Fake Microsoft Antivirus Alert

The fake Microsoft Antivirus alert is a fraudulent pop-up warning that's created by malicious ads and websites, usually for the sake of confusing the PC user into downloading rogue security software. While the fake Microsoft Antivirus alert's methodology would work for most types of scamware, SpywareRemove.com malware researchers especially associate the fake Microsoft Antivirus alert with rogue anti-malware scanners from the Winwebsec family, which is known for creating fake anti-malware alerts, changing your desktop and blocking other programs while claiming that they've been compromised. Because software installed through a fake Microsoft Antivirus alert is dangerous to your PC and doesn't offer any real anti-virus features, deleting fake Microsoft Antivirus alert-related scamware with a legitimate anti-malware program always is the correct choice to make.

The Crooks Who Profit from Putting Words in Microsoft's Mouth

A fake Microsoft Antivirus alert easily is identified as distinct from any type of legitimate anti-virus warning due to its poor English content, using such unprofessional phrasing as 'the system breakage' and vague alerts like 'critical process activity.' Legitimate anti-malware products, both from Microsoft and other companies, can be trusted to use more accurate and grammatically correct terminology than a fake Microsoft Antivirus alert, which appears as a result of your browser's exposure to a malicious (or potentially, simply hacked) advertisement or website.

The fake Microsoft Antivirus alert is nothing more than an infection vector for any number of Winwebsec variants, which will attempt to install themselves after you click on the fake Microsoft Antivirus alert under the pretense of updating your PC with security software. Some of the brand names in this family that SpywareRemove.com malware researchers are familiar with include System Tool, Security Tool, System Care Antivirus, Personal Shield Pro, Essential Cleaner, System Progressive Protection and (as a recent addition) System Doctor 2014.

While the brand names of scamware peddled by fake Microsoft Antivirus alerts are diverse, their attacks always come down to two major traits:

• Displaying fake warning messages about the presence of malicious software infecting your computer in huge quantities. These warnings often are formatted as system scans from the Winwebsec variant itself, fake pop-ups that supposedly originate from other applications or even fake desktop wallpaper alerts.
• Blocking other programs that aren't essential to using Windows (since Winwebsec scamware programs are limited to Windows in terms of OS compatibility). While doing so, they may create desktop alerts informing you that any blocked programs have been infected and that you must update your security software.

Getting Fake Software of Your Computer with the Software It's Trying to Imitate

The main drive behind any rogue anti-virus program, including both those installed by a fake Microsoft Antivirus alert and those installed through another method, is to force victims to give up money and personal information by making them purchase the fraudulent software. This usually is explained as a form of software registration that seemingly will allow all detected PC threats to be removed. However, since members of Winwebsec don't have any real malware-detecting features, you never should purchase their software in the first place.

Any contact with fake Microsoft Antivirus alert through any means whatsoever should be considered a prompt to double-check your PC's security. Anti-malware scans, ideally, should be able to delete the fake Microsoft Antivirus alert's payload before it's installed, but if you are dealing with a fake anti-malware program that's blocking most of your software, you can disable it with such standard security tactics as booting in Safe Mode or booting from a peripheral hard drive.

Technical Details