[kahdah]

Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
==============================
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run.
• Once the scan is complete, click on View scan report
• Now, click on the Save Report as button.
• Save the file to your desktop.
• Copy and paste that information in your next post.

[Advertisements]

sry for delay

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23, on 7/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...TP&M=GT5224
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0b\cstray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel® Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 12944 bytes

[Zelly29]

sry for delay

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23, on 7/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...TP&M=GT5224
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0b\cstray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel® Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 12944 bytes

[kahdah]

Hi please see my previous post.
Go ahead with Kaspesky and ATF cleaner and post the Kaspersky log please.

[Zelly29]

I got this from the Atf scan

#
# An unexpected error has been detected by Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x67a6878a, pid=5544, tid=3132
#
# Java VM: Java HotSpot™ Client VM (10.0-b19 mixed mode windows-x86)
# Problematic frame:
# C [Opera.dll+0x21878a]
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/...eport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x0eac7400): JavaThread "Thread-68" [_thread_in_native, id=3132, stack(0x0feb0000,0x0ffb0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x10d56000

Registers:
EAX=0x10d3a554, EBX=0x10c11890, ECX=0x3fff9155, EDX=0x00000000
ESP=0x0ff94a34, EBP=0x0ff94a3c, ESI=0x10d56000, EDI=0x10c2d364
EIP=0x67a6878a, EFLAGS=0x00090202

Top of Stack: (sp=0x0ff94a34)
0x0ff94a34: 009ad8e8 00000028 0ff94a68 6787dcf6
0x0ff94a44: 10c118bc 10d3a558 fffffffc 10c11890
0x0ff94a54: 10d3a530 00000028 0000000a 00000013
0x0ff94a64: 10c11890 0ff94ab8 678c370c 0000000a
0x0ff94a74: 10d54718 10d54718 009ad8e0 679dad49
0x0ff94a84: 10d54718 0eac74f4 013573c8 67c0ad45
0x0ff94a94: 000000c6 02273f50 013573c8 00000000
0x0ff94aa4: 0eac7400 00000000 05ce6d38 02273f50

Instructions: (pc=0x67a6878a)
0x67a6877a: 00 00 00 75 15 c1 e9 02 83 e2 03 83 f9 08 72 2a
0x67a6878a: f3 a5 ff 24 95 a4 88 a6 67 90 8b c7 ba 03 00 00


Stack: [0x0feb0000,0x0ffb0000], sp=0x0ff94a34, free space=914k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [Opera.dll+0x21878a]
C [Opera.dll+0x2dcf6]
C [Opera.dll+0x7370c]
J com.opera.JSObject.startEval(Lcom/opera/JSResultObject;Ljava/lang/String;Z)Z
J com.opera.JSObject.eval(Ljava/lang/String;)Ljava/lang/Object;
J sun.reflect.GeneratedMethodAccessor5.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J com.kaspersky.kosp.common.Util.invokeJSFunction(Ljava/lang/String;Ljava/lang/Object;)V
J com.kaspersky.kosp.update.Update.cb_percent(IJJ)V
v ~BufferBlob::StubRoutines (1)

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J com.opera.JSObject.startEval(Lcom/opera/JSResultObject;Ljava/lang/String;Z)Z
J com.opera.JSObject.eval(Ljava/lang/String;)Ljava/lang/Object;
J sun.reflect.GeneratedMethodAccessor5.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J com.kaspersky.kosp.common.Util.invokeJSFunction(Ljava/lang/String;Ljava/lang/Object;)V
J com.kaspersky.kosp.update.Update.cb_percent(IJJ)V
v ~BufferBlob::StubRoutines (1)
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
=>0x0eac7400 JavaThread "Thread-68" [_thread_in_native, id=3132, stack(0x0feb0000,0x0ffb0000)]
0x0eb92400 JavaThread "TimerQueue" daemon [_thread_blocked, id=5484, stack(0x0f970000,0x0fa70000)]
0x0ea38c00 JavaThread "AWT-EventQueue-1" [_thread_blocked, id=1124, stack(0x0eef0000,0x0eff0000)]
0x0ea37c00 JavaThread "Thread-4" [_thread_blocked, id=4760, stack(0x0edf0000,0x0eef0000)]
0x0ea1dc00 JavaThread "Thread-2" [_thread_blocked, id=5652, stack(0x0ebf0000,0x0ecf0000)]
0x0ddc7800 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=3996, stack(0x0e8e0000,0x0e9e0000)]
0x0ddc5400 JavaThread "AWT-Windows" daemon [_thread_in_native, id=5808, stack(0x0e7e0000,0x0e8e0000)]
0x0ddc4c00 JavaThread "AWT-Shutdown" [_thread_blocked, id=1312, stack(0x0e6e0000,0x0e7e0000)]
0x0ddc1400 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=5740, stack(0x0e5e0000,0x0e6e0000)]
0x0dd60800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=672, stack(0x0e3d0000,0x0e4d0000)]
0x0dd5b000 JavaThread "CompilerThread0" daemon [_thread_blocked, id=5624, stack(0x0e2d0000,0x0e3d0000)]
0x0dd59c00 JavaThread "Attach Listener" daemon [_thread_blocked, id=5744, stack(0x0e1d0000,0x0e2d0000)]
0x0dd59000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=1332, stack(0x0e0d0000,0x0e1d0000)]
0x0dd4b400 JavaThread "Finalizer" daemon [_thread_blocked, id=5836, stack(0x0dfd0000,0x0e0d0000)]
0x0dd47000 JavaThread "Reference Handler" daemon [_thread_blocked, id=5800, stack(0x0ded0000,0x0dfd0000)]
0x03b65c00 JavaThread "main" [_thread_in_native, id=5708, stack(0x00030000,0x00130000)]

Other Threads:
0x0dd42400 VMThread [stack: 0x0ddd0000,0x0ded0000] [id=5816]
0x0dd6a800 WatcherThread [stack: 0x0e4d0000,0x0e5d0000] [id=5732]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 960K, used 778K [0x05c30000, 0x05d30000, 0x06110000)
eden space 896K, 83% used [0x05c30000, 0x05cea600, 0x05d10000)
from space 64K, 51% used [0x05d20000, 0x05d28408, 0x05d30000)
to space 64K, 0% used [0x05d10000, 0x05d10000, 0x05d20000)
tenured generation total 4224K, used 3826K [0x06110000, 0x06530000, 0x09c30000)
the space 4224K, 90% used [0x06110000, 0x064cc8f0, 0x064cca00, 0x06530000)
compacting perm gen total 12288K, used 9634K [0x09c30000, 0x0a830000, 0x0dc30000)
the space 12288K, 78% used [0x09c30000, 0x0a598ac8, 0x0a598c00, 0x0a830000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x0041b000 C:\Program Files\Opera\opera.exe
0x7c900000 - 0x7c9b0000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f5000 C:\WINDOWS\system32\kernel32.dll
0x7e410000 - 0x7e4a0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f57000 C:\WINDOWS\system32\GDI32.dll
0x48000000 - 0x48027000 C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f02000 C:\WINDOWS\system32\RPCRT4.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x62000000 - 0x62081000 C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopResources_en.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\system32\mswsock.dll
0x67850000 - 0x68038000 C:\Program Files\Opera\Opera.dll
0x763b0000 - 0x763f9000 C:\WINDOWS\system32\comdlg32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x773d0000 - 0x774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll
0x7c9c0000 - 0x7d1d7000 C:\WINDOWS\system32\SHELL32.dll
0x76390000 - 0x763ad000 C:\WINDOWS\system32\IMM32.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x77120000 - 0x771ab000 C:\WINDOWS\system32\OLEAUT32.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\uxtheme.dll
0x10000000 - 0x10026000 C:\PROGRA~1\McAfee\SPAMKI~1\mskoeplg.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\Msimg32.dll
0x77920000 - 0x77a13000 C:\WINDOWS\system32\SETUPAPI.dll
0x74d90000 - 0x74dfb000 C:\WINDOWS\system32\usp10.dll
0x01a60000 - 0x01a79000 c:\progra~1\mcafee.com\vso\McVSSkt.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x58d40000 - 0x58d47000 C:\WINDOWS\System32\wship6.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x16080000 - 0x160a5000 C:\Program Files\Bonjour\mdnsNSP.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\Iphlpapi.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x6d7c0000 - 0x6da10000 C:\Program Files\Java\jre1.6.0_05\bin\client\jvm.dll
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x6d270000 - 0x6d278000 C:\Program Files\Java\jre1.6.0_05\bin\hpi.dll
0x76bf0000 - 0x76bfb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d770000 - 0x6d77c000 C:\Program Files\Java\jre1.6.0_05\bin\verify.dll
0x6d310000 - 0x6d32f000 C:\Program Files\Java\jre1.6.0_05\bin\java.dll
0x6d7b0000 - 0x6d7bf000 C:\Program Files\Java\jre1.6.0_05\bin\zip.dll
0x6d000000 - 0x6d12e000 C:\Program Files\Java\jre1.6.0_05\bin\awt.dll
0x73000000 - 0x73026000 C:\WINDOWS\system32\WINSPOOL.DRV
0x73760000 - 0x737a9000 C:\WINDOWS\system32\ddraw.dll
0x73bc0000 - 0x73bc6000 C:\WINDOWS\system32\DCIMAN32.dll
0x6d210000 - 0x6d263000 C:\Program Files\Java\jre1.6.0_05\bin\fontmanager.dll
0x74e30000 - 0x74e9c000 C:\WINDOWS\system32\RICHED20.DLL
0x6d570000 - 0x6d583000 C:\Program Files\Java\jre1.6.0_05\bin\net.dll
0x6d590000 - 0x6d599000 C:\Program Files\Java\jre1.6.0_05\bin\nio.dll
0x0ecf0000 - 0x0eda4000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kosglue-7.0.25.0.dll
0x7c420000 - 0x7c4a7000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll
0x78130000 - 0x781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x771b0000 - 0x7725a000 C:\WINDOWS\system32\WININET.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x0f000000 - 0x0f047000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kave.dll
0x0ede0000 - 0x0eded000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\FSSync.dll
0x77690000 - 0x776b1000 C:\WINDOWS\system32\NTMARTA.DLL
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\system32\SAMLIB.dll
0x76fb0000 - 0x76fb8000 C:\WINDOWS\System32\winrnr.dll
0x12870000 - 0x12876000 C:\WINDOWS\HKNTDLL.dll
0x12d30000 - 0x12d58000 C:\WINDOWS\system32\rsaenh.dll

VM Arguments:
jvm_args: abort exit -Xbootclasspath/p:C:\Program Files\Opera\Classes\Opera.jar;C:\Program Files\Opera\Program\Plugins;C:\Program Files\Mozilla Firefox\plugins;C:\Program Files\Opera\Program\Plugins\npds.zip;C:\Program Files\Java\jre1.6.0_05\lib\jaws.jar;C:\Program Files\Java\jre1.6.0_05\lib\plugin.jar -Djava.security.policy=C:\Program Files\Opera\Classes\Opera.policy -Dbrowser.opera.classpath=C:\Program Files\Opera\Classes\Opera.jar
java_command: <unknown>
Launcher Type: generic

Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
USERNAME=Owner
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 15 model 6 stepping 4, cmov, cx8, fxsr, mmx, sse, sse2, sse3

Memory: 4k page, physical 1038120k(305540k free), swap 2497068k(1890108k free)

vm_info: Java HotSpot™ Client VM (10.0-b19) for windows-x86 JRE (1.6.0_05-b13), built on Feb 22 2008 01:16:53 by "java_re" with MS VC++ 7.1

time: Fri Jul 04 23:11:12 2008
elapsed time: 226 seconds

[Zelly29]

here u go and happy 4th of july just a quick question what cause this to happen on computers

#
# An unexpected error has been detected by Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x67a6878a, pid=5544, tid=3132
#
# Java VM: Java HotSpot™ Client VM (10.0-b19 mixed mode windows-x86)
# Problematic frame:
# C [Opera.dll+0x21878a]
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/...eport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x0eac7400): JavaThread "Thread-68" [_thread_in_native, id=3132, stack(0x0feb0000,0x0ffb0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x10d56000

Registers:
EAX=0x10d3a554, EBX=0x10c11890, ECX=0x3fff9155, EDX=0x00000000
ESP=0x0ff94a34, EBP=0x0ff94a3c, ESI=0x10d56000, EDI=0x10c2d364
EIP=0x67a6878a, EFLAGS=0x00090202

Top of Stack: (sp=0x0ff94a34)
0x0ff94a34: 009ad8e8 00000028 0ff94a68 6787dcf6
0x0ff94a44: 10c118bc 10d3a558 fffffffc 10c11890
0x0ff94a54: 10d3a530 00000028 0000000a 00000013
0x0ff94a64: 10c11890 0ff94ab8 678c370c 0000000a
0x0ff94a74: 10d54718 10d54718 009ad8e0 679dad49
0x0ff94a84: 10d54718 0eac74f4 013573c8 67c0ad45
0x0ff94a94: 000000c6 02273f50 013573c8 00000000
0x0ff94aa4: 0eac7400 00000000 05ce6d38 02273f50

Instructions: (pc=0x67a6878a)
0x67a6877a: 00 00 00 75 15 c1 e9 02 83 e2 03 83 f9 08 72 2a
0x67a6878a: f3 a5 ff 24 95 a4 88 a6 67 90 8b c7 ba 03 00 00


Stack: [0x0feb0000,0x0ffb0000], sp=0x0ff94a34, free space=914k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [Opera.dll+0x21878a]
C [Opera.dll+0x2dcf6]
C [Opera.dll+0x7370c]
J com.opera.JSObject.startEval(Lcom/opera/JSResultObject;Ljava/lang/String;Z)Z
J com.opera.JSObject.eval(Ljava/lang/String;)Ljava/lang/Object;
J sun.reflect.GeneratedMethodAccessor5.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J com.kaspersky.kosp.common.Util.invokeJSFunction(Ljava/lang/String;Ljava/lang/Object;)V
J com.kaspersky.kosp.update.Update.cb_percent(IJJ)V
v ~BufferBlob::StubRoutines (1)

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J com.opera.JSObject.startEval(Lcom/opera/JSResultObject;Ljava/lang/String;Z)Z
J com.opera.JSObject.eval(Ljava/lang/String;)Ljava/lang/Object;
J sun.reflect.GeneratedMethodAccessor5.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J sun.reflect.DelegatingMethodAccessorImpl.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;
J com.kaspersky.kosp.common.Util.invokeJSFunction(Ljava/lang/String;Ljava/lang/Object;)V
J com.kaspersky.kosp.update.Update.cb_percent(IJJ)V
v ~BufferBlob::StubRoutines (1)
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)
v ~BufferBlob::Interpreter
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
=>0x0eac7400 JavaThread "Thread-68" [_thread_in_native, id=3132, stack(0x0feb0000,0x0ffb0000)]
0x0eb92400 JavaThread "TimerQueue" daemon [_thread_blocked, id=5484, stack(0x0f970000,0x0fa70000)]
0x0ea38c00 JavaThread "AWT-EventQueue-1" [_thread_blocked, id=1124, stack(0x0eef0000,0x0eff0000)]
0x0ea37c00 JavaThread "Thread-4" [_thread_blocked, id=4760, stack(0x0edf0000,0x0eef0000)]
0x0ea1dc00 JavaThread "Thread-2" [_thread_blocked, id=5652, stack(0x0ebf0000,0x0ecf0000)]
0x0ddc7800 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=3996, stack(0x0e8e0000,0x0e9e0000)]
0x0ddc5400 JavaThread "AWT-Windows" daemon [_thread_in_native, id=5808, stack(0x0e7e0000,0x0e8e0000)]
0x0ddc4c00 JavaThread "AWT-Shutdown" [_thread_blocked, id=1312, stack(0x0e6e0000,0x0e7e0000)]
0x0ddc1400 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=5740, stack(0x0e5e0000,0x0e6e0000)]
0x0dd60800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=672, stack(0x0e3d0000,0x0e4d0000)]
0x0dd5b000 JavaThread "CompilerThread0" daemon [_thread_blocked, id=5624, stack(0x0e2d0000,0x0e3d0000)]
0x0dd59c00 JavaThread "Attach Listener" daemon [_thread_blocked, id=5744, stack(0x0e1d0000,0x0e2d0000)]
0x0dd59000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=1332, stack(0x0e0d0000,0x0e1d0000)]
0x0dd4b400 JavaThread "Finalizer" daemon [_thread_blocked, id=5836, stack(0x0dfd0000,0x0e0d0000)]
0x0dd47000 JavaThread "Reference Handler" daemon [_thread_blocked, id=5800, stack(0x0ded0000,0x0dfd0000)]
0x03b65c00 JavaThread "main" [_thread_in_native, id=5708, stack(0x00030000,0x00130000)]

Other Threads:
0x0dd42400 VMThread [stack: 0x0ddd0000,0x0ded0000] [id=5816]
0x0dd6a800 WatcherThread [stack: 0x0e4d0000,0x0e5d0000] [id=5732]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 960K, used 778K [0x05c30000, 0x05d30000, 0x06110000)
eden space 896K, 83% used [0x05c30000, 0x05cea600, 0x05d10000)
from space 64K, 51% used [0x05d20000, 0x05d28408, 0x05d30000)
to space 64K, 0% used [0x05d10000, 0x05d10000, 0x05d20000)
tenured generation total 4224K, used 3826K [0x06110000, 0x06530000, 0x09c30000)
the space 4224K, 90% used [0x06110000, 0x064cc8f0, 0x064cca00, 0x06530000)
compacting perm gen total 12288K, used 9634K [0x09c30000, 0x0a830000, 0x0dc30000)
the space 12288K, 78% used [0x09c30000, 0x0a598ac8, 0x0a598c00, 0x0a830000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x0041b000 C:\Program Files\Opera\opera.exe
0x7c900000 - 0x7c9b0000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f5000 C:\WINDOWS\system32\kernel32.dll
0x7e410000 - 0x7e4a0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f57000 C:\WINDOWS\system32\GDI32.dll
0x48000000 - 0x48027000 C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f02000 C:\WINDOWS\system32\RPCRT4.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x62000000 - 0x62081000 C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopResources_en.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\system32\mswsock.dll
0x67850000 - 0x68038000 C:\Program Files\Opera\Opera.dll
0x763b0000 - 0x763f9000 C:\WINDOWS\system32\comdlg32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x773d0000 - 0x774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll
0x7c9c0000 - 0x7d1d7000 C:\WINDOWS\system32\SHELL32.dll
0x76390000 - 0x763ad000 C:\WINDOWS\system32\IMM32.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x77120000 - 0x771ab000 C:\WINDOWS\system32\OLEAUT32.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\uxtheme.dll
0x10000000 - 0x10026000 C:\PROGRA~1\McAfee\SPAMKI~1\mskoeplg.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\Msimg32.dll
0x77920000 - 0x77a13000 C:\WINDOWS\system32\SETUPAPI.dll
0x74d90000 - 0x74dfb000 C:\WINDOWS\system32\usp10.dll
0x01a60000 - 0x01a79000 c:\progra~1\mcafee.com\vso\McVSSkt.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x58d40000 - 0x58d47000 C:\WINDOWS\System32\wship6.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x16080000 - 0x160a5000 C:\Program Files\Bonjour\mdnsNSP.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\Iphlpapi.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x6d7c0000 - 0x6da10000 C:\Program Files\Java\jre1.6.0_05\bin\client\jvm.dll
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x6d270000 - 0x6d278000 C:\Program Files\Java\jre1.6.0_05\bin\hpi.dll
0x76bf0000 - 0x76bfb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d770000 - 0x6d77c000 C:\Program Files\Java\jre1.6.0_05\bin\verify.dll
0x6d310000 - 0x6d32f000 C:\Program Files\Java\jre1.6.0_05\bin\java.dll
0x6d7b0000 - 0x6d7bf000 C:\Program Files\Java\jre1.6.0_05\bin\zip.dll
0x6d000000 - 0x6d12e000 C:\Program Files\Java\jre1.6.0_05\bin\awt.dll
0x73000000 - 0x73026000 C:\WINDOWS\system32\WINSPOOL.DRV
0x73760000 - 0x737a9000 C:\WINDOWS\system32\ddraw.dll
0x73bc0000 - 0x73bc6000 C:\WINDOWS\system32\DCIMAN32.dll
0x6d210000 - 0x6d263000 C:\Program Files\Java\jre1.6.0_05\bin\fontmanager.dll
0x74e30000 - 0x74e9c000 C:\WINDOWS\system32\RICHED20.DLL
0x6d570000 - 0x6d583000 C:\Program Files\Java\jre1.6.0_05\bin\net.dll
0x6d590000 - 0x6d599000 C:\Program Files\Java\jre1.6.0_05\bin\nio.dll
0x0ecf0000 - 0x0eda4000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kosglue-7.0.25.0.dll
0x7c420000 - 0x7c4a7000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll
0x78130000 - 0x781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x771b0000 - 0x7725a000 C:\WINDOWS\system32\WININET.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x0f000000 - 0x0f047000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kave.dll
0x0ede0000 - 0x0eded000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\FSSync.dll
0x77690000 - 0x776b1000 C:\WINDOWS\system32\NTMARTA.DLL
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\system32\SAMLIB.dll
0x76fb0000 - 0x76fb8000 C:\WINDOWS\System32\winrnr.dll
0x12870000 - 0x12876000 C:\WINDOWS\HKNTDLL.dll
0x12d30000 - 0x12d58000 C:\WINDOWS\system32\rsaenh.dll

VM Arguments:
jvm_args: abort exit -Xbootclasspath/p:C:\Program Files\Opera\Classes\Opera.jar;C:\Program Files\Opera\Program\Plugins;C:\Program Files\Mozilla Firefox\plugins;C:\Program Files\Opera\Program\Plugins\npds.zip;C:\Program Files\Java\jre1.6.0_05\lib\jaws.jar;C:\Program Files\Java\jre1.6.0_05\lib\plugin.jar -Djava.security.policy=C:\Program Files\Opera\Classes\Opera.policy -Dbrowser.opera.classpath=C:\Program Files\Opera\Classes\Opera.jar
java_command: <unknown>
Launcher Type: generic

Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
USERNAME=Owner
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 15 model 6 stepping 4, cmov, cx8, fxsr, mmx, sse, sse2, sse3

Memory: 4k page, physical 1038120k(305540k free), swap 2497068k(1890108k free)

vm_info: Java HotSpot™ Client VM (10.0-b19) for windows-x86 JRE (1.6.0_05-b13), built on Feb 22 2008 01:16:53 by "java_re" with MS VC++ 7.1

time: Fri Jul 04 23:11:12 2008
elapsed time: 226 seconds

[kahdah]

Happy 4th to you too
ATF doesn't produce a log where did that log come from?

[Zelly29]

i dont know it went to my desktop and then i pasted it assuming tht was it nut i guess not but whenever i did the kasperky online scan my browser would not finsih it im gonna try it again on firefox i currently use opera. the log was produced randomly tho i have no idea

[kahdah]

Check to see if it saved it to your MyDocuments folder.
If not then yes do it through Firefox.
The new Kaspersky is compatible with Firefox.

[Zelly29]

ok i still got this thing but i will try fire fox

#
# An unexpected error has been detected by Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x67a6878a, pid=3540, tid=4904
#
# Java VM: Java HotSpot™ Client VM (10.0-b19 mixed mode windows-x86)
# Problematic frame:
# C [Opera.dll+0x21878a]
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/...eport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x08b6b400): JavaThread "Finalizer" daemon [_thread_in_native, id=4904, stack(0x08df0000,0x08ef0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x04c8a000

Registers:
EAX=0x04c89ffc, EBX=0x04dc6198, ECX=0x3fffffff, EDX=0x00000000
ESP=0x08eef614, EBP=0x08eef61c, ESI=0x04c8a000, EDI=0x04dc61c4
EIP=0x67a6878a, EFLAGS=0x00010202

Top of Stack: (sp=0x08eef614)
0x08eef614: 009adab8 00000028 08eef648 6787dcf6
0x08eef624: 04dc61c4 04c8a000 fffffffc 04dc6198
0x08eef634: 04c89fd8 00000028 0000000a 08eef6b0
0x08eef644: 04dc6198 08eef6a8 678c370c 0000000a
0x08eef654: 025e2530 025e2530 009adab0 679dad49
0x08eef664: 025e2530 08b6b400 06af0844 67bde9d7
0x08eef674: 000000c7 00000000 028ec188 00000000
0x08eef684: 06af00a9 08b6b4f4 08eef694 08eef698

Instructions: (pc=0x67a6878a)
0x67a6877a: 00 00 00 75 15 c1 e9 02 83 e2 03 83 f9 08 72 2a
0x67a6878a: f3 a5 ff 24 95 a4 88 a6 67 90 8b c7 ba 03 00 00


Stack: [0x08df0000,0x08ef0000], sp=0x08eef614, free space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [Opera.dll+0x21878a]
C [Opera.dll+0x2dcf6]
C [Opera.dll+0x7370c]
J com.opera.EcmaScriptObject.unref()V
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J com.opera.EcmaScriptObject.unProtect(Lcom/opera/CPointer;)V
J com.opera.EcmaScriptObject.unref()V
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)
J java.lang.ref.Finalizer.invokeFinalizeMethod(Ljava/lang/Object;)V
J java.lang.ref.Finalizer.runFinalizer()V
J java.lang.ref.Finalizer.access$100(Ljava/lang/ref/Finalizer;)V
v ~BufferBlob::Interpreter
v ~BufferBlob::StubRoutines (1)

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x094e0800 JavaThread "Thread-1124" [_thread_in_vm, id=5680, stack(0x0c3c0000,0x0c4c0000)]
0x0952d400 JavaThread "AWT-EventQueue-4" [_thread_blocked, id=4892, stack(0x0c2c0000,0x0c3c0000)]
0x094c7400 JavaThread "Thread-188" [_thread_in_native, id=4888, stack(0x0c1c0000,0x0c2c0000)]
0x09591800 JavaThread "TimerQueue" daemon [_thread_blocked, id=288, stack(0x0a700000,0x0a800000)]
0x09d74c00 JavaThread "AWT-EventQueue-3" [_thread_blocked, id=2112, stack(0x0a370000,0x0a470000)]
0x09d74800 JavaThread "Thread-66" [_thread_blocked, id=1628, stack(0x0a270000,0x0a370000)]
0x095de800 JavaThread "Thread-64" [_thread_blocked, id=804, stack(0x0a170000,0x0a270000)]
0x08bed800 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=864, stack(0x09900000,0x09a00000)]
0x09406c00 JavaThread "AWT-Windows" daemon [_thread_in_native, id=3552, stack(0x09800000,0x09900000)]
0x09406400 JavaThread "AWT-Shutdown" [_thread_blocked, id=812, stack(0x09700000,0x09800000)]
0x09403000 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=5416, stack(0x09600000,0x09700000)]
0x08b80800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=1856, stack(0x091f0000,0x092f0000)]
0x08b7b000 JavaThread "CompilerThread0" daemon [_thread_blocked, id=3436, stack(0x090f0000,0x091f0000)]
0x08b79c00 JavaThread "Attach Listener" daemon [_thread_blocked, id=3040, stack(0x08ff0000,0x090f0000)]
0x08b79000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3484, stack(0x08ef0000,0x08ff0000)]
=>0x08b6b400 JavaThread "Finalizer" daemon [_thread_in_native, id=4904, stack(0x08df0000,0x08ef0000)]
0x08b67000 JavaThread "Reference Handler" daemon [_thread_blocked, id=4116, stack(0x08cf0000,0x08df0000)]
0x06805c00 JavaThread "main" [_thread_in_native, id=3528, stack(0x00030000,0x00130000)]

Other Threads:
0x08b62400 VMThread [stack: 0x08bf0000,0x08cf0000] [id=2592]
0x08b8a800 WatcherThread [stack: 0x092f0000,0x093f0000] [id=3828]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 960K, used 209K [0x1c010000, 0x1c110000, 0x1c4f0000)
eden space 896K, 16% used [0x1c010000, 0x1c034868, 0x1c0f0000)
from space 64K, 98% used [0x1c100000, 0x1c10fc40, 0x1c110000)
to space 64K, 0% used [0x1c0f0000, 0x1c0f0000, 0x1c100000)
tenured generation total 4096K, used 2575K [0x1c4f0000, 0x1c8f0000, 0x20010000)
the space 4096K, 62% used [0x1c4f0000, 0x1c773eb0, 0x1c774000, 0x1c8f0000)
compacting perm gen total 12288K, used 9572K [0x20010000, 0x20c10000, 0x24010000)
the space 12288K, 77% used [0x20010000, 0x20969110, 0x20969200, 0x20c10000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x0041b000 C:\Program Files\Opera\Opera.exe
0x7c900000 - 0x7c9b0000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f5000 C:\WINDOWS\system32\kernel32.dll
0x7e410000 - 0x7e4a0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f57000 C:\WINDOWS\system32\GDI32.dll
0x48000000 - 0x48027000 C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f02000 C:\WINDOWS\system32\RPCRT4.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x62000000 - 0x62081000 C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopResources_en.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\system32\mswsock.dll
0x67850000 - 0x68038000 C:\Program Files\Opera\Opera.dll
0x763b0000 - 0x763f9000 C:\WINDOWS\system32\comdlg32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x773d0000 - 0x774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll
0x7c9c0000 - 0x7d1d7000 C:\WINDOWS\system32\SHELL32.dll
0x76390000 - 0x763ad000 C:\WINDOWS\system32\IMM32.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x77120000 - 0x771ab000 C:\WINDOWS\system32\OLEAUT32.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\uxtheme.dll
0x10000000 - 0x10026000 C:\PROGRA~1\McAfee\SPAMKI~1\mskoeplg.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\Msimg32.dll
0x77920000 - 0x77a13000 C:\WINDOWS\system32\SETUPAPI.dll
0x74d90000 - 0x74dfb000 C:\WINDOWS\system32\usp10.dll
0x01a60000 - 0x01a79000 c:\progra~1\mcafee.com\vso\McVSSkt.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x58d40000 - 0x58d47000 C:\WINDOWS\System32\wship6.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x16080000 - 0x160a5000 C:\Program Files\Bonjour\mdnsNSP.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\Iphlpapi.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll
0x77b40000 - 0x77b62000 C:\WINDOWS\system32\appHelp.dll
0x76fd0000 - 0x7704f000 C:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINDOWS\system32\COMRes.dll
0x77a20000 - 0x77a74000 C:\WINDOWS\System32\cscui.dll
0x76600000 - 0x7661d000 C:\WINDOWS\System32\CSCDLL.dll
0x325c0000 - 0x325d2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x1c000000 - 0x1c006000 C:\WINDOWS\HKNTDLL.dll
0x6d7c0000 - 0x6da10000 C:\Program Files\Java\jre1.6.0_05\bin\client\jvm.dll
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x6d270000 - 0x6d278000 C:\Program Files\Java\jre1.6.0_05\bin\hpi.dll
0x76bf0000 - 0x76bfb000 C:\WINDOWS\system32\PSAPI.DLL
0x6d770000 - 0x6d77c000 C:\Program Files\Java\jre1.6.0_05\bin\verify.dll
0x6d310000 - 0x6d32f000 C:\Program Files\Java\jre1.6.0_05\bin\java.dll
0x6d7b0000 - 0x6d7bf000 C:\Program Files\Java\jre1.6.0_05\bin\zip.dll
0x6d000000 - 0x6d12e000 C:\Program Files\Java\jre1.6.0_05\bin\awt.dll
0x73000000 - 0x73026000 C:\WINDOWS\system32\WINSPOOL.DRV
0x73760000 - 0x737a9000 C:\WINDOWS\system32\ddraw.dll
0x73bc0000 - 0x73bc6000 C:\WINDOWS\system32\DCIMAN32.dll
0x6d210000 - 0x6d263000 C:\Program Files\Java\jre1.6.0_05\bin\fontmanager.dll
0x74e30000 - 0x74e9c000 C:\WINDOWS\system32\RICHED20.DLL
0x6d570000 - 0x6d583000 C:\Program Files\Java\jre1.6.0_05\bin\net.dll
0x6d590000 - 0x6d599000 C:\Program Files\Java\jre1.6.0_05\bin\nio.dll
0x09a00000 - 0x09ab4000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kosglue-7.0.25.0.dll
0x7c420000 - 0x7c4a7000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll
0x78130000 - 0x781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x771b0000 - 0x7725a000 C:\WINDOWS\system32\WININET.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x0a470000 - 0x0a4b7000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\kave.dll
0x09b10000 - 0x09b1d000 C:\Documents and Settings\Owner.NICK\Local Settings\Temp\jkos-Owner\binaries\FSSync.dll
0x77690000 - 0x776b1000 C:\WINDOWS\system32\NTMARTA.DLL
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\system32\SAMLIB.dll
0x76fb0000 - 0x76fb8000 C:\WINDOWS\System32\winrnr.dll
0x74980000 - 0x74a93000 C:\WINDOWS\system32\msxml3.dll

VM Arguments:
jvm_args: abort exit -Xbootclasspath/p:C:\Program Files\Opera\Classes\Opera.jar;C:\Program Files\Opera\Program\Plugins;C:\Program Files\Mozilla Firefox\plugins;C:\Program Files\Opera\Program\Plugins\npds.zip;C:\Program Files\Java\jre1.6.0_05\lib\jaws.jar;C:\Program Files\Java\jre1.6.0_05\lib\plugin.jar -Djava.security.policy=C:\Program Files\Opera\Classes\Opera.policy -Dbrowser.opera.classpath=C:\Program Files\Opera\Classes\Opera.jar
java_command: <unknown>
Launcher Type: generic

Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
PATH=C:\Program Files\AIM6;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
USERNAME=Owner
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 15 model 6 stepping 4, cmov, cx8, fxsr, mmx, sse, sse2, sse3

Memory: 4k page, physical 1038120k(198640k free), swap 2497068k(1788404k free)

vm_info: Java HotSpot™ Client VM (10.0-b19) for windows-x86 JRE (1.6.0_05-b13), built on Feb 22 2008 01:16:53 by "java_re" with MS VC++ 7.1

time: Sat Jul 05 20:14:06 2008
elapsed time: 159 seconds

[Zelly29]

firefox did not work doing it in ie see if it works

[Zelly29]

here it is

Saturday, July 5, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, July 05, 2008 19:24:44
Records in database: 916362

Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
G:\
H:\
I:\
J:\

Scan statistics
Files scanned 77308
Threat name 7
Infected objects 13
Suspicious objects 0
Duration of the scan 01:29:58

File name Threat name Threats count
C:\Deckard\System Scanner\backup\DOCUME~1\OWNER~1.NIC\LOCALS~1\Temp\lprn32.exe Infected: Trojan-Downloader.Win32.Delf.jpp 1

C:\Documents and Settings\Owner.NICK\Desktop\Navilog1.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Program Files\Navilog1\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\QooBox\Quarantine\C\WINDOWS\ebxq.exe.vir Infected: Trojan.Win32.Vapsup.hgn 1

C:\QooBox\Quarantine\C\WINDOWS\gfetqaxsxqs.dll.vir Infected: Trojan.Win32.Vapsup.hgm 1

C:\QooBox\Quarantine\C\WINDOWS\gxvpsafm.dll.vir Infected: Trojan.Win32.Vapsup.hgn 1

C:\QooBox\Quarantine\C\WINDOWS\pntqkflv.dll.vir Infected: Trojan.Win32.Vapsup.hfh 1

C:\QooBox\Quarantine\C\WINDOWS\qegbdmwf.dll.vir Infected: Trojan.Win32.Vapsup.hfx 1

C:\QooBox\Quarantine\C\WINDOWS\system32\efcBrPhg.dll.vir Infected: Trojan.Win32.Monderb.gen 1

C:\QooBox\Quarantine\C\WINDOWS\system32\hgGvVNdC.dll.vir Infected: Trojan.Win32.Monderb.gen 1

C:\QooBox\Quarantine\C\WINDOWS\system32\jkkKcAPh.dll.vir Infected: Trojan.Win32.Monderb.gen 1

C:\QooBox\Quarantine\C\WINDOWS\system32\ssqPjkIc.dll_old.vir Infected: Trojan.Win32.Monderb.gen 1

C:\QooBox\Quarantine\C\WINDOWS\tovafrnm.exe.vir Infected: Trojan.Win32.Vapsup.hgn 1

The selected area was scanned.

[kahdah]

* Double-click on the Navilog1 shortcut icon from your Desktop to run it.
* Press E for English from the language Menu.
* Type 4 in the next Menu to select Manually cleaning Typing Adware Name and press Enter.
* The fix will require you to type the file name.
* Please type the following, exactly as it appears below in bold and then press Enter

ycevulehgz

* The fix will require you to type the file name again, please do so, and press Enter
* The tool will then advise you that it will restart your computer.
* Close all open windows and save personnal documents, if open, too.
* If your computer doesn't restart automatically, restart it manually.
* Choose your usual session.
* Wait for the *** Clean finished the ... *** message (It may take a reasonable amount of time)
* A new document will be produced.
* Please copy/paste the contents of this report in your next reply.
* Your desktop will now appear.

Note : In the event you lose your desktop, press CTRL+ALT+Delete and run Explorer.exe as a new task.

The report is also saved in the root directory, %SystemDrive%\cleannavi.txt.. (usually C:\cleannavi.txt).
========================
Please post that log and let me know how things are running?

[Zelly29]

This on my computer have been working fine. one time when i booted it up it was a little slow but i have not encountered any problems though. Still though the time is in miltary time but other than that its working good.

Heres what you asked for

Navipromo Removal version 3.6.0 started on Sun 07/06/2008 at 19:37:53.20

Fix running from C:\Program Files\navilog1
Actual User Account : "Owner"

Updated on 27.06.2008 at 23h00 by IL-MAFIOSO


Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Filesystem type : NTFS


Manual Removal

Typed filename : ycevulehgz

Cleanning stage done on Reboot

*** Searching, making backups and deleting files ***

* Deletion in "C:\WINDOWS\system32" *

* Deletion in "C:\Documents and Settings\Owner.NICK\locals~1\applic~1" *

* Deletion in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Deletion in "C:\DOCUME~1\Guest\locals~1\applic~1" *

* Deletion in "C:\DOCUME~1\IUSR_N~1\locals~1\applic~1" *


*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Program Files" ***


*** Deleting folders in "c:\docume~1\alluse~1\applic~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\startm~1\programs" ***


*** Deleting folders in "C:\Documents and Settings\Owner.NICK\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Guest\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\IUSR_N~1\applic~1" ***


*** Deleting folders in "C:\Documents and Settings\Owner.NICK\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Guest\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\IUSR_N~1\locals~1\applic~1" ***


*** Deleting folders in "C:\Documents and Settings\Owner.NICK\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\Guest\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\IUSR_N~1\startm~1\programs" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\Owner.NICK\locals~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *


* In "C:\Documents and Settings\Owner.NICK\locals~1\applic~1" *


* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


* In "C:\DOCUME~1\Guest\locals~1\applic~1" *


* In "C:\DOCUME~1\IUSR_N~1\locals~1\applic~1" *


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Cleaning stage complete on Sun 07/06/2008 at 19:40:50.18 ***

[kahdah]

Ok great go ahead and uninstall Navilog1 from your Add\remove programs.

For the clock issue do this:
Go to Start >Control Panel >Date ,Time and regional settings.
Click on Regional and language options.
Next to the section that says your regional language (mine is English) click on customise.
Click on the Time tab at the top.
The next to time format make sure that it looks like this >h:mm:ss tt if it doesn't then change it to that.
Then click apply then ok.
Then apply then ok again and you should be good to go.
======================================
Cleanup::

• Make sure you have an Internet Connection.
• Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

===============
Upgrading Java:

• Download the latest version of Java Runtime Environment (JRE) 6 Update 6.
• Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
• Click the "Download" button to the right.
• Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
• Click on Continue.
• Click on the link to download Windows Offline Installation (jre-6u6-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java version.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on the download to install the newest version.

=============================
Delete\uninstall anything else that we have used.

System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us
=====================================
After that your log is clean.

The following is a list of tools and utilities that I like to suggest to people.
You do not have to have all or any of them they are only suggestions.
This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

Spybot Search & Destroy-Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.

Spyware Blaster - Great prevention tool to keep nasties from installing on your system.

Spywareguard-Works as a Spyware "Shield" to protect your computer from getting malware in the first place.

IE-SPYAD- puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Tony Klein article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

[Zelly29]

Kadah i want to say thank you very much for helping me out. My system is running fine now my time is fixed. Thank you very much for your help and hopefully this not happen again with the recommendations you have given me.

Thank you very much Kadah.