Drive-By Virus


Q: While one of my employees was surfing the Internet, a browser window unexpectedly popped up, warning that his computer was infected with a virus. A few seconds later, the browser started scanning his hard drive and downloading files. Each time he closed the browser window, another browser window opened and continued the process. Finally, he pulled the plug. By then, however, the damage was done and his computer would not reboot. Ultimately, we hired a technician to reformat and reload the programs and data from scratch. The employee is certain that the computer was running an antivirus program at the time, but we could not confirm this, or determine which one. How do I prevent this problem from recurring?


A: Even if you are running virus protection software, it is possible to encounter a virus like the one you described. The virus can be triggered by visiting an infected Web page, clicking an infected hyperlink, or mousing over an infected object on a website (such as a Java or ActiveX applet). These viruses are often disguised as helpful tools warning you that your computer is infected and offering to scan your hard drive to solve the problem. In reality, the viruses use the opportunity to install malicious code on your computer.


To protect your computer from these so-called drive-by viruses, you should use an antivirus program that helps you avoid suspicious or questionable websites. For example, when I search the Internet, the antivirus solution I use checks the website and inserts an emblem at the end of each search result link verifying that the website is virus-free, and I often rely on this information before clicking the link. Additionally, hovering over the emblem provides a summary of this verification and a link to a full report, as shown below.


In the event that I do click on a dubious link, my antivirus software displays the following warning page, giving me one more chance to avoid the suspicious website.


Notes: Microsoft’s latest browser, Internet Explorer 9.0, provides similar functionality called SmartScreen Filter, which also warns users of potentially harmful websites. Additionally, Google offers the ability to check the safety status of any website by typing into your browser’s address bar, followed without a space by the address of the website in question, for example: safebrowsing/diagnostic?


When viruses attack. If you do encounter a virus that continues to pop up malicious browsers, you may be able to thwart the problem if you react quickly by pressing Alt + F4 repeatedly to close the current browser and subsequent browsers before they have a chance to fully pop up. If you encounter a virus that freezes your computer, and the mouse and keyboard stop responding, holding down the computer’s power button for 10 seconds will clear the computer’s memory cache and force a reboot.


Warnings. These two actions may cause you to lose unsaved work. However, this may be better than allowing a virus to fully infect your computer. Also, be aware that holding the power button down for 10 seconds will reboot your computer and in most cases will offer you an option to restore your computer to its original factory condition. If you choose this option, you will lose your applications and data.


More from the JofA:


 Find us on Facebook  |   Follow us on Twitter  |   View JofA videos


Tax reform complicates year-end tax planning

Get your clients ready for tax season with these year-end tax planning strategies, which address how to make the most of recent tax law changes, such as the new deduction for qualified business income and the cap on the deductibility of state and local taxes.


What RPA is and how it works

Robotic process automation is like an Excel macro that can work on multiple applications, says Danielle Supkis Cheek, CPA. RPA can complete routine, repetitive tasks such as data entry, freeing up employee time from lower-level chores.