WinWebSec
Posted: January 12, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 105 |
First Seen: | July 24, 2009 |
---|---|
OS(es) Affected: | Windows |
WinWebSec is a family of rogue security programs that display fake warnings about infected files and malicious software to trick you into spending money on fraudulent software. Members of WinWebSec may assume the disguise of a file cleaner, anti-adware scanner or other type of security program, although, in most cases, a visually-similar interface is shared between individuals. While WinWebSec scamware will create a variety of different warnings to mislead you about your computer's health, SpywareRemove.com malware experts advise against purchasing any WinWebSec product, since WinWebSec scamware has no capability to detect or delete any type of PC threat from your computer. Since WinWebSec-based rogue security products can also block unrelated applications, you may need to take extra steps to shut down your WinWebSec infection before you can delete WinWebSec with an appropriate anti-malware program.
WinWebSec: An Off-Pink Introduction to Fake PC Security
Individual scamware programs from WinWebSec have been in distribution for years now, with common distribution mechanisms including e-mail spam attacks and fake online scanners. WinWebSec-based rogue security applications include such diverse names as Live Security Platinum, Security Shield, Security Shield 2012, System Adware Scanner 2010, System Tool, System Tool 2011, System Security, Personal Shield Pro, Windows Smart Security, Security Tool, MS Removal Tool, Total Security, Total Security 2009, Vista Total Security 2011, Total XP Security, Total Secure 2009, XP Total Security 2012, Total XP Security 2011, Total XP Security, Security Sphere 2012, Smart Fortress 2012, Antispyware Pro 2009, Essential Cleaner and Winweb Security. Although their infection vectors and names can exhibit surprising diversity, SpywareRemove.com malware researchers have found that most WinWebSec-based scamware programs can be identified with ease due to their unusual light-pink interface, identical layouts and characteristic tag lines such as the following:
Get full real-time protection with [WinWebSec rogue security program's name]
Similarities between variants of WinWebSec don't stop at that, however; WinWebSec scamware products also share false warning messages, taskbar notifications and other forms of fake system information in an attempt to confuse you about your PC's integrity. WinWebSec-based pop-ups will always announce that nonexistent PC threats are attacking your computer and can even fake infections for specific files or programs, and system scans from WinWebSec products follow a similar pattern. Thusly, SpywareRemove.com malware research team recommends that you avoid any recommendations from a WinWebSec program, regardless of how legitimate its alerts seem to be, since following its advice can only lead you to damaging your PC, finances or related information.
How WinWebSec Turns Your Computer Into a Funnel Towards Its Profit
WinWebSec scamware programs also have a history of disabled unrelated applications on an extremely broad basis; standard WinWebSec infections can prevent you from using almost any program except for a handful of Windows default utilities and web browsers. Attempts to use a blocked program will typically result in a warning about said program being infected, which is, naturally, false. Although this attack doesn't permanently damage the programs in questions, SpywareRemove.com malware researchers recommend that you put a stop to it through any of the following methods, all of which should bypass the startup entries for a WinWebSec program:
- Booting your PC from a network-shared drive.
- Booting your PC from a removable drive device (such as a USB thumb drive).
- Booting in Safe Mode, which can be accessed on Windows computers by hitting F8 during a reboot (as long as Windows hasn't begun to load).
After being disabled, WinWebSec software can be deleted by any reasonably-competent anti-malware product with no long term harm to your computer.
Aliases
More aliases (267)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%ALLUSERSPROFILE%\Anwendungsdaten\75193227\75193227.exe
File name: 75193227.exeSize: 1.19 MB (1197568 bytes)
MD5: 4caa6cb6a180cedf69565732e1a9252c
Detection count: 92
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\75193227
Group: Malware file
Last Updated: December 9, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\08377530\08377530.exe
File name: 08377530.exeSize: 1 MB (1001488 bytes)
MD5: 9ffa1916b694dd043dc8ec8c5606debd
Detection count: 92
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\08377530
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\81397432\81397432.exe
File name: 81397432.exeSize: 834.56 KB (834560 bytes)
MD5: 9afd011c3bc71b0f547f2cf7c703e32c
Detection count: 80
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\81397432
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Dati applicazioni\05002310\05002310.exe
File name: 05002310.exeSize: 1.02 MB (1029120 bytes)
MD5: 79d6b9ab23bb010bd06b5f3f8e292193
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Dati applicazioni\05002310
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\77302322\77302322.exe
File name: 77302322.exeSize: 1.13 MB (1136640 bytes)
MD5: a5988384beea1aadaaae337e4f2be7b7
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\77302322
Group: Malware file
Last Updated: December 7, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\99199340\99199340.exe
File name: 99199340.exeSize: 1.16 MB (1162752 bytes)
MD5: 81dc0ca129779dbe3c083e98fe3c046c
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\99199340
Group: Malware file
Last Updated: December 8, 2010
%LOCALAPPDATA%\101586.exe
File name: 101586.exeSize: 1.18 MB (1188352 bytes)
MD5: 862abc560711b33a1244e9d16e547740
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 9, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\04545624\04545624.exe
File name: 04545624.exeSize: 1.05 MB (1057280 bytes)
MD5: 767127360bab6a3ee6259525edbfc404
Detection count: 51
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\04545624
Group: Malware file
Last Updated: December 7, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\13431618\13431618.exe
File name: 13431618.exeSize: 1.16 MB (1163264 bytes)
MD5: 4d16083c233ea72aacefec71152a9a40
Detection count: 41
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\13431618
Group: Malware file
Last Updated: December 8, 2010
%LOCALAPPDATA%\96249081.exe
File name: 96249081.exeSize: 1.02 MB (1028608 bytes)
MD5: 48b36e1c1840a1e67a2aa19f8fdf9724
Detection count: 41
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\50770726\50770726.exe
File name: 50770726.exeSize: 1.16 MB (1163264 bytes)
MD5: 0bc8bea0eda3e2601c87a9ef684a2fc4
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\50770726
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Dati applicazioni\20933320\20933320.exe
File name: 20933320.exeSize: 834.56 KB (834560 bytes)
MD5: 7555efa4f743c988f59de9bc3967c3ff
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Dati applicazioni\20933320
Group: Malware file
Last Updated: December 7, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\97384940\97384940.exe
File name: 97384940.exeSize: 834.04 KB (834048 bytes)
MD5: 3be6e4ed81f8ff0d00037855f6310ad5
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\97384940
Group: Malware file
Last Updated: December 8, 2010
%ALLUSERSPROFILE%\Dados de aplicativos\11170313\11170313.exe
File name: 11170313.exeSize: 1.17 MB (1176064 bytes)
MD5: 1b00a182149c49f05c384f8f805de78d
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Dados de aplicativos\11170313
Group: Malware file
Last Updated: December 7, 2010
%ALLUSERSPROFILE%\Anwendungsdaten\98726638\98726638.exe
File name: 98726638.exeSize: 1 MB (1007616 bytes)
MD5: 9562378527087e0e0a4d1127d0d86306
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\98726638
Group: Malware file
Last Updated: December 8, 2010
%LOCALAPPDATA%\8704148678.exe
File name: 8704148678.exeSize: 1.19 MB (1190400 bytes)
MD5: 98a35d317e3547de26f95e1e0c2d8e25
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 8, 2010
%LOCALAPPDATA%\60841332.exe
File name: 60841332.exeSize: 1.19 MB (1199104 bytes)
MD5: ac771adac04e00ee190e167ffa08cbce
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 7, 2010
%USERPROFILE%\Local Settings\Application Data\675497059.exe
File name: 675497059.exeSize: 1.16 MB (1164800 bytes)
MD5: fc27d8db3dd1e0e0bdf1c60d77e7ad12
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Local Settings\Application Data
Group: Malware file
Last Updated: December 7, 2010
%LOCALAPPDATA%\9919828445.exe
File name: 9919828445.exeSize: 1.18 MB (1181696 bytes)
MD5: 24959bd224b3394e6df66a7bec3f0229
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 7, 2010
%LOCALAPPDATA%\973162.exe
File name: 973162.exeSize: 1.19 MB (1193984 bytes)
MD5: 0b7fb3de00de9e4aeb0a766605822601
Detection count: 4
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%
Group: Malware file
Last Updated: December 7, 2010
More files
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.