something isn't right

i got the new adaware, but whatever is stopping my computer, it still won't let me near Merijn. is that where the cure is?

 

i try and do all of these things you tell me on both internet explorer and on firefox. i don't know if there is a difference or not because it always seems to get the same results

1. in internet explorer when i try to log onto the spywareinfo.com website it says this page cannot be displayed and when i try and log on in firefox it says the connection was refused when attempting to contact www.spywareinfo.com

2. i cannot download cwshredder either from internet explorer or firefox because i cannot get to the website

3. i can get to http://www.majorgeeks.com/download4086.html on both internet explorer and firefox

4. when i clik on merijn using either internet explorer or firerfox on the majorgeeksdownload 4086 page on explorer it says this page cannot be displayed and on firefox it says the connection was refused when attempting to contact www.spywareinfo.com

5.the answer to number 4 was no, so i tried to get to www.majorgeeks.com/download1385.html and was able to get there on both inernet explorer and firefox

6.i was able to download belarc with both browsers.

7. the version of adaware is adaware se personal and i downloaded it from the link that major attitude gave me on the #2 post -http://forums.majorgeeks.com/showthread.php?t=35407
the results of the scan was 9/9 objects and all were IE Cache and were data miners. i removed them. the definition file is def file se 1r3 12.08.2004. there were no newer updates available.
also when i downloaded the software advised me to uninstall vx2 and adaware6.0 which i did.

Then i closed all applications including internet explorer, firefox, i don't have netscape and then i ran hijack this and am including the log. if you have any further questions just please be very specific and i will answer. thanks.

 

1. where is the planet mirror link? please be very specific.

2. the version of adaware is 1.03

3. i attached the hosts file. and downloads in the internet options dropdown security tab is enabled and there is nothing listed in the restricted sites.

4. i could find no mention of a firewall in my norton's. it is just the anti virus version. is there a firewall somewhere in internet explorer or maybe in comcast?

5. and i removed those lines from the hijackthis log.

 

here is the hosts file, i hope. the hosts file is not showing up and it says because i have already atttached it. but it does not seem to be here that i can see unless they mean when i attached it in my post #25.

 

i was able to download cwshredder and i ran it and it found a trojan. the message said it was a cool web search byte verifier bug in microsoft java virtual machine (MS Java VM) and is already classified as a trojan strain byAV companies. It seems to be installed by certain popups on adultwarz galleries. it is unknown which popups. it said i could prevent it from happenening again by closing the hole or to remove msjavavm altogether since it is not supported anymore anyway. if you have windows xp without sp1a then install that.

that is the good news. at that moment comcast went out. so i had to "recycle" my modem & router and turn off both computers. so i was unable to download the SP1a or to remove ms java vm, which i do not know how to do anyway. when i rebooted it was back. so now i have to start over. but i have to leave now to help my sister take my nephew back to school and will not be back until much later today. in the meantime when i ran shredder again i got this message"CWShredder v1.59.1 scan only report
Please understand that a CWShredder 'Scan only' report
might not be sufficient to troubleshoot an infected system.
You can use HijackThis for that:
http://www.merijn.org/files/hijackthis.zip
http://www.spywareinfo.com/~merijn/files/hijackthis.zip

Windows XP (5.01.2600 SP1)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\System32
AppData folder: C:\Documents and Settings\janice\Application Data
Username: janice

Found Hosts file: C:\WINDOWS\System32\drivers\etc\hosts (734 bytes, A)
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
Found Win.ini file: C:\WINDOWS\win.ini (607 bytes, -)
Found System.ini file: C:\WINDOWS\system.ini (227 bytes, -)

- END OF REPORT -
and i cannot update shreddr either. when i come home i will uninstall and reinstall shredder because it won't get rid of it now. i do not know why. then i need to know how to get rid of this java thing and i will also try and update windows although i thought i had. also since i have never been on an adult warz web site and it said it didn't know which popups i do have a clue for whoever fixes these things. since my computer is so new i had no popups until recently. i don't know how i got it but it has something to do with something called "Gain" that is the only thing on my computer that is causing popups so it has to be the link to this trojan. i don't know how to get rid of the gain thing either if you could help with that. it doesn't show up in add/remove programs so i don't know how to find it.

 

1. i clikked fix and it says my system is clean now. what is the "hosts are found"? is that a bad thing?

2.I updated spybot and it found two things which i removed

3. updated adaware - it said build SE1R4 16 08 2004 Date 16 08 2004 and removed 23 items.

4. i tried to remove java, i have tried it over and over but it says could not locate INF file 'java.inf'. does that mean it already gone from my system? the programs menu shows a java web start and belarc shows java web start and javaw.exe

5. the gain link told me how to get rid of gain. my programs only lists a gain publishing and that shows about gain and gain publishing. i never get to an item that tells me what gain supported software i have which their instructions told me i find. is this gain publishing the thing i should be looking for. when i clik on the about gain item i get a message which says GMT has changed or moved. do you want to delete which i said yes to. but the gain publishing item remains in my program menu. if i right clik on it will i be able to delete it that way?

6. also when my computer was still nutso, whenever i went to the sites you gave me which had the major geeks1, major geeks 2, and planet mirror links on those sites and i clikked on those links they were totally non functional. that's why i didn't always know what you were talking about. i would clik on everything until i could get to the site and then i couldn't do anything there either. everything was just locked up. i'm telling you this just so you don't think i'm totally crazed.

 

1. spybot found DSO Exploit and Alexa

2. adaware found 21 negligible entries which were MRU's a d
IE Cache Entry - cookie adserver.com
IE Cache Entry - cookie tribal fusion.com
IE Cache Entry - cookie centerport.net

Everything else seems to be working great! Thank you very much. you showed incredible patience.

i have a couple questions also.

What do i use belarc for?

Should I always use Mozilla when using the internet? And should i put it on my other computers?

I know you said i have a norton firewall, but i don't know how to get to it or how to set it up. I stopped using it on my old computer because it totally kept me off the internet. I guess that is one way to protect your computer. but i don't know how to tweak it to allow me to go where i want to and how to keep out everything else.

Should i always delete stuff from spybot and adaware and not keep it in quarantine?

i was going to buy spysweeper for this computer, but is spy blaster the same thing; is it as good or better or are they two different things?

is there anything i installed in this process that i don't need and should take off this computer or should i leave everything and use them all, all of the time.

Finally how does all this transfer to my old windows 98 computer. i am assuming they both have the same thing since they both started acting weird the same time.

And now something totally new and different. when i got the new dell (not the laptop that you have fixed for me), my husband asked me to transfer his address book from the windows 98 outlook express to comcast email. it took a lot of research because there really is very little devoted to the address book, but i had to change it to some strange file extension and send it to comcast email. I did it but when it got there it had multiple entries for the same people. and he cannot delete or edit these names. there is an error message that says some entries cannot be deleted or edited. log out and try again. bottom line it takes forever to boot up, he is nearing capacity for the address book altho most are duplicate entries. if he tries to edit, it becomes a new entry whcih also cannot be deleted or edited. he wants to use outlook on the new computer, but is afraid to transfer the file again. my address book that i did the same way is fine. my girl friend said it is probably a read only file, but she couldn't figure out how to fix it either.

 

i had trouble attaching the hijackthis log. i'll bet that surprises you.

 

1. i am up to date with all critical updates from microsoft

2.i am using mozilla firefox. that was what you told me to install. i don't know if there is an advantage to 1.72 over firefox or what.

3. i'll study up on norton to know what it is all about.

4. i installed spyware blaster. now how does it work. it does not scan. is it just working in the background to keep stuff out? also where it says it has disabled internet explorer, disabled restricted sites protection, and disabled firefox protection, is that a good thing or if you have them all up and runniing aren't you better protected. or would they have conflicts with each other. i thought i was using firefox for better protection, but if this has disabled it do i still need firefox? if i am using this, is the norton firewall a separate protection protecting you against different stuff or do i not need to use the norton firewall?

5. do i still need vx2 or does it only work with adaware 6.0?

6. i am not using aol, it just came with the computer. should i uninsatll it.

7. how do i get all these setup shortcuts for all the spy and virus software off my desktop or do i need them. if i need them can i put them in the unused desktop icon?

 

i do have adaware and spybot on my desktop. what i want to get rid of and move to the unused desktop icon thing is the icon for adaware that says aawsepersonal, house call netscape ( do i even need that one), plvx2cleaner,aboutbuster.zip, psa201se_us.exe,spybotsd13.exe, ccsetup112.exe,firefoxsetup, advisor.exe, and a2freesetup.exe. i am leaving the icons Ad-AwareSE Personal, About Buster, spyware blaster, hijackthis.zip, Spybot - Search & Destroy, HSRemove.exe, Belarc Advisor, a2 Start Center,cwshredder,zip, and delcwssk.zip. is realplayer part of one of these programs? do i need it?