Trusted Site Seal
SSL Certificate
Thomas Computer Repair is HomeAdvisor Screened & Approved

Security-Tools 2010


This one works just like Antivirus 2009 discussed on another page here.

It starts, as they almost always do, when you click a link without knowing what it is or where it will take you. The page that comes up looks like this:

Screenshot from phony Security Tools 2010 virus scan hoax

It appears to be scanning your computer. And boy, what a fast little scanner it is! Since when does a full computer virus scan take about ten seconds?

(One big tipoff for me is that I'm seeing all this activity while running the Linux operating system, which unlike Windows, doesn't even have a C: drive, or a D: drive, or a Control Panel, or a My Documents folder, etc, etc.)

When it's done, you see this little fella pop up:

Screenshot from phony Security Tools 2010 virus scan hoax

“Your computer remains infected by viruses! They can cause data loss and file damages[sic] and need to be cured as soon as possible. Return to System Security and download it secure[sic] to your PC”

Sure, ok. :-)

Now, whatever you click next, you see this:

Screenshot from phony Security Tools 2010 virus scan hoax

“To help protect your computer, Windows Web Security has detected trojans and ready to remove them [sic].”

This is supposed to be a listing of all the malware found specifically on YOUR computer, in YOUR home. But the fact is, whoever goes to this page, with whatever computer, they'll see the same thing. It's an image, a gif, named "alert.gif" and located in the "images" folder on the site. I have a copy of it here.

At this point, wherever you click next, your browser will attempt to download the true malware:

Screenshot from phony Security Tools 2010 virus scan hoax

In this case it was an executable called "install.exe", 1 megabyte in size. That's just big enough to contain a script that starts downloading more malware behind the scenes while it hounds you for money and throws popups all over your screen. It is probably not big enough to contain any genuine virus scan-and-removal tool.

Don't be a sucker. If something you've never heard of or asked for says that it's scanning your computer from a web page, just close it immediately and don't go back to that site.

February 14, 2010

© 2006 - 2017 Thomas Computer Repair · PO Box 463 · Perry, GA 31069 478.777.3201   or  478.244.3355 Valid HTML 5 and CSS 3