Adventures in Malware

I was looking for a defunct website at the Internet Archive and stumbled across a place that had squatted on the name of the site.

That page redirected to one of those fraudulent sites that pretends to scan your computer for so it can trick you into buying their anti- product. Most of the time, their product is actually more .

I clicked “Cancel” scan and it pretended to scan anyway while popups cascaded. One give away was that the phony scan’s progess bar moved faster than a scan from a local disk could have done, let alone a scan over the net (and I have used internet AV scans from reputable vendors such as Trend Micro and Symantec). It then told me that I had oodles of trojans, viruses, and other assorted baddies on my C:\ and D:\ drives.

This box runs Ubuntu Linux with Fluxbox. I don’t have C:\ and D:\ drives; I have sda1* (a very small boot drive) and sda3* (everything else). I don’t have a “My Documents” folder.

Here’s what it claimed to see:

False Virus Results

Here’s what’s actually there:

Computer Root


*sda1 means “SCSI (or SATA) Disk A, Partition One.” sda3 means “SCSI (or SATA) Disk A, Partition Three.” There is no sda2. You’ll have to ask Ubuntu about that.

Also posted at my place.

(Visited 13 times, 1 visits today)