Trojano-173 on Windows 98

Hi, we have a machine infected with Trojano-173. Avast detects it and attemps to remove it but it keeps coming back. I have seen postings about possibly in the systems restore folder and the option of turning off system restore. Unfortunately, our OS is Windows 98. Anyone here know how to fix this?

Richard

I think you should boot on safe mode… pressing F8 while booting and choosing ‘Safe Mode’.
Then run avast! from there and trying to get rid of this infection.
Maybe you can find more if you click ‘Cleaning’ in my signature.

Either your system is insecure (no firewall, etc.) or you are getting reinfected because you are browsing the same suspect sites, or there are other elements that are causing the reinfection.

In any case hijackthis is a useful tool to identify what is running on your system.
Program & Tutorial - Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2
For an on-line analysis - HiJackThis Log file - On-line Analysis
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.
OR HiJackThis Log file - On-line Analysis 2

Also see - Eddy’s Website click the “HiJackThis Section” and also the “Malware removal instructions and applications” section, and follow the directions there and get back to us if you need more help…

Hi, the system is secure (Zonealarm) and I am not visiting ANY sites. Avast prompts me to delete, I do & then tells me it’s found another! Repeats & repeats! By the way, I note the parachutist! You a jumper? Me too BPA B101902.

OK, try the safe mode scan as suggested by Tech, see if that helps followed by the hijackthis info.

I’m no longer and active jumper now, very tired knees ;D My old BPA No was 6634 - D964 - 2700+ descents when I stopped.

And while you’re in safe mode, delete all files in your temp directory located in c:\windows and also your temp internet directory… and finally, empty out the recycle bin…