AVG on Win 98 problem starting up

[Ike Milligan]

Well, it's a bit of a long story. An old guy I know had a P 166 with
Win98 and picked up some viruses, So I downloaded AVG free copied onto a
CD, and then installed it on his machine. Now it won't boot up
completely into Win 98, but only shows his wallpaper. The AVG DOS
message suggests making some rescue disks and using them to boot into
Win 98, using a clean computer to make them. My main machine is running
XP. I don't suppose it is possible to use rescue disks from XP but
somehow booting Win 98 from another disk? I have Win 98 boot disks. Also
I could dig an old computer out of the storage shed and set it up and
use that to make rescue disks.

What I think I should have done instead instead of installing AVG, was
try to manually remove the virus that kept IE from running, that is, the
secure32.html blue screen, And then tried to surf over to
Pandasoftware.com and done the free scan. But now I can't seem to boot
Win 98 except for a blank wallpaper screen. Before I installed AVG
free, I could at least boot up Windows. Also I might have instructions
to get rid of Secure32.html virus now that I have learned the name of
the file that keeps running it, namely according to McAfee,
paytime.exe. I did print out their information about Start-page IH and
the associated registry keys. There are other viruses on the machine,
but I just wanted to run Internet Explorer, as Panda won't run on other
browsers. 2

 

[Art]

Well, it's a bit of a long story. An old guy I know had a P 166 with
Win98 and picked up some viruses, So I downloaded AVG free copied onto a
CD, and then installed it on his machine. Now it won't boot up
completely into Win 98, but only shows his wallpaper. The AVG DOS
message suggests making some rescue disks and using them to boot into
Win 98, using a clean computer to make them. My main machine is running
XP. I don't suppose it is possible to use rescue disks from XP but
somehow booting Win 98 from another disk? I have Win 98 boot disks. Also
I could dig an old computer out of the storage shed and set it up and
use that to make rescue disks.

Here's a approach you might consider, assuming you have Nero or some
such CD burning software that allows you to make a bootable CD:

Download both K-BOOT.ZIP and KAVDOSNT.exe from my web site.
Unzip K-BOOT.ZIP and run the .EXE to create a special boot diskette.
Use this diskette as the basis of creating the bootable CD.

Run the self extracting SFX KAVDOSNT.exe and let it extract to the
default C:\KAVDOSNT folder. Then run KAVDOSNT.BAT in that folder
to download up to date def files into that folder.

Copy the entire contents of that folder to the CD.

When you use the emergency boot CD you create, copy the entire
contents to the RAM drive Z: created during bootup.

I look in here every day, so let me know if you need any further
help with that approach.

Art
http://home.epix.net/~artnpeg

 

[Art]

Run the self extracting SFX KAVDOSNT.exe and let it extract to the
default C:\KAVDOSNT folder. Then run KAVDOSNT.BAT in that folder
to download up to date def files into that folder.

Copy the entire contents of that folder to the CD.

Correction:

If the def files all download ok, erase *.zip (all three zip files)
from that folder before copying to CD. Otherwise, the sum
of the file sizes will be too large for the target 16 meg RAM
drive.

Art
http://home.epix.net/~artnpeg

 

[Ike Milligan]

Correction:

If the def files all download ok, erase *.zip (all three zip files)
from that folder before copying to CD. Otherwise, the sum
of the file sizes will be too large for the target 16 meg RAM
drive.

Art
http://home.epix.net/~artnpeg

So with the boot diskette, I copy the boot files onto root of the CD,
then use the CD to boot the infected machine. Then I copy the CD into
the virtual Z: drive, minus the *.zip files which I presume are def
compressed files. Then I run a program from the Z: drive to clean the
machine.

 

[Art]

Art wrote:
So with the boot diskette, I copy the boot files onto root of the CD,

No. Apparently you aren't familiar with using CD burning software
which has the option of creating a bootable CD. With Nero, once
you select that basic option, it will allow another convenient option
to simply put the boot diskette in the A: drive. You don't have to
create a image file of the boot diskette, it takes care of that
aspect.

You then get a option to add folders and files. It will then burn
the CD and you are done.

then use the CD to boot the infected machine. Then I copy the CD into
the virtual Z: drive, minus the *.zip files which I presume are def
compressed files. Then I run a program from the Z: drive to clean the
machine.

That's what I had written and implied, but I was playing with this
this morning and realized that there's another correction in my
instructions that must be made, and there's actually a simpler and
better way to do it, though it might seem on the surface to be
awkward.

Using this alternate method, you won't have to use a bootable CD
or be concerned about overloading the target RAM drive. Just burn
the contents of C:\KAVDOSNT to a CD (less the three zip files).

You will need a Win 98 boot diskette as well as my special boot
diskette plus the CD you burned. On the ailing PC, use the Win
98 diskette first and make sure to select to load the CD ROM
drivers. It should later tell you which drive letter it assigned
to the CD ROM drive.

Use the DOS command line:

MD C:\KAVDOSNT

to create the target folder for the def files, etc, contained
on the CD. Then copy all files from the CD to that folder.
If the CD ROM drive is F: for example you would

COPY F:\*.* C:\KAVDOSNT

Now you are done with both the Win 98 boot disk and the CD.
Simply reboot using my special boot disk. A user interface
program with a scan options screen will appear. Make sure
to select disinfection. For the scan target, simply type C
and Enter to scan the entire drive C:\

The INI file is set to have KAVDOS32 look for its def files
in C:\KAVDOSNT by default so make sure you use that
folder for the def files.

Art
http://home.epix.net/~artnpeg

 

[David H. Lipman]

From: "Ike Milligan" <[email protected]>

| Well, it's a bit of a long story. An old guy I know had a P 166 with
| Win98 and picked up some viruses, So I downloaded AVG free copied onto a
| CD, and then installed it on his machine. Now it won't boot up
| completely into Win 98, but only shows his wallpaper. The AVG DOS
| message suggests making some rescue disks and using them to boot into
| Win 98, using a clean computer to make them. My main machine is running
| XP. I don't suppose it is possible to use rescue disks from XP but
| somehow booting Win 98 from another disk? I have Win 98 boot disks. Also
| I could dig an old computer out of the storage shed and set it up and
| use that to make rescue disks.
|
| What I think I should have done instead instead of installing AVG, was
| try to manually remove the virus that kept IE from running, that is, the
| secure32.html blue screen, And then tried to surf over to
| Pandasoftware.com and done the free scan. But now I can't seem to boot
| Win 98 except for a blank wallpaper screen. Before I installed AVG
| free, I could at least boot up Windows. Also I might have instructions
| to get rid of Secure32.html virus now that I have learned the name of
| the file that keeps running it, namely according to McAfee,
| paytime.exe. I did print out their information about Start-page IH and
| the associated registry keys. There are other viruses on the machine,
| but I just wanted to run Internet Explorer, as Panda won't run on other
| browsers. 2


Symptoms of a SmitFraud Trojan !

Two part reply..

Perform Part 1 then perform Part 2.

If the first two parts don't work, perform the alternate section.

It is suggested that you execute each tool in Normal Mode then in Safe Mode.

If you are using any version of Sun Java that is prior to JRE Version 5.0,
then you are strongly urged to remove any/all versions that are prior to JRE
Version 5.0. There are vulnerabilities in them and they are actively being exploited.

Therefore, it is highly suggested that if there are any prior versions of Sun Java
to Version 5 on the PC that they be removed and Sun Java JRE Version 5.0 Update 6
be installed ASAP.

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version...

C:\Program Files\Java\jre1.5.0_06


http://www.java.com/en/download/manual.jsp



Part 1
-----------

Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool -- SmitRem.exe
http://noahdfear.geekstogo.com/click counter/click.php?id=1

http://www.bleepingcomputer.com/forums/topic43659.html


Part 2
-----------

Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the scan, it will be
displayed in your browser (Opera, FireFox or Internet Explorer). However, if you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be shown in your bowser
but your PC will automatically be shutdown. It is suggested that you move the report out of
c:\mcafee before performing another scan.

It would be best to scan in both Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.


ALTERNATE:

Part 1
-----------

Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool.

http://secured2k.home.comcast.net/tools/AntiPuper.exe

http://forums.mcafeehelp.com/viewtopic.php?t=65072


Part 2
-----------

S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php


Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in your reply.

* * * Please report back your results * * *

 

[Ike Milligan]

No. Apparently you aren't familiar with using CD burning software
which has the option of creating a bootable CD. With Nero, once
you select that basic option, it will allow another convenient option
to simply put the boot diskette in the A: drive. You don't have to
create a image file of the boot diskette, it takes care of that
aspect.

You then get a option to add folders and files. It will then burn
the CD and you are done.


That's what I had written and implied, but I was playing with this
this morning and realized that there's another correction in my
instructions that must be made, and there's actually a simpler and
better way to do it, though it might seem on the surface to be
awkward.

Using this alternate method, you won't have to use a bootable CD
or be concerned about overloading the target RAM drive. Just burn
the contents of C:\KAVDOSNT to a CD (less the three zip files).

You will need a Win 98 boot diskette as well as my special boot
diskette plus the CD you burned. On the ailing PC, use the Win
98 diskette first and make sure to select to load the CD ROM
drivers. It should later tell you which drive letter it assigned
to the CD ROM drive.

Use the DOS command line:

MD C:\KAVDOSNT

to create the target folder for the def files, etc, contained
on the CD. Then copy all files from the CD to that folder.
If the CD ROM drive is F: for example you would

COPY F:\*.* C:\KAVDOSNT

Now you are done with both the Win 98 boot disk and the CD.
Simply reboot using my special boot disk. A user interface
program with a scan options screen will appear. Make sure
to select disinfection. For the scan target, simply type C
and Enter to scan the entire drive C:\

The INI file is set to have KAVDOS32 look for its def files
in C:\KAVDOSNT by default so make sure you use that
folder for the def files.

Art
http://home.epix.net/~artnpeg

Ha! No wonder it didn't work the first time. I have Nero, but I am not
sure it is a full version of Nero, but an OEM which came with the
laptop. Therefore I used another OEM CD burning program which seemed to
offer either a data or music CD. Nero looked like it was for music only.

OK I will print this out and use my Win 98 boot disk. I have several of
them lying around that I used to use when I was running Win 9x/ME that
also boot the CD and assign a drive letter to it. I also have "PC
Doctor" which creates these disks for me the easy way. I used to write
the Config.sys and the autoexec.bat by hand, but that was a couple of
years ago and I don't remember exactly how I did that.

I took an old machine out of the storage shed, thinking it was Win 98
but it was the wrong one, looked like the right one but was an untested
clone from the roadside, so I brought it upstairs and the HD didn't run,
and I haven't had time to look inside the case to see why. My wife
threatens to leave every time I use the house for anything interesting.

Also have Nero on my main XP machine, but it had a configuration problem
since it came with the external CD burner, and had not the time or
patience to change the settings, and now neither the external CD burner
nor the one that came with the HP Pavilion box, that I initially turned
off (to make Nero work with th external one) are working, which leaves
the laptop if I want to burn a CD. So I copy everything to a 4 gig thumb
drive, attach it to the laptop and then burn the CD.

 

[Art]

Ha! No wonder it didn't work the first time. I have Nero, but I am not
sure it is a full version of Nero, but an OEM which came with the
laptop. Therefore I used another OEM CD burning program which seemed to
offer either a data or music CD. Nero looked like it was for music only.

What you want to use is just the basic data burn mode which allows you
to add more files later if you want. It's the same as for music files
actually.

OK I will print this out and use my Win 98 boot disk.

I guess you surmised that the purpose of the Win 98 boot disk is
simply to provide CD ROM drive access. A Win ME boot disk works just
as well for the purpose.

I have several of
them lying around that I used to use when I was running Win 9x/ME that
also boot the CD and assign a drive letter to it. I also have "PC
Doctor" which creates these disks for me the easy way. I used to write
the Config.sys and the autoexec.bat by hand, but that was a couple of
years ago and I don't remember exactly how I did that.

I took an old machine out of the storage shed, thinking it was Win 98
but it was the wrong one, looked like the right one but was an untested
clone from the roadside, so I brought it upstairs and the HD didn't run,
and I haven't had time to look inside the case to see why. My wife
threatens to leave every time I use the house for anything interesting.


Also have Nero on my main XP machine, but it had a configuration problem
since it came with the external CD burner, and had not the time or
patience to change the settings, and now neither the external CD burner
nor the one that came with the HP Pavilion box, that I initially turned
off (to make Nero work with th external one) are working, which leaves
the laptop if I want to burn a CD. So I copy everything to a 4 gig thumb
drive, attach it to the laptop and then burn the CD.

Well, it's unfortunate that def files have grown so large in total
file size that the use of diskettes is no longer realisitic.
Personally, I detest CDs. I've had all kinds of problems with them.
Be nice to be able to copy all the required files to a small capacity
hard drive that's been made bootable, and plug it in to the ailing PC
as a secondary master. Set the BIOS to boot from HDD1 instead of HDD0
and you're off and running

Art
http://home.epix.net/~artnpeg

 

[Ike Milligan]

What you want to use is just the basic data burn mode which allows you
to add more files later if you want. It's the same as for music files
actually.


I guess you surmised that the purpose of the Win 98 boot disk is
simply to provide CD ROM drive access. A Win ME boot disk works just
as well for the purpose.


Well, it's unfortunate that def files have grown so large in total
file size that the use of diskettes is no longer realisitic.
Personally, I detest CDs. I've had all kinds of problems with them.
Be nice to be able to copy all the required files to a small capacity
hard drive that's been made bootable, and plug it in to the ailing PC
as a secondary master. Set the BIOS to boot from HDD1 instead of HDD0
and you're off and running

Art
http://home.epix.net/~artnpeg

Yeah, but I didn't want to open up the computer case. I tried plugging
in a 4 gig thumb drive into its USB port, but I got a new hardware found
screen and no drivers to be found. This hardware found screen came up
even though Win 98 would only boot to wall paper. I tried putting in a
Win ME upgrade CD and could search the tree for drivers, but otherwise
could not access a CD. I didn't have my Win 98 upgrade CD with me, and I
don't know if any of those drivers would work either, or even if they
did whether the thumb drive would have worked with the crippled system.
Today when I go over there I will be prepared with at least a couple of
win 98 boot disks. Made a new one last night. The computer from the shed
turned out to be a Gateway Pentium II 400 with only 128 meg ram and Win
XP professional crashing a lot. Had to pull the battery to get into the
BIOS and boot. My wife threatened to divorce me for the umpteenth time.

 

[Ike Milligan]

What you want to use is just the basic data burn mode which allows you
to add more files later if you want. It's the same as for music files
actually.


I guess you surmised that the purpose of the Win 98 boot disk is
simply to provide CD ROM drive access. A Win ME boot disk works just
as well for the purpose.


Well, it's unfortunate that def files have grown so large in total
file size that the use of diskettes is no longer realisitic.
Personally, I detest CDs. I've had all kinds of problems with them.
Be nice to be able to copy all the required files to a small capacity
hard drive that's been made bootable, and plug it in to the ailing PC
as a secondary master. Set the BIOS to boot from HDD1 instead of HDD0
and you're off and running

Art
http://home.epix.net/~artnpeg

It worked. Scanned the HD and deleted 44 infected trojan files and the
start page virus. I haven't heard yet if Windows will boot properly. I
had to leave before I got a chance to test the boot-up thoroughly. Did
upgrade to Me also.

 

[Art]

It worked. Scanned the HD and deleted 44 infected trojan files and the
start page virus. I haven't heard yet if Windows will boot properly. I
had to leave before I got a chance to test the boot-up thoroughly. Did
upgrade to Me also.

Glad to hear you've made big progress. The upgrade to Win ME will give
the PC a fresh new registry, which is a good thing. I'd rename or
delete any autoexec.bat in the root directory. Sounds like there
should be little or no further cleanup work required once you get it
booting up into Windows. However, applications on the PC will have
to be reinstalled since the new registry knows nothing about them.

Art
http://home.epix.net/~artnpeg