe harder to detect as the
cause.
No one program can be relied upon to detect and remove all malware. Added that often easy
to detect malware is often accompanied by a much harder to detect and remove payload. So
its better to be overly thorough now than to pay the high price later. Check with these to an
extreme overkill point and then run the cleanup only when you are very sure the system is clean.
These can be done in Safe Mode - repeatedly tap F8 as you boot however you should also run
them in regular Windows when you can.
TDSSKiller.exe. - Download to the Desktop - then go to it and Right Click on it - RUN AS ADMIN
it will show any infections in the report after running - if it will not run change the name from
tdsskiller.exe to tdsskiller.com. Whether it finds anything or not does not mean you should not
check with the other methods below.
http://support.kaspersky.com/viruses/solutions?qid=208280684
Download malwarebytes and scan with it, run MRT, and add Prevx to be sure it is gone.
(If Rootkits run UnHackMe)
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Malwarebytes - free
http://www.malwarebytes.org/
SuperAntiSpyware Portable Scanner - Free
http://www.superantispyware.com/portablescanner.html?tag=SAS_HOMEPAGE
Run the Microsoft Malicious Removal Tool
Start - type in Search box -> MRT find at top of list - Right Click on it - RUN AS ADMIN.
You should be getting this tool and its updates via Windows Updates - if needed you can
download it here.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)
Microsoft Malicious Removal Tool - 32 bit
http://www.microsoft.com/downloads/details.aspx?FamilyID=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
Microsoft Malicious Removal Tool - 64 bit
http://www.microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en
also install Prevx to be sure it is all gone.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other
security programs. This is a scanner only, VERY EFFECTIVE, if it finds something come back
here or use Google to see how to remove.
http://www.prevx.com/ <-- information
http://info.prevx.com/downloadcsi.asp?prevx=Y <-- download
PCmag - Prevx - Editor's Choice
http://www.pcmag.com/article2/0,2817,2346862,00.asp
Try the trial version of Hitman Pro :
Hitman Pro is a second opinion scanner, designed to rescue your computer from malware
(viruses, trojans, rootkits, etc.) that have infected your computer despite all the security
measures you have taken (such as anti virus software, firewalls, etc.).
http://www.surfright.nl/en/hitmanpro
--------------------------------------------------------
If needed here are some online free scanners to help
http://www.eset.com/onlinescan/
-----------------------------------
Original version is now replaced by the Microsoft Safety Scanner
http://onecare.live.com/site/en-us/default.htm
Microsoft Safety Scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx
----------------------------------
http://www.kaspersky.com/virusscanner
Other Free online scans
http://www.google.com/search?hl=en&source=hp&q=antivirus+free+online+scan&aq=f&oq=&aqi=g1
--------------------------------------------------------
After removing any malware :
Also do these to cleanup general corruption and repair/replace damaged/missing
system files.
Start - type this in Search Box -> COMMAND find at top and RIGHT CLICK -
RUN AS ADMIN
Enter this at the prompt - sfc /scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker
(SFC.exe) program generates in Windows Vista cbs.log
http://support.microsoft.com/kb/928228
Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.
How to Run Check Disk at Startup in Vista
http://www.vistax64.com/tutorials/67612-check-disk-chkdsk.html
-----------------------------------------------------------------------
If any Rootkits are found use this thread and other suggestions. (Run UnHackMe)
http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/a8f665f0-c793-441a-a5b9-54b7e1e7a5a4/
======================================
If needed AFTER you are sure the machine is clean of all malware. (DO NOT USE IF
MALWARE IS STILL PRESENT.)
You can try an In-Place Upgrade or a repair installation.
You can use another's DVD as they are not copy protected however you will need you own
Product Key. It has to be the same 32 or 64 BIT OEM version of Vista. Also the System
maker will usually sell the disk cheap since you already own Windows. Be sure to do a
good backup or 3 (safety in redundancy).
In-Place Upgrade
http://vistasupport.mvps.org/repair_a_vista_installation_using_the_upgrade_option_of_the_vista_dvd.htm
This tells you how to access the System Recovery Options and/or from a Vista DVD
http://windows.microsoft.com/en-US/windows-vista/What-happened-to-the-Recovery-Console
How To Perform a Repair Installation For Vista
http://www.vistax64.com/tutorials/88236-repair-install-vista.html
=======================================
For extreme cases :
Norton Power Eraser - Eliminates deeply embedded and difficult to remove crimeware
that traditional virus scanning doesn't always detect. Because the Norton Power Eraser
uses aggressive methods to detect these threats, there is a risk that it can select some
legitimate programs for removal. You should use this tool very carefully, and only after
you have exhausted other options.
http://us.norton.com/support/DIY/index.jsp
================================
If you are in North America, visit the Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy. If you are having issues with installing the update itself, visit Support for Microsoft Update for resources and tools to keep your PC updated with the latest updates.
See
Hi,
Its a total scam!
In USA you can contact FBI, State Attorney General, local law enforcement and consumer
watch groups. Arm yourself with knowledge.
No, Microsoft would not call you unsolicited. Nor would they know if any errors existed on your
computer. So those are frauds or scams, to get your money or worse to steal your identity.
Avoid scams that use the Microsoft name fraudulently - Microsoft does not make unsolicited
phone calls to help you fix your computer
http://www.microsoft.com/protect/fraud/phishing/Msname.aspx
Hoaxes and Scams
http://support.microsoft.com/contactus/cu_sc_virsec_master?ws=support#tab3
Microsoft Consumer Support Center
https://consumersecuritysupport.microsoft.com/default.aspx?altbrand=true&SD=gn&LN=en-us&st=1&wfxredirect=1&gssnb=1
Microsoft Support
http://support.microsoft.com/contactus/?ws=support#tab0
Microsoft - Contact Support
http://windows.microsoft.com/en-US/windows/help/contact-support
Hope this helps.
Hi,
Its a total scam!
In USA you can contact FBI, State Attorney General, local law enforcement and consumer
watch groups. Arm yourself with knowledge.
No, Microsoft would not call you unsolicited. Nor would they know if any errors existed on your
computer. So those are frauds or scams, to get your money or worse to steal your identity.
Avoid scams that use the Microsoft name fraudulently - Microsoft does not make unsolicited
phone calls to help you fix your computer
http://www.microsoft.com/protect/fraud/phishing/Msname.aspx
Hoaxes and Scams
http://support.microsoft.com/contactus/cu_sc_virsec_master?ws=support#tab3
Microsoft Consumer Support Center
https://consumersecuritysupport.microsoft.com/default.aspx?altbrand=true&SD=gn&LN=en-us&st=1&wfxredirect=1&gssnb=1
Microsoft Support
http://support.microsoft.com/contactus/?ws=support#tab0
Microsoft - Contact Support
http://windows.microsoft.com/en-US/windows/help/contact-support
Hope this helps.
Hi,
You did not say you actually had installed anything, I though you were checking before you did,
1. Uninstall their software NOW!
2. Do a System Restore back to before you did that NOW! (after 1. we want to be as sure as
possible it is gone though these are not 100%.)
3. Change ALL your passwords and contact any on-line sites such as banks, credit cards, and
others by PHONE (not using the computer) to notify them of a possible breach. Those such as
email and others you have to change on-line do so after (6) if possible but do not waste time
on Credit Cards and Banks (call them NOW).
4. Contact the previously mentioned organizations for information to help.
5. Contact the various credit bureaus.
==========================================================
6. After the Uninstall and System Restore run these :
If you need to check for malware here are my recommendations - these will allow you to do
a thorough check and removal without ending up with a load of spyware programs running
resident which can cause as many issues as the malware and maybe harder to detect as the
cause.
No one program can be relied upon to detect and remove all malware. Added that often easy
to detect malware is often accompanied by a much harder to detect and remove payload. So
its better to be overly thorough now than to pay the high price later. Check with these to an
extreme overkill point and then run the cleanup only when you are very sure the system is clean.
These can be done in Safe Mode - repeatedly tap F8 as you boot however you should also run
them in regular Windows when you can.
TDSSKiller.exe. - Download to the Desktop - then go to it and Right Click on it - RUN AS ADMIN
it will show any infections in the report after running - if it will not run change the name from
tdsskiller.exe to tdsskiller.com. Whether it finds anything or not does not mean you should not
check with the other methods below.
http://support.kaspersky.com/viruses/solutions?qid=208280684
Download malwarebytes and scan with it, run MRT, and add Prevx to be sure it is gone.
(If Rootkits run UnHackMe)
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Malwarebytes - free
http://www.malwarebytes.org/
SuperAntiSpyware Portable Scanner - Free
http://www.superantispyware.com/portablescanner.html?tag=SAS_HOMEPAGE
Run the Microsoft Malicious Removal Tool
Start - type in Search box -> MRT find at top of list - Right Click on it - RUN AS ADMIN.
You should be getting this tool and its updates via Windows Updates - if needed you can
download it here.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)
Microsoft Malicious Removal Tool - 32 bit
http://www.microsoft.com/downloads/details.aspx?FamilyID=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
Microsoft Malicious Removal Tool - 64 bit
http://www.microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en
also install Prevx to be sure it is all gone.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other
security programs. This is a scanner only, VERY EFFECTIVE, if it finds something come back
here or use Google to see how to remove.
http://www.prevx.com/ <-- information
http://info.prevx.com/downloadcsi.asp?prevx=Y <-- download
PCmag - Prevx - Editor's Choice
http://www.pcmag.com/article2/0,2817,2346862,00.asp
Try the trial version of Hitman Pro :
Hitman Pro is a second opinion scanner, designed to rescue your computer from malware
(viruses, trojans, rootkits, etc.) that have infected your computer despite all the security
measures you have taken (such as anti virus software, firewalls, etc.).
http://www.surfright.nl/en/hitmanpro
--------------------------------------------------------
If needed here are some online free scanners to help
http://www.eset.com/onlinescan/
-----------------------------------
Original version is now replaced by the Microsoft Safety Scanner
http://onecare.live.com/site/en-us/default.htm
Microsoft Safety Scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx
----------------------------------
http://www.kaspersky.com/virusscanner
Other Free online scans
http://www.google.com/search?hl=en&source=hp&q=antivirus+free+online+scan&aq=f&oq=&aqi=g1
--------------------------------------------------------
After removing any malware :
Also do these to cleanup general corruption and repair/replace damaged/missing
system files.
Start - type this in Search Box -> COMMAND find at top and RIGHT CLICK -
RUN AS ADMIN
Enter this at the prompt - sfc /scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker
(SFC.exe) program generates in Windows Vista cbs.log
http://support.microsoft.com/kb/928228
Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.
How to Run Check Disk at Startup in Vista
http://www.vistax64.com/tutorials/67612-check-disk-chkdsk.html
-----------------------------------------------------------------------
If any Rootkits are found use this thread and other suggestions. (Run UnHackMe)
http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/a8f665f0-c793-441a-a5b9-54b7e1e7a5a4/
======================================
If needed AFTER you are sure the machine is clean of all malware. (DO NOT USE IF
MALWARE IS STILL PRESENT.)
You can try an In-Place Upgrade or a repair installation.
You can use another's DVD as they are not copy protected however you will need you own
Product Key. It has to be the same 32 or 64 BIT OEM version of Vista. Also the System
maker will usually sell the disk cheap since you already own Windows. Be sure to do a
good backup or 3 (safety in redundancy).
In-Place Upgrade
http://vistasupport.mvps.org/repair_a_vista_installation_using_the_upgrade_option_of_the_vista_dvd.htm
This tells you how to access the System Recovery Options and/or from a Vista DVD
http://windows.microsoft.com/en-US/windows-vista/What-happened-to-the-Recovery-Console
How To Perform a Repair Installation For Vista
http://www.vistax64.com/tutorials/88236-repair-install-vista.html
=======================================
For extreme cases :
Norton Power Eraser - Eliminates deeply embedded and difficult to remove crimeware
that traditional virus scanning doesn't always detect. Because the Norton Power Eraser
uses aggressive methods to detect these threats, there is a risk that it can select some
legitimate programs for removal. You should use this tool very carefully, and only after
you have exhausted other options.
http://us.norton.com/support/DIY/index.jsp
================================
If you are in North America, visit the Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy. If you are having issues with installing the update itself, visit Support for Microsoft Update for resources and tools to keep your PC updated with the latest updates.
See
Oct 17/11, i got a call from a guy called Marv. It sounded like a call center in the background. he tried to get me to sign up for an Ammyy program. He kept saying the same sentence over and over again. "I just want to show you the error in your computer". I continously asked how he got any such information, he could not answer. I asked for credentials, how i do I know that this call is legitimate, . . . he could not answer. Finally I told him I was reading some reviews on the computer about these calls. He hung up!
DO NOT GIVE THEM ANY PRIVATE INFO!
Hi,
I just updated some of the links in the Answer go to the WebSite and read this
thread as it will answer most of your questions.
System Restore methods in a later message in the thread.
Link to this thread :
http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/ammyy-administrators/8c4cede9-bc9f-49d8-92ef-bdbd3b65aacf
If you need more help please start your own thread with the information we need
to help us help you.
Answers - Forums
http://answers.microsoft.com/en-us
How to ask a question
http://support.microsoft.com/kb/555375
Hope this helps.
Rob Brown -
Microsoft MVP <- profile - Windows Expert - Consumer : Bicycle - Mark Twain said it right.
Holy Doodle Rob,
On one hand I'm verrry impressed with your whole helpful answer. It is well laid out, easy to read and follow, and certainly as thorough as it is long.
I too fell prey to the ammyy scam but by my own hand. I needed info on a Linksys Router and googled Linksys support for a phone number. Of course I got support at ? ? ? ?. As soon as I realized what they were doing to "help" me I disconnected - physically - from the internet but not before giving them access, but thankfully not credit info.
Now in my search for a removal method or tool I came across the legitimate company AMMYY INC. and their instructions for removing their program. Please, if you haven't already, take a look at their suggestion. There is quite a large disparity in your answer and theirs. I am interested in your opinion of their instructions. Is it enough to remove the program? Is the company attempting to minimize the problem?
AMMMYY INC.
Ammyy Admin - cases of malicious use. Official WARNING.
http://www.ammyy.com/en/admin_mu.html
Thanks in advance,
KP
I just got a call from them at 347-480-1148. I listened until he wanted me to install Ammyy. That sounded suspicious so I got a call back number 682-267-0924. They do a good job of convincing you your computer has a virus.
Enter the thread ID of the thread you are merging into
To report abuse, sign in or continue without signing in
Thank you.
|
|
|
Don't have one of the above accounts?
