I'm Infected by My Antivirus

Call it a virus … call it spyware or malware … whatever you want to call it, it seems like I’ve been getting calls for years about this major nuisance.  The pop-up might tell you that your hard drive is failing or your registry is corrupted or your computer is infected with 43 viruses, and to the untrained eye it can be quite convincing, but these days, warnings like these are more often than not a hoax, what Wikipedia calls rogue security software.

So if it’s a hoax, Dovid, does that mean that I can just ignore it?

Unfortunately, you cannot.  Worst case scenario, this hoax carries some damaging payload and is a virus itself; best case, it’s a nuisance that’s just trying to steal your credit card info. (I’ve actually had clients pay to activate the fake antivirus software with hopes that this would remove it.) The important thing is to recognize that responding to any requests from this malicious software will only make things worse.

How do I know whether it’s real or a hoax?

When in doubt, call your competent local IT expert (shameless plug).

Another line of defense is knowledge – which is why  it’s a good idea to  familiarize yourself with your antivirus software before there’s a problem. Learn how to check to make sure it’s active and up to date.  Many people are sitting ducks for this kind of scam precisely  because they don’t know what their antivirus software is supposed to look like. (The truth is, it’s  easy to recognize t a hoax when it’s written in Pidgin Englis;, but thanks to all of those outsourced call centers, it may be that hackers’ English seems to be getting better all the time.)

How did I get it?

Since I’m generally a believer in holistic computing practices, I’ll always start by telling you that your computer got infected because it didn’t have a healthy immune system and was therefore vulnerable; but to be more pragmatic, more often than not, there’s an infected website involved. Either you were conned into clicking a link in a deceptive Email message, or mistyped an Email address, or were on a site that you probably shouldn’t have been on, or as mentioned in our last blog posting, visited a perfectly reputable site that was hacked or infected itself. 

Unfortunately, it can  happen even if you are “protected” by top name antivirus software and even if you’re “careful.”  I can certainly admit to being fooled before and  it can happen so quickly that you don’t know what hit you. Other times it takes getting fooled into an act of collusion by clicking through a number of steps, functionally voluntarily installing this bad-ware on your own computer. (They may even be kind enough tell you what they’re going to do to your computer in the fine print.) Even if this happens just once, it can be an expensive learning experience.

Ok. Well, I got whacked, so now what?

Save your work if you need to and shut the computer down right away; if necessary, hold the power button down for ten seconds to turn the computer off or unplug it (on a desktop computer that’s the box or CPU, not the monitor or screen).   To state the obvious, viruses can’t cause damage if the computer isn’t on. Sometimes what looks like a legitimate alert may only be a deceptive video clip from a website pop-up. If you’re lucky, you caught the problem in its tracks and the computer will be fine when you start back up.

But if there are any signs that the virus is still there when you restart, call your competent local IT expert (shameless plug #2). While sometimes these issues can be resolved with the right utilities, more often than not, if it got by some barriers to get installed in the first place, it might be require a more  complex removal process.  Of course, if you went so far as to give up credit card information, after you finish kicking yourself, call your credit card company.

What can I do to avoid these problems for my business?

There’s no question that prevention is the best medicine. Feel free to share these strategies with your office team.

1. Educate your staff. Periodically remind them not to open an Email attachment or website link unless they know the sender and what it is that they’re opening. Computers used exclusively for appropriate business certainly tend to be less vulnerable. (That said, it’s not a fair assumption  that a staff member was doing something wrong if the computer got infected.  Unfortunately, when perfectly reputable business websites get infected they tend to share the problem with hundreds or thousands of users, not just a few dozen. )
2. Limit administrator access. Ask your IT expert to set the computers up so that the users do not have Administrator access. If the person who is on the computer when it gets infected doesn’t have permission to install software, most malware can’t get very far. So, even if that user’s account is infected, the rest of the computer will likely be ok.
3. Keep your systems up to date. Make sure that updates are allowed to run automatically make – and keep up with – a schedule for regular manual update checks.
4. Make sure that you have an antivirus product installed. And ensure that you know how to keep it up to date. Money saving tip: You can pass on the  bloated feature-rich security products sold in stores. For networks with only a few computers, the free options like Microsoft Security Essentials are fine. For larger networks, you’ll want to go with a product like Trend-Micro that’s designed to be managed from a central console. You also might consider supplemental products like Malwarebytes, Spybot S&D and CCleaner  to help keep the computer clean and garbage free.
5. Have a good firewall. This creates a level of prophylaxis between your computer and the Internet. Newer devices do a great job at screening websites and scanning network content before it gets to your computer. As referenced in our last blog posting, all the heroic policing efforts of Google and others to scan the Internet and keep it safe are great, but it’s not safe to assume that they’ll catch every site fast enough. For larger or growing sites, I definitely recommend Barracuda to do this job. (Employer bonus: Barracuda can also help ensure that your users are primarily using their computers to do their jobs, instead of shopping, playing fantasy football or hanging out on Facebook.)
6. Protect your Email. Make sure that your Email systems are screened for spam and also well protected from viruses. We provide robust filtering on our Microsoft Exchange hosting services, but I feel very strongly that Email should be filtered long before it reaches your computers or servers. You’ll want to check with your Email providers to ensure that this is the case.
7. Get a Mac. I can hear the outcry from here. But think about getting a Mac. There’s at least a modest premium for purchasing Apple and they’re not the best solution for larger networks or environments with specific applications which don’t run on Mac; but I haven’t seen a virus on a Mac in at least 15 years, and even then, it was in Microsoft Office. Yes, Windows has  made impressive strides toward becoming safer and there are (at least theoretically) Mac OS viruses out there, but it’s getting easier and easier for Macs and PCs to get along and everyone  I know (including myself) who has one, loves them.
8. Backup, backup, backup.  It’s the mantra we can’t afford to ignore. Almost always, your data is far more important than your computer. Make sure that you have a robust onsite and offsite backup solution in place so that if the computer is so badly infested that it needs to be wiped out, you will make sure you don’t lose the data that your business needs to function.

Seriously?! How am I supposed to stay up to date on all of this? Shouldn’t my computers just work? I seem to get along ok. Who has time for this? Isn’t this what my IT guy (or gal as the case may be) is for?

I feel your pain. But, as I said, a modest amount  of education can go a long way, especially when it comes to appropriate computer use. When it comes to the rest, it is important to ensure that, even if you don’t know all of the details, there is someone on your team with the right expertise who does. Some pieces can be handled by a competent staff person or a decent computer consultant, but once your business is starting to grow you’ll want to engage a managed service provider to deliver  the level of experience and knowledge needed to ensure that you have a reliable platform that meets your growing business needs.

Remember: Don’t settle for computers that simply function. Technology can and should be a tool to increase productivity and drive your business forward in creative new ways.

Dovid Winter is Principal Consultant of Winter Solutions and has been providing hands-on IT management services to small-business, non-profit and education since 1986. In addition to website development and hosting services, Winter Solutions' offers an array of managed IT services. Whether you are looking for assistance with a single project or to outsource your entire IT department, Winter Solutions has a solution to meet your needs. Contact us at 781 821-0000.