November 15, 2017
The whole problem started when a coworker was sharing a computer to review a document and get other help. Before they realized what was going on, a pop-up window came up notifying them that the computer was infected and suggested running a scan.
The employees ran the scan but nothing happened. Everything they clicked on contained the pop-up message that their computer was infected but by the time we heard about it, lots of other people in the office had the same problem.
The explanation started with, “So and so came over and did something to my computer.”
We were contacted because there was a problem with an infected computer and the virus quickly spread to all the computers in the office. We hear stories like this one a lot from businesses that don’t have good IT support.
Avoiding an infection
Typically, a problem like this stems from user issues like these that are easily resolved:
- Searching on the internet and clicking on a bad link (that they didn’t know was bad)
- Clicking on a suspicious email attachment
- Clicking on a fake website address
- Using a web site that is insecure (read Google Chrome Is Ramping Up Warnings When You Visit Insecure Websites).
These problems can be easily prevented. The key is recognizing the links and website addresses beforehand. Our article, How to Avoid Phishing Scams, provides tips for recognizing harmful links and online sites so you can prevent your computer from getting infected.
If you’ve clicked on a bad link or fake website that infects your computer, there is a second precaution, which is your cybersecurity software (malware, spyware, and virus protection). The message from most cybersecurity software indicates to get out! It’s warning is about not proceeding to the site unless you are certain it is a valid link or address.
The warning message was the virus
If you were to click on a bad link or fake website address, another warning message would pop up. It’s important not to click on a link in this warning message. The problem with the above scenario is that the virus was in the warning message. The message was misleading because the virus couldn’t infect your computer until the employee accepted the request to scan the computer. The computer didn’t have a virus, yet. Instead of scanning the computer, when the employee clicked on the link in the message, the virus was downloaded into the computer. Learn more in this video from the Federal Trade Commission about how the scam works.
Fixing the problem of an infected computer
You have an infected computer now, so how do you fix it?
- First, backup your files. At Boost IT, we assist clients with having a backup system in place. It’s important that your backup includes everything you’ll need to reinstall on your computer. You will also want to have any product keys, in addition to your data.
- Second, prepare to wipe clean all the computers that are infected. Your computers have been compromised so you’ll have to rid them of the infection and then perform a system restore or clean install. The System Restore feature restores your computer’s operating system to a previous state from a previous point in time. When you wipe a computer clean, you’ll have the equivalent of a “new” computer.
- Understand that your antimalware, antispyware, and antivirus software is for prevention and detection. A scan will only help to identify if you have an infected computer. The software does may not clean infected computers. MicroSoft support discusses this briefly in this article.
If the above two steps look too complex, that’s why you hire professionals. Your time is valuable and is better spent on what you know best. Boost IT has a managed security service that can be installed for a fixed monthly fee with no downtime and our team monitors it around the clock. We have helped many clients get back up and running fast, so give us a call at 404-865-1289.