Go Back  DVD Talk Forum > General Discussions > Tech Talk
Reload this Page >

I Can't Delete This!

Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

I Can't Delete This!

Old 11-02-04, 09:00 PM
  #1  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
I Can't Delete This!

Running WinXP...

I have an old program on my comp...

"VisualBoyAdvance.exe"

And when I try to delete the durn thing, it gives me a "Cannot delete. It is being used my another person or program" error message.

Is there any way of identifying what is still using this program, and how I can shut it off so I can delete it?
Old 11-02-04, 09:20 PM
  #2  
DVD Talk Gold Edition
 
Join Date: Jun 2004
Location: Houston, Tx.
Posts: 2,713
Likes: 0
Received 0 Likes on 0 Posts
Bring up the task manager via CTRL ALT DEL and click on the "Processes" tab"...locate "VisualBoyAdvance" , highlight, select the "end process" button and then click OK to the warning message.

Close Task Manager and locate the file to delete in Windows Explorer
Old 11-02-04, 09:20 PM
  #3  
duz
DVD Talk Special Edition
 
Join Date: Feb 2003
Posts: 1,179
Likes: 0
Received 0 Likes on 0 Posts
Go into the taskmanager (ctrl+alt+delete) and force a shut down of its process.
Or log off.
If you still can't get rid of it try booting into safe mode.
Also check your start up list to make sure it's not there either.
Old 11-03-04, 01:57 AM
  #4  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
I should have been more specific... the dizzamn thing doesn't show up in my Task Manager! (at least, I haven't been able to trace it)

I've done quite a few reboots (like 90) since this little bugger refused to delete, and nothing has helped!
Old 11-03-04, 03:50 AM
  #5  
DVD Talk Gold Edition
 
Join Date: Jun 2004
Location: Houston, Tx.
Posts: 2,713
Likes: 0
Received 0 Likes on 0 Posts
It could be coming from a number of different sources.

Post a Hijackthis log. I will see if I can detect the source for you.

Link is in my sig.
Extract HJT to a folder of its own, click on the Scan button, after it scans, the scan button will change to "save log". Save the log to the harddrive (remember the filename and location). Locate the file and open with Notepad.

In Notepad, Edit>Select All>Edit>Copy>

Paste the contents here
Old 11-03-04, 10:29 AM
  #6  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
Logfile of HijackThis v1.98.2
Scan saved at 9:28:42 AM, on 03/11/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\g3torrent\g3torrent.exe
C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\001 Joel Hunt\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://manganews.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by @Home Network Version 1.7
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy:8080
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ProxyReset Class - {FFCBEECE-FB0C-11D2-AB16-00104B9BBBD2} - C:\WINDOWS\SYSTEM32\ahiehelp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe
O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: @Home - {303F7FA0-48A1-11D5-A357-00022AB507F9} - http://www/ (file missing) (HKCU)
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: Yahoo! NHL StatTracker - http://aud5.sports.yahoo.com/java/y/nhlst8244_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/packages/GSManager.cab
O16 - DPF: {31FD415A-1103-4329-B323-2DE693146C4E} (InstallHelper Class) - http://survey.there.com/qualsurvey/T...tallHelper.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://205.158.7.38/159041c3ba0473e9...tzip/RdxIE.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.napster.ca/client/setup.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/11d84a80...p/RdxIE601.cab
O16 - DPF: {67925165-C4B6-11D2-B9C6-0000E84F59A6} - http://www.warnerbros.com/content/mu...a/bdeinsta.cab
O16 - DPF: {6D5FCFCB-FA6C-4CFB-9918-5F0A9F7365F2} - http://www.gigex.com/tv/igor/gigexagent.dll
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab
O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - http://64.124.45.181/chaincast/proxy/CCMP.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.virtualvegas.com/cab/WONW...herControl.cab
O16 - DPF: {A3D6BDDA-B170-11D4-BB16-0001023ACEE3} (NAScheduler Class) -
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloads.../Installer.exe
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw4fd.law4.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom Class) - http://www.zoomify.com/download/zoomify160.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = mydomain.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{040DC735-3D4B-4ACF-B0C5-2177D778767B}: NameServer = 142.161.130.155 142.161.2.155
O17 - HKLM\System\CS1\Services\VxD\MSTCP: Domain = mydomain.com
O17 - HKLM\System\CS1\Services\VxD\MSTCP: NameServer = 216.127.92.38
O17 - HKLM\System\CS1\Services\Tcpip\..\{040DC735-3D4B-4ACF-B0C5-2177D778767B}: NameServer = 142.161.130.155 142.161.2.155
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 216.127.92.38
Old 11-03-04, 11:02 AM
  #7  
DVD Talk Gold Edition
 
Join Date: Jun 2004
Location: Houston, Tx.
Posts: 2,713
Likes: 0
Received 0 Likes on 0 Posts
I don't see where VisualBoyAdvance is being loaded. Try booting into SafMode (F8 key at startup, key at the top of your keyboard) and in SafeMode try to delete VisualBoyAdvance.
Next Go go Start>run>type in "msconfig" (without the quotes) and click Ok. Click on the Startup tab..Look for the entry
HKLM\..\Run: [SystemTray] SysTray.Exe
uncheck it and click OK
Reboot

Run CWSHredder (download in my sig) with all browser windows closed. Let it fix whatever it finds

Run HJT
Let HJT fix this item:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about :blank

NOTE: If the "notification area" does NOT load propoerly, go back to msconfig and place a check back in the SysTray.Exe box. This is a suspicous file for XP. Could be a virus/trojan
Old 11-03-04, 11:36 AM
  #8  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
Well, I did everything on that list. Shredder didn't find anything, and I still can't delete VisualBoy...

any other ideas?
Old 11-03-04, 11:40 AM
  #9  
DVD Talk Gold Edition
 
Join Date: Jun 2004
Location: Houston, Tx.
Posts: 2,713
Likes: 0
Received 0 Likes on 0 Posts
Originally posted by jhunt
Well, I did everything on that list. Shredder didn't find anything, and I still can't delete VisualBoy...

any other ideas?
You went to SafeMode and it wouldn't delete??
Old 11-03-04, 12:46 PM
  #10  
Senior Member
 
Join Date: Jun 2001
Location: Michigan
Posts: 450
Likes: 0
Received 0 Likes on 0 Posts
Are you sure it's a file you downloaded yourself, if you look here VisualBoyAdvance.exe is one of the names that the w32.ogid virus hides behide. I'd check and see if you had that.
Old 11-03-04, 01:19 PM
  #11  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
You know what? I didn't reboot it in "safe mode" the second time (after using shredder). I thought I only had to put it in "safe mode" after the first reboot. I'll do so when I get home, and post the results. Thanks for the help so far!
Old 11-03-04, 01:24 PM
  #12  
DVD Talk Gold Edition
 
Join Date: Jun 2004
Location: Houston, Tx.
Posts: 2,713
Likes: 0
Received 0 Likes on 0 Posts
Originally posted by jhunt
You know what? I didn't reboot it in "safe mode" the second time (after using shredder). I thought I only had to put it in "safe mode" after the first reboot. I'll do so when I get home, and post the results. Thanks for the help so far!
Also, take David_M's suggestion !!
Old 11-04-04, 06:39 PM
  #13  
DVD Talk Hero
 
nickdawgy's Avatar
 
Join Date: Jan 2003
Location: Southern Cal-ee-for-nee
Posts: 29,443
Received 1 Like on 1 Post
Try MoveOnBoot, it will delete it for you.
Old 11-05-04, 07:34 PM
  #14  
Member
Thread Starter
 
Join Date: Jan 2001
Location: Winnipeg, MB, Canada
Posts: 108
Likes: 0
Received 0 Likes on 0 Posts
Well, it wouldn't delete it in safe mode, and I'm not running a Symantic Anti-Virus, I'm running AVG (which clearly isn't catching it). I guess I'll try MoveOnBoot and see if that will help!

Update: MoveOnBoot got rid of it! (but does that mean the virus is gone? ...or is it hiding? ooo, I bet it's hiding... it's hiding, isn't it?)

Last edited by jhunt; 11-05-04 at 07:41 PM.
Old 11-06-04, 03:33 AM
  #15  
Senior Member
 
Join Date: Jun 2001
Location: Michigan
Posts: 450
Likes: 0
Received 0 Likes on 0 Posts
Try this , if your virus scanner and this one both don't see it you are probably fine. A virus was just a guess, if you had downloaded VisualBoy Advance at one time it's more then likey not a virus.

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.