Posts Comments

E-Set Antivirus 2011 FAKE

By admin on March 19, 2011 Leave a Comment

This E-Set Antivirus 2011 removal guide is here to help. Be sure to read the full guide before getting started to ensure best results.

 What is E-Set Antivirus 2011?

In this instance the E-set Antivirus client we are talking aout is a FAKE antivirus client. It’s a direct client of the FAKE AVG antivirus client as well as several others from the past. The real E-Set Antvirus Software is a good program and actually recommended by many profesionals. However this program is clearly a fraud. If you made the mistake of purchasing this false client please read the What to do if you purchased a fake client guide.

How Did I get infected with E-Set Antivirus 2011?

Computers get infected with E-Set Antivirus 2011 from what is known as a Drive By Download and from installing a program that they thought was something else like a video update. A drive by download is when a malicious website or website that has been hacked, injects code onto that web page and when a user visits the page he/she is prompted to run or install a program. In some cases these programs may auto install. Most paid clients out there like Spyware Doctor with Antivirus are able to block these types of infections. If your antivirus software did not block this install you should consider making a switch. It’s obvious whatever you have is not protecting you.

It’s important to also point out that in many cases those who get infected with E-Set Antivrus 2011 may of had it installed from a trojan that has been on your computer from a previous date. You could of been infected for weeks with a computer virus and not of known it. Be sure to run a full virus scan once you are done following this guide to ensure you have no other threats installed on the computer.

What is E-Set Antivirus 2011 Doing to My Computer Right Now?

The scan results found by this bogus security client are all fake.  The warning messages shown are also fake. Normally E-Set Antivirus 2011 hijacks the users desktop on XP systems. It will also block security clients from running and installing as well as all other executables except firefox.exe and iexplorer.exe and a few others.

While you may get security measures about your system sending out spam or your private files benign accessed. In most cases these are false warnings meant to scare you into making a purchase of this client.

Here are some examples of FALSE messages that E-Set Antivirus 2011 puts out.

Warning!

Virtumonde is an adware program that tends to monitor your Internet browsing habits and may display targeted advertisements onto your computer screen. Virtumonde may also create a malicious DLL file in order to log your keystrokes and send the recorded information to a third party website. Virtumonde is an unwanted application and recommended to be removed.

Warning! Identity theft attempt detected!

Attacker IP:

Attack Target: Microsoft Corp. Keys

Description: Remote host tries to get access to your personal information.

System Tool Warning

Intercepting programs that may compromise your private and harm your system have been detected on your PC.

Click here to remove them immediately with System Tool.

E-Set Antivirus 2011

E-Set Antivirus 2011

» Download E-Set Antivirus 2011 Removal Software

You need to remove E-Set Antivirus 2011 as soon as you can. In many cases users have other hidden trojans installed on their computer as well. This is why it’s so important to run a full virus scan even if you follow the manual removal guide below.

Remove Proxy Setting so You Can Connect to the Internet Again.

Proxy Settings

E-Set Antivirus 2011 Manual Removal Procedures

The first step you must take in order to remove E-Set Antivirus 2011 is to stop the following process. Watch the video for guidance.

  • e-set.exe
  • [random].exe in our case is was lsiexecs.exe

To Stop this process you can:

A. Browse to the file location shown below and re-name the file first and then restart your computer. Then browse to that file location again and delete the file.

B: Boot into safe mode and delete the file

C: Boot into Safe Mode with Networking and download our recommend Spyware Doctor with Antivirus from our site. Install and update the client and run a scan. It should pickup the traces of this virus and any other virus installed. Now you can manually browse to the locations shown to be infected and do what is required to fix those traces. Please note that the SDA client will not remove threats unless you purchase the software. Like most antivirus clients that actuall protect your computer it does cost money

The next step in E-Set Antivirus 2011 removal is to delete the following files:

Windows XP:

  • C:\Documents and Settings\All Users\Application Data\[random]\[random].exe
  • New Path C:\Documents and Settings\USER NAME\Local Settings\Application Data

Windows Vista/7:

  • C:\ProgramData\[random characters ]\[random characters].exe
  • New Path C:\Users\USER NAME\AppData\Local

E-Set Antivirus 2011 Registry Removal Procedures

Once you have deleted the above E-Set Antivirus 2011 file trace you will also want to remove the infected registry item. This is not a requirement as you already deleted the main executable.:

  • HKEY_CURRENT_USERSoftwareA88246

    HKEY_CURRENT_USERSoftwareMon246

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “E-Set 2011” = ‘%ProgramFiles%e-set.exe’

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User AgentPost Platform “WinNT-A8I 16.03.2011”

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionschrome.exe “Debugger” = ‘lsiexecs.exe -sb’

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsfirefox.exe “Debugger” = ‘lsiexecs.exe -sb’

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsiexplore.exe “Debugger” = ‘lsiexecs.exe -sb’

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsopera.exe “Debugger” = ‘lsiexecs.exe -sb’

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionssafari.exe “Debugger” = ‘lsiexecs.exe -sb’

E-Set Antivirus 2011 Directories:

XP

  • c:\ProgramFiles\E-Set 2011 %
  • c:\ProgramFiles\E-Set 2011e-set.exe
  • %UserProfile%DesktopE-Set Antivirus 2011.lnk
  • %System%lsiexecs.exe
  • c:\Documents and SettingsAll UsersStart MenuE-Set 2011
  • c:\Documents and SettingsAll UsersStart MenuE-Set 2011E-Set Antivirus 2011.lnk
  • c:\Documents and SettingsAll UsersStart MenuE-Set 2011Uninstall.lnk

Windows 7 / Windows Vista

  • C:\ProgramFiles86\E-Set 2011
  • C:\ProgramFiles86\E-Set 2011e-set.exe
  • C:\Users\All Users\E-Set 2011
  • C:\Users\All Users\E-Set 2011E-Set Antivirus 2011.lnk
  • C:\Users\All Users\E-Set 2011Uninstall.lnk

Outside Resources:

http://kb.eset.com/esetkb/index?page=content&id=SOLN2697&locale=en_US

Filed Under: Virus Removal Tagged With: , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.