There is a Microsoft Windows Scam troubleshooter app being distributed through a cracked software installer that is infecting Microsoft Windows machines.

Instead of troubleshooting, the app states that “Windows has encountered an unexpected error” and the computer is “missing .dll registry files resulting in computer failure.” Victims are encouraged to click “next” to diagnose and troubleshoot the issue.

Once the victim does that, they’re led to a screen that lists false problems and says the troubleshoot couldn’t fix the issue. But the message says it can be resolved by clicking a “Recommended” link to “Buy Windows Defender Essentials.” Selecting this leads to a page that encourages victims to send $25 to the scammer’s PayPal account.

A browser-based screen locker goes away after the money is paid.

“This is a scam, and we recommend users follow advice on how to protect themselves against similar tech support scams in our April 3 and November 20 security blogs,” a Microsoft representative said.

Victims can “trick” the program into shutting down: once they reach the PayPal purchase screen, they can hit Ctrl+O to open a dialogue box, and then enter http://hitechnovation.com/thankyou.txt. This makes the program think they’ve paid the $25, and it shuts down.

Removal instructions for Troubleshooter are available on Malwarebytes.

Go to Malwarebytes for instructions on removing this virus now!

About Author: Jenna Whitmore is an IT consultant and U.S. Army Veteran. Her experience includes, computer networks, wireless networks, security and cloud solutions. Jenna is certified on Cisco, Extreme routing network equipment. She has worked as a network system engineer and IT consultant for over 20 years. Contact ZOBOLT: 206-219-3060