A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows ME » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Remnants of attack



 
 
Thread Tools Display Modes
  #1  
Old April 29th 05, 12:30 AM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default Remnants of attack

Got hit bad: viruses, trojans, malware, hijack, you name it...after my
grandson "used" the machine... I had no choice but try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had
1 running process, 1 process in reg., and several lesser "things": all
removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept it.
Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a little bit;
it is slower than "before". also are these files now quarantined genuine WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the Clipboard
Viewer), but the Recycle Bin icon shows full and theres nothing in it, even
if I try to dump something, cant find anything ressembling it in a search.
As always tks in advance.

--
cogito ergo sum
  #2  
Old April 29th 05, 12:56 AM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default

Update:

Re Recycle Bin, came back on its own like a good dog. Tks
--
cogito ergo sum


"PAT (Paul)" wrote:

Got hit bad: viruses, trojans, malware, hijack, you name it...after my
grandson "used" the machine... I had no choice but try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had
1 running process, 1 process in reg., and several lesser "things": all
removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept it.
Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a little bit;
it is slower than "before". also are these files now quarantined genuine WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the Clipboard
Viewer), but the Recycle Bin icon shows full and theres nothing in it, even
if I try to dump something, cant find anything ressembling it in a search.
As always tks in advance.

--
cogito ergo sum

  #3  
Old April 29th 05, 12:57 AM
Mart
external usenet poster
 
Posts: n/a
Default

Paul, regarding the recycle bin ONLY. I seem to remember an issue with the
'wrong icon' being set (can't remember why) which always showed the bin as
full.

I'm using XP here so can't test it. Check the icon 'Properties' (in both
states - empty and full) and see if you need to change one of the icons -
both icons *should* be available in the Change Icon option. To check, drop
something into the recycle bin and see if the icon changes (toggles) with
the 'replaced' icons

If this is not the cause in your case, then sorry if I've posted a red
herring.

Might also be worth looking at the MS Knowledge Base for Recycle Bin issues,
there are several and one might just be yours g

Good luck

Mart


"PAT (Paul)" wrote in message
...
Got hit bad: viruses, trojans, malware, hijack, you name it...after my
grandson "used" the machine... I had no choice but try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know. Ad=Aware SE:
had
1 running process, 1 process in reg., and several lesser "things": all
removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept it.
Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a little bit;
it is slower than "before". also are these files now quarantined genuine
WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the Clipboard
Viewer), but the Recycle Bin icon shows full and theres nothing in it,
even
if I try to dump something, cant find anything ressembling it in a
search.
As always tks in advance.

--
cogito ergo sum



  #4  
Old April 29th 05, 08:52 PM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default

Hi Mart
Tks for response, like I said in my follow-up post, it came back.
However I would be more interested in the slowish aspect left after
the attack.
Can anyone take a look at my HJT log?? There might be something that an
expert can readily recognised....Tks for your coop.
--
cogito ergo sum


"Mart" wrote:

Paul, regarding the recycle bin ONLY. I seem to remember an issue with the
'wrong icon' being set (can't remember why) which always showed the bin as
full.

I'm using XP here so can't test it. Check the icon 'Properties' (in both
states - empty and full) and see if you need to change one of the icons -
both icons *should* be available in the Change Icon option. To check, drop
something into the recycle bin and see if the icon changes (toggles) with
the 'replaced' icons

If this is not the cause in your case, then sorry if I've posted a red
herring.

Might also be worth looking at the MS Knowledge Base for Recycle Bin issues,
there are several and one might just be yours g

Good luck

Mart


"PAT (Paul)" wrote in message
...
Got hit bad: viruses, trojans, malware, hijack, you name it...after my
grandson "used" the machine... I had no choice but try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know. Ad=Aware SE:
had
1 running process, 1 process in reg., and several lesser "things": all
removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept it.
Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a little bit;
it is slower than "before". also are these files now quarantined genuine
WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the Clipboard
Viewer), but the Recycle Bin icon shows full and theres nothing in it,
even
if I try to dump something, cant find anything ressembling it in a
search.
As always tks in advance.

--
cogito ergo sum




  #5  
Old April 30th 05, 01:06 AM
Jan Il
external usenet poster
 
Posts: n/a
Default

Hi PAT (Paul) :-)

Please DO NOT post your log to this newsgroup. It is important that you go
to one of the HiJackThis Support Forums below and allow the experts there
to analyze it for you.
AumHa HiJackThis Forum
http://forum.aumha.org/viewforum.php?f=30
or Bleeping Computer Forum
http://www.bleepingcomputer.com/forums/forum22.html
to allow the experts there to evaluate your log and advise you of any
necessary steps to clean your system.
(Note: You will have to Register before posting on these Forums. Please
follow all posting instructions carefully to avoid having your log deleted
or ignored.)

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm


Hi Mart
Tks for response, like I said in my follow-up post, it came back.
However I would be more interested in the slowish aspect left
after the attack.
Can anyone take a look at my HJT log?? There might be something that
an expert can readily recognised....Tks for your coop.

Paul, regarding the recycle bin ONLY. I seem to remember an issue
with the 'wrong icon' being set (can't remember why) which always
showed the bin as full.

I'm using XP here so can't test it. Check the icon 'Properties' (in
both states - empty and full) and see if you need to change one of
the icons - both icons *should* be available in the Change Icon
option. To check, drop something into the recycle bin and see if the
icon changes (toggles) with the 'replaced' icons

If this is not the cause in your case, then sorry if I've posted a
red herring.

Might also be worth looking at the MS Knowledge Base for Recycle Bin
issues, there are several and one might just be yours g

Good luck

Mart


"PAT (Paul)" wrote in message
...
Got hit bad: viruses, trojans, malware, hijack, you name
it...after my grandson "used" the machine... I had no choice but
try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know.
Ad=Aware SE: had
1 running process, 1 process in reg., and several lesser "things":
all removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept
it. Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a
little bit; it is slower than "before". also are these files now
quarantined genuine WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the
Clipboard Viewer), but the Recycle Bin icon shows full and theres
nothing in it, even
if I try to dump something, cant find anything ressembling it in a
search.
As always tks in advance.

--
cogito ergo sum


  #6  
Old April 30th 05, 02:01 AM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default

Hi Jan
Tks for your response. Will try your links....I also heard of :
www.the spykiller.co.uk is it known to you, references?
Paul
--
cogito ergo sum


"Jan Il" wrote:

Hi PAT (Paul) :-)

Please DO NOT post your log to this newsgroup. It is important that you go
to one of the HiJackThis Support Forums below and allow the experts there
to analyze it for you.
AumHa HiJackThis Forum
http://forum.aumha.org/viewforum.php?f=30
or Bleeping Computer Forum
http://www.bleepingcomputer.com/forums/forum22.html
to allow the experts there to evaluate your log and advise you of any
necessary steps to clean your system.
(Note: You will have to Register before posting on these Forums. Please
follow all posting instructions carefully to avoid having your log deleted
or ignored.)

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm


Hi Mart
Tks for response, like I said in my follow-up post, it came back.
However I would be more interested in the slowish aspect left
after the attack.
Can anyone take a look at my HJT log?? There might be something that
an expert can readily recognised....Tks for your coop.

Paul, regarding the recycle bin ONLY. I seem to remember an issue
with the 'wrong icon' being set (can't remember why) which always
showed the bin as full.

I'm using XP here so can't test it. Check the icon 'Properties' (in
both states - empty and full) and see if you need to change one of
the icons - both icons *should* be available in the Change Icon
option. To check, drop something into the recycle bin and see if the
icon changes (toggles) with the 'replaced' icons

If this is not the cause in your case, then sorry if I've posted a
red herring.

Might also be worth looking at the MS Knowledge Base for Recycle Bin
issues, there are several and one might just be yours g

Good luck

Mart


"PAT (Paul)" wrote in message
...
Got hit bad: viruses, trojans, malware, hijack, you name
it...after my grandson "used" the machine... I had no choice but
try to "fix" it!!!

Disconnected from the SP and did a System Restore to the day before
and ran the following first in safe mode, Why? dont know.
Ad=Aware SE: had
1 running process, 1 process in reg., and several lesser "things":
all removed.
Ran Spyboot S&D: all ok
Ran Stinger: an hour and 161,476 files later: nothing.
Ran HiJackThis: g got a big log (well not that big) and kept
it. Did a complete thorough Virus Scan.

Anything else I could do to improve the speed a little bit, a
little bit; it is slower than "before". also are these files now
quarantined genuine WIN
Me= lmgliz.txt, vqzcla.dat.
Also (hate to ask because of the previous question about the
Clipboard Viewer), but the Recycle Bin icon shows full and theres
nothing in it, even
if I try to dump something, cant find anything ressembling it in a
search.
As always tks in advance.

--
cogito ergo sum



  #7  
Old April 30th 05, 04:31 AM
Jan Il
external usenet poster
 
Posts: n/a
Default

Hi Paul :-)

" Hi Jan
Tks for your response. Will try your links....I also heard of :
www.the spykiller.co.uk is it known to you, references?
Paul


Take a look at the information here. Scroll down to SpyKiller. If you have
it installed, you really should uninstall it.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
This is a list of all the rouge and suspect spyware programs.

and he
http://www.adwarereport.com/mt/archives/000024.html
you may need this to completely uninstall it
http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm



  #8  
Old May 7th 05, 02:28 AM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default

Jan 11

Tks for your response. The KillBox from www.thespykiller.co.uk was
recommanded by the Tech Guys Forum and used apparently quite often after
analysing the logs of Spybot S&D. Dont see this particular program in the
list??? I'm I missing something?
Regards
Jan 11
--
cogito ergo sum


"Jan Il" wrote:

Hi Paul :-)

" Hi Jan
Tks for your response. Will try your links....I also heard of :
www.the spykiller.co.uk is it known to you, references?
Paul


Take a look at the information here. Scroll down to SpyKiller. If you have
it installed, you really should uninstall it.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
This is a list of all the rouge and suspect spyware programs.

and he
http://www.adwarereport.com/mt/archives/000024.html
you may need this to completely uninstall it
http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm




  #9  
Old May 7th 05, 07:21 AM
Noel Paton
external usenet poster
 
Posts: n/a
Default

I *think* this is a case of mistaken identity on Jan's part.

AFAIK, thespykiller.co.uk is not related to spykiller.com (the source of the
'iffy' spyware program)

- see also the bottom of their home page....
quote
Important Notice: We are not associated with or involved in any way
with a company called Swanksoft.com who agressively market a spyware removal
program called Spykiller.

We do not agree with the way they market their products, by allowing a
"free" download and then charging you when you want to use the program to
remove any spyware that is found on the computer and they always find
something, whether genuine or not.

/quote






--
Noel Paton (MS-MVP 2002-2005, Windows)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"PAT (Paul)" wrote in message
...
Jan 11

Tks for your response. The KillBox from www.thespykiller.co.uk was
recommanded by the Tech Guys Forum and used apparently quite often after
analysing the logs of Spybot S&D. Dont see this particular program in
the
list??? I'm I missing something?
Regards
Jan 11
--
cogito ergo sum


"Jan Il" wrote:

Hi Paul :-)

" Hi Jan
Tks for your response. Will try your links....I also heard of :
www.the spykiller.co.uk is it known to you, references?
Paul


Take a look at the information here. Scroll down to SpyKiller. If you
have
it installed, you really should uninstall it.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
This is a list of all the rouge and suspect spyware programs.

and he
http://www.adwarereport.com/mt/archives/000024.html
you may need this to completely uninstall it
http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other
readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm






  #10  
Old May 7th 05, 09:16 PM
PAT (Paul)
external usenet poster
 
Posts: n/a
Default

Hi Noel
Tks for putting things straight, was afraid for a while...guess Jan 11
read your post. I was surprised since several of your collegues post there as
well. Do you know of another org that analyses these logs?
Regards
--
cogito ergo sum


"Noel Paton" wrote:

I *think* this is a case of mistaken identity on Jan's part.

AFAIK, thespykiller.co.uk is not related to spykiller.com (the source of the
'iffy' spyware program)

- see also the bottom of their home page....
quote
Important Notice: We are not associated with or involved in any way
with a company called Swanksoft.com who agressively market a spyware removal
program called Spykiller.

We do not agree with the way they market their products, by allowing a
"free" download and then charging you when you want to use the program to
remove any spyware that is found on the computer and they always find
something, whether genuine or not.

/quote






--
Noel Paton (MS-MVP 2002-2005, Windows)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"PAT (Paul)" wrote in message
...
Jan 11

Tks for your response. The KillBox from www.thespykiller.co.uk was
recommanded by the Tech Guys Forum and used apparently quite often after
analysing the logs of Spybot S&D. Dont see this particular program in
the
list??? I'm I missing something?
Regards
Jan 11
--
cogito ergo sum


"Jan Il" wrote:

Hi Paul :-)

" Hi Jan
Tks for your response. Will try your links....I also heard of :
www.the spykiller.co.uk is it known to you, references?
Paul

Take a look at the information here. Scroll down to SpyKiller. If you
have
it installed, you really should uninstall it.
http://www.spywarewarrior.com/rogue_anti-spyware.htm
This is a list of all the rouge and suspect spyware programs.

and he
http://www.adwarereport.com/mt/archives/000024.html
you may need this to completely uninstall it
http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1

Hope this helps :-)

Jan
MS MVP - IE/OE
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other
readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm







 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Help : Hotsearchbar/ Isearch Attack George General 15 February 23rd 05 06:18 AM
VIRUS ATTACK RESULTS Haggis General 3 November 19th 04 12:53 AM
Deleted files on Floppy & Hard disk -remnants ? ============ ABC ============ Disk Drives 3 August 15th 04 11:06 PM


All times are GMT +1. The time now is 11:15 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.