5 Replies Latest reply on Sep 23, 2008 6:19 PM by Grif

    BO Heap

      Hi all, it's a few day that every time I swich on my laptop I receive a message like this (sorry for Italian)

      Nome: C:\WINDOWS\system32\services.exe:WS2_32.socket
      Rilevato come: Sovraccarico del buffer:Scrivibile Sovraccarico del buffer:Heap
      Stato: Bloccato da Protezione dell'overflow del buffer

      Im using XP whit latest SP and update and Virus Scan Entrprise 8.5.0i patch 5 DAT 5386.0000 17/09/09.

      I tryed a lot of antivirus and troyan/spyware removal but with no luck.

      Hope someone could help me.

      Thanks in advance, Andrea

      Moved provisionally from Virus Discussions to Desktop & Server for better attention - MOD
        • 1. RE: BO Heap
          The error is referring to a Buffer Overflow detection.. If you disable the "Buffer Overflow Protection" from the VirusScan Console, does your computer work normally?

          Because it's a socket error, are you using a firewall of some type and if so, if you disable it does the error go away?

          And last but not least, please try downloading and running the free WinsockXPFix tool from the link below:


          Hope this helps.

          • 2. RE: BO Heap

            I downloaded and installed WinsockXPFix tool, but I have the same error :mad:

            Thanks for your help.

            Regards, Andrea
            • 3. RE: BO Heap
              Disabling the Buffer Overflow protection will solve the issue but since it appears like your settings are being control by the managment's ePO system, you'll need to talk to them about changing your options.

              And just in case it is malware related, please follow the instructions below to run one more free antispyware tool..

              Please download Malwarebytes' Anti-Malware from the link below:


              Double Click mbam-setup.exe to install the application.

              * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
              * If an update is found, it will download and install the latest version.
              * Once the program has loaded, select "Perform Quick Scan", then click Scan.
              * The scan may take some time to finish,so please be patient.
              * When the scan is complete, click OK, then Show Results to view the results.
              * Make sure that everything is checked, and click Remove Selected.
              * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
              * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

              Extra Note:
              If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

              Hope this helps.

              • 4. RE: BO Heap

                This helped!

                Anti Malware found and removed:

                Elementi dato del registro infetti:
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\St art_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

                File infetti:
                C:\WINDOWS\system32\config\57550266.Evt (Rootkit.Agent.H) -> Delete on reboot.

                And now, after a few reboot I don't have no more error messages!

                Many many thanks.

                Ciao, Andrea
                • 5. RE: BO Heap
                  Good Job & Thanks For Posting Back!