No, you're not an idiot. sorry i couldn't post a little sooner. In order to get to dos mode, you need to hit f8 as your computer boots up to access the boot menu. This lets you choose a few different ways to boot up. One of those is dos mode, and one is safe mode commmand prompt only. Choose that. Then you want to type cd _RESTORE\TEMP when you see something like C:\> and then type attrib YourFileToDelete -s -h -r -a ren YourFileToDelete YourFileToDelete.bak The first command makes the file non-hidden, non-system, and non-read only, the second renames it so that it won't do anything nasty. Reboot by actually pressing the power button. You may be able to just press and release it, or you may have to hold it in for about 5 seconds. Give us an update... ~Jag

0

On pressing F8 I have accessed the menu and found SAFE MODE. On selecting it a jagged version of my desktop loads. I don't get any C> prompts. Errrr? :-(

0

Reboot and press F8 like you did before, but select SAFE MODE WITH COMMAND PROMPT, not just SAFE MODE. Took me a few tries to find it.

0

NOPE!!! When I use the F8 key I get 4 choices: NORMAL LOGGED SAFE MODE STEP BY STEP CONFIRMATION Still stuck up a gumtree!!And the VIRUS is spreading. But it is nice of you all to try and help me. More help welcome!!

0

Three ways to get to the command prompt: 1. The command prompt should be one of selections along with the Safe Mode selection on the menu list when you press F8. 2. If you still don't see the Command Prompt selection, start the pc (either Safe or Normal mode) and to Windows desktop. Click the Start button, select Shutdown, and select Restart in MS-DOS mode to get to the DOS command prompt. 3. If #2 didn't get you to the DOS command prompt, look up "Command Prompt" in Help in Windows ME by clicking Start, select Help, select the Index tab, type Command Prompt (or anything else you want to look up) to get the information you need. In fact, you can look up many commands, controls/functions, and computer terminology either through the Help method as described in #3 or look up both basic and technical information specific for Windows ME or other operating systems at wwww.support.microsoft.com

0

Although not the best way, the fourth method is to run the MS-DOS Windows program. Select Start>Programs>MS-DOS Prompt.

0

hi emma, try this if you wish: go to www.thepublicworks.com security section, look in free stuff, free anti-virus, link to f-prot for dos, download it, get new virus defs, then scan your computer using f-prot in regular mode. it should catch those buggers, and delete them. all the best, murve

0

Murve, Do you know the answers to the following two questions about running DOS antivirus scans: As per FAQ from F-Prot Antivirus for DOS - Support: "Please note that there is a problem with running a DOS antivirus scanner on Windows NT 4.0 / 2000 / 2003 / XP systems. It is not guaranteed that all files will be scanned. The reason for this has mainly to do with long filenames and non-ASCII characters in file names. DOS only "understands" 8 character long filenames. Therefore use F-Prot Antivirus for Windows to scan Windows NT 4.0 / 2000 / 2003 / XP systems. 1. Why wouldn't the long-filename limitation apply to Windows 95/98/ME? 2. What implication will running DOS antivirus scan have on System Restore? I read from one encounter that all data store in System Restore would have to be purged using the FIFO methods or completely. Do you know from personal experience?

0

Name: Emma Talbot Date: June 14, 2004 at 01:24:16 Pacific Subject: DIALER 8U in TEMP FILES - OS: Windows ME CPU/Ram: Pentium 3 I think You will NOT, have a "restart in MS-DOS mode" at the "Shut Down..." button. As it's not available in "Windows ME". To get into real DOS mode, you would have to start your computer with a startup disk. Instructions for making one, are here. Then use it, to start your computer. Insert the startup disk you've made, into the A: drive, and restart the computer. When you're prompted, to choose what type, choose Minimal. Back to the system restore. Have you disable it? Also, did you leave it disabled? If it's not disabled, do so now, and leave it disabled until the problem is fixed. Back to deleting things, while in real mode DOS. I will type somethings, for you to do. They may get wrapped (put on more than one line, but it is all one line, no spaces, unless indicated), so I will inform you, of a start, of a new line. The red *, don't type it. It's to show, were there are spaces needed. As I said before, I'd indicate, when needed. After you've started the computer with the startup disk, and selected minimal. You will be at A:\ Now type this; c: (Press Enter) (New Line) cd*windows\tempor~1\content.ie5 (Press Enter) (New Line) del*index.dat (Press Enter) (New Line) cd\ (Press Enter) (New Line) cd*windows\temp (Press Enter) (c:\windows\temp should be displayed. If not, do NOT, do the next step) (New Line) del**.* (Press Enter) (You will be told, that all files in the directory will be deleted, and asked if you are sure. As I said before, you should be at c:\windows\temp, If so, answer Yes) (New Line) y (Press Enter) Now, when the "c:\windows\temp" is back at the line. You can remove the startup disk, from the computer, and press the Ctrl Alt Delete (buttons) at the same time. The computer will restart. Now if you want to delete another file, change to it's directory/path, and delete it by name. Or del, and the path to the file, including the file name. If you need more help, someone should be able to lend a hand. Good Luck, CrazyOne

0

Golly - so much advice! Murve - I'm looking at that download now Top Speed, Crazy One et al - thanks - I'll have to print this all off at work tomorrow and bring it home for a look (cos it's too much to write down and I don't have a printer here). More advice and comments welcome in the meantime. I will post to let you know how I'm getting on later in the week. But thank you all for your words of advice....wonder how much a new computer will cost!?!!

0

Emma, You're welcome, and good luck with your problem. I'll be out on a call, for a couple-few days. So when I check back, hope to see you in a good, happy mood ;-) CrazyOne

0

top speed, first off, windows millennium does not operate on physical dos, as it still uses fat 32 not ntfs. windows millennium uses virtual dos which is hidden in the me code. you can't access the dos system, the only way you can do it is by using the system operating disk, as crazy one mentions. as for using f-prot for dos on a windows millenium machine makes no difference. although the best way would be to make f-prot start up disks, using f-prot for dos in regular mode won't affect anything as far as i can see, it may just solve emma's problem. all the best, murve

0

Murve - I'm afraid you lost me there! I have looked at the website you recommended but could not download the things you recommended. I've been having server connection problems so I don't know if the problem was at my end or theirs. Crazy One - this is what I did: Disabled System Restore, ran AVG and deleted anything it found (it did not find the TEMP files - I guess it couldn't with the SR off?), created a START UP DISK, used it and followed your instructions to the letter (VERY GOOD - SPOT ON!!), restarted machine, reinstated system restore, ran AVG - CLEAN!!! WHICH IS BRILLIANT AND I'M VERY IMPRESSED!! THEN...I updated my CWShredder and this got rid of my Easy-Search.biz homepage problem. BUT...there would be a BUT wouldn't there... PROBLEMS: 1) Dialer 8u keeps sneaking into the following file: C:\Windows\Dialup.exe 2) The easy-search.biz thing keeps returning 3) My internet remains S L O W and most of the time I can't make a connection (though this site works well - Thank God!!) So in short - I've clearly made progress but I'm still a few yards short of the finishing line. Any thoughts? I'd just line to finish this post my saying THANKS for your help so far - I'm dead impressed. I'm pretty good with setting video recorders but this stuff is beyond me.

0

Murve, thanks for your response. I still don't quite understand or will have to look into why the long filename restriction for F-Prot Antivirus for DOS doesn't apply to Windows 98/ME as well since both operating systems allow long filenames. Emma, Based from the observations you made, you may have to remove the remaining assoicated malware files and registry references manually for both Dialer 8U and the homepage problem. I looked up Dialer 8U (and dialer) in the AVG's Virus Encyclopedia on grisift.com for a malware description, and the searchable database didn't even find information on Dialer in general. Would you be willing to run two other free antivirus tools with better support documentation? I would run the online antivirus scans from Trendmicro.com and Symantec.com to get a different malware identification for Dialer 8U and other security threats on your computer so you can follow-through with any manual removal procedures if applicable. Each antivirus tool will have a slight differenct name or alias but Trendmicro often include identified alias from other antivirus programs. Documented virus descriptions, kown issues, and removal procedures are clear and simple to follow from both sites. Before you run the two antivirus, just a few reminders: 1. Still keep System Restore disabled until you can confirm that your computer is free of malware. 2. Delete cookies, temp and temporary Internet files, and empty Recycle Bin as before. 3. Disable any other antivirus software from your Sys Tray (right mouse-click on the icon) temporarily to avoid causing program-conflicts. Run online Housecall and Symantec scans. Remove malware and look up the virus encyclopedias for manual removal procedures for any detected malware not removed by the antivirus software.

0

Some Dialers can be terminated from running in memory from Task Manager, but you should install a third-party viewer for Windows 95/98/ME systems to help you identify the dialer program (and other malware) running in memory. Trendmicro.com suggests a free third party viewer from www.sysinternals.com. Download and run the software and open your Task Manager so you can identify and terminate malware or dialer programs from running in memory if any. Also, look for suspicious programs installed and clues in: 1. Right-mouse click on C:\Windows\Dialup.exe Select Properties>Version tab What is the copyright and company information? 2. To your System Configuration Utility startup tab. Click Start>Run>type msconfig>Startup tab Notate and google any suspicious program files running at Windows Startup. If it's identified as a malware disable it from running at startup so you could delete it from the specified path in Windows Explorer. Don't restart the pc when prompted until you have identified and deleted all malicious startup files from Windows Explorer. 2. Double-click on the Add/Remove icon in Control Panel. Visually scan for any suspicious and unintended program installed. If it's a malicious program, uninstall it and remove the program files/folder from Windows Explore.

0

Please install and run Ad-aware 6.0 from Lavasoft if you haven't done so as this software will help identify other Internet threats. http://www.lavasoft.de/ Beware of downloading software of similar names or websites. In addition, many malware and spyware are downloaded from antispy websites.

0

Emma, Could you do us a couple of things, please. Go to; c:\windows\downloaded program files and list the things, in this folder, thanks. Exactly, as they appear, the names. Also, press Ctrl Alt Delete (buttons) ONCE, as you did before, but with the computer running windows. Then make a list, of all things that are listed, thanks. After you've made the list, click the [Cancel] button. Do this last one, while you're not on (connected) the internet. You'd most likely get dropped from the internet, while you were writing the things down :-) That's likely :-), not certain. I think, I'll bow out of this one. (but still monitor)Can get to many people having you do things, and it can get nerve racking, and confusing. Besides, somethings I'd recommend, might not be looked upon as a good thing, by some ;-) But, one would help answer the questions quicker, with less work ;-) Good Luck, CrazyOne p.s. Your first mention, of the "Easy-Search.biz", I think ;-) And yes, those 'but's, can really be a pain in the butt.

0

Crazy One. System restore is back off and I have re - run your start up disk instructions. Here are the seven items from the c:\windows\downloaded file. Thefirst three have "unknown" install info, the other have dates listed beside them (not given here). {034CC2DC-3245-4B26-B5C7-7B8777739CB7} {32564D57-0000-0010-8000-00AA00389B71} {AD7FAB0-16D6-40C3-AF27-585D6E6453FD} IMDownloader Class Quick Time Object Real ArcadeRdxIE Class Shockwave Flash Object And here are the files listed when CtrlAlt Del is pressed once: Explorer Imapp Avgcc32 Poproxy Mshta Windll32 Esb Qttask Sistray Khooker Syntpenh Chtvinit Syntplpr Pctvoice Systray Svgserv9 Runwin32 It's all Welsh to me!!! I have got LAVASOFT ADAWARE. It is running faster since I did the START UP DISK proceedure and as ever it fishes out loads of CRAP, all of which I delete. I have yet to investigate TOP SPEED's download suggestions but will do so soon and will post any results. Any thoughts regarding all the stuff I have listed above?

0

hi emma, please follow the instructions that i gave to mortal8 in a post 9 names down. if it works for mortal8 it will work for you. all the best, murve

0

Emma, "Any thoughts regarding all the stuff I have listed above?" Yes, you have some nasties (malware,virus, ect.) So, as advised, run some AV software, adware, bot, trojan, ect., removal software. Some, can be found on this page. Can give more, if needed. (free) IMPORTANT: Didn't see anything listed, for windows update. (as she/he shakes her/his head) ;-) So, I could assume, that you haven't done any. Or, another possibility is you've downloaded them, at another computer, and installed them on the computer in question. There are other ways, but I'll stick with my first assumption ;-) You need to keep your OS updated, along with the AV, and other software. Good Luck, CrazyOne

0

Instead of all of these technical details that they are putting you through, why don't you just browse through your temp files find the file it refers to and delete it if is a dialer try putting spysweeper or adaware on the computer and run a scan to delete it your welcome

0

t_evl1, You wrote, "why don't you just browse through your temp files find the file it refers to and delete it" Go back to the original questions, and read it again, thanks. Also, some of these files were in the system restore (can't just delete separate files, at will), and the IE cache. The reason, for my directions. And, if you had read everything, you would of known, that this person is using AdAware. Enough said, later, CrazyOne

0

Ok guys - time for an update. Things are getting a lot better. I noticed that my internet connection is switching to "Proxy server" so with that reset I can use the internet and download things. I already had ADAWARE and AVG and CWShredder. I got two versions of ViRobot (which seems to have knackerd my WORD but soon I'll unistall it and hopefully that will fix it). I got TDS3 too. I reran the "delete temp files" stuff and hand deleted my history and cache. That seemed to do something and now when I run AVG I get no DAILER 8. My HOMEPAGE RESET problem has been solved by the CWS and things are looking good. The PROXY re-asserts itself when I switch off - is this because I still have system restore off? Want a new question? I purchased an upgrade to my NORTON in a shop. It is a disc. I have NORTON 2001. The disc wants me to uninstall the old NORTON before installing the upgrade. How can I upgrade something I don't have (having unistalled it)? Soon I'll get round to emailing Symantec but thought I'd just post this here whilst I'm at it.

0