I prefer to use Linux as my OS with a Windows VM for those things that I can't live without (i.e. MS Office, if I didn't have to share files with others, I'd make due with Google Docs or Open Office.). Lately, I've been using a Mac, not because I'm an Apple fan boy or hipster, but because it offered the best of both worlds, a UNIX command prompt and a local MS Office application.
Recently, I identified found a virus on a Windows laptop and set about the removal process. Normally, that's just format and re-install just to be sure (Nuke it from space, it's the only way to be sure...) That didn't work this time, which meant the virus had infected the MBR. I removed the drive and destroyed the partition map, created a new map, created the file system, destroyed and recreated the partition map and left the drive un-formatted from a Mac.
The virus reappeared immediately after the fresh installation, off the the network. Since the battery and power were removed from the laptop, it wasn't because it was resident in memory, thus, I'm thinking it's a BIOS virus, or some other non-volatile memory on the laptop. I'll flash the bios next...
The kicker it infected a fully patched Windows 7 64bit system with fully updated SEP 11 A/V installed. I suspect it was IE (the user used IE, but not anymore) with an unpatched flash, but I'm not sure. The virus identified was Simfraud-C.generic by Malwarebytes and Spybot S&D (and missed by SEP 11), however, all information I gleamed didn't indicate it would have behave the way this one did. I suspect some other nefarious bug...
...8 hours and $800 later (wife needed to work and a new laptop was in order), I realize that I sure do love Linux and when I can't get that, Mac OS X.
1 comments:
...and the new HP laptop had a hardware problem...had to replace with a Toshiba as HP apparently discontinued that line. Restore data and applications part duex!
Thank you Mozy for a 2nd time! I'm still going to do a local backup this time.
Post a Comment