1 / 9

Virus Removal BB&C Case Study

This case study explores the virus removal process of Roger Bailey's computer, which was infected with the TROJ-BAGLE.BB virus. The study discusses the symptoms, diagnosis, and removal process, highlighting the importance of antivirus software and safe internet practices.

blancal
Download Presentation

Virus Removal BB&C Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Virus RemovalBB&C Case Study Roger Bailey Oct 2006

  2. Case Study • Father-in-law’s computer • Used for e-mail, internet, letters, photos, taxes, financial etc. • Early Pentium, Windows 98, Eudora, Telus high speed • AVG installed in 2002, routinely updated • Unknown attachments not opened • Spoofing, phishing recognized

  3. Virus Symptoms • Called for help – computer acting funny • Could not connect to internet or email • Default home page hijacked by http:/qing.com • Internet connections stalled by AVG • Virus infection?

  4. Analysis • Suspected virus, trojan or worm • Checked internet history • http:/qing.com visited • stopwar.org.uk visited just before • Checked email • Letter passed on by left wing nut grand-niece • “Click here to sign “Stop the War in Lebanon petition”” • link had been clicked. Spoofed URL?

  5. Diagnosis • Google “qing.com virus” • Top hit: TRENDmicro: • Identified TROJ-BAGLE.BB • Many TROJ-BAGLE variations • One of many malware sites listed www.czwan{BLOCKED}qing.com/osa4.gif • Many sites spoofed/infected, eg Al Gore

  6. What is a Trojan? • Viruses replicate and infect • Trojans don’t replicate but are innocently invited in, like the Trojan Horse, to later open the gates to bring in the invaders • Malware takes over your machine: • Disables defenses (antivirus, firewalls, etc) • Installs virus (osa3.gif), spyware, key stroke loggers, etc • Replicates and infects

  7. Virus Removal • Many tools available, usually for a price • Manual instructions available: registry edits • I trust Gisoft. Go to AVG free advisor http://free.grisoft.com/freeweb.php/doc/2/ • Click “Downloads” and “Virus Removal” • Download “Vcleaner”, save on floppy • Startup infected computer in safe mode • Run the remover to scan files and registry, detect and remove virus • Shutdown and restart • A Clean Machine! Magic, management or luck?

  8. Conclusions • A Clean Machine! • Magic, management or luck? • A mild infection, easily cured • No serious or long term consequences • AVG interaction limited infection? But now a new computer with more bells and whistles is not justified!

More Related