Since HBSS was identified as the security software that caught the 'virus' I was immediately skeptical. Why? Because HBSS has found and deleted mission-critical software on classified networks before. HBSS was deployed in a hurry because security personnel wanted to lock the network down, and one of the steps that got skipped in a lot of places was coordinating what software is and isn't permitted on the network. Down at the operational level, this translates to an overworked captain or lieutenant passing the memo to whoever in the comms shop has time to do an install (ask yourself: why isn't this person busy?). HBSS gets installed and starts throwing up pop-up windows, and the sergeant, with no training or policy to guide him, helpfully starts making the same kinds of judgments your parents make: "What's SYSTEM32? Sounds dangerous. Deleted!"