Fake Microsoft Security Essentials alert
Written by Tomas Meskauskas
Damage level: Severe
How to unblock your computer after fake Microsoft Security Essentials alert?
Fake Microsoft Security Essentials alert is ransomware, which attempts to trick unsuspecting computer users into paying for a bogus Microsoft Security Essentials additional module for 'dynamic proactive protection'. This scam was created by cyber criminals who make money from PC users who fall for this deception and pay for the fake Microsoft Security Essentials update. Microsoft Security Essentials (MSE) is a free antivirus program created by Microsoft who do not request payment for updates. Cyber criminals exploit the name of a reputable antivirus program in order to make their message appear authentic. When this ransomware infiltrates your PC, you will be unable to access your desktop, and the scam will report 'security infections' supposedly detected on your PC. It will then ask you to pay for the fake MSE security update.
This ransomware is slightly different to others, in that it actively infects Internet users worldwide - attempting to sell a non existent security update using the name of legitimate antivirus software. Other similar ransomware scams use the names of authorities and demand that you pay a fine for distributing copyrighted content. The deceptive message displayed by this ransomware also states that your computer is highly infected with viruses - a similar misleading technique used by fake antivirus programs to trick PC users. In fact, none of the security infections reported by this screen locker actually exist on your computer, therefore, ignore this message and do not pay for this fake MSE update.
Do not trust this message, it is a scam. Microsoft Security Essentials never requests payment for updates. This ransomware translates its misleading message into your language using your computer's IP address. To remove this scam from your PC, use the removal guide provided:
A message displayed by Fake Microsoft Security Essentials alert:
Microsoft Security Essentials Alert.
Your system has been blocked for security reasons.
Microsoft Security Essentials detected potential threats! Your system has reached the critical security level, because of visiting sites with infected and pornographic content. Its further use may lead to system collapse and complete loss of information. To restore Your Windows system performance, you need to download and install an additional module of the dynamic proactive protection. This module is an optional paid update for especially infected Windows systems. It eliminates the cause of system slowdown, associated with the presence of difficult-found malicious software, prevents the system crash and stabilize its operation. Recommendation: Download and install proactive protection module.
Computer status - At risk. To install this update please insert below Ukash or Paysafecard voucher pin-code. You can buy this voucher at the nearest press salon Inmedio, Inmedio Cafe, Relay and 1-Minute. After your payment is done, Your computer will be immediately updated and protected, all Trojans and viruses will be removed.
Fake Microsoft Security Essentials alert removal:
Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Log in to the account that is infected with Fake Microsoft Security Essentials alert. Start your Internet browser and download a legitimate anti-spyware program. Update the anti-spyware software and start a full system scan. Remove all the entries detected.
After completing these steps, your computer should be clean Reboot your computer in Normal Mode.
Alternative Fake Microsoft Security Essentials alert removal guide:
If this ransomware blocks your screen when you start your computer in Safe Mode with Networking, try starting your PC in Safe Mode with Command Prompt.
1. During your computer starting process, press the F8 key on your keyboard multiple times until the Windows Advanced Options menu appears, and then select Safe Mode with Command Prompt from the list and press ENTER.
2. In the opened command prompt type explorer and press Enter. This command will open explorer window. Do not close it and continue to the next step.
3. In the Command Prompt type regedit and press Enter. This will open the Registry Editor window.
4. In the Registry Editor window, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
5. In the right side of the window, locate "Shell" and right click on it. Click on Modify. The default value in the Data column is Explorer.exe - if you see something else displayed in this window, remove it and type Explorer.exe (take a note of whatever else was displayed in the Data column - this is the path of the rogue execution file). Use this information to navigate to the rogue executable and remove it.
6. Restart your computer, download and install legitimate anti-spyware software, and perform a full system scan to eliminate any remnants of fake Microsoft Security Essentials alert.
If you cannot start your computer in Safe Mode with Networking (or with Command Prompt), boot your computer using a rescue disk. Some variants of ransomware disable Safe Mode, making its removal more complicated. For this step, you need access to another computer. After removing fake Microsoft Security Essentials alert from your PC, restart your computer and scan it with legitimate antispyware software to remove any possible remnants of this security infection.
Anti-spyware programs known to detect and remove Fake Microsoft Security Essentials alert: