Virus Removal BB - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Virus Removal BB

Description:

Go to AVG free advisor http://free.grisoft.com/freeweb.php/doc/2/ Click 'Downloads' and 'Virus Removal' Download 'Vcleaner', save on floppy ... – PowerPoint PPT presentation

Number of Views:102
Avg rating:3.0/5.0
Slides: 10
Provided by: ROGERB155
Category:
Tags: free | removal | virus

less

Transcript and Presenter's Notes

Title: Virus Removal BB


1
Virus Removal BBC Case Study
  • Roger Bailey
  • Oct 2006

2
Case Study
  • Father-in-laws computer
  • Used for e-mail, internet, letters, photos,
    taxes, financial etc.
  • Early Pentium, Windows 98, Eudora, Telus high
    speed
  • AVG installed in 2002, routinely updated
  • Unknown attachments not opened
  • Spoofing, phishing recognized

3
Virus Symptoms
  • Called for help computer acting funny
  • Could not connect to internet or email
  • Default home page hijacked by http/qing.com
  • Internet connections stalled by AVG
  • Virus infection?

4
Analysis
  • Suspected virus, trojan or worm
  • Checked internet history
  • http/qing.com visited
  • stopwar.org.uk visited just before
  • Checked email
  • Letter passed on by left wing nut grand-niece
  • Click here to sign Stop the War in Lebanon
    petition
  • link had been clicked. Spoofed URL?

5
Diagnosis
  • Google qing.com virus
  • Top hit TRENDmicro
  • Identified TROJ-BAGLE.BB
  • Many TROJ-BAGLE variations
  • One of many malware sites listed
    www.czwanBLOCKEDqing.com/osa4.gif
  • Many sites spoofed/infected, eg Al Gore

6
(No Transcript)
7
What is a Trojan?
  • Viruses replicate and infect
  • Trojans dont replicate but are innocently
    invited in, like the Trojan Horse, to later open
    the gates to bring in the invaders
  • Malware takes over your machine
  • Disables defenses (antivirus, firewalls, etc)
  • Installs virus (osa3.gif), spyware, key stroke
    loggers, etc
  • Replicates and infects

8
Virus Removal
  • Many tools available, usually for a price
  • Manual instructions available registry edits
  • I trust Gisoft. Go to AVG free advisor
    http//free.grisoft.com/freeweb.php/doc/2/
  • Click Downloads and Virus Removal
  • Download Vcleaner, save on floppy
  • Startup infected computer in safe mode
  • Run the remover to scan files and registry,
    detect and remove virus
  • Shutdown and restart
  • A Clean Machine! Magic, management or luck?

9
Conclusions
  • A Clean Machine!
  • Magic, management or luck?
  • A mild infection, easily cured
  • No serious or long term consequences
  • AVG interaction limited infection?

But now a new computer with more bells and
whistles is not justified!
Write a Comment
User Comments (0)
About PowerShow.com