Fake MSE-alert

M

mdcyclist

New member
Local time
10:00 AM
Messages
2
Good morning,

Yesterday I received a security alert from MSE. Unfortunately I ended up downloading something named Antispy Safeguard. It claims to be the world's leading security solution. And now it has taken over my startup. It also stops me from loading Microsoft Explorer until I download its' heuristics module. In order for me to continue the Antispy program is trying to extort $70 for a year's support. I have found no way around this devil. Can you assist?
 

My Computer

Computer Manufacturer/Model Number
Dell
OS
windows 7
hi !

that security alert was NOT from MSE !

it sound like a false antivirus (rogue) that pretends to be MSE.
there are som nasty rogues nowadays.

i suggest you create a NEW thread, and ask for support.
a tip: as subject write "Fake MSE-alert" or similar so you get attention....
 

My Computer

Computer Manufacturer/Model Number
Dell
OS
W7-Enterprise + WS-2008 (Converted to Workstation)
CPU
P4 2,4GHz (at 1,8GHz, "slow" RDRAM, only 400MHz FSB...)
Motherboard
Intel 850E
Memory
2GB
Graphics Card(s)
NVIDIA QUADRO2 PRO 64MB
Sound Card
Yes
Monitor(s) Displays
Dell 1702FP
Screen Resolution
1280x1024
Hard Drives
Yes
PSU
Yes
Case
Yes
Cooling
Yes
Keyboard
Yes
Mouse
Yes, and i also have Cats...
Internet Speed
University: 100 MBit/s, Home: UMTS 7,2 MBit/s
Other Info
W7 on a DINOSAUR: P2 with 266MHz CPU & 160MB RAM
thank you. sorry to have disturbed you.
 

My Computer

Computer Manufacturer/Model Number
Dell
OS
windows 7
mdcyclist said:
Good morning,

Yesterday I received a security alert from MSE. Unfortunately I ended up downloading something named Antispy Safeguard. It claims to be the world's leading security solution. And now it has taken over my startup. It also stops me from loading Microsoft Explorer until I download its' heuristics module. In order for me to continue the Antispy program is trying to extort $70 for a year's support. I have found no way around this devil. Can you assist?
Click to expand...

Hi mdcyclist, Welcome to seven forums.

Read/Try this - AntiSpy Safeguard - how to remove
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts

My Computer

OS
windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
It seems like I've got the same virus :(

When booting into windows i get a black screen with a pop up box showing this Antispy Safeguard it tells me to scan etc,,,

Trying to remove it now with with antivirus software I'll see how it goes :sarc:
 

My Computer

OS
Windows 7 Home Premium 64-bit
If these infections appear out of thin air (as opposed to clicking on something or opening a downloaded file of any kind), people should consider (at the earliest possible date) saving their data & settings with Easy Transfer Wizard, deleting all partitions, repartitioning the disk and reinstalling Windows. More and more rootkits (deep infections) try to monetize their control over your system by downloading and installing ransom schemes like these. However, even if you remove these adiitional malware infestations, the rootkit is still in control of your system and you can consider none of your passwords and presonal details safe any more.
 

My Computer

Computer Manufacturer/Model Number
Asus N73SV
OS
Windows 7 x64 Ultimate SP1
CPU
Core i7-2630QM
Motherboard
Intel HM 65
Memory
6 GB DDR3
Graphics Card(s)
Nvidia GT 540M / Intel HD 3000 - Optimus switching
Sound Card
HD Audio (Intel Azalia/Realtek) ALC269
Monitor(s) Displays
LED flat panel
Screen Resolution
1920 x 1080
Hard Drives
2x Seagate Momentus 640 GB - 1,28 TB in total
Internet Speed
4 MB/256 kbps
Other Info
External HDs

WD Elements 1,5 TB
WD MyBook 500 GB
Teerex said:
If these infections appear out of thin air (as opposed to clicking on something or opening a downloaded file of any kind), people should consider (at the earliest possible date) saving their data & settings with Easy Transfer Wizard, deleting all partitions, repartitioning the disk and reinstalling Windows. More and more rootkits (deep infections) try to monetize their control over your system by downloading and installing ransom schemes like these. However, even if you remove these adiitional malware infestations, the rootkit is still in control of your system and you can consider none of your passwords and presonal details safe any more.
Click to expand...

Nope, these are a result of social engineering. It fools the user into thinking they must click on something. In the case of the rogue MSE, even savvy users might be tempted to click on the "x" to close it out. But that will also install the virus or malware.
 

My Computer

Computer Manufacturer/Model Number
Dell and Custom
OS
Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer
CPU
System 1: i7 [email protected], System 2: AMD FX-4100 Zambezi 3.6G
Motherboard
System 1:Dell 06NWYK System 2: ASUS M5A97 AM3+
Memory
System 1: 8GB System 2: 8GB
Graphics Card(s)
System 1: ATI FirePro V4800 System 2: Radeon HD 6850
Sound Card
System 1: onboard System 2: onboard
Monitor(s) Displays
System1: Viewsonic HDMI 24"
Screen Resolution
System 1: 1920x1080 System 2: 1920x1080
Hard Drives
System 1: Mirrored .5B drives System 2: Seagate Barracuda ST1000DM003 1TB 7200 RPM 64MB Cache SATA 6.0Gb/s
Case
System 1: Dell System 2: Cooler Master
Internet Speed
10 MBPS
I try to teach people don't touch anything in the pop up. Don't even have your cursor over it. Shut your computer down. Start it up again and scan with your security systems.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home made Desktop
OS
Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
CPU
Intel i7-6800K @ 4.3
Motherboard
ASUS X-99 Deluxe II
Memory
Corsair Platinum 16 gig @2400
Graphics Card(s)
EVGA GTX 1070 OC
Monitor(s) Displays
Asus 27" LED LCD/VE278Q
Screen Resolution
1920-1080 or 1280-720 HDMI
Hard Drives
INTEL SSD 730-240 Gb Sata 3.0/
PSU
EVGA Platium 1200W
Case
Phanteks Luxe Tempered Glass 8 fans/ one radiator
Cooling
XSPC/ Water Cooled CPU
Keyboard
Das 4 Professional
Mouse
Logitech M705/MX Anywhere 2-S
Internet Speed
100 mbits
Antivirus
Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS
Browser
I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum
Other Info
LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Lemur said:
Teerex said:
If these infections appear out of thin air (as opposed to clicking on something or opening a downloaded file of any kind), people should consider (at the earliest possible date) saving their data & settings with Easy Transfer Wizard, deleting all partitions, repartitioning the disk and reinstalling Windows. More and more rootkits (deep infections) try to monetize their control over your system by downloading and installing ransom schemes like these. However, even if you remove these adiitional malware infestations, the rootkit is still in control of your system and you can consider none of your passwords and presonal details safe any more.
Click to expand...

Nope, these are a result of social engineering. It fools the user into thinking they must click on something. In the case of the rogue MSE, even savvy users might be tempted to click on the "x" to close it out. But that will also install the virus or malware.
Click to expand...

Well, as I said.. :D Only if 'out of thin air'. If it's not too much trouble, even in cases like these.

Here be fresh blogpost, with screencaps, in French. :D
 

My Computer

Computer Manufacturer/Model Number
Asus N73SV
OS
Windows 7 x64 Ultimate SP1
CPU
Core i7-2630QM
Motherboard
Intel HM 65
Memory
6 GB DDR3
Graphics Card(s)
Nvidia GT 540M / Intel HD 3000 - Optimus switching
Sound Card
HD Audio (Intel Azalia/Realtek) ALC269
Monitor(s) Displays
LED flat panel
Screen Resolution
1920 x 1080
Hard Drives
2x Seagate Momentus 640 GB - 1,28 TB in total
Internet Speed
4 MB/256 kbps
Other Info
External HDs

WD Elements 1,5 TB
WD MyBook 500 GB
Lemur said:
Teerex said:
Nope, these are a result of social engineering. It fools the user into thinking they must click on something. In the case of the rogue MSE, even savvy users might be tempted to click on the "x" to close it out. But that will also install the virus or malware.
Click to expand...

Nice point. That's why it's also equally important not to just arbitrarily click "OK" on things, even if you think it's safe, it doesn't hurt to have a second look before that final click.

I tend to scan stuff I download before installing, even though it has been scanned during the download process. You never know. And as pointed out, even savvy users can get got.
Click to expand...
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built by me.
OS
Windows 10 Pro
CPU
Intel Core i7-4770K (3.5Ghz)
Motherboard
Gigabyte G1 Sniper 5 (F10 Bios)
Memory
32 gig Corsair Dominator Platinum (4x8Gig)
Graphics Card(s)
Sapphire Tri-X R9 Fury
Sound Card
Soundblaster ZXR
Monitor(s) Displays
NEC PA242W 24" LCD Monitor
Screen Resolution
1920 x 1200
Hard Drives
Primary - Samsung 850 Pro (512gig), Samsung 840 Pro (256gig), 2TB WD Caviar Black.
PSU
EVGA Supernova 1000 G2
Case
Cooler Master HAF X
Cooling
Corsair H100i with Corsair Air Series SP120 Quiet Fans
Keyboard
Logitech Wireless Wave
Mouse
Logitech Performance MX
Internet Speed
High Speed Cable
Antivirus
Norton Security
Browser
IE11
Other Info
Memory Timings - 1866MHz @ 9-9-9-27-1T @ 1.5 volts
I saw something similar to this. I was browsing Google Images for *Nix desktops and one of the pages was a re-direct. It ran an animated gif that looked exactly like MSE and threw up a pop-up prompting me to download a scanner for my computer. I have delt with these in the past so I knew it was a scam. I force-closed all windows and scanned with Malware-Bytes and MSE and found nothing. I am glad I didn't click on it.

All from just browsing google images.....

Be careful out there friends!

And good luck to you mdcyclist and Richy1204.

I always have two programs hotkeyed and ready for use. They are not for removal of malware, but can free up resources quickly or stop programs from running while trying to get rid of the threat.

Autoruns (for list of all programs and files running at startup):
Autoruns for Windows


Process Explorer (for list of all programs and files currently running in realtime):
Process Explorer
 
Last edited:

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
ASUS G60-RBBX05
OS
Win7 Home Premium 64x
CPU
Intel Core 2 Duo P7450 / 2.13 GHz (2.29 with Extreme Turbo)
Memory
4 GB PC-6400 Hyundai (2X2) at 800Mhz
Graphics Card(s)
NVIDIA GeForce GTX 260M 1GB DDR3 VRAM
Monitor(s) Displays
16" LED Backlit
Screen Resolution
1366 x 768 on laptop 1600x1050 max res on 22" external mon
Hard Drives
OCZ Agility 3 60GB SSD / 320 GB - Serial ATA-150 - 7200 rpm
PSU
6-cell Lithium ion { lasts 1.5 hours }
Case
ASUS G60 Laptop
Keyboard
Chicklet type back-lit (white light) keyboard
Mouse
Logitech G9 Laser Mouse 3200dpi and 1000 reports per minute
Internet Speed
Comcast 8.60mb/s up - 3.11mb/s down
Antivirus
MSE
Browser
Firefox
Other Info
General mid-budget gaming Comp. Low batterylife - High FrameRates - currently overheating problems :(

2nd Rig: Case: Rosewill BLACKHAWK Gaming ATX Mid Tower Computer Case

Mobo: GIGABYTE GA-990FXA-UD3
CPU: AMD FX-6200 Zambezi 3.8GHz (4.1GHz Turbo)
Heatsink: COOLER MASTER V8 CPU Cooler
RAM: Patriot Viper 3 8GB (2 x 4GB) 240-Pin DDR3 SDRAM 1866 (PC3 15000)
GPU: SAPPHIRE Radeon HD 6850 1GB 2
You must log in or register to reply here.
Back
Top