There are not many people who are fond of Microsoft’s new Windows Genuine Advantage Notification Tool but there is obviously someone that really despises it. A new virus that is in the wild will pose as Microsoft’s WGA Notifier. It will run as a service named “wgavn” and describes itself as “Windows Genuine Advantage Validation Notification”.
The Virus is currently being passed through AIM via an instant message from an unknown sender. The message will contain a link and if you click on it, well, you should go crawl in a corner. It will disable your Windows Firewall and open a backdoor for future attacks. If you try to close down the service it will let you know that doing so will cause instability in your system.
Eset, the creators of NOD32 antivirus, rank this one as 1,400 on their threat list. Even though this is not high on the list AIM users should take caution when receiving messages from unknown people, which you shouldn’t have to be told that :D .