malware

Wipe Your Drive and Reinstall if Your Windows PC has Been Infected With Malware

If you've been infected with malware, wipe your drive and start over. Reinstall Windows. If it's a rogue employee of a company you were calling, contact the company and let them know. Any general-purpose operating system is vulnerable to these kinds of malware attacks. If you positively need to use Windows at home, you sort of should become a guru of PC security to protect yourself. Windows shouldn't be your default OS pick anymore.

Have I Been Scammed?

Thunderbird

Episode 1733

Bill from La Jolla, CA

Bill thinks his network has been infected because his email won't let him send anymore. It's completely missing. Leo says to make sure the SEND port is correctly configured in the email client (in this case Thunderbird). It's the SMTP server and it usually runs port 587. The scam came from "Spectrum" and "Thunderbird Help" that said he was having a driver issue. Leo says that's a scam. Email doesn't use drivers. It just uses an internet connection.

Do I have malware?

Windows Defender

Episode 1730

Karen from Tri-Cities, WA

After getting a phishing scam email, Karen ran a malware scan with Windows Defender and it found a "severe threat" called a Trojan-Downloader. Windows Defender blocked it, but is she still compromised? Leo says that everyone gets those, and it's not a side effect of a virus on your system. So if Defender found one and blocked it, you're safe from it.

Is my network safe from ransomware?

Types of Ransomware

Episode 1714

Steve from Newport Beach, CA

Steve's data center got attacked by ransomware. Fortunately, they had two locations and was able to shut one down, clean it, and then reinstall with only 3 hours of downtime. Leo says that's fantastic. But a hot backup can let the ransomware spread to your backup. So the key is to keep the second network only connected every three hours. That will give time to take down the infected network before the next sync connection time. 

Ransomware hits huge international conglomerates

Types of Ransomware

Episode 1714

Norsk-Hydro, a huge international conglomerate was hit with ransomware, costing the company $60 million. The malware came from an innocent email that had been intercepted and altered to include malware that infected the network when opened. Encrypting all data. The malware infected the company in December but wasn't triggered until March. Norsk-Hydro had a cyber insurance policy that consistently tests the network, but they were infected anyway. The company decided not to pay and relied on backups to restore their network. But the damage had been done as the network was down for weeks.

Did I download a virus from an app?

Amazon Kindle Fire

Episode 1702

RIchard from Windsor, CA

Richard put Facebook Messenger onto his wife's Kindle tablet. Since then, he's had nothing but trouble with his network. He didn't get it from the Kindle store, so he's worried he's been hacked. Leo says that Richard probably was since he googled and clicked on the first link he found. Leo says that's why its important to go to the official source like the Kindle app store. If bad guys can steer you to a website, they can infect you. But it may not be the Kindle that's been infected. It could be the router or modem. But Leo says it's not likely.

Be Very Careful and Skeptical of Email Attachments, Even From "People" You Know

Most of the malware and ransomware that comes through the internet and onto our systems is thanks to email attachments. If you see an "invoice" with an artificially rushed, demanding tone from a powerful figure (such as your work boss) and they've attached a "PDF", be very skeptical and do not open it. The same goes for links, since they can take you to a very shady site. Make sure to update your computer with security patches to prevent infection from background exploit kits across the web.

Why Am I Getting a Popup in AOL Mail?

Verizon

Episode 1661

Sue from New York

Sue is on AOL and is having issues with "Guce." What is that? Leo says it's adware by AOL that seeks to bypass adblockers in her browser. Guce is owned by Verizon, which also owns AOL and they don't like users using ad blockers or reading emails without ads. So it will redirect her to Guce.advertising.com. But many consider it a browser hijack, which would turn it into malware.  Go into the browser settings under extensions and see if there's an adblocker installed. She can either turn off the ad blocker, white list Guce or better yet, GET OUT OF AOL! Leo recommends Gmail.

How can I prevent a reboot loop on my parent's computer?

Windows 10 Laptop

Episode 1643

Greg from New Brunswick, Canada

Greg's parents were using EDGE on Windows 10, and it shut off and went into a reboot loop. They took it in and got it reset. But how can they avoid it in the future? Rich says that it sounds like his parents got bit by some malware after clicking on something. It's very easy to fall victim to. So encourage them to not click on any links or open attachments. Also, make sure their software is up to date. Of course, you could replace their Windows machine with a Chromebook. That would be very secure, and if something happens, you can powerwash it back to normal.