Realtek Wave bar automatically moving down - think it's malware

[Michelea1976]

Hello Jack&Jill,
Here is the combo fix report.
ComboFix 12-12-02.01 - Michele Acampora 12/03/2012 21:45:14.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.351 [GMT -5:00]
Running from: c:\documents and settings\Michele Acampora\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\service
c:\windows\system32\service\01082010_TIS17_SfFniAU.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-04 to 2012-12-04 )))))))))))))))))))))))))))))))
.
.
2012-12-02 00:33 . 2012-12-02 23:13 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-19 23:42 . 2012-11-28 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2012-11-19 23:42 . 2009-01-25 17:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-11-19 23:41 . 2012-11-19 23:42 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-11-19 22:48 . 2012-11-19 22:49 -------- d-----w- c:\program files\ERUNT
2012-11-14 18:25 . 2012-11-14 18:25 -------- d-----w- c:\documents and settings\Michele Acampora\Application Data\webex
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 23:51 . 2011-06-25 19:33 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2010-08-13 21:12 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2010-08-13 21:12 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2010-08-13 21:12 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 23:51 . 2010-08-13 21:12 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-30 23:51 . 2010-08-13 21:12 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-30 23:51 . 2010-08-13 21:12 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2010-08-13 21:12 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-30 23:51 . 2010-08-13 21:11 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2010-08-13 21:11 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-22 08:37 . 2010-01-07 00:08 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-09 02:47 . 2012-04-13 02:39 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 02:47 . 2011-06-10 03:02 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-02 18:04 . 2010-01-07 00:08 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 00:54 . 2011-06-25 22:53 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-28 14:08 . 2012-10-28 14:07 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-11-09 401072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-12-12 994216]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-09 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-06-26 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-09 1512744]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-04-09 79144]
"EeeSplendidAgent"="c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe" [2009-12-29 104960]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2010-01-29 751592]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-19 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-04-30 296056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\documents and settings\Michele Acampora\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-1-7 385024]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2012-11-19 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 02:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [5/28/2010 8:12 AM 11448]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6/25/2011 2:33 PM 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/13/2010 4:12 PM 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 1:25 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [5/4/2011 12:54 PM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/13/2010 4:12 PM 21256]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [11/19/2012 6:42 PM 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [11/19/2012 6:42 PM 1369624]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [8/28/2009 1:40 AM 38912]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [11/19/2012 6:42 PM 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 12:28 PM 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1/7/2010 1:18 PM 1684736]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [1/7/2010 1:30 PM 39040]
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 02:47]
.
2012-12-04 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-10-29 23:50]
.
2012-12-04 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-19 19:08]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 19:54]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 19:54]
.
2012-12-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2187696690-1671407227-2517261909-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-03-30 19:39]
.
2012-12-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2187696690-1671407227-2517261909-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-03-30 19:39]
.
2012-11-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-19 19:07]
.
2012-11-19 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2012-11-19 19:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Michele Acampora\Application Data\Mozilla\Firefox\Profiles\01tzrdl6.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-17270377.sys
SafeBoot-45517545.sys
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-03 21:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2012-12-03 21:57:57
ComboFix-quarantined-files.txt 2012-12-04 02:57
.
Pre-Run: 124,436,901,888 bytes free
Post-Run: 124,833,579,008 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - E1A4816AAA8D604BB5B47E20A5401852

[Jack&Jill]

Hello Michelea1976 ,

Do an online scan with ESET Online Scanner.
Please be patient as scanning will take quite some time. If you have problem running the scan, you might want to disable any real time protection that you have.

• Click here to go to ESET Online Scanner page.
• Click on Run ESET Online Scanner. A new window will open.
  For FireFox user, you will need to download and install esetsmartinstaller_enu.exe. Click on it and save the file to a convenient location. Double click on it to install and a new window will open.
• After reading through the Terms of Use, check YES, I accept the Terms of Use and click Start to begin scan.
• You will be prompted to install an ActiveX Control from ESET. Please install.
• At the Computer scan settings section, uncheck (untick) Remove found threats. <-- Important, do not remove anything yet.
• Then, check Scan archives.
• Now, click on Advanced settings and make sure all these are checked:
  
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
• Click on Scan to proceed.
• When done, the scan result will be shown. Look for C:\Program Files\ESET\ESET Online Scanner\log.txt and open the file.
• Post the contents in your reply.

If the contents of log.txt do not reflect what is shown in the result window, click on List of found threats, then Export to text file..., save a file and post that instead.

--------------------

Please post back:
1. the ESET log
2. how is the computer now?

[Michelea1976]

Hello, Sorry it took me a few days...i got sick and wasn't able to do much. The computer is doing good. I don't get the annoying red warning pop-up messages from Avast, and the realtek slide "wave" bar is staying put. Here is the log from ESET Online Scanning:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=23968e4a27e70e4c9e6e0ba15059bd33
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-12-06 04:52:55
# local_time=2012-12-05 11:52:55 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=770 16774141 100 95 523595 130557847 0 0
# scanned=65233
# found=7
# cleaned=0
# scan_time=8277
C:\Documents and Settings\Michele Acampora\Application Data\Sun\Java\Deployment\cache\6.0\27\5d6255db-49d5a278 a variant of Java/TrojanDownloader.Agent.NDJ trojan (unable to clean) 1E156D55A7840CFFBD157DB248544323A62ABDCC I
C:\Documents and Settings\Michele Acampora\Application Data\Sun\Java\Deployment\cache\6.0\32\3b578aa0-61d3db1e a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 76FD3E53172676A61F6AF6FE788A06B368F02819 I
C:\Documents and Settings\Michele Acampora\Application Data\Sun\Java\Deployment\cache\6.0\6\511051c6-789d9fff multiple threats (unable to clean) A47EC8C2157620E36EA134251A70C0DF53052F37 I
C:\TDSSKiller_Quarantine\01.12.2012_19.31.55\mbr0000\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan (unable to clean) BD1D3BF759D78450B2F5ABD9F29B5EF91D684536 I
C:\TDSSKiller_Quarantine\01.12.2012_19.31.55\mbr0000\tdlfs0000\tsk0002.dta a variant of Win64/Olmarik.AM trojan (unable to clean) 4781EFFAD9D0938135EF5BA6626A8E482D3B0440 I
C:\TDSSKiller_Quarantine\02.12.2012_18.10.38\mbr0000\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan (unable to clean) BD1D3BF759D78450B2F5ABD9F29B5EF91D684536 I
C:\TDSSKiller_Quarantine\02.12.2012_18.10.38\mbr0000\tdlfs0000\tsk0002.dta a variant of Win64/Olmarik.AM trojan (unable to clean) 4781EFFAD9D0938135EF5BA6626A8E482D3B0440 I

[Jack&Jill]

Hello Michelea1976 ,

Sorry to hear that you were sick. Hope you are well now.

ESET's findings are from the Java cache and backups created when we did some fixes.

Go to Start > Control Panel. Double click on Java and the Java Control Panel will open. At the General tab, click on the Settings... below the Temporary Internet Files title. Press the Delete Files... button and OK your way out. The Java cache will be deleted.

--------------------

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Adobe Reader 9.5.2 MUI

• Go to the Adobe download page. Click here.
• If your OS is not the same as stated, click on Do you have a different language or operating system? link.
  
  • Under the Select an operating system title, choose the OS that you have.
  • Change the language at the Select a language title.
  • Next, select the version of the reader at the Select a Version title.
  • Uncheck (untick) to opt out of any optional toolbar or program installation.
  • Click the Download now button to proceed. Allow if prompted and save the file to a convenient location.
  • Run the downloaded file to continue with the installation.
• If your OS is the same, uncheck (untick) to opt out of any optional toolbar or program installation.
• Click Download to proceed. Allow if prompted and save the file to a convenient location.
• Run the downloaded file to continue with the installation.

Alternatively, you can try Foxit Reader Portable or Nuance PDF Reader.

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Java(TM) 6 Update 26

• Go to the Java SE download page. Click here.
• Under the Windows title, click on Windows Offline (32-bit) or/and Windows Offline (64-bit) and save the file to your desktop.
• Close any programs you may have running, especially your web browser.
• Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Your Firefox browser is outdated. Older versions have security vulnerabilities that can be exploited.

Mozilla Firefox 16.0.2 (x86 en-US)

Please update your Firefox browser to the latest.

• Open Firefox.
• Go to Help on the pull down menu, then select About Firefox.
• Click on the Check for Updates button.
• Continue accordingly and close it when done.

--------------------

Congratulations, you are All Clear to go. Glad to hear everything is good and running . If you have any more problems, please let me know.

Now we need to clear out the programs we have been using to clean up your computer. They are not suitable for general malware removal and could cause damage if used inappropriately.

• Go to Start > Run.... Copy and paste the following text into the white box:
  ComboFix /uninstall
  Click OK.
• Run OTL by double clicking on OTL.exe. Click on CleanUp, proceed to reboot if prompted.
• Delete all the tools we downloaded and used, plus any logs on your desktop.

Some tips to help you stay clean and safe:

1. Keep your Windows up to date. Enable Automatic Updates for Windows XP, Windows Vista or Windows 7 to always update the latest security patches from Microsoft, or you can download from the Microsoft website. Otherwise, your computer will be vulnerable to new exploits or malwares.

2. Update your Antivirus program regularly, it is a must for constant protection against viruses. Please keep only one AV installed.

3. Install Malwarebytes' Anti-Malware if you haven't and use it occasionally. It is a new and powerful anti-malware tool, totally free but for real-time protection you will have to pay a small one-time fee.

4. Install WinPatrol, a great protection program that helps you monitor for unwanted files or applications.

5. Use a hosts file to block the access of bad sites from your computer. Get yourself a MVPS Hosts for this purpose.

6. Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.

7. Keep all your softwares updated. Visit Secunia Software Inspector to find out if any updates required.

8. Also look up:
Computer Security - a short guide to staying safer online
PC Safety and Security - What Do I Need? By Glaswegian
How to prevent malware: By miekiemoes
So how did I get infected in the first place? By Tony Klein
Microsoft Online Safety

Stay safe.

Your donation helps in improving Spybot-S&D!

[Michelea1976]

Thank you so very much! And I thought I had to reformat the drive or buy a whole new netbook!! You saved me some money, so thanks!!! I have done as you said, removed the programs and upgraded the different programs you put in your reply. No issues with the computer, and thank you once again for your help! I'm going to make a donation to Spybot to help keep this free service available to others. Have a great day!!!!

Michele

[Jack&Jill]

As your problems appear to have been resolved, this topic is now closed.

We are glad to be of help. If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read:
Your donation helps in improving Spybot-S&D!