Virus Infection

I forget when exactly it happened, but at some point this weekend, when I tried to turn on my lab computer, it would hang at the desktop splash screen, and nothing including explorer.exe would load. I could get it into safe mode, and every once in a while I could get it to startup normally, but it would feel like trying to run Vista on a 486 with 32MB RAM.

Symantec didn't pick up anything, nor did McAfee Stinger. For kicks, I decided to try ClamWinPortable, which is a PortableApp. One day I'll give them their own post, because they're fantastic. I couldn't get internet access, so I took my flash drive downstairs and updated the definitions.



ClamWin picked up Trojan.Dropper-12634. Way to drop the ball Symantec. Glad to see that there's a reason for nothing working correctly, but it's always sad to see a virus. I tried cleaning the virus out. I restarted... and still no good. I did it again, and cleaned it out yet again. Still no good. What's the issue?

System restore sucks. Scenario:
Day 1: Restore point 1 created. Get a virus. Not noticeable yet.
Day 2: Restore point 2 created. (Which has virus in it.)
Day x: Restore point x created. (Virus still embedded.)

At this point a few things can happen:
1) You notice the effects of virus, and revert to restore point 1, and everything's dandy. (This is probably not the case.)
2) You notice the effects, and revert to point 2, or some later point, since you don't know exactly when you were infected. You still the virus now!
3) You don't notice the effects, and as x (the number of days) increases, eventually old restore points are deleted (starting with the oldest ones) to make room for new restore points. Restore point 1 is deleted, leaving you only with infected restore points. Good job, you're screwed.



Why don't we just tell the anti-virus program to search through the restore points? Because they can't. Wikipedia points out that this is one of system restore's limitations.

A solution is to turn off system restore (which deletes all restore points) and then clean your virus away. Then what's the damn point of system restore if you're just going to have to delete all your archives. Nonetheless, I tried that and it didn't work.

Stay tuned for the second half of this story sometime early next week when I get around to writing it.

Photo: Flickr
Photo: Flickr
(There's a soccer team called the computer viruses that I found when searching for photos...)

Stupid viruses
Stupider system restore
I want my comp back

Godspeed.


This posted tagged as: ranting, technology

Recent posts tagged as technology:

• Obama and the CTO
• Airports without Wi-fi
• Inauguration Day and Change.gov

#1: by 2Three on 11/02/08 @ 4:39PM EST

I got a nasty virus this week too that my Norton also missed. Well, to be precise, it gave notification that I had a virus, and that it couldn't do anything about it. 59 wasted bux, right there. It actually kicked out my system restore, so I had to bring the comp. to a local repair shop to get fixed up. I'm now using Panda...

Reply to this comment.

#2: by will on 11/04/08 @ 9:54AM EST

I really do hate Norton; way too intrusive for my taste. As I'll write about later, I ended up just reformatting. I could get into safe mode, so I could back up some stuff.

Name:


Website:


Enter a valid email:

(Gravatars and retaggr profiles are supported.)

Receive notification of followup comments?
Yes No

Comment:
(First time commenters: Don't post links or you'll be flagged as spam.)


Reply to main post. (To reply to an individual comment, select it above.)