How to unblock your computer after fake Microsoft Security Essentials alert?
Fake Microsoft Security Essentials alert is a ransomware which tries to trick unsuspecting computer users into paying for a non existent payed Microsoft Security Essentials additional module of the "dynamic proactive protection". This scam is created by Cyber criminals who are making money from PC users who falls for the trickery of this ransomware and pays for a fake MSE update. Notice that Microsoft Security Essentials is a free antivirus program created by Microsoft, it doesn't ask to pay money for updates or anything else. Cyber criminals are exploiting the name of a reputable antivirus program to make their message appear more legitimate. When this ransomware infiltrates your PC you won't be able to access your desktop, this scam will indicate non existent security infections supposedly detected on your PC and will ask you to pay for fake MSE security update.
This ransomware is slightly different from others that actively infects Internet users all over the world, while other ransomware uses names of authorities and states that you have to pay a fine for distributing copyrighted content, this scam tries to sell computer users a non existent security update and uses a name of an antivirus software. Deceptive message used in this ransomware also states that your computer is highly infected with viruses so the misleading method used to trick PC users is similar to the ones used in fake antivirus programs. In reality none of the security infections that are indicated by this screen locker actually exist on your computer, ignore this message and don't pay for this fake Microsoft Security Essentials update.
Don't trust this message, it's a total scam - Microsoft Security Essential never asks to pay for it's updates. Notice that this ransomware can translate it's misleading message to your language using your computer's IP address. For example computer users who lives in Germany will see this message in their native language. To remove this scam from your PC use the provided removal guide:
Message shown in Fake Microsoft Security Essentials alert:
Microsoft Security Essentials Alert
Your system has been blocked for security reasons.
Microsoft Security Essentials detected potential threats! Your system has reached the critical security level, because of visiting sites with infected and pornographic contents. Its further use may lead to the system collapse and complete loss of information. To restore Your Windows system performance, you need to download and install an additional module of the dynamic proactive protection. This module is an optional paid update for especially infected Windows systems. It eliminates the cause of system slowdown, associated with the presence of difficult-found
malicious software, prevents the system crash and stabilize its operation. Recommendation: Download and install proactive protection module.
Computer status - At risk To install this update please insert below Ukash or Paysafecard voucher pin-code. You can buy this voucher at the
nearest press salon Inmedio, Inmedio Cafe, Relay and 1-Minute. After your payment is done, Your computer will be immediately updated and protected, all Trojans and viruses will be removed.
Fake Microsoft Security Essentials alert removal:
Step 1
Start your computer in safe mode. Click Start, then click Shut down. Select Restart and click OK. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with networking from the list and press ENTER.
Step 2
Log in to the account that is infected with Fake Microsoft Security Essentials alert. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all the entries that it detects.
remover for Fake Microsoft Security Essentials alert
After completing these steps your computer should be clean, reboot your computer in normal mode.
Alternative Fake Microsoft Security Essentials alert removal guide:
If this ransomware blocks your screen when you start your computer in safe mode with networking, try starting your PC in safe mode with command prompt.
1. During your computer starting process press F8 key on your keyboard multiple times until Windows Advanced Options menu shows up, then select Safe mode with command prompt from the list and press ENTER.
2. In the opened command prompt type explorer and press Enter. This command will open explorer window, don't close it and continue to the next step.
3. In the command prompt type regedit and press Enter. This will open the registry editor window.
4. In the registry editor window you should navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
5. In the right side of the window locate "Shell" and right click on it. Click on Modify. The default value data is Explorer.exe if you see something else written in this window remove it and type in Explorer.exe (you can write down whatever else was written in the value data section - this is a path of the rogue execution file) - use this information to navigate to the rogue executable and remove it.
6. Restart your computer, download and install a legitmate anti-spyware software and perform a full system scan to eliminate any left remnants of Fake Microsoft Security Essentials alert.
remover for Fake Microsoft Security Essentials alert
If you can't start your computer in safe mode with networking (or with command prompt) you should boot your computer using a rescue disk. Some variants of ransomware disables safe mode making it's removal more complicated. For this step you will need access to another computer. After removing Cybercrime Investigation Departament scam from your PC restart your computer and scan it with a legitimate antispyware software to remove any possibly left remnants of this security infection.
Anti-spyware programs known to detect and remove Fake Microsoft Security Essentials alert:
Some malicious software modifies browser settings and disables downloads of spyware and virus removing software. If you have problems downloading anti-spyware software with Internet Explorer, try downloading with Chrome, FireFox, Opera, etc.
If you can't access Internet:
Load your computer in safe mode. Click Start, click Shut down, click Restart, click OK. During your computer starting process press F8 key on your keyboard multiple times until you see Windows Advanced Option menu, then select Safe mode with networking from the list.
Start Task manager. Press ctrl+alt+del (or ctrl+shift+esc) and end task the processes of rogue program. ( if after this procedure you can't access any programs press ctrl+alt+del, click File, select New Task, and type explorer.exe then press OK.
Open Internet explorer, click Tools and select Internet Options. Select Connections, then click LAN settings, if a Use a proxy server for your LAN is checked, un-check it and press OK.
After this procedure you should be able to access Internet. Now you can download anti-spyware software from our "Top spyware removers" section and run a full scan. Download, install and don't forget to update your selected anti-spyware program.
Manual Fake Microsoft Security Essentials alert removal:
If you were unable to remove Fake Microsoft Security Essentials alert using the steps above, you can use this manual removal instruction. Use it at your own risk. If you don't have strong computer knowledge you could harm your operating system. Be careful and use it only if you are an experienced computer user. (Instructions on how to end processes, remove registry entries...)
End these Fake Microsoft Security Essentials alert processes:
random.exe
Delete these Fake Microsoft Security Essentials alert files:
%Temp%\<random>.exe
%StartupFolder%\ctfmon.lnk