Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Removed Malware now other problems. . . .

  • Please log in to reply




  • Member
  • PipPip
  • 10 posts
I just cleaned up a lot of rpoblems caused by StartPage-DU.dll, therock247uk has helped tremendously with that. I am now experiencing problems with Internet Explorer not function properly.

Some links are not working. IE is very unstable and shuts down for no apparent reason, IE gives "not responding" errors.

It's the none working links that are the biggest problems, I even have trouble negotiating around the geeks to go web site.

Should I un-install and re-install Internet Explorer??

Please Help

  • 0





  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Could this be a problem with the Java VM??? I am getting the type of error log below, saved to desk top each time IE shuts down.

I do want JavaVM to run, as I use this for interaction through web-services. But I think through cleaning up the StartPage-DU.dll trojan, we have removed too much??

An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION occurred at PC=0x7FFE0297

NOTE: We are unable to locate the function name symbol for the error
just occurred. Please refer to release documentation for possible
reason and solutions.

Current Java thread:
at sun.awt.windows.WToolkit.eventLoop(Native Method)
at sun.awt.windows.WToolkit.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Dynamic libraries:
0x00400000 - 0x00419000 C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe
0x7C900000 - 0x7C9B0000 C:\WINDOWS\system32\ntdll.dll
0x7C800000 - 0x7C8F4000 C:\WINDOWS\system32\kernel32.dll
0x77C10000 - 0x77C68000 C:\WINDOWS\system32\msvcrt.dll
0x77D40000 - 0x77DD0000 C:\WINDOWS\system32\USER32.dll
0x77F10000 - 0x77F56000 C:\WINDOWS\system32\GDI32.dll
0x77F60000 - 0x77FD6000 C:\WINDOWS\system32\SHLWAPI.dll
0x77DD0000 - 0x77E6B000 C:\WINDOWS\system32\ADVAPI32.dll
0x77E70000 - 0x77F01000 C:\WINDOWS\system32\RPCRT4.dll
0x77760000 - 0x778CC000 C:\WINDOWS\system32\SHDOCVW.dll
0x77A80000 - 0x77B14000 C:\WINDOWS\system32\CRYPT32.dll
0x77B20000 - 0x77B32000 C:\WINDOWS\system32\MSASN1.dll
0x754D0000 - 0x75550000 C:\WINDOWS\system32\CRYPTUI.dll
0x76C30000 - 0x76C5E000 C:\WINDOWS\system32\WINTRUST.dll
0x76C90000 - 0x76CB8000 C:\WINDOWS\system32\IMAGEHLP.dll
0x77120000 - 0x771AC000 C:\WINDOWS\system32\OLEAUT32.dll
0x774E0000 - 0x7761D000 C:\WINDOWS\system32\ole32.dll
0x5B860000 - 0x5B8B4000 C:\WINDOWS\system32\NETAPI32.dll
0x771B0000 - 0x77256000 C:\WINDOWS\system32\WININET.dll
0x76F60000 - 0x76F8C000 C:\WINDOWS\system32\WLDAP32.dll
0x77C00000 - 0x77C08000 C:\WINDOWS\system32\VERSION.dll
0x773D0000 - 0x774D2000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7C9C0000 - 0x7D1D4000 C:\WINDOWS\system32\SHELL32.dll
0x5D090000 - 0x5D127000 C:\WINDOWS\system32\comctl32.dll
0x5AD70000 - 0x5ADA8000 C:\WINDOWS\system32\uxtheme.dll
0x71500000 - 0x715FD000 C:\WINDOWS\$NtServicePackUninstall$\BROWSEUI.dll
0x72430000 - 0x72442000 C:\WINDOWS\$NtServicePackUninstall$\browselc.dll
0x77B40000 - 0x77B62000 C:\WINDOWS\system32\appHelp.dll
0x00A50000 - 0x00AD1000 C:\WINDOWS\$NtServicePackUninstall$\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINDOWS\$NtServicePackUninstall$\COMRes.dll
0x76F90000 - 0x76FA0000 C:\WINDOWS\$NtServicePackUninstall$\Secur32.dll
0x77260000 - 0x772FE000 C:\WINDOWS\system32\urlmon.dll
0x75F80000 - 0x7607D000 C:\WINDOWS\System32\browseui.dll
0x77A20000 - 0x77A74000 C:\WINDOWS\System32\cscui.dll
0x76600000 - 0x7661D000 C:\WINDOWS\System32\CSCDLL.dll
0x20000000 - 0x20012000 C:\WINDOWS\System32\browselc.dll
0x76670000 - 0x76757000 C:\WINDOWS\$NtServicePackUninstall$\SETUPAPI.dll
0x10000000 - 0x1000C000 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x75E90000 - 0x75F38000 C:\WINDOWS\$NtServicePackUninstall$\SXS.DLL
0x00E20000 - 0x00EA8000 C:\WINDOWS\system32\shdoclc.dll
0x00EB0000 - 0x00F43000 C:\WINDOWS\$NtServicePackUninstall$\xpsp2res.dll
0x74770000 - 0x747FF000 C:\WINDOWS\$NtServicePackUninstall$\mlang.dll
0x71AD0000 - 0x71AD8000 C:\WINDOWS\$NtServicePackUninstall$\wsock32.dll
0x71AB0000 - 0x71AC4000 C:\WINDOWS\$NtServicePackUninstall$\WS2_32.dll
0x71AA0000 - 0x71AA8000 C:\WINDOWS\$NtServicePackUninstall$\WS2HELP.dll
0x71A50000 - 0x71A8F000 C:\WINDOWS\system32\mswsock.dll
0x76EE0000 - 0x76F17000 C:\WINDOWS\$NtServicePackUninstall$\RASAPI32.dll
0x76E90000 - 0x76EA1000 C:\WINDOWS\$NtServicePackUninstall$\rasman.dll
0x76EB0000 - 0x76EDB000 C:\WINDOWS\$NtServicePackUninstall$\TAPI32.dll
0x76E80000 - 0x76E8D000 C:\WINDOWS\$NtServicePackUninstall$\rtutils.dll
0x76B40000 - 0x76B6C000 C:\WINDOWS\$NtServicePackUninstall$\WINMM.dll
0x71A90000 - 0x71A98000 C:\WINDOWS\System32\wshtcpip.dll
0x722B0000 - 0x722B5000 C:\WINDOWS\$NtServicePackUninstall$\sensapi.dll
0x015F0000 - 0x017F1000 C:\WINDOWS\$NtServicePackUninstall$\msi.dll
0x00F90000 - 0x00FA9000 c:\progra~1\mcafee.com\vso\McVSSkt.dll
0x769C0000 - 0x76A73000 C:\WINDOWS\system32\USERENV.dll
0x76FC0000 - 0x76FC5000 C:\WINDOWS\$NtServicePackUninstall$\rasadhlp.dll
0x76F20000 - 0x76F45000 C:\WINDOWS\$NtServicePackUninstall$\DNSAPI.dll
0x76FB0000 - 0x76FB8000 C:\WINDOWS\System32\winrnr.dll
0x58D40000 - 0x58D47000 C:\WINDOWS\System32\wship6.dll
0x7D4A0000 - 0x7D785000 C:\WINDOWS\System32\mshtml.dll
0x746C0000 - 0x746E7000 C:\WINDOWS\System32\msls31.dll
0x75CF0000 - 0x75D81000 C:\WINDOWS\System32\mlang.dll
0x746F0000 - 0x7471A000 C:\WINDOWS\System32\msimtf.dll
0x74720000 - 0x7476B000 C:\WINDOWS\System32\MSCTF.dll
0x76390000 - 0x763AC000 C:\WINDOWS\$NtServicePackUninstall$\IMM32.DLL
0x01F30000 - 0x01F4D000 C:\WINDOWS\system32\IMM32.DLL
0x76980000 - 0x76987000 C:\WINDOWS\$NtServicePackUninstall$\LINKINFO.dll
0x76990000 - 0x769B4000 C:\WINDOWS\$NtServicePackUninstall$\ntshrui.dll
0x76B20000 - 0x76B35000 C:\WINDOWS\$NtServicePackUninstall$\ATL.DLL
0x75C50000 - 0x75CBE000 C:\WINDOWS\System32\jscript.dll
0x76200000 - 0x76271000 C:\WINDOWS\System32\mshtmled.dll
0x6D820000 - 0x6D82F000 C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll
0x6D780000 - 0x6D796000 C:\Program Files\Java\j2re1.4.1_02\bin\jpiexp32.dll
0x6D7C0000 - 0x6D7D4000 C:\Program Files\Java\j2re1.4.1_02\bin\jpishare.dll
0x6D340000 - 0x6D46A000 C:\PROGRA~1\Java\J2RE14~1.1_0\bin\client\jvm.dll
0x6D1E0000 - 0x6D1E7000 C:\PROGRA~1\Java\J2RE14~1.1_0\bin\hpi.dll
0x6D310000 - 0x6D31E000 C:\PROGRA~1\Java\J2RE14~1.1_0\bin\verify.dll
0x6D220000 - 0x6D239000 C:\PROGRA~1\Java\J2RE14~1.1_0\bin\java.dll
0x6D330000 - 0x6D33D000 C:\PROGRA~1\Java\J2RE14~1.1_0\bin\zip.dll
0x6D000000 - 0x6D105000 C:\Program Files\Java\j2re1.4.1_02\bin\awt.dll
0x73000000 - 0x73023000 C:\WINDOWS\$NtServicePackUninstall$\WINSPOOL.DRV
0x6D190000 - 0x6D1E0000 C:\Program Files\Java\j2re1.4.1_02\bin\fontmanager.dll
0x51000000 - 0x5104D000 C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
0x73BC0000 - 0x73BC6000 C:\WINDOWS\$NtServicePackUninstall$\DCIMAN32.dll
0x5C000000 - 0x5C0C8000 C:\WINDOWS\$NtServicePackUninstall$\D3DIM700.DLL
0x6D720000 - 0x6D731000 C:\Program Files\Java\j2re1.4.1_02\bin\jpicom32.dll
0x6D2E0000 - 0x6D2EE000 C:\Program Files\Java\j2re1.4.1_02\bin\net.dll
0x59A60000 - 0x59B01000 C:\WINDOWS\system32\DBGHELP.dll
0x76BF0000 - 0x76BFB000 C:\WINDOWS\$NtServicePackUninstall$\PSAPI.DLL

Local Time = Mon Jul 25 15:36:59 2005
Elapsed Time = 3
# The exception above was detected in native code outside the VM
# Java VM: Java HotSpot™ Client VM (1.4.1_02-b06 mixed mode)

Also Hjack this log:

Logfile of HijackThis v1.99.1
Scan saved at 3:56:13 PM, on 25/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolnet.ab.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.coolnet.ab.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - https://support.dell...iler/SysPro.CAB
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaud...d/ccpm_0237.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://www.support....ActiveX/odc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.co...81/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.co...,19/mcgdmgr.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Problem solved,

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP