Desktop

General discussion

Gravatar
0 Votes
Locked

Virus vs. Anything else

By rgrowcock ·
Hi All,

I am working on a Win98Se box for a friend and are at my wits end!!!

When I first got the system, I was told it may have a virus(es) on it. Not able to connect to Internet, slow performance, etc. After installing Norton's Internet Securities and loading the lasted Virus defs, I found 8 different items, although not one virus. I tried to remove with NIS, no soap, the program couldn't remove. Had to manually remove. Now shows clean.

Installed Ad-Aware 6, with lastest Ref-file. Found ~980 items, Malware, data miner, adware, etc. Removed in stages, couldn't do all at once, system kept hanging. Now shows clean.

Still can't get to Internet. I keep getting a DNS error. Even though I have set the DNS settings manually. Still No Joy. I can ping out and ping in from another computer. The only thing that has shown up consistently is a SAHAgent file. I've removed it, severaly times, still propagates self. Removed it from Registry, same problem. Realized GoBack was installed, uninstalled, SAHAgent, now gone.

I have reinstalled Windows on top of system to clean, haven't formatted and went from there; YET! A lot of files that have no backup and not able to backup, unless I install a small hard drive. But no install programs for many downloaded games they have bought. Format and fresh install last resort.

Does anyone have ANY ideas? I have run out of things to try and am pretty frustated at this point. I am going to manually set an IP address on this box and see what happens. It seems my DNS settings are getting blocked, but I can't figure out by what?

TIA, Roger

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

by LMon In reply to Virus vs. Anything else

You mentioned that installed Norton's. If this a complete Install of NAV it just may be that there is a firewall preventing your connection. I would completely remove NAV from the system to see if that resolves your problem.

gravatar
Collapse -

by rgrowcock In reply to

Tried that, didn't work. Thanks anyhow. Closed this question before, not sure why it is open again.

gravatar
Collapse -

by Joseph Moore In reply to Virus vs. Anything else

A lot of virii are modifying the HOSTS file, putting in their own entries, modifying where real web sites go to. Some virii are even setting all antivirus company websites to resolve to the localhost address, which means you would never see the sites.
So, I would check out your HOSTS file. Now, I am not certain, but I think the HOSTS file (spelled like that, with no file extension) is in the C:\Windows directory.
Open HOSTS in Notepad, and just go ahead and delete anything that is in there. Normal people don't need to use the HOSTS file for DNS resolution.

gravatar
Collapse -

by rgrowcock In reply to

It was empty, but a good thought anyhow.

gravatar
Collapse -

by RCOM In reply to Virus vs. Anything else

You probably have a corrupted winsock.
Remove TCP/IP in network settings.
Remove Dial-Up Networking and VPN (you need your Windows CD-ROM to follow these steps):
Click Start, point to Settings, click Control Panel, and then double-click Add/Remove Programs.
On the Windows Setup tab, click Communications, and then click Details.
Click to clear the Dial-Up Networking check box, and then click Yes if you receive a message that Dial-Up Networking is required by other components.
Click to clear the Virtual Private Networking check box.
Click OK until you are prompted to restart your computer, and then click No.
Delete the WinSock2 registry keys that are located in the following registry keys:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Winsock HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Winsock2 HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/AFVXD HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/DHCP HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/DhcpOptions HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/MSTCP HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/Winsock HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/VxD/Winsock2

To delete the WinSock2 registry keys, right-click the registry keys, one at a time, and then click Delete.
Restart your computer manually.
After Windows restarts, install Dial-Up Networking.

gravatar
Collapse -

by rgrowcock In reply to

This was the problem. Followed your steps, worked like a charm. Thanks!

Closed this question before, not sure why it is open again.

gravatar
Collapse -

by rgrowcock In reply to Virus vs. Anything else

This question was closed by the author

Back to Desktop Forum

Start or search

Related Discussions

Related Forums