Having access to a dev version of a rogue software provides a bit of insight into how the developers are trying to scam the infected users. When a legitimate anti-malware program finds a security problem, it too may display an alert to notify you. On the other hand, we have always known that rogues issue these alerts randomly and without valid information behind them. Having a dev version of a rogue that allows us to trigger these events just validates that the developers are attempting to do one thing and only one thing; scam the infected user into thinking they should purchase their software. They do this by hard coding scary messages about infections, keyloggers, and spam. These messages contain variables that the program can change each time the nag screen or alert is shown so that it looks a bit more authentic. The fact that the programs has buttons to trigger these events means that the events are not being displayed based upon a specific criteria of the machine it is running on, but rather what the developers pre-coded it to display.
Embedded below is an video showing the development versions of both Virus Doctor and My Supervisor. My Supervisor is explained in more detail after the video.
As you may have noticed from the video, one of the buttons on the Virus Doctor dev screen was labeled Promo. When pressing this button the program displayed a pop-up that displayed an advertisement for another program created by the same developers called My Supervisor. If you click on the button in this pop-up, Virus Doctor will download and install My Supervisor. My Supervisor is another rogue program that is packaged as a system optimization suite. When the program is installed it will create a variety of services such as an autoruns manager, a service manager, disk doctor, registry repair, and privacy guard. Just like Virus Doctor, this program will display a variety of false results in order to have you purchase the program. This version of the program is a dev version as well, which further enabled us to trigger various events in the program.
Though having these development versions of the rogues does not necessarily tell us anything we do not already know, it does shed some light into the development process for rogue software and how they deliberately attempt to trick their users. I hope you enjoyed this article and the video as much as I enjoyed writing it. If you are infected with either of these programs, then please use the removal guide below: