Home > Threats > Security Essentials Ultimate Pack

How to remove Security Essentials Ultimate Pack

Posted on 9 June 2011 under Rogue Programs

1. What is Security Essentials Ultimate Pack?

Security Essentials Ultimate Pack is a rogue anti-spyware program, which pretends to be virus and spyware removal tool. The program is installed through fake video codec trojan, which pretends to be a necessary tool to watch online videos. When user agrees to download this fake codec, Security Essentials Ultimate Pack will be downloaded and installed without prior user notice.

Security Essentials Ultimate Pack will be launched every time Windows are started and will automatically run computer scan. After scan is completed, many virus-like names will be listed in a scan report, even if the computer was clean before. All these infections are not real and are exposed to scare user thus convincing him that the computer is in not secure and has many infections. User is persuaded to purchase Security Essentials Ultimate Pack license in order to remove found threats. Security Essentials Ultimate Pack is not able to remove any kind of real viruses or spyware, even after the license has been purchased!

Security Essentials Ultimate Pack will block any executable from running, stating that the file has been infected:

Windows recommends to activate Security Essentials Ultimate Pack software.
A problem has been detected and the application has been shut down to prevent damage to your computer. Running of is impossible due to the activity. Perform the full system scan without delay to solve the issue.
Click "Yes, activate..." to register your copy of Security Essentials Ultimate Pack and perform a threat removal on your system.

Blocked EXE files effect makes Security Essentials Ultimate Pack removal complicated, because trusted anti-virus or anti-spyware programs cannot be started.

To start Security Essentials Ultimate Pack removal process:

  1. go to "Windows" directory and open "System32" folder (C:\Windows\system32). If there are no desktop icons, begin with Start -> My Computer;
  2. rename file taskmgr.exe to iexplore.exe. If file extensions are hidden, file taskmgr should be renamed as iexplore;
  3. double-click renamed file to open Task Manager;
  4. under Processes tab find malicious process, which name is SecEls.exe and end it;
  5. download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.

2. How to remove Security Essentials Ultimate Pack:

  1. Internet connection might be disabled or Internet browser might be blocked by Security Essentials Ultimate Pack, so it won't be possible to download any files to infected computer. In this case please download all files required for Security Essentials Ultimate Pack removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
  2. To remove Security Essentials Ultimate Pack download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
  3. After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:

  4. After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove Security Essentials Ultimate Pack.

  5. Restart the computer to complete Security Essentials Ultimate Pack removal procedure.

3. Security Essentials Ultimate Pack files:

%AllUsersProfile%\Security Essentials Ultimate Pack\SecEls.exe
%AllUsersProfile%\Security Essentials Ultimate Pack\sebrls\seufrvxls.cfg

4. Hijackthis entries:

O4 - HKCU\..\Run: [updatesst] "%AllUsersProfile%\Security Essentials Ultimate Pack\SecEls.exe"