Windows Secure Kit 2011
Posted: February 21, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 13,261 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 34,483 |
| First Seen: | February 21, 2012 |
|---|---|
| Last Seen: | August 25, 2023 |
| OS(es) Affected: | Windows |
Windows Secure Kit 2011 is a clone of Windows Web Security and Apple Web Security, two rogue anti-malware programs that have been noted for their attacks since mid-2011. In addition to having its own host site, Windows Secure Kit 2011 is also distributed through malicious advertisements that circulate on unrelated sites, and SpywareRemove.com malware experts suggest that you be cautious about interaction with unusual advertisements that could serve as Windows Secure Kit 2011 installation platforms. Although Windows Secure Kit 2011, like its clones, can't detect or remove PC threats, Windows Secure Kit 2011 will still portray fake evidence of nonexistent Trojans, viruses and other forms of malicious software. If you install Windows Secure Kit 2011 either deliberately or by mistake, you should take immediate steps to remove Windows Secure Kit 2011 with legitimate anti-malware software, since Windows Secure Kit 2011 doesn't have real security features and has been linked to attacks that include browser redirects.
How the Windows Secure Kit 2011 Gets Delivered Straight to Your PC
As a very recent variant of other types of scamware from its family, Windows Secure Kit 2011 may require up-to-date versions of anti-malware threat databases to be detected and removed. At the time of this writing, current Windows Secure Kit 2011 installation methods have been known to use two separate techniques, both of which are browser-based, as noted below:
- Windows Secure Kit 2011 has been known to be promoted by browser hijackers that are installed on your PC without your permission and create Windows Secure Kit 2011-related pop-ups to prompt you to install Windows Secure Kit 2011. These browser hijackers should be considered malicious and be removed via system scans with appropriate security software, and may include other functions, along with their Windows Secure Kit 2011-marketing efforts. Side effects can encompass random redirects to unrelated pornographic or gay lifestyle websites.
- SpywareRemove.com malware research team has also revealed malicious advertisements that promote Windows Secure Kit 2011. These advertisements may be hosted at unrelated sites like tubemotion.com and will encourage you to interact with them via fraudulent pretenses (such as offering a free iPod). After the click, you're redirected to xxx59.homelandinfo.uni.me or another website that hosts Windows Secure Kit 2011.
In either case, the installation prompt for Windows Secure Kit 2011 is likely to include the following message:
"Windows Secure Kit 2011 has found critical process activity on your PC and will perform fast scan of system files!"
Unwrapping the Windows Secure Kit 2011's Bundle of Woes
Windows Secure Kit 2011 will launch itself without your consent and attempt to fake scans of your PC on a semi-regular basis. System scans by Windows Secure Kit 2011 will portray your computer as being infected by dozens of PC threats, and Windows Secure Kit 2011 may also supplement these scans with equally-inaccurate pop-up warnings. Although Windows Secure Kit 2011 will be quick to ask for your credit card information so that its premium version can remove these problems, SpywareRemove.com malware experts recommend that you ignore Windows Secure Kit 2011's fake security tactics and save your money.
Since Windows Secure Kit 2011 may be installed with supporting PC threats, you should scan your entire PC with a trustworthy anti-malware product to be certain of removing Windows Secure Kit 2011 and related infections. Unlike most types of scamware, Windows Secure Kit 2011 has been confirmed to be cross-platform, and variants of Security Shield 2012 may infect either Windows or Mac-based computers.
Windows Secure Kit 2011 belongs to the WinWeb Security family, which includes members such as Antivirus Security, System Security, AntiSpyware Pro 2009, Total Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, MS Removal Tool, Antivirus Center, Security Shield, Personal Shield Pro, Advanced PC Shield 2012, Security Sphere 2012 and Futurro Antivirus.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AppData%\Microsoft\Internet Explorer\Quick Launch\Windows Secure Kit 2011.lnk
File name: %AppData%\Microsoft\Internet Explorer\Quick Launch\Windows Secure Kit 2011.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%System%\drivers\UAC[RANDOM CHARACTERS].sys
File name: %System%\drivers\UAC[RANDOM CHARACTERS].sysFile type: System file
Mime Type: unknown/sys
Group: Malware file
C:\Documents and Settings\<username>\Local Settings\Temporary Internet Files\Content.IE5\4SOEDFRR\setup.exe
File name: C:\Documents and Settings\<username>\Local Settings\Temporary Internet Files\Content.IE5\4SOEDFRR\setup.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
C:\WINDOWS\system32\02612.exe or any other random number
File name: C:\WINDOWS\system32\02612.exe or any other random numberMime Type: unknown/exe or any other random number
Group: Malware file
C:\Documents and Settings\<username>\Local Settings\Temp\[RANDOM CHARACTERS].exe
File name: C:\Documents and Settings\<username>\Local Settings\Temp\[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar=[site address]HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CustomizeSearch=[site address]
Please how much is your Spyhunter's malware tool? I have Norton 360 on my system, how come windows secure kit could function undetected in such an environment?