Logfile of HijackThis v1.99.1
Scan saved at 18:37:38, on 23/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Vegas\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Google Search -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) -
http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg.com/us.yimg.com/i/ ... acscom.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 0178877374
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn.com/binFramework/v ... b34246.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) -
http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://creative.com/su/ocx/15016/CTPID.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, November 23, 2005 17:07:39
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 23/11/2005
Kaspersky Anti-Virus database records: 161204
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
Scan Statistics:
Total number of scanned objects: 149143
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 6262 sec
Infected Object Name - Virus Name
C:\RECYCLER\S-1-5-21-527237240-790525478-682003330-500\Dc1\Util\Remove.exe Infected: not-a-virus:AdWare.Win32.WebSearch.bf
Scan process completed.
I also had the log appear on my desktop when I rebooted the other day and don't know what it is. Any idea?
#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x0cdcda0c, pid=3852, tid=2224
#
# Java VM: Java HotSpot(TM) Client VM (1.5.0_05-b05 mixed mode, sharing)
# Problematic frame:
# j sun.util.PreHashedMap.get(Ljava/lang/Object;)Ljava/lang/Object;+1
#
--------------- T H R E A D ---------------
Current thread (0x02a1a1a8): JavaThread "AWT-Windows" daemon [_thread_in_Java, id=2224]
siginfo: ExceptionCode=0xc0000005, reading address 0x28283988
Registers:
EAX=0x28283880, EBX=0x00000000, ECX=0x2b7ddfa8, EDX=0x30800001
ESP=0x0f7be630, EBP=0x0f7be654, ESI=0x2aab6a89, EDI=0x0f7be668
EIP=0x0cdcda0c, EFLAGS=0x00010246
Top of Stack: (sp=0x0f7be630)
0x0f7be630: 0cdc29cf 2b7ddfa8 0f7be638 2aab6a89
0x0f7be640: 0f7be668 2b2db710 00000000 2b2db358
0x0f7be650: 0f7be664 0f7be688 0cdc2d00 00000000
0x0f7be660: 00000000 2b7ddfa8 211e6500 0f7be66c
0x0f7be670: 2aab60b5 0f7be698 2b2da390 00000000
0x0f7be680: 2b2da078 0f7be694 0f7be6c4 0cdc29fa
0x0f7be690: 00000000 2b7ddfa8 21217a88 21217a88
0x0f7be6a0: 08000001 21217a88 0f7be6a0 2aab62ef
Instructions: (pc=0x0cdcda0c)
0x0cdcd9fc: 00 04 0f 84 05 00 00 00 3b 01 ff 63 30 8b 41 04
0x0cdcda0c: 8b 9c 98 08 01 00 00 8b 53 30 8b c3 ff e2 90 90
Stack: [0x0f6c0000,0x0f7c0000), sp=0x0f7be630, free space=1017k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
j sun.util.PreHashedMap.get(Ljava/lang/Object;)Ljava/lang/Object;+1
j sun.nio.cs.FastCharsetProvider.canonicalize(Ljava/lang/String;)Ljava/lang/String;+5
j sun.nio.cs.FastCharsetProvider.charsetForName(Ljava/lang/String;)Ljava/nio/charset/Charset;+7
j java.nio.charset.Charset.lookup2(Ljava/lang/String;)Ljava/nio/charset/Charset;+39
j java.nio.charset.Charset.lookup(Ljava/lang/String;)Ljava/nio/charset/Charset;+40
j java.nio.charset.Charset.isSupported(Ljava/lang/String;)Z+1
j java.lang.StringCoding.lookupCharset(Ljava/lang/String;)Ljava/nio/charset/Charset;+1
j java.lang.StringCoding.decode(Ljava/lang/String;[BII)[C+59
j java.lang.String.<init>([BIILjava/lang/String;)V+30
j sun.font.TrueTypeFont.makeString([BSS)Ljava/lang/String;+166
j sun.font.TrueTypeFont.initNames()V+174
j sun.font.TrueTypeFont.init(I)V+319
j sun.font.TrueTypeFont.<init>(Ljava/lang/String;Ljava/lang/Object;IZ)V+46
j sun.font.FontManager.registerFontFile(Ljava/lang/String;[Ljava/lang/String;IZI)Lsun/font/PhysicalFont;+55
j sun.font.FontManager.initialiseDeferredFont(Ljava/lang/String;)Lsun/font/PhysicalFont;+80
j sun.font.CompositeFont.doDeferredInitialisation(I)V+70
j sun.font.CompositeFont.getSlotFont(I)Lsun/font/PhysicalFont;+11
j sun.font.CompositeStrike.getStrikeForSlot(I)Lsun/font/PhysicalStrike;+16
j sun.font.CompositeStrike.getFontMetrics()Lsun/font/StrikeMetrics;+31
j sun.font.FontDesignMetrics.initMatrixAndMetrics()V+28
j sun.font.FontDesignMetrics.<init>(Ljava/awt/Font;Ljava/awt/font/FontRenderContext;)V+62
j sun.font.FontDesignMetrics.<init>(Ljava/awt/Font;)V+5
j sun.awt.SunToolkit.getFontMetrics(Ljava/awt/Font;)Ljava/awt/FontMetrics;+44
j sun.awt.windows.WToolkit.getFontMetrics(Ljava/awt/Font;)Ljava/awt/FontMetrics;+13
v ~StubRoutines::call_stub
V [jvm.dll+0x8295c]
V [jvm.dll+0xd752e]
V [jvm.dll+0x8282d]
V [jvm.dll+0x87508]
--------------- P R O C E S S ---------------
Java Threads: ( => current thread )
0x102f1778 JavaThread "AWT-EventQueue-2" [_thread_blocked, id=2016]
0x0788ba38 JavaThread "Image Fetcher 0" daemon [_thread_blocked, id=3616]
0x1026a708 JavaThread "Keep-Alive-Timer" daemon [_thread_blocked, id=3708]
0x077f6d68 JavaThread "thread applet-log.class" [_thread_blocked, id=1128]
0x078c8e68 JavaThread "thread applet-SampleDemo.class" [_thread_in_native, id=408]
0x078c83f8 JavaThread "thread applet-Interval.class" [_thread_blocked, id=2816]
0x02a9bd08 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=1828]
0x02a16c80 JavaThread "AWT-Shutdown" [_thread_blocked, id=2796]
0x0781dc20 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=1108]
=>0x02a1a1a8 JavaThread "AWT-Windows" daemon [_thread_in_Java, id=2224]
0x07835a50 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=2712]
0x07827530 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=1476]
0x02aa6980 JavaThread "CompilerThread0" daemon [_thread_blocked, id=1216]
0x029fa8f0 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=572]
0x029dd2d8 JavaThread "Finalizer" daemon [_thread_blocked, id=844]
0x029cbc50 JavaThread "Reference Handler" daemon [_thread_blocked, id=2204]
0x0003bbb0 JavaThread "main" [_thread_in_native, id=1532]
Other Threads:
0x029bad88 VMThread [id=3628]
0x02a15a88 WatcherThread [id=896]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
def new generation total 576K, used 218K [0x20a80000, 0x20b20000, 0x211e0000)
eden space 512K, 30% used [0x20a80000, 0x20aa6910, 0x20b00000)
from space 64K, 100% used [0x20b00000, 0x20b10000, 0x20b10000)
to space 64K, 0% used [0x20b10000, 0x20b10000, 0x20b20000)
tenured generation total 1408K, used 1060K [0x211e0000, 0x21340000, 0x26a80000)
the space 1408K, 75% used [0x211e0000, 0x212e91a0, 0x212e9200, 0x21340000)
compacting perm gen total 8192K, used 1306K [0x26a80000, 0x27280000, 0x2aa80000)
the space 8192K, 15% used [0x26a80000, 0x26bc6828, 0x26bc6a00, 0x27280000)
ro space 8192K, 62% used [0x2aa80000, 0x2af8a3a0, 0x2af8a400, 0x2b280000)
rw space 12288K, 46% used [0x2b280000, 0x2b8103d8, 0x2b810400, 0x2be80000)
Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x7c900000 - 0x7c9b0000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f4000 C:\WINDOWS\system32\kernel32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x77d40000 - 0x77dd0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f57000 C:\WINDOWS\system32\GDI32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f01000 C:\WINDOWS\system32\RPCRT4.dll
0x77760000 - 0x778cc000 C:\WINDOWS\system32\SHDOCVW.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x754d0000 - 0x75550000 C:\WINDOWS\system32\CRYPTUI.dll
0x76c30000 - 0x76c5e000 C:\WINDOWS\system32\WINTRUST.dll
0x76c90000 - 0x76cb8000 C:\WINDOWS\system32\IMAGEHLP.dll
0x77120000 - 0x771ac000 C:\WINDOWS\system32\OLEAUT32.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x5b860000 - 0x5b8b4000 C:\WINDOWS\system32\NETAPI32.dll
0x771b0000 - 0x77256000 C:\WINDOWS\system32\WININET.dll
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x773d0000 - 0x774d2000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7c9c0000 - 0x7d1d5000 C:\WINDOWS\system32\SHELL32.dll
0x5d090000 - 0x5d127000 C:\WINDOWS\system32\comctl32.dll
0x74720000 - 0x7476b000 C:\WINDOWS\system32\MSCTF.dll
0x75f80000 - 0x7607d000 C:\WINDOWS\system32\BROWSEUI.dll
0x20000000 - 0x20012000 C:\WINDOWS\system32\browselc.dll
0x77b40000 - 0x77b62000 C:\WINDOWS\system32\appHelp.dll
0x76fd0000 - 0x7704f000 C:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINDOWS\system32\COMRes.dll
0x77260000 - 0x772ff000 C:\WINDOWS\system32\urlmon.dll
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\UxTheme.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x77a20000 - 0x77a74000 C:\WINDOWS\System32\cscui.dll
0x76600000 - 0x7661d000 C:\WINDOWS\System32\CSCDLL.dll
0x77920000 - 0x77a13000 C:\WINDOWS\system32\SETUPAPI.dll
0x769c0000 - 0x76a73000 C:\WINDOWS\system32\USERENV.dll
0x10000000 - 0x10124000 c:\program files\google\googletoolbar1.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\MSIMG32.dll
0x5cd70000 - 0x5cd77000 C:\WINDOWS\system32\serwvdrv.dll
0x5b0a0000 - 0x5b0a7000 C:\WINDOWS\system32\umdmxfrm.dll
0x59a60000 - 0x59b01000 C:\WINDOWS\system32\DBGHELP.DLL
0x76ee0000 - 0x76f1c000 C:\WINDOWS\system32\RASAPI32.DLL
0x76e90000 - 0x76ea2000 C:\WINDOWS\system32\rasman.dll
0x76eb0000 - 0x76edf000 C:\WINDOWS\system32\TAPI32.dll
0x76e80000 - 0x76e8e000 C:\WINDOWS\system32\rtutils.dll
0x76990000 - 0x769b5000 C:\WINDOWS\system32\ntshrui.dll
0x76b20000 - 0x76b31000 C:\WINDOWS\system32\ATL.DLL
0x71b20000 - 0x71b32000 C:\WINDOWS\system32\MPR.dll
0x75f60000 - 0x75f67000 C:\WINDOWS\System32\drprov.dll
0x71c10000 - 0x71c1e000 C:\WINDOWS\System32\ntlanman.dll
0x71cd0000 - 0x71ce7000 C:\WINDOWS\System32\NETUI0.dll
0x71c90000 - 0x71cd0000 C:\WINDOWS\System32\NETUI1.dll
0x71c80000 - 0x71c87000 C:\WINDOWS\System32\NETRAP.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\System32\SAMLIB.dll
0x75f70000 - 0x75f79000 C:\WINDOWS\System32\davclnt.dll
0x77c70000 - 0x77c93000 C:\WINDOWS\system32\msv1_0.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\iphlpapi.dll
0x722b0000 - 0x722b5000 C:\WINDOWS\system32\sensapi.dll
0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\System32\mswsock.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x00f50000 - 0x00fd8000 C:\WINDOWS\system32\shdoclc.dll
0x01290000 - 0x01555000 C:\WINDOWS\system32\xpsp2res.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x75cf0000 - 0x75d81000 C:\WINDOWS\system32\mlang.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x01d60000 - 0x02026000 C:\WINDOWS\system32\msi.dll
0x75e90000 - 0x75f40000 C:\WINDOWS\system32\SXS.DLL
0x7d4a0000 - 0x7d787000 C:\WINDOWS\System32\mshtml.dll
0x746c0000 - 0x746e7000 C:\WINDOWS\System32\msls31.dll
0x605d0000 - 0x605d9000 C:\WINDOWS\system32\mslbui.dll
0x746f0000 - 0x7471a000 C:\WINDOWS\System32\msimtf.dll
0x5c2c0000 - 0x5c300000 C:\WINDOWS\ime\sptip.dll
0x74c80000 - 0x74cac000 C:\WINDOWS\system32\OLEACC.dll
0x76080000 - 0x760e5000 C:\WINDOWS\system32\MSVCP60.dll
0x02480000 - 0x02491000 C:\WINDOWS\IME\SPGRMR.DLL
0x024a0000 - 0x024fb000 C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL
0x32520000 - 0x32532000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x75c50000 - 0x75cbe000 C:\WINDOWS\System32\jscript.dll
0x767f0000 - 0x76817000 C:\WINDOWS\system32\schannel.dll
0x68100000 - 0x68124000 C:\WINDOWS\system32\dssenh.dll
0x76980000 - 0x76988000 C:\WINDOWS\system32\LINKINFO.dll
0x66e50000 - 0x66e90000 C:\WINDOWS\System32\iepeers.dll
0x73000000 - 0x73026000 C:\WINDOWS\System32\WINSPOOL.DRV
0x73300000 - 0x73367000 C:\WINDOWS\System32\vbscript.dll
0x73dd0000 - 0x73ece000 C:\WINDOWS\System32\MFC42.DLL
0x30000000 - 0x30222000 C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx
0x763b0000 - 0x763f9000 C:\WINDOWS\system32\comdlg32.dll
0x72d20000 - 0x72d29000 C:\WINDOWS\system32\wdmaud.drv
0x72d10000 - 0x72d18000 C:\WINDOWS\system32\msacm32.drv
0x77be0000 - 0x77bf5000 C:\WINDOWS\system32\MSACM32.dll
0x77bd0000 - 0x77bd7000 C:\WINDOWS\system32\midimap.dll
0x6d430000 - 0x6d43a000 C:\WINDOWS\System32\ddrawex.dll
0x73760000 - 0x737a9000 C:\WINDOWS\System32\DDRAW.dll
0x73bc0000 - 0x73bc6000 C:\WINDOWS\System32\DCIMAN32.dll
0x76200000 - 0x76271000 C:\WINDOWS\System32\mshtmled.dll
0x75970000 - 0x75a67000 C:\WINDOWS\system32\MSGINA.dll
0x76360000 - 0x76370000 C:\WINDOWS\system32\WINSTA.dll
0x74320000 - 0x7435d000 C:\WINDOWS\system32\ODBC32.dll
0x05890000 - 0x058a7000 C:\WINDOWS\system32\odbcint.dll
0x74980000 - 0x74ab0000 C:\WINDOWS\System32\msxml3.dll
0x4d4f0000 - 0x4d548000 C:\WINDOWS\system32\WINHTTP.dll
0x71d40000 - 0x71d5c000 C:\WINDOWS\System32\actxprxy.dll
0x06570000 - 0x0666d000 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll
0x63660000 - 0x6369f000 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavss.dll
0x69000000 - 0x6900e000 C:\WINDOWS\system32\Macromed\Common\SwSupport.dll
0x77690000 - 0x776b1000 C:\WINDOWS\system32\NTMARTA.DLL
0x76fb0000 - 0x76fb8000 C:\WINDOWS\System32\winrnr.dll
0x037a0000 - 0x037e6000 C:\PROGRA~1\MSNMES~1\msgsc.dll
0x75e60000 - 0x75e73000 C:\WINDOWS\system32\cryptnet.dll
0x74d90000 - 0x74dfb000 C:\WINDOWS\system32\USP10.dll
0x72b20000 - 0x72b38000 C:\WINDOWS\system32\plugin.ocx
0x66880000 - 0x6688c000 C:\WINDOWS\system32\ImgUtil.dll
0x6cc60000 - 0x6cc6b000 C:\WINDOWS\System32\dispex.dll
0x76820000 - 0x76834000 C:\WINDOWS\system32\hlink.dll
0x5e310000 - 0x5e31c000 C:\WINDOWS\System32\pngfilt.dll
0x01250000 - 0x01260000 C:\WINDOWS\System32\mshtmler.dll
0x6d590000 - 0x6d5a1000 C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
0x5edd0000 - 0x5ede7000 C:\WINDOWS\system32\OLEPRO32.DLL
0x6d400000 - 0x6d417000 C:\Program Files\Java\jre1.5.0_05\bin\jpiexp32.dll
0x6d450000 - 0x6d468000 C:\Program Files\Java\jre1.5.0_05\bin\jpishare.dll
0x6d640000 - 0x6d7cc000 C:\PROGRA~1\Java\JRE15~1.0_0\bin\client\jvm.dll
VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_05 -Djavaplugin.nodotversion=150_05 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE15~1.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_05 -Djavaplugin.nodotversion=150_05 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol vfprintf
java_command: <unknown>
Environment Variables:
CLASSPATH=C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip
PATH=C:\PROGRA~1\Java\JRE15~1.0_0\bin;C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\VDMSound;C:\Program Files\QuickTime\QTSystem\;.
USERNAME=Vegas
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
--------------- S Y S T E M ---------------
OS: Windows XP Build 2600 Service Pack 2
CPU:total 1 family 15, cmov, cx8, fxsr, mmx, sse, sse2, ht
Memory: 4k page, physical 785412k(214520k free), swap 1918896k(1429752k free)
vm_info: Java HotSpot(TM) Client VM (1.5.0_05-b05) for windows-x86, built on Aug 26 2005 15:36:02 by "java_re" with MS VC++ 6.0