Solved would like to make a really laptop (somewhat) functional

Hi all,
I have an old (10-15 years) Dell Inspiron 16400 that runs Windows XP. It has old versions of Google Chrome and Firefox on it, but they do not run. If I try to run either of them, I get error messages. The Internet Explorer actually works a it, although glacially, and runs degraded versions of whatever site I try to go to. But I do get and Internet Explorer script error. Anyway, explorer is virtually impossib le to use as well.

I also keep getting at Automatic Update popup which gets in the way of everything, and which announces that "Your version of Yahoo provided search is out of date..."

I ran its Window Defender program scan, and it turned up nothing: "Your computer is running normally." "No unwanted or harmful software detected."
Also, I know that there was just one previous, elderly owner of this laptop, and that it was used rather sparingly, with just the basic functions - some going online, some family photos, some emailing.
I don't think that the memory is maxed out, but even if I bought more and installed it, it would still be pretty slow. Nevertheless, I would like to max out the capacity of this laptop as much as I can, and keep it - though it was never mine until the previous owner gave it to me, there is a bit of nostalgic value for me. Can anything be done to make this old machine better? Appreciate whatever advice you can start me off with -

Hi all - totally sorry about not being in touch, work got in the way and I was not paying attention for a few days.

Anyway, I have completed the first basic step successfully:

Control Panel, Add or Remove Programs. If you see anything from Yahoo, click on it and uninstall.

Control Panel, Internet Options, Advanced, Reset, Reset. (I think that should work on your version of IE but let me know if it doesn't)

Reboot.

That was easy, and now I am on the FRST, and will let you know how it goes.

Many thanks so far and hope to keep making progress with this.

Hi - here is the log content for FRST 32 bit - I believe I have the two logs pasted here together. Please let me know if this is what is needed for this step - thanks


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (14-07-2017 00:06:07)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\SGWU6KCL
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM\...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM\...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM\...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM\...\{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM\...\{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM\...\{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM\...\{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Copy (HKLM\...\{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
CustomerResearchQFolder (HKLM\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM\...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM\...\{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM\...\{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM\...\{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM\...\{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM\...\{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
EnterDigital (HKLM\...\EnterDigital) (Version: 2014.11.20.112116 - EnterDigital) <==== ATTENTION
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM\...\{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM\...\{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM\...\{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM\...\{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM\...\{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Customer Participation Program 11.0 (HKLM\...\HPExtendedCapabilities) (Version: 11.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HP Update (HKLM\...\{D063F201-FAC4-4D5C-B10B-615058ADE5A7}) (Version: 4.000.009.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM\...\{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Java 2 Runtime Environment, SE v1.4.2_03 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM\...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
MarketResearch (HKLM\...\{9F4EE72A-C5C9-42ad-ABEF-427690843577}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
mCore (HKLM\...\{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM\...\{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM\...\{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM\...\{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM\...\{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM\...\{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM\...\{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM\...\{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM\...\{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM\...\{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM\...\MSNINST) (Version: - )
mSSO (HKLM\...\{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM\...\{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM\...\{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM\...\{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM\...\{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
PowerDVD 5.7 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM\...\{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM\...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM\...\QuickTime) (Version: - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
Scan (HKLM\...\{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM\...\{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM\...\{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM\...\{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM\...\{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM\...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM\...\{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
Vosteran (HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Vosteran) (Version: 31.0.1650.23 - Vosteran) <==== ATTENTION
Vz In Home Agent (HKLM\...\{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WSE_Vosteran (HKLM\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION
XML Paper Specification Shared Components Pack 1.0 (HKLM\...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}\InprocServer32 -> C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran\Application\31.0.1650.23\delegate_execute.exe ()
ContextMenuHandlers02: [DriveLetterAccess] -> {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PATRIC~1\APPLIC~1\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-11-20 11:14 - 2017-07-13 20:54 - 00656288 _____ () C:\Program Files\EnterDigital\bin\utilEnterDigital.exe
2014-11-20 16:34 - 2014-11-20 16:34 - 00337920 _____ () C:\Program Files\EnterDigital\bin\sqlite3.dll
2014-11-28 09:41 - 2017-07-13 16:42 - 00115104 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.expext.exe
2014-11-20 16:03 - 2017-07-13 19:42 - 00107936 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.BrowserAdapter.exe
2016-09-22 12:44 - 2017-07-13 16:42 - 00065440 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.Plinx.exe
2014-11-20 07:21 - 2017-07-13 20:59 - 00656288 _____ () C:\Program Files\EnterDigital\updateEnterDigital.exe
2017-07-07 23:47 - 2017-07-13 16:43 - 00296352 _____ () C:\Program Files\EnterDigital\bin\EnterDigital.PurBrowse.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => "C:\Program Files\DellSupport\DSAgnt.exe" /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 32 bit => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe"
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: nmapp => "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabledxpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabledxpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabledxpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabledxpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]


System errors:
=============
Error: (07/13/2017 07:54:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/13/2017 07:54:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/13/2017 07:47:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/13/2017 07:47:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/13/2017 06:11:25 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:48:58 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:46:12 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:42:08 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/13/2017 05:40:58 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/13/2017 05:40:58 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 62%
Total physical RAM: 502.37 MB
Available physical RAM: 188.85 MB
Total Virtual: 1226.68 MB
Available Virtual: 523.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:51.26 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt

Hi- also, I just noticed the Vosteran icon on the screen. I read online that this is a no-no to have on your machine, so I though that might be part of the problem also.

Hi - ok, thanks again. I did the uninstall on all of the items you mentioned. The 7zip Packages remains n the list when you go to add/removeprograms. I tried to remove it, but I could not. However, when I did try to remove it, it opened up and a couple of the other items that were on you uninstall list were actually in 7zip Packages, and I removed them. What is left in 7zip packages when I click on it is something alled 'Driver Support.' Please let me know if I need to do anythng else with this.

Here is the pasted fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (15-07-2017 00:30:57) Run:1
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PATRIC~1\APPLIC~1\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
C:\Program Files\EnterDigital
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 32 bit => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe"
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}\InprocServer32 -> C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
Shortcut: C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => ""="Service"
CMD: sc delete hpqddsvc
EmptyTemp:
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"




*****************

Processes closed successfully.
C:\WINDOWS\Tasks\At1.job => not found.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => moved successfully
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => moved successfully
C:\Program Files\EnterDigital => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Home Page Guard 32 bit => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Search Scope Monitor => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy_39 Browser Plugin Loader => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => key removed successfully.
C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => key removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => key removed successfully.

========= sc delete hpqddsvc =========

[SC] DeleteService SUCCESS

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10159 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 33103 B
Java, Flash, Steam htmlcache => 598081 B
Windows/system/dllcache/drivers => 98691617 B
Edge => 0 B
Chrome => 1532738 B
Firefox => 4526614 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 83584 B
All Users => 0 B
systemprofile => 1212165975 B
LocalService => 26237765 B
NetworkService => 16187757 B
Patricia Murphy => 77641174 B
Administrator => 83584 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:33:55 ====

Hi -ok, I ran FRST again. Here is te addition.txt.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (15-07-2017 01:13:02)
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM\...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM\...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM\...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM\...\{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM\...\{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM\...\{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM\...\{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Copy (HKLM\...\{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM\...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM\...\{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM\...\{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM\...\{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM\...\{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM\...\{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM\...\{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM\...\{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM\...\{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM\...\{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM\...\{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HPProductAssistant (HKLM\...\{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM\...\{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM\...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
mCore (HKLM\...\{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM\...\{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM\...\{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM\...\{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM\...\{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM\...\{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM\...\{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM\...\{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM\...\{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM\...\{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM\...\MSNINST) (Version: - )
mSSO (HKLM\...\{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM\...\{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM\...\{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM\...\{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM\...\{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
PowerDVD 5.7 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM\...\{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM\...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM\...\QuickTime) (Version: - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
Scan (HKLM\...\{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM\...\{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM\...\{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM\...\{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM\...\{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM\...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM\...\{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM\...\{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (HKLM\...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers02: [DriveLetterAccess] -> {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => "C:\Program Files\DellSupport\DSAgnt.exe" /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: nmapp => "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabledxpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabledxpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabledxpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabledxpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
14-07-2017 21:57:05 System Checkpoint
14-07-2017 23:39:09 Removed HP Update
14-07-2017 23:46:38 Removed Java 2 Runtime Environment, SE v1.4.2_03
14-07-2017 23:47:39 Removed Java 7 Update 21
14-07-2017 23:54:27 Removed NetZeroInstallers
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]


System errors:
=============
Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:37:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Update EnterDigital service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Util EnterDigital service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/15/2017 12:31:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SupportSoft Sprocket Service (ddoctorv2) service terminated unexpectedly. It has done this 1 time(s).


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 53%
Total physical RAM: 502.37 MB
Available physical RAM: 233.15 MB
Total Virtual: 1226.68 MB
Available Virtual: 791.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:52.77 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt

Hi -here is the frst.text

Just let me know if I messed anything up, and will do agai - thanks for your patience!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-07-2017
Ran by Patricia Murphy (administrator) on PMURPHY (15-07-2017 01:11:33)
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Pure Networks, Inc.) C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SupportSoft, Inc.) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2006-03-27] (Apple Computer, Inc.)
HKLM\...\RunOnce: [WIAWizardMenu] => RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ATTENTION
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Run: [Download] => "C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\SupportSoft\ddoctorv2\Patricia Murphy\ssGet.exe" 120 "hxxp://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasyS (the data entry has 18 more characters).
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleChromeAutoLaunch_1D6A0AE22769F196654D850B3A4DB628] => C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-09-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A837AA0-AF95-4AA2-9DD5-B7F4D0F6772B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D40B5A10-3DE7-4CE9-AFED-16F34991AC17}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-10FTI__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm025^YYA^us&si=291929_&ptb=3BFC65E5-2DF9-4427-B27B-FE429A3901A0&ind=2014073116&n=780c511c&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> DefaultScope {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> OldSearch URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Toolbar BHO -> {1e91a655-bb4b-4693-a05e-2edebc4c9d89} -> C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll => No File
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Search Assistant BHO -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\.DEFAULT -> MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll [2005-12-12] (Pure Networks, Inc.)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default [2017-07-15]
FF user.js: detected! => C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\user.js [2016-09-22]
FF SearchEngineOrder.1: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Ask.com
FF Homepage: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-10FTI__alt__ddc_dsssyc_bd_com
FF NewTab: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-10FTI__alt__ddc_dsssyctab_bd_com
FF Keyword.URL: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-10FTI__alt__ddc_dss_bd_com&p=
FF SelectedSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Yahoo! Search
FF DefaultSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Yahoo! Search
FF Extension: (MapsGalaxy) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\39ffxtbr@MapsGalaxy_39.com [2014-10-16] [not signed]
FF Extension: (Test Pilot) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\testpilot@labs.mozilla.com.xpi [2014-10-16] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-16] [not signed]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\ask-web-search.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\askcom.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\search-simple.xml [2017-07-14]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\Vosteran.xml [2014-11-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-15] [not signed]
FF HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-05-07] (Oracle Corporation)
FF Plugin: @MapsGalaxy_39.com/Plugin -> C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [2014-07-31] (Mindspark)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2004-12-14] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com"

CHR DefaultSearchURL: Default -> hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bcr-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bcr-10FTI__alt__ddc_dsssyctab_bd_com
CHR Profile: C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Slides) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-693440143-1380487613-1125637980-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files\Google\Chrome\Application\44.0.2403.125\default_apps\search.crx [2015-07-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon) [File not signed]
S2 MapsGalaxy_39Service; C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe [88648 2014-07-31] (COMPANYVERS_NAME)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]
S3 nmraapache; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2005-11-17] (Pure Networks, Inc.) [File not signed]
R2 nmservice; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [190032 2005-12-12] (Pure Networks, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
R2 sprtsvc_ddoctorv2; C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]
S2 Update EnterDigital; "C:\Program Files\EnterDigital\updateEnterDigital.exe" [X]
S2 Util EnterDigital; "C:\Program Files\EnterDigital\bin\utilEnterDigital.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-27] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-03-27] (Windows (R) 2000 DDK provider) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
R1 {70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt; C:\WINDOWS\System32\drivers\{70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt.sys [55784 2016-09-22] (StdLib)
R1 {781c47fe-8e73-4938-873f-2850548c7fb4}t; C:\WINDOWS\System32\drivers\{781c47fe-8e73-4938-873f-2850548c7fb4}t.sys [55824 2014-11-30] (StdLib)
R1 {8ca7f150-5454-4b4c-9537-1b831c71d329}Gt; C:\WINDOWS\System32\drivers\{8ca7f150-5454-4b4c-9537-1b831c71d329}Gt.sys [55824 2014-11-20] (StdLib)
R1 {93feeb25-9f23-4de1-b697-6a2c12816bac}Gt; C:\WINDOWS\System32\drivers\{93feeb25-9f23-4de1-b697-6a2c12816bac}Gt.sys [55824 2014-11-24] (StdLib)
R1 {a45bb6f8-c83c-4de8-bfe0-79a233508760}t; C:\WINDOWS\System32\drivers\{a45bb6f8-c83c-4de8-bfe0-79a233508760}t.sys [55824 2014-11-29] (StdLib)
R1 {bf07813e-aac8-4cea-bf69-7178c16076ac}Gt; C:\WINDOWS\System32\drivers\{bf07813e-aac8-4cea-bf69-7178c16076ac}Gt.sys [55824 2014-11-21] (StdLib)
R1 {cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t; C:\WINDOWS\System32\drivers\{cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t.sys [55824 2014-11-27] (StdLib)
R1 {f0aab91b-f97e-4d3d-b745-53663865729c}t; C:\WINDOWS\System32\drivers\{f0aab91b-f97e-4d3d-b745-53663865729c}t.sys [55824 2014-11-28] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 01:11 - 2017-07-15 01:12 - 00029513 _____ C:\Documents and Settings\Patricia Murphy\Desktop\FRST.txt
2017-07-15 00:30 - 2017-07-15 00:33 - 00004257 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Fixlog.txt
2017-07-15 00:30 - 2017-07-15 00:30 - 01780736 _____ (Farbar) C:\Documents and Settings\Patricia Murphy\Desktop\FRST.exe
2017-07-14 20:51 - 2017-07-14 20:51 - 00007310 _____ C:\Documents and Settings\Patricia Murphy\Desktop\System Idle Process.txt
2017-07-14 19:05 - 2017-07-14 19:05 - 02724512 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Patricia Murphy\Desktop\procexp.exe
2017-07-14 00:03 - 2017-07-15 01:11 - 00000000 ____D C:\FRST
2017-07-09 00:02 - 2017-07-09 00:04 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Vosteran
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
2017-07-08 01:30 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 01:29 - 2017-07-08 01:29 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 01:28 - 2017-07-09 00:03 - 00001519 _____ C:\Documents and Settings\All Users\Start Menu\Programs\HowToRemove.html.lnk
2017-07-08 01:28 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 01:28 - 2017-07-08 01:28 - 00000782 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Windows Media Player.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 01:12 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Temp
2017-07-15 00:58 - 2014-11-19 18:39 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-15 00:57 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2017-07-15 00:40 - 2013-05-04 19:07 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2017-07-15 00:37 - 2014-11-19 18:39 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-15 00:37 - 2006-03-27 10:27 - 00004608 _____ C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2017-07-15 00:37 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-15 00:37 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Registration
2017-07-15 00:37 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-07-15 00:36 - 2006-04-13 21:36 - 00000178 ___SH C:\Documents and Settings\Patricia Murphy\ntuser.ini
2017-07-15 00:36 - 2005-08-16 06:49 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-15 00:32 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2017-07-14 23:50 - 2014-11-20 11:07 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran
2017-07-14 23:46 - 2006-03-27 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java Web Start
2017-07-14 23:39 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2017-07-14 23:39 - 2009-09-15 20:08 - 00000000 ____D C:\Program Files\HP
2017-07-14 23:32 - 2005-08-16 06:18 - 00000740 _____ C:\WINDOWS\win.ini
2017-07-13 19:53 - 2006-04-14 11:34 - 00000000 __SHD C:\WINDOWS\CSC
2017-07-13 19:44 - 2007-11-23 13:51 - 00061440 _____ C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-13 18:06 - 2005-08-16 06:22 - 00000000 ___HD C:\WINDOWS\inf
2017-07-13 16:08 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\ApplicationHistory
2017-07-09 03:03 - 2005-08-16 06:22 - 00000000 _RSHD C:\WINDOWS\system32\dllcache
2017-07-09 00:29 - 2009-09-15 20:19 - 00000000 ____D C:\Program Files\Yahoo!
2017-07-09 00:02 - 2015-02-18 12:24 - 00000281 _____ C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2017-07-08 14:02 - 2009-11-12 16:26 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\My Documents\My PSP Files
2017-07-08 14:02 - 2007-11-23 13:48 - 00006580 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2017-07-08 01:28 - 2006-04-13 21:36 - 00000788 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Windows Media Player.lnk
2017-07-08 00:02 - 2014-11-21 13:02 - 00000347 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2017-07-07 23:54 - 2009-09-15 21:51 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Application Data\HPAppData

==================== Files in the root of some directories =======

2008-01-10 12:16 - 2007-08-10 19:17 - 0007982 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastSecurity.ico
2008-01-10 12:16 - 2007-05-17 18:43 - 0015086 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastWebmail.ico
2015-02-18 12:24 - 2017-07-09 00:02 - 0000281 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2007-11-23 13:51 - 2017-07-13 19:44 - 0061440 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:24 - 2015-02-18 12:24 - 0234679 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi1.dat
2015-02-18 12:24 - 2015-02-18 12:24 - 0161916 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi2.dat
2006-04-13 21:36 - 2006-05-13 17:00 - 0000138 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\fusioncache.dat
2010-10-20 17:31 - 2010-12-02 16:02 - 0001940 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-15 20:04 - 2009-09-15 20:29 - 0001150 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2006-03-27 10:28 - 2006-03-27 10:28 - 0000004 ____H () C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

ZeroAccess:
C:\RECYCLER\S-1-5-21-693440143-1380487613-1125637980-1006\$28f2aec730f51d846d019b605ad847e0

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Hi - ok, thanks for this. I have some urgent things to take care of involving work and some personal issues, so I might not be back to you on this for a couple of days.

Hi - here is my latest FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-07-2017
Ran by Patricia Murphy (administrator) on PMURPHY (18-07-2017 10:09:34)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Pure Networks, Inc.) C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(SupportSoft, Inc.) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY\FRST[1].exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2006-03-27] (Apple Computer, Inc.)
HKLM\...\RunOnce: [WIAWizardMenu] => RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ATTENTION
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Run: [Download] => "C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\SupportSoft\ddoctorv2\Patricia Murphy\ssGet.exe" 120 "hxxp://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasyS (the data entry has 18 more characters).
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleChromeAutoLaunch_1D6A0AE22769F196654D850B3A4DB628] => C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-09-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A837AA0-AF95-4AA2-9DD5-B7F4D0F6772B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D40B5A10-3DE7-4CE9-AFED-16F34991AC17}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-10FTI__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm025^YYA^us&si=291929_&ptb=3BFC65E5-2DF9-4427-B27B-FE429A3901A0&ind=2014073116&n=780c511c&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_17_27_orgnl&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StBtDtCyDtN1L2XzutAtFtAtBtFtCtFyDtDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StAtByB0Czy0DzztAtGyDtCzyyBtG0EyBzy0CtGyDtDyC0CtG0E0A0AyDyEyEyDtByC0FyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtA0DyCzy0AyCtDtGyCyByC0EtGyEyByByDtG0BzztCtCtGzy0DyC0AzytAtB0CzytD0C0D2QtN0A0LzutBtN0D0T0S1P1RzutCyEzyzyyEzytCyCzztD%26cr%3D68767594%26a%3Dhdr_s_17_27_orgnl%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> DefaultScope {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> OldSearch URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: Toolbar BHO -> {1e91a655-bb4b-4693-a05e-2edebc4c9d89} -> C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll => No File
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Search Assistant BHO -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\.DEFAULT -> MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 -> MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll [2005-12-12] (Pure Networks, Inc.)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default [2017-07-15]
FF user.js: detected! => C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\user.js [2016-09-22]
FF SearchEngineOrder.1: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Ask.com
FF Homepage: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-10FTI__alt__ddc_dsssyc_bd_com
FF NewTab: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-10FTI__alt__ddc_dsssyctab_bd_com
FF Keyword.URL: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-10FTI__alt__ddc_dss_bd_com&p=
FF SelectedSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Yahoo! Search
FF DefaultSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default -> Yahoo! Search
FF Extension: (MapsGalaxy) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\39ffxtbr@MapsGalaxy_39.com [2014-10-16] [not signed]
FF Extension: (Test Pilot) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\testpilot@labs.mozilla.com.xpi [2014-10-16] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-16] [not signed]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\ask-web-search.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\askcom.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\search-simple.xml [2017-07-14]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\searchplugins\Vosteran.xml [2014-11-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-15] [not signed]
FF HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-05-07] (Oracle Corporation)
FF Plugin: @MapsGalaxy_39.com/Plugin -> C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [2014-07-31] (Mindspark)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2004-12-14] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com"

CHR DefaultSearchURL: Default -> hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bcr-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bcr-10FTI__alt__ddc_dsssyctab_bd_com
CHR Profile: C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Slides) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-693440143-1380487613-1125637980-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files\Google\Chrome\Application\44.0.2403.125\default_apps\search.crx [2015-07-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon) [File not signed]
S2 MapsGalaxy_39Service; C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe [88648 2014-07-31] (COMPANYVERS_NAME)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]
S3 nmraapache; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2005-11-17] (Pure Networks, Inc.) [File not signed]
R2 nmservice; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [190032 2005-12-12] (Pure Networks, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
R2 sprtsvc_ddoctorv2; C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]
S2 Update EnterDigital; "C:\Program Files\EnterDigital\updateEnterDigital.exe" [X]
S2 Util EnterDigital; "C:\Program Files\EnterDigital\bin\utilEnterDigital.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-27] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-03-27] (Windows (R) 2000 DDK provider) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
R1 {70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt; C:\WINDOWS\System32\drivers\{70ed362e-6c2f-4f13-9f05-a5b35ff4be55}Gt.sys [55784 2016-09-22] (StdLib)
R1 {781c47fe-8e73-4938-873f-2850548c7fb4}t; C:\WINDOWS\System32\drivers\{781c47fe-8e73-4938-873f-2850548c7fb4}t.sys [55824 2014-11-30] (StdLib)
R1 {8ca7f150-5454-4b4c-9537-1b831c71d329}Gt; C:\WINDOWS\System32\drivers\{8ca7f150-5454-4b4c-9537-1b831c71d329}Gt.sys [55824 2014-11-20] (StdLib)
R1 {93feeb25-9f23-4de1-b697-6a2c12816bac}Gt; C:\WINDOWS\System32\drivers\{93feeb25-9f23-4de1-b697-6a2c12816bac}Gt.sys [55824 2014-11-24] (StdLib)
R1 {a45bb6f8-c83c-4de8-bfe0-79a233508760}t; C:\WINDOWS\System32\drivers\{a45bb6f8-c83c-4de8-bfe0-79a233508760}t.sys [55824 2014-11-29] (StdLib)
R1 {bf07813e-aac8-4cea-bf69-7178c16076ac}Gt; C:\WINDOWS\System32\drivers\{bf07813e-aac8-4cea-bf69-7178c16076ac}Gt.sys [55824 2014-11-21] (StdLib)
R1 {cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t; C:\WINDOWS\System32\drivers\{cb0b6f3d-aa8b-4a68-acf6-6ff30e1d0243}t.sys [55824 2014-11-27] (StdLib)
R1 {f0aab91b-f97e-4d3d-b745-53663865729c}t; C:\WINDOWS\System32\drivers\{f0aab91b-f97e-4d3d-b745-53663865729c}t.sys [55824 2014-11-28] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-18 10:08 - 2017-07-18 10:08 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Desktop\FRST-OlderVersion
2017-07-17 17:24 - 2017-07-17 17:24 - 00061108 _____ C:\Documents and Settings\Patricia Murphy\My Documents\Shortcut.txt
2017-07-15 01:13 - 2017-07-15 01:13 - 00031832 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Addition.txt
2017-07-15 00:30 - 2017-07-18 10:08 - 01780736 _____ (Farbar) C:\Documents and Settings\Patricia Murphy\Desktop\FRST.exe
2017-07-15 00:30 - 2017-07-15 00:33 - 00004257 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Fixlog.txt
2017-07-14 20:51 - 2017-07-14 20:51 - 00007310 _____ C:\Documents and Settings\Patricia Murphy\Desktop\System Idle Process.txt
2017-07-14 19:05 - 2017-07-14 19:05 - 02724512 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Patricia Murphy\Desktop\procexp.exe
2017-07-14 00:03 - 2017-07-18 10:09 - 00000000 ____D C:\FRST
2017-07-09 00:02 - 2017-07-09 00:04 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Vosteran
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
2017-07-08 01:30 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 01:29 - 2017-07-08 01:29 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 01:28 - 2017-07-09 00:03 - 00001519 _____ C:\Documents and Settings\All Users\Start Menu\Programs\HowToRemove.html.lnk
2017-07-08 01:28 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 01:28 - 2017-07-08 01:28 - 00000782 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Windows Media Player.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-18 10:10 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Temp
2017-07-18 10:06 - 2013-05-04 19:07 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2017-07-18 10:06 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2017-07-18 09:58 - 2014-11-19 18:39 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-18 09:44 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-07-18 09:43 - 2014-11-19 18:39 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-18 09:43 - 2006-03-27 10:27 - 00003914 _____ C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2017-07-18 09:43 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-18 09:43 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Registration
2017-07-17 17:30 - 2006-04-13 21:36 - 00000178 ___SH C:\Documents and Settings\Patricia Murphy\ntuser.ini
2017-07-17 17:30 - 2005-08-16 06:49 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-17 17:02 - 2006-04-14 11:34 - 00000000 __SHD C:\WINDOWS\CSC
2017-07-16 04:40 - 2007-11-23 13:51 - 00113152 _____ C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-15 00:32 - 2005-08-16 06:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2017-07-14 23:50 - 2014-11-20 11:07 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran
2017-07-14 23:46 - 2006-03-27 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java Web Start
2017-07-14 23:39 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2017-07-14 23:39 - 2009-09-15 20:08 - 00000000 ____D C:\Program Files\HP
2017-07-14 23:32 - 2005-08-16 06:18 - 00000740 _____ C:\WINDOWS\win.ini
2017-07-13 18:06 - 2005-08-16 06:22 - 00000000 ___HD C:\WINDOWS\inf
2017-07-13 16:08 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\ApplicationHistory
2017-07-09 03:03 - 2005-08-16 06:22 - 00000000 _RSHD C:\WINDOWS\system32\dllcache
2017-07-09 00:29 - 2009-09-15 20:19 - 00000000 ____D C:\Program Files\Yahoo!
2017-07-09 00:02 - 2015-02-18 12:24 - 00000281 _____ C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2017-07-08 14:02 - 2009-11-12 16:26 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\My Documents\My PSP Files
2017-07-08 14:02 - 2007-11-23 13:48 - 00006580 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2017-07-08 01:28 - 2006-04-13 21:36 - 00000788 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Windows Media Player.lnk
2017-07-08 00:02 - 2014-11-21 13:02 - 00000347 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2017-07-07 23:54 - 2009-09-15 21:51 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Application Data\HPAppData

==================== Files in the root of some directories =======

2008-01-10 12:16 - 2007-08-10 19:17 - 0007982 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastSecurity.ico
2008-01-10 12:16 - 2007-05-17 18:43 - 0015086 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastWebmail.ico
2015-02-18 12:24 - 2017-07-09 00:02 - 0000281 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2007-11-23 13:51 - 2017-07-16 04:40 - 0113152 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:24 - 2015-02-18 12:24 - 0234679 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi1.dat
2015-02-18 12:24 - 2015-02-18 12:24 - 0161916 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi2.dat
2006-04-13 21:36 - 2006-05-13 17:00 - 0000138 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\fusioncache.dat
2010-10-20 17:31 - 2010-12-02 16:02 - 0001940 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-15 20:04 - 2009-09-15 20:29 - 0001150 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2006-03-27 10:28 - 2006-03-27 10:28 - 0000004 ____H () C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

ZeroAccess:
C:\RECYCLER\S-1-5-21-693440143-1380487613-1125637980-1006\$28f2aec730f51d846d019b605ad847e0

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Hi - here s m latest Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-07-2017
Ran by Patricia Murphy (18-07-2017 10:11:45)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\53OV7KHY
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006\...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM\...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM\...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM\...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM\...\{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM\...\{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM\...\{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM\...\{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Copy (HKLM\...\{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM\...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM\...\{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM\...\{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM\...\{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM\...\{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM\...\{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM\...\{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM\...\{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM\...\{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM\...\{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM\...\{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HPProductAssistant (HKLM\...\{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM\...\{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM\...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
mCore (HKLM\...\{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM\...\{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM\...\{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM\...\{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM\...\{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM\...\{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM\...\{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM\...\{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM\...\{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM\...\{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM\...\MSNINST) (Version: - )
mSSO (HKLM\...\{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM\...\{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM\...\{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM\...\{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM\...\{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
PowerDVD 5.7 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM\...\{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM\...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM\...\QuickTime) (Version: - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
Scan (HKLM\...\{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM\...\{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM\...\{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM\...\{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM\...\{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Verizon Help and Support Tool (HKLM\...\Verizon Help and Support) (Version: - )
VideoToolkit01 (HKLM\...\{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM\...\{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version: - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (HKLM\...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers02: [DriveLetterAccess] -> {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2008-11-10 11:53 - 00000734 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
sharedaccess => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => "C:\Program Files\DellSupport\DSAgnt.exe" /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: nmapp => "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabledxpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabledxpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabledxpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabledxpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabledxpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabledxpsp2res.dll,-22002

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
14-07-2017 21:57:05 System Checkpoint
14-07-2017 23:39:09 Removed HP Update
14-07-2017 23:46:38 Removed Java 2 Runtime Environment, SE v1.4.2_03
14-07-2017 23:47:39 Removed Java 7 Update 21
14-07-2017 23:54:27 Removed NetZeroInstallers
16-07-2017 02:35:54 System Checkpoint
18-07-2017 10:05:04 Software Distribution Service 3.0
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/13/2017 07:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hpqsrmon.exe, version 11.0.0.142, faulting module hpqsrmon.exe, version 11.0.0.142, fault address 0x000033c5.
Processing media-specific event for [hpqsrmon.exe!ws!]

Error: (07/13/2017 07:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehshell.exe, version 5.1.2715.3011, faulting module ehui.dll, version 5.1.2715.3011, fault address 0x00061f80.
Processing media-specific event for [ehshell.exe!ws!]

Error: (09/22/2016 12:45:43 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2016 12:45:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (04/07/2015 09:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (04/07/2015 08:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application enterdigital.browseradapter.exe, version 0.0.0.0, faulting module enterdigital.browseradapter.exe, version 0.0.0.0, fault address 0x0000b3a8.
Processing media-specific event for [enterdigital.browseradapter.exe!ws!]


System errors:
=============
Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/18/2017 09:43:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/17/2017 05:03:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/16/2017 03:48:25 AM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
The specified service does not exist as an installed service.

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/16/2017 01:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 68%
Total physical RAM: 502.37 MB
Available physical RAM: 157.13 MB
Total Virtual: 1226.68 MB
Available Virtual: 737.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:52.77 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (Yats 9) (CDROM) (Total:0.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt ============================

Here is my latest Shortcut.txt, attached

Hi again - I have not yet run the Combofix - should I go ahead and do that?

Thanks

Here below is the fixlog. I will run Combofix

Fix result of Farbar Recovery Scan Tool (x86) Version: 13-07-2017
Ran by Patricia Murphy (15-07-2017 00:30:57) Run:1
Running from C:\Documents and Settings\Patricia Murphy\Desktop
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PATRIC~1\APPLIC~1\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
C:\Program Files\EnterDigital
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 32 bit => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe"
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: MapsGalaxy_39 Browser Plugin Loader => C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
CustomCLSID: HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295}\InprocServer32 -> C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll => No File
Shortcut: C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => ""="Service"
CMD: sc delete hpqddsvc
EmptyTemp:
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"




*****************

Processes closed successfully.
C:\WINDOWS\Tasks\At1.job => not found.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => moved successfully
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => moved successfully
C:\Program Files\EnterDigital => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Home Page Guard 32 bit => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy Search Scope Monitor => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MapsGalaxy_39 Browser Plugin Loader => key removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => key removed successfully.
HKU\S-1-5-21-693440143-1380487613-1125637980-1006_Classes\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => key removed successfully.
C:\Documents and Settings\Patricia Murphy\NetHood\My Web Sites on MSN\target.lnk => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService => key removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WebrootSpySweeperService => key removed successfully.

========= sc delete hpqddsvc =========

[SC] DeleteService SUCCESS

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10159 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 33103 B
Java, Flash, Steam htmlcache => 598081 B
Windows/system/dllcache/drivers => 98691617 B
Edge => 0 B
Chrome => 1532738 B
Firefox => 4526614 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 83584 B
All Users => 0 B
systemprofile => 1212165975 B
LocalService => 26237765 B
NetworkService => 16187757 B
Patricia Murphy => 77641174 B
Administrator => 83584 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:33:55 ====

Here is the Combofix log - at least, I think this is the correct log:

ComboFix 17-07-07.01 - Patricia Murphy 07/19/2017 12:16:26.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.211 [GMT -4:00]
Running from: c:\documents and settings\Patricia Murphy\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\ntuser.pol
c:\documents and settings\NetworkService\Local Settings\Application Data\dsisetup14885002.exe
c:\documents and settings\NetworkService\Local Settings\Application Data\dsisetup5314062.exe
c:\documents and settings\NetworkService\Local Settings\Application Data\dsisetup6967652.exe
c:\documents and settings\Patricia Murphy\WINDOWS
C:\Documents
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2017-06-19 to 2017-07-19 )))))))))))))))))))))))))))))))
.
.
2017-07-18 14:05 . 2017-07-08 03:48 10685920 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{1A1DB36B-94CF-4B2F-8880-E8E693A4562A}\mpengine.dll
2017-07-14 04:03 . 2017-07-18 14:12 -------- d-----w- C:\FRST
2017-07-09 04:02 . 2017-07-09 04:04 -------- d-----w- c:\documents and settings\Patricia Murphy\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 08:49 . 2017-07-08 08:49 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran
2017-07-08 08:49 . 2017-07-08 08:49 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2017-07-08 05:30 . 2017-07-08 05:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 05:29 . 2017-07-08 05:29 -------- d-----w- c:\documents and settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 05:28 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2017-07-08 05:28 . 2017-07-08 05:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\{512E6772-7586-0BCA-181E-2E223C76D2BA}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-07-08 03:48 . 2013-05-04 23:11 10685920 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-23 21:19 . 2014-10-16 13:23 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Download"="c:\documents and settings\Patricia Murphy\Local Settings\Application Data\SupportSoft\ddoctorv2\Patricia Murphy\ssGet.exe" [2012-01-11 987648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-26 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-03-27 98304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowLOMControl]
[X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2005-08-31 17:06 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddoctorv2]
2008-04-24 17:25 202560 ----a-w- c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2005-12-06 16:45 839680 ----a-w- c:\program files\Dell\QuickSet\quickset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 07:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-12-10 02:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 20:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-12-14 05:41 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-12-14 05:45 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-12-14 05:44 98304 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2005-12-28 17:56 602182 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2005-12-28 17:55 667718 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 16:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 16:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-09-09 01:20 8192 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2005-09-09 01:20 110592 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 08:24 20480 ------w- c:\program files\NetWaiting\netwaiting.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
2005-12-12 21:06 874064 ----a-w- c:\program files\Pure Networks\Network Magic\nmapp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-03-27 14:35 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2006-03-27 14:35 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2005-11-17 03:35 397312 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-11-30 00:56 761947 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [12/12/2011 12:03 PM 363128]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S2 MapsGalaxy_39Service;MapsGalaxyService;c:\progra~1\MAPSGA~2\bar\1.bin\39barsvc.exe [7/31/2014 4:27 PM 88648]
S2 Update EnterDigital;Update EnterDigital;"c:\program files\EnterDigital\updateEnterDigital.exe" --> c:\program files\EnterDigital\updateEnterDigital.exe [?]
S2 Util EnterDigital;Util EnterDigital;"c:\program files\EnterDigital\bin\utilEnterDigital.exe" --> c:\program files\EnterDigital\bin\utilEnterDigital.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-22 17:10 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2017-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-19 17:02]
.
2017-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-19 17:02]
.
2017-07-19 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.1.1
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/SpeedOptimizer/FiOS/vzTCPConfig.CAB
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} - hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
FF - ProfilePath - c:\documents and settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-10FTI__alt__ddc_dsssyc_bd_com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-10FTI__alt__ddc_dss_bd_com&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - ExtSQL: !HIDDEN! 2009-09-01 21:44; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2009-09-15 20:17; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: extensions.srchvstrn.hmpg - true
FF - user.js: extensions.srchvstrn.hmpgUrl - hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
FF - user.js: extensions.srchvstrn.dfltSrch - true
FF - user.js: extensions.srchvstrn.srchPrvdr - Vosteran
FF - user.js: extensions.srchvstrn.dnsErr - true
FF - user.js: extensions.srchvstrn_i.newTab - true
FF - user.js: extensions.srchvstrn.newTabUrl - hxxp://Vosteran.com/?f=2&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=
FF - user.js: extensions.srchvstrn.tlbrSrchUrl - hxxp://Vosteran.com/?f=3&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&ir=&q=
FF - user.js: extensions.srchvstrn.id - 0015C50A7DE97147
FF - user.js: extensions.srchvstrn.instlDay - 16394
FF - user.js: extensions.srchvstrn.vrsn -
FF - user.js: extensions.srchvstrn.vrsni -
FF - user.js: extensions.srchvstrn_i.vrsnTs - 10:0:55
FF - user.js: extensions.srchvstrn.prtnrId - WSE_Vosteran
FF - user.js: extensions.srchvstrn.prdct - srchvstrn
FF - user.js: extensions.srchvstrn.aflt - vst_tier1_14_47_ch
FF - user.js: extensions.srchvstrn_i.smplGrp - none
FF - user.js: extensions.srchvstrn.tlbrId -
FF - user.js: extensions.srchvstrn.instlRef - 142905_a
FF - user.js: extensions.srchvstrn.dfltLng -
FF - user.js: extensions.srchvstrn.appId - {4CB3598A-82E8-4D1F-983F-061238AE696E}
FF - user.js: extensions.srchvstrn.excTlbr - false
FF - user.js: extensions.srchvstrn.cr - 444550780
FF - user.js: extensions.srchvstrn.cd - 2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q
FF - user.js: extensions.srchvstrn.AL - 2
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: xpinstall.signatures.required - false
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE "%1"
.
- - - - ORPHANS REMOVED - - - -
.
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil9e.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-EnterDigital - c:\program files\EnterDigital\EnterDigitalUn.exe
AddRemove-Verizon Help and Support - c:\program files\Verizon\Uninstall.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2017-07-19 12:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\À*¬ Æ]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
.
Completion time: 2017-07-19 12:41:08
ComboFix-quarantined-files.txt 2017-07-19 16:41
.
Pre-Run: 56,571,883,520 bytes free
Post-Run: 55,920,693,248 bytes free
.
- - End Of File - - EE699859D6F416609A51CF5B708E6B50
DEA9E81F0228B68C9ADAF84C9B0CF931