Threat Database Rogue Anti-Spyware Program Internet Security Essentials

Internet Security Essentials

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 3
First Seen: February 21, 2011
OS(es) Affected: Windows

Internet Security Essentials is such a plain, uninteresting name that it might trick some people into thinking that this is anti-virus software – but don't be fooled. Internet Security Essentials is a fake program and part of a scam meant to scare you into paying money for malware.

Signs of an Internet Security Essentials Infection

Internet Security Essentials behaves like typical rogue anti-virus software. Internet Security Essentials engages in scare tactics and lies about having an association with Windows in order to get you to pay for the software, after which you will not get anything for your money. So, the range of symptoms of an infection with Internet Security Essentials is pretty typical. When your computer starts, you'll see a bogus home screen, which is made to look as if it is a window within Windows, as a system component. On the left, it will say "Advanced Security Center" with a bunch of icons that are supposed to represent different security functions, and aside from using Windows styling, some of the icons are ripped off from Windows, too. In a few places, the interface will say that Internet Security Essentials is not activated and that you should activate Internet Security Essentials to get "ultimate protection." There's even a customer support button, but because there is no actual company behind Internet Security Essentials, that button is just for show.

From its fake interface, Internet Security Essentials will run phony system scans. These scans will turn up long lists of results, and many of the "threats" in the lists are files that Internet Security Essentials created in order to find them later. In other words, the threats that Internet Security Essentials claims to find on your system aren't really there, and Internet Security Essentials plants a few files that are named right, in order to convince you that Internet Security Essentials is capable of detecting threats. (It isn't.) Then you'll get a button that says "Remove all," but if you do click it to try to erase the nonexistent threats, Internet Security Essentials will tell you that you have to pay for the full version of its software for that to happen. You'll be directed to the phony website that claims to be from the company that makes Internet Security Essentials, but it's just the payment site for the scam.

After you have gotten past the fake home screen and gotten to the desktop, Internet Security Essentials will continue to interfere with your computer. Internet Security Essentials will generate alerts and error messages that claim that some kind of identity theft is going on, that tons of viruses have just been detected on the computer and that someone is trying to access your "Microsoft Corporation keys." (Presumably, this is supposed to refer to the Windows product key, but who knows? The English is bad enough that they might have been trying to talk about the registry.) Again, as usual, these alerts will recommend that you "register" Internet Security Essentials in order to keep your computer secure.

If the fake scans and alerts are Internet Security Essentials's scare tactics, then its disabling of other programs and interference with Internet browsing are Internet Security Essentials's ransoming tactics. You might not fall for the fake, scary-sounding warnings and scan results, so Internet Security Essentials will prevent you from using anything Internet Security Essentials doesn't want you to use. Internet Security Essentials will prevent many other programs from running, including actual security software and Task Manager. Internet Security Essentials also changes the HOSTS file, so that when you search for certain things on any of the major search engines, you get redirected to a malicious site promoting Internet Security Essentials. Internet Security Essentials has the capability to block other sites, as well, which means that Internet Security Essentials can seriously limit what you are able to do online.

In order to infect computers, Internet Security Essentials makes use of malicious, fake "scanner" websites. These sites may be promoted through advertising or by manipulation of search engine optimization, causing malicious sites to come up higher in the list of results. When you visit one of these sites, Internet Security Essentials runs some Javascript, plays some animations for scan progress, and then says your computer is infected with a bunch of different things. Then, Internet Security Essentials recommends a download of Internet Security Essentials, or it prompts you to remove the threats, and when you click on any of the buttons, you see that Internet Security Essentials is trying to start a download of Internet Security Essentials. More likely than not, the file downloaded will not have a name that is anything close to Internet Security Essentials, but some other kind of generic security-sounding name. Once that file downloads, the next time you restart your computer, the Internet Security Essentials malware will be present. There are also reports of Internet Security Essentials infiltrating systems through drive-by downloads, where the user is not aware that a download is taking place.

Internet Security Essentials's Background

Internet Security Essentials is nothing new. Internet Security Essentials comes from a family of malware applications, with a long history of fraud. The members of this family all look and act essentially the same, with only tiny differences appearing in each new version of the malware. Some of these other rogue security applications that belong to the FakeVimes family and are related to Internet Security Essentials are Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst. This is by no means a complete list, since this malware family has been around for a little while, and it is continuing to grow. Internet Security Essentials is just another infection that promotes and supports the same Russian scam, and Internet Security Essentials showed up in February 2011.

SpyHunter Detects & Remove Internet Security Essentials

File System Details

Internet Security Essentials creates the following file(s):
# File Name MD5 Detections
1. InternetSE.exe 6dd8197129bf2a279d31e6ce64c30ecc 1
2. IS90d_289.exe 2b9978d50ca91e89989f46c40d63d60e 1
3. InternetSE.exe 9732ae15b8e6c185030535ee61ede13a 1


Most Viewed