For Win 9x systems, a quick & easy test to see if the system might be infected is:
- Start
- Run
- enter chkdsk
The results near the bottom should be 655,360 total bytes memory. If it is any different there is a possibility that the system is infected.
Discussion on:
View:
Show:
in win 98se if the usb support is enabled in bios the count will be lower 653320.. this is also an older virus count... so need to know what is enabled on the system
on what drivers/environment variables/command interpreter you have installed...
For example, you may need to load codepage for your language, set COMSPEC etc...
But - if you really care to remember or log what you are doing - you'll realize thatsomething changed just at once...
For example, you may need to load codepage for your language, set COMSPEC etc...
But - if you really care to remember or log what you are doing - you'll realize thatsomething changed just at once...
This method may prove helpful in Win9x, however does this method work in XP? If not, then is there a method available as simplistic in execution.
I agree with the list - but you could of done added a little humor with it. Because most of these are caused by SEUP (Stupid End-User Practices)or lack of education by the company.
Could of worded it more like Jeff Foxworthy's - "You Mite Be a Redneck" - slogans.
If you open a message that has an attachment called "Virus.vbx" you mite be a ???
If you shut down your antivirus software because an email said to you mite be a ????
Don't know a good name for someone - that stupid with all the information available.
Could of worded it more like Jeff Foxworthy's - "You Mite Be a Redneck" - slogans.
If you open a message that has an attachment called "Virus.vbx" you mite be a ???
If you shut down your antivirus software because an email said to you mite be a ????
Don't know a good name for someone - that stupid with all the information available.
You have a point, you "might" want to get a hat to fit it.
Someone who pokes around a technical support site and criticizes the article, should at least understand basic grammar. I figured you must be foreign due to the grammar used throughout your post. After looking at your profile, your American ?!? Mite - a little insect (kinda like a flea or tick).
Have a good flea bath, pick up your old English books (they're probably brand new)and try it in a few years.
As for TR, you guys have a valid point (no you don't need a hat), many people who get hammered with a virus don't realize it and call me saying "my computer is a pile of @%$#" until I discover some virus or trojan buried deep within.
There's nothing "Funny" about damaging anunsuspecting users computer, they can be quite expensive even when dealing with low-end retail PC's.
Now, Jeff Foxworthy, he's funny !
Someone who pokes around a technical support site and criticizes the article, should at least understand basic grammar. I figured you must be foreign due to the grammar used throughout your post. After looking at your profile, your American ?!? Mite - a little insect (kinda like a flea or tick).
Have a good flea bath, pick up your old English books (they're probably brand new)and try it in a few years.
As for TR, you guys have a valid point (no you don't need a hat), many people who get hammered with a virus don't realize it and call me saying "my computer is a pile of @%$#" until I discover some virus or trojan buried deep within.
There's nothing "Funny" about damaging anunsuspecting users computer, they can be quite expensive even when dealing with low-end retail PC's.
Now, Jeff Foxworthy, he's funny !
OH the god of grammar and spelling - forgive us techies for we can not spell or use the english grammar correctly - to satisfy those snoby snotty ******* bastards that look for an "a" miss used or a erorr in spelling. Who must show they are the greatest in the world at spelling and grammar to show they know more than the average person. That they can feel superior over their fellow person ... Oh yes almighty gods of spelling and grammar - forgive those of us that sin against your - power of theword - In Short Kiss the south end of a north bound horse - you elites *******...
Ah, yes! Another fanatic who bows to the god of illiteracy! You're all the same. When confronted with your grammatical deficiencies you resort to verbal abuse, which only serves to reveal your personal deficiencies.
You are foolish.
MP
You are foolish.
MP
This is a forum - not a spelling or gramar graded area. People post quick fast notes - to express an idea of the topic being discussed. It is the elitest that must point out that a person has spelled something incorrectly or used a too instead of a to or two.
Forums are place that is for the fast free expression of ideas and thoughts. Now for the elitests - they could start their own forum where you have to use correct grammar - and spelling and the proper format of the English language. Butthis is a technical area and quick and fast expressions are appreciated - now if you want to correct someones spelling and grammar become a volunteer at your local school - or start a free course in your area - do just complain about things get off your fat butt and do something..
Gee - AINT AMERICAN THE GREATEST - Gee - A Bs degree, 20 credits on Ms, CNE certs - and that doesn't count because your dislexic - hum - I guess these elitests never make mistakes - never spell anything wrong - Oh yea - thats right - they are one of the great gods that we all should show our moon to ( | ) - and kiss me ...
Forums are place that is for the fast free expression of ideas and thoughts. Now for the elitests - they could start their own forum where you have to use correct grammar - and spelling and the proper format of the English language. Butthis is a technical area and quick and fast expressions are appreciated - now if you want to correct someones spelling and grammar become a volunteer at your local school - or start a free course in your area - do just complain about things get off your fat butt and do something..
Gee - AINT AMERICAN THE GREATEST - Gee - A Bs degree, 20 credits on Ms, CNE certs - and that doesn't count because your dislexic - hum - I guess these elitests never make mistakes - never spell anything wrong - Oh yea - thats right - they are one of the great gods that we all should show our moon to ( | ) - and kiss me ...
Grammar and spelling help Too make kommunikashun more effektiff. Well, at least for thse who have at least basic literacy skills. Don't try to hide behind your alleged technicality - even techs need to be able to communicate and be understood!
I could not agree more with JimHM, my English is not too good, but i will try to express my thought as much as I can.
Please do not de-motivate people who don't use english as his/her first language.
Regards
Please do not de-motivate people who don't use english as his/her first language.
Regards
You sound like a paper Cert type person ay - Look Mikie, someday you will learn that intelligance and spelling don't go hand in hand. Someone a long time ago that came up with E=MC2 and a few other very advanced ideas. Couldn't tie his shoes, didn'tshave and couldn't spell. If I remember correctly he was dislexic also.
But I guess you would of called him - in your elitest way - "fanatic who bows to the god of illiteracy" - Ay..
Well - someday you will get an education and I hope its soon. Oh do you also pick on people with physical handicaps - missing a leg or arm.. pointing out.. hum ... must be nice to sit that high up in your elitest tree and point out the short comeings of your fellow humans...
But I guess you would of called him - in your elitest way - "fanatic who bows to the god of illiteracy" - Ay..
Well - someday you will get an education and I hope its soon. Oh do you also pick on people with physical handicaps - missing a leg or arm.. pointing out.. hum ... must be nice to sit that high up in your elitest tree and point out the short comeings of your fellow humans...
Nobody expects quickly written posts to be spelled correctly. You have completely missed what I was getting at and are ranting and raving like a typical American. Eh?
The purpose of your first post was merely to shoot down someone's attempt at offering you a solution (FOR FREE) to a global and NOT funny problem that destroys people's lives and businesses.
Your point was directed to make users look like idiots for not understanding obscure file extensions. I notice that in your bio that youhave many certifications and achievements and therefore find it amusing that someone might not understand what a vbs acript can do.
I find it amusing that even though you can't spell to save your life, you still find a way to laugh at others.
As an "expert" tech, you must understand that like dislexia some people just cannot get their head around PC functions. Oh, by the way, your spelling isn't that bad at all, it is your use of improper syntax and using alternate spellings of the words you intend to use that are so funny.
May the world laugh at you in your every day life and belittle you the way you deserve.
I say, good day ! LOL
The purpose of your first post was merely to shoot down someone's attempt at offering you a solution (FOR FREE) to a global and NOT funny problem that destroys people's lives and businesses.
Your point was directed to make users look like idiots for not understanding obscure file extensions. I notice that in your bio that youhave many certifications and achievements and therefore find it amusing that someone might not understand what a vbs acript can do.
I find it amusing that even though you can't spell to save your life, you still find a way to laugh at others.
As an "expert" tech, you must understand that like dislexia some people just cannot get their head around PC functions. Oh, by the way, your spelling isn't that bad at all, it is your use of improper syntax and using alternate spellings of the words you intend to use that are so funny.
May the world laugh at you in your every day life and belittle you the way you deserve.
I say, good day ! LOL
Not too worry mate, I don't care for your spelling mistakes, but however I do care for the point at hand, and that is to focus on the topic, actually this site is a TECH site so we are not here to see who can spell or not, a bit childish in my view that some people point out minor details as spelling. We are all adults, so act that way please. Topic: "virusus"
I usually don't reply to posts where people belittle people for whatever reason. However, I do want to point out that spelling and grammar are important where appropriate. Contributing or direct factors to many accidents (a recent Jupiter spaceprobe) (or software glitches) occur because of spelling or grammatical errors. The written language with the proper spelling/grammar) is used to promote communication between people by conveying ideas, facts, and thoughts. There are numerous examples (even on this forum) where poor spelling makes it hard to understand what the individual is asking. The proper thing to do is reply to that person and ASK questions to comprehend what they are asking. English is not the easiest language to learn or understand especially to people from other countries so we "Americans" should cut some slack where this situation is the case. I detected the tone from this forum and others that Americans are poor spellers; maybe so, but you cannot tell me that there areno poor spellers/grammaticists in other countries! Second, yes, this is a technical forum and most people respond in a fast manner; however, we should all take the time to read what we have written and try to picture someone else trying to comprehend what we just wrote. It does not take that much time to change something you have just written to make it a little clearer. Third, civility is a virtue all people should strive to attain; it promotes understanding and friendship and respect. Last, dyslexia is a real problem that many people DO NOT realize they have, especially if it is a very mild form. Very few people can overcome it - one person who I admire, did that, and he was the greatest general we had in WWII (General George S. Patton - a constant daily battle for him). See my third thought for how we should deal with dyslexic people!
Loved the article! Forgive my ramblings!
Frank
Loved the article! Forgive my ramblings!
Frank
I usually don't reply to posts where people belittle people for whatever reason. However, I do want to point out that spelling and grammar are important where appropriate. Contributing or direct factors to many accidents (a recent Jupiter spaceprobe) (or software glitches) occur because of spelling or grammatical errors. The written language with the proper spelling/grammar) is used to promote communication between people by conveying ideas, facts, and thoughts. There are numerous examples (even on this forum) where poor spelling makes it hard to understand what the individual is asking. The proper thing to do is reply to that person and ASK questions to comprehend what they are asking. English is not the easiest language to learn or understand especially to people from other countries so we "Americans" should cut some slack where this situation is the case. I detected the tone from this forum and others that Americans are poor spellers; maybe so, but you cannot tell me that there areno poor spellers/grammaticists in other countries! Second, yes, this is a technical forum and most people respond in a fast manner; however, we should all take the time to read what we have written and try to picture someone else trying to comprehend what we just wrote. It does not take that much time to change something you have just written to make it a little clearer. Third, civility is a virtue all people should strive to attain; it promotes understanding and friendship and respect. Last, dyslexia is a real problem that many people DO NOT realize they have, especially if it is a very mild form. Very few people can overcome it - one person who I admire, did that, and he was the greatest general we had in WWII (General George S. Patton - a constant daily battle for him). See my third thought for how we should deal with dyslexic people!
Loved the article! Forgive my ramblings!
Frank
Loved the article! Forgive my ramblings!
Frank
I apologize for the double post of my reply but I received a server error 500 when I first posted and nothing appeared to have made it to the forum.
Again, sorry!
Frank
Again, sorry!
Frank
Hi,
I have been hacked for over a year, now iam usomg Zonealarm and pestpatrol, which i have been okay.
But i have few pcs that are dameged or they have hiden files in there.
Could you please guid me where to look for those prigrams, also some HDDs that thye have unalocated partitions that when i format them will take for ever to format and after that is no good.
Sorry bodering you, i have been out of work for over three years and disable with very bad back problem no income to pay with 3 childern going school, that is why iam asking for help. Again hope you forgive me
Thank you very much
Moe Sobouti
18-340-2300
Hi Moe
Since I can't tell the full extent of your problem. Try this.
1. Backup all your DATA.
2. Run FDISK and remove all the partitions.
3. Run a ZERO FILL utility (your hard drive manufacturer will usually have one on it's website and remember that it could take a LONG time to run)
4. Run FDISK again and start up again as you normally would with a new hard drive.
Hope this helps
Since I can't tell the full extent of your problem. Try this.
1. Backup all your DATA.
2. Run FDISK and remove all the partitions.
3. Run a ZERO FILL utility (your hard drive manufacturer will usually have one on it's website and remember that it could take a LONG time to run)
4. Run FDISK again and start up again as you normally would with a new hard drive.
Hope this helps
A growing trend in the IT world seems to be to take a more "hands-on" approach rather than bothering to understand all the hows & whys, as techno geeks of the 90s did. That's okay, so long as such a "hands-on" kind of person does not try to educatethe masses without first doing some research on the subject matter.
You cannot truely lump Tojans & viruses in the same breath without doing a possibly dangerous disservice to your readers. There is enough of a difference between the two to say for certain that antivirus scanners, including the top-of-the-line NAV 2003, simply are not written to hunt for Trojans, although the most common Trojan strings are included in the generic definition signature files. Users must be aware that they absolutely need firewalls if their goal is to protect against Trojans, especially if they're always connected to the Internet (e.g., broadband &, to a lesser extent, xDSL)
Joe Davis
MCSE-W2K, MCP, CCNA, A+, Network+, i-Net+
You cannot truely lump Tojans & viruses in the same breath without doing a possibly dangerous disservice to your readers. There is enough of a difference between the two to say for certain that antivirus scanners, including the top-of-the-line NAV 2003, simply are not written to hunt for Trojans, although the most common Trojan strings are included in the generic definition signature files. Users must be aware that they absolutely need firewalls if their goal is to protect against Trojans, especially if they're always connected to the Internet (e.g., broadband &, to a lesser extent, xDSL)
Joe Davis
MCSE-W2K, MCP, CCNA, A+, Network+, i-Net+
Trojans are similar to viruses in one-way only: they need to get on your system somehow, someway. However, all that's needed is a short one-line code to open a port for someone waiting on the outside to find an opening; the one line code can eitherdo nothing more (passive) or it can unicast (active) a short signal that generally goes undetected by many firewalls, including Windows XP's Internet Connection Firewall. Passive Trojans depend on hacker follow ups & are most commonly used on broadband subnetworks (i.e., neighborhood segments), while active Trojans can do their thing in automatic (the source of the Trojan's attacker can be at home asleep, while his system logs in the connection & either performs something in auto (like searching databases or wrecking havock on the user's computer) or sends an audible alert to the hacker to take notice of the penetration.
Trojans themselves do no damage other than opening a port. The hacker does the possible forth-coming damage, eithermanually or with another program (e.g., virus). Additionally, Trojans do not replicate themselves or place themselves in memory (except that "memory" logs an open port & may upload a unicast signal). Because of the simplicity of the short one-linecodes that define most Trojans, Trojans are much harder to detect. The properties required of a tool to scan for Trojans necessitates a large amount of system resources, which explains in part why generic Trojan protection is not otherwise includedin antivirus programs. Plus, antivirus manufacturers see a larger profit margin by marketing antitrojan (i.e., firewall) programs separately; besides, the APIs used are basically the same as those used for other firewall duties.
Joe Davis
MCSE-W2K, MCP, CCNA, A+, Network+, i-Net+
Trojans themselves do no damage other than opening a port. The hacker does the possible forth-coming damage, eithermanually or with another program (e.g., virus). Additionally, Trojans do not replicate themselves or place themselves in memory (except that "memory" logs an open port & may upload a unicast signal). Because of the simplicity of the short one-linecodes that define most Trojans, Trojans are much harder to detect. The properties required of a tool to scan for Trojans necessitates a large amount of system resources, which explains in part why generic Trojan protection is not otherwise includedin antivirus programs. Plus, antivirus manufacturers see a larger profit margin by marketing antitrojan (i.e., firewall) programs separately; besides, the APIs used are basically the same as those used for other firewall duties.
Joe Davis
MCSE-W2K, MCP, CCNA, A+, Network+, i-Net+
Disk or network activity when the user "isn't doing anything" is a big symptom of a mass-mailer at work.
The problem with listing disk activity as a symptom is there are many OS activities that occur at regular intervals - Microsoft's indexing service, scheduled scandisk / defrag sessions that could also cause this activity. Although, having an antivirus program automatically disable indexing would be okay with me!
I'm not sure, but my disk drive sure seems busy doing something (clicking away)when just sitting there-- as if the NAV is doing a scan. If i have a "mass-mailer" present, will NAV-5 catch it and remove it or do i have to do something else? Thanks.
I am currently trying to help someone with a system that looks like it might be infected. I have tried to run REGEDIT several times. It aborts after 10 seconds and deletes the program. I have also tried to install Norton and McAfee anti-virus programs without success. Install runs for a while and then quits. I have run several virus "cleaner" programs without knowing the truth. Nothing detected so far. The system has been poorly maintained and has a bad case of "registry buildup" - same application(s) installed many times without un-install. Hence too many dup entries in registry. I have cleaned it up a little using a registry scanner. Now I dont know what to do next. How can I get an anti-virus program to install? Thanks in advance.
Your problem is easy fixed, stop wasting time trying to unpick this mess. Install your spare HDD as a slave, Get your DOS utils disk and Boot to DOS, Fdisk the MBR, reboot to DOS again and Xcopy all his own work to the slave HDD. Shut down and Remove the slave HDD. Reboot to DOS and run FDISK, Delete the partitions. Recreate.....you know the drill, good luck.
It's OK doing fdisk and format BUT if the virus is a worm then there will be "Holes" left on the disk which will/can remain if a normal format is carried out. The answer is to carry out a low level format which will write zeroes to the disk's complete surface rather than just 'removing' the MBR/File data..........
Isn't that bad? Like, bad since EIDE? RLLs and MFMs and first gen IDE were OK, but isn't it BAD now? Isn't that the reason you don't have low level format in your BIOS anymore?
I think it's bad.
Anyone?
I think it's bad.
Anyone?
I Hope is not the final solution!
Most HD manufacturers suggest not to do that,
perhaps shredd (rewrite with ceros) all the empty space might work, they are good programs to do that.
Most HD manufacturers suggest not to do that,
perhaps shredd (rewrite with ceros) all the empty space might work, they are good programs to do that.
Our entertaining IT Manager friend should have known that MOST (if not 'all') of today's hard drives cannot NORMALLY be Low Level Formatted. [:O)
I use 60gb maxtors in most of my systems maxtor techs have recomended low level formats for repairing certain problem. they even offer a utility for doing so, but i have no idea if it is the same as a low level format on bios of an old 486.
1. Reformat all HDD's
2. Install Linux (your choice of distro.).
3. RTFM (Read the Fine Manual) for security and firewalling.
4. Implement.
5. Have alot of Fun!!
-- Post meant to be humourous!! :)Please take as such! --
2. Install Linux (your choice of distro.).
3. RTFM (Read the Fine Manual) for security and firewalling.
4. Implement.
5. Have alot of Fun!!
-- Post meant to be humourous!! :)Please take as such! --
I tested for BugBear with the Symantec Removal tool and it did not detect it. This is the problem - I dont know (cant find out) which virus it is. Thanks anyway.
Download both the klez and bugbear removal tools from www.symantec.com and run them. I bet one of these will remove the virus that you have.
I already tried the Symantec Removal tool tool for BugBear, along with Freth, Nimda, Goner, and YaHa. Will try Kletz and mant others.
The problem is I cant identify which one (or more) is in play. Sneakly little bastards!
The problem is I cant identify which one (or more) is in play. Sneakly little bastards!
I didn't test for that one. I am going to download all of the Virus Removal tools I can find and burn a CD and try a shotgun attack. Thanks.
Uninstall any antivirus that is in the system.
Copy the .exe file of ANY OTHER antivirus program into a temp directory together with the .exe of the latest signature file.
Restart in SAFE MODE and run both the .exe files (without rebooting inbetween).
Restart in SAFE MODE and scan the drive(s) for virus/worm/trojan etc.
Try VET AntiVirus (www.vet.com.au)
Good luck [:O)
Copy the .exe file of ANY OTHER antivirus program into a temp directory together with the .exe of the latest signature file.
Restart in SAFE MODE and run both the .exe files (without rebooting inbetween).
Restart in SAFE MODE and scan the drive(s) for virus/worm/trojan etc.
Try VET AntiVirus (www.vet.com.au)
Good luck [:O)
No, I haven't done anything wrong, it's just that I changed my nickname and it confused the database. [:O)
I tried installing both Norton and McAfee in Safe Mode but it didn't work. I will try as you suggested - just copy and execute. I am going to burn a W98 Bootable CD with a bunch of Virus Detectors and Removers and hope to get lucky.
Thanks for the referral to Vet.com
Thanks for the referral to Vet.com
I have a similar problem with a machine I'm supporting belonging to the parental units 
. My plan is to wipe it and completely re-install the OS. Unfortunately, sometimes that is all you can do. Especially if you have registry problems. Hopefully your user has either backed up their data, or it is retrievable, or they don't store any important data locally on the machine.
. My plan is to wipe it and completely re-install the OS. Unfortunately, sometimes that is all you can do. Especially if you have registry problems. Hopefully your user has either backed up their data, or it is retrievable, or they don't store any important data locally on the machine.
The client is an accountant type and has work for 150 clients on the machine. There will be hell to pay if she doesnt have it backed up.
I have her talked into an upgrade to XP so a complete re-do of the system is going to happen. Question is how many other systems will be infected before she lets me do the upgrade.
I have her talked into an upgrade to XP so a complete re-do of the system is going to happen. Question is how many other systems will be infected before she lets me do the upgrade.
I had a similar problem; only I had just reinstalled Windows. I hadn't installed an anti-virus program at that time. In the interim, I noticed some of my apps that had ran normally before kept going back to the desktop. Also noticed wierd email messages. Couldn't install my antivirus program. Went to Trend Micro's Housecall detected a "worm klezh. I downloaded a cleaner; made a boot floppy w/ the cleaner. Ran the cleaner; got rid of the virus and was able to install my antivirus program. Haven't had any problems since.
I am going to burn a CD with a bunch of Removal tools so that I will be max prepared. The client and I have agreed to do a complete wipe and install of XP and set the system up the right way.
At this point I am mostly very curious to see just how successful I can be fighting this thing. I need the practice as this is only the 2nd virus I have ever encountered.
At this point I am mostly very curious to see just how successful I can be fighting this thing. I need the practice as this is only the 2nd virus I have ever encountered.
Just cleaned my computer from the w95/Spaces.gen virus which writes itself to every .exe file in the computer and keeps the programs from running including Regedit. Sounds like what you might have. I had it on Win98 partition and it disabled McAfee.Fortunately I had McAfee installed on my Win2000 partition too and booted up that way.Ran virus scan and it found virus in 171 programs. Search in the registry for 'spaces' or Local Machine/Software/Microsoft/Windows/Current Version/Run. If viruses are on computer, that is a good place to look.
That sounds like it might be the one. I will add it to the long list of Removal tool to download.
I was able to run a registry scanner type program but it would not allow me to manually edit. I have not yet found one that will. It did clean up some other problems like duplicate registry entries and bad links, etc. that helped the machine better.
Thanks.
I was able to run a registry scanner type program but it would not allow me to manually edit. I have not yet found one that will. It did clean up some other problems like duplicate registry entries and bad links, etc. that helped the machine better.
Thanks.
I have used the anti-virus product AVG from grisoft.com for several months now and really like it. The scanning for viruses seems to be more up-to-date than other more popular brands. There is a free/trial version and a costed professional version. Try www.grisoft.com. I hope this helps you out.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
