Windows "anti-virus"
ColinToday I was asked to look at a computer that was claiming to be infested by viruses following clicking on a link from facebook. This was of course a Windows situation, so I was unsure how much help I could be given how long it's been since I had to use Windows.
Anyway, I booted up the computer which swapped incessantly due to the low memory it had, but also due to whatever malware was at play. So eventually windows booted up, launched Internet Explorer which was already suspicious, and the systray showed a flashing shield. It didn't take me too long to work out that the window full of virus reports was bogus. Eventually I killed all the running crap in the task manager (ctrl-alt-del) then loading the task manager to start closing various applications. I also closed the "WAV" and suspicious "cmd" processes that were taking much of the CPU and had no good reason to be running.
After that, I nuked the contents of "C:\Program Files\WAV" suspecting that to be the problem, and for good measure ran the registry editor (Start, Run, type regedit and hit enter) and searched for occurrences of WAV that pertained to this stuff and nuked them. That is, of course, not for the unwary. When I restarted all was well and the problem was gone. Well, I removed the shortcut on the desktop for the now non-existant WAV. I'm putting this here so it can be forwarded to a few other victims.
Friends shouldn't let friends run Windows. I know...
