Advice on possibly infected Win98 PC

theknifemac

Well-known member
Messages
340
Likes
0
Friends have an old Windows 98 PC which is no longer able to connect to the internet and is running a lot slower than normal. I've not yet seen the PC so don't have any idea what the problem is.

I am going round later to have a look. As their internet connection seems to have been badly affected I am going to cut a CD with AdAware, AntiVir, AVG Free, Spyware Blaster / Guard, Spybot S&D and attempt to run all these. Am hoping to get the PC to a state where I can run the checks at pcpitstop to see what is going on with the machine. Failing that it will be an OS re-install, luckily they don't have any information on the PC that they must keep.

Any other thoughts or advice ? It sounds as if they can connect to the internet, but it keeps 'disconnecting'.

Cheers

Stew
 
theknifemac said:
Thanks for that, will let you know how I get on. Seem to be hearing of a lot more infections over the last couple of months.

Stew

Oh well that was a lot of fun and games. Not seen a PC with so many trojans and browser exploits before. Cleaning it up was complicated by the number of processes started up automatically (mainly trojans etc) which meant by the time you connected to the internet there were insufficient resources to browse the web (the PC has only 128M of ram).

AdAware at first found a lot of nasties but kept hanging while quarantining / deleting the selection. Ran Spybot SD and Spyware Blaster which restored IE to my control, then was able to run AdAware successfully. Was interesting seeing how entries for items I had removed from the startup list and deleted kept being added back in to the startup list (tho WinPatrol let me block this). Some of these trojan writers are pretty clever.

Almost download a removal tool for the Peper Trojan but luckily found that carries a suspect payload itself. Googles for that trojan come up with the top two sites pointing to the same utility which is worrying.

Also found Bazooka from http://www.kephyr.com/ which picked up a few things not spotted by the other tools. It doesn't actually remove anything, but has links to suggestions on how to carry out the cleanup manually.

Cheers

Stew
 
undefined
theknifemac said:
Oh well that was a lot of fun and games. Not seen a PC with so many trojans and browser exploits before. Cleaning it up was complicated by the number of processes started up automatically (mainly trojans etc) which meant by the time you connected to the internet there were insufficient resources to browse the web (the PC has only 128M of ram).

AdAware at first found a lot of nasties but kept hanging while quarantining / deleting the selection. Ran Spybot SD and Spyware Blaster which restored IE to my control, then was able to run AdAware successfully. Was interesting seeing how entries for items I had removed from the startup list and deleted kept being added back in to the startup list (tho WinPatrol let me block this). Some of these trojan writers are pretty clever.

Almost download a removal tool for the Peper Trojan but luckily found that carries a suspect payload itself. Googles for that trojan come up with the top two sites pointing to the same utility which is worrying.

Also found Bazooka from http://www.kephyr.com/ which picked up a few things not spotted by the other tools. It doesn't actually remove anything, but has links to suggestions on how to carry out the cleanup manually.

Cheers

Stew
Hi Stew,
Having been recently had a very bad experience with a virus which resulted in me having to reinstall my OS, and losing a massive amount of valuable data, I now take this subject of Computer Security much more seriously.
Providing you can actually get the PC online, you may want to take a look at :-

http://housecall.trendmicro.com/housecall/start_corp.asp

I use this at least once a week.

Regards....
 
fluorspar said:
undefined
Hi Stew,
Having been recently had a very bad experience with a virus which resulted in me having to reinstall my OS, and losing a massive amount of valuable data, I now take this subject of Computer Security much more seriously.
Providing you can actually get the PC online, you may want to take a look at :-

http://housecall.trendmicro.com/housecall/start_corp.asp

I use this at least once a week.

Regards....

Funnily enough I didn't find any viruses as such on the machine, only spyware, trojans and browser hijacks by the bucketload. My friend had already installed an AV product which didn't pick anything up. I installed a few more and they also didn't find anything.

I recommend everyone adds Spybot S&D, Spyware Blaster and Guard, Bazooka and AdAware to their toolkit. Plus a couple of AV Tools from AntiVir, AVG, Norton etc etc.

Stew
 
Top