LandzDown Forum

running XP

It had AVG installed and AVG had been recently run (like in the past few days).

It had no other spyware/malware/antivirus programs that I'm aware of (it's an inherited laptop)

This morning it stopped getting out on the internet - similar behavior to the desktop (in that other thread below, boy am I embarrassed - no virii/malware but once in the last 10 years, and that was 2 years ago...)

The only common factors between the two are dropbox and MOG.  In fact I installed and ran the MOG desktop app for the first time yesterday or the day before.  MOG is flash-based.  Dropbox has been disabled on both systems but I ran scans at virustotal on all the non-text files and no sign of a virus.  Don't think it came in via dropbox.

Ran AVG and it found nothing.  However I noticed it flashing up a DOS command box when I opened it from the tray which I had never noticed before so I suspect it was hijacked.

Uninstalled AVG and installed Avast - ran a complete rootkit scan at boot (took hours), found nothing.  Ran a complete scan after boot - found nothing of consequence.  Uninstalled Thunderbird just in case (not my installation, not my mail, hasn't been opened in months, but it was one of the "probably of no consequence" things that showed up on the Avast scan).

Ran DDS.scr

here is dds.txt

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13  BrowserJavaVersion: 1.6.0_26
Run by Kevin at 21:29:29 on 2012-06-15
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3070.2395 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\PHAROS~1\Core\CTskMstr.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\WebUpdateSvc4.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Kevin\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080121
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080121
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uInternet Connection Wizard,ShellNext = hxxp://127.0.0.1:4664/&s=GC2o3GPif2wLPJbCSEWj1v4atX8
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\kevin\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [KADxMain] c:\windows\system32\KADxMain.exe
mRun: [<NO NAME>]
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNDY1MDc5OTE5LVRCOSsyLUZMKzktRjEwTSs1LVFJWDErNC1YMjAxMCsyLUYxME0xMEQrMi1MSUMrNy1GTDEwKzEtU1AxKzEtU1VEKzE"&"prod=90"&"ver=10.0.1424
StartupFolder: c:\docume~1\kevin\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\kevin\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\kevin\startm~1\programs\startup\mlbtvn~1.lnk - c:\documents and settings\kevin\local settings\application data\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{16274CFA-324C-424F-9D1B-E2764568162E} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kevin\application data\mozilla\firefox\profiles\gfb819ds.default\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - hxxp://www.lspace.org/books/reading-order-guides/the-discworld-reading-order-guide-20.jpg
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\kevin\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
FF - Ext: Form History Control: formhistory@yahoo.com - %profile%\extensions\formhistory@yahoo.com
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Go Parent Folder: goParentFolder@alice - %profile%\extensions\goParentFolder@alice
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Show Parent Folder: showParentFolder@alice - %profile%\extensions\showParentFolder@alice
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: FoxClocks: {d37dc5d0-431d-44e5-8c91-49419370caa1} - %profile%\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2010-9-7 202048]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-1-25 24652]
R2 WebUpdate4;Web Update Wizard Service V4;c:\windows\system32\WebUpdateSvc4.exe [2007-6-25 229592]
RUnknown aswFsBlk;aswFsBlk;

• 
  RUnknown aswSnx;aswSnx;
• 
  RUnknown aswSP;aswSP;
• 
  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
  S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
  S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2011-5-6 6016]
  S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2011-9-20 45288]
  S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2011-5-6 19968]
  S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2011-5-6 8320]
  S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2011-5-6 23424]
  S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-5-6 9472]
  S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
  .
  =============== Created Last 30 ================
  .
  2012-06-16 01:26:00   --------   d-----w-   C:\avast! sandbox
  2012-06-15 15:53:29   --------   d-----w-   c:\program files\AVAST Software
  2012-06-15 15:53:29   --------   d-----w-   c:\documents and settings\all users\application data\AVAST Software
  2012-06-14 04:54:32   --------   d-----w-   c:\documents and settings\kevin\local settings\application data\Deployment
  2012-06-08 17:31:26   --------   d-----w-   c:\program files\iPod
  2012-06-08 17:31:20   --------   d-----w-   c:\program files\iTunes
  2012-06-03 00:43:30   --------   d-----w-   c:\program files\Dropbox
  .
  ==================== Find3M  ====================
  .
  2012-05-31 13:22:09   599040   ----a-w-   c:\windows\system32\crypt32.dll
  2012-05-15 15:39:54   832512   ----a-w-   c:\windows\system32\wininet.dll
  2012-05-15 13:20:33   1863168   ----a-w-   c:\windows\system32\win32k.sys
  2012-05-10 22:33:24   70304   -c--a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
  2012-05-10 22:33:24   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
  2012-05-04 13:16:13   2148352   ----a-w-   c:\windows\system32\ntoskrnl.exe
  2012-05-04 12:32:19   2026496   ----a-w-   c:\windows\system32\ntkrnlpa.exe
  2012-05-02 13:46:36   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
  2012-04-23 14:46:47   78336   ----a-w-   c:\windows\system32\ieencode.dll
  2012-04-23 14:46:47   1830912   ----a-w-   c:\windows\system32\inetcpl.cpl
  2012-04-23 14:46:47   17408   ------w-   c:\windows\system32\corpol.dll
  2012-04-19 00:56:30   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
  2012-04-19 00:56:30   69632   ----a-w-   c:\windows\system32\QuickTime.qts
  .
  ============= FINISH: 21:30:27.64 ===============
  
  
  
  ATTACH.TXT
  
  .
  UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
  IF REQUESTED, ZIP IT UP & ATTACH IT
  .
  DDS (Ver_2011-08-26.01)
  .
  Microsoft Windows XP Home Edition
  Boot Device: \Device\HarddiskVolume2
  Install Date: 1/25/2008 6:56:02 PM
  System Uptime: 6/15/2012 2:36:42 PM (7 hours ago)
  .
  Motherboard: Dell Inc. |  | 0WY040
  Processor: Intel(R) Core(TM)2 Duo CPU     T7500  @ 2.20GHz | Microprocessor | 2194/200mhz
  .
  ==== Disk Partitions =========================
  .
  C: is FIXED (NTFS) - 146 GiB total, 39.759 GiB free.
  D: is CDROM (CDFS)
  E: is Removable
  .
  ==== Disabled Device Manager Items =============
  .
  ==== System Restore Points ===================
  .
  RP713: 3/18/2012 9:36:13 PM - System Checkpoint
  RP714: 4/16/2012 1:26:22 PM - Software Distribution Service 3.0
  RP715: 4/17/2012 3:00:16 AM - Software Distribution Service 3.0
  RP716: 4/18/2012 3:35:48 AM - System Checkpoint
  RP717: 4/19/2012 4:35:50 AM - System Checkpoint
  RP718: 4/29/2012 7:15:54 PM - System Checkpoint
  RP719: 4/30/2012 7:53:48 PM - System Checkpoint
  RP720: 5/7/2012 12:50:35 PM - System Checkpoint
  RP721: 5/10/2012 8:15:23 PM - System Checkpoint
  RP722: 5/11/2012 3:00:16 AM - Software Distribution Service 3.0
  RP723: 5/11/2012 4:37:26 AM - Software Distribution Service 3.0
  RP724: 5/12/2012 5:04:50 AM - System Checkpoint
  RP725: 5/13/2012 6:04:49 AM - System Checkpoint
  RP726: 5/14/2012 7:04:50 AM - System Checkpoint
  RP727: 5/15/2012 8:05:41 PM - System Checkpoint
  RP728: 5/16/2012 8:09:15 PM - System Checkpoint
  RP729: 5/17/2012 9:09:02 PM - System Checkpoint
  RP730: 5/18/2012 10:09:02 PM - System Checkpoint
  RP731: 5/19/2012 11:06:24 PM - System Checkpoint
  RP732: 5/20/2012 11:09:02 PM - System Checkpoint
  RP733: 5/22/2012 12:09:02 AM - System Checkpoint
  RP734: 5/23/2012 1:09:02 AM - System Checkpoint
  RP735: 5/24/2012 2:09:03 AM - System Checkpoint
  RP736: 5/25/2012 3:09:40 AM - System Checkpoint
  RP737: 5/26/2012 4:09:03 AM - System Checkpoint
  RP738: 5/27/2012 5:08:03 AM - System Checkpoint
  RP739: 5/28/2012 6:08:03 AM - System Checkpoint
  RP740: 5/29/2012 9:17:13 AM - System Checkpoint
  RP741: 6/2/2012 4:00:54 PM - System Checkpoint
  RP742: 6/3/2012 5:41:58 PM - System Checkpoint
  RP743: 6/4/2012 7:18:08 PM - System Checkpoint
  RP744: 6/4/2012 11:22:08 PM - Software Distribution Service 3.0
  RP745: 6/5/2012 11:58:37 PM - System Checkpoint
  RP746: 6/7/2012 2:19:35 PM - System Checkpoint
  RP747: 6/8/2012 5:50:26 PM - System Checkpoint
  RP748: 6/9/2012 6:27:22 PM - System Checkpoint
  RP749: 6/10/2012 7:05:57 PM - System Checkpoint
  RP750: 6/12/2012 12:50:36 AM - System Checkpoint
  RP751: 6/13/2012 1:33:06 AM - System Checkpoint
  RP752: 6/14/2012 8:38:43 AM - Software Distribution Service 3.0
  RP753: 6/15/2012 10:58:07 AM - System Checkpoint
  RP754: 6/15/2012 11:53:29 AM - avast! Free Antivirus Setup
  RP755: 6/15/2012 11:53:41 AM - avast! Free Antivirus Setup
  RP756: 6/15/2012 11:53:45 AM - Removed AVG 2011
  RP757: 6/15/2012 11:55:27 AM - Removed AVG 2011
  RP758: 6/15/2012 12:03:10 PM - avast! Free Antivirus Setup
  RP759: 6/15/2012 9:29:03 PM - avast! Free Antivirus Setup
  .
  ==== Installed Programs ======================
  .
  .
  µTorrent
  Adobe Flash Player 10 ActiveX
  Adobe Flash Player 11 Plugin
  Adobe Reader X (10.1.3)
  AIM 7
  Apple Application Support
  Apple Mobile Device Support
  Apple Software Update
  ArcSoft PhotoStudio 6
  Audiosurf
  Bejeweled Deluxe
  Bonjour
  Broadcom Management Programs
  Browser Address Error Redirector
  Business Complete Care Services Agreement
  calibre
  Canon CanoScan LiDE 700F User Registration
  Canon MP Navigator EX 2.1
  Canon Utilities Solution Menu
  CanoScan LiDE 700F Scanner Driver
  Compatibility Pack for the 2007 Office system
  Conexant HDA D330 MDC V.92 Modem
  Critical Update for Windows Media Player 11 (KB959772)
  Cthulhu Saves the World
  CutePDF Writer 2.8
  Dell Support Center
  Dell Touchpad
  Dell Wireless WLAN Card Utility
  Digital Line Detect
  DivX Converter
  Download Updater (AOL LLC)
  Dropbox
  ExamView Assessment Suite
  Fable III
  Google Chrome
  Google Talk (remove only)
  High Definition Audio Driver Package - KB835221
  Hotfix for Windows Internet Explorer 7 (KB947864)
  Hotfix for Windows Media Format 11 SDK (KB929399)
  Hotfix for Windows Media Player 11 (KB939683)
  Hotfix for Windows XP (KB2158563)
  Hotfix for Windows XP (KB2443685)
  Hotfix for Windows XP (KB2570791)
  Hotfix for Windows XP (KB2633952)
  Hotfix for Windows XP (KB952287)
  Hotfix for Windows XP (KB970653-v3)
  Hotfix for Windows XP (KB976098-v2)
  Hotfix for Windows XP (KB979306)
  Hotfix for Windows XP (KB981793)
  Indiana Jones and the Fate of Atlantis
  IntelliSonic Speech Enhancement
  iTunes
  J2SE Runtime Environment 5.0 Update 6
  JabRef 2.4.2
  Java Auto Updater
  Java(TM) 6 Update 26
  Java(TM) 6 Update 3
  Java(TM) 6 Update 5
  Java(TM) 6 Update 7
  Kyodai Mahjongg 2006 v1.42
  Logitech QuickCam Software
  Logitech® Camera Driver
  Machinarium
  MediaDirect
  Mendeley Desktop 0.9.2.1
  Microsoft .NET Framework 1.1
  Microsoft .NET Framework 1.1 Security Update (KB2656353)
  Microsoft .NET Framework 1.1 Security Update (KB2656370)
  Microsoft .NET Framework 1.1 Security Update (KB979906)
  Microsoft .NET Framework 4 Client Profile
  Microsoft .NET Framework 4 Extended
  Microsoft Application Error Reporting
  Microsoft Choice Guard
  Microsoft Compression Client Pack 1.0 for Windows XP
  Microsoft Games for Windows - LIVE Redistributable
  Microsoft Games for Windows Marketplace
  Microsoft IntelliPoint 8.2
  Microsoft Internationalized Domain Names Mitigation APIs
  Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
  Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
  Microsoft National Language Support Downlevel APIs
  Microsoft Office PowerPoint Viewer 2007 (English)
  Microsoft Office XP Media Content
  Microsoft Office XP Professional
  Microsoft Silverlight
  Microsoft User-Mode Driver Framework Feature Pack 1.0
  Microsoft VC9 runtime libraries
  Microsoft Visual C++ 2005 Redistributable
  Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
  Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
  Microsoft XNA Framework Redistributable 4.0
  MiKTeX 2.7
  MLB.TV NexDef Plug-in
  Modem Diagnostic Tool
  MotoHelper 2.0.24 Driver 4.7.1
  MotoHelper MergeModules
  Motorola Mobile Drivers Installation 4.7.1
  Mozilla Firefox (3.6.28)
  MSVCRT
  MSXML 4.0 SP2 (KB936181)
  MSXML 4.0 SP2 (KB954430)
  MSXML 4.0 SP2 (KB973688)
  MSXML 6.0 Parser (KB933579)
  National Pastime Almanac 1876-2009
  NetWaiting
  NVIDIA Drivers
  Nvu 1.0PR
  OpenAL
  Osmos
  OutlookAddinSetup
  Pharos
  Plants Vs Zombies
  Puzzle Quest 2
  QuickSet
  QuickTime
  R for Windows 2.12.2
  RealNetworks - Microsoft Visual C++ 2008 Runtime
  RealPlayer
  RealUpgrade 1.1
  Roxio Creator Audio
  Roxio Creator BDAV Plugin
  Roxio Creator Copy
  Roxio Creator Data
  Roxio Creator DE
  Roxio Creator Tools
  Roxio Drag-to-Disc
  Roxio Express Labeler
  Roxio MyDVD DE
  Roxio Update Manager
  RStudio
  SearchAssist
  Security Update for CAPICOM (KB931906)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
  Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
  Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
  Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
  Security Update for Microsoft Windows (KB2564958)
  Security Update for Step By Step Interactive Training (KB923723)
  Security Update for Windows Internet Explorer 7 (KB2183461)
  Security Update for Windows Internet Explorer 7 (KB2360131)
  Security Update for Windows Internet Explorer 7 (KB2416400)
  Security Update for Windows Internet Explorer 7 (KB2482017)
  Security Update for Windows Internet Explorer 7 (KB2497640)
  Security Update for Windows Internet Explorer 7 (KB2530548)
  Security Update for Windows Internet Explorer 7 (KB2544521)
  Security Update for Windows Internet Explorer 7 (KB2559049)
  Security Update for Windows Internet Explorer 7 (KB2586448)
  Security Update for Windows Internet Explorer 7 (KB2618444)
  Security Update for Windows Internet Explorer 7 (KB2647516)
  Security Update for Windows Internet Explorer 7 (KB2675157)
  Security Update for Windows Internet Explorer 7 (KB2699988)
  Security Update for Windows Internet Explorer 7 (KB938127)
  Security Update for Windows Internet Explorer 7 (KB942615)
  Security Update for Windows Internet Explorer 7 (KB944533)
  Security Update for Windows Internet Explorer 7 (KB950759)
  Security Update for Windows Internet Explorer 7 (KB953838)
  Security Update for Windows Internet Explorer 7 (KB956390)
  Security Update for Windows Internet Explorer 7 (KB958215)
  Security Update for Windows Internet Explorer 7 (KB960714)
  Security Update for Windows Internet Explorer 7 (KB961260)
  Security Update for Windows Internet Explorer 7 (KB963027)
  Security Update for Windows Internet Explorer 7 (KB969897)
  Security Update for Windows Internet Explorer 7 (KB972260)
  Security Update for Windows Internet Explorer 7 (KB974455)
  Security Update for Windows Internet Explorer 7 (KB976325)
  Security Update for Windows Internet Explorer 7 (KB978207)
  Security Update for Windows Internet Explorer 7 (KB982381)
  Security Update for Windows Media Player (KB2378111)
  Security Update for Windows Media Player (KB911564)
  Security Update for Windows Media Player (KB952069)
  Security Update for Windows Media Player (KB954155)
  Security Update for Windows Media Player (KB968816)
  Security Update for Windows Media Player (KB973540)
  Security Update for Windows Media Player (KB975558)
  Security Update for Windows Media Player (KB978695)
  Security Update for Windows Media Player 11 (KB936782)
  Security Update for Windows Media Player 11 (KB954154)
  Security Update for Windows Media Player 6.4 (KB925398)
  Security Update for Windows Media Player 9 (KB936782)
  Security Update for Windows XP (KB2079403)
  Security Update for Windows XP (KB2115168)
  Security Update for Windows XP (KB2121546)
  Security Update for Windows XP (KB2160329)
  Security Update for Windows XP (KB2229593)
  Security Update for Windows XP (KB2259922)
  Security Update for Windows XP (KB2279986)
  Security Update for Windows XP (KB2286198)
  Security Update for Windows XP (KB2296011)
  Security Update for Windows XP (KB2296199)
  Security Update for Windows XP (KB2347290)
  Security Update for Windows XP (KB2360937)
  Security Update for Windows XP (KB2387149)
  Security Update for Windows XP (KB2393802)
  Security Update for Windows XP (KB2412687)
  Security Update for Windows XP (KB2419632)
  Security Update for Windows XP (KB2423089)
  Security Update for Windows XP (KB2436673)
  Security Update for Windows XP (KB2440591)
  Security Update for Windows XP (KB2443105)
  Security Update for Windows XP (KB2476490)
  Security Update for Windows XP (KB2476687)
  Security Update for Windows XP (KB2478960)
  Security Update for Windows XP (KB2478971)
  Security Update for Windows XP (KB2479628)
  Security Update for Windows XP (KB2479943)
  Security Update for Windows XP (KB2481109)
  Security Update for Windows XP (KB2483185)
  Security Update for Windows XP (KB2485376)
  Security Update for Windows XP (KB2485663)
  Security Update for Windows XP (KB2491683)
  Security Update for Windows XP (KB2503658)
  Security Update for Windows XP (KB2503665)
  Security Update for Windows XP (KB2506212)
  Security Update for Windows XP (KB2506223)
  Security Update for Windows XP (KB2507618)
  Security Update for Windows XP (KB2507938)
  Security Update for Windows XP (KB2508272)
  Security Update for Windows XP (KB2508429)
  Security Update for Windows XP (KB2509553)
  Security Update for Windows XP (KB2510581)
  Security Update for Windows XP (KB2511455)
  Security Update for Windows XP (KB2524375)
  Security Update for Windows XP (KB2535512)
  Security Update for Windows XP (KB2536276-v2)
  Security Update for Windows XP (KB2536276)
  Security Update for Windows XP (KB2544893-v2)
  Security Update for Windows XP (KB2544893)
  Security Update for Windows XP (KB2555917)
  Security Update for Windows XP (KB2562937)
  Security Update for Windows XP (KB2566454)
  Security Update for Windows XP (KB2567053)
  Security Update for Windows XP (KB2567680)
  Security Update for Windows XP (KB2570222)
  Security Update for Windows XP (KB2570947)
  Security Update for Windows XP (KB2584146)
  Security Update for Windows XP (KB2585542)
  Security Update for Windows XP (KB2592799)
  Security Update for Windows XP (KB2598479)
  Security Update for Windows XP (KB2603381)
  Security Update for Windows XP (KB2618451)
  Security Update for Windows XP (KB2619339)
  Security Update for Windows XP (KB2620712)
  Security Update for Windows XP (KB2621440)
  Security Update for Windows XP (KB2624667)
  Security Update for Windows XP (KB2631813)
  Security Update for Windows XP (KB2633171)
  Security Update for Windows XP (KB2639417)
  Security Update for Windows XP (KB2641653)
  Security Update for Windows XP (KB2646524)
  Security Update for Windows XP (KB2647518)
  Security Update for Windows XP (KB2653956)
  Security Update for Windows XP (KB2659262)
  Security Update for Windows XP (KB2660465)
  Security Update for Windows XP (KB2661637)
  Security Update for Windows XP (KB2676562)
  Security Update for Windows XP (KB2685939)
  Security Update for Windows XP (KB2686509)
  Security Update for Windows XP (KB2695962)
  Security Update for Windows XP (KB2707511)
  Security Update for Windows XP (KB2709162)
  Security Update for Windows XP (KB923561)
  Security Update for Windows XP (KB923689)
  Security Update for Windows XP (KB938464)
  Security Update for Windows XP (KB941569)
  Security Update for Windows XP (KB946648)
  Security Update for Windows XP (KB950760)
  Security Update for Windows XP (KB950762)
  Security Update for Windows XP (KB950974)
  Security Update for Windows XP (KB951066)
  Security Update for Windows XP (KB951376-v2)
  Security Update for Windows XP (KB951376)
  Security Update for Windows XP (KB951698)
  Security Update for Windows XP (KB951748)
  Security Update for Windows XP (KB952004)
  Security Update for Windows XP (KB952954)
  Security Update for Windows XP (KB953839)
  Security Update for Windows XP (KB954211)
  Security Update for Windows XP (KB954459)
  Security Update for Windows XP (KB954600)
  Security Update for Windows XP (KB955069)
  Security Update for Windows XP (KB956391)
  Security Update for Windows XP (KB956572)
  Security Update for Windows XP (KB956744)
  Security Update for Windows XP (KB956802)
  Security Update for Windows XP (KB956803)
  Security Update for Windows XP (KB956841)
  Security Update for Windows XP (KB956844)
  Security Update for Windows XP (KB957095)
  Security Update for Windows XP (KB957097)
  Security Update for Windows XP (KB958644)
  Security Update for Windows XP (KB958687)
  Security Update for Windows XP (KB958690)
  Security Update for Windows XP (KB958869)
  Security Update for Windows XP (KB959426)
  Security Update for Windows XP (KB960225)
  Security Update for Windows XP (KB960715)
  Security Update for Windows XP (KB960803)
  Security Update for Windows XP (KB960859)
  Security Update for Windows XP (KB961371)
  Security Update for Windows XP (KB961373)
  Security Update for Windows XP (KB961501)
  Security Update for Windows XP (KB968537)
  Security Update for Windows XP (KB969059)
  Security Update for Windows XP (KB969898)
  Security Update for Windows XP (KB969947)
  Security Update for Windows XP (KB970238)
  Security Update for Windows XP (KB970430)
  Security Update for Windows XP (KB971468)
  Security Update for Windows XP (KB971486)
  Security Update for Windows XP (KB971557)
  Security Update for Windows XP (KB971633)
  Security Update for Windows XP (KB971657)
  Security Update for Windows XP (KB971961)
  Security Update for Windows XP (KB972270)
  Security Update for Windows XP (KB973346)
  Security Update for Windows XP (KB973354)
  Security Update for Windows XP (KB973507)
  Security Update for Windows XP (KB973525)
  Security Update for Windows XP (KB973869)
  Security Update for Windows XP (KB973904)
  Security Update for Windows XP (KB974112)
  Security Update for Windows XP (KB974318)
  Security Update for Windows XP (KB974392)
  Security Update for Windows XP (KB974571)
  Security Update for Windows XP (KB975025)
  Security Update for Windows XP (KB975467)
  Security Update for Windows XP (KB975560)
  Security Update for Windows XP (KB975561)
  Security Update for Windows XP (KB975562)
  Security Update for Windows XP (KB975713)
  Security Update for Windows XP (KB977165)
  Security Update for Windows XP (KB977816)
  Security Update for Windows XP (KB977914)
  Security Update for Windows XP (KB978037)
  Security Update for Windows XP (KB978251)
  Security Update for Windows XP (KB978262)
  Security Update for Windows XP (KB978338)
  Security Update for Windows XP (KB978542)
  Security Update for Windows XP (KB978601)
  Security Update for Windows XP (KB978706)
  Security Update for Windows XP (KB979309)
  Security Update for Windows XP (KB979482)
  Security Update for Windows XP (KB979559)
  Security Update for Windows XP (KB979683)
  Security Update for Windows XP (KB979687)
  Security Update for Windows XP (KB980195)
  Security Update for Windows XP (KB980218)
  Security Update for Windows XP (KB980232)
  Security Update for Windows XP (KB980436)
  Security Update for Windows XP (KB981322)
  Security Update for Windows XP (KB981349)
  Security Update for Windows XP (KB981852)
  Security Update for Windows XP (KB981957)
  Security Update for Windows XP (KB981997)
  Security Update for Windows XP (KB982132)
  Security Update for Windows XP (KB982214)
  Security Update for Windows XP (KB982665)
  Security Update for Windows XP (KB982802)
  Segoe UI
  Sid Meier's Civilization IV
  Sid Meier's Civilization V
  Skype Toolbars
  Skype™ 4.2
  Sonic Activation Module
  Spotify
  Spybot - Search & Destroy
  Stat/Transfer Nine
  Stata 10
  Steam
  Team Fortress 2
  The Dig
  Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
  Update for Windows Internet Explorer 7 (KB976749)
  Update for Windows Internet Explorer 7 (KB980182)
  Update for Windows XP (KB2141007)
  Update for Windows XP (KB2345886)
  Update for Windows XP (KB2467659)
  Update for Windows XP (KB2541763)
  Update for Windows XP (KB2607712)
  Update for Windows XP (KB2616676)
  Update for Windows XP (KB2641690)
  Update for Windows XP (KB2718704)
  Update for Windows XP (KB951072-v2)
  Update for Windows XP (KB951978)
  Update for Windows XP (KB955759)
  Update for Windows XP (KB955839)
  Update for Windows XP (KB961503)
  Update for Windows XP (KB967715)
  Update for Windows XP (KB968389)
  Update for Windows XP (KB971029)
  Update for Windows XP (KB971737)
  Update for Windows XP (KB973687)
  Update for Windows XP (KB973815)
  VC80CRTRedist - 8.0.50727.6195
  Viewpoint Media Player
  Web Update Wizard (Redistributable) 4.0
  WebFldrs XP
  Windows Genuine Advantage Validation Tool (KB892130)
  Windows Installer 3.1 (KB893803)
  Windows Internet Explorer 7
  Windows Live Call
  Windows Live Communications Platform
  Windows Live Essentials
  Windows Live ID Sign-in Assistant
  Windows Live Messenger
  Windows Live Upload Tool
  Windows Media Format 11 runtime
  Windows Media Player 11
  Windows XP Service Pack 3
  WinEdt 6
  WinRAR archiver
  World of Warcraft
  .
  ==== Event Viewer Messages From Past Week ========
  .
  6/14/2012 8:38:32 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
  .
  ==== End Of File ===========================
  

And I forgot to mention - it would appear that all of my addons (like Ghostery and AdBlock plus) are blocked on the laptop.  In fact its not so much that you can't get out on the internet - FF at least will run, but with no addons as far as I can tell.  When I try to open the AddOns manager, it locks up the browser.

On Chrome, at least some of the time, it shows a "broken" page with a sad face.  Adblock and ghostery are not appearing on the browser either (you know, the little icons in the upper corner that show they're active, they're not there and ads are not being blocked)

Hi, Sojourner.

I take it that you have no problem connecting with IE.  Since support ended for Firefox 3 several months ago, you first step should be to download the latest update and see if that solves the problem with Firefox.

You have seriously outdated Java on the XP machine.  Please uninstall the following:

J2SE Runtime Environment 5.0 Update 6
JabRef 2.4.2 [Note:  This is for Linux, not Windows]
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7

Seeing as how it takes up so much space, while you are at it, I suggest deleting the Java downloads stored in your downloads folder:

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

---

Please download JavaRa (http://singularlabs.com/software/javara/) and unzip it to your desktop.

• Double-click on JavaRa.exe to start the program.  (Windows Vista users Right-click JavaRa.exe > Select Run as Administrator)
  
• Click on Remove Older Versions to remove older versions of Java.
  
• A logfile will pop up. Please save it to a convenient location.
  

Then download and install Java SE Runtime Environment 7u5 from (http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1637588.html%5B/url).   

Note:  UNCHECK any pre-checked toolbar and/or software options presented with the update.  They are not part of the software update and are completely optional.   

---

After the above has been completed, please follow these instructions carefully.

Download ComboFix from one of the following locations:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray. 

Note:  If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum:  How to disable your security applications (http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html).

Now, please run ComboFix:

• Note:  If infections are found, ComboFix will automatically reboot the machine to complete the removal process.  Please ensure all opened windows are closed before proceeding.
• Double-click ComboFix.exe on your desktop and follow the prompts.
• As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
• When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  
  (https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fsecuritygarden.googlepages.com%2FCF_RC1.png&hash=29e6fe1eb864e58b4b66611caa7d7b6be84a47f8)


• After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
  
  (https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fsecuritygarden.googlepages.com%2FCF_RC2.png&hash=e111f6aa2d657579d44cabc5fb4258fd1dce26eb)


• Click "Yes" to continue scanning for malware.


• When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply.

Sorry, forgot to run combofix!  I'll go do that momentarily.  I'll also upgrade the java but probably not the FF, and I have no idea whether or not IE will run - I NEVER run IE.  I doubt there's even an icon for it on that desktop. 

The machine was a hand-me-down so I'm not surprised there's out of date software on it.  The FF will probably stay the same - I have to check and see how much memory is on that machine.  I know FF 11 was very crashy on my netbook and had to be backed out.  3.xx is the last supported version of FF before 11 (I know there were lots of version in between but they weren't continuing support for them - 3.xx was supported until about a month ago, that means security updates until that time).  FF "new" versions have become very problematic in the last year or two.  Everything between 3.xx and 11 was a mess, and frankly 11's not much better, nor 12, 13, or 14 (not sure but I THINK that's supposedly out of beta now). 

For one thing the only place I can work with my bookmarks now is on that laptop with 3.xx because 11 and up (actually this seems to have started in 4) have a serious bug in the book mark manager that is affecting me.  Sorry to go on, but I have good reasons for most of the things I do and this is one of them.  Java update, sure.  Not sure how that got out of sync so badly - previous owner must have disabled autoupdating.  But FF 3.xx is most likely staying on there until they get the book mark manager fixed in FF, and that may be awhile because apparently only a tiny minority of FF users are being affected.  I'll just have to curb browsing on there in the meantime I guess, and use it as a "book mark editor".

I think this is on the laptop is actual malware; it's looking more and more like the desktop was having problems with conflicting anti-malware and antiviral programs that I didn't even realize were on there.  I'm going to have to be extra careful about making sure no leechware comes with legitimate software - sometimes I click to fast and miss it, plus they seem to be getting trickier about hiding it as well.

Thanks for your help to date.  There are Windows updates pending on the desktop ATM so I'll get to that soon as well.