How to make sure I am protected after ultra viewer scam

Question

I was scammed after computer take over. Login ultra viewer. What do I do next?

Answer 1

Welcome Debbie Scott,

Thank you for reaching out to Microsoft Q&A forum. I am here to assist you.  

I understand you’re concerned about protecting your Windows 11 PC after a remote‑access scam involving UltraViewer. 

To help narrow this down a bit before proceeding: 

• Are you currently able to sign in to your Windows account normally, or do you notice any unusual behavior such as new accounts, pop‑ups, or settings changes? 
• Was the PC using a personal Microsoft account or a local account at the time of the incident? 

In addition to the previous suggestions, you could also explore these options: 

Option 1: Run a Windows Security offline scan  

• Open Windows Security 
• Select Virus and threat protection 
• Choose Scan options 
• Select Microsoft Defender Offline scan and start it 
• This scan runs before Windows loads and can detect hidden threats. 

Option 2: Check for unexpected startup items  

• Press Ctrl + Shift + Esc to open Task Manager 
• Go to the Startup tab 
• Disable any apps you don’t recognize or didn’t install yourself 

Option 3: Reset web browsers used during the scam  

• Open each browser you used 
• Reset settings to default  This helps remove malicious extensions or altered settings. 

Option 4: Verify Windows security features are enabled  

• Open Windows Security 
• Select Device security 
• Ensure Core isolation and Memory integrity are turned on if supported 

I really hope that the information I gave above was helpful to you. Please feel free to reply below and let me know if you have further concern on this matter.    

---

P.S: If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".     

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

Answer 2

Hi. I'm David, and I'm happy to help you.

---

First of all, disconnect from the internet. Then, uninstall UltraViewer or any other software that allows remote access.

---

After that, I suggest you do a full scan using Microsoft Safety Scanner. Download from the link below.

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

---

Also, do a full scan using Malwarebytes as a second opinion.

Download through this link: https://malwarebytes.com/

After scanning, you can uninstall it.

---

Download the tools before disconnecting your computer from the internet, or download them using another device and transfer them to the affected PC.

If any threat is detected by any of the tools, I suggest you quarantine or delete it.

---

Now, something very important that you need to do as soon as possible: change the password for all the services you are currently logged into on your PC. They may have managed to get your password or access token.

Also, do this:

• Enable two-factor authentication wherever possible.
• If you entered financial details, contact your bank or card provider right away.

---

Feel free to ask any questions you may have.

---

Standard Disclaimer: There is a link to a non-Microsoft website. The page appears to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.