George wants to know why he's getting weird text files being saved onto his desktop. Leo says it sounds like an app was written with debugging turned on, and when he uses that program, it saves the error messages to a text file. It's a harmless mistake left over by the developer. The trick is to figure out which app it is. George should check out Microsoft's Process Explorer. It should be able to help him track down what app it is. It's at Sysinternals.com.
WannaCry is ransomware that can lock up your data unless you pay the hacker who created it. WannaKiwi, however, finds the crypto key in your PCs RAM to undo the damage. It only seems to work about a third of the time, however. That's why Leo says to make sure you don't get it by altering your behavior, and by making sure you have current backups of your data should it happen. One thing you should never do is pay up, because you don't know if you'll get your data back, or if there's something even worse getting installed.
Grover has a popup that says to call Microsoft Support. Has he been bit by ransomware? Leo says no, probably not. It's a phishing attack, but it's to try and get him to call in and then they charge him and access his computer. It's Scareware, really. He can ignore it, but it keeps popping up and he has to reboot his system to get rid of it. He even replaced the hard drive, but it didn't help.
The latest ransomware attack is called WannaCry and it's spreading via phishing email attacks. The ransomware not only encrypts your data — it also has a built-in kill switch on websites. Security researchers may have crafted a fix to it, but there's a catch. The encryption is done using Microsoft's bit locker, and the fix is to take advantage of a flaw in the cryptographic memory that keeps the keys in RAM so it can harvest them and unlock your data.
Melinda says that after she turns on her computer and goes into her browser, it takes a really long time to get to Gmail, and it goes to her eBay and other accounts. She wonders if she got hacked. Leo says perhaps. That kind of behavior points to being hacked. Maybe someone has gotten physical access to the computer. Did she make an enemy?
Jim bought a pair of Samsung Galaxy S8 and the guy at the store said he doesn't need an antivirus app to protect it. Is that true? Leo says it is. Mobile phones don't really need that extra precaution, as long as he only gets his apps from Google Play Store. He should be careful what apps he gets, though, even then. Sometimes a junky app does get through. The benefit through Google Play is that if one gets through, they will remotely kill it.
Janet has a 2014 MacBook Air and she's got malware. Leo says it's very rare to get malware on the mac, so it's unlikely. Janet is getting redirected to other sites. That's a browser hijack, not a virus. It's malware, but it's browser level malware. The laptop has also died as a result. Leo says that hardware can die, especially a laptop that's being carried around. A MacBook Air may be more prone because it's so thin. It could also just be a bad logic board or diode on it. It's not related to the malware/browser hijack issue, though. It doesn't work that way.
Doug's in laws are getting popups in Chrome using Facebook that malware is on their machine asking them to download something. Leo says that is a fishing scam trying to get them to download and install something. Leo suspects that there is a malicious extension in Chrome that is causing it. Leo suggests resetting Chrome to wipe out everything. They'll have to reinstall the extensions, but it's the only way to be sure. They should go to Settings and search for Reset. That'll make it go away.