online not connecting...changed 'hosts' file.

On Win 98

Hi I'm writting this from an internet cafe. My internet will work for a few pages after startup but then suddenly stop working. It just won't connect.

I'm not sure if it's related but it started at about the same time: upon bootup i get this repeated OS window saying (I'm remembering it here, so its not exact) " C:windows\....ZONE\ init.DLL not found, you are probably missing a root certificate." OK that's way off...i'll write down the exact quote when I come back to check responses but the point is my firewall isn't loading up at all anymore , and this pop-up message comes up like three times during start-up.

But the main symptom is I can't get online...I managed to update my Spybot and it didn't find anything wrong. I also have AVG...when I tried to update it said 7.5 was the last version for win 98 (I know I need a new PC) so it can't update anymore. BUT it did find one thing : a changed 'hosts' file. But the program doesn't change it or fix it.

I found three files under C;\Windows : 'Hosts' 'Hosts backup' (with some date attached) and i think a Host.sam or somthing. I looked at some pointers in this thread that showed when i typed in my subject:

http://forums.majorgeeks.com/showthread.php?t=49019

It says to run Spybot as 'administrator' in safemode but i think thats an XP thing, I've never seen 'adminisrator' in 98 , i'll still run it again in safe mode to see if thats helps but i'm sure i allready tried that.

With no online I can't use online scanners...and with win98 i don't know which anti-virus's to use that are still supported. I've allready gotten rid of my Ad-aware cause it won't update and I all ready had AVG. I think someone told on this forum told me to pick one anti-virus cleaner.

Is it safe to just delete the Hosts files and have the PC re-install the right ones or is that dangerous? Will the re-directs just come back ?

oh and running crap cleaner , checking the registry it listed so many dll's as malware I thought it had to be a mistake. I deleted them anyway, and upon reboot, windows said my video-driver (i think that was it) wasn't working and it had to re-install an early back-up version of the registry.

Thanks for any help, coming back to the internet cafe tommorow.

 

Chaslang:

Sorry for not responding sooner as I have to make it to the net-cafe.
And sorry for forgetting to go through the READ ME FIRST procedure which I have since tried :

To quickly answer your questions before getting to the more recent developement (endless reboot loop):

I'm on DSL(and win 98).... I uninstalled ZoneAlarms, found a ton of registry errors in CC relating to Zone alarm and removed them, and found a ton of Zonealarm related entries in Hijack this and removed them..ok so the hosts may have had nothing to do with this...

I found I could get online for 2 or 3 minutes at a time after each start-up but would the have to reboot to get more pages once the online stops working. This is how I got the malware programs installed and updated

I am currently in a start up loop where the system just hangs during reboot over and over without reaching either normal or safe mode. I can only get command prompt. Here's how I got there if you want to know what happened otherwise skip to the next bold line:

.

Trying to start up SUPERAntispyware it wouldn't start up as it kept trying to update..and not being able to reach the net it would hang..Trying it from the start menu I got two prompts:

"C:\Program files\Superantispyware\RUSAS.EXE A device attached to the system is not working . Error starting program."

and

"The C:\Program files\Superantispyware\RUSAS.EXEexpects a newer version of windows."

So at that point I gave up on SUPERAnti-spyware.

Moving on to Spy-bot..managed to get the main program installed and the updates downloaded separately with the intention of updating manually. It turns out that spybot needs to get files online during installation and because I was doing so after my online was not working i got this prompt during installation, at the point it said "ready to install":

"File downlaod
file: updallocator. php
The server name or address could not be resolved"

I then rebooted and tried to install right way before the online went out and was successful. I clicked on the settings--->ignore cookies tab but chose not to check any cookies to ignore...and it listed a ton of them. I ran the scan and it said it found no threats. Which I thought was weird because it had found a ton of cookies in another tab.

Also before the malware programs I installed a USB card reader...and started getting a 'umonit" thing and a "Creaderremovetray98" in the Ctr-Alt-Del list of running programs.. I assume they are supposed to be there.

I rebooted after the spybot scan to download the MGtools program as my net had hung again. At that point it started showing start-up issues. At first it was only having problems getting to normal mode and got into safe mode. I tried to backup some files on Nero and got this message trying to load the program:

"Nero
The Win-ASPI file '?.?' cannot be found, therefor you can currently select only image recorders. this missing file is one the Windows 95/98/Me files Please fix this program. Error 16: No adapters"

Some window popped up where I had to manually chose a drive and I picked my CD-R and then got to the 'add-files" part of Nero. The PC hung during file selection. I then had to reset the PC, that's when things got really bad.

I keep getting the selection list where you chose "mormal mode" "safe mode" ect. I would choose safe mode and it would start to load up as usual but just at the part where it is about to get to Windows it just kind of goes black for a second and I hear the "beep" coming from inside the PC casing (not the speakers) that you hear when you reboot and sure enought the start-up is restarting! And then even that process started to get worse. The blue "scandisk" screen where it says it has to "check your folders because windows wasn't closed properly" started to load up more slowly...and then it would come up but then suddenly get skipped over all together. There where a few times it would spontaneously reboot BEFORE it even got to the mode list. I can still get to a command prompt.

Is there anyway out of this or am I screwed?

Is there a link or tutorial somewhere to do malware removal from the command prompt?

All I can use is a floppy disk drive to try and salvage any thing, is that even possible? UGH

I really just want my Firefox bookmarks more then anything...so much research on there..

I am thinking about getting a new PC, if my system happens to be a goner..is it possible to salvage files on an old hard drive by connecting it to a new PC, without going through the old PC's OS ? (pardon the multiple questions i just need to ask 'cause i have to bus back and forth for answers.)

Thanks so much for any help. Rob