would like to make a really laptop (somewhat) functional

@rkinner

Control Panel, Add or Remove Programs. If you see anything from Yahoo, click on it and uninstall.

Control Panel, Internet Options, Advanced, Reset, Reset. (I think that should work on your version of IE but let me know if it doesn’t)

Reboot.

See if you can download FRST from: FRST 32 Bit, – FRST 64bit,
You probably need the 32 bit version but if you are not sure, get both and try each. Only the right one will run.

It should create two logs, please copy and paste the text from both in one or more replies.

If you can’t get FRST to work then get OTL from:
Here
and run it instead. It will probably create two logs too. Please post both.

Get Process Explorer


Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

Download Speccy 1.33.0.75 for Windows - Filehippo.com (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. This is my first time on this forum but I assume you have to click on Upload a File, point it at the file, Open

Multiple replies are best. Don’t try to put all of the logs on the same reply.

Any updates for us @dwm34? If no response after 72 hours, I will consider this thread as solved

Hi all - totally sorry about not being in touch, work got in the way and I was not paying attention for a few days.

Anyway, I have completed the first basic step successfully:

Control Panel, Add or Remove Programs. If you see anything from Yahoo, click on it and uninstall.

Control Panel, Internet Options, Advanced, Reset, Reset. (I think that should work on your version of IE but let me know if it doesn’t)

Reboot.

That was easy, and now I am on the FRST, and will let you know how it goes.

Many thanks so far and hope to keep making progress with this.

Hi - here is the log content for FRST 32 bit - I believe I have the two logs pasted here together. Please let me know if this is what is needed for this step - thanks
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (14-07-2017 00:06:07)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\SGWU6KCL
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM...{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM...{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM...{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM...{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM...{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM...{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBS YS_14F100C3) (Version: - )
Copy (HKLM...{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM...{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM...{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM...\KB959772_WM11) (Version: - Microsoft Corporation)
CustomerResearchQFolder (HKLM...{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dell Digital Jukebox Driver (HKLM...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM...{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM...{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM...{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM...{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM...{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM...{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM...{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM...{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM...{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM...{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM...{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM...{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM...{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
EnterDigital (HKLM...\EnterDigital) (Version: 2014.11.20.112116 - EnterDigital) <==== ATTENTION
eSupportQFolder (HKLM...{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM...{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM...{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM...{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM...{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM...{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Customer Participation Program 11.0 (HKLM...\HPExtendedCapabilities) (Version: 11.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM...{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HP Update (HKLM...{D063F201-FAC4-4D5C-B10B-615058ADE5A7}) (Version: 4.000.009.002 - Hewlett-Packard)
HPProductAssistant (HKLM...{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM...{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM...{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM...{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM...{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Java 2 Runtime Environment, SE v1.4.2_03 (HKLM...{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
Java 7 Update 21 (HKLM...{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Learn2 Player (Uninstall Only) (HKLM...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
MarketResearch (HKLM...{9F4EE72A-C5C9-42ad-ABEF-427690843577}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
mCore (HKLM...{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM...{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM...{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM...{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM...{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM...{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM...{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM...{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM...{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM...{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM...{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM...{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM...{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM...{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM...{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM...\MSNINST) (Version: - )
mSSO (HKLM...{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM...{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM...{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM...{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM...{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM...{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM...{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM...{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM...{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM...{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM...{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
NetZeroInstallers (HKLM...{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
PowerDVD 5.7 (HKLM...{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM...{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM...{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM...\QuickTime) (Version: - )
RealPlayer Basic (HKLM...\RealPlayer 6.0) (Version: - )
Scan (HKLM...{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM...{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM...{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM...{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM...{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM...{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM...{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM...{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM...{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM...{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM...{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM...{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM...{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM...{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM...{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM...\ViewpointMediaPlayer) (Version: - )
Vosteran (HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Vosteran) (Version: 31.0.1650.23 - Vosteran) <==== ATTENTION
Vz In Home Agent (HKLM...{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM...{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM...{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM...\WildTangent CDA) (Version: - )
Windows Defender (HKLM...{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WSE_Vosteran (HKLM...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION
XML Paper Specification Shared Components Pack 1.0 (HKLM...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID{26842a09-ffa8-4e2c-ae12-0c80f01c3295}\InprocServer32 → C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 → C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran\Application\31.0.1650.23\delegate_ex ecute.exe ()
ContextMenuHandlers02: [DriveLetterAccess] → {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PATRIC~1\APPLIC~1\WSE_VO~1\UPDATE~1\UP DATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk → hxxp://www.msnusers.co

ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-11-20 11:14 - 2017-07-13 20:54 - 00656288 _____ () C:\Program Files\EnterDigital\bin\utilEnterDigital.exe
2014-11-20 16:34 - 2014-11-20 16:34 - 00337920 _____ () C:\Program Files\EnterDigital\bin\sqlite3.dll
2014-11-28 09:41 - 2017-07-13 16:42 - 00115104 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.expext.exe
2014-11-20 16:03 - 2017-07-13 19:42 - 00107936 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.BrowserAdapter .exe
2016-09-22 12:44 - 2017-07-13 16:42 - 00065440 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.Plinx.exe
2014-11-20 07:21 - 2017-07-13 20:59 - 00656288 _____ () C:\Program Files\EnterDigital\updateEnterDigital.exe
2017-07-07 23:47 - 2017-07-13 16:43 - 00296352 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.PurBrowse.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WebrootSpySweeperService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WebrootSpySweeperService => “”=“Service”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\Wallpaper → C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ApnUpdater => “C:\Program Files\Ask.com\Updater\Updater.exe”
MSCONFIG\startupreg: ccApp => “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => “C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe” /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => “C:\Program Files\DellSupport\DSAgnt.exe” /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => “C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe”
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
MSCONFIG\startupreg: ISUSPM Startup => “C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” -startup
MSCONFIG\startupreg: ISUSScheduler => “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 32 bit => “C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe”
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => “C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe” /m=2 /w /h
MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => “C:\Program Files\Messenger\msmsgs.exe” /background
MSCONFIG\startupreg: nmapp => “C:\Program Files\Pure Networks\Network Magic\nmapp.exe” -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files\QuickTime\qttask.exe” -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
Check “winmgmt” service or repair WMI.

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]
[HEADING=1]System errors:[/HEADING]
Error: (07/13/2017 07:54:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/13/2017 07:54:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/13/2017 07:47:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/13/2017 07:47:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/13/2017 06:11:25 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:48:58 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:46:12 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:42:08 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:40:58 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/13/2017 05:40:58 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 62%
Total physical RAM: 502.37 MB
Available physical RAM: 188.85 MB
Total Virtual: 1226.68 MB
Available Virtual: 523.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:51.26 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt

Hi- also, I just noticed the Vosteran icon on the screen. I read online that this is a no-no to have on your machine, so I though that might be part of the problem also.

You just posted the addition.txt log. I need the FRST.txt log too but let’s do this first:

Uninstall:
7zip Packages
EnterDigital
HP Customer Participation Program 11.0
HP Update (HKLM...{D063F201-FAC4-4D5C-B10B-615058ADE5A7}) (Version: 4.000.009.002 - Hewlett-Packard)
(If you no longer have the printers then uninstall their software)

Java 2 Runtime Environment, SE v1.4.2_03
Java 7 Update 21
MapsGalaxy Internet Explorer Toolbar
Vosteran
WSE_Vosteran
NetZeroInstallers (unless you are planning on using dialup - don’t even know if they are still around)

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix
A fix log will be generated please post that

Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs. Separate posts are fine. Let’s also do:

Get Process Explorer


Save it to your desktop then run it

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

Download Speccy 1.33.0.75 for Windows - Filehippo.com (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

Hi - ok, thanks again. I did the uninstall on all of the items you mentioned. The 7zip Packages remains n the list when you go to add/removeprograms. I tried to remove it, but I could not. However, when I did try to remove it, it opened up and a couple of the other items that were on you uninstall list were actually in 7zip Packages, and I removed them. What is left in 7zip packages when I click on it is something alled ‘Driver Support.’ Please let me know if I need to do anythng else with this.

Here is the pasted fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (15-07-2017 00:30:57) Run:1
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Boot Mode: Normal

==============================================

fixlist content:

---

CloseProcesses:
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PATRIC~1\APPLIC~1\WSE_VO~1\UPDATE~1\UP DATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
C:\Program Files\EnterDigital
MSCONFIG\startupreg: ApnUpdater => “C:\Program Files\Ask.com\Updater\Updater.exe”
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 32 bit => “C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe”
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => “C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe” /m=2 /w /h
MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID{26842a09-ffa8-4e2c-ae12-0c80f01c3295}\InprocServer32 → C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
Shortcut: C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk → hxxp://www.msnusers.co
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WebrootSpySweeperService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WebrootSpySweeperService => “”=“Service”
CMD: sc delete hpqddsvc
EmptyTemp:
CMD: FOR /F “usebackq delims==” %i IN ([ICODE]wevtutil el[/ICODE]) DO wevtutil cl “%i”

---

Processes closed successfully.
C:\WINDOWS\Tasks\At1.job => not found.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => moved successfully
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => moved successfully
C:\Program Files\EnterDigital => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Home Page Guard 32 bit => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Search Scope Monitor => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy_39 Browser Plugin Loader => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => key removed successfully.
C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Min imal\WebrootSpySweeperService => key removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Net work\WebrootSpySweeperService => key removed successfully.

========= sc delete hpqddsvc =========

[SC] DeleteService SUCCESS

========= End of CMD: =========

========= FOR /F “usebackq delims==” %i IN ([ICODE]wevtutil el[/ICODE]) DO wevtutil cl “%i” =========

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 10159 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 33103 B
Java, Flash, Steam htmlcache => 598081 B
Windows/system/dllcache/drivers => 98691617 B
Edge => 0 B
Chrome => 1532738 B
Firefox => 4526614 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 83584 B
All Users => 0 B
systemprofile => 1212165975 B
LocalService => 26237765 B
NetworkService => 16187757 B
Patricia Murphy => 77641174 B
Administrator => 83584 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 00:33:55 ====

Hi -ok, I ran FRST again. Here is te addition.txt.
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (15-07-2017 01:13:02)
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM...{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM...{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM...{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM...{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM...{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM...{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBS YS_14F100C3) (Version: - )
Copy (HKLM...{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM...{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM...{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Digital Jukebox Driver (HKLM...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM...{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM...{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM...{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM...{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM...{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM...{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM...{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM...{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM...{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM...{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM...{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM...{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM...{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
eSupportQFolder (HKLM...{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM...{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM...{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM...{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM...{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM...{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM...{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HPProductAssistant (HKLM...{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM...{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM...{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM...{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM...{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Learn2 Player (Uninstall Only) (HKLM...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
mCore (HKLM...{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM...{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM...{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM...{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM...{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM...{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM...{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM...{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM...{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM...{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM...{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM...{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM...{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM...{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM...{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM...\MSNINST) (Version: - )
mSSO (HKLM...{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM...{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM...{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM...{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM...{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM...{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM...{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM...{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM...{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM...{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM...{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
PowerDVD 5.7 (HKLM...{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM...{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM...{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM...\QuickTime) (Version: - )
RealPlayer Basic (HKLM...\RealPlayer 6.0) (Version: - )
Scan (HKLM...{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM...{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM...{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM...{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM...{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM...{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM...{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM...{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM...{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM...{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM...{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM...{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM...{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM...{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM...{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM...{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM...{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM...{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM...\WildTangent CDA) (Version: - )
Windows Defender (HKLM...{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (HKLM...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers02: [DriveLetterAccess] → {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\Wallpaper → C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ccApp => “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => “C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe” /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => “C:\Program Files\DellSupport\DSAgnt.exe” /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => “C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe”
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
MSCONFIG\startupreg: ISUSPM Startup => “C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” -startup
MSCONFIG\startupreg: ISUSScheduler => “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => “C:\Program Files\Messenger\msmsgs.exe” /background
MSCONFIG\startupreg: nmapp => “C:\Program Files\Pure Networks\Network Magic\nmapp.exe” -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files\QuickTime\qttask.exe” -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
14-07-2017 21:57:05 System Checkpoint
14-07-2017 23:39:09 Removed HP Update
14-07-2017 23:46:38 Removed Java 2 Runtime Environment, SE v1.4.2_03
14-07-2017 23:47:39 Removed Java 7 Update 21
14-07-2017 23:54:27 Removed NetZeroInstallers
Check “winmgmt” service or repair WMI.

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]
[HEADING=1]System errors:[/HEADING]
Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Update EnterDigital service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Util EnterDigital service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SupportSoft Sprocket Service (ddoctorv2) service terminated unexpectedly. It has done this 1 time(s).

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 53%
Total physical RAM: 502.37 MB
Available physical RAM: 233.15 MB
Total Virtual: 1226.68 MB
Available Virtual: 791.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:52.77 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt

Hi -here is the frst.text

Just let me know if I messed anything up, and will do agai - thanks for your patience!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2017
Ran by Patricia Murphy (administrator) on PMURPHY (15-07-2017 01:11:33)
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Pure Networks, Inc.) C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SupportSoft, Inc.) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent. exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2006-03-27] (Apple Computer, Inc.)
HKLM...\RunOnce: [WIAWizardMenu] => RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
HKLM...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ATTENTION
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Run: [Download] => “C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\SupportSoft\ddoctorv2\Patricia Murphy\ssGet.exe” 120 “hxxp://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe” "EasyS (the data entry has 18 more characters).
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\SCRNSAVE.EXE → C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18...\Run: [GoogleChromeAutoLaunch_1D6A0AE22769F196654D850B3A4 DB628] => C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-18...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-09-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk → C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{2A837AA0-AF95-4AA2-9DD5-B7F4D0F6772B}: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{D40B5A10-3DE7-4CE9-AFED-16F34991AC17}: [DhcpNameServer] 192.168.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D1%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-10FTI__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM → DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM → {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm025^YYA^us&si=291929_&ptb=3 BFC65E5-2DF9-4427-B27B-FE429A3901A0&ind=2014073116&n=780c511c&psa=&st=sb& searchfor={searchTerms}
SearchScopes: HKLM → {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM → {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tier1_14_47_ ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtC yEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1C zutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A 0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtB tAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0F tB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F 0B0FyE0A0E2Q&cr=444550780&ir=
SearchScopes: HKU.DEFAULT → DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU.DEFAULT → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → DefaultScope {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → OldSearch URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
BHO: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO: HP Print Enhancer → {0347C33E-8762-4905-BF09-768834316C61} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: AcroIEHlprObj Class → {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} → C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Toolbar BHO → {1e91a655-bb4b-4693-a05e-2edebc4c9d89} → C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll => No File
BHO: DriveLetterAccess → {5CA3D70E-1895-11CF-8E15-001234567890} → C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Search Assistant BHO → {71c1d63a-c944-428a-a5bd-ba513190e5d2} → C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
BHO: HP Smart BHO Class → {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU.DEFAULT → No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU.DEFAULT → MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll [2005-12-12] (Pure Networks, Inc.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default [2017-07-15]
FF user.js: detected! => C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\use r.js [2016-09-22]
FF SearchEngineOrder.1: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Ask.com
FF Homepage: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-10FTI__alt__ddc_dsssyc_bd_com
FF NewTab: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-10FTI__alt__ddc_dsssyctab_bd_com
FF Keyword.URL: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-10FTI__alt__ddc_dss_bd_com&p=
FF SelectedSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Yahoo! Search
FF DefaultSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Yahoo! Search
FF Extension: (MapsGalaxy) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\39ffxtbr@MapsGalaxy_39.com [2014-10-16] [not signed]
FF Extension: (Test Pilot) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\testpilot@labs.mozilla.com.xpi [2014-10-16] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-16] [not signed]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\ask-web-search.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\askcom.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\search-simple.xml [2017-07-14]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\Vosteran.xml [2014-11-21]
FF HKLM...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-15] [not signed]
FF HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Plugin: @java.com/DTPlugin,version=10.21.2 → C:\WINDOWS\system32\npDeployJava1.dll [2013-05-07] (Oracle Corporation)
FF Plugin: @MapsGalaxy_39.com/Plugin → C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [2014-07-31] (Mindspark)
FF Plugin: @microsoft.com/WPF,version=3.5 → c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP → C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2004-12-14] (Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDt CyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2 XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1 V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBt Gzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1 N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGz zyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&i r=
CHR RestoreOnStartup: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”
CHR StartupUrls: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”

CHR DefaultSearchURL: Default → hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bcr-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
CHR DefaultSearchKeyword: Default → yahoo.com
CHR DefaultNewTabURL: Default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bcr-10FTI__alt__ddc_dsssyctab_bd_com
CHR Profile: C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Slides) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2016-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-07-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-09-22]
CHR HKLM...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU.DEFAULT\SOFTWARE\Google\Chrome\Extensions...\C hrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-693440143-1380487613-1125637980-1006\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files\Google\Chrome\Application\44.0.2403.125\defa ult_apps\search.crx [2015-07-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe [363128 2014-08-13] (Verizon) [File not signed]
S2 MapsGalaxy_39Service; C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe [88648 2014-07-31] (COMPANYVERS_NAME)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]
S3 nmraapache; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2005-11-17] (Pure Networks, Inc.) [File not signed]
R2 nmservice; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [190032 2005-12-12] (Pure Networks, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
R2 sprtsvc_ddoctorv2; C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]
S2 Update EnterDigital; “C:\Program Files\EnterDigital\updateEnterDigital.exe”
S2 Util EnterDigital; “C:\Program Files\EnterDigital\bin\utilEnterDigital.exe”

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-27] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-03-27] (Windows (R) 2000 DDK provider) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
R1 {70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt; C:\WINDOWS\System32\drivers{70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt.sys [55784 2016-09-22] (StdLib)
R1 {781c47fe-8e73-4938-873f-2850548c7fb4}t; C:\WINDOWS\System32\drivers{781c47fe-8e73-4938-873f-2850548c7fb4}t.sys [55824 2014-11-30] (StdLib)
R1 {8ca7f150-5454-4b4c-9537-1b831c71d329}Gt; C:\WINDOWS\System32\drivers{8ca7f150-5454-4b4c-9537-1b831c71d329}Gt.sys [55824 2014-11-20] (StdLib)
R1 {93feeb25-9f23-4de1-b697-6a2c12816bac}Gt; C:\WINDOWS\System32\drivers{93feeb25-9f23-4de1-b697-6a2c12816bac}Gt.sys [55824 2014-11-24] (StdLib)
R1 {a45bb6f8-c83c-4de8-bfe0-79a233508760}t; C:\WINDOWS\System32\drivers{a45bb6f8-c83c-4de8-bfe0-79a233508760}t.sys [55824 2014-11-29] (StdLib)
R1 {bf07813e-aac8-4cea-bf69-7178c16076ac}Gt; C:\WINDOWS\System32\drivers{bf07813e-aac8-4cea-bf69-7178c16076ac}Gt.sys [55824 2014-11-21] (StdLib)
R1 {cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t; C:\WINDOWS\System32\drivers{cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t.sys [55824 2014-11-27] (StdLib)
R1 {f0aab91b-f97e-4d3d-b745-53663865729c}t; C:\WINDOWS\System32\drivers{f0aab91b-f97e-4d3d-b745-53663865729c}t.sys [55824 2014-11-28] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN → C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 01:11 - 2017-07-15 01:12 - 00029513 _____ C:\Documents and Settings\Patricia Murphy\Desktop\FRST.txt
2017-07-15 00:30 - 2017-07-15 00:33 - 00004257 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Fixlog.txt
2017-07-15 00:30 - 2017-07-15 00:30 - 01780736 _____ (Farbar) C:\Documents and Settings\Patricia Murphy\Desktop\FRST.exe
2017-07-14 20:51 - 2017-07-14 20:51 - 00007310 _____ C:\Documents and Settings\Patricia Murphy\Desktop\System Idle Process.txt
2017-07-14 19:05 - 2017-07-14 19:05 - 02724512 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Patricia Murphy\Desktop\procexp.exe
2017-07-14 00:03 - 2017-07-15 01:11 - 00000000 ____D C:\FRST
2017-07-09 00:02 - 2017-07-09 00:04 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Vosteran
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
2017-07-08 01:30 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 01:29 - 2017-07-08 01:29 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 01:28 - 2017-07-09 00:03 - 00001519 _____ C:\Documents and Settings\All Users\Start Menu\Programs\HowToRemove.html.lnk
2017-07-08 01:28 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 01:28 - 2017-07-08 01:28 - 00000782 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Windows Media Player.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 01:12 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Temp
2017-07-15 00:58 - 2014-11-19 18:39 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-15 00:57 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2017-07-15 00:40 - 2013-05-04 19:07 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2017-07-15 00:37 - 2014-11-19 18:39 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-15 00:37 - 2006-03-27 10:27 - 00004608 _____ C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2017-07-15 00:37 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-15 00:37 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Registration
2017-07-15 00:37 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-07-15 00:36 - 2006-04-13 21:36 - 00000178 ___SH C:\Documents and Settings\Patricia Murphy\ntuser.ini
2017-07-15 00:36 - 2005-08-16 06:49 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-15 00:32 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2017-07-14 23:50 - 2014-11-20 11:07 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran
2017-07-14 23:46 - 2006-03-27 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java Web Start
2017-07-14 23:39 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2017-07-14 23:39 - 2009-09-15 20:08 - 00000000 ____D C:\Program Files\HP
2017-07-14 23:32 - 2005-08-16 06:18 - 00000740 _____ C:\WINDOWS\win.ini
2017-07-13 19:53 - 2006-04-14 11:34 - 00000000 __SHD C:\WINDOWS\CSC
2017-07-13 19:44 - 2007-11-23 13:51 - 00061440 _____ C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-13 18:06 - 2005-08-16 06:22 - 00000000 ___HD C:\WINDOWS\inf
2017-07-13 16:08 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\ApplicationHistory
2017-07-09 03:03 - 2005-08-16 06:22 - 00000000 _RSHD C:\WINDOWS\system32\dllcache
2017-07-09 00:29 - 2009-09-15 20:19 - 00000000 ____D C:\Program Files\Yahoo!
2017-07-09 00:02 - 2015-02-18 12:24 - 00000281 _____ C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2017-07-08 14:02 - 2009-11-12 16:26 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\My Documents\My PSP Files
2017-07-08 14:02 - 2007-11-23 13:48 - 00006580 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2017-07-08 01:28 - 2006-04-13 21:36 - 00000788 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Windows Media Player.lnk
2017-07-08 00:02 - 2014-11-21 13:02 - 00000347 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2017-07-07 23:54 - 2009-09-15 21:51 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Application Data\HPAppData

==================== Files in the root of some directories =======

2008-01-10 12:16 - 2007-08-10 19:17 - 0007982 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastSecurity.ico
2008-01-10 12:16 - 2007-05-17 18:43 - 0015086 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastWebmail.ico
2015-02-18 12:24 - 2017-07-09 00:02 - 0000281 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2007-11-23 13:51 - 2017-07-13 19:44 - 0061440 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:24 - 2015-02-18 12:24 - 0234679 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi1.dat
2015-02-18 12:24 - 2015-02-18 12:24 - 0161916 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi2.dat
2006-04-13 21:36 - 2006-05-13 17:00 - 0000138 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\fusioncache.dat
2010-10-20 17:31 - 2010-12-02 16:02 - 0001940 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-15 20:04 - 2009-09-15 20:29 - 0001150 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2006-03-27 10:28 - 2006-03-27 10:28 - 0000004 ____H () C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

ZeroAccess:
C:\RECYCLER\S-1-5-21-693440143-1380487613-1125637980-1006$28f2aec730f51d846d019b605ad847e0

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix
A fix log will be generated please post that
FRST is saying you might have a ZeroAccess infection so we need to run Combofix:

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix.

Download and Save this file – to your Desktop – from


Double click on ComboFix to start the program.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work. (Scan will take much longer than the 10-15 minutes it tells you)

A file will be created at => C:\Combofix.txt. I’ll need to see that in your reply.

Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.

Hi - ok, thanks for this. I have some urgent things to take care of involving work and some personal issues, so I might not be back to you on this for a couple of days.

Hi - here is my latest FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-07-2017
Ran by Patricia Murphy (administrator) on PMURPHY (18-07-2017 10:09:34)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Pure Networks, Inc.) C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(SupportSoft, Inc.) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent. exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY\FRST[1].exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2006-03-27] (Apple Computer, Inc.)
HKLM...\RunOnce: [WIAWizardMenu] => RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
HKLM...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ATTENTION
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Run: [Download] => “C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\SupportSoft\ddoctorv2\Patricia Murphy\ssGet.exe” 120 “hxxp://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe” "EasyS (the data entry has 18 more characters).
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\SCRNSAVE.EXE → C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18...\Run: [GoogleChromeAutoLaunch_1D6A0AE22769F196654D850B3A4 DB628] => C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-18...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-09-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk → C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{2A837AA0-AF95-4AA2-9DD5-B7F4D0F6772B}: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{D40B5A10-3DE7-4CE9-AFED-16F34991AC17}: [DhcpNameServer] 192.168.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D1%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-10FTI__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM → DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM → {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm025^YYA^us&si=291929_&ptb=3 BFC65E5-2DF9-4427-B27B-FE429A3901A0&ind=2014073116&n=780c511c&psa=&st=sb& searchfor={searchTerms}
SearchScopes: HKLM → {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM → {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tier1_14_47_ ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtC yEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1C zutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A 0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtB tAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0F tB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F 0B0FyE0A0E2Q&cr=444550780&ir=
SearchScopes: HKU.DEFAULT → DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU.DEFAULT → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%2 6b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L 1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtD tCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtF tAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtC zyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD 2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC 0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2Q tN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr% 3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1% 26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → DefaultScope {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → OldSearch URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
BHO: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO: HP Print Enhancer → {0347C33E-8762-4905-BF09-768834316C61} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: AcroIEHlprObj Class → {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} → C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Toolbar BHO → {1e91a655-bb4b-4693-a05e-2edebc4c9d89} → C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll => No File
BHO: DriveLetterAccess → {5CA3D70E-1895-11CF-8E15-001234567890} → C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Search Assistant BHO → {71c1d63a-c944-428a-a5bd-ba513190e5d2} → C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
BHO: HP Smart BHO Class → {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU.DEFAULT → No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU.DEFAULT → MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll [2005-12-12] (Pure Networks, Inc.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default [2017-07-15]
FF user.js: detected! => C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\use r.js [2016-09-22]
FF SearchEngineOrder.1: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Ask.com
FF Homepage: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-10FTI__alt__ddc_dsssyc_bd_com
FF NewTab: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-10FTI__alt__ddc_dsssyctab_bd_com
FF Keyword.URL: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-10FTI__alt__ddc_dss_bd_com&p=
FF SelectedSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Yahoo! Search
FF DefaultSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Yahoo! Search
FF Extension: (MapsGalaxy) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\39ffxtbr@MapsGalaxy_39.com [2014-10-16] [not signed]
FF Extension: (Test Pilot) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\testpilot@labs.mozilla.com.xpi [2014-10-16] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-16] [not signed]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\ask-web-search.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\askcom.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\search-simple.xml [2017-07-14]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\Vosteran.xml [2014-11-21]
FF HKLM...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-15] [not signed]
FF HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Plugin: @java.com/DTPlugin,version=10.21.2 → C:\WINDOWS\system32\npDeployJava1.dll [2013-05-07] (Oracle Corporation)
FF Plugin: @MapsGalaxy_39.com/Plugin → C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [2014-07-31] (Mindspark)
FF Plugin: @microsoft.com/WPF,version=3.5 → c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP → C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2004-12-14] (Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDt CyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2 XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1 V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBt Gzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1 N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGz zyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&i r=
CHR RestoreOnStartup: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”
CHR StartupUrls: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”

CHR DefaultSearchURL: Default → hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bcr-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
CHR DefaultSearchKeyword: Default → yahoo.com
CHR DefaultNewTabURL: Default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bcr-10FTI__alt__ddc_dsssyctab_bd_com
CHR Profile: C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Slides) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2016-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-07-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-09-22]
CHR HKLM...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU.DEFAULT\SOFTWARE\Google\Chrome\Extensions...\C hrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-693440143-1380487613-1125637980-1006\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files\Google\Chrome\Application\44.0.2403.125\defa ult_apps\search.crx [2015-07-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe [363128 2014-08-13] (Verizon) [File not signed]
S2 MapsGalaxy_39Service; C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe [88648 2014-07-31] (COMPANYVERS_NAME)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]
S3 nmraapache; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2005-11-17] (Pure Networks, Inc.) [File not signed]
R2 nmservice; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [190032 2005-12-12] (Pure Networks, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
R2 sprtsvc_ddoctorv2; C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]
S2 Update EnterDigital; “C:\Program Files\EnterDigital\updateEnterDigital.exe”
S2 Util EnterDigital; “C:\Program Files\EnterDigital\bin\utilEnterDigital.exe”

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-27] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-03-27] (Windows (R) 2000 DDK provider) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
R1 {70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt; C:\WINDOWS\System32\drivers{70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt.sys [55784 2016-09-22] (StdLib)
R1 {781c47fe-8e73-4938-873f-2850548c7fb4}t; C:\WINDOWS\System32\drivers{781c47fe-8e73-4938-873f-2850548c7fb4}t.sys [55824 2014-11-30] (StdLib)
R1 {8ca7f150-5454-4b4c-9537-1b831c71d329}Gt; C:\WINDOWS\System32\drivers{8ca7f150-5454-4b4c-9537-1b831c71d329}Gt.sys [55824 2014-11-20] (StdLib)
R1 {93feeb25-9f23-4de1-b697-6a2c12816bac}Gt; C:\WINDOWS\System32\drivers{93feeb25-9f23-4de1-b697-6a2c12816bac}Gt.sys [55824 2014-11-24] (StdLib)
R1 {a45bb6f8-c83c-4de8-bfe0-79a233508760}t; C:\WINDOWS\System32\drivers{a45bb6f8-c83c-4de8-bfe0-79a233508760}t.sys [55824 2014-11-29] (StdLib)
R1 {bf07813e-aac8-4cea-bf69-7178c16076ac}Gt; C:\WINDOWS\System32\drivers{bf07813e-aac8-4cea-bf69-7178c16076ac}Gt.sys [55824 2014-11-21] (StdLib)
R1 {cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t; C:\WINDOWS\System32\drivers{cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t.sys [55824 2014-11-27] (StdLib)
R1 {f0aab91b-f97e-4d3d-b745-53663865729c}t; C:\WINDOWS\System32\drivers{f0aab91b-f97e-4d3d-b745-53663865729c}t.sys [55824 2014-11-28] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN → C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-18 10:08 - 2017-07-18 10:08 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Desktop\FRST-OlderVersion
2017-07-17 17:24 - 2017-07-17 17:24 - 00061108 _____ C:\Documents and Settings\Patricia Murphy\My Documents\Shortcut.txt
2017-07-15 01:13 - 2017-07-15 01:13 - 00031832 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Addition.txt
2017-07-15 00:30 - 2017-07-18 10:08 - 01780736 _____ (Farbar) C:\Documents and Settings\Patricia Murphy\Desktop\FRST.exe
2017-07-15 00:30 - 2017-07-15 00:33 - 00004257 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Fixlog.txt
2017-07-14 20:51 - 2017-07-14 20:51 - 00007310 _____ C:\Documents and Settings\Patricia Murphy\Desktop\System Idle Process.txt
2017-07-14 19:05 - 2017-07-14 19:05 - 02724512 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Patricia Murphy\Desktop\procexp.exe
2017-07-14 00:03 - 2017-07-18 10:09 - 00000000 ____D C:\FRST
2017-07-09 00:02 - 2017-07-09 00:04 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Vosteran
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
2017-07-08 01:30 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 01:29 - 2017-07-08 01:29 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 01:28 - 2017-07-09 00:03 - 00001519 _____ C:\Documents and Settings\All Users\Start Menu\Programs\HowToRemove.html.lnk
2017-07-08 01:28 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 01:28 - 2017-07-08 01:28 - 00000782 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Windows Media Player.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-18 10:10 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Temp
2017-07-18 10:06 - 2013-05-04 19:07 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2017-07-18 10:06 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2017-07-18 09:58 - 2014-11-19 18:39 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-18 09:44 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-07-18 09:43 - 2014-11-19 18:39 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-18 09:43 - 2006-03-27 10:27 - 00003914 _____ C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2017-07-18 09:43 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-18 09:43 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Registration
2017-07-17 17:30 - 2006-04-13 21:36 - 00000178 ___SH C:\Documents and Settings\Patricia Murphy\ntuser.ini
2017-07-17 17:30 - 2005-08-16 06:49 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-17 17:02 - 2006-04-14 11:34 - 00000000 __SHD C:\WINDOWS\CSC
2017-07-16 04:40 - 2007-11-23 13:51 - 00113152 _____ C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-15 00:32 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2017-07-14 23:50 - 2014-11-20 11:07 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran
2017-07-14 23:46 - 2006-03-27 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java Web Start
2017-07-14 23:39 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2017-07-14 23:39 - 2009-09-15 20:08 - 00000000 ____D C:\Program Files\HP
2017-07-14 23:32 - 2005-08-16 06:18 - 00000740 _____ C:\WINDOWS\win.ini
2017-07-13 18:06 - 2005-08-16 06:22 - 00000000 ___HD C:\WINDOWS\inf
2017-07-13 16:08 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\ApplicationHistory
2017-07-09 03:03 - 2005-08-16 06:22 - 00000000 _RSHD C:\WINDOWS\system32\dllcache
2017-07-09 00:29 - 2009-09-15 20:19 - 00000000 ____D C:\Program Files\Yahoo!
2017-07-09 00:02 - 2015-02-18 12:24 - 00000281 _____ C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2017-07-08 14:02 - 2009-11-12 16:26 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\My Documents\My PSP Files
2017-07-08 14:02 - 2007-11-23 13:48 - 00006580 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2017-07-08 01:28 - 2006-04-13 21:36 - 00000788 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Windows Media Player.lnk
2017-07-08 00:02 - 2014-11-21 13:02 - 00000347 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2017-07-07 23:54 - 2009-09-15 21:51 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Application Data\HPAppData

==================== Files in the root of some directories =======

2008-01-10 12:16 - 2007-08-10 19:17 - 0007982 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastSecurity.ico
2008-01-10 12:16 - 2007-05-17 18:43 - 0015086 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastWebmail.ico
2015-02-18 12:24 - 2017-07-09 00:02 - 0000281 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2007-11-23 13:51 - 2017-07-16 04:40 - 0113152 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:24 - 2015-02-18 12:24 - 0234679 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi1.dat
2015-02-18 12:24 - 2015-02-18 12:24 - 0161916 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi2.dat
2006-04-13 21:36 - 2006-05-13 17:00 - 0000138 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\fusioncache.dat
2010-10-20 17:31 - 2010-12-02 16:02 - 0001940 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-15 20:04 - 2009-09-15 20:29 - 0001150 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2006-03-27 10:28 - 2006-03-27 10:28 - 0000004 ____H () C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

ZeroAccess:
C:\RECYCLER\S-1-5-21-693440143-1380487613-1125637980-1006$28f2aec730f51d846d019b605ad847e0

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Hi - here s m latest Addition.txt
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-07-2017
Ran by Patricia Murphy (18-07-2017 10:11:45)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM...{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM...{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM...{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM...{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM...{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM...{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBS YS_14F100C3) (Version: - )
Copy (HKLM...{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM...{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM...{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Digital Jukebox Driver (HKLM...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM...{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM...{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM...{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM...{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM...{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM...{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM...{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM...{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM...{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM...{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM...{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM...{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM...{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
eSupportQFolder (HKLM...{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM...{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM...{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM...{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM...{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM...{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM...{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HPProductAssistant (HKLM...{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM...{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM...{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM...{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM...{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Learn2 Player (Uninstall Only) (HKLM...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
mCore (HKLM...{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM...{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM...{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM...{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM...{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM...{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM...{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM...{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM...{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM...{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM...{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM...{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM...{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM...{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM...{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM...\MSNINST) (Version: - )
mSSO (HKLM...{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM...{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM...{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM...{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM...{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM...{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM...{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM...{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM...{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM...{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM...{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
PowerDVD 5.7 (HKLM...{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM...{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM...{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM...\QuickTime) (Version: - )
RealPlayer Basic (HKLM...\RealPlayer 6.0) (Version: - )
Scan (HKLM...{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM...{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM...{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM...{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM...{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM...{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM...{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM...{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM...{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM...{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM...{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM...{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM...{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM...{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM...{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM...{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM...{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM...{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM...\WildTangent CDA) (Version: - )
Windows Defender (HKLM...{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (HKLM...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers02: [DriveLetterAccess] → {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\Wallpaper → C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ccApp => “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => “C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe” /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => “C:\Program Files\DellSupport\DSAgnt.exe” /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => “C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe”
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
MSCONFIG\startupreg: ISUSPM Startup => “C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” -startup
MSCONFIG\startupreg: ISUSScheduler => “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => “C:\Program Files\Messenger\msmsgs.exe” /background
MSCONFIG\startupreg: nmapp => “C:\Program Files\Pure Networks\Network Magic\nmapp.exe” -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files\QuickTime\qttask.exe” -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
14-07-2017 21:57:05 System Checkpoint
14-07-2017 23:39:09 Removed HP Update
14-07-2017 23:46:38 Removed Java 2 Runtime Environment, SE v1.4.2_03
14-07-2017 23:47:39 Removed Java 7 Update 21
14-07-2017 23:54:27 Removed NetZeroInstallers
16-07-2017 02:35:54 System Checkpoint
18-07-2017 10:05:04 Software Distribution Service 3.0
Check “winmgmt” service or repair WMI.

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]
[HEADING=1]System errors:[/HEADING]
Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/16/2017 03:48:25 AM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 68%
Total physical RAM: 502.37 MB
Available physical RAM: 157.13 MB
Total Virtual: 1226.68 MB
Available Virtual: 737.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:52.77 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Yats 9) (CDROM) (Total:0.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt ============================