Archived from groups: microsoft.public.win98.gen_discussion (More info?)

I just checked the daily overnight run of my-eTrust AV and there were two
items which failed the scan with no comment or recommendation for
eliminating them. They were not there on the previous night's scan. I
Googled them and found that they are, or may be Trojans. I have tried to
delete or rename them but they can't be eliminated and I've been unable to
find a removal recommendation. Here are the details.

C:\Windows\Internet Logs\fwdbglog.txt
C:\Windows\Internet Logs\fwpktlog.txt


Details of my computer:

Windows 98SE
PII 300 Mhz
320 Mhz RAM
20gig HD

AdAware SpyBot S&D
SpywareBlaster
SpywareGuard
CW Shredder
Host File
Zone Alarm
my- eTrust AV

All of the above are up to date and are run almost daily. Hopefully, ZA has
prevented anything from being sent out of my computer if it has done what
it's supposed to do

Does anyone have details of these trojans (if they are) and how to get rid
of them. Any help appreciated.

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder" )
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder" )

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt416.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Adaware with the latest definitions.
3) Reboot your PC into Safe Mode and shutdown as many applications as possible.
4) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
5) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware

* * * Please report back your results * * *

--
Dave
http://www.claymania.com/removal-trojan-adware.html




"bobster" <fauxie@bogus.net> wrote in message news:uyycKSVFFHA.1292@TK2MSFTNGP10.phx.gbl...
| I just checked the daily overnight run of my-eTrust AV and there were two
| items which failed the scan with no comment or recommendation for
| eliminating them. They were not there on the previous night's scan. I
| Googled them and found that they are, or may be Trojans. I have tried to
| delete or rename them but they can't be eliminated and I've been unable to
| find a removal recommendation. Here are the details.
|
| C:\Windows\Internet Logs\fwdbglog.txt
| C:\Windows\Internet Logs\fwpktlog.txt
|
|
| Details of my computer:
|
| Windows 98SE
| PII 300 Mhz
| 320 Mhz RAM
| 20gig HD
|
| AdAware SpyBot S&D
| SpywareBlaster
| SpywareGuard
| CW Shredder
| Host File
| Zone Alarm
| my- eTrust AV
|
| All of the above are up to date and are run almost daily. Hopefully, ZA has
| prevented anything from being sent out of my computer if it has done what
| it's supposed to do
|
| Does anyone have details of these trojans (if they are) and how to get rid
| of them. Any help appreciated.
|
|
|

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Those log files are specifically ZA log files. Fwpktlog.txt appears to
be a log of dropped packets. Not sure what the other one logs.

I can't see how these files, themselves, could be trojans. But there may
be info in them that triggers the AV to suspect a trojan. Can't imagine
what, but I suppose it's possible.

You can delete those files in DOS Mode (Command Prompt Only startup.)
See what the AV scan shows after restarting. I'd save copies, first.
Perhaps just looking through them will provide a hint or two. They
should be basically boring. Any lines that look different from most
would be worth investigating.

--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm

"bobster" <fauxie@bogus.net> wrote in message
news:uyycKSVFFHA.1292@TK2MSFTNGP10.phx.gbl...
> I just checked the daily overnight run of my-eTrust AV and there were
two
> items which failed the scan with no comment or recommendation for
> eliminating them. They were not there on the previous night's scan.
I
> Googled them and found that they are, or may be Trojans. I have tried
to
> delete or rename them but they can't be eliminated and I've been
unable to
> find a removal recommendation. Here are the details.
>
> C:\Windows\Internet Logs\fwdbglog.txt
> C:\Windows\Internet Logs\fwpktlog.txt
>
>
> Details of my computer:
>
> Windows 98SE
> PII 300 Mhz
> 320 Mhz RAM
> 20gig HD
>
> AdAware SpyBot S&D
> SpywareBlaster
> SpywareGuard
> CW Shredder
> Host File
> Zone Alarm
> my- eTrust AV
>
> All of the above are up to date and are run almost daily. Hopefully,
ZA has
> prevented anything from being sent out of my computer if it has done
what
> it's supposed to do
>
> Does anyone have details of these trojans (if they are) and how to get
rid
> of them. Any help appreciated.
>
>
>

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

After further "digging", it looks like these are ZA files that are now
"locked" as of yesterday when I downloaded the ZA upgrade to V 5.5.062.011.
I found previous (older) versions on my D drive that I deleted without any
trouble. Looks like a non-problem. Thanks Gary and David Lipman for your
helpful suggestions.

=====================================================
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:%23AHKxmVFFHA.2232@TK2MSFTNGP14.phx.gbl...
> Those log files are specifically ZA log files. Fwpktlog.txt appears to
> be a log of dropped packets. Not sure what the other one logs.
>
> I can't see how these files, themselves, could be trojans. But there may
> be info in them that triggers the AV to suspect a trojan. Can't imagine
> what, but I suppose it's possible.
>
> You can delete those files in DOS Mode (Command Prompt Only startup.)
> See what the AV scan shows after restarting. I'd save copies, first.
> Perhaps just looking through them will provide a hint or two. They
> should be basically boring. Any lines that look different from most
> would be worth investigating.
>
> --
> Gary S. Terhune
> MS MVP Shell/User
> http://www.grystmill.com/articles/cleanboot.htm
> http://www.grystmill.com/articles/security.htm
>
> "bobster" <fauxie@bogus.net> wrote in message
> news:uyycKSVFFHA.1292@TK2MSFTNGP10.phx.gbl...
> > I just checked the daily overnight run of my-eTrust AV and there were
> two
> > items which failed the scan with no comment or recommendation for
> > eliminating them. They were not there on the previous night's scan.
> I
> > Googled them and found that they are, or may be Trojans. I have tried
> to
> > delete or rename them but they can't be eliminated and I've been
> unable to
> > find a removal recommendation. Here are the details.
> >
> > C:\Windows\Internet Logs\fwdbglog.txt
> > C:\Windows\Internet Logs\fwpktlog.txt
> >
> >
> > Details of my computer:
> >
> > Windows 98SE
> > PII 300 Mhz
> > 320 Mhz RAM
> > 20gig HD
> >
> > AdAware SpyBot S&D
> > SpywareBlaster
> > SpywareGuard
> > CW Shredder
> > Host File
> > Zone Alarm
> > my- eTrust AV
> >
> > All of the above are up to date and are run almost daily. Hopefully,
> ZA has
> > prevented anything from being sent out of my computer if it has done
> what
> > it's supposed to do
> >
> > Does anyone have details of these trojans (if they are) and how to get
> rid
> > of them. Any help appreciated.
> >
> >
> >
>

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

They're "locked" because they're in use. Probably always have been. If
you close ZA, I'm betting they can be deleted.

--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm

"bobster" <fauxie@bogus.net> wrote in message
news:%23VHJF7VFFHA.1296@TK2MSFTNGP10.phx.gbl...
> After further "digging", it looks like these are ZA files that are now
> "locked" as of yesterday when I downloaded the ZA upgrade to V
5.5.062.011.
> I found previous (older) versions on my D drive that I deleted without
any
> trouble. Looks like a non-problem. Thanks Gary and David Lipman for
your
> helpful suggestions.
>
> =====================================================
> "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> news:%23AHKxmVFFHA.2232@TK2MSFTNGP14.phx.gbl...
> > Those log files are specifically ZA log files. Fwpktlog.txt appears
to
> > be a log of dropped packets. Not sure what the other one logs.
> >
> > I can't see how these files, themselves, could be trojans. But there
may
> > be info in them that triggers the AV to suspect a trojan. Can't
imagine
> > what, but I suppose it's possible.
> >
> > You can delete those files in DOS Mode (Command Prompt Only
startup.)
> > See what the AV scan shows after restarting. I'd save copies, first.
> > Perhaps just looking through them will provide a hint or two. They
> > should be basically boring. Any lines that look different from most
> > would be worth investigating.
> >
> > --
> > Gary S. Terhune
> > MS MVP Shell/User
> > http://www.grystmill.com/articles/cleanboot.htm
> > http://www.grystmill.com/articles/security.htm
> >
> > "bobster" <fauxie@bogus.net> wrote in message
> > news:uyycKSVFFHA.1292@TK2MSFTNGP10.phx.gbl...
> > > I just checked the daily overnight run of my-eTrust AV and there
were
> > two
> > > items which failed the scan with no comment or recommendation for
> > > eliminating them. They were not there on the previous night's
scan.
> > I
> > > Googled them and found that they are, or may be Trojans. I have
tried
> > to
> > > delete or rename them but they can't be eliminated and I've been
> > unable to
> > > find a removal recommendation. Here are the details.
> > >
> > > C:\Windows\Internet Logs\fwdbglog.txt
> > > C:\Windows\Internet Logs\fwpktlog.txt
> > >
> > >
> > > Details of my computer:
> > >
> > > Windows 98SE
> > > PII 300 Mhz
> > > 320 Mhz RAM
> > > 20gig HD
> > >
> > > AdAware SpyBot S&D
> > > SpywareBlaster
> > > SpywareGuard
> > > CW Shredder
> > > Host File
> > > Zone Alarm
> > > my- eTrust AV
> > >
> > > All of the above are up to date and are run almost daily.
Hopefully,
> > ZA has
> > > prevented anything from being sent out of my computer if it has
done
> > what
> > > it's supposed to do
> > >
> > > Does anyone have details of these trojans (if they are) and how to
get
> > rid
> > > of them. Any help appreciated.
> > >
> > >
> > >
> >
>
>

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

So has anyone ever click on your web-link, David Lipman? <evil grin>

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
newsU20jfVFFHA.3928@TK2MSFTNGP15.phx.gbl...
: 1) Download the following three items...
:
: Trend Sysclean Package
: http://www.trendmicro.com/download/dcs.asp
:
: Latest Trend signature files.
: http://www.trendmicro.com/download/pattern.asp
:
: Adaware SE (free personal version v1.05)
: http://www.lavasoftusa.com/
:
: Create a directory.
: On drive "C:\"
: (e.g., "c:\New Folder" )
: or the desktop
: (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder" )
:
: Download SYSCLEAN.COM and place it in that directory.
: Download the Trend Pattern File by obtaining the ZIP file.
: For example; lpt416.zip
:
: Extract the contents of the ZIP file and place the contents in the same
directory as
: SYSCLEAN.COM.
:
: 2) Update Adaware with the latest definitions.
: 3) Reboot your PC into Safe Mode and shutdown as many applications as
possible.
: 4) Using both the Trend Sysclean utility and Adaware, perform a Full
Scan of your
: platform and clean/delete any infectors/parasites found.
: (a few cycles may be needed)
: 5) Restart your PC and perform a "final" Full Scan of your platform
using both the
: Trend Sysclean utility and Adaware
:
: * * * Please report back your results * * *
:
: --
: Dave
: http://www.claymania.com/removal-trojan-adware.html
:
:
:
:
: "bobster" <fauxie@bogus.net> wrote in message
news:uyycKSVFFHA.1292@TK2MSFTNGP10.phx.gbl...
: | I just checked the daily overnight run of my-eTrust AV and there were two
: | items which failed the scan with no comment or recommendation for
: | eliminating them. They were not there on the previous night's scan. I
: | Googled them and found that they are, or may be Trojans. I have tried to
: | delete or rename them but they can't be eliminated and I've been unable
to
: | find a removal recommendation. Here are the details.
: |
: | C:\Windows\Internet Logs\fwdbglog.txt
: | C:\Windows\Internet Logs\fwpktlog.txt
: |
: |
: | Details of my computer:
: |
: | Windows 98SE
: | PII 300 Mhz
: | 320 Mhz RAM
: | 20gig HD
: |
: | AdAware SpyBot S&D
: | SpywareBlaster
: | SpywareGuard
: | CW Shredder
: | Host File
: | Zone Alarm
: | my- eTrust AV
: |
: | All of the above are up to date and are run almost daily. Hopefully, ZA
has
: | prevented anything from being sent out of my computer if it has done what
: | it's supposed to do
: |
: | Does anyone have details of these trojans (if they are) and how to get
rid
: | of them. Any help appreciated.
: |
: |
: |
:
:

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

You mean Clay's website which host's my information ?

http://www.claymania.com/removal-trojan-adware.html

Yes.

--
Dave




"Dan" <spamyou@user.nec> wrote in message newsj8bbwaGFHA.3376@TK2MSFTNGP12.phx.gbl...
| So has anyone ever click on your web-link, David Lipman? <evil grin>
|

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Oh, I thought it referred to a STD. I read it incorrectly. My bad and I
apologize. Have a great day.

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%23DdsP1aGFHA.1476@TK2MSFTNGP09.phx.gbl...
: You mean Clay's website which host's my information ?
:
: http://www.claymania.com/removal-trojan-adware.html
:
: Yes.
:
: --
: Dave
:
:
:
:
: "Dan" <spamyou@user.nec> wrote in message
newsj8bbwaGFHA.3376@TK2MSFTNGP12.phx.gbl...
: | So has anyone ever click on your web-link, David Lipman? <evil grin>
: |
:
:

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

You're welcome !

--
Dave




"Dan" <spamyou@user.nec> wrote in message news96wlFqGFHA.2156@TK2MSFTNGP09.phx.gbl...
| I downloaded it as suggested and I am amazed that it is free. Here I was
| expecting to pay money for what looks like an awesome utility. Thanks again,
| David H. Lipman. You are really nice to help me. GodSpeed! (May God go with
| you)

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Houston, we have a problem. (I couldn't resist -- LOL!!)
Anyway, I just get the error message mswinsck.ocx not correctly registered:
file may be missing or invalid. What next or do I need to roll back my
system before it is too late?

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eX3qzkqGFHA.2636@TK2MSFTNGP12.phx.gbl...
: You're welcome !
:
: --
: Dave
:
:
:
:
: "Dan" <spamyou@user.nec> wrote in message
news96wlFqGFHA.2156@TK2MSFTNGP09.phx.gbl...
: | I downloaded it as suggested and I am amazed that it is free. Here I was
: | expecting to pay money for what looks like an awesome utility. Thanks
again,
: | David H. Lipman. You are really nice to help me. GodSpeed! (May God go
with
: | you)
:
:

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

"Dan" <spamyou@user.nec> wrote in message newsHX6bHyGFHA.3912@TK2MSFTNGP10.phx.gbl
| Houston, we have a problem. (I couldn't resist -- LOL!!)
| Anyway, I just get the error message mswinsck.ocx not correctly registered:
| file may be missing or invalid. What next or do I need to roll back my
| system before it is too late?
|


Dan:

Go to; http://www.sonic.net/wallwatcher/dnloadocx.html

Obtain the OCX files and save them in the same folder as WallWatcher then run the SEYUP.EXE
file of WallWatcher to re=register the OCX files.


--
Dave

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:uxcDQWzGFHA.3376@TK2MSFTNGP14.phx.gbl
| "Dan" <spamyou@user.nec> wrote in message newsHX6bHyGFHA.3912@TK2MSFTNGP10.phx.gbl
|| Houston, we have a problem. (I couldn't resist -- LOL!!)
|| Anyway, I just get the error message mswinsck.ocx not correctly registered:
|| file may be missing or invalid. What next or do I need to roll back my
|| system before it is too late?
||
|
|
| Dan:
|
| Go to; http://www.sonic.net/wallwatcher/dnloadocx.html
|
| Obtain the OCX files and save them in the same folder as WallWatcher then run the
| SEYUP.EXE file of WallWatcher to re=register the OCX files.
|
|
| --
| Dave

Do'h !

That's SETUP.EXE !


--
Dave

Archived from groups: microsoft.public.win98.gen_discussion (More info?)

Thanks Dave. I will post back with any more problems. Have a great day!
BTW, as of yesterday I have configured my LinkSYS wired -- 4 port router to
stop all attacks at the hardware firewall level. I have 304 attacks that
bypassed my old D-LINK which was only $20 and it su_cked. You get what you
pay for usually I guess. This new router cost me $80 plus tax at Best Buy
and is router # BEFSX41. I really like it. It had exactly 10 attacks that
were stopped at the ZA PRO. software firewall before I managed to nail down
the proper configuration to allow all attacks (or just plain old port scans)
to be stopped at the router level. I will let you know if attacks managed to
bypass this router and then I may upgrade to a $300 business LinkSys router.
My philosophy is "Whatever it takes to keep my System secure from these
stupid hackers" BTW, do you know about the firewall that the U.S. military
uses to actively attack computers that try and hack the system. I definately
want to buy this firewall if it is available for Personnel or Business Use.
I want to go on the offensive and take the on-line battle to the hackers and
stop them in their tracks just like we are going on the offensive in the
States to try and stop terriorism. Thanks again for your help and have a
wonderful day!

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
newsIDz9wzGFHA.2136@TK2MSFTNGP14.phx.gbl...
: "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
: news:uxcDQWzGFHA.3376@TK2MSFTNGP14.phx.gbl
: | "Dan" <spamyou@user.nec> wrote in message
newsHX6bHyGFHA.3912@TK2MSFTNGP10.phx.gbl
: || Houston, we have a problem. (I couldn't resist -- LOL!!)
: || Anyway, I just get the error message mswinsck.ocx not correctly
registered:
: || file may be missing or invalid. What next or do I need to roll back my
: || system before it is too late?
: ||
: |
: |
: | Dan:
: |
: | Go to; http://www.sonic.net/wallwatcher/dnloadocx.html
: |
: | Obtain the OCX files and save them in the same folder as WallWatcher then
run the
: | SEYUP.EXE file of WallWatcher to re=register the OCX files.
: |
: |
: | --
: | Dave
:
: Do'h !
:
: That's SETUP.EXE !
:
:
: --
: Dave
:
:
:
:
: