hei!

yesterday i downloaded quicktime to see a movie about the canadian nova bus, a volvo company, in crashtest. about the same time my pc must have got screwed up. though doing several restarts yesterday night i just found it out today.

starting the machine, some iexplore-windows opened, adult and casino content - that really sucked. so i began deleting new programs from the control panel.

suddenly it became all white. trying to restart it was not possible because all the links in start menue were gone or didn't even show up.

restart: the system asks me for my win98se product key. well, i recently move to norway and seem to have forgotten the win98se-cd in homecountry germany.

ms-dos, f-prot-scan with files from march 2004:

c:\windumb\system\winpmj32.exe
...\bkmsf32.dat

"seem to be infected by an unknown virus".

can i simply remove these files? i have no idea what they are used for.

one more file in temporary internet files\content.ie5
i deleted the whole mist manually - it took ten minutes; something i never experienced before (do the deleting manually from time to time). the files name was protec~1.exe

on c:\ i found several unknown files and folders:

setupxlg.txt containing:

"time stamp (yesterdays about time of installing qt)
cbdiskprompt file copy canceled
time stamp
kbdno.kbd (my keyboard language file);win98_47.cab (i have NO .cab files on my hard disk!)
time stamp
e:\win98 (which is my EMPTY cd drive)"

the file continues with new variations of these words. deleted... btw, the last time stamp showed WEDNESDAY september 1st 2004, impossible, isn't it?

the folder programs (progra~1) contains new folders: sidefind, 180sol~1, istbar and pwers~1. i deltreed them all.

on c:\ i find another folder: intern~1, it contains by others a file named optimize.exe (damn american english... ). i deleted it. another new folder is called progra~2, including one more folder called intern~1, empty. deleted it, too.

so my question is: does anyone know the characteristics of these happenings? can i simply format c:\ without harming my seriously important and unbackedup data an d:\ ? it is one harddisk, divided by software. will the virus still be there? even if i may use linux from a download? is it possible to use the win xp cd of a room-mate temporarily or does this still violate the eula?

best regards and in hope for fast help
ungua

... i found the w98se-general-key online. now windows starts but right after the explorer.exe collapses at 016f:00401f31. register, bytes at cs:eip: and other amounts are noticed also, you get them if you want to.... (though i am suspicious that this forum won't be a big help!?)

what i found out in the windows-folder (forgot to check that before):

- new folder "elitebar", deleted
- win.ini modified to running "y.exe"
- system.ini to load that file
- powerpnt.ini modified, but i don't see the point. don't have the program either...
- ndislog.txt created at a size of 0 byte
- unifish.exe, part of transport tycoon, modified but never used by me in the last two weeks...
- winit.bak modified, no useful information inside. not a backup-file either - what the ending made me suspect

best regards
ungua

From the looks of the names of the files you've listed, sounds like some spyware has infiltrated your pc.

I doubt deleting them will help, they'll just simply reappear again. Try running Spybot and ad aware. BTW, what Anti virus software are you using? Are you able to clean the files using the software?

hi & thank your for answering...
where shall these files reappear from? i deleted everything that came on my harddisk unattendedly yesterday. i also run ad-aware last night - without result before the hazards this morning.
like i said, windows does no longer start, the explorer.exe crashes seconds after logging in. is ad aware or spybot available for dos also?

regards
ungua

edit: i use f-prot, a very good and quite old-fashioned program. like i said in the first post the signatures were from march so i just downloaded new ones minutes ago and am going to burn it on a cd together with linux - at least, that's the plan. :rolleyes:

somebody may be interested in the ongoing story!?:

after some problems with linux knoppix i downloaded lycoris, college and suse. actually, i just the first one. works just fine.

but: i lost all my data - more than 30gb of everything{/i] disappeared about an our ago, i have few backups that cannot compensate for what happened. :blackeye:

regards
ungua

i have elitebar cant get rid of it plz help

after running adware and spy s&s i got rid of elitebar how ever i still see it in my hjt log as
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll (file missing)

should i let hjt fix it also i noticed in my reg key adware had deleted the file however in my reg key under HKEY_LOCAL_MACHINE
SOFTWARE
backup
EliteToolBar
There still another seperate Elitum folder in my reg key after adware, spybot, and aol spyware protection deleted it
how do i get rid of this EliteToolBar

Someone Please Help Me

See my post here: http://www.techspot.com/vb/topic17297.html
That should help you.

this was long ago... i have been using suse 9.1 for a long time now and even though i feel rather stupid rather often compared to my good knowledge of how to handle windows98, i really like this os. but even as so much time has passed, i lack a proper .mp3-collection and all the other nice things i felt as "need-to-have" before. but losing all my computer games and by using linux the ability to play them, i have a lot of free time to spend on other things. nice... :bounce:

regards
ungua