Windows 7 and the Rootkit

I have to say that I have been very impressed with Windows 7.  I downloaded the RC 1 build the morning it was released to the masses.  I installed it on my MacBook Pro using Boot Camp the following day.  It was fast, visually very impressive, and really put a smile on my face.  Since that time, I have been working full time on my Mac but I roll over to Windows whenever possible to see how things are working on the other side of the street.

I installed Office 2007, Hamachi, Firefox, and Dropbox.  The usual core applications I like to keep handy.  Prior to all of this, of course, I installed Kaspersky Antivirus.  It was the first antivirus to catch my eye offering actual support (though preliminary as it is listed as a technical preview) for Windows 7.  I was impressed that the system didn’t seem unduly bogged down by the AV solution and off I went.

This morning I was listening to a podcast and thinking about Windows 7.  I thought I would try another antivirus just for the heck of it.  I have been wanting to install Eeye’s Blink, but its not working with 7 yet.  It simply fails to install.  Still, I want something free so I decided to give Avast’s free edition a shot.  I uninstalled Kaspersky and installed Avast.  I rebooted, updated the virus definitions, and let Avast start its scan.

The first thing I noticed about Avast is that it really is ugly.  It looks like the developers wanted to create something visually different.  In doing that they made the UI clumsy and unconventional.  Still, its free and good for a test run.

I let the scan continue while I contemplated the visually challenged interface.  Then, bang!  The scan hit on a virus!  But not just any virus, one it classified as a rootkit.  Even better.  Go big or go home, I suppose.

If this isn’t a sign of things to come, I don’t know what is.  Windows 7, the latest and greatest, the new flagship OS from the mother ship seems to be just as fragile as its predecessors.  Though the anti-malware tool is part of the OS, it doesn’t seem to be doing the job.

First and foremost, I am a Mac guy.  I love my computers for better or worse.  But I really like what Microsoft has done with Windows 7.  Its visually a great looking operating system and is sure to be the most robust version to come out of Redmond so far.  But to have a virus already?  I haven’t even done any heavy lifting with it yet.  I have my core utilities installed and had visited only known good, reliable, safe web sites.  Since install I never touched a single shady site.

And this where my baseline problem with Windows comes into play.  I am an advanced computer user.  I am proficient with the Mac as well as Windows.  I understand the vectors that spyware and viruses use to get into the system.  I simply haven’t started to use Windows 7 in a productive way and I am already compromised!

So, if a proficient computer user can get tagged this early in the game, how does the average Windows user stand a chance?  This bug made it past one antivirus.  I had taken all necessary precautions prior to that.  I had the firewall on, I am behind a NAT router, I am fully patched, I don’t even use that machine for email.  Simply put, it should not be this easy to get tagged.

So, I’m back to my Mac where things are happy and statistically much safer.  But I’m disappointed.  I hoped for much more with Windows 7.  I hoped for more security and more stability.  And I’m willing to run an antivirus.  But no AV catches everything and systems cannot function with multiple AV systems installed.  So the Windows world is stuck in the vicious cycle that sadly has not changed at least with the release of RC 1.

In fairness, I’m not sure where the bug came from.  I simply haven’t been using the machine much.  I had been sticking to my normal safe sites consisting of tech news sites, Google Reader for RSS.  All of my installed software is legit.  I still need to run down the nature of the bug listed as Win32:Rootkit-gen by Avast.

I’ll post back as I learn more.  For the time being, I just wanted to express my disappointment.  I was hoping for more.


Steve

2 Responses to Windows 7 and the Rootkit
  1. Anonymous Reply

    Just wanted to jump in here and say that the virus scanners for windows 7 back when you posted this was horrible. I loaded avast and did a scan on reboot and the thing tagged most of my system files as virus’s and totally screwed my system. Windows 7 64bit is very very user friendly and a great OS

  2. elvis Reply

    download and use

Leave a Reply

Your email address will not be published. Please enter your name, email and a comment.