Malware infection, possibly through Java; please help

Hello-
This past Saturday, I purchased a piece of video hardware. Upon installing it on my Vista laptop, I found no Vista drivers, so I went to the website listed in the documentation, at www.adstech.com. Upon getting to the download page in Internet Explorer, I received an error page containing what appeared to be a SQL Server error message. Upon Googling in Firefox, I found another link, which I tried, which took me to a "Reported Attack Page" in Firefox. An explanatory link was given, detailing the attack. The (safe) link, which is not the attack page, but rather a Google advisory page, is at http://safebrowsing.clients.google....wnloads/downloads.asp?product_id=USBAV-709-EF -again, this link is SAFE. It details the attack. Apparently the company, ADS Tech, has had its website hacked and the hackers have planted malware on it.
I further saw a message from Firefox about an add-on that was incompatible, named something like "Java Deployment kit", which I suspect was the attack vector. I allowed Firefox to disable it.

Unfortunately, I had already apparently become infected while originally viewing the page in Internet Explorer. I noticed nothing until the next morning, when I booted up, and had no Internet connection. I did an "ipconfig /all", and saw a large number of tunnel adapters- 33, in fact- with "isatap" in their name. Following instructions I found online, I was able to reset the networking in Vista, and restored my Internet connectivity.
However, upon starting the PC today, the available (free) space on my hard drive started dwindling at a ridiculous rate-- from over 5 gigs, to 3 gigs, to 1 gig, down to 384MB, in the space of 5 minutes, to the point where I could not even delete files anymore.
At this point, I came here, and followed the instructions for Vista Cleaning.

I have attached the log for SuperAntiSpyware, which found "Rouge.Agent/Gen-Nullo" and cleaned it. Next, I attached the log for MalwareBytes, which found only "Revelation", which is a password recovery tool I use in my work as a Consultant. I also ran ComboFix, and that log is attached.

I attempted to run RootRepeal, and here I ran into a problem: the program ran for an hour or so, and many filenames came up as "locked to Windows API"-- but then, something strange happened: a small Messagebox came up- but it was completely empty, to the point where I could see the Desktop behind it, inside the Messagebox! This is particularly odd as I don't have the "see-through Window" effect turned on in Vista. There were no buttons to click in the messagebox, and clicking on the main RootRepeal window had no effect; the only thing I could do was to click the red "x" at the top of the messagebox, and when I did this, RootRepeal closed. Running it again produced the same result.

Finally, I have uploaded the .ZIP file containing the logs from running MGTools.

Everything seems to be OK, but at this point I am leery of pronouncing things fixed. I am somewhat concerned about the odd result from RootRepeal.

Can someone please take a look at my logs, let me know what infections I had, and whether any are still present; and if so, what to do about them?

Thank you very much.

-Andrew

 

More information/update

Update:

I attempted to run RootRepeal again, with the same results; I have attached a screen capture of the window so you can see what is happening.

The odd, transparent MessageBox is clearly visible in the upper-left corner of the screen capture; you can see, through it, several icons on the Desktop, as well as the RootRepeal window.

The file shown in the cpature as currently being scanned is the one which always is present when the transparent MessageBox shows up.

I don't know whether this information is of any use, but I thought I should include it, as it seems odd.

Thanks, and I will wait for your reply.

 

Dr. M:

Thank you very much for looking through my logs.

I had actually already started removing those old Java installs; I will go ahead and finish.

I am curious about your recommendation re. CCleaner. What exactly is it? From a quick look, it seems to be a Registry cleaner, among other things. I ask because I have had some experience with Registry cleaners in the past, and it was all bad; either they removed keys and values that were needed, and caused programs to fail and need reinstallation, or they failed to remove keys/values that were orphaned and should have been removed.
Is this program different? Is there something you are seeing in my logs that makes you suggest this, or is this a "blanket" recommendation? And what does the "Run Cleaner" step actually do to the PC?

I don't want to seem ungrateful, because I appreciate very much your willingness to help. I am very particular about what I install on my PC; I am a consultant and a programmer, so I am not inexperienced with maintaining my PC. I just am not a malware expert, because, as I'm sure you can testify, keeping up with all the new strains out there is nearly a full-time job in itself!

I will go ahead and take care of the other items, and will await your recommendations/amplifications on CCleaner.

Thanks again,

-Andrew

 

OK, thanks.

I'll go ahead and take care of the outstanding tasks.


Thanks for your time.