Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Skynet Trojan Infection [Moved]


  • Please log in to reply
4 replies to this topic

#1 LaneB

LaneB

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 13 November 2009 - 03:14 PM

I have a drive that is infected with Skynet Trojan which redirects web searches to other sites. I have a network and wonder if it is safe to copy files from the infected drive to another "clean" drive via the network. Will doing so infect the clean drive ? Currently I have removed the infected computer from my network but I have some files on the infected drive that I need to save and once that is done I am going to format the infected drive and reload software. What is the safest and simplest way to save the files ? Burn them to a cd, copy drive to drive or ??? Are the files burned to a CD clean ? How would I know or is there a way to inoculate the CD drive ? From my research it seems that it is easier to save what I need and format rather than try to eliminate the Skynet Trojan. I am running Windows XP Pro. Thanks to any and all for help.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,727 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:48 AM

Posted 13 November 2009 - 03:45 PM

I will preface these remarks...with the advisement that I am in no way a professional, a technician, or a malware expert. I'm just a person who learned a bit by owning/using various systems.

<>

If this were a single computer...that statement might be valid. But since the hard was/is in a system that is part of a network...any number of other systems on the network may also be infected...already.

<>

Think of it this way...your system/network got infected...through another connection which is a networked connection (the Internet). Unless you believe that all parts of your network are not equally protected...that is, you believe that some systems are better protected than others...I think your whole network is at risk until you prove otherwise.

Typically, the one caveat given to users who have infected systems/drives...is to ensure that the system/drive on the receiving end...is better protected than the infected drive/system obviously proved to be.

For me to suggest anything else...I would have to know a lot more about malware than I do.

You may want to visit the folks at BleepingComputer.com - Am I infected What do I do - http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/, they can undoubtedly provide suggestions which are better grounded in logic and experience than I do here.

<>

We are talking about data files, right? Any method will do, any method that removes them from the drive before you format. IMO, moving them is simple, to some burning DVDs would be simpler...some would use a flash drive, some would use an external drive.

<>

A CD merely reflects the file contents, it doesn't process them in any way other than making it possible for digital transmission. If you put infectious or infected files...on a CD/DVD...I suspect they would still be that way when they were run on a different system.

Flash drives get infected, floppies can transmit infections...I suspect that any user who played a CD that was intended to convey malware which could be activated on a system...would do just that.

Interesting reading (IMO): http://www.cryst.bbk.ac.uk/CCSG/antivirus/

<>

Not sure what you mean. The drive itself is not the potential vector, it's the media that could be the vector, IMO. As I said, I don't really know, but I'm sure that the link previously posted could enlighten you regarding that and other aspects of malware/infections.

Louis

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:48 AM

Posted 13 November 2009 - 04:50 PM

Hello LaneB,

I'm shifting this topic to the Am I Infected forum for you.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 LaneB

LaneB
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 13 November 2009 - 05:53 PM

I thank you for your response. My other computers on my network show no evidence of Skynet as I have had no redirection problems with the "clean" computers. I let a friend check his email on the infected machine and I am certain that is the cause as the problem started immediately thereafter. I pulled the infected machine out of service as soon as I recognized a problem and no network communications had taken place between any of the units at that point so I think I'm ok on the others. The only files I need to save from the infected drive are JPeg image files. I have myself backed up on all other critical data, etc EXCEPT for a few months worth of family photos. I would like to simply copy the files to a CD and be done with it but my concern is am I also passing the virus in doing so ? I'm the village idiot when it comes to virus and don't understand where or how they reside on a drive. Any clues if I'm safe just copying JPEG files ? Thanks again.

#5 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:48 AM

Posted 14 November 2009 - 10:25 PM

You should be OK copying jpegs
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users