Windows Security Tutorials - Herong's Tutorial Examples - v3.01, by Dr. Herong Yang
Antivirus System PRO - Fake Security Alert
This section provides some notes on Antivirus System PRO displaying faked security alert messages running inside Firefox.
Not long ago, I experienced a scenario of the scanware, Antivirus System PRO, attacking my friend's Windows system. Here are some notes on what Antivirus System PRO did.
1. The Antivirus System PRO window shows up (see the picture below) while Firefox is running, probably after visited a malicious Web site.
2. Firefox hangs. Windows system displays a short message saying memory is low. Looking at running processes with Task Manager, I see that Firefox is running 99% CPU with 34,348K of memory usage.
3. Clicking the window close icon "X" on the Antivirus System PRO window, nothing happens. Antivirus System PRO seems to be scanning the entire system.
4. A few moments later, Antivirus System PRO displays a warning message saying that: "There are serious threats detected on your computer. Your privacy and personal data may not be safe. Do you want to Clean and Protect you PC? - Yes, remove threats; No continue unprotected."
Here is a picture of the Antivirus System PRO window and the warning message after scanning my system.
Here are the window title and other information on the Antivirus System PRO window: "Antivirus System PRO - Protecting every second... - Perform scan, Adjust settings, Get updates, Activate now, Help & support - Your PC is currently unprotected and may be exposed to spyware adware, trojans and viruses - Get full real-time protection (download) - Performing scan, Start scan - Current state: Scan complete - Treats - LdPinch V, Critical, A variant of the key logger that captures passwords as... -
Some quick conclusions:
Table of Contents