Friday, September 9, 2011

You can never find a virus when you want one.

For a long time now, I have been wanting to write a piece on avoiding and removing the "Fake Anti-virus Virus (AKA Antivirus 2009, 2010, 2011, 2012. etc.). I figured since it is the most common virus I see when customers bring me computers, it must be easy to get.

Today I set out to get the damn thing on purpose. I first disabled active protection on both my anti virus ( I use Vipre), and Malwarebytes anti-malware (Which I HIGHLY recommend to anyone without sufficient malware protection). Then I thought of a list of places that are likely to have viruses:
  • Porn sites
  • Warez / Serialz sites
  • Shock sites
  • Free Games sites
  • Free cursors / browser add-ons / IM smileys / screensavers
  • Free computer Tune Up programs (registry cleaners, speed up my PC crap, etc.)
I surfed and clicked randomly on all of the above sites for about an hour (some more than others *cough*) and tried like crazy to get a virus. I installed a few programs: UniBlue Registry Booster, PCKeeper, some keygen downloader for AVG serials, and some virtual pet browser addon called Guffins all while making sure NOT to un-check the added garbage options.


I was sure by this point I had a virus. Knowing that the Fake Antivirus viruses only launch on reboot, I rebooted my computer to see what I had. The first thing I noticed is that there were several more icons on my desktop, even more than the trash I installed:
But nothing at all that could be considered a virus. I opened Internet Explorer, and became optomistic when I saw Malwarebytes (which had re-enabled itself on reboot) post this:
 After clicking quarantine about 6 times to get rid of all the warnings, I was a bit disappointed to find that it was only Ad-ware, not the virus I was seeking.

The programs installed were annoying. They kept warning me about potential problems with popups that wanted me to buy the "full version" of their software, but if they were removable with Windows add-and-remove programs feature, they weren't viruses.
As I began to uninstall them I noticed there were a few more programs on the list I had not installed:
  • WeatherBug
  • more Free Games
  • Play MY Games
  • File Hunter



 Again, annoying, but not viruses. But my question is: If I can not get this virus in an hour of TRYING TO, how the heck are my customers getting it so often?


I guess I will have to wait on posting about the Fake Anti-virus Virus until I get another customer with it. That is unless someone can clue me in on where to get it.
Posted by at
Labels: , , ,

2 comments:

  1. Art - AnonSeptember 9, 2011 at 6:39 AM

    Test Anon Comment

    ReplyDelete
  2. Samual BlackSeptember 9, 2011 at 11:52 AM

    Have you tried http://www.eicar.org/86-0-Intended-use.html

    ReplyDelete

Subscribe to: Post Comments (Atom)