We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Fallen for the ScanGuard {Edited by Forum Team}
![andyca](https://us-noi.v-cdn.net/6031891/uploads/defaultavatar/nFA7H6UNOO0N5.jpg)
andyca
Posts: 163 Forumite
![Part of the Furniture](https://us-noi.v-cdn.net/6031891/uploads/badges/XJRZPR7AGQL5.png)
![100 Posts](https://us-noi.v-cdn.net/6031891/uploads/badges/IGTW8HUR27O0.png)
My uncle has fallen for the ScanGuard {Edited by Forum Team}, (more info on ScanGuard here) tempted by an advert while playing Solitaire on his Windows 10 PC, he was simply not used to advertising being presented within applications he trusted and I can't say I blame him, I'm really disappointed with the route Microsoft have gone down with their advertising based software model but that's a discussion for another time.
He asked me to look at his machine as Edge was crashing on launch, ScanGuard removed, MalwareBytes and Microsoft MSRT run and finally Defender reinstated. (Edge works fine now)
He paid £30 approx. 3 months ago (via debit card) for it after some pressure selling and lots of fake reports of threats on his PC to convince him he really needed the product. Apparently this was a discount from the £180 he should have paid. :mad:
I have advised him to contact ScanGuard via Email or Chat and request his money back and a cancellation of auto-renewal, also make sure he gets a copy of the transcript and/or a confirmation e-mail. I've also told him to contact his bank, check for any unauthorized payments and inform them he has fallen for a {Edited by Forum Team} and not to authorize any further payments. I also told him to get a credit card (paid in full each month) and explained Section 75 protection.:money:
Just wanted to check if anyone can think of anything I've missed on a technical or consumer protection level?
I doubt he will be entitled to any money back, and as he used a debit card it will probably be impossible, but is there anything else he can do?
He asked me to look at his machine as Edge was crashing on launch, ScanGuard removed, MalwareBytes and Microsoft MSRT run and finally Defender reinstated. (Edge works fine now)
He paid £30 approx. 3 months ago (via debit card) for it after some pressure selling and lots of fake reports of threats on his PC to convince him he really needed the product. Apparently this was a discount from the £180 he should have paid. :mad:
I have advised him to contact ScanGuard via Email or Chat and request his money back and a cancellation of auto-renewal, also make sure he gets a copy of the transcript and/or a confirmation e-mail. I've also told him to contact his bank, check for any unauthorized payments and inform them he has fallen for a {Edited by Forum Team} and not to authorize any further payments. I also told him to get a credit card (paid in full each month) and explained Section 75 protection.:money:
Just wanted to check if anyone can think of anything I've missed on a technical or consumer protection level?
I doubt he will be entitled to any money back, and as he used a debit card it will probably be impossible, but is there anything else he can do?
0
Comments
-
One of the first things when I got windows 10 was to uninstall the MS store. I feel that everything I want I can get elsewhere. I still use my old windows 7 Minesweeper.
Personally I would bring up the firewall and block Scamguard, and their payment system page permanently.0 -
My uncle has fallen for the ScanGuard scam, (more info on ScanGuard here) tempted by an advert while playing Solitaire on his Windows 10 PC, he was simply not used to advertising being presented within applications he trusted and I can't say I blame him, I'm really disappointed with the route Microsoft have gone down with their advertising based software model but that's a discussion for another time.
That's absolutely shocking! Microsoft should be ashamed of themselves.0 -
ADW cleaner to tidy up and carp leftover ..
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
Tell your uncle to be super suspicious of all emails about stuff like this for a while,
because he will now be labeled as a potential "mark" and these shyster companies usually sell/trade their "customer" info with each other ..0 -
Thanks AndyPix - I had not seen that tool before... Probably best to download it form Malwarebytes directly for anyone else reading this: https://www.malwarebytes.com/adwcleaner/
As I installed the full Malwarebytes Premium Suite (On a trial) hopefully it has performed all the functions that ADWCleaner would. It's nice there is a free alternative just in case people have already used up their Malwarebytes trial. Good call on being more sceptical for a while too!
Full disclosure esuhl, I did also find the following on my uncles machine:
[FONT=Calibri,Arial,Helvetica,sans-serif,EmojiFont,Apple Color Emoji,Segoe UI Emoji,NotoColorEmoji,Segoe UI Symbol,Android Emoji,EmojiSymbols]
- Trojan Zbot - A trojan horse virus which can allow people to steal your internet banking credentials and lock your machine for ransom.
- Yontoo - Adware which will replace legitimate adverts on legitimate web pages with adverts for scam software like ScanGuard, making you think trustworthy places like the BBC or Microsoft are recommending their products.
- SpeedItUp - a scam tool which pretends to speed up your broadband but actually is just Adware just like Yontoo
It could have been one of the above injecting the advert into Solitaire or a web page.
In either case it removes all question of legitimacy for ScanGuard to allow these to remain on the machine.
[/FONT]0 -
How about considering the free versions of reboot-restore-rx, or commodo time machine. They do similar stuff, but slightly different.0
-
Thanks for the replies were.
The Malwarebytes is blocking the ScanGuard site for the next two weeks (until the trial runs out), so I've told him to mail/message about the refund and auto-renewal from his iPad.
Those restoration tools are something I've considered for my parents, but I think in both cases there is a level of management required, so I've gone for education rather than regulation.
I also wouldn't want to take the snapshot of the machine now as "known good", while the tools I've used are very good they are not a comprehensive guarantee that all of the latest threats are removed from the system. There could still be undetected nasties lurking, I'm considering getting him to wipe the machine and start again (if it were mine that's what I'd do). I've also told him to change his passwords (especially if one of them was used to set up an account with ScanGuard) and not to use online banking on that machine.
I think I have answered another one of my own questions by finding the Citizens Advice -Reporting Scams page which suggests reporting the company to Trading Standards:
https://www.citizensadvice.org.uk/consumer/scams/scams/spotting-and-reporting-scams/how-to-report-a-scam/
That page also has this interesting section about getting a refund:
"You can't always get your money back if you've been scammed, especially if you've handed over cash. If you've paid for goods or services by credit you have more protection and if you used a debit card you may be able to ask your bank for a chargeback."
Thanks for all the great suggestions, hopefully this will help the next person who gets caught.0 -
Thanks AndyPix - I had not seen that tool before... Probably best to download it form Malwarebytes directly for anyone else reading this:
The tool was created by toolslib, THAT is the original direct download.
It has recently been bought by MBAMAs I installed the full Malwarebytes Premium Suite (On a trial) hopefully it has performed all the functions that ADWCleaner would. [FONT=Calibri,Arial,Helvetica,sans-serif,EmojiFont,Apple Color Emoji,Segoe UI Emoji,NotoColorEmoji,Segoe UI Symbol,Android Emoji,EmojiSymbols]
[/FONT]
Nope - It does not perform the functions that ADW cleaner does. Use them in tandem0 -
The FIRST thing you want to do is contact bank, make sure that they have not set up a recurring payment.
As has been said many a time, Windows 10 is an Advertising and Affiliate platform, first thing I do is shut it all down and rip the guts out of it. 240 privacy setting are part of it. I find it disgusting that Microsoft to not let you uninstall all of the crap and that they put some back after updates.
That is why I will NOT use any of their Browsers, Music/Video apps or anything Microsoft really, except maybe notepad.
They have upped the anti with Google who created a Spy Toolbar, then a Spy Browser, Spying sites that have their widgets and Spy Phones, so not really surprised that the whole damn MS OS is spying on you.
Mostly I stick with Win7 or dual boot Win7/10Thanks, don't you just hate people with sigs !0 -
The tool was created by toolslib, THAT is the original direct download.
It has recently been bought by MBAM
Ah ok - I thought toolslib was just a download site that anyone could contribute to... and as such not all downloads could be trusted, in either case now that Malwarebytes own it I'd probably always send someone there for the latest version rather than toolslib.Nope - It does not perform the functions that ADW cleaner does. Use them in tandem
Will do!
After seeing the sticky thread I'll also probably run a Lavasoft Ad-Aware free and Spybot S&D before I sign his machine off as safe for internet banking.0 -
That post is 11 years old !!
Malwarebytes and ADW cleaner and a scan with your choice of AV and your good to go0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
![](https://us-noi.v-cdn.net/6031903/uploads/editor/vr/1lva7v6jjidq.png)
Categories
- All Categories
- 347.8K Banking & Borrowing
- 251.9K Reduce Debt & Boost Income
- 452.2K Spending & Discounts
- 240.1K Work, Benefits & Business
- 616.3K Mortgages, Homes & Bills
- 175.4K Life & Family
- 253.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards