"Spyware Activity Alert" Popup

"Spyware Activity Alert" Popup Description

"Spyware Activity Alert" popup is a fake warning message created by the rogue anti-spyware application known as AntivirusBEST, in an effort to intimidate users into purchasing the fake spyware remover. The "Spyware Activity Alert" popup reads as follows:

"Spyware activity alert! Spyware.IMonster activity detected! It is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs, including logins and passwords from online banking sessions, eBay, PayPal."

The "Spyware Activity Alert" popup is nothing more than a fake security notification used to deceive the user into believing their computer is infected, and prompting them to purchase and install the rogue anti-spyware program AntivirusBEST.

Technical Information

File System Details

"Spyware Activity Alert" Popup creates the following file(s):
# File Name Detection Count
1 c:\Documents and Settings\All Users\Application Data\AB\Installer.exe N/A
2 abest.exe N/A
3 c:\documents and settings\All Users\Application Data\AB\svchost.exe N/A
4 qwprotect.dll N/A
5 svchost.exe N/A
6 c:\Documents and Settings\All Users\Application Data\AB\abest.exe N/A
7 c:\Documents and Settings\All Users\Application Data\AB\QWProtect.dll N/A
8 installer.exe N/A
9 c:\documents and settings\all users\Desktop\AntivirusBEST.lnk N/A
10 qwprotect.dllx N/A
11 c:\documents and settings\all users\start menu\Programs\antivirusbest\Uninstall.lnk N/A
12 c:\documents and settings\All Users\Start Menu\Programs\AntiVirusBEST N/A
13 c:\documents and settings\all users\start menu\Programs\antivirusbest\AntivirusBEST.lnk N/A
14 c:\documents and settings\All Users\Application Data\AB\ABEST.CAB N/A

Registry Details

"Spyware Activity Alert" Popup creates the following registry entry or registry entries:
Registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44b2c9f5-608d-46de-82e1-26c5bcb85193}