Nov 26, 2010 14:59 GMT  ·  By

Microsoft Security Essentials Alert is a nasty piece of malicious code that masquerades as the legitimate Microsoft Security Essentials in order to scare victims into thinking that their computers are infected to get them to pay money for the removal of inexistent malware. The Redmond company first warned of Microsoft Security Essentials Alert in August 2010, and has been working ever since to tackle the rogue antivirus.

As is the case with other fake AV, Microsoft Security Essentials Alert is designed to trick users into thinking that their machine is plagued with malware.

Microsoft Security Essentials Alert does an excellent job at impersonating the real MSE, which is a free security solution offered to Windows users by Microsoft.

However, Microsoft Security Essentials Alert is nothing more than an impostor. Microsoft’s security solutions detect is as Rogue:Win32/FakePAV, namely a piece of scareware which attempts to convince users to pay for a license that will allow them to download and run another rogue antivirus which is supposedly among the very few solutions able to resolve their infection.

Obviously, Rogue:Win32/FakePAV or Microsoft Security Essentials Alert is not a real security solution, the threats are inexistent and users should not allow themselves to be tricked into paying money for anything, let alone a fake AV recommended by this piece of malicious code.

Once it managed to compromise a PC, Microsoft Security Essentials Alert is capable of seriously handicapping the user experience.

It does this by terminating a range of processes, including Windows Registry Editor, Internet Explorer, Windows Restore, but also additional utilities and applications.

The fake AV defaults the machine to its ThinkPoint" interface which cuts the user out of the PC completely.

“Win32/FakePAV ThinkPoint variant may modify the computer to stop the affected user from accessing the Desktop, Start Menu and Task Bar,” Microsoft stated.

With no access to Desktop, Start Menu, Task Bar, the Registry Editor, Internet Explorer, Windows Restore, etc. it’s extremely hard for end users to regain control over their PC.

In fact that you were indeed locked out of your computer by Microsoft Security Essentials Alert / ThinkPoint, there is something that you can do/

Microsoft has detailed a few steps necessary to remove the rogue AV. My advice is to first have Microsoft Security Essentials on hand, download it using another machine if you have to.

Other security solutions can also work, but the real MSE can detect and remove Microsoft Security Essentials Alert, and it’s also free provided that you have a genuine version of Windows.

Next, on the ThinkPoint menu click Settings. Check the Allow unprotected startup option and hit Save settings.

This action will permit you to close the rogue Microsoft Security Essentials Alert window and access Windows Explorer.

“Open a command prompt. To do this on Windows XP, click on Start>Run and type "cmd.exe" (without the quotes). To do this on Windows Vista and Windows 7, click on the Windows icon>Run and type "cmd.exe" (without the quotes).

“Kill 'hotfix.exe' by typing following command: taskkill /IM hotfix.exe,” Microsoft explained.

Now install the real Microsoft Security Essentials and fire it up, allowing it to scan your computer.

Microsoft Security Essentials is available for download here.