Windows Security Tutorials - Herong's Tutorial Examples - v3.01, by Dr. Herong Yang
Antivirus System PRO - Fake Security Alert
This section provides some notes on Antivirus System PRO displaying faked security alert messages running inside Firefox.
Not long ago, I experienced a scenario of the scanware, Antivirus System PRO, attacking my friend's Windows system. Here are some notes on what Antivirus System PRO did.
1. The Antivirus System PRO window shows up (see the picture below) while Firefox is running, probably after visited a malicious Web site.
2. Firefox hangs. Windows system displays a short message saying memory is low. Looking at running processes with Task Manager, I see that Firefox is running 99% CPU with 34,348K of memory usage.
3. Clicking the window close icon "X" on the Antivirus System PRO window, nothing happens. Antivirus System PRO seems to be scanning the entire system.
4. A few moments later, Antivirus System PRO displays a warning message saying that: "There are serious threats detected on your computer. Your privacy and personal data may not be safe. Do you want to Clean and Protect you PC? - Yes, remove threats; No continue unprotected."
Here is a picture of the Antivirus System PRO window and the warning message after scanning my system.
Here are the window title and other information on the Antivirus System PRO window: "Antivirus System PRO - Protecting every second... - Perform scan, Adjust settings, Get updates, Activate now, Help & support - Your PC is currently unprotected and may be exposed to spyware adware, trojans and viruses - Get full real-time protection (download) - Performing scan, Start scan - Current state: Scan complete - Treats - LdPinch V, Critical, A variant of the key logger that captures passwords as... -
Some quick conclusions:
Table of Contents
About This Windows Security Book
Windows 8: System Security Review
Windows 8: System Security Protection
Windows 8 Defender for Real-Time Protection
Windows 7: System Security Review
Windows 7: System Security Protection
Windows 7 Forefront Client Security
Norton Power Eraser - Anti-Virus Scan Tool
McAfee Virus and Malware Protection Tools
Spybot - Spyware Blocker, Detection and Removal
Keeping IE (Internet Explorer) Secure
Malware (Adware, Spyware, Trojan, Worm, and Virus)
HijackThis - Browser Hijacker Diagnosis Tool
IE Add-on Program Listing and Removal
"Conduit Search" - Malware Detection and Removal
"Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware
Malware Manual Removal Experience
Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal
Trojan and Malware "Puper" Description and Removal
VSToolbar (VSAdd-in.dll) - Description and Removal
PWS (Password Stealer) Trojan Infection Removal
MS08-001 Vulnerability on Windows Systems
►Antivirus System PRO - Fake Security Alert
Antivirus System PRO - Task Bar Icon Message
Malicious Progarm - WinSpywareProtect sysguard.exe
Malicious Programs - pp10.exe and ld12.exe
Faked Host Name - 209.44.111.62