Complaint Letter Virus

[rscrouse]

Does MalwareBytes detect and quarantine the Complaint Letter Virus on Windows and MAC?

[Malwarebytes]

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

If you are having technical issues with our Windows product, please do the following:

Malwarebytes Support Tool - Advanced Options

This feature is designed for the following reasons:

• For use when you are on the forums and need to provide logs for assistance
• For use when you don't need or want to create a ticket with Malwarebytes
• For use when you want to perform local troubleshooting on your own

How to use the Advanced Options:

Spoiler

1. Download Malwarebytes Support Tool
2. Double-click mb-support-X.X.X.XXXX.exe to run the program
   • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
3. Place a checkmark next to Accept License Agreement and click Next
4. Navigate to the Advanced tab
5. The Advanced menu page contains four categories:
   • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
   • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
   •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
   • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
6. To provide logs for review click the Gather Logs button
7. Upon completion, click OK
8. A file named mbst-grab-results.zip will be saved to your Desktop
9. Please attach the file in your next reply.
10. To uninstall all Malwarebytes Products, click the Clean button.
11. Click the Yes button to proceed. 
12. Save all your work and click OK when you are ready to reboot.
13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
14. Select Yes to install Malwarebytes.
15. Malwarebytes for Windows will open once the installation completes successfully.

Screenshots:

Spoiler

 

 

 

 

Spoiler

 

 

 

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

• Renewals
• Refunds (including double billing)
• Cancellations
• Update Billing Info
• Multiple Transactions
• Consumer Purchases
• Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

[Porthos]

14 minutes ago, rscrouse said:

Does MalwareBytes detect and quarantine the Complaint Letter Virus on Windows and MAC?

Since this is probably a doc file attachment, it would be detected by the exploit detection of the paid version of Malwarebytes. It would not be detected by a scan.

Malwarebytes does not target script files during a scan.. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

 

Malwarebytes will detect files like these on execution only with the anti-exploit module of the paid program.

https://www.pcrisk.com/removal-guides/13377-company-complaint-email-virus

Quote

How to avoid installation of malware?

Have a reputable anti-virus/anti-spyware suite installed and running. Carefully study all emails received and attachments - files that seem irrelevant or have been received from dubious websites should never be opened. We strongly recommend that you download your programs from official sources only and keep installed applications up-to-date. The main reasons for computer infections are poor knowledge and careless behavior - the key to safety is caution. If you have already opened the "Company Complaint Email Virus" attachment, we recommend running a scan with Malwarebytes for Windows to automatically eliminate infiltrated malware.

 

Edited March 12, 2021 by Porthos

[rscrouse]

Thank you Porthos. To be clear, are you saying that the paid version of MB does, in fact, detect the Complaint Letter virus?

Thanks you.

[Porthos]

Just now, rscrouse said:

To be clear, are you saying that the paid version of MB does, in fact, detect the Complaint Letter virus?

It wont hit on the actual doc file but if someone carelessly opens it and lets the macros run, the exploit protection should block the actual install of the payload.

But best practice is not to fall for these scam emails in the first place. Do not open any attachment you are not expecting.

 

[rscrouse]

Thank you Porthos. And if someone has opened the doc and let the macros run, thereby becoming infected, will a MB scan find the virus and allow quarantining it?

[rscrouse]

That is to say, if a person was infected before getting MB, and then buys MB to see if they have the virus, will a scan detect it after the fact?

[David H. Lipman]

What is a "Complaint Letter Virus" ?

Viruses are a distinct type of malware that are able to Self Replicate.  That is they are able to autonomously spread on their own.  From file to file.  File to computer or computer to file or from computer to computer.

Viruses are now a very, very, small component of the malware arena.  When it comes to malicious software the terminology "virus" is widely abused and misused.

The terminology "Complaint Letter Virus" sounds more like a colloquial term than a real computer virus name like;  Jerusalem, Form, Nimda, Parite, WannaCry and Virut. 

As @Porthos has noted, MBAM does not target Documents ¹as a letter would be.  MBAM would block the malicious actions rendering a document may cause by the MBAM anti exploitation module.  Computer Documents would not be viruses themselves.  Malicious documents are mainly classed as Trojans as the propensity Today are documents that drop malware or download malware and do not autonomously spread.  There were malicious documents in the past that did have this ability.  That is the VB Macro language was used to create a Macro Virus that would infect MS Office and would subsequently infect any clean documents that were opened.  These documents were then able to spread the Macro Virus to other systems.  Today's documents do not contain Macro Viruses.  Instead, the VB Macro Language is used to download and or drop malware and the vast majority of the payload malware are Trojans and not viruses.

---

1.  Assuming a computer letter.  One could have a US Postal "Complaint Letter" that contains something like Anthrax spores and thus could be a "Complaint Letter Virus".

Edited March 12, 2021 by David H. Lipman
Edited for content, clarity, spelling and grammar

[rscrouse]

Hi David. I'm referring to the virus/malware that the page at this link describes

https://www.pcrisk.com/removal-guides/13400-complaint-email-virus

This page describes a "Complaint Email Virus" and offers links to buy MB for protection. I have been told the the "Complaint Letter Virus" is similar (I believe it is in the "kitty" virus family), but infects your computer by sending an email from an infected computer to another email address also in the infected computer but adds a zip file attachment with file name "complaint-letter-<string of digits>." Infection occurs if you unzip and then open the document. A person I know had the virus and worked with a "antivirus expert." He removed the virus, he says, using MalwareBytes. We have a situation where a number of computers in an office have been exposed to possibly getting this virus. I'm trying to find out if MB actually does detect this virus is present on a PC and MAC when you do a full scan. Do you know if it does? Thank you.

Edited March 12, 2021 by AdvancedSetup
disabled live hyperlink

[David H. Lipman]

PCRisk is giving very poor quality information and its not new.  It is so generic and vanilla.  Its made to capture the eye of someone who just doesn't know much about malware.

The site is all about supplying insufficient information such that you choose I see other "guides" as well also indicate    Maybe for affiliate revenue of some kind. 

Malwarebytes software is best downloaded directly from Malwarebytes itself and not from PCRisk.

In any case Malwarebytes will handle any form of malware that topic covers.

 

[rscrouse]

Thank you David.

[David H. Lipman]

 

[Porthos]

3 hours ago, David H. Lipman said:

Maybe for affiliate revenue of some kind. 

Yes David they are an affiliate. their link gives them credit for the sale if purchased. VT for download.

But David is correct, ALL software should be downloaded from the official websites to prevent scams.

[rscrouse]

Hi Porthos. Yes I know. I did go to the MB site and purchase directly, for exactly the reason you state.

Thank you.

Rich