Jump to content
Gary_D_from_Canada

Can Malwarebytes effectively find and remove Win Erx03?

Recommended Posts

Looks like my browsers have been compromised. An annoying pop-up takes control, sounds a loud alarm and informs me my Windows system has been compromised.  So far Malwarebytes is not catching it.  I thought this would be exactly what Malwarebytes hunts and kills.

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab
    Repair menu_arrows.png
     
  7. Click the Gather Logs button
    Advanced_arrows.png
     
  8. A progress bar will appear and the program will proceed with getting logs from your computer
    Advanced Gather Logs_arrows.png
     
  9. Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Advanced Gather Logs completed_arrows.png
     
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:
     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Share this post


Link to post
Share on other sites
11 minutes ago, Gary_D_from_Canada said:

Looks like my browsers have been compromised. An annoying pop-up takes control, sounds a loud alarm and informs me my Windows system has been compromised.  So far Malwarebytes is not catching it.  I thought this would be exactly what Malwarebytes hunts and kills.

These support scams are often caused by JavaScript found in malformed ads on a web site you visit. As long as you do not click on anything on those scam pages, your system does not actually download anything. Installing an ad blocker extension in your browser can stop this type of scam redirect.

Check out the Malwarebytes browser extension beta for Chrome and Firefox and say goodbye to tech support scams and many other web threats!

Share this post


Link to post
Share on other sites

Similar to these ?

I have created a 1series of videos generated from these kinds of fraud sites for the purposes of recognition and education.  They are all  videos from real web sites.  ALL are FRAUDS.

All these have one thing in common and they have nothing to do with any software on your PC.  They are all nefarious web sites meant to defraud you of money. The objective is to, falsely, goad you to make the phone call and pay for some service contract for an incident that never happened.  From there they may continue to charge your Credit Card for other services, remote into your computer and do real damage and/or exfiltrate your personal data and they may use the information they obtain from you to commit additional frauds.

MalwareScam.wmv
MalwareScam-1.wmv
MalwareScam-2.wmv
MalwareScam-3.wmv
MalwareScam-4.wmv
MalwareScam-5.wmv
MalwareScam-6.wmv

I have also created a PDF ScreenShow of a myriad of FakeAlert screens - FakeAlert-Screens.pdf  /  Flash Version


Reference:
-----------------   
US FBI PSA - Tech Support Fraud
US FTC Consumer Information -  Tech Support Scams
US FTC - Tech Support Operators Agree to Settle Charges by FTC and the State of Ohio
US FTC - FTC and Federal, State and International Partners Announce Major Crackdown on Tech Support Scams
Malwarebytes' Blog - Search on - "tech support scams"
Malwarebytes' Blog - "Tech support scams: help and resource page"



1.  Also located at "My Online Security" - Some videos of typical tech support scams

 

Share this post


Link to post
Share on other sites

Attached is the file collected by Malwarebytes Support Tool.  Thank you for your assistance.  Hope you can crack this one.  It's very annoying and makes me wonder what damage it may be doing to my computer.

Sorry, I've not been able to capture the malicious link from my History file.  So far it seems to be only happening when I use the Edge browser.

 

mbst-grab-results.zip

Share this post


Link to post
Share on other sites

David - you have an amazing collection of Scam Screens.  In the pdf collection, my problem most resembles page 103 that has a pop-up window titled "System Warning!"

Share this post


Link to post
Share on other sites

Thanks.  I have viewed so many FakeAlert sites it was relatively easy to get the screenshots.  The hard ones were from other countries.  They are added to show this is an International issue.  I will add it.  Obrigado

This is a kind of malvertisement and does not come from your PC.  It emanates from the Internet and exists as Browser based alerts and not something from some software on your PC.  MBAM won't "catch it" for that reason.  IFF Malwarebytes knows the URL of the FakeAlert it can be blocked so others will not see the malicious content.

 

Share this post


Link to post
Share on other sites

Hi Gary_D_from_Canada,

Do you have the URL/address of the webpage generating this fake alert? It should be visible at the top of your browser window. Once provided, we can add it to the Malwarebytes database so it gets blocked by the Web Protection component.

Share this post


Link to post
Share on other sites

Here are two links from my Edge History - I believe they are accurate but I had to hand-write them as I was unable to find a way to print my History:

d15qm1q5lpzo0g.cloudfront.net/v13/index.html?trk=pastion-taried.com&osv=Window

d3huny6i4a2tbc.cloudfront.net/v13/index.html?trk=pastion-taried.com&osv=Window

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.