Similar to previous tools that Microsoft has made available for such worms as Sasser and Blaster, the Download.Ject Payload Detection and Removal Tool is available free of charge from company's Web site. It's petite, just 118 Kbytes in size.
The tool sniffs for the Trojan Berbew--the payload that Download.Ject injected onto users' PCs via vulnerabilities in Internet Explorer--and deletes them.
While the original attack was relatively mild in comparison with, say, Sasser or even Mydoom, Microsoft put some scary language into the online description of the tool.
"When this Trojan Horse runs on the user's computer, it may perform several actions, including monitoring Internet access to capture sensitive information such as logon names and passwords, or opening fake dialog boxes that prompt the user to enter confidential information such as ATM card codes, credit-card numbers, or other confidential information," Microsoft said on the site.
Tools of this ilk have been very popular with users, who have downloaded millions of copies from the Microsoft site. Since the Blaster cleaner was released in January, some 40 million customers have used the tools, said Microsoft.
The cleaner is the latest effort by Microsoft to put the attack behind it. On July 2, the company posted a Critical update to Windows which disables the ADODB.Stream component, which the hackers used to invisibly plant Trojans on users' PCs.
Even though Microsoft posted a large number of patches on Tuesday, no permanent plug has been issued for the hole used by the attack.