Microsoft recently reported that their Malicious Software Removal Tool (MSRT), which was included in Windows Updates on December 9, 2008, has now removed over 400,000 copies of the nefarious “Antivirus 2009”.
An Arlington, VA client was recently infected by that Antivirus 2009 malware. It has been the most pernicious malware that I have seen recently, as most users can be tricked into installing it. Many fake sites exist that you might find during a normal web search. The sites appear to be a standard Windows Control Panel page which pretends to search for and find viruses. If you click “Ok” or “Remove All” you will be infected.
It will eventually take away all administrative rights from you and ask for your credit card to update and remove the viruses. Of course, it never removes anything, but instead gives your credit card info to the bad guys to use as they wish. Your computer is also a zombie ready to do whatever they ask of it.
The problem is that the dialog boxes and alerts look just like legitimate ones that might appear from Microsoft. See the fake Antivirus 2009 alert above.
I mentioned another variant of this malware called Antivirus XP 2008 in an earlier post.
While there are other tools you could use, Microsoft’s Malicious Software Removal Tool (MSRT) is a real solution that will remove and protect the computer from this Malware. It is available as a critical update from Microsoft.
It is not always apparent how to run Microsoft’s Malicious Software Removal Tool (MSRT). If you have it installed, you can just go to Start – Run and they type mrt