Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smitfraud, Quicknavigate, Virtual Maid Question


  • Please log in to reply
1 reply to this topic

#1 edphi999999999

edphi999999999

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 11 July 2005 - 08:42 PM

=> This email is being sent from a 'clean' PC, while I determine whether it is advisable to allow my infected PC to access the Internet, to retrieve cleanup programs. My question: Should I access the Net with my infected PC, to accomplish the cleanup, and risk further contamination, or should I download the necessary cleanup files to a clean PC and transfer them to the infected PC by removable media?
=> My PC is a Dell Dimension R450 running Windows 98 and my Internet connection is by dialup. While Internet surfing, this PC became infected by Smitfraud.c, probably immediately before I disconnected from the Net. The slow connection speed may have prevented download of Security IGuard, Virtual Maid, Search Maid, and PSGuard, as none of these programs appear in my 'Add/Delete Programs' control panel.
=> When I boot my PC, the "Security Warning" banner described in your discussion "How to remove the Smitfraud / Quicknavigate / VirtualMaid, Self-Help Guide" appears on my screen, and popup banners inform me that a download will take place within 60 seconds. To prevent further problems, I close these banners and do not allow my PC to access the Internet.
=> After infection, I tried installing TrendMicro Internet Security 2005. However, the program crashes whenever I try to do manual scans, etc. At this time, it appears that my PC has no functioning Antivirus program or Firewall.
=> I would like to follow the cleanup procedure described in the self-help guide, but I am uncertain about a few things related to the procedure:
1) Is it advisable to download the cleanup programs, etc. listed in the self-help guide to a clean PC (to prevent further infection), or is it better to simply do all the work (including downloads) on the infected PC?
2) If it is advisable to do all the work on the infected PC, are there any precautions I can take to avoid undesired file transfers (No Firewall!)
3) Is there any reason why I would not want to back up data (eg, to an external hard drive) before undertaking the cleanup procedure?
Thank you.

BC AdBot (Login to Remove)

 


m

#2 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:08:33 PM

Posted 11 July 2005 - 08:56 PM

:thumbsup: It's kind of a sinking feeling when you realize your system is in that bad of shape, isn't it. :flowers:

You are pretty much as infected on that system as you can possibly get, soI don't see much danger in allowing it to access the Internet. It will make things easier on you. The downside is that you may possibly download more garbage. In the overall scheme of things, it won't really make a difference, because the fixes are designed with those secondary infections in mind. I guess it's not a question of better, it's just not really going to make a difference.

The junk you have on your system is only one way, meaning it is only coming to you. You will not be endangering anybody else. There is also no reason to not back up your data, as long as your backups are only documents, pictures, or music files. None of what you have will infect those. You do not want to back up any executables at all.

Another thing you may want to consider is that if your system is as comprimised as you say it is, then even after your system is cleaned, it will probably be unstable. I'd give you about even odds on that.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users