Of course antivirus alone is not enough!

I'm in charge of IT at work. Last week one of our employees was surfing the Internet on his lunch break (something we allow). He was trying to download a particular sound bite (something I don't allow) to use to tease the co-worker in the cubicle across from him. Despite having anti-virus software installed and having Windows XP and all applications up-to-date with patches, the second he clicked on the sound bite he started seeing the words "Your computer is infected! Windows has detected spyware infection!" emanating from a small red circle with an X sitting in the system tray.

I was just running out to lunch when I got the call to come down and take a look. Recognizing that it was "ransomware" the first thing I did was disconnect the machine from our network. I then ran a full virus scan, which detected the "ransomware," and removed it and placed in the virus vault. But the insidious bugger kept popping back up. I realized that while there was AV running and up-to-date, this one machine did not have anti-spyware running like all the other machines. I quickly installed Spybot S&D, which lived up to its name by searching and destroying the “ransomware” and the annoying message disappeared. Spybot S&D also offers resident protection to prevent this type of nasty surprise from happening again. I reprimanded the employee and after I came back from lunch I went around to make sure all the other machines were running anti-spware software and they were. The moral of the story...AV is simply not enough -especially when workers break the rules!