What is Windows Security Alert scam? And how does it function?
Windows Security Alert scam is a new tech support scam but unlike common ones that are displayed on browsers, this one is even more malicious as it locks an infected computer, making it hard for users to access their computers. This tech support scam scares users by locking their computer and making them think that their Windows license key has been revoked and that their computer is blocked due to “unauthorized access from an illegal IP address”.
Once this malware invades your computer, it will quickly make changes in the system. It modifies the Windows Registry in order to lock your computer. After it succeeds in executing its attack, your computer’s screen will be locked and you’ll see the following message:
License Key Revoked
Windows Blocked due to unauthorised access from an illegal IP Address
Critical Update Required, Antivirus Not responding
Error Code 1. 0x0803f7001
Provide your Installation ID CLICK HERE to get your Installation ID
Enter your 25 Digits products key below
Connect To Support
The main goal of this tech support scam is to pressure users into calling the phone number (1-844-313-6006) provided which will supposedly redirect users to the tech support team from AVG. Cyber crooks want victims to believe that the only way to regain access to the locked computer is by calling the number. However doing so is certainly not recommended as the tech support behind this number are actually fake ones. You might also unknowingly grant these crooks remote access to your computer which could lead to another problem. Thus, you must not call the fake tech support number no matter what.
How does Windows Security Alert scam circulate the web?
Windows Security Alert scam may circulate the web in freeware and shareware packages that are found on free sharing websites. This malware might be bundled with other programs in a software package so make sure that when you install any freeware or shareware, use the Advanced or Custom setup instead of the quick one.
You should ignore this troublesome alert and proceed in removing the malware from your computer before it gets worse. To remove Windows Security Alert scam, refer to the removal guide below.
Step 1: Unlock your screen by typing “00000-Z0006-000B1-00000-000N0” into the unlock box and then click on the Submit button.
Step 2: After that, open the Windows Task Manager by pressing Ctrl + Shift + Esc at the same time. Proceed to the Processes tab and look for suspicious processes that can be related to the Windows Security Alert scam.
Step 3: Close the Task Manager and reset all the affected browsers to default.
- Open Internet Explorer.
- Tap Alt + T and select Internet options.
- Click the General tab and then overwrite the URL under the homepage section.
- Click OK to save the changes.
- Now switch to the Advanced tab and click the Reset button.
- Then check the box for “Delete personal settings” and then click Reset again.
- Launch Google Chrome, press Alt + F, move to More tools, and click Extensions.
- Look for any other unwanted add-ons, click the Recycle Bin button, and choose Remove.
- Restart Google Chrome, then tap Alt + F, and select Settings.
- Navigate to the On Startup section at the bottom.
- Click on Advanced.
- After that, click the Reset button to reset Google Chrome.
- Open the browser and tap Ctrl + Shift + A to access the Add-ons Manager.
- In the Extensions menu Remove the unwanted extension.
- Restart the browser and tap keys Alt + T.
- Select Options and then move to the General menu.
- Overwrite the URL in the Home Page section.
- Tap Alt + H to access Help.
- Next, select “Troubleshooting information” and click “Refresh Firefox” at the top of the page.
- Now click “Refresh Firefox” again to confirm the reset.
Step 4: Tap the Win + R keys to open Run and then type in appwiz.cpl to open Control Panel to uninstall the adware program behind the fake alert.
Step 5: Look for the adware program or any unfamiliar program under the list of installed programs and once you’ve found it, uninstall it.
Step 6: Close the Control Panel and tap the Win + E keys to open File Explorer.
Step 7: Navigate to the following directories and look for the malware behind the Windows Security Alert scam as well as other suspicious files and delete them.
Step 8: Close the File Explorer.
Before you proceed to the next steps below, make sure that you are tech savvy enough to the point where you know exactly how to use and navigate your computer’s Registry. Keep in mind that any changes you make will highly impact your computer. To save you the trouble and time, you can just use [product-name] this system tool is proven to be safe and excellent enough that hackers won’t be able to hack into it. But if you can manage Windows Registry well, then by all means go on to the next steps.
Step 9: Tap Win + R to open Run and then type in regedit in the field and tap enter to pull up Windows Registry.
Step 10: Navigate to the paths listed below and delete all the registry values added by malware behind the Windows Security Alert scam.
- HKEY_CURRENT_USER\Control Panel\Desktop\
- HKEY_USERS\.DEFAULT\Control Panel\Desktop\
Step 11: Exit the Registry Editor and edit your Hosts File.
- Tap the Win + R keys to open then type in %WinDir% and then click OK.
- Go to System32/drivers/etc.
- Open the hosts file using Notepad.
- Delete all the entries that may seem suspicious.
- After that, save the changes you’ve made and close the file.
Step 12: Now you have to flush the DNS cache of your computer. To do so, right click on the Start button and click on Command Prompt (administrator). From there, type the “ipconfig /flushdns” command and hit Enter to flush the DNS.
Step 11: After that, close Command Prompt and empty your Recycle Bin.
To make sure Windows Security Alert scam is completely deleted as well as the malware program behind it, you need to use an efficient program like [product-name]. To use it, follow the advanced steps below:
Perform a full system scan using [product-code]. To do so, follow these steps:
- Turn on your computer. If it’s already on, you have to reboot it.
- After that, the BIOS screen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.
- To navigate the Advanced Option use the arrow keys and select Safe Mode with Networking then hit
- Windows will now load the Safe Mode with Networking.
- Press and hold both R key and Windows key.
- If done correctly, the Windows Run Box will show up.
- Type in the URL address, [product-url] in the Run dialog box and then tap Enter or click OK.
- After that, it will download the program. Wait for the download to finish and then open the launcher to install the program.
- Once the installation process is completed, run [product-code] to perform a full system scan.
- After the scan is completed click the “Fix, Clean & Optimize Now” button.