"My system started off with 256mb of RAM and so i installed another 768mb in 3 x 256 sticks. Now this hasnt really helped things run better as a lot of things are still recognising only the first 256 stick only. The system information option shows:
Total Physical Memory 1,024.00 MB
Available Physical Memory 32.38 MB
So i know memory is being recognised but the availavle memory hasnt gone up once the extra RAM was installed. Somebody told me it could mean i need a new bios but ive looked and havnt found anything more recent that the one i already have."
I dont know what any of the below says but thats hopefully where you can help
Thanks
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 23:06:15, 31/05/2005
+ Report-Checksum: 7E64214C
+ Date of database: 31/05/2005
+ Version of scan engine: v3.0
+ Duration: 48 min
+ Scanned Files: 85855
+ Speed: 29.41 Files/Second
+ Infected files: 46
+ Removed files: 46
+ Files put in quarantine: 46
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes
+ Scanned items:
C:\
+ Scan result:
C:\Documents and Settings\Mark Bullock\Cookies\mark [email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Program Files\AdTools Service\AdToolsKeep.exe -> Spyware.WinAD.k -> Cleaned with backup
C:\Program Files\Common Files\lctrbafl\aafnctnn\dldnltrt.exe -> Spyware.Gator -> Cleaned with backup
C:\Program Files\Common Files\lctrbafl\lbanelbjcc\ljdllhpcj.exe -> Spyware.Gator -> Cleaned with backup
C:\Program Files\iMesh\Client\DatingCity\DCInstaller.exe -> Spyware.DatingCity -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP149\A0063095.exe -> Spyware.NewDotNet -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP150\A0064041.dll -> Spyware.NewDotNet -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP168\A0071352.exe -> TrojanDownloader.Apropo.r -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP168\A0071354.dll -> Spyware.Apropos.f -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP168\A0071361.dll -> TrojanDownloader.Apropo.w -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP168\A0071474.exe -> Spyware.Apropos -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP169\A0071482.exe -> Spyware.Apropos -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP169\A0071483.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP169\A0071485.exe -> Spyware.Apropos.i -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP171\A0071568.exe -> Spyware.Apropos -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP171\A0071569.dll -> TrojanDownloader.Apropo.w -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP171\A0071570.exe -> TrojanDownloader.Apropo.r -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP171\A0071574.dll -> Spyware.Apropos.f -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP171\A0071581.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP172\A0071596.exe -> Spyware.Apropos.i -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP174\A0071664.exe -> Spyware.Apropos -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP174\A0071667.dll -> Spyware.Apropos.f -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\A0071732.dll -> TrojanDownloader.Apropo.w -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\A0071733.exe -> TrojanDownloader.Apropo.r -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\A0071735.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\snapshot\MFEX-27.DAT -> TrojanDownloader.Apropo.w -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\snapshot\MFEX-28.DAT -> TrojanDownloader.Apropo.r -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP175\snapshot\MFEX-34.DAT -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP200\A0079460.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP201\A0080488.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP206\A0085575.exe -> TrojanDownloader.Dyfuca.dx -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP206\A0085579.exe -> Spyware.WinAD.am -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP206\A0085580.exe -> Spyware.WinAD -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP206\A0085589.dll -> Spyware.WinAD.ag -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP217\A0086930.exe -> TrojanDownloader.IstBar.ij -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP218\A0086933.DLL -> TrojanDownloader.FunWeb.a -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP218\A0086935.exe -> TrojanDownloader.IstBar.ij -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP218\A0086936.exe -> TrojanDownloader.IstBar -> Cleaned with backup
C:\System Volume Information\_restore{225B7122-4D67-4C8B-BBF5-F1F58DE01716}\RP218\snapshot\MFEX-10.DAT -> TrojanDownloader.IstBar -> Cleaned with backup
C:\WINDOWS\Downloaded Program Files\MediaAccX.dll -> Spyware.WinAD.ah -> Cleaned with backup
C:\WINDOWS\Downloaded Program Files\ysbactivex.dll -> TrojanDownloader.IstBar -> Cleaned with backup
C:\WINDOWS\NDNuninstall4_85.exe -> Spyware.NewDotNet -> Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet -> Cleaned with backup
C:\WINDOWS\system32\nvu2evxx.exe -> Spyware.Apropos.i -> Cleaned with backup
C:\WINDOWS\webhdll.dll_tobedeleted -> Spyware.WebHancer -> Cleaned with backup
C:\WINDOWS\__delete_on_reboot__lbbho.dll -> Spyware.Neon.a -> Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 23:22:42, on 31/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mark Bullock\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.savastore.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Watford Electronics
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_72.dll
O2 - BHO: - {B5594824-6974-454B-823E-5777D378E0CA} - C:\WINDOWS\lbbho.dll (file missing)
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SavaStore - {8AE10CB9-3372-40E6-85AF-659BECD99AE7} - "C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://www.savastore.com (file missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O14 - IERESET.INF: START_PAGE_URL=http://www.savastore.com
O16 - DPF: ChatSpace Full Java Client 3.1.0.235N - http://205.177.13.50...a/cfsn31235.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup.../bridge-c24.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...up1.0.0.8-2.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://www.mir3euro...Crypt/npkcx.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
Thanks for any help
Edited by cheesus, 31 May 2005 - 04:33 PM.