Random click noises, IE ad popups, and random sound loss

[sufferinginsilence]

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=766fe524c7a41d49b85edbc0876d4cda
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-07-27 08:53:19
# local_time=2010-07-27 09:53:19 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 13944106 13944106 0 0
# compatibility_mode=8192 67108863 100 0 249 249 0 0
# scanned=134972
# found=11
# cleaned=0
# scan_time=8777
C:\Documents and Settings\Brian\Application Data\Mozilla\Profiles\default\qu7iv19e.slt\Mail\Local Folders\Drafts Win32/Hybris worm 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Mozilla\Profiles\default\qu7iv19e.slt\Mail\pop3.astrosat.info\Junk multiple threats 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Mozilla\Profiles\default\qu7iv19e.slt\Mail\pop3.astrosat.info\Trash multiple threats 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Mozilla\Profiles\default\qu7iv19e.slt\Mail\pop3.astrosat.info\Inbox.sbd\Order multiple threats 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Thunderbird\Profiles\qzxyh6tx.default\Mail\Local Folders\Drafts Win32/Hybris worm 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Thunderbird\Profiles\qzxyh6tx.default\Mail\pop.1and1.co-1.uk\Junk multiple threats 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Thunderbird\Profiles\qzxyh6tx.default\Mail\pop.1and1.co.uk\Junk multiple threats 00000000000000000000000000000000 I
C:\Documents and Settings\Brian\Application Data\Thunderbird\Profiles\qzxyh6tx.default\Mail\pop.1and1.co.uk\Trash multiple threats 00000000000000000000000000000000 I
C:\RECYCLER\S-1-5-21-484667254-1225693938-3987437657-1007\Dc15.exe a variant of Win32/Adware.DoubleD.AB application 00000000000000000000000000000000 I
C:\RECYCLER\S-1-5-21-484667254-1225693938-3987437657-1007\Dc16.exe a variant of Win32/Adware.DoubleD.AB application 00000000000000000000000000000000 I
C:\RECYCLER\S-1-5-21-484667254-1225693938-3987437657-1007\Dc17.exe a variant of Win32/Adware.DoubleD.AB application 00000000000000000000000000000000 I

[Jack&Jill]

Hello sufferinginsilence ,

Those findings from the ESET scan are found in your mailbox of the Mozilla Mail and Thunderbird. You will need to delete any suspicious emails to get rid of them. The last three can be removed when you empty the Recycle Bin.

--------------------

Please download SystemLook© by jpshortstuff from one of the links below and save it to your desktop.

Link 1
Link 2

• Double click on SystemLook.exe to run it.
• Copy and paste the following text into the main textfield:
  
  Code:

  :file 
  c:\docume~1\brian\locals~1\temp\jnv4_mib.sys
  c:\hr60\bios\debug32.sys
  
  :service 
  jnv4_mib
  PhDebug32
  
  :filefind 
  1.exe

• Click the Look button to start the scan. This might take a while.
• When finished, a Notepad window will open with the results of the scan. Please post this log in your next reply.
  Note: The log can also be found at on your desktop as SystemLook.txt.

--------------------

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Adobe Reader 7.0

• Go to the Adobe download page. Click here.
• If your OS is not the same as stated, click on Different language or operating system? link.
  
  • Under the Select an operating system title, click on Select an OS... box and choose the OS that you have.
  • Change the language if you want by clicking on English below the Select a language title.
  • Press Continue.
  • Uncheck (untick) Free McAfee Security Scan (optional).
  • Click the Download now button after selecting the latest version.
  • Allow if prompted and save the file to a convenient location.
  • Run the downloaded file to continue with the installation.
• If your OS is the same, uncheck (untick) Free McAfee Security Scan (optional).
• Click Download to proceed. Allow if prompted and save the file to a convenient location.
• Run the downloaded file to continue with the installation.

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 7
Java 2 Runtime Environment, SE v1.4.1_02
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 17
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7

• Go to the Java SE download page. Click here.
• Look for JDK 6 Update 21 (JDK or JRE). Click the Download JRE button to the right.
• Select Windows from the drop-down list for Platform.
• Check I agree to the Java SE Runtime Environment 6u21 with JavaFX 1 License Agreement after reading it, and click Continue >>. The page will refresh.
• Under the Windows Offline Installation title, click on the link which says jre-6u21-windows-i586.exe and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Are you using the Netscape (7.1)? It is also outdated already. Best to remove it if no longer in use.

--------------------

Please post back:
1. the SystemLook result

[sufferinginsilence]

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 03:59 on 29/07/2010 by Brian (Administrator - Elevation successful)

========== file ==========

c:\docume~1\brian\locals~1\temp\jnv4_mib.sys - Unable to find/read file.

c:\hr60\bios\debug32.sys - Unable to find/read file.

========== service ==========

jnv4_mib
jnv4_mib
(No Description)
Current Status: Stopped
Startup Type: Demand
Error Control: Critical
Binary: \??\C:\DOCUME~1\Brian\LOCALS~1\Temp\jnv4_mib.sys
Group: (none)
SafeBoot:
Dependencies:
(none)
Dependant Services:
(none)

PhDebug32
PhDebug32
(No Description)
Current Status: Stopped
Startup Type: Demand
Error Control: Critical
Binary: \??\c:\hr60\bios\debug32.sys
Group: (none)
SafeBoot:
Dependencies:
(none)
Dependant Services:
(none)

========== filefind ==========

Searching for "1.exe"
No files found.

-=End Of File=-

[Jack&Jill]

Hello sufferinginsilence ,

Everything looks good. Any more problems?

[Jack&Jill]

Hello sufferinginsilence ,

We are not done yet, are you still with me?

If I do not get any response within the next 24 hours, this topic will be closed.

[Jack&Jill]

Due to lack of response, this topic is now closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. How to post a DDS log.

If it has been less than three days since your last response and you need the thread re-opened, please send a private message (pm) to me or a MOD. A valid, working link to the closed topic is required. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

Everyone else please begin a New Topic.