Clever Scam Lures Even Smart Microsoft Users to Pay $25 for Fake ‘Windows Defender Essentials’

But you can fool the malware into thinking you paid.

Share on
BY Minda Zetlin - 01 Dec 2017

?Clever Scam Lures Even Smart Microsoft Users to Pay $25 for Fake 'Windows Defender Essentials'

PHOTO CREDIT: Getty Images

There are some very clever malware scams out there, but a newly discovered one named "Troubleshooter" targeting Windows users is the best one I've seen in a long time. It's extremely easy to fall for so don't be fooled.

The trouble begins with something that appears to most seasoned Windows users, the so-called "blue screen of death" in which your entire screen turns blue and you see text telling you that your operating system has crashed. In this case, the text says: "A problem has been detected and Windows has been shut down to prevent damage to your The problem seems to be caused by the following file: SYSTEM32.DLL" However, this is not a genuine blue screen of death, it's an image of a blue screen of death splashed across your monitor. Your is in fact running perfectly normally, (other than the Troubleshooter scam itself).

As might well happen with a genuine Windows malfunction, a screen will then appear informing you that Windows encountered and error and prompting you to click "Next" to diagnose and troubleshoot the problem. If you do click "Next," as many people likely do, the will pretend to perform a scan and then pop up a screen informing you that a whole list of .dll files are "missing or corrupt" and that troubleshooting cannot solve the problem. It then suggests you purchase something called "Windows Defender Essentials" for $25, which might seem to you like a reasonable and quick way to solve the problem.

And it will solve the problem (that was never there in the first place). If you click "Buy Windows Defender Essentials (Reinc-aseann.commended)" it will take you to a PayPal page where you can pay $25. Once you do, another pretend scan will run, appearing to fix the problem. Curiously, in addition to software that fools you into thinking you have a problem, Troubleshooter also installs two other files, one that take a screen shot of your and another that shows you ads.

"Windows Defender Essentials" is a particularly smart name for a fake security app--doesn't it sound real? That's because Microsoft really does offer two software products called Windows Defender and Security Essentials.

If you encounter this scam, you don't have to pay the $25. There's a relatively simple way to fool the system into thinking that you've paid, described here. That can be handy for regaining control of your since other methods such as Control+Alt+Delete won't work. Once you've regained mastery, you can remove Troubleshooter altogether using Malwarebytes, which you can download for free. Here's a description of how to do it.

Speaking of Malwarebytes, hats off to Malwarebytes engineer Djordje Lukic for discovering Troubleshooter. Apparently users get Troubleshooter in the first place from downloading "cracked" or pirated software. Be warned.

                1. 3787481485 2018-04-20
                2. 6425061484 2018-04-20
                3. 4005541483 2018-04-20
                4. 7835801482 2018-04-20
                5. 9624301481 2018-04-20
                6. 2498271480 2018-04-19
                7. 1138741479 2018-04-19
                8. 9066701478 2018-04-19
                9. 7776321477 2018-04-19
                10. 1276121476 2018-04-19
                11. 8447211475 2018-04-19
                12. 6553861474 2018-04-19
                13. 183401473 2018-04-19
                14. 4196831472 2018-04-18
                15. 384741471 2018-04-18
                16. 4467571470 2018-04-18
                17. 9589191469 2018-04-18
                18. 2807321468 2018-04-18
                19. 3044741467 2018-04-18
                20. 7557051466 2018-04-18
                21. cheap jerseys | wholesale jerseys |