Presentation on theme: "Virus Removal BB&C Case Study Roger Bailey Oct 2006."— Presentation transcript:
Virus Removal BB&C Case Study Roger Bailey Oct 2006
Case Study Father-in-law’s computer Used for , internet, letters, photos, taxes, financial etc. Early Pentium, Windows 98, Eudora, Telus high speed AVG installed in 2002, routinely updated Unknown attachments not opened Spoofing, phishing recognized
Virus Symptoms Called for help – computer acting funny Could not connect to internet or Default home page hijacked by Internet connections stalled by AVG Virus infection?
Analysis Suspected virus, trojan or worm Checked internet history –http:/qing.com visited –stopwar.org.uk visited just before Checked –Letter passed on by left wing nut grand- niece –“Click here to sign “Stop the War in Lebanon petition”” –link had been clicked. Spoofed URL?
Diagnosis Google “qing.com virus” Top hit: TRENDmicro:TRENDmicro Identified TROJ-BAGLE.BB Many TROJ-BAGLE variations One of many malware sites listed Many sites spoofed/infected, eg Al Gore
What is a Trojan? Viruses replicate and infect Trojans don’t replicate but are innocently invited in, like the Trojan Horse, to later open the gates to bring in the invaders Malware takes over your machine: –Disables defenses (antivirus, firewalls, etc) –Installs virus (osa3.gif), spyware, key stroke loggers, etc –Replicates and infects
Virus Removal Many tools available, usually for a price Manual instructions available: registry edits I trust Gisoft. Go to AVG free advisor Click “Downloads” and “Virus Removal” Download “Vcleaner”, save on floppy Startup infected computer in safe mode Run the remover to scan files and registry, detect and remove virus Shutdown and restart A Clean Machine! Magic, management or luck?
Conclusions A Clean Machine! Magic, management or luck? A mild infection, easily cured No serious or long term consequences AVG interaction limited infection? But now a new computer with more bells and whistles is not justified!