malware

What's a good antivirus for Windows 7?

David from Burbank, CA

Episode 1324

David is trying to find an antivirus for Windows 7. Leo says that Microsoft's own Security Essentials (or Defender, depending on the version) is sufficient, and it's free. The problem is that viruses are usually coming out so fast (called zero day exploits) that you can get infected before the AntiVirus finds it and removes it. Then the viruses are often attached to a system file and it renders the computer unusable. Even security experts put antivirus low on the list of things to do to prevent infection.

Can I make an image of my computer to wipe out malware?

David from Phoenix, AZ

Episode 1323

David wants to know how malware effects reinstalling apps. Leo says that once he strips off the malware, he'll have to reinstall his apps. The only way to be sure that he's eliminated the malware is to backup his data, wipe his drive and reinstall Windows. How about an image of the drive? As long as he has a clean image, he could use that. If his computer has malware when he makes the image, he'll just restore the malware. Leo would wipe the drive, reinstall everything, update it all, and then make an image.

Imaging options include:

Did I get scammed by malware?

Ellen from Santa Monica, CA

Episode 1322

Ellen feels like she got ripped off by Microsoft. She got a popup saying she had a virus and listened to it, then paid $250 for support. Leo says that wasn't microsoft. That was a bad guy. Leo says it was a browser popup and they use that to phish for gullible people to sign up. Microsoft will never, ever do that. It's even worse, though. They likely got remote access and not only do they have her credit card, they have also likely installed more malware on the computer. At this point, Ellen should call the credit card company, reverse the charge and have her card number changed.

What is a proxy?

Jay from Providence, NC

Episode 1322

Jay noticed in OS X El Capitan that there's something called "proxies." What is that? Leo says that unless he's using a proxy server, he should ignore it. If it has been set and he didn't know it, it could be a security software thing. Or perhaps a VPN. Proxies are used so that he can link another computer to get online, or use a different service. If it bothers him, he should just turn it off and see if it affects anything else. It could also be malware.

Why do I get a popup to open a file?

Tim from LaHabra, CA

Episode 1319

Tim has a message popping up that asks which app to open a file with. It happens automatically and he doesn't know what file it is. Leo says that's disconcerting. Leo suspects AdWare or worse! There's something on his system that is running in the background and the antivirus can't kill it. He'll have to figure out what the app is that's starting up. He'll have to expect that his system has been compromised, though, and the only real way to be sure he's gotten rid of the malware is to backup his data, wipe his hard drive, and reinstall Windows.

New Exploit Gives Governments the ability to hack into iPhone

Episode 1317

Remember the legal battle that Apple fought against the US Government to prevent unlocking of the iPhone's encryption? The US Gov't ended up going to a third party company who had created a hack to do it. Now that hack is being used to unlock and peer into the mobile phones of dissidents and other undesirable elements that the government wants to keep tabs on. Even reporters. Leo says that Apple has pushed out a fix to block it, and everyone should install iOS 9.5.3 to stop it. Otherwise, you're vulnerable.

How can I tell if a USB key I found is safe to use?

Lex from Virginia

Episode 1310

Lex uses Windows Defender, but he came across a thumb drive and wants to check it to see if it's safe to use. Leo says he really can't. If he plugs it in, and it's infected, it will compromise his system. Firmware can be modified on a thumb drive to contain malware as a payload, and it's undetectable. The worse part is not one USB drive manufacturer has done anything to correct the bug. Wired has a story on it.

How can I get rid of a virus on my website?

Jim from Malibu, CA

Episode 1309

Jim has a friend who's website has received a message that their website has been hacked. Is this warning legitimate? Leo says it probably is. Most managed providers offer that feature, but there's also independent monitoring services like Site Lock. They'll monitor his website, but they won't patch it. He'd need to have a service that goes through all of his code to make sure it's patched and nothing remains of the virus that may have infected it. Jim should check out Qualys. They monitor and repair the site should it get infected.