Author Topic: Security Tool virus  (Read 5618 times)

0 Members and 1 Guest are viewing this topic.

dlane123

  • Guest
Security Tool virus
« on: October 01, 2010, 07:32:18 PM »
I have search the forum for info on this virus and think I have fixed it using Malwarebytes.  However, I have some questions.  How did this older virus (Security Tool) get by my Avast?  This virus held my computer hostage and wanted me to pay $79.95 to eliminate itself.  My question: isn't this criminal activity?  Who would police this felonious activity?  I am perturbed and would like to strike back.  It seems to me you could follow the money trail and prosecute. Would appreciate any enlargement on this matter.  Thanks

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: Security Tool virus
« Reply #1 on: October 01, 2010, 07:46:15 PM »
How did this older virus (Security Tool) get by my Avast?
Not a single signature antivirus is perfect... Rogue AV are difficult to detect.

My question: isn't this criminal activity?
Yes, it is... What can we do?

Who would police this felonious activity?
The security companies...

It seems to me you could follow the money trail and prosecute.
I don't think so...
The best things in life are free.

Gargamel360

  • Guest
Re: Security Tool virus
« Reply #2 on: October 01, 2010, 07:50:58 PM »
 These guys stay in business because they are good at what they do, smart in a bad way. I sympathize the feeling, though.  My first rouge infection left me feeling a little....molested.


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37132
  • Not a avast user
Re: Security Tool virus
« Reply #3 on: October 01, 2010, 08:03:42 PM »
Fake antivirus overwhelming scanners
http://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/


Quote
The reason for the growth in numbers is what is known in technical terminology as ‘polymorphism', an old defence technique which involves changing the binary checksum of every copy (or download) of a piece of malware. This makes it much more difficult for antivirus programs to detect the programs.

BRANDONN2008

  • Guest
Re: Security Tool virus
« Reply #4 on: October 01, 2010, 10:52:10 PM »
Threatfire is pretty good at detecting this like this isn't it? They must all exhibit some behavior that would be detected as suspicious by Threatfire?

dlane123

  • Guest
Re: Security Tool virus
« Reply #5 on: October 02, 2010, 05:33:26 AM »
Thanks to those that have replied to my thread start.  It sounds like not much can be done to the perpetratore of viruses.  I still am steamed that a company/person can infect my computer and then ask for money to clean my computer-sounds like extortion to me.  Has any virus initiator every be caught and prosecuted?

Gargamel360

  • Guest
Re: Security Tool virus
« Reply #6 on: October 02, 2010, 06:00:03 AM »
Yeah, I'm sure people that try this without understanding how to get away with it are the ones who get caught.  But this stuff is big black market business now, and non-extradition countries or disputes between nations  are easy things to hide behind and reap profits.

@Brandon, yeah, as they said, signatures change fast, so behavior type detect like threatfire is one way to try and protect against this.

BRANDONN2008

  • Guest
Re: Security Tool virus
« Reply #7 on: October 02, 2010, 08:31:39 AM »
What I don't understand is how scams like doublemyspeed.com and mycleanpc.com are allowed to air commercials for their fraudulent services.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: Security Tool virus
« Reply #8 on: October 02, 2010, 02:32:12 PM »
What I don't understand is how scams like doublemyspeed.com and mycleanpc.com are allowed to air commercials for their fraudulent services.
+1
I can't see a reason for avast to not block their domains by Net Shield... :'(
The best things in life are free.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37132
  • Not a avast user
Re: Security Tool virus
« Reply #9 on: October 02, 2010, 04:15:25 PM »
Quote
Has any virus initiator every be caught and prosecuted?
oooh yes, it happens...

Feds accuse 37 of being Zeus 'money mules'
http://www.theregister.co.uk/2010/09/30/zeus_money_mules_charged/

Police charge 11 over Zeus cybercrime scam
http://www.theregister.co.uk/2010/09/30/zeus_e_crime_charges/

UK cybercops cuff 19 ZeuS banking Trojan suspects
http://www.theregister.co.uk/2010/09/29/zeus_cybercrime_arrests/

http://www.theregister.co.uk/security/crime/

dlane123

  • Guest
Re: Security Tool virus
« Reply #10 on: October 02, 2010, 07:22:05 PM »
@Pondus Looks like the UK is out front in pursuing these criminals.  Is there place, activity or organization one can report nefarious activity?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37132
  • Not a avast user
Re: Security Tool virus
« Reply #11 on: October 02, 2010, 09:43:47 PM »
@Pondus Looks like the UK is out front in pursuing these criminals.  Is there place, activity or organization one can report nefarious activity?
you mean in the US ......hmmmm......maybe here  http://www.fbi.gov/   :D

Quote
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA).
http://www.ic3.gov/default.aspx

BRANDONN2008

  • Guest
Re: Security Tool virus
« Reply #12 on: October 03, 2010, 04:09:25 AM »
What I don't understand is how scams like doublemyspeed.com and mycleanpc.com are allowed to air commercials for their fraudulent services.
+1
I can't see a reason for avast to not block their domains by Net Shield... :'(

Well my HP and MVPS HOSTS file blocks them, which is good.