Persistent Microsoft Defender Subscription Scam Pop-up That Won’t Disappear

BCAdmin

Title: Dealing with Persistent Microsoft Defender Subscription Scam Popups

In recent weeks, many users have reported encountering an alarming issue on their Windows computers: persistent popups claiming that their Windows Defender antivirus has been upgraded to a Pro plan for a whopping $299.00. This aggressive notification claims that a payment will be charged to your credit card on August 26, 2024, which instantly raises red flags about potential scams.

If you find yourself in a similar situation, it’s crucial to remain calm and informed. Here’s a personal account of troubleshooting this annoying pop-up, along with some practical advice.

Understanding the Scam

The message is clearly a scam designed to instill fear and urgency, prompting you to take action that could lead to disclosing sensitive information. However, the real concern is whether your computer has been compromised.

Your Current Situation

After taking every possible preventive measure—uninstalling all browsers and running various scans through Microsoft Defender—it appears that the undesired popup continues to reappear. Even more concerning is the fact that launching this popup seems to trigger PowerShell, a powerful command line interface in Windows.

Unraveling Potential Issues

Upon further investigation, you may have also encountered a mysterious file called conhost.exe located in your system32 folder. While this file is typically legitimate and may not be inherently harmful, the recurring association with the PowerShell process during the popup’s appearance raises some questions.

Steps to Resolve the Issue

Here are several strategies you can employ to address this issue:

  1. Forcefully Close Suspicious Processes: Access the Task Manager (Ctrl + Shift + Esc) and identify any suspicious processes. If you see conhost.exe or any unfamiliar programs running, right-click on them and select “End Task.”

  2. Run an Anti-Malware Scan: In addition to Microsoft Defender, consider using a reputable anti-malware program. Software like Malwarebytes or Avast can help identify hidden threats.

  3. Check Startup Programs: Go to Task Manager, select the ‘Startup’ tab, and disable any programs that look suspicious or you don’t recognize. This can prevent unwanted software from running at boot.

  4. Clear Browser Data: Make sure to clear not just your browsing history but also cookies and cached data from all your browsers. This can help eliminate any remnants of the scam overlay.

  5. Reset Browser Settings: As a last measure, resetting

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *