System Security Firewall Alert
"System Security Firewall" Alert is a fake warning message used as a promotional gimmick for the rogue spyware remover System Security 2009. This "System Security Firewall" Alert pop-up reads as follows:
"System Security Firewall Alert. System Security Firewall has blocked a program from accessing the internet. Internet Explorer is infected with worm Lsas.Blaster.Keylogger. This worm is trying to send your credit card details using Internet Explorer to connect to remote host.
Name: Internet Explorer
Location: C:\Program Files\Internet Explorer\iexplore.exe
Company: Microsoft Corporation
Version: 7.00.6000.16762
Activate System Security: To ensure continuous protection of your PC, you should activate System Security on this computer. Do you want to activate System Security now?"
Following the prompts given to you by this fake security notification will only cause you to purchase a rogue anti-spyware program that does absolutely nothing for your PC. Unfortunately, declining the offer will merely cause you to be bombarded by these bogus messages continuously unless you remove the problem at the source.
File System Modifications
- The following files were created in the system:
# File Name 1 %desktopdirectory%\system security.lnk 2 %desktopdirectory%\ws\config.udb 3 %desktopdirectory%\ws\init.udb 4 %desktopdirectory%\ws\languages\english.lng 5 %desktopdirectory%\ws\languages\german.lng 6 %desktopdirectory%\ws\languages\spanish.lng 7 %desktopdirectory%\ws\systemsecurity.exe 8 %programs%\system security 9 %programs%\system security\system security.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run systemsecurity
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.