Re: Computer Security - Nov 12 Computer SIG Talk
- Further to Charlie's talk on Saturday, which I missed unfortunately. I
would like to relate a little problem that I was called on to fix Tuesday.
My golf buddy called to tell me he had received a message from Telus
telling him he was abusing the user agreement by transmitting spam.
I checked his computer, which is running Win XP. The OS is fully
updated, he has the latest version of Zone alarm, and as of Tuesday, the
latest version of AVG antivirus which was set to update at startup as
well as daily.
I found AVG disabled. Zone Alarm appeared OK and an on-line test stated
it was OK. It wasn't. What had happened was an new version of an old
worm had snuck in by way of an e-mail message from Korea. The culprit is
I-Worm Bagle.HZ. This worm is designed to knock out your antivirus
program and firewall. It also modifies a number of other files. It
then transmits its little message to the e-mail address list.
My first attempt to set things right was to simply restore to an earlier
date. It worked once. Further attempts failed. The virus was knocking
out the restore points. I had to manually remove the AVG and Zone Alarm
files as the uninstall executables would not work and the programs
would not load over the top of the old files. Once AVG was reloaded on
Thursday I updated the program and did a complete scan. I found 233
viruses scattered throughout the XP OS drive. There were also 90
damaged files that AVG was able to restore. Many of these virus files
were found in the restore files.
Fun and games. <G>
Charlie Hansen wrote:
> Hi All,http://www.afhs.ab.ca
> As requested at this morning's Computer SIG meeting, here is a list of
> the internet web sites that were on the PowerPoint slides that I used
> for my presentation about Computer Security.
> The programs and tests are all free or free to use for testing. Some of
> the programs will only work with Internet Explorer as they use
> Microsoft's ActiveX. I have inserted extra lines before and after each
> URL so hopefully the line formatting won't get messed up by transmission
> along the e-mail paths.
> Yours for safe computing,
> Firewall tests and more:
> Symantec (Norton) On-line security and virus detection tests:
> Kaspersky malware scanner; very thorough, but its deep scanning takes a
> long time. I had to leave it running overnight.
> URL for AVG antivirus program:
> URL for ZoneAlarm firewall:
> URL for Spybot Search and Destroy malware detector program:
> URL for Ad-Aware malware detector program:
> E-mail spam detector and classifier. My favorite is PopFile (tags over
> 99.9% of spam after training). Works with the rules or filters of your
> e-mail program move it to a spam folder or delete it:
> I use the above with Pegasus e-mail, free at:
> URL for Pitstop which offers several tests of PC performance and
> internet speed:
> Home page for PCWorld magazine. Check out "See all newsletters" on the
> left side of the page near the bottom, for free newsletters:
> PCWorld article on "The New Security War" with links to the items in
> the special November 2005 issue on Computer Security:
> URL to the CBC Marketplace item on identity theft (first of six pages).
> Consumer Reports articles; Scroll down to near the bottom centre of the
> page to antispam, antispyware and antivirus links under:
> "Computer hardware & software":