In the past week alone, I have cleaned more computers infected with fake or “rogue” anti-virus programs, than I have in the first half of 2009. These programs sneak onto your computer with misinformation and, in some cases, are known to cause havoc. After the fake anti-virus shows you a list of fake infections, it then asks you to register the program in order to remove them. Registration of course, includes a payment typically around $40-$50. These people are scamming for billions of $$$.
The only times I have actually caught these infections BEFORE they were installed, they seemed to always come in an email claiming to be either a Windows Update, Internet Explorer Update, or a Flash Update. Needless to say, these legit programs will NEVER send updates in a lowly email.
Although now, it seems these fake anti-virus programs are also spreading through various forms of scare tactics that lead users to misinformation websites encouraging the use of these programs. My golden rule to you would be… Be wary of any program that you have never heard of that asks you for money.
It was interesting to see on some of these infections that the fake anti-virus had completely re-written the Security Center in Windows. It had all the same fonts/icons/sizes that I almost got fooled for a second until I read the security recommendations under each section that directed the infected user to register their copy of the program in order to be protected.
Once infected, the cure is usually not too painful for the tech savvy of us. Download the most recent version of Malwarebytes from a clean, uninfected computer. Rename mbam-setup.exe to some new random name. Copy over to the infected computer via CDR or USB drive. Install, run, and remove the infections.