"ERROR CODE 72" scam removal instructions
What is the "ERROR CODE 72" scam?
"ERROR CODE 72" is a scam run on deceptive webpages. It has been observed being promoted using azurewebsites[.]net - Microsoft Azure website-hosting platform. "ERROR CODE 72" is classified as a technical support scam. This scheme claims that the device has been infected with several high-risk viruses and urges users to call a fake tech support line. It must be emphasized that no website can actually detect threats/issues present in systems; hence, any sites that make such claims are scams. Few visitors to deceptive/scam pages access them intentionally, most get redirected to them by intrusive advertisements or by PUAs (Potentially Unwanted Applications), already installed onto the system.
Once a website promoting "ERROR CODE 72" is accessed, it displays a pop-up window. It states that "Microsoft" has protected users' computers. They are urged to call a free helpline. The text presented in the background page claims that the device's screen has been disabled, due to the system being infected with multiple viruses. These threats are listed as: an unspecified trojan, CSRSS.EXE trojan, pornographic spyware and phishing malware infections. Users are asked to call the provided telephone number within five minutes. They must call the helpline to prevent access and data loss - by following the removal instructions provided by "expert engineers". Typically, the "free" technical support lines are expensive and the scammers attempt to keep users talking for as long as possible. Alternatively, the cyber criminals can trick users into allowing them access and control over the supposedly infected device. The system might also suffer genuine malware infections, through alleged anti-virus tools and other software the criminals may offer. Other purposes of such schemes can be to demand payment for fake "services rendered" or to extract personal information from users (e.g. names, addresses, emails, banking account or credit card details, etc.). To summarize, trusting "ERROR CODE 72" scam can result in system infections, financial losses, severe privacy issues and even identity theft. Therefore, it is recommended to simply ignore the scheme and close the webpage displaying it. In some cases, it may be impossible to close a deceptive site; hence, the Windows Task Manager is to be used to end the browser's process. Additionally, upon reopening the previous session must not be restored - so as not to reopen the scam page (or cause the website that originally redirected to it - to do so again).
Aside from force-open various untrustworthy and malicious sites, PUAs can have other/additional abilities. Adware-type unwanted apps enable the placement of intrusive advertisements (e.g. pop-ups, banners, coupons, surveys, etc.) on any visited website. These ads diminish the browsing experience. Furthermore, upon being clicked, intrusive adverts redirect to harmful pages and some can even stealthily download/install software (e.g. PUAs). Another type of PUA, called browser hijackers - modify browsers in order to promote fake search engines. These promoted web searchers are rarely capable of providing search results, so they tend to redirect to Google, Yahoo, Bing and other legitimate search engines. What is more, most PUAs have data tracking abilities. They can monitor browsing activity (URLs visited, pages viewed, search queries typed, etc.) and collect personal information extracted from it (IP addresses, geolocations and other details). PUA developers often monetize this vulnerable data by sharing it with and/or selling it to third parties. Therefore, to ensure device integrity and user safety, all suspect applications and browser extensions/plug-ins immediately upon detection.
|Name||ERROR CODE 72 tech support scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Scam claims users' devices are infected with multiple viruses|
|Tech Support Scammer Phone Number||+1-833-378-3348|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Malwarebytes.
"Killer's IP Address", "VIRUS ALERT FROM Windows", "Windows firewall has blocked some features of this program" and "WIN.DLL011150 Error" are some examples of other technical support scams. There are thousands of deceptive webpages on the Web. They use social engineering and scare tactics to trick users into performing certain actions. Popular scam models include: warnings that the device is infected, alerts that an essential piece of software is outdated, fake prize giveaways, unbelievable offers/deals, and so on. These schemes try to push users into: calling expensive "helplines", download/install and/or purchase untrustworthy or malicious software, pay bogus fees, reveal personal information, etc. Regardless of what scams claim, the end-goal is the same - to generate revenue for the scammers / cyber criminals behind them.
How did potentially unwanted applications install on my computer?
PUAs can be downloaded/installed together with other software. This deceptive marketing technique of pre-packing regular products with unwanted or malicious additions - is termed "bundling". Rushed download/installation processes (e.g. ignored terms, used pre-set options, etc.) - increase the risk of unintentionally allowing dubious and/or bundled content into the device. Some PUAs have "official" download webpages, which are commonly promoted by scam sites. Intrusive advertisements proliferate these applications as well. Once clicked on, they can execute scripts to download/install PUAs without user permission.
How to avoid installation of potentially unwanted applications?
It is recommended to research software before download/installation and/or purchase. All downloads must be done from official and verified sources. Untrustworthy channels, like: unofficial and free file-hosting websites, P2P sharing networks (BitTorrent, Gnutella, eMule, etc.) and other third party downloaders - offer bundled content; therefore, they are advised against use. When downloading.installing, it is important to read terms, explore all available options, use the "Custom/Advanced" settings and opt-out from additional apps, tools, functions, and so on. Intrusive adverts typically appear legitimate and harmless, however they redirect to various questionable pages (e.g. gambling, pornography, adult-dating and others). In case of encounters with such ads/redirects, users must inspect the system and immediately remove all suspicious applications and browser extensions/plug-ins from it. If your computer is already infected with PUAs, we recommend running a scan with Malwarebytes for Windows to automatically eliminate them.
Text presented in the "ERROR CODE 72" scam's pop-up window:
Microsoft protected your PC
Call Helpline +1-833-378-3348 (Toll Free)
Run anyway Back to Safety
Screenshot of "ERROR CODE 72" scam's background page:
Text presented in this page:
Products Office Windows Surface Xbox Support
ERROR CODE 72
Call support +1-833-378-3348
This computer window is disabled.
This computer is infected with Trojan horse virus.
Your computer warns you that you are infected with porn spyware and viruses.
1. Trojan horse virus
2. CSRSS.EXE Trojan virus
3. Porn spyware
4. Phishing malware
Please call within 5 minutes.
So that our expert engineers can guide you through the phone removal process to protect your identity.
You must contact us immediately. To prevent your computer from becoming invalid or losing information、
Call support (Toll free) +1-833-378-3348
The appearance of "ERROR CODE 72" pop-up scam (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Malwarebytes is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "ERROR CODE 72"?
- STEP 1. Uninstall deceptive applications using Control Panel.
- STEP 2. Remove adware from Internet Explorer.
- STEP 3. Remove rogue extensions from Google Chrome.
- STEP 4. Remove potentially unwanted plug-ins from Mozilla Firefox.
- STEP 5. Remove rogue extensions from Safari.
- STEP 6. Remove rogue plug-ins from Microsoft Edge.
Removal of potentially unwanted applications:
Windows 7 users:
Click Start (Windows Logo at the bottom left corner of your desktop), choose Control Panel. Locate Programs and click Uninstall a program.
Windows XP users:
Click Start, choose Settings and click Control Panel. Locate and click Add or Remove Programs.
Windows 10 and Windows 8 users:
Right-click in the lower left corner of the screen, in the Quick Access Menu select Control Panel. In the opened window choose Programs and Features.
Mac OSX users:
Click Finder, in the opened screen select Applications. Drag the app from the Applications folder to the Trash (located in your Dock), then right click the Trash icon and select Empty Trash.
In the uninstall programs window, look for any suspicious/recently-installed applications, select these entries and click "Uninstall" or "Remove".
After uninstalling the potentially unwanted application, scan your computer for any remaining unwanted components or possible malware infections. To scan your computer, use recommended malware removal software.
Remove rogue extensions from Internet browsers:
Video showing how to remove potentially unwanted browser add-ons:
Remove malicious add-ons from Internet Explorer:
Click the "gear" icon (at the top right corner of Internet Explorer), select "Manage Add-ons". Look for any recently-installed suspicious browser extensions, select these entries and click "Remove".
If you continue to have problems with removal of the error code 72 tech support scam, reset your Internet Explorer settings to default.
Windows XP users: Click Start, click Run, in the opened window type inetcpl.cpl In the opened window click the Advanced tab, then click Reset.
Windows Vista and Windows 7 users: Click the Windows logo, in the start search box type inetcpl.cpl and click enter. In the opened window click the Advanced tab, then click Reset.
Windows 8 users: Open Internet Explorer and click the gear icon. Select Internet Options.
In the opened window, select the Advanced tab.
Click the Reset button.
Confirm that you wish to reset Internet Explorer settings to default by clicking the Reset button.
Remove malicious extensions from Google Chrome:
Click the Chrome menu icon (at the top right corner of Google Chrome), select "More tools" and click "Extensions". Locate all recently-installed suspicious browser add-ons and remove them.
If you continue to have problems with removal of the error code 72 tech support scam, reset your Google Chrome browser settings. Click the Chrome menu icon (at the top right corner of Google Chrome) and select Settings. Scroll down to the bottom of the screen. Click the Advanced… link.
After scrolling to the bottom of the screen, click the Reset (Restore settings to their original defaults) button.
In the opened window, confirm that you wish to reset Google Chrome settings to default by clicking the Reset button.
Remove malicious plugins from Mozilla Firefox:
Click the Firefox menu (at the top right corner of the main window), select "Add-ons". Click on "Extensions", in the opened window remove all recently-installed suspicious browser plug-ins.
Computer users who have problems with error code 72 tech support scam removal can reset their Mozilla Firefox settings.
Open Mozilla Firefox, at the top right corner of the main window, click the Firefox menu, in the opened menu, click Help.
Select Troubleshooting Information.
In the opened window, click the Refresh Firefox button.
In the opened window, confirm that you wish to reset Mozilla Firefox settings to default by clicking the Refresh Firefox button.
Remove malicious extensions from Safari:
Make sure your Safari browser is active, click Safari menu, and select Preferences....
In the opened window click Extensions, locate any recently installed suspicious extension, select it and click Uninstall.
Make sure your Safari browser is active and click on Safari menu. From the drop down menu select Clear History and Website Data...
In the opened window select all history and click the Clear History button.
Remove malicious extensions from Microsoft Edge:
Click the Edge menu icon (at the upper-right corner of Microsoft Edge), select "Extensions". Locate all recently-installed suspicious browser add-ons and click "Remove" below their names.
If you continue to have problems with removal of the error code 72 tech support scam, reset your Microsoft Edge browser settings. Click the Edge menu icon (at the top right corner of Microsoft Edge) and select Settings.
In the opened settings menu select Reset settings.
Select Restore settings to their default values. In the opened window, confirm that you wish to reset Microsoft Edge settings to default by clicking the Reset button.
- If this did not help, follow these alternative instructions explaining how to reset the Microsoft Edge browser.
Commonly, adware or potentially unwanted applications infiltrate Internet browsers through free software downloads. Note that the safest source for downloading free software is via developers' websites only. To avoid installation of adware, be very attentive when downloading and installing free software. When installing previously-downloaded free programs, choose the custom or advanced installation options – this step will reveal any potentially unwanted applications listed for installation together with your chosen free program.
If you are experiencing problems while trying to remove error code 72 tech support scam from your computer, please ask for assistance in our malware support forum.
Post a comment:
If you have additional information on error code 72 tech support scam or it's removal please share your knowledge in the comments section below.