Windows Secure Kit 2011 Spreads via Malicious Ad Campaign

securitymalware

Malwares and scam software’s are spreading on internet very quickly, Windows Secure Kit 2011 is a well know fake antivirus which will claim that computer is infected by several viruses and malwares and urge users to purchase an online license that will do nothing for his computer.

A new case have been reported over this week about Releaselog a well ranked website on internet containing an advertising banner for an IP server that is hosting Windows Secure Kit 2011, by uploading the malware to virus total only one antivirus flags it as a malicious software while remaining AV find it safe.

” The IP 66.85.141.172 is acting as a rotator. A rotator is a link to a Traffic Management System and it will point users to different destinations each time the link is requested. They might also include the name of the group spreading the malware or a campaign ID. According to the whois details the organization name is coolservers.ru.

server72.helpping.uni.me

The domain server72.helpping.uni.me is one of those free domain providers and of course they don’t have any whois information available as usual. A fake scanner called Windows Secure Kit 2011 is hosted at this IP.” (1)

Screenshot for the Windows Secure Kit 2011

Windows Secure Kit 2011 as any fake AV will start to pop up notification about a critical process activity on victim PC and will perform a fast scan on the computer. Next it will list in small window names of spywares and adware’s fake detection with a removal button. it is very important to never believe fake alerts and if you feel that you are infected by any malware follow the Malware Removal Guide for Windows.

 

Source: (1) Malvertisement on Releaselog installs Windows Secure Kit 2011 | Malvertisements | Stop Malvertising by Kimberly

Share
You can leave a response, or trackback from your own site.
  • http://www.majauskas.com/ Giedrius Majauskas

    Isnt it a download page for Fake Av’s only? I believe winwebsec rogue are distributed through these… 

  • http://sectechno.com Mourad

     yes it’s a Winwebsec FakeAV, and the idea that they use banners on populer websites…