There are some very clever malware scams out there, but a newly discovered one named Troubleshooter targeting Windows users is the best one I've seen in a long time. It's extremely easy to fall for, so don't be fooled.

The trouble begins with something that appears to most seasoned Windows users, the so-called "blue screen of death" in which your entire screen turns blue and you see text telling you that your operating system has crashed. In this case, the text says: "A problem has been detected and Windows has been shut down to prevent damage to your computer. The problem seems to be caused by the following file: SYSTEM32.DLL" However, this is not a genuine blue screen of death, it's an image of a blue screen of death splashed across your computer monitor. Your computer is in fact running perfectly normally (other than the Troubleshooter scam itself).

As might well happen with a genuine Windows malfunction, a screen will then appear informing you that Windows encountered an error and prompting you to click Next to diagnose and troubleshoot the problem. If you do click Next, as many people likely do, the computer will pretend to perform a scan and then pop up a screen informing you that a whole list of .dll files are "missing or corrupt" and that troubleshooting cannot solve the problem. It then suggests you purchase something called Windows Defender Essentials for $25, which might seem to you like a reasonable and quick way to solve the problem.

And it will solve the problem (that was never there in the first place). If you click Buy Windows Defender Essentials (Recommended), it will take you to a PayPal page where you can pay $25. Once you do, another pretend scan will run, appearing to fix the problem. Curiously, in addition to software that fools you into thinking you have a problem, Troubleshooter also installs two other files, one that takes a screenshot of your computer and another that shows you ads.

Windows Defender Essentials is a particularly smart name for a fake security app--doesn't it sound real? That's because Microsoft really does offer two software products called Windows Defender and Security Essentials. 

If you encounter this scam, you don't have to pay the $25. There's a relatively simple way to fool the system into thinking that you've paid, described here. That can be handy for regaining control of your computer, since other methods such as Control+Alt+Delete won't work. Once you've regained mastery, you can remove Troubleshooter altogether using Malwarebytes, which you can download for free. Here's a description of how to do it

Speaking of Malwarebytes, hats off to Malwarebytes engineer Djordje Lukic for discovering Troubleshooter. Apparently, users get Troubleshooter in the first place from downloading "cracked" or pirated software. Be warned.

Published on: Nov 30, 2017
Like this column? Sign up to subscribe to email alerts and you'll never miss a post.
The opinions expressed here by Inc.com columnists are their own, not those of Inc.com.