Security Essentials Ultimate Pack

Security Essentials Ultimate Pack is a counterfeit security application that is being endorsed on fake security web sites as a legitimate anti-virus software. But in reality, this application was developed in the main purpose of stealing money from its innocent victims and use unfair marketing techniques to be able to sell it over the Internet. When diagnosed by security experts, it was found out that Security Essentials Ultimate Pack has no capability to provide computer protection because it does not contain any files and components to provide as such. It was mainly a program that will run a fake scan and shows typical fabricated results to persuade users into obtaining the licensed version of the program.

One indication that it is a rogue program is the illegal use of the name Security Essentials Ultimate Pack, Microsoft Security Essentials is a free and bundled components on latest release of Windows system. Aside from it, there are not other versions such as Ultimate Pack or whatever. So having a program like Security Essentials Ultimate Pack inside the computer simply means that it is infected with a malicious software. Remove it and immediately run a full scan of anti-virus program to eliminate any other viruses on the computer.

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Security Essentials Ultimate Pack Removal Procedures

Manual Removal:
1. Press Ctrl+Alt+Del on keyboard to stop process associated to “Security Essentials Ultimate Pack”. When Windows Task Manager opens, go to Processes Tab and find and end the following process:
SecEls.exe

2. You need to update your installed antivirus application to have the latest database.
3. Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Security Essentials Ultimate Pack Virus.
4. Registry entries created by Security Essentials Ultimate Pack must also be remove from the Windows system. Please refer below for entries associated to the rogue program. [how to edit registry]
5. Exit registry editor.
6. Get rid of Security Essentials Ultimate Pack start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s):
SecEls.exe

7. Click Apply and restart Windows.

Security Essentials Ultimate Pack Removal Tool:
In order to completely remove the threat, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.

Scan with Norton Power Eraser:
A free removal tool from Norton Antivirus was developed to remove unfamiliar threats without using the traditional AV signatures. Download the tool from this location and start scanning the computer for viruses.

Technical Details and Additional Information:

If Security Essentials Ultimate Pack is installed, it will begin to display fake alerts as an scare tactics to mislead victims:

Critical Warning!
Critical System Warning! Your system is probably infected with a version of Trojan-Spy.HTML.Visafraud.a. This may result in website access passwords being stolen from Internet Explorer, Mozilla Firefox, Outlook etc. Click Yes to scan and remove threats. (recommended)

System warning!
Continue working in unprotected mode is very dangerous. Viruses can damage your confidential data and work on your computer. Click here to protect your computer.

Malicious Files Added by Security Essentials Ultimate Pack:
%AllUsersProfile%\Application Data\Security Essentials Ultimate Pack\SecEls.exe
%AllUsersProfile%\Application Data\Security Essentials Ultimate Pack\sebrls\
%AllUsersProfile%\Security Essentials Ultimate Pack\sebrls\seufrvxls.cfg
%AllUsersProfile%\Security Essentials Ultimate Pack\SecEls.exe
%AllUsersProfile%\Security Essentials Ultimate Pack\sebrls\
%AllUsersProfile%\Security Essentials Ultimate Pack\sebrls\seufrvxls.cfg

Security Essentials Ultimate Pack Registry Entries:
HKEY_CURRENT_USER\Software\SE2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “updatesst”
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%AllUsersProfile%\Security Essentials Ultimate Pack\SecEls.exe” /hide
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\SecEls.DocHostUIHandler

Leave a Reply

Your email address will not be published. Required fields are marked *