I stupidely ran the fake “Chrome Font Pack” mentioned in this article:
But actually, my files seem OK. The only issue is the “All your work and personal files were encrypted” page that pops up when I open Chrome. Maybe CIS stopped Spora before it did anything serious.
I’m currently running CIS 220.127.116.1165 and its virus DB is up-to-date.
Does Comodo provide a way to remove all traces of Spora, or should I go ahead and install other solutions such as those from Kaspersky?
Edit: Installed and ran Kaspersky Virus Removal Tool… which found nothing.
Still, when I stop/restart Google Chrome, it displays this page :-/
Thanks for the link.
After performing a full scan over four hours, Comodo Cleaning Essentials only found six threats, five of which I knew about (OpenCandy adware in some installers), but it did point out one new threat:
“Abnormal System Settings
Actually, the hosts file was edited by Yours Truly, but CCE couldn’t know that, and proceeded by making a backup copy and commenting out every line in the hosts file.
Next, I told CCE to reboot to complete the scan.
After rebooting, CCE started again, and displayed the malware it detected, which I removed by clicking on the Tools menu and hitting Delete.
For some reason, CCE isn’t listed in Control Panel > Programs, so can’t uninstall it. I hope it won’t interfer with CIS which I already had.
Launching Google Chrome no longer displays the Spora page, although it might be because I deleted some files in Windows’ Temp directory.
Either I got lucky, CIS did its job to stop Spora before it went to work, or maybe Google Chrome has some protection against malware.
Cleaning Essentials is great removal tool :-TU Maybe you should consider another malware scanner to be sure yourself.