Rogue software details: Security Essentials 2010

Security Essentials 2010 is a rogue security application. In order to remove it, find out what files and registry entries to look for below.

Known system changes:

Files
c:\System\warnings.html
c:\System\helpers32.dll
c:\System\winlogon32.exe
c:\System\smss32.exe
c:\System\41.exe
c:\Temp\250904.exe
c:\StartMenu\Security essentials 2010.lnk
c:\Desktop\Security essentials 2010.lnk
c:\ProgramFiles\Securityessentials2010\SE2010.exe

Folders
c:\ProgramFiles\Securityessentials2010

Registry entries
Key: HKEY_CURRENT_USER\Software\SE2010
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run
Value: Security essentials 2010
Data: C:\Program Files\Securityessentials2010\SE2010.exe
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run
Value: smss32.exe
Data: C:\WINDOWS\system32\smss32.exe

Source: Lavasoft Malware Lab’s Rogue Gallery.




Share this