Drive-By Virus


Q: While one of my employees was surfing the Internet, a browser window unexpectedly popped up, warning that his computer was infected with a virus. A few seconds later, the browser started scanning his hard drive and downloading files. Each time he closed the browser window, another browser window opened and continued the process. Finally, he pulled the plug. By then, however, the damage was done and his computer would not reboot. Ultimately, we hired a technician to reformat and reload the programs and data from scratch. The employee is certain that the computer was running an antivirus program at the time, but we could not confirm this, or determine which one. How do I prevent this problem from recurring?


A: Even if you are running virus protection software, it is possible to encounter a virus like the one you described. The virus can be triggered by visiting an infected Web page, clicking an infected hyperlink, or mousing over an infected object on a website (such as a Java or ActiveX applet). These viruses are often disguised as helpful tools warning you that your computer is infected and offering to scan your hard drive to solve the problem. In reality, the viruses use the opportunity to install malicious code on your computer.


To protect your computer from these so-called drive-by viruses, you should use an antivirus program that helps you avoid suspicious or questionable websites. For example, when I search the Internet, the antivirus solution I use checks the website and inserts an emblem at the end of each search result link verifying that the website is virus-free, and I often rely on this information before clicking the link. Additionally, hovering over the emblem provides a summary of this verification and a link to a full report, as shown below.


In the event that I do click on a dubious link, my antivirus software displays the following warning page, giving me one more chance to avoid the suspicious website.


Notes: Microsoft’s latest browser, Internet Explorer 9.0, provides similar functionality called SmartScreen Filter, which also warns users of potentially harmful websites. Additionally, Google offers the ability to check the safety status of any website by typing into your browser’s address bar, followed without a space by the address of the website in question, for example: safebrowsing/diagnostic?


When viruses attack. If you do encounter a virus that continues to pop up malicious browsers, you may be able to thwart the problem if you react quickly by pressing Alt + F4 repeatedly to close the current browser and subsequent browsers before they have a chance to fully pop up. If you encounter a virus that freezes your computer, and the mouse and keyboard stop responding, holding down the computer’s power button for 10 seconds will clear the computer’s memory cache and force a reboot.


Warnings. These two actions may cause you to lose unsaved work. However, this may be better than allowing a virus to fully infect your computer. Also, be aware that holding the power button down for 10 seconds will reboot your computer and in most cases will offer you an option to restore your computer to its original factory condition. If you choose this option, you will lose your applications and data.


More from the JofA:


 Find us on Facebook  |   Follow us on Twitter  |   View JofA videos


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.