Windows 98 has 2 viruses

Reply

  #1  
Old 09-30-02, 10:14 AM
George-911
Visiting Guest
Posts: n/a
Windows 98 has 2 viruses

I am running Windows 98,and I have 2 viruses,need help getting them off my computer!!!!!! The name of of them are TROJAN HORSE and the other one is [email protected]? Ihave norton antivirus running on my P.C. but it will not remove them!!!
 
Sponsored Links
  #2  
Old 09-30-02, 11:27 AM
Todd B
Visiting Guest
Posts: n/a
Post

Try a program called Pest Patrol... http://www.pestpatrol.com

There is a free download available.

Good Luck... sometimes a reformating is best though... Never know what the Trojan has already done!

ToddB
 
  #3  
Old 10-01-02, 04:22 AM
Member
Join Date: Dec 1999
Location: United States
Posts: 2,535
Received 0 Votes on 0 Posts
here's the rub....

Trojan Horse is not a virus itself but a class (type) of virus. The only trojan horses my pc has picked up has originated with AOL and infect my pc when my kids IM with someone on AOL.

One reason I quit using AOL years ago was that their code is proprietory and they only allow one (count 'em - ONE) anti-virus software company enough access to remove trojan horses.

If Norton has identified the offending files, then delete them manually.
 
  #4  
Old 10-01-02, 07:45 AM
bigmike
Visiting Guest
Posts: n/a
Cool Format...

Format and start from clean install. DO NOT try to save anything like email etc.!
 
  #5  
Old 10-04-02, 07:41 PM
Davejb's Avatar
Member
Join Date: May 2002
Location: USA
Posts: 806
Received 0 Votes on 0 Posts
Re: Format...

Originally posted by bigmike
Format and start from clean install. DO NOT try to save anything like email etc.!
That's a bit extreme.
Go to Symantec's website, they have step by step instructions on how to remove almost all virus' from your system.
 
  #6  
Old 10-04-02, 11:03 PM
bigmike
Visiting Guest
Posts: n/a
Cool Format...

Correct me if Iím wrong but when a Trojan or virus hits the system the virus protection people come up with a cure, sometimes this could be deletion of the virus or parts thereof right? Thatís how virus software works, it keeps a footprint of some type of the virus to be able to say not to accept the same virus again. Any virus protection software I have seen works AFTER the offending file has been installed. Every single program leaves a footprint that in some cases may not be able to be removed because it embeds itself into the OS like IE.x or AOL and Yahoo does. Therefore, in my opinion and slight experience the ONLY way to completely remove a virus or Trojan in I believe 90% of the cases is to format. And even then, I have seen viruses that insinuate itself so deep that even deleting the MBR of the drive still doesnít remove the virus. So talk to meÖ
 
  #7  
Old 10-05-02, 06:51 AM
jmiddleton
Visiting Guest
Posts: n/a
If Norton detected the viruses it is protecting your computer properly and they won't spread beyond the currently infected files if you observe reasonable precautions.

Not all viruses can be cleaned so most virus programs offer additional options to quarantine or delete infected files. Quarantine files with valuable data - the next version of the antivirus program might be able to clean it. Delete any other infected file and be sure to empty your recycle bin.

New viruses are introduced daily and antivirus companies have had limited success with heuristic algorithms so it's best to keep your signature files up to date. Once a week is reasonable if you connect by dialup. Once a day is reasonable if you have a permanent broadband connection. In addition to the new signature files you need to scan your hard drive on a regular basis. Most anti-virus software tends to schedule these scans for the wee hours of the morning - which only works if the machine is left running overnight. Make sure your hard drive is scanned at least once a week.

If a virus does get past your defenses and infects the system it will usually try to disable any resident antivirus software and prevent the installation of additional antivirus software. In this case you have 3 options. First, the emergency boot diskette most antivirus programs will let you create (but very few people ever do). Booting off the floppy will prevent the virus from loading into memory and a dos mode scanner (i.e. McAfee scan.exe) can be used to disinfect the drive as long as the signature files (which are much too big to fit on a floppy these days) are not corrupt. A second option is to physically remove the infected hard drive from the system and install it as a slave drive in another machine. Now the antivirus software installed on the second machine can be used to disinfect the drive. Most computer stores will do this for you for the cost of an hour's labor. A reasonable price if you have valuable data on the drive or a lot of applications you don't want to reinstall. The final option is to clean install Windows. You don't have to reformat - you can install Windows in a different directory so it doesn't use the old registry - but reformatting is the best choice and may be the only choice if you have a brand name machine with a recovery CD instead of a "real" copy of Windows. Even this may not be enough to get rid of a boot sector virus. You'll need to recreate the master boot record (fdisk /mbr) before formatting.

Trojans aren't viruses in the normal sense of the word. They rarely cause any damage to files on your machine. What they do is open a port in your TCP/IP stack that allows an outsider to access your machine from the Internet. Typically people do this because it lets them send spam, mount a denial of service attack or indulge in some other illegal activity anonymously. In addition to your virus scanner, you will also need a firewall to properly protect from trojans. Good firewalls are available free of charge from www.zonealarm.com and www.kerio.com.
 
  #8  
Old 10-05-02, 07:10 AM
bigmike
Visiting Guest
Posts: n/a
Cool ???

That's the way I read it, Thank you. So in essence a clean install and to do a clean install formatting and /mbr could be considered the safest route but then again quarantining it will work. However, what happens, and I donít think this has, but like a two-part virus would attack, since the first part of the virus would be there when the second arrives it reactivates the original causing more problems. Never heard of this just an hypothesis... Wouldn't it be prudent to re-install Windoze? Taking the drive to another computer is also a good idea, had never considered that...
 
  #9  
Old 10-05-02, 07:54 AM
Davejb's Avatar
Member
Join Date: May 2002
Location: USA
Posts: 806
Received 0 Votes on 0 Posts
I'll admit that on some occasions it is necessary for a wipe and reload, but as a last resort. Symantec has a great support site with step by step instruction on how to remove most virus' and I use it on customers machines, definetly something I would try first before a full reload.
 
  #10  
Old 10-05-02, 01:00 PM
jmiddleton
Visiting Guest
Posts: n/a
The decision to format and reload will depend on your situation. It can be a major undertaking if you have valuable data that hasn't been backed up or if you have a lot of applications that would need to be reinstalled. If, on the other hand, the drive contains nothing of value, most versions of Windows can be reloaded in a half an hour and, if you're running 9x, you'll probably end up with a faster and more stable system.

If you simply have an infected file on your hard drive the on-line scanners will work, so will updating the signatures for whatever scanner you have on your PC. If you don't have an antivirus program you can get a good free one from www.grisoft.com. If the virus has infected your operating system it might not allow you to run a scan - it depends on what payload the virus is carrying. Some, like SirCam are easily removed with a simple registry edit and on-line knowledgebases like those provided by Symantec, McAfee and Trend will tell you how to do it. Others dig their hooks into the operating system and are impossible to remove while the infected operating system is running. You either have to boot from a floppy or attach the drive to another machine to disinfect. Best to avoid the problem by installing a good quality scanner and keeping the signature files up to date.

The closest thing I've seen to a 2 part virus would be a trojan. Where the trojan itself is part 1 and the person who exploits the opening created by the trojan is part 2. The best defense is a good firewall in addition to an up to date virus scanner and it doesn't hurt to make sure you have installed all the security patches available for your OS (http://windowsupdate.microsoft.com). Most hackers exploit well known vulnerabilities that have patches available but victims simply haven't installed them.
 
Reply

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
Display Modes
 
Ask a Question
Question Title:
Description:
Your question will be posted in: