Home Malware Programs Fake Warning Messages System Security Firewall Alert

System Security Firewall Alert

Posted: June 15, 2009

"System Security Firewall" Alert is a fake warning message used as a promotional gimmick for the rogue spyware remover System Security 2009. This "System Security Firewall" Alert pop-up reads as follows:

"System Security Firewall Alert. System Security Firewall has blocked a program from accessing the internet. Internet Explorer is infected with worm Lsas.Blaster.Keylogger. This worm is trying to send your credit card details using Internet Explorer to connect to remote host.

Name: Internet Explorer
Location: C:\Program Files\Internet Explorer\iexplore.exe
Company: Microsoft Corporation
Version: 7.00.6000.16762
Activate System Security: To ensure continuous protection of your PC, you should activate System Security on this computer. Do you want to activate System Security now?"

Following the prompts given to you by this fake security notification will only cause you to purchase a rogue anti-spyware program that does absolutely nothing for your PC. Unfortunately, declining the offer will merely cause you to be bombarded by these bogus messages continuously unless you remove the problem at the source.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %desktopdirectory%\system security.lnk
    2 %desktopdirectory%\ws\config.udb
    3 %desktopdirectory%\ws\init.udb
    4 %desktopdirectory%\ws\languages\english.lng
    5 %desktopdirectory%\ws\languages\german.lng
    6 %desktopdirectory%\ws\languages\spanish.lng
    7 %desktopdirectory%\ws\systemsecurity.exe
    8 %programs%\system security
    9 %programs%\system security\system security.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run systemsecurity

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to System Security Firewall Alert may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.