Hello,
since few days i've been having problems of slowing down , and today when scanning my pc impossible to delete the cookies from avast result of scanning.
I also run the avg and first of all impossible to make the up to date, impossible to connect the server.
When i tried to download the spybot s&d , i was not able to install it, the message was: " Error sending request. A connection with the server could not be established"
Here the hjt log and the unistall list.
I also have the result of the scan from avast that i can't copy and paste, but 2 results have the descriptions as a "decompression bomb" and there is nothing i could do for them, i'll just rewrite the file name for this log:

C:\Programmi.eMule0.49b\eMule0.49b\Temp\002.part\W esternEurope_NT2008.map
C:\Documents and Settings\Roblacos\Documenti\APEX9\Win_WEB_WWEFG.7z \Adobe Acrobat 9\Data1.cab

I also have two files on my desktop with the following contents:
1-"Upload me":
winchat.exe,winhlp32.exe,winmine.exe,winspoll.exe, winver.exe,winmsd.exe,winlogon.exe, WinFXDocObj.exe
2-"catchme.log":
read file error: C:\DOCUME~1\Roblacos\IMPOST~1\Temp\winlogon.exe, Impossibile trovare il file specificato.
read file error: C:\DOCUME~1\Roblacos\IMPOST~1\Temp\services.exe, Impossibile trovare il file specificato.
read file error: C:\WINDOWS\system32\cftmon.exe, Impossibile trovare il file specificato.


Now the hjt log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:27:00, on 01/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Apoint\Apntex.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Alwil Software\Avast4\ashSimp2.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Roblacos\Impostazioni locali\Temporary Internet Files\Content.IE5\GT3HA2M1\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Neuf Cegetel - recherche
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Neuf - Recherche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Neuf Cegetel, neufportail.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Neuf - Recherche
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Neuf Cegetel - recherche
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PDService.exe] C:\Programmi\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programmi\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Trasferimento tramite Image Converter 2 - C:\Programmi\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoworld.it/public/ImageUploader3.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by139fd.bay139.hotmail.msn.co...x/HMAtchmt.ocx
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O17 - HKLM\System\CS3\Services\Tcpip\..\{020E656B-4589-4576-8F3F-00E1716AB48D}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
O24 - Desktop Component 0: (no name) - Sign In
O24 - Desktop Component 1: (no name) - Sign In
O24 - Desktop Component 2: (no name) - http://musica.temi.kataweb.it/files/..._590_buona.jpg

--
End of file - 9668 bytes

The uninstall list:

Adapt-X Plug-in for Winamp/WMP 9 (remove only)
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Viewer CS3
Adobe PDF Library Files
Adobe Photoshop Elements 3.0
Adobe Premiere Standard
Adobe Setup
Adobe Setup
Adobe Shockwave Player 11
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)
Aggiornamento della protezione per Windows Media Player (KB952069)
Aggiornamento della protezione per Windows Media Player 11 (KB954154)
Aggiornamento della protezione per Windows XP (KB938464)
Aggiornamento della protezione per Windows XP (KB941693)
Aggiornamento della protezione per Windows XP (KB945553)
Aggiornamento della protezione per Windows XP (KB946648)
Aggiornamento della protezione per Windows XP (KB948590)
Aggiornamento della protezione per Windows XP (KB948881)
Aggiornamento della protezione per Windows XP (KB950749)
Aggiornamento della protezione per Windows XP (KB950762)
Aggiornamento della protezione per Windows XP (KB950974)
Aggiornamento della protezione per Windows XP (KB951066)
Aggiornamento della protezione per Windows XP (KB951376-v2)
Aggiornamento della protezione per Windows XP (KB951698)
Aggiornamento della protezione per Windows XP (KB951748)
Aggiornamento della protezione per Windows XP (KB952954)
Aggiornamento della protezione per Windows XP (KB953839)
Aggiornamento della protezione per Windows XP (KB954211)
Aggiornamento della protezione per Windows XP (KB954600)
Aggiornamento della protezione per Windows XP (KB955069)
Aggiornamento della protezione per Windows XP (KB956391)
Aggiornamento della protezione per Windows XP (KB956802)
Aggiornamento della protezione per Windows XP (KB956803)
Aggiornamento della protezione per Windows XP (KB956841)
Aggiornamento della protezione per Windows XP (KB957095)
Aggiornamento della protezione per Windows XP (KB957097)
Aggiornamento della protezione per Windows XP (KB958644)
Aggiornamento della protezione per Windows XP (KB958687)
Aggiornamento per Windows XP (KB925720)
Aggiornamento per Windows XP (KB932823-v3)
Aggiornamento per Windows XP (KB951072-v2)
Aggiornamento per Windows XP (KB955839)
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)
Aggiornamento rapido per Windows XP (KB952287)
Apple Software Update
ArKaos VJ 3.5.1 FC1
Audacity 1.2.2
AudioBurst FX Engine
avast! Antivirus
AVG Anti-Spyware 7.5
CCleaner (remove only)
Easy-WebPrint
FileZilla Client 3.0.2.1
GIMP 2.4.1
Google Earth
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
InfraRecorder
Inkscape 0.46
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
L&H TTS3000 Français
LAN-Express AS IEEE 802.11 Wireless LAN
mCore
mDriver
MFCDLL Shared Library - Retail Version
Microsoft (R) C Runtime Library
Microsoft (R) C++ Runtime Library
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - fra
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
Microsoft Works
mMHouse
Modèles Météo - GFS - Version 3.0
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Mozilla Firefox (3.0.5)
Mozilla Sunbird (0.8)
mPfMgr
mProSafe
MSXML 3.0
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
mWlsSafe
mXML
Neuf - Kit de connexion
NVIDIA Drivers
OpenOffice.org 2.4
PDFCreator
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Setting Utility Series
Shockwave
Skype 3.1
Skype Plugin Manager
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Sweet Home 3D version 1.5.1
System Requirements Lab
TrackMania Nations ESWC 1.7.9
VAIO Control Center
VAIO Edit Components
VAIO Event Service
VAIO Light Flo Wallpaper
VAIO Long Battery Life Wallpaper
VAIO Media AC3 Decoder 1.0
VAIO Product Survey
Video Stream Driver for Panasonic DVC
VideoCAM Eye
VLC media player 0.9.8a
VoipStunt
Winamp
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR gestione archivi
WinServices v2.1.2.1
Wireless LAN Starter
XML Paper Specification Shared Components Language Pack 1.0
XP Codec Pack
Xvid 1.1.3 final uninstall


Thank you for your help.

Hi ,
Ireally need help.
Tis morning I could'n connnect to internet, this thing is becoming serious, very serious...

System Restore for Windows XP

Your best option may be to try a ‘system restore’ point (if available) to a date before any known problems or before you started performing any recent fixes:

Click on Start>All Programs>Accessories>System Tools>System Restore.

Check Restore my computer to an earlier date> Click Next.

Choose the date before you performed any recent fixes and click Next and Next again.

REBOOT.


NOTE: If you use System Restore and don't like the new system state, you can undo the process and restore the machine to the system state it had before you ran System Restore. Alternatively, you can run System Restore to change the system state to a different restore point.




Are your Internet problems the same for IE and Firefox?


Your problems may be the result of bad files obtained via P2P file sharing programs such as eMule with other leftover infection items located in Temporary files.

A simple cleanup step FOR MANY SUCH FILES would be as follows:

Start (BUTTON)>Run>CLEANMGR.EXE



You should also try this tool if you are able to download it?

Clean out TEMPORARY FILES procedures:
To clean your temp folder, recycle bin, etc..please download this free tool:

CCleaner CCleaner - Download

Install Options:

• Don't install any Toolbars, or other programs, should it ask you!
• Just uncheck the option of installing the Yahoo toolbar.

It will put a shortcut on your Desktop.

Do not run CCleaner until requested later.




Run CCleaner preferably in SAFE MODE (reboot tapping the F8 key after the beep).

Select the ‘Options’ BUTTON option (top LEFT), ‘Advanced’ BUTTON, and then UNCHECK the ‘Only delete files in Windows Temp Folders older than 48 hours’ (often, the latest download traffic could be the bearer of bad content – RESET back to default after this particular cleaning).

Select the ‘Cleaner’ BUTTON option (top LEFT), if not already selected. Use the ’Windows’ TAB up front by default.

• Uncheck ‘Cookies’ option (advisable)
• Optionally, Uncheck ‘Recently Typed URLs’ option (potentially still useful)
• Click the ‘Analyse’ button.
• Thereafter, click ‘Run Cleaner’ after you have reviewed what it proposes to clean.

Next you might want to uninstall 'emule' and any other P2P application for now.




Some infections can be based upon JAVA VULNERABILITIES.

J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1

Your system has an outdated version(s) of Sun Java that could create serious security exposure issues for your PC.


Older JAVA versions have vulnerabilities that malware can and are using to infect systems.

Please follow these steps to remove older version Java components.

• Close any programs you may have running, ESPECIALLY your web browser
• Click Start > Control Panel.
• Click Add/Remove Programs.
• Check any item with Java Runtime Environment (JRE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove all versions of Java.
• Reboot your computer once all Java components are removed.

Tell us if anything has improved.

Hi,
It seems to go better.
I think I don't clean enough my pc.
I did uninstall all javas and your web site now doesn't look the same of before, there is any "css". Is it due to java?
Thank you any way, you're always very helpful.

there is any "css". Is it due to java?

Please explain further - I don't know what is being asked. Does 'css' occur or not and what problems does that create? Need to be more specific with what your problems may be:

css - Google Search
css java - Google Search



Maybe you now don't have any JAVA installed. You can check as follows:

• START-> RUN-> cmd
• copy & paste JAVA –VERSION and hit Enter key

java version "1.6.0_11" or higher

Here is the link for the latest version of Java Runtime Environment (JRE) 6.0 Update 11 or higher,


Does either browser now work at all?




Anyway. try running the following scan:

* Please download Malwarebytes' Anti-Malware from HERE or HERE

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
• Run the scan in SAFEMODE (tapping the F8 key on bootup), if necessary.
• If an update is found, it will download and install the latest version.
• If you encounter any problems while downloading the updates, manually download them from HERE and just double-click on mbam-rules.exe to install.
• Once the program has loaded, select "Full Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked , and click Remove Selected.
• When disinfection is completed , a log will open in Notepad and you may be prompted to Restart(See Extra Note).
• A run log is automatically saved by MBAM and can be viewed by clicking the Logs TAB in MBAM.
• Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
• Please post any current revised observations.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Hi,
when i said "there is no css", i mean the site doesn't look properly, doesn't open with the css style, it looks "raw".
I hope you understand me.
this morning everything was fine, and now again it doesn't open properly.

Here is te copy & paste of command java-version:

Microsoft Windows XP [Versione 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Roblacos>JAVA -VERSION
Exception in thread "main" java.lang.NoClassDefFoundError: ûVERSION
Caused by: java.lang.ClassNotFoundException: ûVERSION
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
Could not find the main class: ÔÇôVERSION. Program will exit.

Here the result of the mbam scan:

Malwarebytes' Anti-Malware 1.33
Versione del database: 1718
Windows 5.1.2600 Service Pack 2

03/02/2009 11:11:10
mbam-log-2009-02-03 (11-11-10).txt

Tipo di scansione: Scansione completa (C:\|D:\|F:\|)
Elementi scansionati: 155250
Tempo trascorso: 55 minute(s), 8 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 5
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 1

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{7c559105-9ecf-42b8-b3f7-832e75edd959} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\Programmi\SETUP.EXE (Rogue.Installer) -> Quarantined and deleted successfully.


Then the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 11:13:12, on 03/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\DKService.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmi\Sony\VAIO Event Service\VESMgr.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\Programmi\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Apoint\Apntex.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\MSN Messenger\usnsvc.exe
C:\Programmi\File comuni\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Neuf Cegetel - recherche
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Neuf - Recherche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Neuf Cegetel, neufportail.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Neuf - Recherche
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Neuf Cegetel - recherche
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmi\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Trasferimento tramite Image Converter 2 - C:\Programmi\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoworld.it/public/ImageUploader3.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by139fd.bay139.hotmail.msn.co...x/HMAtchmt.ocx
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O17 - HKLM\System\CS3\Services\Tcpip\..\{020E656B-4589-4576-8F3F-00E1716AB48D}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\DKService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.con f (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe

Thank you for your time.
Roberta

Hi,
i don't know for which reason i don't have IE anymore, maybe a wrong manipulation, but the thing is, i'm not able to install it again from the windows browser..any suggestions?
Thanks

So - FIREFOX is working properly, I assume?


There appears to missing files for AVGAS 7.5 (no longer easily available) and Avast - you may need to reinstall those as a VERY LAST STEP once the following procedures have been done. Also, at least one system file may be missing or not running:

O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\
O20 HijackThis Entries

Can you find the following file on your PC?:
dimsntfy.dll


Use the System File Checker (SFC) :
(typical runtime is 30 minutes) - please read over all instructions before proceeding.


Sometimes when you install third party software, it may overwrite important operating system files. This can cause instability - or worse. Windows XP includes a command line tool that you can use if you think this may have happened (for example, if you get a message box warning that there is a problem with a .dll or the system just seems unstable). Here's how to use it:

1. Click Start | Run.
2. In the Run box, type/copy&paste:
   SFC /scannow (notice the space plus slash).
   
3. Windows will scan all protected Windows files to verify that they are intact and in their original versions. If they're not, corrupt, missing or incorrect files are replaced. You may be prompted to insert your Windows XP installation CD if your Dllcache folder (where Windows keeps a copy of essential system files) has become corrupt or has been deleted.

To avoid the possibility of having to dig out and insert the OS CD, you can copy the i386 folder from the installation CD to your hard disk, and just point Windows there to find the files it needs. For instructions on how to do so, and more info about scannow, see:
scannow sfc - LEARN how to use SFC.EXE (system file checker) in this article!




REBOOT.

Uninstall Java Update 11.
REBOOT.
Try a fresh install of JAVA as per previous instructions.
REBOOT.




Here are several steps you can try to fix IE:

• You could try to 'Add/Remove Programs' for 'Internet Explorer' (in the Control Panel) - and select the 'Repair Internet Explorer' option and see if that solves your issues.
  
  
• Try running IEFix - General purpose fix for Internet Explorer:
  IEFix Utility - Description
  
  
• Another fix strategy possibility is:
  How to Fix a Broken Internet Connection
  80 Super Security Tips - Solution from PC Magazine: How to Fix a Broken Internet Connection - Solutions by PC Magazine
  
  The easiest way to fix a broken connection chain is to use a freeware utility called LSPFix.exe (182KB):
  LSP-Fix - a free program to repair damaged Winsock 2 stacks
  
  LSPFIX tutorial here:
  http://www.bleepingcomputer.com/forums/ind...showtutorial=59
  
  If you just want to fix a broken chain, and the problem DLL has already been removed for some other reasons, you can just click the Finish button, designated by the green box in Figure 1. LSP-Fix will automatically fix the LSP chain and hopefully restore connectivity back to the network.