malware

Why am I getting popups to run Windows Installer?

Michele from Rapid City, SD

Episode 1083

Michele accidentally clicked on an ad and now she keeps getting pop ups to download "Windows updater." Leo says that's malware and to avoid it. Leo also thinks that Michele hasn't gotten a virus just yet. But since she clicked on the ad, there may be a cookie there that keeps bringing it up. Leo advises running MalwareBytes, but she should only download it from http://www.malwarebytes.org/. There are bad versions out there that are designed to confuse people. Always download software from the original designer.

What is "Windows Version Installer" that keeps popping up?

Patricia from California

Episode 1078

Patricia got a new Dell computer since her XP machine was getting really old. She's finding it challenging to learn. She has Microsoft Security Essentials on it, but she keeps getting something called "Windows Version Installer" that's popping up. Leo suspects it's just Windows installer wanting to run an update, and should be OK. She says it won't stop popping up, though. Leo says Patricia is right in her instinct to be concerned, but it seems a normal request to update the Windows installer.

How can I protect myself from a keystroke logger?

Jose from New Orleans, LA

Episode 1076

Jose wants to know about keystroke loggers. He's concerned that his passwords would get recorded if he pasted them in. Leo says they probably wouldn't. They tend to focus on keyboard strokes. Leo says that keystroke loggers are only put on computers of specific people that are being targeted. They are too much work to be a mass virus attack. Just practice safe computing with these tips:

How do I get rid of Search Conduit?

Brian from Fountain Valley, CA

Episode 1074

Brian downloaded DropBox from Download.com and now he's stuck with Search Conduit. This is adware, and it's not technically malware. Leo believes that it is, though, because even though it asks the user to install, it isn't very clear. Leo says he wishes CNet/CBS Interactive would stop doing this with wrappers that install adware. Search Conduit even schedules itself in Windows to reinstall after it's removed. The fact that Brian has other symptoms in addition to this makes it sound like Brian has more malware as well.

What could have used up 20GB of my data plan overnight?

Episode 1074

Bob from Los Angeles, CA
Verizon Jetpack LTE Mobile Hotspot

Bob has been getting warnings that he's "overdrawn" on his MiFi data plan and wants to know if he's been struck by the Heartbleed virus. Leo says no. Heartbleed attacks servers, not mobile devices. More likely, Bob has an app that is active and downloading everything. Someone may have also commandeered the system and is using it.

'Heartbleed' Flaw in OpenSSL Exposes Passwords on Many Popular Websites

Episode 1074

OpenSSL is a widely used protocol for providing secure internet traffic. The "Heartbleed" bug takes advantage of a hole in OpenSSL to peer into the memory of SSL servers. It can allow a hacker to ping 64K of random memory repeatedly, thereby allowing them to glean usernames and passwords, and even fake a server certificate.

How can I get rid of the FBI virus?

Marie from Whittier, CA

Episode 1073

Marie got the FBI Virus Scam popup that has locked up her computer. Leo says it's highly customizable by the hacker who sends it out and in Marie's case, it demands she call to address the issue. So Leo thinks that it may be an offshoot of the cyrpto locker virus. Or just a malicious website. Regardless, her system has been compromised. The only real way to handle it is to backup her data, wipe the drive and reinstall Windows from a known, good source. She can also run the system restore discs, then update the OS completely.

Why am I unable to update Windows? Do I have a virus?

Mike from Lake Forest, CA

Episode 1072

Mike says his daughter's computer has a virus, and now he can't run Windows update. She was downloading music. Leo wonders what the symptoms were that led Mike to believe he had a virus. It could be a bad sector on a hard drive. Leo advises scanning with an online antivirus checker. Leo also suggests running Microsoft's Malicious Software Removal Tool. Click on "Start," then select "Run,", type "MRT" and hit enter. He should choose to do a thorough scan. He can also try MalwareBytes.org.