Caller keeps getting popups when he's watching YouTube on his Google Pixel C Tablet. It just keeps minimizing his videos and he's inundated with popups. It also happens on his Motorola Moto G6. Leo says that he's likely got some apps from the Google Play store that have malicious behaviour programmed into it. Just use apps you want or need by well-known developers. It's likely an app that he installed on both devices. Leo is guessing it's probably ads trying to play from an app, but sometimes even removing the app won't work. He may need to do a complete reset on his devices.
Robert got bit by a phishing scam about being a workshop presenter. He clicked on a link to download an attachment and nothing happened. He realized what he had done and disconnected his desktop. Now he thinks he needs to reinstall? Leo says Nuke from orbit. Do not install from in-place. He should want to back up data, wipe the hard drive, and then reinstall Windows from a known, good source. But he should make sure to know if he actually has malware. If he has a WInMail.dat file attachment, that's from Microsoft and older Outlooks use it.
Leo says that while 2018 was the year Ransomware, 2019 is even worse. Arizona Beverages got hit by ransomware last week. The attack shut down sales operations for days, scuttled their networks, and servers. The network was hacked and encrypted, targeted by hackers with a ransom note posted to their website. Leo says that Arizona struggled with trying to rebuild their operations for five days. Most of their servers hadn't been given security patches in years and their backups didn't work.
Steve's printer is suddenly printing out ads. What the heck? Leo says there's a good chance he got nailed by either a browser hijack, or malware that has replaced his printer driver. He recommends using Malware Bytes, by only get it from the original creator. The chatroom says that there is a printer exploitation tool kit out there on the web. It could be that there's malware in the HP firmware as well.
Steve fears his Android phone has been attacked by a virus. He's suddenly getting something called "AdChoices." Leo says that AdChoices is by The Digital Advertising Alliance, and is a response to Ad Blockers. It lets users fine tune their ad preferences. Steve can go into his browser settings and turn off popups and redirects. Then he can clear out his browser cache.
Steve is having trouble with Google Chrome and Microsoft Edge. After about 2 minutes, both apps crash. Leo says that it could be malware infecting his browsers. But more likely there's a render driver that both browsers use which is causing the crash when he visits certain websites. Leo recommends doing a thorough scan using Windows Defender, and he should also run the Microsoft Malicious Software Removal Tool from the command line. To get to that, he can press the Windows Key and type MRT. Leo also suspects that Java is broken.
One of the ways you can easily protect yourself against malware and viruses is by running as a "Standard" or "Limited" user in Windows. When you run as administrator, programs can easily get full access to your system, including those that might be installed without your knowledge. But when you run as a standard user, you may run into an issue where a program won't run because it requires more permissions. An example of software that would require additional permissions would be a screen recording program. When this happens, you can elect to run that individual program as administrator.
The latest scam to hit the interwebs is an email saying that you've been hacked and spied upon, viewing porn online and unless you send thousands in Bitcoin, they will send the information to everyone you know. If an email plays upon your fear or strong emotions, don't fall for it!
Read more at krebsonsecurity.com.
Tom has a friend who gave a technician remote access after calling a number in a popup ad for his Echo. Leo says he fell victim to a scam and there's a good chance that his computer is infected with malware, a key logger, remote access trojans, the works. At this point, the only safe thing to do is backup the data, format the hard drive, and reinstall Windows from a known, safe source, then update. Only then can he be sure his computer is safe.
There's a hack on some websites that will make you think that your computer has frozen and you won't be able to get it back unless you call an 800 number and pay money. Leo says it's nonsense phishing scam. Control At Delete or Force Quit the browser. Everything will get back to normal.