Saturday, April 24, 2010

My Security Engine Removal GuideMy Security Engine Removal Guide

My Security Engine Removal Guide
My Security Engine or MySecurityEngine is a rogue anti-spyware program that displays fake security notifications to trick you into purchasing their full version. My Security Engine may change your desktop settings to issue fake warning messages, and hijack the web browser to redirect you to unwanted websites. My Security Engine installs malicious files and automatically downloads itself onto your computer, which makes My Security Engine difficult to remove.

Removal Guide
Kill Process
(How to kill a process effectively?)
PE.exe
MS345d.exe

Unregister DLL files
%UserProfile%\Recent\PE.dll
%UserProfile%\Recent\exec.dll
%UserProfile%\Recent\energy.dll
%UserProfile%\Recent\CLSV.dll
%UserProfile%\Recent\ANTIGEN.dll
%UserProfile%\Recent\pal.dll
%UserProfile%\Recent\gid.dll
%ALLUSERSPROFILE%\Application Data\345d567\sqlite3.dll
%ALLUSERSPROFILE%\Application Data\345d567\mozcrt19.dll

Delete Registry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "My Security Engine"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS"
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL"
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes "URL"
HKEY_CLASSES_ROOT\MS345d.DocHostUIHandler

Remove Folders and Files
%ProgramFiles%\Mozilla Firefox\searchplugins\search.xml
%UserProfile%\Start Menu\Programs\My Security Engine.lnk
%UserProfile%\Start Menu\My Security Engine.lnk
%UserProfile%\Recent\tjd.sys
%UserProfile%\Recent\SICKBOY.sys
%UserProfile%\Recent\runddlkey.drv
%UserProfile%\Recent\ppal.drv
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\PE.dll
%UserProfile%\Recent\exec.tmp
%UserProfile%\Recent\exec.drv
%UserProfile%\Recent\exec.dll
%UserProfile%\Recent\energy.dll
%UserProfile%\Recent\eb.sys
%UserProfile%\Recent\CLSV.dll
%UserProfile%\Recent\ANTIGEN.dll
%UserProfile%\Desktop\My Security Engine.lnk
%UserProfile%\Recent\pal.dll
%UserProfile%\Recent\kernel32.tmp
%UserProfile%\Recent\kernel32.sys
%UserProfile%\Recent\gid.dll
%UserProfile%\Application Data\My Security Engine
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Engine.lnk
%ALLUSERSPROFILE%\Application Data\MSHOLE
%ALLUSERSPROFILE%\Application Data\345d567

No comments:

Post a Comment