So I spent the weekend with a few friends of mine working around and about halfway through one of my friends wanted me to show him what I do for fun and as a job so I told him I clean infected computers and offer PC help where I can. So I set up a virtual machine on his computer with Win Xp and installed all the updates including Sp3 then I went online with the purpose of getting it infected the first thing I did was Google “Keygens” a big malware distributor I clicked on the first one and the download started along with a Re director to a pornographic site so I decided to play along and clicked on the first vid and god the popup “This video requires a codec to play” at which time I knew I found what I was looking for so I went ahead and downloaded the codec masquerading Zlob Trojan and exited out of the web page and for the next 2 minutes nothing when all of sudden I have Spy-locked what surprised me is that Zlob had downloaded a rogue program that fast!. Then I decided to let the virtual machine stew for a few hours and when I came back I not only had spy-locked running but along with IE anti virus and many others all in all it took a hour and half and Avast!, SUPERantispyware, MBAM and Hijackthis to completely clean the system 1 of my friends didn’t find it that interesting but I believe I made 2 more malware fighters ;D
-Justin