One way that Preald.A preys on its victims is by creating a hosts file to associate the domain itsecure.microsoft.com with an IP address that has nothing to do with Microsoft.
Usually, a computer gets any required domain name to IP address mappings from a domain name server associated with an ISP or one that is internal to the organisation.
But a hosts file takes precedence (eg, to allow a purely internal resource to be accessed by name rather than address), so if a piece of malware can create or edit this file, any name can be associated with any IP address.
According to ThreatFire, Preald.A creates false entries for itsecure.microsoft.com, avremover-pro.com and www.avremover-pro.com in the hosts file, associating them all with a server hosting information about a fake package called Antivirus System Pro. It also installs other malware, including a downloader to fetch additional nasties.
It is a fairly common trick to generate a false warning that a system is infected with a virus or other malware, and then present a link to a site offering fake software.
The hosts file trick could make it easier to fool victims - after all, everyone trusts Microsoft, don't they?
Bona fide security software should detect Preaid.A, though other vendors may use different names for it.