Bernie wants to know about antivirus. What does he need? Leo says that Microsoft's free version that comes with Windows will do the job just as good as any other, and it's free. But it can't stop zero day exploits. So his number one line of defense is his own behavior online.
David is trying to find an antivirus for Windows 7. Leo says that Microsoft's own Security Essentials (or Defender, depending on the version) is sufficient, and it's free. The problem is that viruses are usually coming out so fast (called zero day exploits) that you can get infected before the AntiVirus finds it and removes it. Then the viruses are often attached to a system file and it renders the computer unusable. Even security experts put antivirus low on the list of things to do to prevent infection.
David wants to know how malware effects reinstalling apps. Leo says that once he strips off the malware, he'll have to reinstall his apps. The only way to be sure that he's eliminated the malware is to backup his data, wipe his drive and reinstall Windows. How about an image of the drive? As long as he has a clean image, he could use that. If his computer has malware when he makes the image, he'll just restore the malware. Leo would wipe the drive, reinstall everything, update it all, and then make an image.
Imaging options include:
Ellen feels like she got ripped off by Microsoft. She got a popup saying she had a virus and listened to it, then paid $250 for support. Leo says that wasn't microsoft. That was a bad guy. Leo says it was a browser popup and they use that to phish for gullible people to sign up. Microsoft will never, ever do that. It's even worse, though. They likely got remote access and not only do they have her credit card, they have also likely installed more malware on the computer. At this point, Ellen should call the credit card company, reverse the charge and have her card number changed.
Jay noticed in OS X El Capitan that there's something called "proxies." What is that? Leo says that unless he's using a proxy server, he should ignore it. If it has been set and he didn't know it, it could be a security software thing. Or perhaps a VPN. Proxies are used so that he can link another computer to get online, or use a different service. If it bothers him, he should just turn it off and see if it affects anything else. It could also be malware.
Tim has a message popping up that asks which app to open a file with. It happens automatically and he doesn't know what file it is. Leo says that's disconcerting. Leo suspects AdWare or worse! There's something on his system that is running in the background and the antivirus can't kill it. He'll have to figure out what the app is that's starting up. He'll have to expect that his system has been compromised, though, and the only real way to be sure he's gotten rid of the malware is to backup his data, wipe his hard drive, and reinstall Windows.
Remember the legal battle that Apple fought against the US Government to prevent unlocking of the iPhone's encryption? The US Gov't ended up going to a third party company who had created a hack to do it. Now that hack is being used to unlock and peer into the mobile phones of dissidents and other undesirable elements that the government wants to keep tabs on. Even reporters. Leo says that Apple has pushed out a fix to block it, and everyone should install iOS 9.5.3 to stop it. Otherwise, you're vulnerable.
Lex uses Windows Defender, but he came across a thumb drive and wants to check it to see if it's safe to use. Leo says he really can't. If he plugs it in, and it's infected, it will compromise his system. Firmware can be modified on a thumb drive to contain malware as a payload, and it's undetectable. The worse part is not one USB drive manufacturer has done anything to correct the bug. Wired has a story on it.
Joe wants to know if Microsoft's antivirus can really do the job. Leo says it can, but he really doesn't need it if he's careful. He'll want to be sure he's updated everything -- OS, browser, Flash, etc. Microsoft Defender is a good thing to run, but nothing can completely protect him from his own online behavior.
Jim has a friend who's website has received a message that their website has been hacked. Is this warning legitimate? Leo says it probably is. Most managed providers offer that feature, but there's also independent monitoring services like Site Lock. They'll monitor his website, but they won't patch it. He'd need to have a service that goes through all of his code to make sure it's patched and nothing remains of the virus that may have infected it. Jim should check out Qualys. They monitor and repair the site should it get infected.