On December 2nd of last year, I wrote about a family of computer parasites going by the names MS AntiVirus 2009, MS AntiVirus XP, etc. A number of my clients had close encounters with this pest and it wasn't kind. Some had been duped and offered it their credit card in a frustrated attempt to get their computer back. In all of these cases, the fix was bogus. Some of my readers took the time to offer stories of their experiences with it and solutions that they have found to remove it. You can see their comments here: http://www.consideritfixed.com/2008/12/insidious-ms-an.html.
Since I originally wrote about MS AntiVirus, I have had more opportunities to spend time with it. Here are some of the things that I have learned.
- When you first see signs that this parasite is on your computer, don't interact with it. Simply stop what you are doing and run system restore to an earlier date. Next, download Microsoft's Windows Malicious Software Removal Tool (http://www.microsoft.com/security/malwareremove/default.mspx) or Malwarebytes Anti-Malware (http://www.malwarebytes.org and run them. You should be OK.
- If you interact with it, it will install into your system and begin to cause problems. I have found that it can do several things including disabling the tools that computer repair techs use to fix computers. For example, it will delete all system restore points so that you can not run system restore. I have seen it disable the menu system so that the run command and control panel appear unavailable. In these cases, I believe that it is better to remove any user data from the PC, format the hard drive, reinstall the operating system and replace the data. One specific procedural note. Make sure that the new install has modern virus protection in place before putting the user data on it. Also, run either Microsoft 's Windows Malicious Software Removal Tool or Malwarebytes Anti-Malware on the new configuration to ensure that the parasite hasn't hitchhiked.
- If you were duped by it and gave it your credit card, call your credit card company and report the exploit to them. I also recommend that you cancel your credit card.
- When in doubt, take a more conservative approach with this parasite. While some malware tools appear to remove it, it's unclear as to whether it has left any 'back doors' open into your system for further exploits. So, in my view, a full format and reinstall is the only way to insure a successful removal.
Please keep posting information about this family of parasites here so that we can collectively help others who are infected.
Contact Info: email@example.com
Computer repair in West Hartford, Computer repair in Avon, Computer repair in Simsbury, Computer repair in Farmington, Computer repair in Newington, Computer repair in Canton, Computer repair in Hartford, Computer repair in Bloomfield, Computer repair in Unionville, Computer repair in Wethsfield, Computer repair in Glastonbury