Win98 SE Question

Discussion in 'Malware Help (A Specialist Will Reply)' started by bgunn, Nov 15, 2007.

  1. bgunn

    bgunn Private First Class

    Well... it would seem that I as well as a whole lot of people have been hit with this recent Trojan/Spyware/Virus thing. (Online Center/Live Update icons etc).

    I tried posting some the required items last weekend but did not finish the postings or procedures. So, for the past week, I have been dealing with the pain of this in various stages -- sometimes it flares up more than other times.

    Today, I finally broke down and called Norton and they have taken (remote) control to my system to try and fix the thing. So far it has been long and not easy.

    But I digress from the header... while most of the system here are WinXP we do have (3) system at the Win98 SE level. As of last night, all (3) Win98 systems started going bad... blue screen, not wanting to work right, etc.

    Could they now too be infected with this bug and if so would I follow the same outline MajorGeeks has put forth?
     
    bgunn, Nov 15, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you are referring to your Vundo problems mentioned in this thread:

    http://forums.majorgeeks.com/showthread.php?t=143216

    You should have just followed the instructions given and we could have easily cleaned you up and we could have done much faster and better than Symantec would have. In fact if they cleaned your XP system that you started posting logs for I would bet that there are still a load of infected files on it.

    Window 98 systems are much different from Win XP, 2K, and Vista type systems with regards to all infections especially Vundo infections. If you want us to help you we can but you will need to follow the instructions like TimW already gave you. To simplify things I will give you a link to a newer shorter version of the READ ME which is really what Tim was requesting in message # 2 of your older thread.

    Run this Read & RUN ME FIRST Before Asking for Support and attach all of the requested logs.

    While you will have to run the above on each infected PC, you will need to work each PC in a different thread to avoid everyone getting totally confused.
     
    chaslang, Nov 15, 2007
    #2
  3. bgunn

    bgunn Private First Class

    Chas:

    I know that you are probably right in everything you've said, but I was very frustrated and feeling very pinched as the system in question is a main system in our shop and I needed to get things resovled quickly. I have been watching the boards on this one and it seems that MANY have been hit by the same spyware -- any ideas who or from where?

    This morning when I got in... the system was going berzerk pop-ups right and left and then some.

    I did and still am kicking myself for going through Symantec but as I noted I was frustrated and still am... and you are right, there still seems to be some issues with that system. It is on selective startup and somethings are not running right.

    I hope over the course of a few days I can slowly work on each system and post the proper reports. I will do so in a manner that will not confuse.
     
    bgunn, Nov 15, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Vundo problems can come from many different places. It is not that easy to say exactly how you got it.

    I could pretty much guarantee you that they did not get all of the Vundo related files removed. If you just complete the procedure I gave you below for this one system, I can tell you rather quickly if you still have malware or not. This new procedure is much faster than the previous READ ME. Give it a quick run.

    Good! You can give each thread a system number or name which may also help you keep things straight on your end.
     
    chaslang, Nov 15, 2007
    #4
  5. bgunn

    bgunn Private First Class

    Chas:

    OK... I followed every step of the procedure list for Removing Malware on a WinSP system.

    I am not sure if everything is removed and all clear or not.
    I did have some problems running some of the programs due to the removal of RegEdit by Norton.

    CCleaner found/removed 4.76mb of items
    ComboFix was not able to run (missing RegEdit)
    SpyBot S&D found/fixed 35 problems
    AVG Anti-Spyware found 23 problems (removed 21/quarantined 2)
    MGTools was having many problems running its full program as RegEdit is missing and something dealing with a 16-bit issue.

    So... do you think things are good or what do you advise.
    Really need to get this system cleaned and running as it is very important here, also wondering if you think the other issues on other systems could be linked via Outlook inner-office email?

    How can I get RegEdit back onto my system?
    bgunn
     
    bgunn, Nov 17, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Norton would not remove regedit.exe.... that is unless it was infected. Please give the exact message you are seeing when running various tools. Sometime the message is that registry editing has been disable by the administrator. This is often cause by malware changing system policies.

    You need to attach all of the logs from things you did run. For example, you should still have a log from AVG Antispyware and MGtools would probably have created the MGlogs.zip file even if regedit.exe is missing. You also need to read the download page for MGtools again because it explains what to do if you get certain error messages like the one you mentioned (16 bit....). You should fix this error and then run the C:\MGtools\GetLogs.bat file by double clicking on it. This will rerun the scans and create a new MGlogs.zip file to attach. We are not going to get anywhere until you attach the logs.

    You should also search your PC for another copy of regedit.exe which could be used to replace regedit if it really is missing.
     
    chaslang, Nov 17, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds