Ok, so here's the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2014
Ran by Tony (administrator) on EFC-AFEF6D7E0F4 on 07-03-2014 10:48:49
Running from C:\Documents and Settings\Tony\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(PPLive Corporation) C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(Silicon Integrated Systems Corporation) C:\WINDOWS\system32\sistray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(NETGEAR) C:\Program Files\NETGEAR\WG111T\wlan111t.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ==================
HKU\S-1-5-21-1343024091-1993962763-682003330-1003\...\Run: [PPAP] - C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe [185800 2010-04-06] (PPLive Corporation)
HKU\S-1-5-21-1343024091-1993962763-682003330-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1343024091-1993962763-682003330-1003\...\Run: [Google Update] - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-09-25] (Google Inc.)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk
ShortcutTarget: Utility Tray.lnk -> C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...er=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...B_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR RestoreOnStartup: "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2010-09-20] (Meetinghouse Data Communications)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4022528 2006-10-13] (Realtek Semiconductor Corp.)
R3 AR5523; C:\WINDOWS\System32\DRIVERS\WG11TND5.sys [362944 2005-09-05] (NETGEAR, Inc.)
R3 DNINDIS5; C:\WINDOWS\system32\DNINDIS5.SYS [17149 2003-07-24] (Printing Communications Assoc., Inc. (PCAUSA))
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2006-11-15] (Windows ® 2000 DDK provider)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [217600 2004-07-06] (Silicon Integrated Systems Corporation)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [12416 2004-07-06] (Silicon Integrated Systems Corporation)
R3 SISNIC; C:\WINDOWS\System32\DRIVERS\sisnic.sys [32256 2002-07-10] (SiS Corporation)
S4 IntelIde; No ImagePath
S3 RTL8187B; system32\DRIVERS\RTL8187B.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 10:48 - 2014-03-07 10:48 - 00000000 ____D () C:\FRST
2014-03-07 10:47 - 2014-03-07 10:47 - 00000878 _____ () C:\Documents and Settings\Tony\Desktop\Shortcut to FRST.lnk
2014-03-05 23:12 - 2014-03-05 23:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-03-05 23:11 - 2014-03-05 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-05 23:11 - 2014-03-05 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909921$
2014-03-05 23:05 - 2014-03-05 23:05 - 00008759 _____ () C:\WINDOWS\KB2900986.log
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-03-05 23:04 - 2014-03-05 23:04 - 00008260 _____ () C:\WINDOWS\KB2862335.log
2014-03-05 23:04 - 2014-03-05 23:04 - 00007664 _____ () C:\WINDOWS\KB2904266.log
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-03-05 23:01 - 2014-03-05 23:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-03-05 22:47 - 2014-03-05 22:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-03-05 22:46 - 2014-03-05 22:47 - 00007018 _____ () C:\WINDOWS\KB2868038.log
2014-03-05 22:46 - 2014-03-05 22:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-03-05 22:39 - 2014-03-05 22:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-05 22:38 - 2014-03-05 22:39 - 00005831 _____ () C:\WINDOWS\KB2914368.log
2014-03-05 22:29 - 2014-03-05 23:12 - 00018440 _____ () C:\WINDOWS\KB2909921.log
2014-03-05 22:29 - 2014-03-05 23:11 - 00014380 _____ () C:\WINDOWS\KB2916036.log
2014-03-05 22:29 - 2014-03-05 23:04 - 00012801 _____ () C:\WINDOWS\KB2909212.log
2014-03-05 15:50 - 2014-03-05 23:12 - 00017511 _____ () C:\WINDOWS\KB2868626.log
2014-03-05 15:50 - 2014-03-05 23:05 - 00013686 _____ () C:\WINDOWS\KB2847311.log
2014-03-05 15:50 - 2014-03-05 23:05 - 00013187 _____ () C:\WINDOWS\KB2898715.log
2014-03-05 15:49 - 2014-03-05 23:04 - 00012158 _____ () C:\WINDOWS\KB2876217.log
2014-03-05 15:49 - 2014-03-05 23:04 - 00011715 _____ () C:\WINDOWS\KB2862152.log
2014-03-05 15:49 - 2014-03-05 23:04 - 00011339 _____ () C:\WINDOWS\KB2864063.log
2014-03-05 15:49 - 2013-07-03 02:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-03-05 15:49 - 2013-07-03 01:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-03-05 15:48 - 2014-03-05 23:02 - 00011297 _____ () C:\WINDOWS\KB2876331.log
2014-03-05 15:48 - 2013-07-17 00:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-03-05 15:48 - 2013-07-17 00:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-03-05 15:48 - 2013-07-17 00:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-03-05 15:47 - 2014-03-05 22:46 - 00010461 _____ () C:\WINDOWS\KB2893294.log
2014-03-05 15:47 - 2014-03-05 22:45 - 00010988 _____ () C:\WINDOWS\KB2893984.log
2014-03-05 15:46 - 2014-03-05 22:45 - 00009645 _____ () C:\WINDOWS\KB2892075.log
2014-03-05 15:45 - 2013-08-09 00:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-03-05 15:45 - 2013-08-09 00:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-03-05 15:45 - 2013-08-09 00:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-03-05 15:45 - 2009-03-18 11:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
==================== One Month Modified Files and Folders =======
2014-03-07 10:48 - 2014-03-07 10:48 - 00000000 ____D () C:\FRST
2014-03-07 10:47 - 2014-03-07 10:47 - 00000878 _____ () C:\Documents and Settings\Tony\Desktop\Shortcut to FRST.lnk
2014-03-07 10:45 - 2010-09-20 19:07 - 01907568 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-07 10:38 - 2010-09-25 06:59 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1993962763-682003330-1003UA.job
2014-03-07 10:37 - 2010-10-09 08:24 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-07 10:35 - 2010-09-25 06:51 - 00000000 ____D () C:\FavoriteVideo
2014-03-07 10:34 - 2010-09-20 19:46 - 00135664 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-07 10:34 - 2010-09-20 19:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-07 10:34 - 2004-08-04 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-05 23:13 - 2010-09-20 19:13 - 00032498 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-05 23:12 - 2014-03-05 23:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-03-05 23:12 - 2014-03-05 22:29 - 00018440 _____ () C:\WINDOWS\KB2909921.log
2014-03-05 23:12 - 2014-03-05 15:50 - 00017511 _____ () C:\WINDOWS\KB2868626.log
2014-03-05 23:12 - 2010-10-03 09:58 - 00368757 _____ () C:\WINDOWS\updspapi.log
2014-03-05 23:12 - 2010-09-20 19:47 - 01990011 _____ () C:\WINDOWS\FaxSetup.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00957161 _____ () C:\WINDOWS\ocgen.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00911926 _____ () C:\WINDOWS\tsoc.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00614764 _____ () C:\WINDOWS\msmqinst.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00554727 _____ () C:\WINDOWS\comsetup.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00349024 _____ () C:\WINDOWS\netfxocm.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00334305 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00178632 _____ () C:\WINDOWS\iis6.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00137433 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00100889 _____ () C:\WINDOWS\tabletoc.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00099595 _____ () C:\WINDOWS\msgsocm.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00090219 _____ () C:\WINDOWS\ocmsn.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-03-05 23:12 - 2010-09-20 19:47 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-03-05 23:11 - 2014-03-05 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-05 23:11 - 2014-03-05 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909921$
2014-03-05 23:11 - 2014-03-05 22:29 - 00014380 _____ () C:\WINDOWS\KB2916036.log
2014-03-05 23:10 - 2010-09-20 19:47 - 00489766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-05 23:05 - 2014-03-05 23:05 - 00008759 _____ () C:\WINDOWS\KB2900986.log
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-03-05 23:05 - 2014-03-05 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-03-05 23:05 - 2014-03-05 15:50 - 00013686 _____ () C:\WINDOWS\KB2847311.log
2014-03-05 23:05 - 2014-03-05 15:50 - 00013187 _____ () C:\WINDOWS\KB2898715.log
2014-03-05 23:04 - 2014-03-05 23:04 - 00008260 _____ () C:\WINDOWS\KB2862335.log
2014-03-05 23:04 - 2014-03-05 23:04 - 00007664 _____ () C:\WINDOWS\KB2904266.log
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-03-05 23:04 - 2014-03-05 23:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-03-05 23:04 - 2014-03-05 22:29 - 00012801 _____ () C:\WINDOWS\KB2909212.log
2014-03-05 23:04 - 2014-03-05 15:49 - 00012158 _____ () C:\WINDOWS\KB2876217.log
2014-03-05 23:04 - 2014-03-05 15:49 - 00011715 _____ () C:\WINDOWS\KB2862152.log
2014-03-05 23:04 - 2014-03-05 15:49 - 00011339 _____ () C:\WINDOWS\KB2864063.log
2014-03-05 23:04 - 2010-12-05 22:50 - 00042568 _____ () C:\WINDOWS\system32\TZLog.log
2014-03-05 23:04 - 2010-09-20 19:47 - 00646329 _____ () C:\WINDOWS\setupapi.log
2014-03-05 23:02 - 2014-03-05 15:48 - 00011297 _____ () C:\WINDOWS\KB2876331.log
2014-03-05 23:01 - 2014-03-05 23:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-03-05 22:55 - 2013-08-22 14:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-05 22:47 - 2014-03-05 22:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-03-05 22:47 - 2014-03-05 22:46 - 00007018 _____ () C:\WINDOWS\KB2868038.log
2014-03-05 22:46 - 2014-03-05 22:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-03-05 22:46 - 2014-03-05 15:47 - 00010461 _____ () C:\WINDOWS\KB2893294.log
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-03-05 22:45 - 2014-03-05 22:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-03-05 22:45 - 2014-03-05 15:47 - 00010988 _____ () C:\WINDOWS\KB2893984.log
2014-03-05 22:45 - 2014-03-05 15:46 - 00009645 _____ () C:\WINDOWS\KB2892075.log
2014-03-05 22:39 - 2014-03-05 22:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-05 22:39 - 2014-03-05 22:38 - 00005831 _____ () C:\WINDOWS\KB2914368.log
2014-03-05 22:38 - 2010-09-20 19:15 - 00000178 ___SH () C:\Documents and Settings\Tony\ntuser.ini
2014-03-05 22:37 - 2010-09-25 06:59 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1993962763-682003330-1003Core.job
2014-03-05 09:39 - 2010-09-20 19:46 - 00169799 _____ () C:\WINDOWS\setupact.log
2014-03-04 22:05 - 2010-09-20 19:07 - 00000000 ____D () C:\Program Files\Panda Security
2014-03-04 22:04 - 2010-09-20 19:08 - 00065536 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-02-09 20:21 - 2010-09-20 19:15 - 00000000 ____D () C:\Documents and Settings\Tony
Some content of TEMP:
====================
C:\Documents and Settings\Tony\Local Settings\Temp\CloudAntivirus.exe
C:\Documents and Settings\Tony\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\Tony\Local Settings\Temp\PPLite_Update.exe
C:\Documents and Settings\Tony\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Tony\Local Settings\Temp\_is55.exe
C:\Documents and Settings\Tony\Local Settings\Temp\{94B96BD4-589A-4500-8763-C3F6256D33DF}-30.0.1599.69_chrome_installer.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Here is the additions log:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-03-2014
Ran by Tony at 2014-03-07 10:49:59
Running from C:\Documents and Settings\Tony\My Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Google Chrome (HKCU\...\Google Chrome) (Version: 28.0.1500.95 - Google Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter (HKLM\...\{51123D42-6B9C-4B93-900C-29F9EC5963C9}) (Version: 1.0.0 - NETGEAR)
PPLite 1.0.0.6 (HKLM\...\PPLite) (Version: - )
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.28 - Realtek Semiconductor Corp.)
SiS 900 PCI Fast Ethernet Adapter Driver (HKLM\...\SiSLan) (Version: - )
SiS VGA Utilities (HKLM\...\SiS VGA Driver) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinZip 14.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
==================== Restore Points =========================
04-03-2014 20:22:13 Removed Vodafone Mobile Connect Lite.
04-03-2014 22:12:09 Removed Vodafone Mobile Connect Lite.
05-03-2014 22:38:17 Software Distribution Service 3.0
==================== Hosts content: ==========================
2004-08-04 12:00 - 2004-08-04 12:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1993962763-682003330-1003Core.job => C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1993962763-682003330-1003UA.job => C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-09-25 06:51 - 2010-06-07 07:56 - 00833896 _____ () C:\Program Files\Common Files\PPLiveNetwork\MngModule.dll
2011-02-02 08:39 - 2008-04-14 00:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2011-02-02 08:38 - 2008-04-14 00:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-08-07 13:06 - 2013-07-25 00:49 - 04052944 _____ () C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\pdf.dll
2013-08-07 13:06 - 2013-07-25 00:49 - 00396240 _____ () C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
2013-08-07 13:05 - 2013-07-25 00:48 - 01597392 _____ () C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
2013-08-07 13:06 - 2013-07-25 00:49 - 13599184 _____ () C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111T Smart Wizard.lnk => C:\WINDOWS\pss\NETGEAR WG111T Smart Wizard.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Tony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: MobileConnect => %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
MSCONFIG\startupreg: SiS Windows KeyHook => C:\WINDOWS\system32\keyhook.exe
MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE
==================== Faulty Device Manager Devices =============
Name: PCI Modem
Description: PCI Modem
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2014 10:05:39 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (03/04/2014 09:45:10 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (03/04/2014 07:45:42 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/28/2014 01:43:20 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/15/2014 00:57:53 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/09/2014 07:57:40 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/08/2014 09:05:45 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (12/13/2013 10:18:19 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (12/11/2013 07:49:07 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (10/14/2013 10:10:28 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
System errors:
=============
Error: (03/04/2014 09:47:02 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Error: (03/04/2014 07:47:27 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Error: (02/28/2014 01:45:28 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053
Error: (02/28/2014 01:45:28 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
Error: (02/28/2014 01:44:50 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Error: (02/15/2014 01:00:23 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053
Error: (02/15/2014 01:00:23 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
Error: (02/15/2014 00:59:38 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Error: (02/09/2014 07:59:25 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Error: (02/08/2014 09:07:28 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 223.36 MB
Available physical RAM: 69.98 MB
Total Pagefile: 546.58 MB
Available Pagefile: 247.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:33.12 GB) (Free:24.82 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 751C751C)
Partition 1: (Not Active) - (Size=4 GB) - (Type=12)
Partition 2: (Active) - (Size=33 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Thanks so much