Winwebsec is a category of malware that attacks the users of Windows operating system and produce fake claims as genuine Anti-Malware softwares. They show popups that claim to scan for malware and displays fake warnings similar to "32 Virus and Trojans Detected on your computer. Click on Fix Now button to clean these threats". They then show a message to the user that they need to pay money to activate the software in order to remove these threats which actually doesn't exist. These malwares may display a dialog that looks similar to Windows Security Center or it may have names like Live Security Platinum or Security Shield. The GUI varies from variant to variant.
Winwebsec
These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, including Win32/Winwebsec, may display product names or logos of some well known companies like Microsoft in an apparently unlawful attempt to impersonate some Genuine products.
Variants
•System Progressive Protection
•Live Security Platinum
•Personal Shield Pro
•Smart Fortress 2012
•Smart Protection 2012
•Security Sphere 2012
•Security Shield
•Win 8 Security System
Diagnosis
Few Variants of this malware can be removed by using some softwares and tools like McAfee Stinger or Microsoft Windows Malicious Software Removal Tool. Most variants of this malware prevents the user from accessing Internet Browsers and programs with names like chrome.exe, firefox.exe, iexplore.exe, opera.exe and safari.exe. Users infected with this virus may have to boot the computer in advance boot options like Safe_mode to diagnose these virus variants.
Removal of this Virus
Boot your computer is windows advanced mode known as safemode with Networking. For details on how to boot the computer in safe mode, click here. Update your Windows Defender, Microsoft Windows Malicious Software Removal Tool or you may download either Microsoft Safety Scanner or Kaspersky Virus Removal Tool. Then run a full scan using these tools. The virus file will be detected and it will be usually under the folder C:\Users\All Users\ and inside some random folder. You may move that to your recycle bin or quarantine using the software and then restart the computer to Normal Mode.
Further Questions.. ?
Have more questions regarding this Virus. Please feel free to leave your question as comment in the comment section. Find More about Virus through other posts in this blog. .
Screen Shots of this Virus
Below are the screen shots of this Virus Variant.
Logos and Names of Variants
 | |
 | |
 | |
 | |
  | |
  | |
 | |
 | |
 | |
 | |
 | |
Smart Protection 2012 |  |
Smart Fortress 2012 |  |
Win 8 Security System |  |
No comments:
Post a Comment