Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


I'm so confused and hope I'm doing this right

  • This topic is locked This topic is locked
2 replies to this topic

#1 amiaskan


  • Members
  • 1 posts
  • Local time:03:45 PM

Posted 05 March 2009 - 01:05 AM

Could someone assist me please? I am so very frustrated. So forgive me if I am long winded or ignorant, as I don't know much about computers and can't afford a new one. Each time I try to do an onkine scan, something prevents the virus signatures or database from downloading. I have tried Trend Micro at least 5 times, which tells me I need to have java installed or updated, or else it is disabled, but which I do have and it is running in the task bar, then it will let me load probably 35 % before I get a failed message. Kaspersky 3, Bit Defender twice,and some others as well. Always get a message, failed to download. I got as high as 92% downloaded with Bit Defender. And with Kaspersky and Trend Micro i will sometimes get a message , you need to be online to run the scanner - even when I am on line. McAfee gives me an error message my web browser is not supported, must be IE 5 or higher. I have IE6 installed! Ad-aware finds only minor annoyances. Spybot always tells me, "There were problems in the include file C:Program Files\Spybot-Search_Destroy\Includes\Hijackers.sbi. See include errors log for details, or same message but \Malware.sbi, or same message but\MalwareC.sbi., and same message with\Trojans.sbi, and \TrojansC.sbi.. I have also run Malwarebytes', and have downloaded all the updates from Microsoft, but sometimes have difficulty getting them to download.

My old faithful standby Gateway only has 384 MB ram, 447 MHZ processor and a 9.GB drive, yet it runs like a top. I can download something and have 3 or 4 other open windows as well. But I keep running out of room on the drive, despite the fact that I have deleted just about everything, and I defrag, disk cleanup, etc.
So I bought this computer (used) which has 33GB drive, AMD Athlon XP 2400+, 2GHz 992 ram. Seems to me it should be much faster than my old one. It runs much slower than my old computer; slower than a turtle. If I try to download something, I can only open one window at times, and I get lots of dns errors or Internet Explorer could not open the search page, or down in the taskbar I get something that says msn auto search and it goes to www,(whatever web page I was looking for) for example.www.google.com, but then it goes to www.www.google.com, www.www.google.net, www.www.google.edu. I don't understand. And how, please, do I set a search page to what I want? Another question, please. Why do I keep getting that annoying little triangle at times in my taskbar, and a message saying this web page may not display correctly? I have uninstalled, and reinstalled Java. Norton was installled originally, but outdated and expired, so I tried Avira, and am now using a 30-day trial of Eset.

The previous owner has games on here, will deleting those speed this up? Trouble is, I don't know in the add/remove programs which are games and which are needed programs. Could you help me out with that as well? I was told by someone to delete viewpoint, but I don't see that in add/remove, but there is a viewpoint folder in my program files. Also to delete Windows messenger. I still see a Messenger folder in my programs folder, but no way to uninstall it. I was told to uninstall WildTangent, which I did, but Spybot found entries even after I did. Someone told me to use HijackThis. So I will post that below. Also, What is the difference between Windows Media Player, MusicMatch jukebox, RealOne Player, QuickTime Player; do I really need all those? And I have a Brother printer, scanner, fax. Can I safely delete HP Deskjet Printer preloaded drivers, or is that something I cannot delete?
I have System Mechanic installed. Generally it shows CPU usage at like 2 or 3 percent, with an average free ram of 630. Yet it will spike up to 100% CPU at times and stay there and I don't know why. Was told to look in task manager. Right; like I have any clue as to what any of that means in there! And is it possible for a virus or whatever to keep disconnecting you from the internet? I have dialup, and it seems I frequently get disconnected only when I'm trying to run online virus scans, or I get the, "Windows Explorer has encountered a problem and needs to close" message. I realize this is a bazillion questions, so I thank you all for your patience, and in advance thank you for any and all help, insight you can provide. I truly appreciate it. Oh, PS. I've read something that you can buy something so that even though you're on dial up - some kind of modem or splitter? - you can still receive calls and not tie up the phone line? Any of you experts know of such a thing? It's not a program like callwave, but some kind of hardware.

Programs listed in add/remove programs are: Adobe Acrobat 5.0; Adobe Flash Player 10 Active X; Brother MFL Pro Suite; CA Yahoo Anti-Spy (remove only); easy Internet sign up 25.68 mb (can I delete this?) Eset Nod 32 Antivirus; Hijack this; HP Deskjet Printer preloaded drivers 73.28 mb (can I safely delet this since I have a Brother?); HpSdpAppCoreApp; Instant Support; Intel Extreme Graphics Driver; Intel Mover Data Transfer Demo; Java 6 Update 12; KBD; Malwarebytes Anti-Malware;McAfee Site Advisir; Microsoft Net Framework v1.03705; Microsoft Net Framework 1.0 Hotfix; Microsoft Net Framework 1.1; Microsoft Net Framework 1.1 Hotfix; Microsoft Learning - Software updates- Security Update for Step by Step Interactive Training, and a second Security Update for Step by Step Interactive Training; Microsoft Works 7.0; MSXML 4.0 SP2; MUSICMATCH Jukebox; NVIDIA Windows 2000/XP Display Drivers; PaperPort; ParetoLogic Anti-Spyware; PC Pitstop Optimize2 2.0; PC-Doctor for Windows; PS2; Python 2.2 combined Win32 extensions; Python 2.2.1; Quicken 2003 New User Edition; RealOne Player; RecordNow; S3 Display; S3Gamma2; S3Info2; S3Overlay; Simple Installer- Multilanguage Version; Sonic Update Manager; Trojan Remover 6.65; UnZip Me; Windows Defender; Windows Installer 3.1; Then numerous XP Software and Security Updates; Security Update for Windows Media Player 9.0; Windows XP Service Pack 2; WinPatrol2008; Yahoo! Install Manager; Yahoo! Search protection; Yahoo! Software Update; Yahoo! Toolbar.
Which can I safely remove, please?
Also, Win Patrol is contstanly giving me a message: Scotty the watchdog is on patrol and has detected a change to one of your file type associations. The program currently associated with this file type is Registry Editor Microsoft Corporation regedit.exe %1, a change was made to use the following program for this file type, Notepad Microsoft Corporation NOTEPAD.EXE %1. Is this change okay? Should I click yes or no? Then, if I click on no, this box pops up with same message, only different files. .SCR - Program currently associated with file type is - there's an empty box and it just says Name, underneath it says Company name %1 /S, a change was made to use following program for this file Notepad, Microsoft Corporation NOTEPAD.EXE %1. Is this change okay? So I click on no until I can find out what that empty box is with no name.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:26:07 PM, on 3/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webmail.acmenet.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus8.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus8.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus8.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1234696650284
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} (AhnASP Control) - http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

End of file - 7188 bytes

BC AdBot (Login to Remove)


#2 KoanYorel


    Bleepin' Conundrum

  • Members
  • 19,461 posts
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:04:45 PM

Posted 18 March 2009 - 08:16 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 KoanYorel


    Bleepin' Conundrum

  • Members
  • 19,461 posts
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:04:45 PM

Posted 23 March 2009 - 03:43 PM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users