Virus, ho!

I've been building my own PCs for the last five years. I'm a gamer and I take pride in the overclocked speed and red-LED sexiness of my rig. In my old Windows XP builds, I used AVG, a popular free anti-virus. I used it because it was a) free, and b) light. It caused some conflicts with other programs, so when I upgraded to Vista, I literally didn't even bother with anti-virus software. I stuck with Windows Defender – Microsoft's built-in anti-spyware program – and that was all. After upgrading to Windows 7, I eventually decided that an anti-virus was probably a good idea. So I went back to AVG, since I'd used it before.

But after a while I noticed that AVG seemed to be hogging more resources and behaving more strangely than it had in the past. So I uninstalled it and opted for Microsoft Security Essentials. It's light and free, and from the same guys who made my OS.

The next day (yesterday), I was re-installing my OS after being infected with a virus for the first time ever. And it was a nasty one.

I was browsing the Huffington Post when the Java icon popped up in my toolbar. My hard drive was cranking and crunching. I figured it was just a normal Java auto-update. The hard drive cranking continued, so I clicked my toolbar to see if maybe MSE was updating. To my surprise, the MSE logo was gone. Moments later, it was replaced by a shield-like icon, and I started getting warnings that my PC was infected. I was supposed to click on the warnings to activate my anti-virus protection. Ha! Yeah, right. I might have been born, but I wasn't born yesterday. In fact, in my experience, most people get viruses on perfectly well-protect PCs because they click on scareware. But even though I didn't fall for it and let the virus do further damage, it had already managed to block MSE.

I could access MSE in Safe Mode, but its scans were ineffective (it detected a trojan, but couldn't quarantine it), and I couldn't re-activate real-time protection. I tried to install AVG, but the virus blocked the installation, and an attempt to install AVG in Safe Mode failed. After a couple hours, it was clear that this was no rookie virus. This virus had targeted MSE and embedded itself deep in my computer. I couldn't use my browser (it re-directed me to spam websites), activate Windows Defender or install another anti-virus.

Absent any clear options and without the ability to search for solutions, I reinstalled Windows. Fortunately I keep backups, and Windows 7 keeps your old files in a "Windows.old" folder, so I didn't lose any data. I have however had to reinstall all my programs, re-download some games, and re-apply my performance tweaks. It was a pain in the ass, but I'm in the clear now. I reinstalled AVG, because I like its ability to identify and block browser-based threats. I've done some tweaking to the options to keep performance lean.

So after five years, I got my first virus, literally one day after installing Microsoft Security Essentials. And my only crime? Surfing the web. There's clearly a problem with anti-virus software. The MSE definitions had been auto-updated less than 24 hours prior to the infection. Anti-virus programs are like a door: the thicker the door, the better the protection, but that also makes the door heavier and harder to open. To ensure constant protection would require an unrealistic level of performance degradation. And the reality is that hackers work so quickly these days that all anti-virus makers can do is attempt to keep up, and release definitions as quickly as possible. Unfortunately, definitions are often released after people are infected. We have to be careful not to be lulled into a false sense of safety.

As to how exactly I got the virus, I'm not sure. The Java exploit may have been embedded in the page at Huffpo (even in an ad), or I may have inadvertently clicked on an infected link. Suffice to say, MSE is out to pasture.

Comments

Popular Posts