Today when I loged into “msn” I saw a girl with the name “virus infection HELP”… (well it was Swedish, but thats my translation) ;D I could tell that she was infected also, by noticing how she sent me a malicious link…
The funny thing was that I asked her what she had done to fight this “infection”… She said: “I just downloaded Comodo antivirus and are doing a system scan”… (good girl) +1 to her… :a0
I said that that is a good start and asked if she had installed D+ and the firewall as well… “I don’t know what D+ is” she said. But I figured out she had installed the firewall… So I knew D+ was there also… 88)
I asked, Did it find anything… yes she had removed 12 objects that was found by CAVS… Still however I got links from her MSN to a malicious site… so I realized her comp can’t be clean… and she confirmed this and told me that the comp was acting slow… So I asked her to check active processes with D+ and use the terminate and block… After going throught the list of active processes her sending links stopped…
I told her to ask me of every application that was not from M$… She did…
fxsteller.exe was one file that poped up… Maby thats something to add to the CAVS database?
Anyway… I guided her through disabling services also… and msconfig… Found something there as well (always some unnecessary junk starting…)
She then said her comp was feeling good again… I however told her to download SAS and A2… and she started a scan with those as well… and loged out…
Maby after that I will show her how to use CSC as well… =) I bet there is a lot of junk still left to be cleansed.
Still I think this shows CIS has some usability to work on still… If it was not for me then she would most likely still have a infected comp… But it was fun news she found comodo by her self! :-TU :-TU