Total Members: 14197
Posted by: stonecoldtx
« on: 07. May 2013., 13:46:23 »Do you know an Alternate name (from other vendors) of those malwares to search them in avert?Well, the name is different for each variant and each vendor, and so far I haven't seen an actual "official" virus name, such as how AVERT would classify it
Weird thing.. I assume you are using latest Engine and DAT...
Maybe that detection relied on Artemis?
Her is a link that is McAfee view on Ransomware:
http://scforum.info/index.php/topic,8153.0.html
Also this article is nice to read regarding Ransomeware:
No Surprise—Ransomware On the Rise
And a couple of articles also regarding to Ransomware:
http://news.softpedia.com/newsTag/ransomware
So the main thing what I understand of McAfee's opinion of Ransomeware is that the Ransomware in it sela is not the Virus/Trojan it is just a carrier of a other payload that in fact is the Virus/Trojan that thay should detect.
Her is a link to McAfee Free tools: http://www.mcafee.com/us/downloads/free-tools/index.aspx
And If you have an infected computer that McAfee dose not detect the maleware use the Getsup tool.
GetSusp
McAfee GetSusp is intended for users who suspect undetected malware on their computer. GetSusp eliminates the need for deep technical knowledge of computer systems to isolate undetected malware. It does this by using a combination of heuristics and querying the McAfee Global Threat Intelligence (GTI) file reputation database to gather suspicious files.
GetSusp is recommended as a first tool of choice when analyzing a suspect computer. However, one must follow the existing McAfee support process for escalating suspicious files it finds.
http://www.mcafee.com/us/downloads/free-tools/getsusp.aspx
You can also try to detect the infection with Spybot - Search & Destroys
http://www.safer-networking.org/
Just to see what you get for infection name. Offen you can use that name and google it to get the other antivirus toolkits name of the infection.
Thanks for the links to the articles; I actually have done quite a bit of reading up on this stuff since I was hit TWICE in the last week or so, and have a good idea of how to resolve the issue now . . . but this addtional information is good stuff!
It is quite an eye opener that McAfee doesn't consider this to be "malware"--WTF is the definitiion of malware anyway? Something that does bad things to your computer, right? "Unwanted" programs, right? Things like lock it down so you can't do anything on it, right?
Really McAfee? This doesn't qualify as malware, and therefore "worthy" of detection?
REALLY?!?!?
What's next, McAfee? Something that does the exact same thing, but before it can be circumvented, it nukes the machine, and all data is lost?!?
These other tools should not be necessary for any version of ransomware--they should be considered malware, pure and simple, because what they do is "Unwanted" (as per the definition of malware) and should be detected just like any other malware!!
Shame on you, McAfee!!