A relation of the notorious rogue anti-malware applications Cleanup Antivirus and Security Guard, My Security Engine uses scare tactics to trick users into paying for its software license. My Security Engine gets installed on the user’s system via Trojans that get downloaded from malicious websites by exploiting security weaknesses found on user connections. Once installed, My Security Engine proceeds to perform a large number of fake security scans on the system, generating false reports which state that the computer is under threat from malware. It also generates an endless stream of fake warning pop-ups from the Windows taskbar. Meanwhile, My Security Engine repeatedly requests the user to purchase a license to the ‘full’ version of the software, claiming that the currently installed ‘trial’ version is insufficient to remove all the detected ‘threats’. It enforces this request through its GUI, through pop-ups and through the results of fake scans. However, it is important to note that this is fake software, therefore none of its versions are capable of properly scanning or cleaning any system. Here Remove My Security Engine you will get info about removing this virus.

My Security Engine

As soon as you find a copy of this malicious software installed on your computer, you should take steps to delete My Security Engine. My Security Engine removal involves the stopping of processes, the unregistration of DLLs, the deletion of files and folders and the removal of registry entries.

File Removal Procedures

The first step in My Security Engine removal is to kill the following processes:

  • MS345d.exe
  • PE.exe

The next step in My Security Engine removal is to unregister the following DLL files:

  • pal.dll
  • PE.dll
  • gid.dll
  • exec.dll
  • energy.dll
  • ANTIGEN.dll
  • CLSV.dll
  • mozcrt19.dll
  • sqlite3.dll

Next, it is necessary to remove the following files and folders:

Windows XP:

  • c:\Documents and Settings\All Users\Application Data\345d567
  • c:\Documents and Settings\All Users\Application Data\345d567\2322.mof
  • c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
  • c:\Documents and Settings\All Users\Application Data\345d567\MS345d.exe
  • c:\Documents and Settings\All Users\Application Data\345d567\MSE.ico
  • c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
  • c:\Documents and Settings\All Users\Application Data\345d567\BackUp\
  • c:\Documents and Settings\All Users\Application Data\345d567\MSESys\
  • c:\Documents and Settings\All Users\Application Data\345d567\MSESys\vd952342.bd
  • c:\Documents and Settings\All Users\Application Data\345d567\Quarantine Items
  • c:\Documents and Settings\All Users\Application Data\MSHOLE\
  • c:\Documents and Settings\All Users\Application Data\MSHOLE\MSJKEJCCE.cfg
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Engine.lnk
  • %UserProfile%\Application Data\My Security Engine\
  • %UserProfile%\Application Data\My Security Engine\cookies.sqlite
  • %UserProfile%\Application Data\My Security Engine\Instructions.ini
  • %UserProfile%\Desktop\My Security Engine.lnk
  • %UserProfile%\Recent\ANTIGEN.dll
  • %UserProfile%\Recent\CLSV.dll
  • %UserProfile%\Recent\eb.sys
  • %UserProfile%\Recent\energy.dll
  • %UserProfile%\Recent\exec.dll
  • %UserProfile%\Recent\exec.drv
  • %UserProfile%\Recent\exec.tmp
  • %UserProfile%\Recent\gid.dll
  • %UserProfile%\Recent\kernel32.sys
  • %UserProfile%\Recent\kernel32.tmp
  • %UserProfile%\Recent\pal.dll
  • %UserProfile%\Recent\PE.dll
  • %UserProfile%\Recent\PE.exe
  • %UserProfile%\Recent\ppal.drv
  • %UserProfile%\Recent\runddlkey.drv
  • %UserProfile%\Recent\SICKBOY.sys
  • %UserProfile%\Recent\tjd.sys
  • %UserProfile%\Start Menu\My Security Engine.lnk
  • %UserProfile%\Start Menu\Programs\My Security Engine.lnk
  • c:\Program Files\Mozilla Firefox\searchplugins\search.xml
  • %Documents and Settings%\All Users\Application Data\e4a12b7
  • %Temp%\del.bat

Windows Vista/7:

  • c:\%User%\ AppData\345d567
  • c:\ %User%\ AppData \345d567\2322.mof
  • c:\ %User%\ AppData \345d567\mozcrt19.dll
  • c:\ %User%\ AppData \345d567\MS345d.exe
  • c:\ %User%\ AppData \345d567\MSE.ico
  • c:\ %User%\ AppData \345d567\sqlite3.dll
  • c:\ %User%\ AppData \345d567\BackUp\
  • c:\ %User%\ AppData \345d567\MSESys\
  • c:\ %User%\ AppData \345d567\MSESys\vd952342.bd
  • c:\ %User%\ AppData \345d567\Quarantine Items
  • c:\ %User%\ AppData \MSHOLE\
  • c: %User%\ AppData \MSHOLE\MSJKEJCCE.cfg
  • %User%\ AppData \Microsoft\Internet Explorer\Quick Launch\My Security Engine.lnk
  • %User%\ AppData \My Security Engine\
  • %User%\ AppData \My Security Engine\cookies.sqlite
  • %User%\ AppData \My Security Engine\Instructions.ini
  • %User%\ AppData \My Security Engine.lnk
  • %UserProfile%\Recent\ANTIGEN.dll
  • %UserProfile%\Recent\CLSV.dll
  • %UserProfile%\Recent\eb.sys
  • %UserProfile%\Recent\energy.dll
  • %UserProfile%\Recent\exec.dll
  • %UserProfile%\Recent\exec.drv
  • %UserProfile%\Recent\exec.tmp
  • %UserProfile%\Recent\gid.dll
  • %UserProfile%\Recent\kernel32.sys
  • %UserProfile%\Recent\kernel32.tmp
  • %UserProfile%\Recent\pal.dll
  • %UserProfile%\Recent\PE.dll
  • %UserProfile%\Recent\PE.exe
  • %UserProfile%\Recent\ppal.drv
  • %UserProfile%\Recent\runddlkey.drv
  • %UserProfile%\Recent\SICKBOY.sys
  • %UserProfile%\Recent\tjd.sys
  • %UserProfile%\Start Menu\My Security Engine.lnk
  • %UserProfile%\Start Menu\Programs\My Security Engine.lnk
  • c:\Program Files\Mozilla Firefox\searchplugins\search.xml
  • %User%\ AppData \e4a12b7
  • %Temp%\del.bat

Once the above files and folders have been removed, My Security Engine no longer resides on your hard disk. While this step has been completed it is recommended to ensure that no other malicious files reside on your disk. In order to do so a complete scan using legitimate antivirus software such as Spyware Doctor with Antivirus may proof to be a good choice.

Registry Removal Procedures

File removal alone is not sufficient to completely remove My Security Engine. In order to ensure complete My Security Engine removal, it is necessary to delete the following keys and settings from the registry as well:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “%CommonAppData%\e4a12b7\MySecurityEngine.exe”
  • HKEY_CURRENT_USER\Software\3
  • HKEY_CLASSES_ROOT\CLSID\3F2BBC05-40DF-11D2-9455-00104BC936FF
  • HKEY_CLASSES_ROOT\MS345d.DocHostUIHandler
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” =”http://findgala.com/?&uid=195&q=searchTerms”
  • HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=195&q=searchTerms”
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PRS” = “http://127.0.0.1:27777/?inj=%ORIGINAL%”
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Security Engine”
  • HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = findgala.com/?&uid=195&q=searchTerms

Once the above steps have been completed you have successfully removed My Security Engine from your system.

Conclusion

Manual My Security Engine removal is not recommended for inexperienced users, as any mistake made during removal could cause damage to the operating system. Inexperienced users are advised to make use of a web-based repair service such as www.onlinecomputerrepair.org or legitimate antivirus software such as Spyware Doctor with Antivirus to ensure safe and complete My Security Engine removal.

Be Sociable, Share!