none
Microsoft Security Essentials alert

    Question

  • I received this red terror alert and cannot get rid of it.  It keeps showing up on my screen even though I reboot or turn the system off.  I cannot even access the internet. or email.  I am on another computer now.  How do I get rid of this bogus alert?

    It wants me to sign up for these unknow security sites.  I use Mawarbytes Anti Malware.  I scanned my system and I did have a few items but Malware took them out.  I still cannot get rid of this bleeping waring screen and access the net.

    HELP

    Friday, September 10, 2010 7:23 PM

Answers

  • Hello DonJB23,

     
      Microsoft Security Essentials (MSE) does not do what you have described. If MSE detects malware, the only thing MSE would do is tell you what the problem is and ask you how you want MSE to take care of it.   MSE would Not ask you to buy anything and would Not tell you to go to a Non-Microsoft website.

      Most like what you have is a type of malware known as ScareWare.  ScareWare trys to scare the user into going to a webite to buy a "Anti-Virus" program which turns out to a Virus itself.  The reason Scammers like ScareWare so much is because they get your money, your Credit Card number and they get you to voluntarily install their Virus on your computer so they can use it to send out spam and such. In their view, it's a win-win-win but for you, it can be a big pain in the neck.

      The type of scareware you have appears to be masquerading as Microsoft Security Essentials.

      This forum is for the support of Vista Validation (Non-genuine) issues, so I don't have the knowledge to instruct you on how to remove this scareware.  But I do recommend that you go to either the 'Security, Privacy, and User Accounts section of the Windows Vista Answers Forum http://social.answers.microsoft.com/Forums/en-US/category/windowsvista
     or to the Microsoft Security Essentials forums http://social.answers.microsoft.com/Forums/en-US/category/mse. Either of these forums should have people that will be able to help you.

    Thank you,


    Darin MS
    Friday, September 10, 2010 9:57 PM
    Owner

All replies

  • Hello DonJB23,

     
      Microsoft Security Essentials (MSE) does not do what you have described. If MSE detects malware, the only thing MSE would do is tell you what the problem is and ask you how you want MSE to take care of it.   MSE would Not ask you to buy anything and would Not tell you to go to a Non-Microsoft website.

      Most like what you have is a type of malware known as ScareWare.  ScareWare trys to scare the user into going to a webite to buy a "Anti-Virus" program which turns out to a Virus itself.  The reason Scammers like ScareWare so much is because they get your money, your Credit Card number and they get you to voluntarily install their Virus on your computer so they can use it to send out spam and such. In their view, it's a win-win-win but for you, it can be a big pain in the neck.

      The type of scareware you have appears to be masquerading as Microsoft Security Essentials.

      This forum is for the support of Vista Validation (Non-genuine) issues, so I don't have the knowledge to instruct you on how to remove this scareware.  But I do recommend that you go to either the 'Security, Privacy, and User Accounts section of the Windows Vista Answers Forum http://social.answers.microsoft.com/Forums/en-US/category/windowsvista
     or to the Microsoft Security Essentials forums http://social.answers.microsoft.com/Forums/en-US/category/mse. Either of these forums should have people that will be able to help you.

    Thank you,


    Darin MS
    Friday, September 10, 2010 9:57 PM
    Owner
  • I fixed the same problem on my xp. I had downloaded a virus i guess. I looked up all the recently created files in the SEARCH bar in the Start menu i found a exe file called antispy that was created about the same time the stupid red windows error showed up. The virus file was in the APPLICATION DATA folder. it wouldnt let me delete so i restarted in SAFE MODE WITH COMMAND PROMPT.  and typed in                >del c:\"documents and settings"\hp_owner\"application data"\antyspy.exe    then enter and did it again just to make sure it wasnt there because a filepath error sign showed up the second time. the filepath and name of the file migt be different for you but i hope this helps.
    • Proposed as answer by imnotanangel2 Tuesday, October 12, 2010 12:04 AM
    Friday, September 17, 2010 12:55 AM
  • If you have two users set up on your windows the easy way is to login as the other user, download the real Microsoft Security Essentials, then run it.  It will find the file for you and you can delete it.  Once you have restarted the computer you can log back in as the user that got the scareware. Essentials may pop up, just do what it tells you and reboot again and then it is gone.

    Saturday, September 25, 2010 12:40 PM
  • I had the same problem but used system restore to the day before the problem came (today)

    I like Kathy Tatro's approtch and should be a standard practice. I use 2 admin's and 1 guest. sometimes when a virus gets into my system and prevents the user from logging in, sometimes it wont prevent the other users and im able to atleast boot the sys.

    the fake Microsoft Security Essentials Alert  was picked up while visiting racinglivecodes.com . After the infection (i recall a sunjava window opened and closed) I couldnt open IE 32 bit without that fake alert. I was able to run ie64 bit to research the problem and found I needed to do a sys restore or edit the reg. Also important, after repairing the prob, I activated windows firwall went back to the site and nothing happend. So that taught me a lesson, use your hardware firewall and a software firewall.

    Sunday, September 26, 2010 2:36 AM
  • It works for me! Boot in SAFE MODE WITH COMMAND PROMPT then  look for the EXE file (in the directory c:\"documents and settings"\Logged_user\"application data"\) that created/modified around when the fake "Microsoft Security Essentials Alert" popped up. The filename was hotfix.exe in my case. THANKS
    Tuesday, November 16, 2010 10:48 PM
  • Believe it or not, I removed it simply with Ad-Aware.  It was the one process that the trojan couldn't block, and when AdAware detected it, it immediately removed it.
    Monday, November 22, 2010 10:20 PM