I dunno but in any time It just closes and says Out Of Memory Array.cpp(88)
Any tips? on how to stop it!!?
W.t.h!
Fearful Bab3
Hey guys i dunno whats up with my guildwars
I dunno but in any time It just closes and says Out Of Memory Array.cpp(88)
Any tips? on how to stop it!!?
I dunno but in any time It just closes and says Out Of Memory Array.cpp(88)
Any tips? on how to stop it!!?
Skids
Well how much memory do you have installed?
The thing is that it isnt GW thats out of memory. Its just telling you that there isnt enough to run it. Do ctrl+alt+del, click the task manager tab and go look at processes tab.
See that list of numbers down the right? Thats hogging your memory. Some are required, probably many arent. The more you can close down the better.
Take a look here:
http://www.answersthatwork.com/Taskl...s/tasklist.htm
and close down any that are not required. Pick the high value ones first.
BEWARE: if you close down a system required operation then it could FUBAR windows - at least until you reboot, so watch out.
Now you need to be aware of why all these processes are loading - its because you probably have them all loading at start up. Again any you dont need to load on start up just to play games (like MS Office, etc) tell them not to which will save you having to do all this again every time you want to play GW.
Nuff said. The dood has left.....
The thing is that it isnt GW thats out of memory. Its just telling you that there isnt enough to run it. Do ctrl+alt+del, click the task manager tab and go look at processes tab.
See that list of numbers down the right? Thats hogging your memory. Some are required, probably many arent. The more you can close down the better.
Take a look here:
http://www.answersthatwork.com/Taskl...s/tasklist.htm
and close down any that are not required. Pick the high value ones first.
BEWARE: if you close down a system required operation then it could FUBAR windows - at least until you reboot, so watch out.
Now you need to be aware of why all these processes are loading - its because you probably have them all loading at start up. Again any you dont need to load on start up just to play games (like MS Office, etc) tell them not to which will save you having to do all this again every time you want to play GW.
Nuff said. The dood has left.....
M1h4iL
Sounds like you need more ram, also close useless programs you dont need while playing GW to free up some resources.
Tarun
Post your system specs and also tell us how many processes you have running in your Task Manager (Ctrl+Alt+Delete). Be sure to click "Show processes from all users"
Fearful Bab3
OS Name Microsoft Windows XP Home Edition
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Manufacturer Dell Inc.
System Model Dimension 9100
System Type X86-based PC
Processor x86 Family 15 Model 4 Stepping 3 GenuineIntel ~3192 Mhz
Processor x86 Family 15 Model 4 Stepping 3 GenuineIntel ~3192 Mhz
BIOS Version/Date Dell Inc. A01, 25/05/2005
Time Zone GMT Standard Time
Total Physical Memory 2,048.00 MB
Available Physical Memory 1.20 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.85 GB
91 Processes < OMG
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Manufacturer Dell Inc.
System Model Dimension 9100
System Type X86-based PC
Processor x86 Family 15 Model 4 Stepping 3 GenuineIntel ~3192 Mhz
Processor x86 Family 15 Model 4 Stepping 3 GenuineIntel ~3192 Mhz
BIOS Version/Date Dell Inc. A01, 25/05/2005
Time Zone GMT Standard Time
Total Physical Memory 2,048.00 MB
Available Physical Memory 1.20 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.85 GB
91 Processes < OMG
Fearful Bab3
I dont think i need more ram i for 2gb of RAM
RTSFirebat
Well clearly the amount of RAM you have isn't the problem.
But you said you have 91 processes running? What applications and processes do you having that requires 91?
Things to check:
- Spyware check!
Maybe you have spyware on your machine that is eating up all the RAM?
- Do you have any strange or duplicate processes?
Again see spyware above.... Ad-Aware is a great and free program to do checks.
- Are you running any major applications like Graphics processors? Virus Scanner get to dynamic scanning? BitTorrent or other downloaders?
These could also be eating up RAM.
But you said you have 91 processes running? What applications and processes do you having that requires 91?
Things to check:
- Spyware check!
Maybe you have spyware on your machine that is eating up all the RAM?
- Do you have any strange or duplicate processes?
Again see spyware above.... Ad-Aware is a great and free program to do checks.
- Are you running any major applications like Graphics processors? Virus Scanner get to dynamic scanning? BitTorrent or other downloaders?
These could also be eating up RAM.
gabrial heart
91 processes? That's a bit much 20-35 is pretty average. Can you post a screenie of your processes tab including the programs you would normally be running during the time you get that error?
Fearful Bab3
Fearful Bab3
Hope thats clearer enough
RTSFirebat
Quote:
|
Originally Posted by Fearful Bab3
Hope thats clearer enough
|
Can you just first click the "User name" tab to list your own processes first.
Then just use print screen and paste the image into Paint and save it as a jpeg.
Then update it to imageshack because the allow full screen screenshots:
imageshack.us
That will allow us to see it
Fearful Bab3
Well just deleted all my pics and recieved
http://img108.imageshack.us/my.php?image=ssssssslu9.jpg
http://img108.imageshack.us/my.php?image=ssssssslu9.jpg
RTSFirebat
Holy.... well for a start bikini.exe... that is a spyware and/or virus!
Here is some info one it:
Here is some info one it:
Quote:
|
bikini.exe - Here is the scoop on Mapson.c Worm as it pertains to computer network security. The big question: what is bikini.exe and is it spyware, a trojan and if so, how do I get rid of Mapson.c Worm? bikini.exe (Mapson.c Worm) - Details If your pc has a process called bikini.exe running, your pc may have been infected with a strain of the mapson.c worm. bikini.exe is considered to be a security risk, not only because antivirus programs flag Mapson.c Worm as a virus, but also because a number of users have complained about its performance. Mapson.c Worm is likely a virus and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of bikini.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information to websites. |
RTSFirebat
More info
tfswctrl.exe is not required to run all the time, you can close this, and make sure it's set not to auto run when Windows starts.
fts.exe is also not required to run all the time.
7ba3ef62.exe... I can't find any information on it... all I know is it not normal. Could be spyware, virus or worse... close it and make sure it doesn't autorun!
gw.exe... you are aware you have Guildwars running already? And yet you say it doesn't work? Have you tired terminating this process then running GuildWars again?
My best advise is download AVG virus scanner and check for viruses, then get Ad-aware and check for spyware...!
If you want to find more info on any processes... type type them into google and most the time it will find something on it
tfswctrl.exe is not required to run all the time, you can close this, and make sure it's set not to auto run when Windows starts.
fts.exe is also not required to run all the time.
7ba3ef62.exe... I can't find any information on it... all I know is it not normal. Could be spyware, virus or worse... close it and make sure it doesn't autorun!
gw.exe... you are aware you have Guildwars running already? And yet you say it doesn't work? Have you tired terminating this process then running GuildWars again?
My best advise is download AVG virus scanner and check for viruses, then get Ad-aware and check for spyware...!
If you want to find more info on any processes... type type them into google and most the time it will find something on it
gabrial heart
He's also running AOL... meep, is that how you connect to the net? Doesn't aol still have a dialer option for both dsl and dial-up that doesn't require you to run the AOL app? hrmm your running fts, so yeah why are you running aol too?
the 7ba3ef62.exe is that nasty hard to get rid of virus/malware that keeps comming back and renaming the exe.
Dude you have some nasty stuff running around in your system, and thats only 3/4 of your running processes, at the very least get yourself a copy of windows defender!
the 7ba3ef62.exe is that nasty hard to get rid of virus/malware that keeps comming back and renaming the exe.
Dude you have some nasty stuff running around in your system, and thats only 3/4 of your running processes, at the very least get yourself a copy of windows defender!
Opeth11
Quote:
|
Originally Posted by RTSFirebat
My best advise is download AVG virus scanner and check for viruses, then get Ad-aware and check for spyware...!
|
Relambrien
I got the same message the OP is talking about before I upgraded to a graphics card that met the min reqs for GW.
Do all that virus/spyware stuff of course, but what type of vid card do you have?
Do all that virus/spyware stuff of course, but what type of vid card do you have?
Tarun
Quote:
|
Originally Posted by Fearful Bab3
91 Processes < OMG
|
Your best bet is to head to my website Lunarsoft.net and get my Anti-Malware Professional package.
It contains the best freeware for getting rid of malware completely.
Once you've downloaded that, visit the PC Maintenance page which covers every application in the package selected. It gives step by step instructions on how to clean and optimize your pc.
You should also pick up Avast and scan your system with it to get rid of viruses. Best of all this excellent AV scanner is free too! You can even register it for a year of usage free!
Should you have any problems, please don't hesitate to contact me or post asking questions.
After you've run all the scans and completed the PC Maintenace guide for cleaning your pc, you can post your HijackThis log here or PM it to me.
Fearful Bab3
Here is my log
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLServiceHost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
c:\program files\common files\aol\1141461737\ee\services\antiSpywareApp\ve r2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLServiceHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\AboutBuster.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\CWShredder.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\HijackThis.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\SpywareBlaster\spywareblaster.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/Default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dell.com/support/topi...hs&appindex=ds
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [bikini] bikini.exe
O4 - HKLM\..\Run: [7ba3ef62.exe] C:\WINDOWS\system32\7ba3ef62.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [7ba3ef62.exe] C:\Documents and Settings\Shaun\Local Settings\Application Data\7ba3ef62.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {36E45CDC-AB21-0CAA-A4B6-52A92462694E} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.1.87.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C6226D3-5119-3749-6C38-03B938CBF2C2} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CDE672F-2829-57B9-CE5A-5BC745559BD4} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB71433B-9A30-4FE9-8FE7-029132DE0A82}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLServiceHost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
c:\program files\common files\aol\1141461737\ee\services\antiSpywareApp\ve r2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1141461737\ee\AOLServiceHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\AboutBuster.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\CWShredder.exe
C:\Documents and Settings\Shaun\My Documents\Anti-Malware Professional\HijackThis.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\SpywareBlaster\spywareblaster.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/Default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dell.com/support/topi...hs&appindex=ds
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [bikini] bikini.exe
O4 - HKLM\..\Run: [7ba3ef62.exe] C:\WINDOWS\system32\7ba3ef62.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [7ba3ef62.exe] C:\Documents and Settings\Shaun\Local Settings\Application Data\7ba3ef62.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {36E45CDC-AB21-0CAA-A4B6-52A92462694E} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.1.87.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C6226D3-5119-3749-6C38-03B938CBF2C2} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CDE672F-2829-57B9-CE5A-5BC745559BD4} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB71433B-9A30-4FE9-8FE7-029132DE0A82}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
majoho
Unless you're very computer minded you might as well be ready to reinstall the computer from scratch.
The random numbered file is a virus that is extremely difficult to get rid of.
I had it once and it took me hours to get it away, NO single malware/antivirus program can get rid of it - it requires manal deletion and registry editing in safe mode.
The random numbered file is a virus that is extremely difficult to get rid of.
I had it once and it took me hours to get it away, NO single malware/antivirus program can get rid of it - it requires manal deletion and registry editing in safe mode.
Fearful Bab3
Ok.. i will see what i can do
Fearful Bab3
I might just put msn and all my games on to disk and then re-boot and then put them back on..
RTSFirebat
On the other note I strongly recommend updating windows XP to SP2 once you have reinstalled windows and making use of the Windows Firewall.
Next you should download a virus scanner. AVG or Avast are both good, and both are free.
You have at least two confirmed viruses on your machine in anycase.
Next you should download a virus scanner. AVG or Avast are both good, and both are free.
You have at least two confirmed viruses on your machine in anycase.
yeah_hi
You might find it useful to run msconfig.exe, by going to Start>Run, typing 'msconfig.exe' and hitting enter.
Then switch to the startup tab to see what's being run at startup, and untick the ones you know to be dodgy or not needed.
Then switch to the startup tab to see what's being run at startup, and untick the ones you know to be dodgy or not needed.
Tarun
Hi Fearful Bab3, you are still infected with a few viruses. It appears Norton cannot get rid of them (Big surprise!)
Also, be sure to include every bit of your HijackThis log. The top section of your log was missing. It usually looks something like this:
Here's your log fully analyzed. I do recommended checking everything listed here and clicking Fix Selected in HijackThis.
Generated by Tarun's HijackThis Converter v0.50 Beta.
Default-color items are optional, bold are known to be malicious.
Created registry value
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
Changed registry value
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/Default.asp
Created registry value
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
Changed registry value
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
Created registry value
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dell.com/support/topi...hs&appindex=ds
Enumeration of existing IE's BHO's
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
Enumeration of suspicious auto-loading registry entries
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [bikini] bikini.exe
O4 - HKLM\..\Run: [7ba3ef62.exe] C:\WINDOWS\system32\7ba3ef62.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [7ba3ef62.exe] C:\Documents and Settings\Shaun\Local Settings\Application Data\7ba3ef62.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = ?
Extra "Tools" menu items and buttons
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
Downloaded Program Files item
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {36E45CDC-AB21-0CAA-A4B6-52A92462694E} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.1.87.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C6226D3-5119-3749-6C38-03B938CBF2C2} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CDE672F-2829-57B9-CE5A-5BC745559BD4} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
Recommendation:
- Uninstall Norton Anti-Virus. This software is unfortunately bloated and misses half of the viruses that it should find. Should you need help fully uninstalling it, let me know.
- Install Avast Anti-Virus. A completely free AV that finds viruses far better than Norton.
- Uninstall Real Player. If you have a need for it; download either the K-Lite Mega Codec Pack or you can also get Real Alternative. I personally would go with the K-Lite Mega Codec Pack.
- Switch over to Firefox, it's an excellent browser and with a few extensions you'll never see advertisements that can infect you with spyware.
- Get IE-SpyAd to help you block a number of malicious websites.
Also, be sure to include every bit of your HijackThis log. The top section of your log was missing. It usually looks something like this:
Code:
Logfile of HijackThis v1.99.1 Scan saved at 1:01:33 PM, on 7/24/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Generated by Tarun's HijackThis Converter v0.50 Beta.
Default-color items are optional, bold are known to be malicious.
Created registry value
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
Changed registry value
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/Default.asp
Created registry value
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
Changed registry value
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
Created registry value
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dell.com/support/topi...hs&appindex=ds
Enumeration of existing IE's BHO's
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
Enumeration of suspicious auto-loading registry entries
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1141461737\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [bikini] bikini.exe
O4 - HKLM\..\Run: [7ba3ef62.exe] C:\WINDOWS\system32\7ba3ef62.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [7ba3ef62.exe] C:\Documents and Settings\Shaun\Local Settings\Application Data\7ba3ef62.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = ?
Extra "Tools" menu items and buttons
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
Downloaded Program Files item
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {36E45CDC-AB21-0CAA-A4B6-52A92462694E} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.2.1.87.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C6226D3-5119-3749-6C38-03B938CBF2C2} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CDE672F-2829-57B9-CE5A-5BC745559BD4} - http://85.255.115.229/1/gdnUS1440.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
Recommendation:
- Uninstall Norton Anti-Virus. This software is unfortunately bloated and misses half of the viruses that it should find. Should you need help fully uninstalling it, let me know.
- Install Avast Anti-Virus. A completely free AV that finds viruses far better than Norton.
- Uninstall Real Player. If you have a need for it; download either the K-Lite Mega Codec Pack or you can also get Real Alternative. I personally would go with the K-Lite Mega Codec Pack.
- Switch over to Firefox, it's an excellent browser and with a few extensions you'll never see advertisements that can infect you with spyware.
- Get IE-SpyAd to help you block a number of malicious websites.
cannonfodder
That's one riddled machine, do as has been said above, reformat is your best option. One thing, is it just me or does IEXPLORE.EXE look iffy, 27.5meg is alot for it to be using.
Tarun
A reformat is always the final option. This machine can very easily be cleaned and repaired.
majoho
Quote:
|
Originally Posted by Tarun
A reformat is always the final option. This machine can very easily be cleaned and repaired.
|
Silver_Fang
Quote:
|
Originally Posted by majoho
No it can't easily be cleaned.
|
Tarun
Quote:
|
Originally Posted by majoho
No it can't easily be cleaned.
|
Quote:
|
Originally Posted by Silver_Fang
QFT, cleaning all the mess is a tedious job, you have to goto the registry and search for the malware register and delete it manualy.
|
Why do these noobs always want to format? Because they lack the common knowledge to clean a computer properly and are too lazy.
Silver_Fang
Quote:
|
Originally Posted by Tarun
Obviously you've never tried.
No truth there. I clean computers on a daily basis. It always takes under an hour. Why do these noobs always want to format? Because they lack the common knowledge to clean a computer properly and are too lazy. |
You said you clean them everyday, good for you. Its like a builder said building a house is easy, etc.
Maybe because its easier to format than explaining what need to be done. You can make a meal in under 1 hour but the work is still tedious.
Tarun
A little help and guidance goes a long way and is more beneficial than formatting. :P
cannonfodder
I do agree with Tarun, it is more beneficial at least to try to remove them before a reformat, however if someone hasn't got the experience of technical knowhow then it may be a fruitless task.
It may be an idea to take your base unit to a local pc engineer(if there is one available), or ask a more tech savvy friend to be with you when you attempt this.
Post back here I will gladly help you try to fix this, as will a few others.
It may be an idea to take your base unit to a local pc engineer(if there is one available), or ask a more tech savvy friend to be with you when you attempt this.
Post back here I will gladly help you try to fix this, as will a few others.
majoho
Quote:
|
Originally Posted by Tarun
Obviously you've never tried.
No truth there. I clean computers on a daily basis. It always takes under an hour. Why do these noobs always want to format? Because they lack the common knowledge to clean a computer properly and are too lazy. |
I have cleaned computers before (if you read the thread I already stated that, but I assume you couldn't be bothered).
I underlined EASILY because it cannot just EASILY be done, the one virus he has will be extremely hard even for a knowleadgeable pc user to get rid off.
Fearful Bab3
Dont argue
Skids
Ok your PC has issues m8. Fine following the suggestions with the virus/malware posts, but all of the others were covered in my first reply on page 1 to you.
Im assuming you didnt follow my suggestions as the listing on the link I made also identifies if a resource is a virus or malware.
Im assuming you didnt follow my suggestions as the listing on the link I made also identifies if a resource is a virus or malware.
helpermonkeyradio
i get the out of memoy array.ccp(88)
i can't figure it out. it used to work perfectly. then i started to get the problem. i upped my virtual memory i have a gig of ram a 2600 althalon and a ATI 9550 w 256mb
i even formated the hardrive and reinstalled windows. i am at a loss.
i can't figure it out. it used to work perfectly. then i started to get the problem. i upped my virtual memory i have a gig of ram a 2600 althalon and a ATI 9550 w 256mb
i even formated the hardrive and reinstalled windows. i am at a loss.
jimmyboveto
I fell for u, same thing happening here
Just started tonight, i haven't really done anything since last night when i played guild wars a bunch, other then go on yutube for a bit.
Just started tonight, i haven't really done anything since last night when i played guild wars a bunch, other then go on yutube for a bit.
Seventh
Just check that your graphics card meets the requirments.