August installed a Windows update, and now his computer won't shut down and all his restore points are gone. Leo says that's a bad sign. It's a dead giveaway that when system restore points disappear, malware is involved. One of the first things malware does is eliminate restore points.
Absolutely. It may cost about $15 for the upgrade, but any computer made from the last few years will be able to go up to Windows 8.
Bobby also just bought a "lifetime" subscription to Viper AntiVirus. Leo says that AVS companies are going lifetime subscriptions now to get the most money out of you since Windows 8 will ship with an AVS for free later this year, and most people won't buy a subscription ever again. But even so, $90 for three computers isn't too bad at all.
Leo says that something is taking up a great deal of RAM and it's causing the computer to labor hard and slow down. "Services" are just things running in the background. He can examine what services are running to get an idea of what's slowing down his computer by right clicking on "My Computer", then click "Manage", and click the "Services" tab. This will show him a list of all the services that are running. Windows may also be indexing the computer at bad times.
Josh is suspicious, and Leo says Josh should be. That's a scam designed to get you to click on a link to install malware on your system. Scammers can spoof anyone's email address to make it look like it's coming from somewhere else. Leo can guarantee that Josh is not getting an iPad from Google.
Don is noticing a lot of underlined and linked words that trigger pop-ups on his website. There are some sites that will underline keywords that trigger pop-up ads when the pointer moves on top of it. However, Leo says if he's seeing it on his own site, then it's malware and it's probably doing even worse. Leo says to make sure his OS (Windows 7) is updated regularly. It may have come with a download. Leo's opinion though is to back up his data, format the hard drive, and reinstall Windows. That's the only way he can be sure it's clean.
Windows has a complicated series of steps to open a link online. Leo also suspects that Malware is likely the issue and recommends using the Microsoft Malicious Software Removal Tool (Click Start, Run, and type "MRT") and then choose the thorough scan. He can also try MalwareBytes.org. If that comes up clean, and he has up-to-date antivirus, then the File Association Database may be corrupted. Fixing it is problematic and time consuming. It may be easier to backup his data, wipe the drive, and start over.
Leo says it could be as easy as going into your browser settings and change the homepage setting. If she changes that and it keeps coming back, then there's something running in the background that is running concurrently with her browser. She could try running System Restore, Malware Bytes, Windows Defender, etc. But at the end of the day, it's often best to just backup her data, reformat the hard drive, and reinstall Windows from a known, good source. Then install the latest Windows updates.
Leo says that Avast may be giving Bob a false positive, which isn't unlikely, especially with free AVS software. If he wants a free antivirus, he should dump Avast and go with Microsoft Security Essentials. He could also download Microsoft Windows Defender. He can even make a bootable USB key or CD and then run it independently to scan his entire hard drive.
Noah has Windows 7, and can't get rid of "Babylon Search". It's not quite a virus, but it's definitely malware. Leo says to Google it, and he'll be able to find an uninstaller. It's important to be careful about what he installs, he may have installed it along with another piece of software. Leo suggests always choosing "custom install".
Leo says that if Microsoft Security Essentials didn't find it, and Nod32 didn't see it either, chances are there isn't any malware on Matt's computer. He could have a browser hijacking object or a browser helping object.
Since it's doing it across more than one browser, it may be DNS Changer, which has changed Matt's DNS settings and is routing Matt's traffic elsewhere.
