malware

How can I stop getting malware?

Steven from Los Angeles, CA

Episode 1404

Steven got a virus on his computer and it keeps coming back. The tech says they are getting into his computer through his IP address. Leo says that they don't know what they're talking about. He can't get it that way and if they're trying to sell him software to fix it, then he needs to find a new technician to repair his computer.

Leo suggests trying Geek Squad at Best Buy. They're a good place to start. At least it's a technician that's local, that he can visit. But at the end of the day though, his best defense is his online behavior.

Petya is the Latest Ransomware Scam

Episode 1400

Petya is the latest ransomware hitting millions of computers around the world. Most infected computers are in the Ukraine, where "patient zero" is believed to be. From there it branched out to Russia, Poland, Italy and Germany. It takes advantage of the same flaws in Windows 10 that WannaCry did. Fortunately, it hasn't really hit the U.S. yet, but we'll see more infections as time goes on. Our CIA intelligence service discovered it and didn't say anything because it could use it to spy on others.

Why is my browser typing strange text?

Episode 1398

Jeff from Apple Valley, CA
Keyboard

Jeff is getting strange random key strokes appearing in his browser bar. Leo says to try a different browser. Windows comes with both Edge and Internet Explorer. If it happens in both browsers, it could be a failing keyboard. Jeff should unplug his keyboard and try a new one. If he still has the issue, then it's a Windows problem, which could be malware or a browser hijack. He could try resetting his browser first. If that solves the problem, then he's fine. If not, then it may be that he'll need to reinstall Windows from a known good source.

Should I get Windows Defender or Microsoft Security Essentials?

Episode 1395

Gloria from North Hollywood, CA
Microsoft Windows Defender

Gloria uses Windows 7 and she's confused whether she uses Windows Defender or Microsoft Security Essentials. Leo says that for Windows 7, she'll need Security Essentials. But it was renamed to Windows Defender for Windows 10. She can get Microsoft Security Essentials at support.microsoft.com to download it.

Have I been hacked?

Episode 1395

Carlos from Jersey City, CA
Virus Found Message

Carlos is getting a popup telling him he's been hacked. He's got OS X Lion on his Mac. Leo says that there's a new thing called "ScareWare" which makes people think they have been hacked or have a virus and it won't let them exit the browser until they call a number. But in reality, it's just a popup that's designed to scare people into calling so that they can convince them to install a remote app that will allow the to do something to "fix" it.

Can I protect my Windows XP computer from WannaCry?

Episode 1393

Lynn from Thousand Oaks, CA
WannaCry

Image: SecureList / AO Kaspersky Lab

Mary has an old XP computer and she's worried about getting the WannaCry virus. Can she get a patch to protect herself? Leo says that Microsoft has ended life for Windows XP, but did make a patch for it and she can go into Updates and get it. But according to Leo, 98% of infected computers with WannaCry are Windows 7 computers. So XP isn't even on the radar. It doesn't hurt to be safe, though.

Why are weird text files appearing on my desktop?

George from Houston, TX

Episode 1393

George wants to know why he's getting weird text files being saved onto his desktop. Leo says it sounds like an app was written with debugging turned on, and when he uses that program, it saves the error messages to a text file. It's a harmless mistake left over by the developer. The trick is to figure out which app it is. George should check out Microsoft's Process Explorer. It should be able to help him track down what app it is. It's at Sysinternals.com.

WannaCry Ransomware Has a Possible Solution

Episode 1391

Encryption

WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.

Have I been bit by ransomware?

Episode 1389

Grover from California
Google Chrome

Grover has a popup that says to call Microsoft Support. Has he been bit by ransomware? Leo says no, probably not. It's a phishing attack, but it's to try and get him to call in and then they charge him and access his computer. It's Scareware, really. He can ignore it, but it keeps popping up and he has to reboot his system to get rid of it. He even replaced the hard drive, but it didn't help.

WannaCry is the Latest Phishing Ransomware Attack

Episode 1389

WannaCry

The latest ransomware attack is called WannaCry and it's spreading via phishing email attacks. The ransomware not only encrypts your data — it also has a built-in kill switch on websites. Security researchers may have crafted a fix to it, but there's a catch. The encryption is done using Microsoft's bit locker, and the fix is to take advantage of a flaw in the cryptographic memory that keeps the keys in RAM so it can harvest them and unlock your data.