A friend of mine, who is pretty technical, well he maintains windows drivers for a living, so that sure makes him a hot-shot techy in anyone's book. That friend's laptop caught a nasty virus. In his own words, he was only downloading some power point presentations (ugh), when the miserable closed source proprietary OS he's running (euhm Vista) became infected. He was using Google's chrome browser, so the possibility of having been infected through a browser exploit remains pretty low in my opinion. Especially that Chrome auto-updates itself, thus fixing any potential security holes. My first impression was that he got infected through an exploit in MS Office 2007 (yuck). Anyway, with me trying to help him clean up the laptop, we tried the following
- Tried installing Symantec's AV suite. That totally fails to even install. What a piece of crap. Symantec's ware is highly over-rated IMO. I used to really like Norton stuff, back in the days of Norton's DiskDoctor .. those were the days :D
- Tried installing the tried and true MalwareBytes, which did detect and clean a whole bunch of malware, however, much to my surprise, the problem persisted. MalwareBytes is a cool piece of anti-malware, it has worked fantastically for me multiple times, but this time it wasn't enough!
- Having wasted a couple of hours on this already, I wanted to fire some Kaspersky power on the problem. I visited http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk/ and downloaded a Live CD image Burned the iso, and booted!
Now this Live CD is absolutely cool, it's a customized build of Gentoo linux (w00t!) that automagically detected the hardware, connected to the network, started an X server, launched a customized icewm environment with Kaspersky's "K" logo as the "start" button down below. I was impressed, and through that GUI I could launch Kaspersky's AntiVirus tool.
The first thing it did was to auto-update itself over the internet. Most definitely needed. Afterwards it located and mounted all Windows NTFS partitions, and I was presented with options to scan them. I chose to scan the c: drive. Scan has begun, the scan tool sports a nice looking GUI, although it can be a bit confusing. Anyway scanning has started churning on the hard-disk. It was a bit slow, took around 3 hours for a 100G c: drive!
But I'll sure take slow and reliable over anything else every time! At the end, Kaspersky has located hundreds of infected executable files. I chose to disinfect them. It started disinfection one by one. This took around 20 minutes or so as well. Rebooting after that, windows came up finally clean
All in all, Kaspersky proved to be a reliable tool. Kudos to their team for providing a top notch Linux based Live CD for free, that updates itself and provides adequate disinfection for free. Thank you Kaspersky. I will surely recommend you guys in the future. This is one AntiVirus tool I will be sure to remember, when a friend comes knocking on my door. Note however, that they're not the only game in town, others like Avira, and BitDefender and others as well offer Live CD "rescue-disks" as they are called. Hope this post helps anyone out there.