Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Exception_access_violation (0xc0000005)

  • This topic is locked This topic is locked
3 replies to this topic

#1 tliyun


  • Members
  • 3 posts
  • Local time:05:01 AM

Posted 28 June 2006 - 10:33 AM

Hi, I need your help. Recently, I got EXCEPTION_ACCESS_VIOLATION (0xc0000005). Everytime I try to log into dbsvonline.com, the internet explorer will disappear and a notepad file will appear on my desktop. :thumbsup: The notepad says this:

# An unexpected error has been detected by HotSpot Virtual Machine:
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d6f4da4, pid=3788, tid=3068
# Java VM: Java HotSpot™ Client VM (1.5.0_06-b05 mixed mode, sharing)
# Problematic frame:
# V [jvm.dll+0x84da4]

--------------- T H R E A D ---------------

Current thread (0x0345faf8): JavaThread "main" [_thread_in_vm, id=3068]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000008

EAX=0x00000000, EBX=0x00000000, ECX=0x00000008, EDX=0x00000000
ESP=0x00135a2c, EBP=0x00135a5c, ESI=0x0345faf8, EDI=0x00000000
EIP=0x6d6f4da4, EFLAGS=0x00010246

Top of Stack: (sp=0x00135a2c)
0x00135a2c: 6d6f75fd 00000000 00000000 0345fbb8
0x00135a3c: 6d31775b 0000000c 20aae150 00000000
0x00135a4c: 00135a4c 00000000 03420294 00000000
0x00135a5c: 00135a80 6d304d43 0345fbb8 6d31776c
0x00135a6c: 00000000 0345fbb8 00000000 00000000
0x00135a7c: 0345fbb8 00135aa8 6d305543 0345fbb8
0x00135a8c: 00135ab3 6d31776c 6d317760 6d317748
0x00135a9c: 0346b104 0345fbb8 0345fbb8 00135ac0

Instructions: (pc=0x6d6f4da4)
0x6d6f4d94: e8 aa 1e ff ff c3 8b 44 24 04 8b 0d 58 42 7e 6d
0x6d6f4da4: 8b 04 01 c3 8b 44 24 04 8b 0d 54 42 7e 6d 8b 04

Stack: [0x00040000,0x00140000), sp=0x00135a2c, free space=982k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V [jvm.dll+0x84da4]
C [java.dll+0x4d43]
C [java.dll+0x5543]
C [java.dll+0x55dc]
C [java.dll+0x18ba]
j java.lang.ClassLoader$NativeLibrary.load(Ljava/lang/String;)V+0
j java.lang.ClassLoader.loadLibrary0(Ljava/lang/Class;Ljava/io/File;)Z+300
j java.lang.ClassLoader.loadLibrary(Ljava/lang/Class;Ljava/lang/String;Z)V+48
j java.lang.Runtime.load0(Ljava/lang/Class;Ljava/lang/String;)V+57
j java.lang.System.load(Ljava/lang/String;)V+7
v ~StubRoutines::call_stub
V [jvm.dll+0x845a9]
V [jvm.dll+0xd9317]
V [jvm.dll+0x8447a]
V [jvm.dll+0x8b4b3]
C [jpishare.dll+0x43cf]
C [jpishare.dll+0x1eb2]
C [jpiexp32.dll+0x5a1d]
C [npjpi150_06.dll+0x1aae]
C [ssv.dll+0xa627]
C [ole32.dll+0x2180a]
C [ole32.dll+0x4d6cc]
C [ole32.dll+0x4d3e6]
C [ole32.dll+0x36212]
C [ole32.dll+0x360fe]
C [ole32.dll+0x362e4]
C [ole32.dll+0x36290]
C [ole32.dll+0x4ddf4]
C [ole32.dll+0x4ddab]
C [ole32.dll+0x36337]
C [ole32.dll+0x360fe]
C [ole32.dll+0x36118]
C [ole32.dll+0x360fe]
C [ole32.dll+0x35f92]
C [ole32.dll+0x35e4b]
C [ole32.dll+0x35dcd]
C [urlmon.dll+0x3001e]
C [urlmon.dll+0x3d59f]
C [urlmon.dll+0x3db06]
C [urlmon.dll+0x3de3f]
C [mshtml.dll+0x27867b]
C [mshtml.dll+0x278a1e]
C [mshtml.dll+0x271eb5]
C [mshtml.dll+0x27c293]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j java.lang.ClassLoader$NativeLibrary.load(Ljava/lang/String;)V+0
j java.lang.ClassLoader.loadLibrary0(Ljava/lang/Class;Ljava/io/File;)Z+300
j java.lang.ClassLoader.loadLibrary(Ljava/lang/Class;Ljava/lang/String;Z)V+48
j java.lang.Runtime.load0(Ljava/lang/Class;Ljava/lang/String;)V+57
j java.lang.System.load(Ljava/lang/String;)V+7
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x060d6b70 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=3556]
0x0342be18 JavaThread "AWT-Windows" daemon [_thread_in_native, id=3296]
0x0342ab60 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=2936]
0x034e58e0 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=1196]
0x0341f008 JavaThread "CompilerThread0" daemon [_thread_blocked, id=3400]
0x03507210 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3388]
0x034249b0 JavaThread "Finalizer" daemon [_thread_blocked, id=2800]
0x03424828 JavaThread "Reference Handler" daemon [_thread_blocked, id=2584]
=>0x0345faf8 JavaThread "main" [_thread_in_vm, id=3068]

Other Threads:
0x03448680 VMThread [id=3348]
0x0341c008 WatcherThread [id=764]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

def new generation total 576K, used 320K [0x20a70000, 0x20b10000, 0x211d0000)
eden space 512K, 50% used [0x20a70000, 0x20ab0350, 0x20af0000)
from space 64K, 100% used [0x20b00000, 0x20b10000, 0x20b10000)
to space 64K, 0% used [0x20af0000, 0x20af0000, 0x20b00000)
tenured generation total 1408K, used 189K [0x211d0000, 0x21330000, 0x26a70000)
the space 1408K, 13% used [0x211d0000, 0x211ff6d8, 0x211ff800, 0x21330000)
compacting perm gen total 8192K, used 586K [0x26a70000, 0x27270000, 0x2aa70000)
the space 8192K, 7% used [0x26a70000, 0x26b02898, 0x26b02a00, 0x27270000)
ro space 8192K, 63% used [0x2aa70000, 0x2af7b178, 0x2af7b200, 0x2b270000)
rw space 12288K, 46% used [0x2b270000, 0x2b809fa8, 0x2b80a000, 0x2be70000)

Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x7c900000 - 0x7c9b0000 C:\WINXP\system32\ntdll.dll
0x7c800000 - 0x7c8f4000 C:\WINXP\system32\kernel32.dll
0x77c10000 - 0x77c68000 C:\WINXP\system32\msvcrt.dll
0x77d40000 - 0x77dd0000 C:\WINXP\system32\USER32.dll
0x77f10000 - 0x77f57000 C:\WINXP\system32\GDI32.dll
0x77f60000 - 0x77fd6000 C:\WINXP\system32\SHLWAPI.dll
0x77dd0000 - 0x77e6b000 C:\WINXP\system32\ADVAPI32.dll
0x77e70000 - 0x77f01000 C:\WINXP\system32\RPCRT4.dll
0x77760000 - 0x778cf000 C:\WINXP\system32\SHDOCVW.dll
0x77a80000 - 0x77b14000 C:\WINXP\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINXP\system32\MSASN1.dll
0x754d0000 - 0x75550000 C:\WINXP\system32\CRYPTUI.dll
0x76c30000 - 0x76c5e000 C:\WINXP\system32\WINTRUST.dll
0x76c90000 - 0x76cb8000 C:\WINXP\system32\IMAGEHLP.dll
0x77120000 - 0x771ac000 C:\WINXP\system32\OLEAUT32.dll
0x774e0000 - 0x7761d000 C:\WINXP\system32\ole32.dll
0x5b860000 - 0x5b8b4000 C:\WINXP\system32\NETAPI32.dll
0x771b0000 - 0x77256000 C:\WINXP\system32\WININET.dll
0x76f60000 - 0x76f8c000 C:\WINXP\system32\WLDAP32.dll
0x77c00000 - 0x77c08000 C:\WINXP\system32\VERSION.dll
0x76390000 - 0x763ad000 C:\WINXP\system32\IMM32.DLL
0x629c0000 - 0x629c9000 C:\WINXP\system32\LPK.DLL
0x74d90000 - 0x74dfb000 C:\WINXP\system32\USP10.dll
0x773d0000 - 0x774d2000 C:\WINXP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7c9c0000 - 0x7d1d5000 C:\WINXP\system32\SHELL32.dll
0x5d090000 - 0x5d127000 C:\WINXP\system32\comctl32.dll
0x5ad70000 - 0x5ada8000 C:\WINXP\system32\uxtheme.dll
0x74720000 - 0x7476b000 C:\WINXP\system32\MSCTF.dll
0x75f80000 - 0x7607d000 C:\WINXP\system32\BROWSEUI.dll
0x20000000 - 0x20012000 C:\WINXP\system32\browselc.dll
0x77b40000 - 0x77b62000 C:\WINXP\system32\appHelp.dll
0x76fd0000 - 0x7704f000 C:\WINXP\system32\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINXP\system32\COMRes.dll
0x755c0000 - 0x755ee000 C:\WINXP\system32\msctfime.ime
0x77260000 - 0x77300000 C:\WINXP\system32\urlmon.dll
0x77fe0000 - 0x77ff1000 C:\WINXP\system32\Secur32.dll
0x77a20000 - 0x77a74000 C:\WINXP\System32\cscui.dll
0x76600000 - 0x7661d000 C:\WINXP\System32\CSCDLL.dll
0x77920000 - 0x77a13000 C:\WINXP\system32\SETUPAPI.dll
0x10000000 - 0x1000e000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
0x7c340000 - 0x7c396000 C:\WINXP\system32\MSVCR71.dll
0x01020000 - 0x010f5000 C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
0x5edd0000 - 0x5ede7000 C:\WINXP\system32\olepro32.dll
0x6a1f0000 - 0x6a212000 C:\Program Files\Norton AntiVirus\NavShExt.dll
0x7c3a0000 - 0x7c41b000 C:\WINXP\system32\MSVCP71.dll
0x75e90000 - 0x75f40000 C:\WINXP\system32\SXS.DLL
0x01b00000 - 0x01b88000 C:\WINXP\system32\shdoclc.dll
0x01b90000 - 0x01e55000 C:\WINXP\system32\xpsp2res.dll
0x75cf0000 - 0x75d81000 C:\WINXP\system32\mlang.dll
0x71ad0000 - 0x71ad9000 C:\WINXP\system32\wsock32.dll
0x71ab0000 - 0x71ac7000 C:\WINXP\system32\WS2_32.dll
0x71aa0000 - 0x71aa8000 C:\WINXP\system32\WS2HELP.dll
0x71a50000 - 0x71a8f000 C:\WINXP\system32\mswsock.dll
0x662b0000 - 0x66308000 C:\WINXP\system32\hnetcfg.dll
0x71a90000 - 0x71a98000 C:\WINXP\System32\wshtcpip.dll
0x76ee0000 - 0x76f1c000 C:\WINXP\system32\RASAPI32.DLL
0x76e90000 - 0x76ea2000 C:\WINXP\system32\rasman.dll
0x76eb0000 - 0x76edf000 C:\WINXP\system32\TAPI32.dll
0x76e80000 - 0x76e8e000 C:\WINXP\system32\rtutils.dll
0x76b40000 - 0x76b6d000 C:\WINXP\system32\WINMM.dll
0x77c70000 - 0x77c93000 C:\WINXP\system32\msv1_0.dll
0x76d60000 - 0x76d79000 C:\WINXP\system32\iphlpapi.dll
0x722b0000 - 0x722b5000 C:\WINXP\system32\sensapi.dll
0x769c0000 - 0x76a73000 C:\WINXP\system32\USERENV.dll
0x76fc0000 - 0x76fc6000 C:\WINXP\system32\rasadhlp.dll
0x76f20000 - 0x76f47000 C:\WINXP\system32\DNSAPI.dll
0x76fb0000 - 0x76fb8000 C:\WINXP\System32\winrnr.dll
0x7dc30000 - 0x7df1f000 C:\WINXP\system32\mshtml.dll
0x746c0000 - 0x746e7000 C:\WINXP\system32\msls31.dll
0x76bf0000 - 0x76bfb000 C:\WINXP\system32\PSAPI.DLL
0x746f0000 - 0x7471a000 C:\WINXP\system32\msimtf.dll
0x32520000 - 0x32532000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x75c50000 - 0x75cbe000 C:\WINXP\system32\jscript.dll
0x71b20000 - 0x71b32000 C:\WINXP\system32\MPR.dll
0x75f60000 - 0x75f67000 C:\WINXP\System32\drprov.dll
0x71c10000 - 0x71c1e000 C:\WINXP\System32\ntlanman.dll
0x71cd0000 - 0x71ce7000 C:\WINXP\System32\NETUI0.dll
0x71c90000 - 0x71cd0000 C:\WINXP\System32\NETUI1.dll
0x71c80000 - 0x71c87000 C:\WINXP\System32\NETRAP.dll
0x71bf0000 - 0x71c03000 C:\WINXP\System32\SAMLIB.dll
0x75f70000 - 0x75f79000 C:\WINXP\System32\davclnt.dll
0x75970000 - 0x75a67000 C:\WINXP\system32\MSGINA.dll
0x76360000 - 0x76370000 C:\WINXP\system32\WINSTA.dll
0x74320000 - 0x7435d000 C:\WINXP\system32\ODBC32.dll
0x763b0000 - 0x763f9000 C:\WINXP\system32\comdlg32.dll
0x03050000 - 0x03067000 C:\WINXP\system32\odbcint.dll
0x73ba0000 - 0x73bb3000 C:\WINXP\system32\sti.dll
0x74ae0000 - 0x74ae7000 C:\WINXP\system32\CFGMGR32.dll
0x72d20000 - 0x72d29000 C:\WINXP\system32\wdmaud.drv
0x72d10000 - 0x72d18000 C:\WINXP\system32\msacm32.drv
0x77be0000 - 0x77bf5000 C:\WINXP\system32\MSACM32.dll
0x77bd0000 - 0x77bd7000 C:\WINXP\system32\midimap.dll
0x30000000 - 0x30222000 C:\WINXP\system32\Macromed\Flash\Flash8.ocx
0x6d430000 - 0x6d43a000 C:\WINXP\system32\ddrawex.dll
0x73760000 - 0x737a9000 C:\WINXP\system32\DDRAW.dll
0x73bc0000 - 0x73bc6000 C:\WINXP\system32\DCIMAN32.dll
0x04cf0000 - 0x04cf7000 C:\WINXP\system32\xpsp3res.dll
0x66880000 - 0x6688c000 C:\WINXP\system32\ImgUtil.dll
0x5e310000 - 0x5e31c000 C:\WINXP\system32\pngfilt.dll
0x76200000 - 0x76271000 C:\WINXP\system32\mshtmled.dll
0x767f0000 - 0x76817000 C:\WINXP\system32\schannel.dll
0x0ffd0000 - 0x0fff8000 C:\WINXP\system32\rsaenh.dll
0x68100000 - 0x68124000 C:\WINXP\system32\dssenh.dll
0x73300000 - 0x73367000 C:\WINXP\system32\vbscript.dll
0x73dd0000 - 0x73ece000 C:\WINXP\system32\MFC42.DLL
0x6d600000 - 0x6d62d000 C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
0x6d590000 - 0x6d5a2000 C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
0x6d400000 - 0x6d417000 C:\Program Files\Java\jre1.5.0_06\bin\jpiexp32.dll
0x6d450000 - 0x6d468000 C:\Program Files\Java\jre1.5.0_06\bin\jpishare.dll
0x6d670000 - 0x6d804000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\client\jvm.dll
0x6d280000 - 0x6d288000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\hpi.dll
0x6d640000 - 0x6d64c000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\verify.dll
0x6d300000 - 0x6d31d000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\java.dll
0x6d660000 - 0x6d66f000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\zip.dll
0x6d000000 - 0x6d167000 C:\Program Files\Java\jre1.5.0_06\bin\awt.dll
0x73000000 - 0x73026000 C:\WINXP\system32\WINSPOOL.DRV
0x73940000 - 0x73a10000 C:\WINXP\system32\D3DIM700.DLL
0x6d240000 - 0x6d27d000 C:\Program Files\Java\jre1.5.0_06\bin\fontmanager.dll
0x6d1f0000 - 0x6d203000 C:\Program Files\Java\jre1.5.0_06\bin\deploy.dll
0x6d5d0000 - 0x6d5ef000 C:\Program Files\Java\jre1.5.0_06\bin\RegUtils.dll
0x06790000 - 0x06a56000 C:\WINXP\system32\msi.dll

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE15~1.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol vfprintf
Launcher Type: generic

Environment Variables:
PATH=C:\PROGRA~1\Java\JRE15~1.0_0\bin;C:\Program Files\Internet Explorer;;C:\WINXP\system32;C:\WINXP;C:\WINXP\System32\Wbem;.
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel

--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 1 family 15, cmov, cx8, fxsr, mmx, sse, sse2, ht

Memory: 4k page, physical 490992k(66840k free), swap 1149376k(775540k free)

vm_info: Java HotSpot™ Client VM (1.5.0_06-b05) for windows-x86, built on Nov 10 2005 11:12:14 by "java_re" with MS VC++ 6.0

I have gone through the instructions on http://www.bleepingcomputer.com/forums/t/49613/exception-access-violation-0xc0000005/ and http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/. But I'm stucked with the deleting part of the HijackThis. Here is my HijackThis logfile:

Logfile of HijackThis v1.99.1
Scan saved at 11:16:25 PM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINXP\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINXP\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /pkg "Office 2000 Server Extensions"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINXP\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINXP\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINXP\system32\sistray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1918520-B49B-4AB5-9FD7-800F372ACB58}: NameServer =,
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINXP\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINXP\system32\CTSVCCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINXP\system32\ZONELABS\vsmon.exe

I hope that someone can tell me what to delete and how to delete. Thank you!

BC AdBot (Login to Remove)



#2 miekiemoes


    Malware Killer Dog

  • Malware Response Team
  • 19,420 posts
  • Gender:Female
  • Location:Belgium
  • Local time:10:01 PM

Posted 05 July 2006 - 08:49 AM


Not really sure why you posted a hijackthislog, since you are having problems with HotSpot Virtual Machine.
I can't see anything that you have to delete in hijackthis though.

Better to visit this site for support on the HotSpot Virtual Machine
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 tliyun

  • Topic Starter

  • Members
  • 3 posts
  • Local time:05:01 AM

Posted 05 July 2006 - 09:55 AM

Thank you for your reply. I have installed J2SE Runtime Environment 5.0 Update 7 and the problem is solved already. Thanks for your help! :thumbsup:

#4 miekiemoes


    Malware Killer Dog

  • Malware Response Team
  • 19,420 posts
  • Gender:Female
  • Location:Belgium
  • Local time:10:01 PM

Posted 05 July 2006 - 10:05 AM

Thanks for the feedback :thumbsup:

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users