Fake Windows Defender (also known as Windows Defender Malicious Software Prevention Scam), is a type of malicious scam file that can infect users through downloads. Once downloaded, it will pop up every single time the user starts up their computer, and possibly lock the computer as well as Task Manager.
Product Key ScamEdit
This type of scam covers the whole screen blue with some information. On the first page, it tells the user what country the user is from and what computer the user is using. Once pressing next, It will ask the user for the product key. If the user answers in the user's product key, There will be a chance that it will get encrypted and the user's computer will be filled with more malware.
There may also be a fake Blue Screen of Death version of this, which generates a fake Blue Screen of Death, in an attempt to fool the user.
- First, boot into Safe Mode with Networking.
- Download RKill to terminate malicious processes. Do not restart the computer, as this will start the processes again.
- After RKill finishes, download Malwarebytes, turn on Scan for Rootkits, and run a Threat Scan. Restart after the scan, by now, the computer may likely be secured.
- Should the user still be skeptical about malware, they can download HitManPro and scan for malware, to delete any remaining malware.