Viruses have changed dramatically over the past few years; instead of just wreaking havoc with your system, these software threats have become quite sophisticated. The most common problem we see is fake antivirus software claiming a problem exists on a system. This, of course, is completely unfounded as the problem is the fake antivirus software itself.
In most instances, the user is confused by the message and clicks on prompts to install the software. It’s easy to do as the messages have the “look and feel” of antivirus software. Once the threat is installed, quick action can usually deactivate the program. We usually restart the system in safe mode and use System Restore to bring the system settings back to proper working order. With another restart, we then run the trusted antivirus solution to clean the deactivated threat off of the system.
It’s interesting to note that we never see these issues in the businesses we work with as we always deploy a UTM (universal threat management) solution at the internet’s point of entry. We only see this on machines that are outside of the networks we support.