Share via

Ultraviewer scam

Tim Foley 0 Reputation points
2026-05-22T03:41:11.5533333+00:00

I believe I was a victim of microsoft ultraviewer scam. Said I had a clampi virus. I've uninstalled the app and ran a scan on my webroot and no threats detected or active. I filled out the scam information on microsoft. Now what?

Windows for home | Windows 11 | Security and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gunasekar N 67,945 Reputation points Independent Advisor
    2026-05-22T04:20:52.93+00:00

    Hello, thank you for reaching out to Microsoft Q&A.

    Try running a full system scan with a trusted antivirus program to check for any threats. You can use Malwarebytes to scan your entire system and see if anything suspicious shows up.

    https://www.malwarebytes.com/

    You can use the free version and run a complete scan.

    --*

    Alternatively, check your Microsoft account for any unusual activity, such as sign-ins from an unfamiliar region or location. If anything looks suspicious, reset your password and enable two-factor authentication for added security.

    See your recent activity

    Let me know if you still need more help.

    Standard Disclaimer: This is a non-Microsoft website. The page appears to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.'

    Was this answer helpful?

    0 comments

  2. AI answer

    2026-05-22T03:41:25.1266667+00:00

    The described behavior matches a tech support scam. After uninstalling UltraViewer and running an AV scan, the next recommended steps are:

    1. Remove anything else the scammers may have installed
      • Uninstall any other applications that were installed at their request. If unsure, review recently installed programs in Settings > Apps and remove anything that looks unfamiliar or was added during the scam session.
      • If a program does not appear in Programs and Features, try its built‑in uninstaller as described in the deceptive software article.
    2. Consider resetting the device if activity seems suspicious
      • If fake warnings keep appearing or the device behaves strangely, consider using Windows recovery options to reset the PC to a clean state. See Recovery options in Windows from the tech support scam guidance.
    3. Run a full, advanced malware scan with Microsoft’s tools
      • Even though Webroot shows clean, also run a full scan with Windows Security / Microsoft Defender Antivirus to double‑check for support‑scam malware. Guidance is in Stay protected with the Windows Security app.
    4. Apply all Windows and app security updates
      • Go to Start > Settings > Update & Security > Windows Update and install all available updates. Keeping Windows updated helps remove known threats and vulnerabilities.
    5. Change passwords and monitor accounts
      • Change passwords for important accounts (Microsoft account, email, banking, shopping, social media), especially if any credentials were typed while the scammer had remote access.
      • Monitor sign‑in activity and account statements for anything unusual. If anything suspicious is found, follow the account provider’s recovery/security guidance.
    6. Contact financial institutions if any payment was made
      • If credit card, bank details, or other payment information were provided, contact the card issuer or bank, explain it may have been a tech support scam, and follow their instructions (dispute charges, replace cards, add monitoring, etc.).
    7. Continue to report and avoid future scams
      • The scam report to Microsoft was the correct step. Future incidents can also be reported at https://www.microsoft.com/reportascam.
      • Remember: Microsoft does not cold‑call, does not use pop‑up phone numbers in error messages, and does not ask for remote access unless support was initiated through official channels.

    If no remote access was granted, no software was installed beyond UltraViewer (now removed), and no sensitive information or payment was provided, typically no further technical action is required beyond the scans and updates.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.