Se-2011-payment.com
Se-2011-payment.com is a corrupt website designed to promote the rogue security program Security Essentials 2011. Se-2011-payment.com produces annoying pop-ups to convince users the PC is infected with malware. You will be lured to pay for the "full" version product to get rid of the so-called infections. The alleged threats do not exist at all. It is all a scam and Se-2011-payment.com should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[User_Name]\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Essentials 2011.LNK 2 %Documents and Settings%\[User_Name]\Application Data\Security Essentials 2011\ 3 %Documents and Settings%\[User_Name]\Application Data\Security Essentials 2011\[random_letters]\ 4 %Documents and Settings%\[User_Name]\Application Data\Security Essentials 2011\[random_letters]\[random_letters].cfg 5 %Documents and Settings%\[User_Name]\Application Data\Security Essentials 2011\SE2010.exe 6 %Documents and Settings%\[User_Name]\Desktop\Security Essentials 2011.LNK 7 %Documents and Settings%\[User_Name]\Start Menu\Security Essentials 2011.LNK 8 %Temp%\[random_letters].dll 9 %Temp%\[random_letters].exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\PhishingFilterHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shellHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\updatesstHKEY_CURRENT_USER\SOFTWARE\SE2010HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotifyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotifyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
but SE2011 is blocking me from accessing Task Manager and common prompt even in safe mode.