Computer moron needs your help

Hi all I really can use your help. to begin with I am a total computer moron, I do not know much about computers and when something happens I really get scared heck I am scared to look at the computer itself
LOL. i currently Have AVG free to use at home, Ad-Aware SE 1.06, Spy-bot and Zone larm............I tried out the free McPhee scan and it came up saying.
Threat Name:Exploit-IE PageSpoof I have no idea what this is, is it something to worry about? Also can i find some freeware that will remove this? Please someone help.
HappyNew Year to you all!
Forgot to add that i am running windows 98 SE
and it is a Dell computer.

 

Welcome to MajorGeeks.com, please follow the steps below:

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

Downloading, Installing, and Running HijackThis

Post back in the Malware Removal Forum.

 

Hi here is the log.from hijack this can you please tell me what i can do next thanks so much..........when i rebooted in normal start up mode a message came up it said"Error Loading C:/PROGRA~1\NEWDOT~1\NEWDOT~1.DLL , the system cannot find the path specified. please helm me I am quit the worried wart right now! Thanks for your attention and quick response.

 

Please go back and follow the Read Me first from the beginning; several steps have not been done. You have HijackThis installed incorrectly.

Uninstall Logitech Desktop Messenger using Add or Remove Programs in the Control Panel.

 

I don't know what to do now?I am confused at this point? I am sorry for taking up your precious time i noticed that new.net was taken care of as it is no longer on my system, Now as for HijackThis do I have to uninstal it and then reinstal? Please help me if you will.Thanks a bunch!

 

hello thanks for your help I believe that the malware was removed , however a message came up when i was closing my computer down it said OE-at
0028:C0031580 can anyone please tell me if i have anything to worry about please and thank you all for your kind help and support, I am so happy that i have found this forum i checked out others and this one really is more helpful to me.

 

I was also hoping that maybe someone can please tell me how i=to uninstal HijackThis and then reinstal it. Once again thank you all.

 

well i hope I did this right agian, I am certain that i installed HijackThis properly here is the log for you to take a look at.Thanks again.

 

Hi I am needing your help in a very big way!

I am so frustrated and ready to throw my computer across the room I can't believe how long I have been trying to instal HijackThis properly I am running windows 98SE please please please someone help!! I am so upset right now i wish i could get it right it tells me to go to the start menue and look for explore i don't even have that on my computer?I am clueless............please your patience and help would be greatly appreciated!

 

Wildhorses stay in your original thread.

The instructions tell you how to insall HijackThis correctly.

Click on the link that has been provided not once but three times and follow directions.

 

hi I am not sure what happened with bidefender scan I am going to look for it and i will send it soon as i find it.

 

Hi I found that scan can you please tell me what i can do next, thank you so much for all your patience.

 

well here goes again I won't sleep until I have it right and hopefully this time.... I know you must be getting very angry and frustrated with me but I did save it to my program files and had to change it to HijackThis#2 so sorry for taking up your time.Thanks againFor your kindness and patience.

 

is there any other solution instead of hijackthis I am having a terrible time here.

 

Hope it worked!

 

Scan with HijackThis and fix the following; by placing a checkmark in teh box next to each line:

Click-on the 'Fix checked' button, close HijackThis.

Copy the contents of the below quote box into notepad; Save As MyWayFix.reg to you DESKTOP.

REBOOT to Safe Mode.

Open Windows Explorer; navigate to and delete the following:

REBOOT to Normal Mode.

Download, install and run CounterSpy.

Post the CounterSpy log and a fresh HijackThis log.

 

can u please tell me how i open windows explorer?Thanks again!

 

ok I figured out where windows explorer is now what do i do with the files that i deleted they are sitting in my recycling bin, I hope i did this right.Thanks again for your quick replies really appreciate it.

 

Please someone help me! I don't know how to post a counter spy log it has no button for me to do this please can someone help? Thanks again for all your kindness in helping me.

 

i don't think this is working am i suppose to print out Counter spy and then type it out manually?

 

I really need some rest I have not slept for well over 24 hours I am going to leave my computer on and hopefully i will hear back from someone soon!Thanks again

 

i don't think i am running the CounterSpy properly, please help me! I am so worried I don't know how I am going to get a log from the counter spy to you, i would really appreciate it if you could get back to me soon!Thanks again.I have already ran 2 scans as i am trying to attempt getting a log from this counter spy to you.(

 

Save the scan results as a text file, and attach the log.

Empty your Recycle Bin.

I'll post more instructions after I have read your HijackThis log and have seen teh CounterSpy log.

 

this may sound stupid but how do I make a text file?

 

please I am clueless and franckly getting very frustrated please if you will tell me how i can make a text file I would really apprecaite it.

 

I don't know when i am going to hear from one of you but i am waiting patiently and worrying like a wart, can some one please tell me what I have to do to get the CounterSpy log on here I am new to computers when you say edit I am sitting here clueless? If i have to type out the log in here i will do just that please let me know?Thanks!No one is really telling me how to edit the log for counterspy, i am just trying to save my computer from any terrrible damage.

 

Once you have finished a scan with CounterSpy, on View -> Spyware Scan -> View Spyware Scan History. Next click on the scan you want to view, then click view full details of scan. Right- click anywhere in the windows that just opened, click on Select All, right-click again select Copy. Now open notepad and right-click anywhere in notepad and select Paste. Now Save As ConterSpy.txt and attach to your next post.

 

here is CounterSpytxt.Please view and let me know what to do next thanks alot.

 

I think hijackthis is attached with the ccounter spy log

 

Using Add or Remove Programs in the Control Panel; uninstall the following:

Copy & Paste the contents of the below quote box into notepad; Save As Fix.reg to you Desktop, which is loacted a C:\Windows\Desktop.

REBOOT to Safe Mode.

Open Windows Explorer; navigate to and delete the following:

Now double-click on Fix.reg on your Desktop and answer 'Yes' when asked if you what to merge with teh registry.

Now REBOOT to Normal Mode.

Follow the directions for Running WinPfind by OldTimer.

Post the WinPFind.txt file after you have finished.

 

you told me to uninstal Fun Web Products,Weather bug, and wild tangent from my add remove programs i did ont see any of these listed.Please what can i do?Thanks again.

 

Hi I was looking for the quotes that you wanted me to delete while in safe mode and in my windows explorer, However 4 of the quotes were not there?
the quotes that were not there are as follows:
C:\windows\system\aamd532.dll
C:\windows\extract.exe
C:\windows\system\sh.dll
C:\windows\system\ietoolbar.dll
I am not going to go ahead and do anything else until you recieve this message and respond back thanks again.:0)

 

If they are not there; then they are not there. Procede with the remainder of the fix.

 

Hi Shadow_Puter_Dude,
in the rest of the fix it says to double click on the Fix.reg on the desk top and answer yes when asked if i want to merge the registry i did just that, and it said cannot import C:\WINDOWS\DESKTOP\Fix.Reg:
The specified file is not a registry script.You can only import only registry files?
Once again i am sitting here scratching my head clueless what to do please get back to me soon..........Thanks

 

Did you copy and paste the file exactly as shown in the quote box?

 

Yes I did post it exactly the way it is in the quote i double checked and even had my roommate double check it

 

well after a few attempts it went through now i am going for that log.

 

Wow: can't believe that was not too hard to get, now I am going to cross my fingers and hope i did it right.
Here is the log please view it thank you very much!

 

Do the following:

Start -> Run

type regedit

'OK'

Regedit will open; navigate to the following Registry Key:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser

Locate {5A074B29-F830-49DE-A31B-5BB9D7F6B407} in the right window and delete it.

Close Regedit; Open Windows Explorer and navigate to C:\PROGRAM FILES\ASKJEEVES <<------ Delete the Entire Folder. Exit Windows Explorer.

REBOOT.

Update the definitions for Ad-Aware SE; run a full system scan let Ad-Aware fix what it finds.

Update the definitions fo Spybot S&D; run a full system scan let Spybot fix what it finds.

Update the definitions for CounterSpy; run a full system scan let CounterSpy fix what it finds. Post a log from CounterSpy.

Post a fresh HijackThis log.

 

Here are the logs you requested please view and let me know what to do next.Again thanks Shadow_Puter_Dude.

 

Copy & Paste the contents of the below quote box into notepad; Save As Fix.reg to you Desktop, which is located at C:\Windows\Desktop.

REBOOT to Safe Mode.

Open Windows Explorer; navigate to and delete the following:

Now double-click on Fix.reg on your Desktop and answer 'Yes' when asked if you want to merge with the registry.

Now REBOOT to Normal Mode.

Who is your computer running?

 

Hi Shadow_Puter_Dude,
I think you are probably going to get mad at me I went into safe mode and went to navigate & delete the quotes you told me too and never did see any as you quoted the closest i seen to one of the quotes was
C:\windows\cookies\advantage@dist.belnk[2]
I am afraid to go on at this point so i will wait to here back from you.
And now to your question,
Who is my computer running? Well that is pretty obvious and sad as I am computer litterate.Please if at all possibel email me back.Thanks again..........
Wildhorses

 

Sorry, I meant to say How not Who.

If the files aren't there then they aren't there, they were deleted by a previous scan.

 

Hi Shadow_Puter_Dude,
Thanks for all the help you have given me, I have ran the counterspy scan and it still shows:Funweb products, weather bug, wild tangent.when it gives me chioces the remove or to leave it it recommmends leaving it should i remove it in counterspys fix?Thanks again for all the help you have given me.

 

Run a full Ad-Aware and Spybot scan what do they find?

 

Hi Shadow_Puter_Dude,
I can't believe how much my computer has slowed down today, I don't belive it is the memory because I have 50% total memory left can you tell me what I can do to make it speed up.Thanks so much My memory is 256 ram total,4.10.2222A.Thanks again.

 

Uninstall CounterSpy.

256Mb of memory isn't really all that much, and Win98 is extremely inefficient when it comes to handling system memory.

CounterSpy is the only program I had you install that has a resident real time module.