We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Win32/FakeDef
Aliases: No associated aliases
Summary
Win32/FakeDef is a family of rogues that displays fake warnings of "malicious programs and viruses", and tells you that they need to pay money to register the software to remove these non-existent threats.
FakeDef uses a number of different aliases, depending on what operating system you are using; below is a list of the names we have observed in the wild:
- Vista Defender
- Win Defender
- Win Server Defender
- Win7 Defender
- XP Defender
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat: