Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

Virus pain

Posted by todd at 6:48 AM on October 29, 2007

As I spent my weekend trying to repair, then ultimately rebuilding my shared computer at home I had 3 realisations.

  1. Virus/Trojan programs these days are really nasty.
  2. It’s very easy for non-geeks to get into virus trouble.
  3. Thank goodness for backups.

I run two systems at home, my main system is used only by myself and has little active protection.  I have a virus scanner that I run occasionally but is not permanently active, and I am behind a firewall.  Besides this I rely on my experience to keep me safe; Memory resident protections slow down my system too much.  This continues to work well for me (touch wood).

I also have a shared system that I use for some email, and if I want to look at an Internet site that may have useful information but I am not sure about the safety of.  The main job of this system though is the main computer for the family to use.  Needless to say this system usually runs every type of protection it can get as it is a more open system and while my kids might become geekier as they grow up, I am the only geek in the house.

On Friday I got a call at work from my wife saying that everytime she tried to go to a website she got a security warning instead and a request to install a repair program, and that even after having run that, the message kept coming up.  Despite the cloud of doom forming over my head, all I could tell her was to shut down and leave it until I got home.  As soon as I logged the system back on there was no question that there was a trojan on the system that kept opening up sessions with various systems.  I ran the virus scan, which came up with 3 different infections and said it had dealt with it, but rebooting showed that it had obviously missed something.

I ran the signature update on the virus program and tried again but that did no good either.  I won’t bore you with the details but I ended up with a reinstalled system and a new anti-virus and malware program.  I had a recent backup of the system so the process was annoying rather than tragic.  I retrospect I had become complacent with the protection I thought the software gave that system.  While not a geek, my wife understands the basics of Internet safety, like not opening strange messages, but when the initial infection got through, the very official looking phishing worked on her and made the situation worse.

In re-installing the system I have made a few changes to limit the chance of this happening again.  You can never be 100% certain but the system did have active-x enabled in IE, my wife now must learn how to use firefox and I have disabled the preview pane for her outlook profile.  It did give me a chance to do a straw test on a couple of alternative virus programs as I was not happy with my previous Internet security suite even before this incident.  Of the few I tried in my non-scientific study, NOD32 did the best detection and removal and is now what is installed on both my systems, although with all the monitoring turned on for the shared system.  That and the system running much faster with a fresh install are the silver lining I guess.

3 Comments

  1. From Greg at 3:10 pm on October 29, 2007

    Hey, Todd -

    I would get calls several times a week when our main computer at home was a Windows box, from either my wife or the kids. I finally made the executive decision to switch us over to either Mac OS X or Linux (I went first with Fedora, then later with Ubuntu which proves to be more incredible with each release). Since switching over, we’ve had nary a virus, malware, or any other digital bug-a-boo to contend with along the way. Our main family computer is a Mac mini running Tiger (debating on whether to upgrade or not). My wife’s laptop and my daughter’s desktop both run Ubuntu. My son has a gaming PC, but we keep the virus checker running and updated.

    So, you might want to put:
    4. Windows sucks at digital security, so thank goodness we have choices for general computing uses.

    BTW, in the States, we spell it “realiZation” (the ‘s’ is for the UK and commonwealth folks).

  2. From Matthew at 9:50 pm on October 29, 2007

    Greg,

    There are historical reasons for that PC being windows, mainly to do with when I used to have time to play games. When this system needs replacing it will almost certainly be either a Mac mini or an iMac.

    As I am posting from the Commonwealth (Australia to be precise) please excuse me using the correct spelling :)

    I paid for the grey tyres with a cheque.
    If you steal jewellery you go to gaol.

  3. From Susabelle at 7:16 am on October 30, 2007

    I am like you, the three machines I use personally and never let anyone touch (two laptops and a big Dell running Vista) have no virus protection on them and I’ve never been infected. I occasionally run adaware or spybot or one of the others, but never a virus-checking program. I’ve been running this way on my home machine(s) for at least 15 years.

    On the four other machines on my home network (one for hubby and one for each of the kids) they are locked down tight with virus software and auto-run adaware and spybot twice a week in the middle of the night. If I didn’t do that, I’d be rebuilding those darned machines every other day, I think. It’s a lot less headache to keep them locked down.

    I have no protection at all on my print server, but it has no monitor, no keyboard, no mouse, it just sits in the corner and runs and I’ve had no problems. Of course we are behind a firewall, as well, that helps.