Results 1 to 9 of 9
  1. #1
    Lounger
    Join Date
    Dec 2009
    Location
    Huntley, IL USA
    Posts
    42
    Thanks
    9
    Thanked 1 Time in 1 Post

    I actually need a copy of a virus, or at least a simulated one.

    Strange request.

    I teach a Managing Malware class to mature adults, and need a virus to demo how to remove a virus.

    these folks are generally clueless and overlook simple stuff like AV subscriptions expiring, versions going out of date, etc and can really be detoured via social engineering.

    I want impress on them that keeping viruses out of their system is not difficult if they are smart about it, and if it does happen, the virus can usually be fairly easy to remove. Dont want anything that will really mess up a machine, and preferrably is a qualified virus i.e. worm, trojan, etc, and not ad/spyware.

    Really need something very timid, non-evasive, easy to remove, and it doesnt travel over an internal network. Keep in mind that the machine Im teaching on is booted off a locked down image, every time, so what I install will go away at the next boot.

    I used to have a sample floppy that was a demo for a no-name av tool that launched a simulated set of screens that a user might see if they ran into a self-executing virus, but that was years ago, and honestly, I dont remember what company it was for, if they are even around.

    Any suggestions?

  2. #2
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 64 Times in 52 Posts
    Not a strange request at all! Take a look at this and see if it meets your needs:
    http://www.eicar.org/anti_virus_test_file.htm
    Chuck

  3. The Following User Says Thank You to Doc Brown For This Useful Post:

    wmgoat (2011-04-28)

  4. #3
    Lounger
    Join Date
    Dec 2009
    Location
    Huntley, IL USA
    Posts
    42
    Thanks
    9
    Thanked 1 Time in 1 Post
    That works to identify a potential virus file, but does anyone have a demo of what a virus could look like, i.e what it displays on the screen, etc.

    Edit: I think it was this one: http://windowssecrets.com/forums/sho...eering-attacks
    Last edited by jscher2000; 2011-04-28 at 19:16. Reason: Added link.

  5. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    The other day someone posted a link to an article that had a screencast showing what happens when you click on a "Fake AV" warning. Would that be useful?

  6. #5
    Lounger
    Join Date
    Dec 2009
    Location
    Huntley, IL USA
    Posts
    42
    Thanks
    9
    Thanked 1 Time in 1 Post
    better than nothing, but what i really was looking for was either a demo of a virus (which would probably be an advertisement for a real AV product), or an easily removed real virus - something that actually did something, like make all the letters in a WP doc fall to the bottom occasionally, or popup a message saying "you are infected" etc.

    I want them to be afraid enough to make sure that their personal system AV products are honest, reliable, and up to date. I can preach all I want, but a demo is a real example of what can happen, if they dont protect themselves. Many of these folks dont necessarily believe that all this virus mumbo-jumbo is that big of a deal, and just getting them into the class is a huge step forward in their education.

    I did find an entry in the Windows Secrets newsletter about how the author (Fred Langa) got infected and then intentionally followed the instructions to load LizaMoon on his system, and what it did, but no screen shots. His article is at http://http://windowssecrets.com/201...y-blow-account
    Last edited by wmgoat; 2011-04-28 at 19:38. Reason: added url for lizamoon

  7. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 64 Times in 52 Posts
    Quote Originally Posted by wmgoat View Post
    I want them to be afraid enough to make sure that their personal system AV products are honest, reliable, and up to date. I can preach all I want, but a demo is a real example of what can happen, if they dont protect themselves. Many of these folks dont necessarily believe that all this virus mumbo-jumbo is that big of a deal, and just getting them into the class is a huge step forward in their education.
    Oh yeah! Kind of like the "blood and guts" movies they used to show us in driver's ed when I was in high school. If you can't find any good demos or screen shots, have them read posts in the lounge. Most of us here have seen first hand what these things can do to a PC.
    Chuck

  8. #7
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    East Coast, USA
    Posts
    993
    Thanks
    8
    Thanked 43 Times in 43 Posts
    Quote Originally Posted by wmgoat;799736

    I did find an entry in the Windows Secrets newsletter about how the author (Fred Langa) got infected and then intentionally followed the instructions to load LizaMoon on his system, and what it did, but no screen shots. His article is at [URL
    http://http://windowssecrets.com/2011/04/07/01-LizaMoon-infection-a-blow-by-blow-account[/URL]
    Perhaps the above link in Post #5 needs to be fixed?

    This link to Fred Langa's article has screen shots........
    LizaMoon infection: a blow-by-blow account

    HTH

  9. #8
    Lounger
    Join Date
    Dec 2009
    Location
    Huntley, IL USA
    Posts
    42
    Thanks
    9
    Thanked 1 Time in 1 Post
    Quote Originally Posted by tfspry View Post
    Perhaps the above link in Post #5 needs to be fixed?

    This link to Fred Langa's article has screen shots........
    LizaMoon infection: a blow-by-blow account

    HTH
    OOPS. Ok, first time I posted a url in this forum tool, darned forums are all different.

  10. #9
    Star Lounger
    Join Date
    Dec 2009
    Location
    Ensay, Victoria, Aust
    Posts
    86
    Thanks
    0
    Thanked 1 Time in 1 Post
    Kaspersky also have make believe virus to test its system, you might check there support files

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •