Published May 07, 2013|Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: No associated aliases


Win32/FakeDef is a family of rogues that displays fake warnings of "malicious programs and viruses", and tells you that they need to pay money to register the software to remove these non-existent threats.

FakeDef uses a number of different aliases, depending on what operating system you are using; below is a list of the names we have observed in the wild:

  • Vista Defender
  • Win Defender
  • Win Server Defender
  • Win7 Defender
  • XP Defender