Microsoft has issued a severe threat warning (opens in new tab) about a new virus posing as a Windows Security Essentials installer. The malware displays a bogus blue screen of death with a ‘technical support’ phone number.
Callers could be tricked into downloading additional viruses and malware, or the scammer could demand an immediate payment to ‘fix’ the problem (which doesn’t exist).
The warning comes just days after Microsoft released the results of a survey in which two-thirds of respondents reported falling victim to a tech support scam.
The malware, named Hicurdismos, downloads a file named setup.exe with an icon similar to the genuine Security Essentials castle. When run, it hides the mouse pointer to make you think your PC has stopped responding. It also disables the task manager so you can’t close it. The blue error message is actually just an image displayed across the entire screen.
Real Windows error messages never include phone numbers, and fatal errors (which produce the infamous blue screen) can usually be resolved with a simple reboot. Hicurdismos adds itself to Windows’ list of startup programs, so it appears again when you restart your machine.
As with any malware, the first line of defence against Hiscurdismos is caution – only download software from trusted sources, and keep an eye out for programs and shortcuts that appear unexpectedly. You should also use an antivirus tool that receives automatic updates and offers real-time protection, like Windows Defender (opens in new tab) or Avira Free Antivirus, which will detect and remove new threats as soon as they’re discovered.
If your PC has already been compromised, you’ll need a bootable security tool that runs before Windows starts. Kaspersky Rescue Disk (opens in new tab) and Avira Rescue System (opens in new tab) are good options, but note that you’ll need to use an uninfected PC to burn them to a CD or copy them to a USB stick before you can boot from them.