Antivirus System PRO - Fake Security Alert

This section provides some notes on Antivirus System PRO displaying faked security alert messages running inside Firefox.

Not long ago, I experienced a scenario of the scanware, Antivirus System PRO, attacking my friend's Windows system. Here are some notes on what Antivirus System PRO did.

1. The Antivirus System PRO window shows up (see the picture below) while Firefox is running, probably after visited a malicious Web site.

2. Firefox hangs. Windows system displays a short message saying memory is low. Looking at running processes with Task Manager, I see that Firefox is running 99% CPU with 34,348K of memory usage.

3. Clicking the window close icon "X" on the Antivirus System PRO window, nothing happens. Antivirus System PRO seems to be scanning the entire system.

4. A few moments later, Antivirus System PRO displays a warning message saying that: "There are serious threats detected on your computer. Your privacy and personal data may not be safe. Do you want to Clean and Protect you PC? - Yes, remove threats; No continue unprotected."

Here is a picture of the Antivirus System PRO window and the warning message after scanning my system.

Antivirus System PRO Window
Antivirus System PRO Window

Here are the window title and other information on the Antivirus System PRO window: "Antivirus System PRO - Protecting every second... - Perform scan, Adjust settings, Get updates, Activate now, Help & support - Your PC is currently unprotected and may be exposed to spyware adware, trojans and viruses - Get full real-time protection (download) - Performing scan, Start scan - Current state: Scan complete - Treats - LdPinch V, Critical, A variant of the key logger that captures passwords as... -

Some quick conclusions:

Table of Contents

 About This Windows Security Book

 Windows 8: System Security Review

 Windows 8: System Security Protection

 Windows 8 System Recovery

 Windows 8 Defender for Real-Time Protection

 Windows 7: System Security Review

 Windows 7: System Security Protection

 Windows 7 System Recovery

 Windows 7 Forefront Client Security

 Norton Power Eraser - Anti-Virus Scan Tool

 McAfee Virus and Malware Protection Tools

 Spybot - Spyware Blocker, Detection and Removal

 Keeping Firefox Secure

 Keeping IE (Internet Explorer) Secure

 Malware (Adware, Spyware, Trojan, Worm, and Virus)

 HijackThis - Browser Hijacker Diagnosis Tool

 IE Add-on Program Listing and Removal

 "Conduit Search" - Malware Detection and Removal

 "Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware

 Malware Manual Removal Experience

 Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal

 Trojan and Malware "Puper" Description and Removal

 VSToolbar (VSAdd-in.dll) - Description and Removal

 PWS (Password Stealer) Trojan Infection Removal

 MS08-001 Vulnerability on Windows Systems

Antivirus System PRO

Antivirus System PRO - Fake Security Alert

 Antivirus System PRO - Task Bar Icon Message

 Malicious Progarm - WinSpywareProtect sysguard.exe

 Malicious Programs - pp10.exe and ld12.exe

 IE BHO - iehelper.dll

 Faked Host Name - 209.44.111.62

 Malicious System Service - drv.dll and drv.sys

 References

 Full Version in PDF/ePUB