Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Win 98 re-install question

Status
Not open for further replies.
msintrepid

msintrepid

ISP
Jul 3, 2001
15
0
0
US
Hi

Running Win 98 on the C drive of a partitioned hard drive. After being struck by Nimda, and clearing out infected files and running SFC - find the Win 98 installation is shaky at best. So in order to re-install Win 98 on the C draive again, what is the command in DOS to only "slick" the C partition and not the rest of the partitions on the drive?
 
Sort by date Sort by votes
I would NOT suggest re-installing Windows. If you've upgraded your compurter with newer versions of Internet Explorer, Windows Media Player, or DirectX, you will essentially downgrade all these componenets and end up in worse shape.

Ae you running Internet Information Server?

Look over these links for manual removal instructions:
The National Infrastructure Protection Center (NIPC) has received numerous reports that a new worm, named W32.Nimda.A@MM, is propagating extensively through the Internet worldwide. The worm is exhibiting many traits of recently successful malicious code attacks such as CODE RED but it is not simply another version of that worm.

The Nimda worm threatens Microsoft Internet Information Services on Windows 2000 and NT web servers and also individual users running Microsoft Outlook or Outlook Express for their mail service on any Windows platform (95, 98, and Millennium Edition). Preliminary analysis indicates that once a server is infected it will begin to scan for more vulnerable systems on the local network, which may result in a denial of service for that network. In the case of infected workstations as well as servers, the worm also makes the entire contents of the local primary hard drive (e.g. C Drive) available over the network. It is also believed that an additional user is added with administrative rights.

A computer can become infected through a variety of means ranging from simply viewing an infected webpage using a browser with no security enabled, to opening a malicious email attachment.

The NIPC and several other labs continue to analyze the Nimda worm. Expect additional updates in the near future. For the moment, system administrators and individual users should consider taking the immediate actions detailed below to protect their systems.

For system administrators:

Take appropriate steps to prevent the worm's attempts to distribute itself through the following means:

HTTP scanning for IIS vulnerabilities
IIS MSDAC /root.exe
IIS UNICODE decoding cmd.exe
CODERED /root.exe
frontpage /cmd.exe
EMAIL (via IFRAMES and javascript)
readme.eml
readme.exe
getadmin.exe
TFTP downloads
getadmin.exe
Admin.dll
Getadmin.dll
Internet Explorer HTTP iframe and javascript autoexec
readme.eml
readme.exe
Open Windows File sharing
readme.exe
readme.eml
For individual users:

Do not read or accept unexpected email file attachments. These emails should be deleted. Make sure browser security is enabled.

The anti-virus software industry is aware of this worm and has created a signature file to detect and remove it. Full descriptions and removal instructions can be found at various anti-virus software firms websites, including the following:

(Trend Micro)
(Computer Associates)
(McAfee)

Microsoft has posted critical updates at the following sites:


As always, computer users are advised to keep their anti-virus and systems software current by checking their vendor's web sites frequently for new updates, and to check for alerts put out by the NIPC, CERT/CC and other cognizant organizations.
============================================================
Worm Information
A new worm, called w32.nimda.amm, Nimba and README.EXE, is propagating the Internet through e-mail and network attacks. The email contains an attachment called README.EXE and comes as a MIME-type of "audio/x-wav" together with some html parts. There appears to be no text in this message when it is displayed by Outlook when in Auto-Preview mode.

The worm launches a wide variety of network attacks against IIS boxes. Several attacks scan for machines compromised by Code Red II (looking for ROOT.EXE in the /scripts and /msadc directory, as well as an attempt to use the /c and /d virtual roots to get to CMD.EXE). It also attempts to exploit numerous other known IIS vulnerabilities.

reghakr
 
Upvote 0 Downvote
should just be "format C:"

as long as you specify the parameter "C:", the other partitions shouldn't be touched.

cdogg
 
Upvote 0 Downvote
Thanks, cdogg - I've been looking for that bit of re-assurance. Whew!!
 
Upvote 0 Downvote
yeah, the partition information is written to the volume of the hard drive which is only affected if you do a "low-level" format.

glad I could help...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
1
Views
97
pjw001
pjw001
pmonett
  • Locked
  • Question
Cannot install Notes R12 1
Replies
13
Views
175
Rick998
Rick998
RonL2
  • Locked
  • Question
win 7 Chrome and Opera
Replies
4
Views
95
Mike Lewis
Mike Lewis
pjw001
  • Question
Latest Windows Update - End of Service
Replies
2
Views
204
pjw001
pjw001
pjw001
  • Question
Windows 11 Screen Colours have changed (slightly) 3
Replies
14
Views
780
pjw001
pjw001

Part and Inventory Search

Sponsor

Back
Top