ATTENTION! DON'T FALL FOR THE AMMYY SCAM! READ AND RESPOND!

For non-sports-related posts. Because we really can't stand talking about sports!
Post Reply
User avatar
Fat Man
The Fat Man Judgeth
Posts: 3301
Joined: Fri Feb 13, 2009 5:08 am
Gender: Male
Location: El Paso, Texas, USA, 3rd Planet, Sol System, Milky Way, Local Cluster, Somewhere in The Cosmos!
Contact:

ATTENTION! DON'T FALL FOR THE AMMYY SCAM! READ AND RESPOND!

Post by Fat Man »

OK EVERYBODY! PLEASE READ THIS TOPIC AND RESPOND!

DO NOT FALL FOR THE - WWW. AMMYY. COM SCAM!!! (I put spaces in this so it can't be clicked on!)

OK, I got a phone call this morning about 10:30 AM this morning.

The number was 855-800-3144 and I'm going to report this number.

Anyway . . . . .

The collar claimed to be working for Microsoft. I could barely understand him because he spoke with a rather thick foreign.

He called to warn me that Microsoft had detected that my computer was putting out malicious software on the Internet, and they also detected that my computer appears to have two IP address when it's suppose to have only one IP address.

He gave me step by step instructions on how to fix the problem, and it took me to this web site, where I was to download the necessary software to repair the problem.

It was very frustrating trying to understand him because of his accent, so he had someone else come to the phone who spoke better English.

Well, I did go to the web site, and saw the green rectangle that I was suppose to click on to download the software.

Anyway . . . . . I said "Hold on a minute while I check something on my computer" and while I was talking to him, I opened up another tab on my Mozilla Firefox browser, and went to Google.

I was hesitant to click on the download link, until I was sure it would be safe to do so. I wanted to find out whether ANNYY was legitimate or not.

When I was on the Google page, in the search engine I typed in AMMYY to see what would come up.

And there were a bunch of web pages warning about the AMMYY scam.

So, I finally cussed the guy out, saying . . . HEY! I JUST DONE A GOOGLE SEARCH ON YOUR AMMYY AND IT'S A SCAM!!! I'M NOT FALLING FOR IT! THIS WILL ONLY GIVE YOU PEOPLE ACCESS TO MY COMPUTER AND MY PERSONAL FILES, SO, I'M NOT GOING TO DOWNLOAD THIS PIECE OF SHIT! GOOD BY AND FUCK OFF!!!

Then, I continued to check out the web pages warning about the AMMYY scam.

Apparently, these phone calls come from either India or Pakistan, judging from their callers' accents.

Anyway, here is a link to the Microsoft web site where people have posted questions about AMMYY.

http://answers.microsoft.com/en-us/wind ... bd3b65aacf
Image
Question

JudithSCB asked on

Is Ammyy Administrators a legimitate company?


<link removed>

Today, I got a phone call supposedly from Microsoft saying you were getting many problem messages from my computer and they gave me the above website address to verify the call. They said that my computer has a virus and they wanted to delete the virus. I am really uneasy about this supposed contact from Microsoft.

They gave me a company name of Ammyy Administrators, 108 W 13th Street, Wilmington, Delaware 19801, phone 213-550-1062. Are they a legitimate representative of your company?

I would appreciate hearing from you about whether I now have to be worried about identity theft or having my computer hijacked by these people. Thank you for your response.

Answer
SpiritX MS MVP replied on

Hi,

You did not say you actually had installed anything, I thought you were checking before you did,

1. Uninstall their software NOW!

2. Do a System Restore back to before you did that NOW! (after 1. we want to be as sure as
possible it is gone though these are not 100%.)

3. Change ALL your passwords and contact any on-line sites such as banks, credit cards, and
others by PHONE (not using the computer) to notify them of a possible breach. Those such as
email and others you have to change on-line do so after (6) if possible but do not waste time
on Credit Cards and Banks (call them NOW).

4. Contact the previously mentioned organizations for information to help.

5. Contact the various credit bureaus.

==========================================================

6. After the Uninstall and System Restore run these :

If you need to check for malware here are my recommendations - these will allow you to do
a thorough check and removal without ending up with a load of spyware programs running
resident which can cause as many issues as the malware and maybe harder to detect as the
cause.

No one program can be relied upon to detect and remove all malware. Added that often easy
to detect malware is often accompanied by a much harder to detect and remove payload. So
its better to be overly thorough now than to pay the high price later. Check with these to an
extreme overkill point and then run the cleanup only when you are very sure the system is clean.

These can be done in Safe Mode - repeatedly tap F8 as you boot however you should also run
them in regular Windows when you can.

TDSSKiller.exe. - Download to the Desktop - then go to it and Right Click on it - RUN AS ADMIN
it will show any infections in the report after running - if it will not run change the name from
tdsskiller.exe to tdsskiller.com. Whether it finds anything or not does not mean you should not
check with the other methods below.
http://support.kaspersky.com/viruses/so ... =208280684

Download malwarebytes and scan with it, run MRT, and add Prevx to be sure it is gone.
(If Rootkits run UnHackMe)

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN

Malwarebytes - free
http://www.malwarebytes.org/

SuperAntiSpyware Portable Scanner - Free
http://www.superantispyware.com/portabl ... S_HOMEPAGE

Run the Microsoft Malicious Removal Tool

Start - type in Search box -> MRT find at top of list - Right Click on it - RUN AS ADMIN.

You should be getting this tool and its updates via Windows Updates - if needed you can
download it here.

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)

Microsoft Malicious Removal Tool - 32 bit
http://www.microsoft.com/downloads/deta ... laylang=en

Microsoft Malicious Removal Tool - 64 bit
http://www.microsoft.com/downloads/deta ... laylang=en

also install Prevx to be sure it is all gone.

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN

Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other
security programs. This is a scanner only, VERY EFFECTIVE, if it finds something come back
here or use Google to see how to remove.
http://www.prevx.com/ <-- information
http://info.prevx.com/downloadcsi.asp?prevx=Y <-- download

PCmag - Prevx - Editor's Choice
http://www.pcmag.com/article2/0,2817,2346862,00.asp

Try the trial version of Hitman Pro :

Hitman Pro is a second opinion scanner, designed to rescue your computer from malware
(viruses, trojans, rootkits, etc.) that have infected your computer despite all the security
measures you have taken (such as anti virus software, firewalls, etc.).
http://www.surfright.nl/en/hitmanpro

--------------------------------------------------------

If needed here are some online free scanners to help

http://www.eset.com/onlinescan/

-----------------------------------

Original version is now replaced by the Microsoft Safety Scanner
http://onecare.live.com/site/en-us/default.htm

Microsoft Safety Scanner
http://www.microsoft.com/security/scann ... fault.aspx

----------------------------------

http://www.kaspersky.com/virusscanner

Other Free online scans
http://www.google.com/search?hl=en&sour ... oq=&aqi=g1

--------------------------------------------------------

After removing any malware :

Also do these to cleanup general corruption and repair/replace damaged/missing
system files.

Start - type this in Search Box -> COMMAND find at top and RIGHT CLICK -
RUN AS ADMIN

Enter this at the prompt - sfc /scannow

How to analyze the log file entries that the Microsoft Windows Resource Checker
(SFC.exe) program generates in Windows Vista cbs.log
http://support.microsoft.com/kb/928228

Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.

How to Run Check Disk at Startup in Vista
http://www.vistax64.com/tutorials/67612 ... hkdsk.html

-----------------------------------------------------------------------

If any Rootkits are found use this thread and other suggestions. (Run UnHackMe)

http://social.answers.microsoft.com/For ... 7e1e7a5a4/

======================================

If needed AFTER you are sure the machine is clean of all malware. (DO NOT USE IF
MALWARE IS STILL PRESENT.)

You can try an In-Place Upgrade or a repair installation.

You can use another's DVD as they are not copy protected however you will need you own
Product Key. It has to be the same 32 or 64 BIT OEM version of Vista. Also the System
maker will usually sell the disk cheap since you already own Windows. Be sure to do a
good backup or 3 (safety in redundancy).

In-Place Upgrade
http://vistasupport.mvps.org/repair_a_v ... ta_dvd.htm

This tells you how to access the System Recovery Options and/or from a Vista DVD
http://windows.microsoft.com/en-US/wind ... ry-Console

How To Perform a Repair Installation For Vista
http://www.vistax64.com/tutorials/88236 ... vista.html

=======================================

For extreme cases :

Norton Power Eraser - Eliminates deeply embedded and difficult to remove crimeware
that traditional virus scanning doesn't always detect. Because the Norton Power Eraser
uses aggressive methods to detect these threats, there is a risk that it can select some
legitimate programs for removal. You should use this tool very carefully, and only after
you have exhausted other options.
http://us.norton.com/support/DIY/index.jsp

================================

If you are in North America, visit the Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy. If you are having issues with installing the update itself, visit Support for Microsoft Update for resources and tools to keep your PC updated with the latest updates.


See
http://www.microsoft.com/protect/support/default.mspx for details.For
international information, see your local subsidiary Support site.

Microsoft Support - Virus and Security Solution Center
http://support.microsoft.com/contactus/ ... pport#tab0

=====================================================

7. Consider re-installion of Windows back to factory specs in order to be sure the machine is clean. Credit Cards, banks, investments and other sensitive information is critical so do
those while doing 1 and 2 NOW - call those - do not attempt on-line contact until
the machine is VERY VERY clean.

Hope this helps.

Rob Brown - MS MVP - Windows Desktop Experience : Bicycle - Mark Twain said it right.
Rob Brown - Microsoft MVP - Windows Expert - Consumer : Bicycle - Mark Twain said it right.
Needless to say, I did NOT click on the download link. And when I had read the above article, I closed the tab on the AMMYY web site.

Here's a link to another reliable web site.

http://antivirus.about.com/b/2010/12/08 ... m-scam.htm
Image

Ammyy.com Scam

From Mary Landesman, About.com Guide December 8, 2010

Someone claiming to be from Microsoft phones you at home and tells you their logs are picking up an infection from your computer. To gain credibility, the phone scammer may give you easily discoverable information, such as your name, address, and phone number - stuff available to any random telemarketer or scam caller with a couple of bucks to spend.

Once they've gained your attention, this bogus Microsoft 'tech' then instructs you to open Event Viewer and says that any errors reflected in that log are 'proof' of a virus. The scammer then directs you to ammyy.com and tells you to run the tool and give them the ID it provides, after which they're now able to get complete remote access to your PC.

Remember:

Anyone can dial a number and claim to be someone else;
The real Microsoft doesn't call their customers to report virus infections;
Never run any unknown program or install any remote access tool for someone unless you are 100% certain of their identity and trustworthiness.

Ammyy. com advertises ammyy. exe as a remote access and file sharing tool. In malware terms, programs that do that without your permission are known as backdoors, password stealers, and data theft trojans. While Ammyy may have legitimate purpose when used between two *very* trusted parties, when Ammyy is used by a scammer, it's nothing more than a thief's tool.

Your best defense? Use the same trick you use with other unwanted callers - hang up the phone.
Well, I was only on the phone with them for less than a half hour, asking them a lot of questions. It was very frustrating, and they kept interrupting me, not letting me have a chance to speak.

But, while I kept them occupied, I thought that I had better to a Google search on them, and when I found out it was a scam, I told them to fuck off.

Here's a YouTube link.

The AMMYY Scam
http://www.youtube.com/watch?v=1hsEHRIMeZo
--------------------------------------------------
Published on Jul 26, 2011 by clitmint

Failed scam is failed

Now I understand from a lot of other people writing on other sites that AMMYY is a legitimate site and app, but its clear that is being used to con people, which is why I uploaded this, in an attempt to show the few people who visit my channel what to look out for, not that they need the advice, but hey, its there just in case!

Following is what I would do to remove AMMYY, I'm only suggesting these steps, I'm not telling you to follow them, so if you choose to follow these steps then you do so at your own risk.

If you are unsure, then seek professional advice from either the store you bought your computer from, or if you're using a Windows OS, then you could find more information and telephone contact details from their Support web page.
.........................................

How to remove the AMMYY application from the computer:
If using Windows, then you can choose to follow these steps,,

First of all, turn off Remote Assistance and then Remote Desktop, then have a look at what is currently running on your computer, Open up the Task Manager and see which programmes are running, to do this the quick way, simply hold down Ctrl, Alt, Del and select Task Manager from the list, now when in there, be very careful what you're doing, and be sure to only stop the running of AMMYY programmes.

Secondly, you need to know if there has been any malware or viruses placed on your system, so if you removed AMMYY right away without checking for those then you may find it more difficult to spot any associated files which may contain viruses etc, a great programme to use would be Malwarebytes, Search for that using the Google Search bar, download the trail (or buy it), and install it and let it update it self, once its been updated, disconnect from the internet, and perform a FULL SCAN, then follow the steps from there to remove any viruses or malware etc.

Once thats all done, you can begin to remove the AMMYY application it self, AMMYY is a legitimate application, and it should have its own uninstall option in the folder located in the "All Programmes" list, to get there simply click on the Start button (or Windows button), take a look through the "All Programmes" tab, You should see AMMYY, so open the folder and see if it has its own "Uninstall Option", if so then follow the steps to remove it, if it doesnt have an uninstall option, dont worry, you can still get rid of it by using the "Uninstall or a Change Programme" setting, and to get there, simply double click the "Computer" icon, or find the "Computer" listed in the Start Menu,, AMMYY should appear in the list which will load up of all programmes currently installed on your computer.

Simply click on it and follow the steps.

Once you have removed AMMYY, there's still a little bit of work left, so next you should click on the Start Menu again, or hit the Windows Key. Then in the search field simply type in AMMYY, this will show if there is anything left of AMMYY, note that a manual deletion may be required of any remaining AMMYY folders and files from here, so remove everything you see identified as AMMY.

Last thing, When all thats done, open up the MalwareBytes programme again, and perform another FULL SCAN, once done you're ready to go back online and feel confident that there's no sweaty little con man sitting in India or Pakistan watching what you're doing.

I assume no responsibility for any damage YOU do to your computer, if you are unsure, then I recommend seeking professional help/advice for your operating system from either your retailer or from the Official Microsoft website or call their customer service center.

If this video has helped you then please hit the thumbs up button, I'm not asking for you to subscribe, just rate the video to get the information more notice.

Link to the Yahoo Answers page you see in the video - http://au.answers.yahoo.com/question/in ... 824AAXHo0M
--------------------------------------------------

Anyway . . . . .

I'm just glad I did a Google search on AMMYY while I was talking to them.

Yeah! They had me in a panic, and I was even afraid that I might also be in some kind of legal trouble, all kinds of shit.

But, the moment I saw the results of my Google search, I knew immediately it was a scam, and I called them out on their bullshit.

I may have been born at night, but it wasn't last night!
ImageI'm fat and sassy! I love to sing & dance & stomp my feet & really rock your world!

All I want to hear from an ex-jock is "Will that be paper or plastic?" After that he can shut the fuck up!
Heah comes da judge! Heah comes da judge! Order in da court 'cuz heah comes da judge!
Image

Image
Earl
Member
Posts: 2498
Joined: Sat Feb 21, 2009 11:36 pm
Gender: Male
Location: somewhere in Texas, Oklahoma, or Louisiana

Re: ATTENTION! DON'T FALL FOR THE AMMYY SCAM! READ AND RESPO

Post by Earl »

Hi, Fat Man! :)

Thank you very much for alerting us to these con artists and also for copying and pasting the texts so we could receive this information in the forum without having to click on the links!

You were quite wise to run the Google search. Needless to say, there are plenty of frauds on the Internet. You've got to be careful at times.

I've even received messages on the menu of my PC (well, actually, it was handed down to me by my wife, who now can't see well enough to use it) designed to look like Microsoft communications and falsely claiming that viruses had invaded the computer. I did get scared the first time I saw one of those, but they're fake.

Fat Man, you done good! 8)
"Some cause happiness wherever they go; others, whenever they go." -- Oscar Wilde

Go, Montana State Bobcats!

http://www.youtube.com/watch?v=kRq4_uxM ... re=related
Post Reply