I forget who, but some wiseguy stuck a link to site ( - not linkified so Google doesn't mark me as evil) on his Facebook wall, which reminded me of one reason I love Firefox (and Linux): security! See, the site is actually a redirect to another site, which is a redirect to another site which tries to show you a fake Windows interface telling you your computer has several viruses and a ton of trojans, and offering a free download to clean them. Clicking on them gives you a nice program called "Windows Police Pro", which is a... virus.
But let's take it slowly. If you're using Firefox, you can actually click on the link safely, since all you get is this:
Useful. But after you tell Firefox "it's okay, it's my fault if I die", and it loads the site and redirects, you get it again:
And, after getting past that too, again to download the file:
So I downloaded it. And ran it in Wine. And... well, it turns out Wine emulates Windows well enough to get infected by a Windows virus. Sort of, at least. I still got this:
This virus posed as an antivirus program, and "installs" itself all over your hard drive, including putting stuff like fake explorer.exe and svhost.exe in your System32 directory. It then runs fake scans, and tells you your computer is borked, and offers to "sell" you the "full" version that will "fix" your computer. The "no thanks" option literally reads "Don't buy and let <some worm it claims you're infected with> send my credit card info to a remote server." Yeah, as if it itself won't do the same thing if it touches your credit card info.
It even went and added itself into the taskbar (which Wine nicely integrated with my Gnome notifications), and added reminders from time to time (read: every 2 minutes) that you're using the unregistered version. Plus, there was no way to stop it. Well, not from within Windows/Wine, but I have other plans: