Notepad Alert appears on desktop
Started by
crashedpilot
, Dec 26 2004 01:33 PM
#1
Posted 26 December 2004 - 01:33 PM
#2
Posted 27 December 2004 - 04:37 AM
Here's the actual notepad:
An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION (0xc0000005) occurred at PC=0x40
Function=[Unknown.]
Library=(N/A)
NOTE: We are unable to locate the function name symbol for the error
just occurred. Please refer to release documentation for possible
reason and solutions.
Current Java thread:
at sun.plugin.services.WPlatformService.waitEvent(Native Method)
at sun.plugin.viewer.frame.IExplorerEmbeddedFrame.destroy(Unknown Source)
Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x77F80000 - 0x77FFD000 C:\WINNT\system32\ntdll.dll
0x78000000 - 0x78045000 C:\WINNT\system32\msvcrt.dll
0x7C570000 - 0x7C623000 C:\WINNT\system32\KERNEL32.dll
0x77E10000 - 0x77E75000 C:\WINNT\system32\USER32.dll
0x77F40000 - 0x77F7B000 C:\WINNT\system32\GDI32.DLL
0x70A70000 - 0x70AD9000 C:\WINNT\system32\SHLWAPI.dll
0x7C2D0000 - 0x7C332000 C:\WINNT\system32\ADVAPI32.dll
0x77D30000 - 0x77DA1000 C:\WINNT\system32\RPCRT4.DLL
0x71700000 - 0x71848000 C:\WINNT\system32\SHDOCVW.dll
0x007A0000 - 0x00824000 C:\WINNT\system32\comctl32.dll
0x782F0000 - 0x78535000 C:\WINNT\system32\SHELL32.dll
0x77A50000 - 0x77B3F000 C:\WINNT\system32\ole32.dll
0x6E420000 - 0x6E426000 C:\WINNT\system32\INDICDLL.dll
0x75E60000 - 0x75E7A000 C:\WINNT\system32\IMM32.dll
0x71500000 - 0x715FD000 C:\WINNT\system32\BROWSEUI.dll
0x71960000 - 0x71972000 C:\WINNT\system32\browselc.dll
0x775A0000 - 0x77630000 C:\WINNT\system32\CLBCATQ.DLL
0x779B0000 - 0x77A4B000 C:\WINNT\system32\OLEAUT32.dll
0x63000000 - 0x63096000 C:\WINNT\system32\WININET.dll
0x7C740000 - 0x7C7C7000 C:\WINNT\system32\CRYPT32.dll
0x77430000 - 0x77440000 C:\WINNT\system32\MSASN1.DLL
0x77840000 - 0x7787E000 C:\WINNT\system32\cscui.dll
0x770C0000 - 0x770E3000 C:\WINNT\system32\CSCDLL.DLL
0x10000000 - 0x1000C000 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x01110000 - 0x0112C000 C:\Program Files\Norton AntiVirus\NavShExt.dll
0x01130000 - 0x0114A000 C:\WINNT\system32\ccTrust.dll
0x77820000 - 0x77827000 C:\WINNT\system32\VERSION.dll
0x759B0000 - 0x759B6000 C:\WINNT\system32\LZ32.DLL
0x780C0000 - 0x78121000 C:\WINNT\system32\MSVCP60.dll
0x773E0000 - 0x773F5000 C:\WINNT\system32\ATL.DLL
0x1A400000 - 0x1A47A000 C:\WINNT\system32\urlmon.dll
0x718C0000 - 0x71944000 C:\WINNT\system32\shdoclc.dll
0x70440000 - 0x704CF000 C:\WINNT\system32\mlang.dll
0x75050000 - 0x75058000 C:\WINNT\system32\wsock32.dll
0x75030000 - 0x75044000 C:\WINNT\system32\WS2_32.DLL
0x75020000 - 0x75028000 C:\WINNT\system32\WS2HELP.DLL
0x74FD0000 - 0x74FEE000 C:\WINNT\system32\msafd.dll
0x774E0000 - 0x77513000 C:\WINNT\system32\RASAPI32.DLL
0x774C0000 - 0x774D1000 C:\WINNT\system32\RASMAN.DLL
0x77530000 - 0x77552000 C:\WINNT\system32\TAPI32.DLL
0x77830000 - 0x7783E000 C:\WINNT\system32\RTUTILS.DLL
0x015C0000 - 0x017C4000 C:\WINNT\system32\msi.dll
0x75010000 - 0x75017000 C:\WINNT\System32\wshtcpip.dll
0x7C0F0000 - 0x7C151000 C:\WINNT\system32\USERENV.DLL
0x75170000 - 0x751BF000 C:\WINNT\system32\netapi32.dll
0x7C340000 - 0x7C34F000 C:\WINNT\system32\Secur32.dll
0x77BF0000 - 0x77C01000 C:\WINNT\system32\NTDSAPI.dll
0x77980000 - 0x779A4000 C:\WINNT\system32\DNSAPI.DLL
0x77950000 - 0x7797A000 C:\WINNT\system32\WLDAP32.DLL
0x751C0000 - 0x751C6000 C:\WINNT\system32\NETRAP.dll
0x75150000 - 0x7515F000 C:\WINNT\system32\SAMLIB.dll
0x7CA00000 - 0x7CA23000 C:\WINNT\system32\rsabase.dll
0x782C0000 - 0x782CC000 C:\WINNT\System32\rnr20.dll
0x77340000 - 0x77353000 C:\WINNT\system32\iphlpapi.dll
0x77520000 - 0x77525000 C:\WINNT\system32\ICMP.DLL
0x77320000 - 0x77337000 C:\WINNT\system32\MPRAPI.DLL
0x773B0000 - 0x773DF000 C:\WINNT\system32\ACTIVEDS.DLL
0x77380000 - 0x773A3000 C:\WINNT\system32\ADSLDPC.DLL
0x77880000 - 0x7790E000 C:\WINNT\system32\SETUPAPI.DLL
0x77360000 - 0x77379000 C:\WINNT\system32\DHCPCSVC.DLL
0x777E0000 - 0x777E8000 C:\WINNT\System32\winrnr.dll
0x777F0000 - 0x777F5000 C:\WINNT\system32\rasadhlp.dll
0x63580000 - 0x6381C000 C:\WINNT\system32\mshtml.dll
0x01E50000 - 0x01E6B000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll
0x01F80000 - 0x01F9E000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll
0x76930000 - 0x7695B000 C:\WINNT\system32\wintrust.dll
0x77920000 - 0x77943000 C:\WINNT\system32\IMAGEHLP.dll
0x021F0000 - 0x02213000 C:\WINNT\system32\rsaenh.dll
0x7C700000 - 0x7C712000 C:\WINNT\system32\cryptnet.dll
0x76080000 - 0x760D0000 C:\WINNT\system32\WINHTTP.DLL
0x75AB0000 - 0x75AB5000 C:\WINNT\system32\SENSAPI.DLL
0x6B700000 - 0x6B790000 c:\winnt\system32\jscript.dll
0x70FB0000 - 0x70FEB000 C:\WINNT\system32\iepeers.dll
0x77800000 - 0x7781E000 C:\WINNT\system32\WINSPOOL.DRV
0x76620000 - 0x76630000 C:\WINNT\system32\MPR.DLL
0x75AC0000 - 0x75AE8000 C:\WINNT\system32\MSLS31.DLL
0x70F30000 - 0x70F9E000 C:\WINNT\system32\mshtmled.dll
0x77570000 - 0x775A0000 C:\WINNT\system32\WINMM.dll
0x77560000 - 0x77568000 C:\WINNT\system32\wdmaud.drv
0x77400000 - 0x77408000 C:\WINNT\system32\msacm32.drv
0x77410000 - 0x77423000 C:\WINNT\system32\MSACM32.dll
0x75D40000 - 0x75D46000 C:\WINNT\system32\msadp32.acm
0x703D0000 - 0x703EB000 C:\WINNT\system32\actxprxy.dll
0x66650000 - 0x666A4000 C:\WINNT\system32\USP10.DLL
0x70510000 - 0x7051A000 C:\WINNT\system32\imgutil.dll
0x35C50000 - 0x35C83000 C:\WINNT\system32\dxtrans.dll
0x727F0000 - 0x727F9000 C:\WINNT\system32\ddrawex.dll
0x51000000 - 0x51049000 C:\WINNT\system32\DDRAW.dll
0x728A0000 - 0x728A6000 C:\WINNT\system32\DCIMAN32.dll
0x35CB0000 - 0x35D09000 C:\WINNT\system32\dxtmsft.dll
0x655E0000 - 0x655E7000 C:\WINNT\system32\wtsapi32.dll
0x66640000 - 0x6664A000 C:\WINNT\system32\UTILDLL.dll
0x65780000 - 0x6578D000 C:\WINNT\system32\WINSTA.dll
0x68A80000 - 0x68A8B000 C:\WINNT\system32\REGAPI.dll
0x75160000 - 0x7516C000 C:\WINNT\System32\ntlanman.dll
0x75210000 - 0x75225000 C:\WINNT\System32\NETUI0.dll
0x751D0000 - 0x75208000 C:\WINNT\System32\NETUI1.dll
0x6B600000 - 0x6B671000 c:\winnt\system32\vbscript.dll
0x07070000 - 0x07217000 C:\WINNT\system32\macromed\flash\Flash.ocx
0x76B30000 - 0x76B6E000 C:\WINNT\system32\comdlg32.dll
0x6D460000 - 0x6D470000 C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
0x695E0000 - 0x69609000 C:\WINNT\system32\OLEPRO32.DLL
0x6D330000 - 0x6D348000 C:\Program Files\Java\j2re1.4.2_05\bin\jpiexp32.dll
0x6D3A0000 - 0x6D3B8000 C:\Program Files\Java\j2re1.4.2_05\bin\jpishare.dll
0x08000000 - 0x08139000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\client\jvm.dll
0x07910000 - 0x07917000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\hpi.dll
0x07930000 - 0x0793E000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\verify.dll
0x07940000 - 0x07959000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\java.dll
0x07960000 - 0x0796D000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\zip.dll
0x02880000 - 0x02992000 C:\Program Files\Java\j2re1.4.2_05\bin\awt.dll
0x02A00000 - 0x02A51000 C:\Program Files\Java\j2re1.4.2_05\bin\fontmanager.dll
0x5C000000 - 0x5C0C8000 C:\WINNT\system32\D3DIM700.DLL
0x6D310000 - 0x6D324000 C:\Program Files\Java\j2re1.4.2_05\bin\jpicom32.dll
0x0B9C0000 - 0x0B9CF000 C:\Program Files\Java\j2re1.4.2_05\bin\net.dll
0x76B70000 - 0x76B84000 C:\WINNT\system32\HLINK.DLL
0x0EAC0000 - 0x0EACB000 C:\WINNT\system32\dispex.dll
0x72A00000 - 0x72A2D000 C:\WINNT\system32\DBGHELP.dll
0x690A0000 - 0x690AB000 C:\WINNT\system32\PSAPI.DLL
Heap at VM Abort:
Heap
def new generation total 576K, used 292K [0x10010000, 0x100b0000, 0x10770000)
eden space 512K, 52% used [0x10010000, 0x10052ab8, 0x10090000)
from space 64K, 40% used [0x10090000, 0x100968f0, 0x100a0000)
to space 64K, 0% used [0x100a0000, 0x100a0000, 0x100b0000)
tenured generation total 1408K, used 480K [0x10770000, 0x108d0000, 0x16010000)
the space 1408K, 34% used [0x10770000, 0x107e81b0, 0x107e8200, 0x108d0000)
compacting perm gen total 4608K, used 4502K [0x16010000, 0x16490000, 0x1a010000)
the space 4608K, 97% used [0x16010000, 0x16475888, 0x16475a00, 0x16490000)
Local Time = Sun Dec 26 18:05:44 2004
Elapsed Time = 760
#
# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot Client VM (1.4.2_05-b04 mixed mode)
#
and the HijackThis Log:
Logfile of HijackThis v1.98.2
Scan saved at 19:25:34, on 26/12/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lightning Download\Lightning.exe
C:\Program Files\Lightning Download\Lightning.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
C:\Program Files\HistoryKill\hkPopupKiller.exe
C:\Program Files\IPWireless Inc\IPWireless PC Software\UEStatus.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.875\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F1FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Lightning Download] C:\Program Files\Lightning Download\Lightning.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{CEA5E~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{CEA5E~1\reboot.ini
O4 - HKCU\..\Run: [HistoryKill] C:\Program Files\HistoryKill\histkill.exe /startup
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ChoiceMail] C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C59F4B46-4C82-4F0C-9DAF-02FFE64491F4}: NameServer = 219.76.66.69 203.198.23.208
An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION (0xc0000005) occurred at PC=0x40
Function=[Unknown.]
Library=(N/A)
NOTE: We are unable to locate the function name symbol for the error
just occurred. Please refer to release documentation for possible
reason and solutions.
Current Java thread:
at sun.plugin.services.WPlatformService.waitEvent(Native Method)
at sun.plugin.viewer.frame.IExplorerEmbeddedFrame.destroy(Unknown Source)
Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x77F80000 - 0x77FFD000 C:\WINNT\system32\ntdll.dll
0x78000000 - 0x78045000 C:\WINNT\system32\msvcrt.dll
0x7C570000 - 0x7C623000 C:\WINNT\system32\KERNEL32.dll
0x77E10000 - 0x77E75000 C:\WINNT\system32\USER32.dll
0x77F40000 - 0x77F7B000 C:\WINNT\system32\GDI32.DLL
0x70A70000 - 0x70AD9000 C:\WINNT\system32\SHLWAPI.dll
0x7C2D0000 - 0x7C332000 C:\WINNT\system32\ADVAPI32.dll
0x77D30000 - 0x77DA1000 C:\WINNT\system32\RPCRT4.DLL
0x71700000 - 0x71848000 C:\WINNT\system32\SHDOCVW.dll
0x007A0000 - 0x00824000 C:\WINNT\system32\comctl32.dll
0x782F0000 - 0x78535000 C:\WINNT\system32\SHELL32.dll
0x77A50000 - 0x77B3F000 C:\WINNT\system32\ole32.dll
0x6E420000 - 0x6E426000 C:\WINNT\system32\INDICDLL.dll
0x75E60000 - 0x75E7A000 C:\WINNT\system32\IMM32.dll
0x71500000 - 0x715FD000 C:\WINNT\system32\BROWSEUI.dll
0x71960000 - 0x71972000 C:\WINNT\system32\browselc.dll
0x775A0000 - 0x77630000 C:\WINNT\system32\CLBCATQ.DLL
0x779B0000 - 0x77A4B000 C:\WINNT\system32\OLEAUT32.dll
0x63000000 - 0x63096000 C:\WINNT\system32\WININET.dll
0x7C740000 - 0x7C7C7000 C:\WINNT\system32\CRYPT32.dll
0x77430000 - 0x77440000 C:\WINNT\system32\MSASN1.DLL
0x77840000 - 0x7787E000 C:\WINNT\system32\cscui.dll
0x770C0000 - 0x770E3000 C:\WINNT\system32\CSCDLL.DLL
0x10000000 - 0x1000C000 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x01110000 - 0x0112C000 C:\Program Files\Norton AntiVirus\NavShExt.dll
0x01130000 - 0x0114A000 C:\WINNT\system32\ccTrust.dll
0x77820000 - 0x77827000 C:\WINNT\system32\VERSION.dll
0x759B0000 - 0x759B6000 C:\WINNT\system32\LZ32.DLL
0x780C0000 - 0x78121000 C:\WINNT\system32\MSVCP60.dll
0x773E0000 - 0x773F5000 C:\WINNT\system32\ATL.DLL
0x1A400000 - 0x1A47A000 C:\WINNT\system32\urlmon.dll
0x718C0000 - 0x71944000 C:\WINNT\system32\shdoclc.dll
0x70440000 - 0x704CF000 C:\WINNT\system32\mlang.dll
0x75050000 - 0x75058000 C:\WINNT\system32\wsock32.dll
0x75030000 - 0x75044000 C:\WINNT\system32\WS2_32.DLL
0x75020000 - 0x75028000 C:\WINNT\system32\WS2HELP.DLL
0x74FD0000 - 0x74FEE000 C:\WINNT\system32\msafd.dll
0x774E0000 - 0x77513000 C:\WINNT\system32\RASAPI32.DLL
0x774C0000 - 0x774D1000 C:\WINNT\system32\RASMAN.DLL
0x77530000 - 0x77552000 C:\WINNT\system32\TAPI32.DLL
0x77830000 - 0x7783E000 C:\WINNT\system32\RTUTILS.DLL
0x015C0000 - 0x017C4000 C:\WINNT\system32\msi.dll
0x75010000 - 0x75017000 C:\WINNT\System32\wshtcpip.dll
0x7C0F0000 - 0x7C151000 C:\WINNT\system32\USERENV.DLL
0x75170000 - 0x751BF000 C:\WINNT\system32\netapi32.dll
0x7C340000 - 0x7C34F000 C:\WINNT\system32\Secur32.dll
0x77BF0000 - 0x77C01000 C:\WINNT\system32\NTDSAPI.dll
0x77980000 - 0x779A4000 C:\WINNT\system32\DNSAPI.DLL
0x77950000 - 0x7797A000 C:\WINNT\system32\WLDAP32.DLL
0x751C0000 - 0x751C6000 C:\WINNT\system32\NETRAP.dll
0x75150000 - 0x7515F000 C:\WINNT\system32\SAMLIB.dll
0x7CA00000 - 0x7CA23000 C:\WINNT\system32\rsabase.dll
0x782C0000 - 0x782CC000 C:\WINNT\System32\rnr20.dll
0x77340000 - 0x77353000 C:\WINNT\system32\iphlpapi.dll
0x77520000 - 0x77525000 C:\WINNT\system32\ICMP.DLL
0x77320000 - 0x77337000 C:\WINNT\system32\MPRAPI.DLL
0x773B0000 - 0x773DF000 C:\WINNT\system32\ACTIVEDS.DLL
0x77380000 - 0x773A3000 C:\WINNT\system32\ADSLDPC.DLL
0x77880000 - 0x7790E000 C:\WINNT\system32\SETUPAPI.DLL
0x77360000 - 0x77379000 C:\WINNT\system32\DHCPCSVC.DLL
0x777E0000 - 0x777E8000 C:\WINNT\System32\winrnr.dll
0x777F0000 - 0x777F5000 C:\WINNT\system32\rasadhlp.dll
0x63580000 - 0x6381C000 C:\WINNT\system32\mshtml.dll
0x01E50000 - 0x01E6B000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll
0x01F80000 - 0x01F9E000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll
0x76930000 - 0x7695B000 C:\WINNT\system32\wintrust.dll
0x77920000 - 0x77943000 C:\WINNT\system32\IMAGEHLP.dll
0x021F0000 - 0x02213000 C:\WINNT\system32\rsaenh.dll
0x7C700000 - 0x7C712000 C:\WINNT\system32\cryptnet.dll
0x76080000 - 0x760D0000 C:\WINNT\system32\WINHTTP.DLL
0x75AB0000 - 0x75AB5000 C:\WINNT\system32\SENSAPI.DLL
0x6B700000 - 0x6B790000 c:\winnt\system32\jscript.dll
0x70FB0000 - 0x70FEB000 C:\WINNT\system32\iepeers.dll
0x77800000 - 0x7781E000 C:\WINNT\system32\WINSPOOL.DRV
0x76620000 - 0x76630000 C:\WINNT\system32\MPR.DLL
0x75AC0000 - 0x75AE8000 C:\WINNT\system32\MSLS31.DLL
0x70F30000 - 0x70F9E000 C:\WINNT\system32\mshtmled.dll
0x77570000 - 0x775A0000 C:\WINNT\system32\WINMM.dll
0x77560000 - 0x77568000 C:\WINNT\system32\wdmaud.drv
0x77400000 - 0x77408000 C:\WINNT\system32\msacm32.drv
0x77410000 - 0x77423000 C:\WINNT\system32\MSACM32.dll
0x75D40000 - 0x75D46000 C:\WINNT\system32\msadp32.acm
0x703D0000 - 0x703EB000 C:\WINNT\system32\actxprxy.dll
0x66650000 - 0x666A4000 C:\WINNT\system32\USP10.DLL
0x70510000 - 0x7051A000 C:\WINNT\system32\imgutil.dll
0x35C50000 - 0x35C83000 C:\WINNT\system32\dxtrans.dll
0x727F0000 - 0x727F9000 C:\WINNT\system32\ddrawex.dll
0x51000000 - 0x51049000 C:\WINNT\system32\DDRAW.dll
0x728A0000 - 0x728A6000 C:\WINNT\system32\DCIMAN32.dll
0x35CB0000 - 0x35D09000 C:\WINNT\system32\dxtmsft.dll
0x655E0000 - 0x655E7000 C:\WINNT\system32\wtsapi32.dll
0x66640000 - 0x6664A000 C:\WINNT\system32\UTILDLL.dll
0x65780000 - 0x6578D000 C:\WINNT\system32\WINSTA.dll
0x68A80000 - 0x68A8B000 C:\WINNT\system32\REGAPI.dll
0x75160000 - 0x7516C000 C:\WINNT\System32\ntlanman.dll
0x75210000 - 0x75225000 C:\WINNT\System32\NETUI0.dll
0x751D0000 - 0x75208000 C:\WINNT\System32\NETUI1.dll
0x6B600000 - 0x6B671000 c:\winnt\system32\vbscript.dll
0x07070000 - 0x07217000 C:\WINNT\system32\macromed\flash\Flash.ocx
0x76B30000 - 0x76B6E000 C:\WINNT\system32\comdlg32.dll
0x6D460000 - 0x6D470000 C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
0x695E0000 - 0x69609000 C:\WINNT\system32\OLEPRO32.DLL
0x6D330000 - 0x6D348000 C:\Program Files\Java\j2re1.4.2_05\bin\jpiexp32.dll
0x6D3A0000 - 0x6D3B8000 C:\Program Files\Java\j2re1.4.2_05\bin\jpishare.dll
0x08000000 - 0x08139000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\client\jvm.dll
0x07910000 - 0x07917000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\hpi.dll
0x07930000 - 0x0793E000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\verify.dll
0x07940000 - 0x07959000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\java.dll
0x07960000 - 0x0796D000 C:\PROGRA~1\Java\J2RE14~1.2_0\bin\zip.dll
0x02880000 - 0x02992000 C:\Program Files\Java\j2re1.4.2_05\bin\awt.dll
0x02A00000 - 0x02A51000 C:\Program Files\Java\j2re1.4.2_05\bin\fontmanager.dll
0x5C000000 - 0x5C0C8000 C:\WINNT\system32\D3DIM700.DLL
0x6D310000 - 0x6D324000 C:\Program Files\Java\j2re1.4.2_05\bin\jpicom32.dll
0x0B9C0000 - 0x0B9CF000 C:\Program Files\Java\j2re1.4.2_05\bin\net.dll
0x76B70000 - 0x76B84000 C:\WINNT\system32\HLINK.DLL
0x0EAC0000 - 0x0EACB000 C:\WINNT\system32\dispex.dll
0x72A00000 - 0x72A2D000 C:\WINNT\system32\DBGHELP.dll
0x690A0000 - 0x690AB000 C:\WINNT\system32\PSAPI.DLL
Heap at VM Abort:
Heap
def new generation total 576K, used 292K [0x10010000, 0x100b0000, 0x10770000)
eden space 512K, 52% used [0x10010000, 0x10052ab8, 0x10090000)
from space 64K, 40% used [0x10090000, 0x100968f0, 0x100a0000)
to space 64K, 0% used [0x100a0000, 0x100a0000, 0x100b0000)
tenured generation total 1408K, used 480K [0x10770000, 0x108d0000, 0x16010000)
the space 1408K, 34% used [0x10770000, 0x107e81b0, 0x107e8200, 0x108d0000)
compacting perm gen total 4608K, used 4502K [0x16010000, 0x16490000, 0x1a010000)
the space 4608K, 97% used [0x16010000, 0x16475888, 0x16475a00, 0x16490000)
Local Time = Sun Dec 26 18:05:44 2004
Elapsed Time = 760
#
# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot Client VM (1.4.2_05-b04 mixed mode)
#
and the HijackThis Log:
Logfile of HijackThis v1.98.2
Scan saved at 19:25:34, on 26/12/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lightning Download\Lightning.exe
C:\Program Files\Lightning Download\Lightning.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
C:\Program Files\HistoryKill\hkPopupKiller.exe
C:\Program Files\IPWireless Inc\IPWireless PC Software\UEStatus.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.875\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F1FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Lightning Download] C:\Program Files\Lightning Download\Lightning.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{CEA5E~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{CEA5E~1\reboot.ini
O4 - HKCU\..\Run: [HistoryKill] C:\Program Files\HistoryKill\histkill.exe /startup
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ChoiceMail] C:\Program Files\DigiPortal Software\ChoiceMail\ChoiceMail.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C59F4B46-4C82-4F0C-9DAF-02FFE64491F4}: NameServer = 219.76.66.69 203.198.23.208
#3
Posted 27 December 2004 - 10:29 AM
#4
Posted 27 December 2004 - 12:36 PM
Try replacing Notepad.exe with the version from here:
http://www.spywarein...notepad_nt4.zip
#5
Posted 27 December 2004 - 12:39 PM
Thanks, but the addy won't open
#6
Posted 27 December 2004 - 03:01 PM
Do you get an error when trying to access the site? Do you have another pc you can access with and transfer the file?
-=jonnyrotten=-
-=jonnyrotten=-
#7
Posted 27 December 2004 - 05:14 PM
Unfortunately I do not have access to another machine right now. Could you send a file to *edited for user's privacy*?
#8
Posted 27 December 2004 - 11:30 PM
Sent
-=jonnyrotten=-
-=jonnyrotten=-
#9
Posted 28 December 2004 - 02:58 PM
Sorted! Thanks
#10
Posted 28 December 2004 - 03:01 PM
Glad to hear it!
-=jonnyrotten=-
-=jonnyrotten=-
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users