Microsoft Security Essentials Alert Virus

Microsoft Security Essentials Alert Virus Description

Do not be misled by its name, the Microsoft Security Essentials Alert Virus has absolutely no relation with Microsoft or their flagship security product, Microsoft Security Essentials. In fact, criminals have been producing malware that takes advantage of the real Microsoft Security Essentials in order to carry out common online scams. For examples, the Fake Microsoft Security Essentials Alert Trojan is a common malware infection used to convince computer users to install rogue security software. In this case, we are referring to a ransomware infection which claims to be an alert from Microsoft Security Essentials and blocks access to your computer until you pay a fine. If you cannot access your computer because it is blocked by a message supposedly displayed by Microsoft Security Essentials, it is a clear indication that your machine has become infected with the Microsoft Security Essentials Alert Virus.

The Microsoft Security Essentials Alert Virus Scam

Like most ransomware infections, the Microsoft Security Essentials Alert Virus will block access to the victim's files, desktop, Windows services and applications, essentially holding the victim's computer hostage. The Microsoft Security Essentials Alert Virus will refuse to return control of the infected computer unless a fine is paid. Like most ransomware threats, the Microsoft Security Essentials Alert Virus' preferred methods of payment are money transfer services like Ukash or PaySafeCard. However, the Microsoft Security Essentials Alert Virus goes through the motions of displaying and then whiting out options like 'Money Order' and 'Credit Card Payment', claiming that these are blocked because of 'security reasons.' Basically, the Microsoft Security Essentials Alert Virus claims that the infected computer visited websites containing illegal content, such as pirated software and child pornography, and that the victim must now pay for a 'patch' for their copy of Microsoft Security Essentials in order to regain control of their computer. Of course, this is all a lie designed to steal your money.

Most legitimate security programs, including Microsoft Security Essentials itself, can remove the Microsoft Security Essentials Alert Virus from an infected computer. However, the main difficulty when dealing with this threat is actually gaining access to any security programs installed on the infected computer. ESG malware analysts advise using an alternative boot method to gain access to Windows and bypass this malicious fake alert.

Technical Information

File System Details

Microsoft Security Essentials Alert Virus creates the following file(s):
# File Name Size MD5
1 %UserProfile%\Application Data\PAV\
2 %UserProfile%\Application Data\tmp.exe
3 %UserProfile%\Application Data\defender.exe
4 %UserProfile%\Application Data\antispy.exe
5 %UserProfile%\Local Settings\Temp\kjkkklklj.bat
6 ime_new[1].exe 3,189,702 4ec107d24d7df6710678f8f4d66585dd

Registry Details

Microsoft Security Essentials Alert Virus creates the following registry entry or registry entries:
RegistryKeyValue
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"
RegistryKeysandSubkeys
HKEY_CURRENT_USER\Software\PAV
RunKeys
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"

More Details on Microsoft Security Essentials Alert Virus

The following messages associated with Microsoft Security Essentials Alert Virus were found:
The application taskmgr.exe was launched successfully but it was forced to shut down due to security reasons.
This happened because the application was infected by a malicious program which might pose a threat for the OS.
It is highly recommended to install the necessary heuristic module and perform a full scan of your computer to exterminate malicious programs from it.
Warning! Database updated failed!
Database update failed!
Outdated viruses database are not effective can't guarantee adequate protection and security for your PC! Click here to get the full version of the product and update the database!
Warning! Running trial version!
The security of your computer has been compromised! Now running trial version of the software! Click here to purchase the full version of the software and get full protection for your PC!

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

3 Comments

  • Marie fernandes:

    I have SPYHUNTER4 and I think it is active. It seems to remove the same problems each time. I may be wrong. I also have MICROSOFT ESSENTIALS that was put on (as recommended) by the computer man. He said it was all I needed. HP Friends man said he used SPYHUNTER4 everyday and that is when I purchased it. it scans and removes the problems as they occur. Do I need MICROSOFT ESSENTIALS also? And I cannot access the required Notepad operating system to check out the hosts listed. I need some assistance. Thank you for your assistance in this matter, Marie Fernandes

  • Maryam Muhammad:

    Hi, I have had a few different malware alerts. I once used one but it was taken off my phone and cleaned up my phone by my phone provider. Now I am receiving a Google alert which says I have 13 viruses in my phone, my provider says the phone is fine. The alert says the viruses came from watching port sites which I have not used. Someone else used my phone. Four new phones ago, now they claim the virus is in my sim card to remove and destroy my card and phone numbers. How do I get rid of this scam or problem?

  • Gabriel Garcia:

    I have a microsoft alert on my PC. Sysrem blocked for security reasons
    They have detected that a zeus virus has infected and its trying to sreal pictures, data and social networking password. What do I do

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.