My head hurts - please help with Trojans

What should I use to help me find and remove the trojans that are running on my computer? (they're definitely there - the computer's really been acting up). My head hurts - I've been at this for days.

I'm running Windows 98SE.

Here's what I've done so far:

I have run (after updating all definitions, etc) Norton AV, panda online scan, mcaffee online scan, trendmicro online scan, spybot, and adaware - they come up clean except for some tracking cookies. Adaware, however, suddenly takes FOREVER to scan. Also, when I fixed/deleted the tracking cookies using SpyBot (I had just reinstalled this), I got an error message for a few of them -- failed to load UNZDLL.DLL in Spybot program file was the gist of it - however, it still showed that it removed the cookies.

I updated any Windows security patches I was missing. I downloaded Zone Alarm and have been monitoring/blocking internet activity - there's plenty. From that, I figured out the ports being used are 53 and 80 (so far anyway). I had also run Hijack This at one point and I found a setting (I think a reg change) for connecting to the internet by proxy at port 8080. Using the online tutorial, I didn't seem to find anything else too ugly in the log. I must have missed stuff though because I can't believe the log is clean.

I downloaded Trojan Hunter but it hangs in the midst of the scan and freezes.

I went to Pest Patrol and looked up known Trojans that use the above ports. By using the windows find file, I seem to have files for "hackerz backdoor" "muska52" & "MSN Kamuflao" (so far) in temp internet files. I've only found one running process though - sulfnbk.exe, which is in c:/windows/command. A few of the other files I searched for using the windows find file brought up as many as 2,000 results, most of which didn't seem to have anything to do with the file I was looking for, so I don't really know how to discern if and what is infected when I get those kinds of results. I have not deleted anything yet.

It is tedious and confusing to be looking for trojans this way. I just don't have the tech-smarts to know exactly what I'm doing. I was going to download and try to run Pest Patrol but I haven't really heard that much about it - is there something better? What else should I do?

SOMETHING must be able to find these suckers.

I could use some advice and would appreciate any help!

thank you --
fanoula

 

Looks like you've got the bases covered for spyware and viruses.
Adaware scans tend to take longer if the scan type is set to Custom... rather than Smart...
That UNZDLL.DLL error is rather odd, I'd try uninstalling/reinstalling Spybot again to see if that takes care of it.
SULFNBK.EXE is a Windows file that is used to restore long file names. There is a hoax going around about that file being a virus, and although any .exe can be infected it doesn't necessarily mean yours is.

Have you run a Scandisk/Defrag lately in 98?

Pest Patrol is good, but you have to pay for the ability to remove nasties.

What is actually telling you you have trojans? I don't know anything about Trojan Hunter (you might try running it in Safe Mode), but TDS-3 is about the best trojan remover around and free for 30 days use. Download the latest update here before you scan.

Post back and let us know if it can run and what it finds, if you're still having trouble after that we may need to look at your HijackThis log.

 

thank you alanc. I downloaded TDS-3, updated it, and ran it. It came back clean. I guess I'm okay.

I have a question about uninstalling TDS tho - I'm only running an MMX chip here and not that much memory so I can't keep it on the computer. Problem - I tried to uninstall it and it kept asking me if it could uninstall some shared files - I really didn't know what to do so I said no to a couple. But then the program froze and I had to end the task (in the middle of the uninstall). It wasn't anywhere finished uninstalling the program but now it doesn't appear in the list of add/remove programs in the control panel. How do I completely uninstall this now??

Thank you for your help. As for the trojan worry - Zone Alarm has been making me nuts with all of its alerts. I think I'm getting rid of it. Anything better out there?


thanks again --

fanoula

 

Next time ZA gives an alert, put a check in the box that says 'Don't show me this again' (or some such wording), and it'll stop bothering you.

For the combination of ease of use, security, and price (free), it's a very good firewall.