Infected PC running Windows 98 - Should i just give up?

Yes, try cleaning from safe mode, Windows can not delete a file in use. Do some reading here, there are no Nortons fans here. Expensive, yearly renewal and a cpu and memory hog. It works, but so do free alternatives like Zone Alarm and AVG Anti-Virus. I am a fan of formatting if you have data backed up or nothing you need because you can format in an hour and average complete system cleaning of spyware and viruses can take 3 hours. Your call.

If you format, read this thread:
http://forums.majorgeeks.com/showthread.php?t=44525
Good advice on preventing it from happening again.

If you want to try removing the infection start here:
http://forums.majorgeeks.com/showthread.php?t=35407

... and let us know!

 

If you decide you wish to remove the infection, after running the steps in th 35407 link MA gave to you, please do the following if you still have a problem.

Please download "StartDreck", from here: http://www.niksoft.at/_data/startdreck.zip

Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)

Please attach the log in this thread.

Then:
- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENTto your next message. (Do NOT copy/paste the log into your post).

 

We will have to boot to an MS DOS prompt to work on fixing this problem.
You should print or write these instuctions down because you will be offline and not running Windows while doing this. Please read thru all of the steps first and ask any questions you may have before beginning. Make sure you understand all steps before starting

Click Start and select Shutdown and in the Window that comes up choose the one that says Restart the computer in MD-DOS mode.

When it boots you will be at the command prompt (full screen) enter the below commands each followed by the enter key. Let me know if you have any problems or get any error messages during these steps (tell me the exact error message).

Now in command prompt window do the following:
cd C:\WINDOWS
attrib -s -h -r SNPSTZ2.INI
del SNPSTZ2.INI

cd C:\WINDOWS\SYSTEM
attrib -s -h -r DCAL.DLL
del DCAL.DLL

cd C:\WINDOWS\TEMP
attrib -s -h -r se.dll
del se.dll

win

After typing win and hitting enter your system will boot back to Windows. The very first thing you need to do after booting Windows is the following (make sure you do not run anything else):

Run HijackThis and select the following lines and then click FIX

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {C0277CA2-8202-450B-B97C-9E6C3FFC9052} - C:\WINDOWS\SYSTEM\DCAL.DLL
O18 - Filter: text/html - {C660CCE9-BD13-475D-A70A-5768C53454F0} - C:\WINDOWS\SYSTEM\DCAL.DLL
O18 - Filter: text/plain - {C660CCE9-BD13-475D-A70A-5768C53454F0} - C:\WINDOWS\SYSTEM\DCAL.DLL

After clicking Fix, exit HJT.

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Now reboot your PC again into normal mode and post a new HJT log. And tell us how things are working. And how all the steps went too. If the problems appears to have come back, also post a new StartDreck log.