[KB2697] Fake/Rogue E-Set Antivirus 2011 malware

Solution

ESET has received reports of a fake/rogue security software program disguised with a false ESET Antivirus image with the name "E-Set Antivirus 2011". ESET usually detects this rogue as variants of Win32/Kryptik or Win32/RogueAV. There are several variants of this malware, but the most recent sample displays the following window:   

Figure 1-1
Click the image to view larger in new window

For legitimate installations of ESET, the name ESET NOD32 Antivirus is displayed at the top left of the main program window, as shown below: 

Figure 1-2 
Click the image to view larger in new window

If you suspect that your computer is infected with this rogue "E-Set Antivirus 2011" malware (popups, slow or abnormal behavior), visit this ESET Knowledgebase article: I think my computer has a virus – what should I do?

If you are not a customer and you currently do not have security software, visit our Free Antivirus Utilities page to run the ESET Online Scanner and to use our Spyware Removal and Antivirus Tools.