Greater Lafayette Information Technology Society

Join the mailing list!
February 21, 2012
Bob Verplank

Malware

The last Meeting of the greater Lafayette information technology society was on 21 February 2012. We had 24 of our members in attendance to hear a panel speak on the subject of Malware. The panelists included Scott Brunton, Joe Poremski, Jason Rubsam, and Steve Jones moderated by Bill Ooms.

Scott led off the discussion by saying that it was his feeling that there had been a substantial drop in malware with the advent of Windows 7. He said that when he set out to clean up the computer he typically started with Rkill, then used malware bites and then installed an antivirus called AV eset.

Joe Poremski relayed the story of how one customer had purchased from the Internet an antivirus, cleaned off 32 viruses, and then paid for the antivirus 69.95. He had advised them to get a LifeLock on their credit card and prepare to do battle to keep away from identity theft. He suggested that if one had not made serious headway in cleaning the computer in about 20 minutes, then perhaps it was best to wipe the computer hard drive clean and start over. The total time would be less.

Steve Jones reiterated the fact that he seems to have less malware with the advent of Windows 7. This was particularly true after January 2012. He passed out some sheets that indicated that the use of a barracuda spam filter was particularly effective in the prevention of malware. His statistics were impressive.

Jason Rubsam stated that he had an increase of malware in mid December and a drop since then. He stated several instances where computers that were completely wiped and had a reoccurrence of malware due to the fact that the malware was on the boot sector of the computer and therefore not completely wiped out. He too, used a combination of tools including Rkill and malware bites. He also stated that he had found some evidence that the infections of malware could sometimes be traced to the Java cache.

The questions and answers flowed freely as to both cause, prevention, and cure. Some infections had taken place while reading ads on the local newspaper, the Journal and Courier. The question was did the malware come from the ad or just use the opening of the ad as a time to climb in. It was suggested that users avoid cashing in on free airline passes, lost FedEx tracking numbers, and things they came free on the Internet. Jason indicated that many times you could hover over a site and determine whether the site was going to take you to the correct location or a fictitious one. He also indicated that if you had a problem you can always call the sender of the e-mail and ask if it was real. Several parties indicated that they got what was an apparent good e-mail from a financial institution with some fake boxes added to it that requested your Social Security number.

The question was asked, which was the safest web browser? Jason thought the answer seemed to be Firefox particularly with an add-in of an add blocker. Scott Brunton thought that Google Chrome was safer than Internet Explorer. Others thought that the newer forms of Internet Explorer were safer than before. A question was asked had anyone seen malware spread over a network. The answer was very infrequently. Steve Jones talked about a department of the FBI who prosecuted a man who had taken over more than 4.2 million computers and was eventually brought to justice.

Users were cautioned to use good work habits and avoid e-mails from long-lost or deceased parties. Another subject that one should avoid on the Internet is discussions about 401K's. One large computer company really discouraged its employees from surfing the Internet on company time and company computers. They even had an extra computer that employees could use during breaks or offtimes to surf the Internet, buy items of interest, and other personal computer activities that seemed to be the focus of many malware intrusions. It was thought that there could be problems from malware infections even on the cloud. Another topic of interest was the saving of files from a computer about to be wiped and the reinstallation of those files after Windows had been rewritten and whether those files could introduce a version of malware of their own volition. The consensus was yes, it could and has occurred

Due to a scheduling glitch, the meeting was held in the bar, with the smiling teeth, and short of the fact that no one could inflict a PowerPoint on the group, all went well.

We look forward to the executive committee’s next program selection on March 20th, 2012