We have had a huge influx in customers wanting our managed antivirus platform lately. We've also had a huge influx of questions about how it is different from any other antivirus platform out there. I thought we'd take a minute and de-mystify the process a little.
The difference between your regular run-of-the-mill antivirus program and managed antivirus is like the difference between at-home medicine and having a fully stocked Trauma Team living in your house when you get a virus yourself. Do you have a cold, or a virus? Is it the flu? Maybe it's just food poisoning.... You don't know exactly because you only have your own experiences to base your diagnosis on. Eventually, if it's bad enough you shell out the money and go to the doctor, who runs a few tests and immediately tells you exactly what you have, how serious it is, and how to treat it. Managed antivirus is just like that, except you don't have to go to the emergency room to find the answer because the Emergency Room, and in fact the whole hospital staff are right there in your home already, curing what ails your computer before you even know it's infected.
Hospitals have charts and graphs to let doctors know the status of their patients. So do we. In fact, here's a quick example of one below.
What you're seeing above is an example of a daily report. It's the first of eleven pages of what's been going on with our client's computers. The difference between you diagnosing your virus problem and our engineers diagnosing it is just like you diagnosing yourself with the flu and the doctor later telling you it's a common cold. The doctor sees these symptoms all the time, in the hundreds, so he can quickly make an informed decision on what the infection is and how to treat it. Our engineers are working for you 24x7 doing the same thing. Let's look at a few examples from above. (I redacted the names for our client's privacy.)
Look at the first computer on the list. It has 5 infections of the Conduit toolbar. It was found during a deep scan, meaning it wasn't running in active memory at the time, but is instead the source of an infection we'd already removed earlier. It's also been quarantined, so it can't become active and infect anything else before we treat it.
As the "doctor" in this scenario, we know that Conduit isn't a really "bad" virus, more of an annoyance. It changes your search results when you web search and displays popups from to time. Two clicks from our dashboard and it's removed and the computer is back to normal.
Now, look at the third computer. It has two traces of a virus called Trojan. AndroidOS.Generic.(A). Do you know what that is? Is it bad? Is your computer infected? You have no idea without doing some extensive research. Thankfully, we have already had to do that research the first time it appeared on a client's computer so we know what it is, and it's actually pretty bad.
That particular virus was located on the i:\ drive of a customers computer, which turned out to be the SD card from their Android cell phone. Whenever you install a device in the computer, it is automatically scanned. Even though that's not a computer virus, but an Android virus, our system detected it and removed it from the Android's memory card. That particular virus is a fake Adobe Flash player that the user downloaded, thinking they were getting the correct one, but instead getting one that infected their phone with popups. That particular virus also sends ALL your contact information via wi-fi to a website so they can then use that information to infect others while pretending to be you. Ever wonder why you get a text message from a "friend" that they didn't actually send? This virus is one of the reasons. We immediately quarantined the virus and let the customer know their cell phone was infected so they could remedy the problem on their end.
The "Dashboard"
We can't show you too much of our back-end, mainly because it contains too much customer information. We can show you a few things though.
Here is what an infected computer's dashboard looks like.
That image above is a new computer we just on-boarded a few days ago. We've been letting the scanner run in the background to compile a full list of what's going on. For the record, neither Norton, McAfee, or AVG picked up these infections. They were all running on the system when we took over. Anyway, you can see here the particular infections this computer has, and how many locations are infected with each particular variant. There are 10 infections of the Conduit Toolbar on this computer. (One is in Internet Explorer, one in Chrome, one in Firefox, and the rest spread throughout the system.)
How do we "remove" them remotely? It's as simple as clicking a button, literally. See the image below.
We scroll over to the right, click "Actions" and choose "Delete from Quarantine." In the process the antivirus scanner will remove the associated registry entries, browser infections, and malicious files from the computer. Then we mark this infection as "resolved" in our dashboard. Another daily system scan will take place sometime in the evening and let us know if any residual infections remain. It's a lot like a doctor prescribing you medicine to cure the problem, then telling you to come back in a day or so and let him be sure you're all better. The difference is, you don't have to actually go anywhere or call anyone. Our system takes care of that for you, reporting back to us the "all clear" or letting us know we need to take further steps to remove the infection.
I hope you have a better understanding now of what Managed Antivirus is, how it works, and why it's different than the other things you see out there on the market. Mainly, those services don't come with a team of experts on hand to remedy your problems for free! That's one of the biggest benefits to Managed Antivirus. After reading this, we hope you'll all agree that $10 a month is an awesome rate for the amount of services you get!
Welcome to Oz!
