(Thanks to rogueamp)
Security Essentials 2011 is a clone of the Security Essentials 2010 rogue. Once the rogue program is installed it tries to interfere with boot up. When you restart your computer you will most likely be presented with the fake Windows Advanced Security Center screen as shown below saying that the system is not able to start its work properly.
It will make you wait 100 seconds, that's very annoying. You can choose to wait or instead of waiting click on the Ctrl + Alt + Delete button at the same time to bring up the Windows Task Manager. click on the Processes tab and end the process called SE2010.exe. Now click on the File menu and select New Task (Run...) from the menu. Type explorer.exe into the Open: field and press the OK button. After a minute or so you should be back at your Windows desktop. Security Essentials 2011 will also display fake security alerts and notifications from your Windows taskbar about serious security problems. It may even claim that your confidential information, passwords or credit card number can be stolen. Please ignore such warnings . The rogue program also has this pig squeal sound effect which is also very annoying. I believe it was taken from Kaspersky Antivirus.
System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.
Security Essentials 2011 will also block certain programs on your computer claiming that they are infected. The fake alert reads:
Critical Error
Running of application is impossible!
A problem has been detected and the application has been shut down to prevent changes to your computer. Running of the [name of the process] is impossible due to the Net-Worm.Win32.Mytob.t activity. Perform the full system scan without delay to solve the issue.
As you can, Security Essentials 2011 is a typical rip-off rogue that nothing to do with real computer security software. Do not purchase this bogus program otherwise you will lose at least $50. If you have already purchase it then you should contact your credit card company and dispute the charges. Then please follow Security Essentials 2011 removal instructions below. If you have any questions or additional information about this malware please leave a comment. Good luck and be safe online!
Security Essentials 2011 removal instructions using Process Explorer (in Normal mode):
1. Open Task Manager or download Process Explorer and end Security Essentials 2011 process:
- SE2010.exe
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
Security Essentials 2011 removal instructions (in Safe Mode with Networking):
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
3. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
Security Essentials 2011 associated files and registry values:
Files:
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Essentials 2011.lnk
- %UserProfile%\Application Data\Security Essentials 2011\
- %UserProfile%\Application Data\Security Essentials 2011\SE2010.exe
- %UserProfile%\Application Data\Security Essentials 2011\sejgdls\
- %UserProfile%\Application Data\Security Essentials 2011\sejgdls\semblgbls.cfg
- %UserProfile%\Desktop\Security Essentials 2011.lnk
- %UserProfile%\Start Menu\Security Essentials 2011.lnk
- C:\Program Files\Securityessentials2010\
C:\Documents and Settings\[UserName]\ (in Windows 2000/XP)
C:\Users\[UserName]\ (in Windows Vista & Windows 7)
Registry values:
- HKEY_CURRENT_USER\Software\SE2010
- HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
- HKEY_CLASSES_ROOT\SE2010.DocHostUIHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "updatesst"
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\Security Essentials 2011\SE2010.exe" /hide"
No comments:
Post a Comment