Outbreak: or How I Learned to Start Worrying and Love Anti-Virus Software -- Media Mixtape

win7security2012

Remember how I was saying my life is insanely boring 99% of the time? Well, last week was a good example of that. I spent the better part of my evenings fighting with a nasty virus that managed to infect the computer we use for recording the podcast. Yeah, it was pretty annoying given that I had just recently reformatted that computer, installed a new solid state drive and put Windows 7 on it so that we could eliminate the random skipping problems we started having ever since we switched to a USB mixer. In order to optimize performance, I thought that I would also forgo anti-virus software since I wasn’t going to use the computer for anything other than recording and editing the podcast anyway. That turned out to be a pretty stupid move.

While I was editing last week’s episode, I suddenly received a prompt asking for my permission to update something on the computer. It looked like an Adobe Flash update… nothing out of the ordinary. I am now pretty sure that this is where all my troubles started, however. Soon afterward I had a message informing me that my machine had been infected and that a program called Win 7 Security 2012 wanted to help me clean it. A few clicks later, I found myself on a website asking me to buy the full version of Win 7 Security 2012 for $59.99. That’s when I clued in that no official Windows software would call itself “Win 7″ and that I had just been screwed.

It didn’t take long for the virus to work its way into every nook and cranny of Windows. I couldn’t open a website in Firefox or launch a program without it popping up Win 7 Security prompts, and it kept blocking my attempts to install anti-virus software. After a little bit of investigation on Google, I pinpointed some of the registry changes that the virus had made, and I was able to clean them out, reboot and install Avira, my free anti-virus software of choice. It seemed to clean up most of the issues. I finished editing the podcast and thought I was good to go. I did one last virus scan that required a reboot, which is when I found myself staring at the blue screen of death. The message said, “The program can’t start because %hs is missing.”

My computer was stuck in an infinite boot cycle and would not start in safe mode either. Windows Startup Repair could not fix the problem. I had no system restore points to rollback to. I tried to repair my Windows install from the CD but apparently that option is not available using Windows 7 Upgrade. I tried running some anti-virus software from a boot disk. None of it helped. Basically, there was a DLL or some other system file that had been deleted by the anti-virus software and needed to be restored, but I had no way of knowing what file that was.

I spent an evening going over various registry settings, trying to find any remaining reference to the virus. Nothing. I went over the Avira logs to find out what files it had quarantined. I tried copying the original versions of a few of these files back, but still no dice. In the end, I simply had to reformat the drive and re-install Windows from scratch, which is what I probably should have just done in the first place. Fortunately, I didn’t have a lot of software on there and all of my data files are kept on a separate hard drive, but it was still a huge waste of my time. The moral of the story is that any computer connected to the internet needs anti-virus software. Learn from my mistakes, people. Hopefully next week will be less exciting.