Website Widget

By George Norman

Added on 18 Feb 2010(4889 Views)

classification: Rogue AntiSpyware Programs
The people with malicious intent that put out the Internet Security 2010 rogue have rolled out another fake security software application, mainly Security Essentials 2010. Just like its sibling, this rogue is usually distributed by Trojans. The Trojan sneaks onto the user’s computer by pretending to be a Flash update needed to view online videos. Once it compromises the user’s computer, the Trojan will install Security Essentials 2010 without the user’s consent.
Here is what the Security Essentials 2010 rogue will do once it has been installed on the user’s computer:

• It will automatically run at startup and will keep running in the background. This causes the computer to act sluggish as the rogue eats up system resources.
• It performs fake system scans that detect a whole bunch of infected files.
• It bombards the user with popups and fake security alerts. Here are some examples:

Security Warning!
Worm.Win32.NetSky detected on your machine.
This virus is distributed via the Internet through e-mail and Active-x objects.
The worm has its own SMTP engine which means it gathers e-mails from your local computer and re-distributes itself.
In worst cases this worm can allow attachers to access your computer, stealing passwords and personal data.
Viruses can damage your confidential data and work on your computer.
Continue working in unprotected mode is very dangerous.

System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.

Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Interner Explorer, Mozilla Firefox, Outlook etc. Click Yes to scan and remove threats. (recommended)

• It hijacks the browser.
• It doesn’t let the user launch applications. When the user attempts to run an executable, the rogue displaysthe following message:

Application cannot be executed. The file is infected. Please activate your antivirus software.

• Last but not least, it tries to scam the user out of some money. That’s the reason why the rogue has been using all the scare tactics above. To trick him into thinking his computer is infected so it could ask the user to purchase a Security Essentials 2010 license to remove the infection.

You are well advised not to pay. You would only be lining the pockets of the people with malicious intent that came up with Security Essentials 2010. What you should do is remove the rogue from your system as soon as possible.

Automatic removal guide
Step 1. If you have a printer, make sure to print out this tutorial. If you do not have a printer, save this tutorial, go out to a copy center and print it out there. If you do not have a printer and do not want to go out, then use the pen and paper method: grab a pen and a piece of paper and write down the instruction presented in the steps below. In the process of eliminating Security Essentials 2010 from your machine you will need to shut down the browser. And since this will also shut down the tutorial, you need to know what you should do next.

Step 2. You will have to install Malwarebytes’ Anti-Malware. In this regard you need to download the software’s setup executable. Just click this link and save the .exe file on your computer (preferably on your desktop).

Step 3. Double click the Malwarebytes’ Anti-Malware setup executable. It should be on the desktop under the name mbam-setup. This will launch the installation process. If you already know how to install a piece of software, proceed to step 4. If you do not know how to do this, we’ll walk you though it all:



- The Select Setup Language window should have popped up. By default, the language in which the software will be installed is set to English, but you can change this. The software provides support for 30+ languages. After selecting the language of your choice, click OK. It would be best to just leave it set to English though.



- The Malwarebytes’ Anti-Malware Setup Wizard will now popup. Just click Next.



- You will be presented with the License Agreement. Click I accept the agreement and then click Next. If you do not accept the agreement you will not be able to continue.



- Keep clicking Next until you get to the Ready to install window. Now click Install. After the installation process completes click Finish. Do not uncheck the boxes next to Update Malwarebytes’ Anti-Malware or Launch Malwarebytes’ Anti-Malware.















Step 4. The Malwarebytes’ Anti-Malware application will launch automatically. The Perform quick scan option should be checked by default – if it isn’t then check it and then click Scan. You are well advised to close all running apps before clicking scan. This will ensure the scan for Security Essentials 2010 will complete swiftly.



Malwarebytes’ Anti-Malware will start scanning your files for signs of Security Essentials 2010. This may take a while, so be patient. It all depends on how powerful your computer is and how many files Malwarebytes’ Anti-Malware has to scan.



When the scan for Security Essentials 2010 is complete you will be presented with a notification box. Click OK to close the notification box and go to the main Scanner screen. Click Show Results and you will be presented with a list of all the infected files Malwarebytes’ Anti-Malware has detected.





Step 5. Click Remove Selected and Malwarebytes’ Anti-Malware will remove all the infected files it has detected. It may be necessary to restart your computer in order to remove some of these files. After Malwarebytes’ Anti-Malware is done removing all the infected files, it will open Notepad and present the scan log to you. You can review the log at your leisure – save it If you want.



Step 6. Close Malwarebytes’ Anti-Malware and you’re done. No traces of Security Essentials 2010 should be left on your computer.

Manual removal guide

Stop and remove the processes:



Access the Windows Registry Editor and delete the following registry keys:



Locate and delete the following files:



Unregister the following DLL libraries:



Block access to the domain(s):





Don't forget to:

Tags:

Link to this article:

Comments


Add comment:

Top Downloads

Copyright © FindMySoft.com 2005-2011
0.029 s