Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Adobe Flashplayer Upgraded and still no text on webpages

Started by Nickinacknoo , Sep 09 2012 04:28 PM

  • Please log in to reply

#1
Nickinacknoo
Posted 09 September 2012 - 04:28 PM

Nickinacknoo

    New Member

  • Member
  • Pip
  • 5 posts
A webpage that I visit on a daily basis does not display the titles of certain articles (its a slimming world website) so I logged on to my OH laptop and his showed the titles. I upgraded adboe flashplayer to 11 and upgraded java to the newest version, as well as deleting cookies, then rebooted. Still not displaying the titles (which use adobe 11) any ideas?

OTL logfile created on: 09/09/2012 22:52:14 - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Parent\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

952.94 Mb Total Physical Memory | 132.51 Mb Available Physical Memory | 13.91% Memory free
1.93 Gb Paging File | 0.75 Gb Available in Paging File | 38.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 86.96 Gb Free Space | 63.50% Space Free | Partition Type: NTFS
Drive D: | 293.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: PC | User Name: Parent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/09 22:51:11 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Parent\Downloads\OTL.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/31 15:00:22 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012/04/30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/09/08 07:43:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/09 04:24:48 | 002,165,104 | ---- | M] () -- C:\Windows\System32\srvmon.exe
PRC - [2010/11/09 04:24:40 | 002,381,680 | ---- | M] (Netintelligence Ltd) -- C:\Program Files\Netintelligence Home\LiteClient.exe
PRC - [2009/10/28 01:19:04 | 001,196,544 | ---- | M] (Netintelligence Ltd) -- C:\Program Files\Netintelligence Home\LiteClientAM.exe
PRC - [2009/09/30 23:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 23:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/30 23:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/09/24 13:14:56 | 000,825,864 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.EXE
PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/07/20 07:29:00 | 000,484,920 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/12/04 07:20:46 | 000,657,408 | ---- | M] () -- C:\Program Files\Netintelligence Home\AMMon.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/24 11:50:32 | 000,203,776 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/04/30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/04/30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012/04/18 16:30:36 | 000,583,168 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/08 07:43:57 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\Report.dll
MOD - [2010/01/11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\VObject.dll
MOD - [2008/12/04 07:20:46 | 000,657,408 | ---- | M] () -- C:\Program Files\Netintelligence Home\AMMon.exe
MOD - [2005/12/14 20:22:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Texthelp Systems\Read and Write 9\texthelpbho.dll


========== Services (SafeList) ==========

SRV - [2012/09/09 22:06:47 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010/11/20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/09 04:24:48 | 002,165,104 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvmon.exe -- (ServiceMonitor)
SRV - [2010/11/09 04:24:40 | 002,381,680 | ---- | M] (Netintelligence Ltd) [Auto | Running] -- C:\Program Files\Netintelligence Home\LiteClient.exe -- (NILiteClient)
SRV - [2010/05/18 20:03:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/09/30 23:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1078E7-912B-4231-9B52-804018610BFB}\MpKslecf2ddc2.sys -- (MpKslecf2ddc2)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/10/05 02:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/11 05:58:30 | 000,488,448 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/07/27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2008/07/10 11:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2003/10/01 15:29:50 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\OEM\factory\int15.sys -- (int15.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nextgener...k/ourhomeaccess
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nextgener...k/ourhomeaccess
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Parent\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/07 10:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/30 21:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/09 22:10:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/07 10:36:34 | 000,000,000 | ---D | M]

[2010/05/06 23:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Extensions
[2012/01/07 20:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\extensions
[2012/01/07 20:47:38 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/10/25 19:47:31 | 000,002,573 | ---- | M] () -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\searchplugins\askcom.xml
[2011/06/20 14:47:53 | 000,001,742 | ---- | M] () -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\searchplugins\search-the-web.xml
[2012/07/09 12:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/11 00:00:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012/01/28 11:15:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/04/27 12:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/09 12:15:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011/09/08 07:43:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/06/18 06:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/07/16 21:15:58 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/06/06 10:46:49 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/06/06 10:46:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/06/06 10:46:49 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/06/06 10:46:49 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/06/06 10:46:49 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

Hosts file not found
O2 - BHO: (txthlpBHO Class) - {060235DC-6D84-47BD-95D7-A4EF5099A59D} - C:\Program Files\Texthelp Systems\Read and Write 9\texthelpbho.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ba3HelperObj Class) - {A17B153F-2267-4161-A165-73DCD6C31BEF} - C:\Program Files\Texthelp Systems\Read and Write 9\ba3bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NIHomeAM] C:\Program Files\Netintelligence Home\LiteClientAM.exe (Netintelligence Ltd)
O4 - HKLM..\Run: [PLD_FrameworkRun] C:\Windows\System32\OEM\_NowIntoDT.vbs ()
O4 - HKLM..\Run: [SDU_Path] C:\Users\Parent\AppData\Local\Temp\7zS0B38\HPSDU.exe File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKLM..\RunOnce: [PLD_FrameworkRunOnce] C:\Windows\System32\OEM\_waitAndLaunch_PLD_Framework_NoWait.vbs ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{976C358F-90C4-4DE6-9A37-386AD6063C28}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB22F05E-956F-42F1-AC50-2329D467E09E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{68c29d2d-88cc-11e1-9c6c-c80aa926b46e}\Shell - "" = AutoRun
O33 - MountPoints2\{68c29d2d-88cc-11e1-9c6c-c80aa926b46e}\Shell\AutoRun\command - "" = E:\Enterprise_Launcher.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Enterprise_Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/09 22:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/09/09 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/09 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{7E59FFAD-2DC2-4FDB-8562-CDA81F15B626}
[2012/09/09 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{013A31C3-FB92-454E-9A8E-B7F3E6A5A2C7}
[2012/09/08 17:30:17 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{8E8B679D-502E-4476-8B92-0E62F12681A1}
[2012/09/07 20:08:59 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{8BECEB2F-A783-4223-8AEC-DC5CED0A3EB6}
[2012/09/07 08:51:30 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{6F16E2AA-9707-4CB0-A009-88B84B57FEF7}
[2012/09/05 17:33:33 | 000,000,000 | -HSD | C] -- C:\found.005
[2012/09/05 13:29:04 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{811EAFCF-A961-4D1B-AC35-7A08FA083600}
[2012/09/03 17:19:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3C5107B3-4ED4-4EC1-B655-420D5FDE03DD}
[2012/09/02 19:57:54 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{CE8F9149-A304-4996-A678-A3C9809CB837}
[2012/08/31 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{D381171F-0DD1-4D63-B825-B5DD31DA71A6}
[2012/08/31 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{4F2916AE-4E23-4CA1-A173-D5FE7849239D}
[2012/08/27 11:40:00 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{10C32FB8-C4E1-491F-9AB8-FA50E25F7160}
[2012/08/24 07:58:08 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{65AAF50C-2289-425D-BDC6-CB97E9C1B94C}
[2012/08/23 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{814B52B7-34AD-4FD1-82BA-46C5CEE2AF95}
[2012/08/22 13:16:42 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{813F7AC0-F0C6-4021-B1A4-1DD3034AFD6C}
[2012/08/21 12:12:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{EF3AD05C-E55D-4594-B741-83B06DEA01D4}
[2012/08/20 11:57:43 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3FF7977B-73CA-4E2A-BBCF-7AF0CB0141CD}
[2012/08/19 19:54:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B83D2DF7-AD77-4B8D-ACAB-DCC73DF1478C}
[2012/08/19 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B28F02DB-1AC2-487D-AC85-436ED164EA79}
[2012/08/18 07:46:41 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{E0B09CE1-51DA-473D-B059-901F9B0C319C}
[2012/08/18 07:45:47 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{5CC8486D-25D2-404C-9779-35D6B10FFD93}
[2012/08/17 20:16:54 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B185B301-887D-4488-B3A6-47910E71F0E7}
[2012/08/17 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{A331E0CA-A7FE-418B-A80D-7E90521AC3B3}
[2012/08/16 09:34:22 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{BE939AD0-573B-4EB4-B4AD-46E16895A172}
[2012/08/15 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{97AA41F6-FD1D-40E1-948C-7240157120D9}
[2012/08/14 10:44:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{15A708DA-45B0-462C-B619-C49B612EE567}
[2012/08/12 19:47:16 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3E50691D-C784-4201-B7A8-BFF0953E25DD}
[2012/08/11 08:34:16 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B8232F52-050B-4A24-A80C-E8C2DE75FAB2}
[2012/08/11 08:32:44 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{40AFC114-564A-4017-B58A-490A706485FB}

========== Files - Modified Within 30 Days ==========

[2012/09/09 22:34:15 | 000,019,464 | ---- | M] () -- C:\Windows\System32\srvmon.startuplog
[2012/09/09 22:23:50 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 22:23:50 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 22:23:38 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/09 22:13:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/09 22:13:39 | 749,420,544 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/09 22:10:07 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/05 17:34:39 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012/09/04 19:23:27 | 000,696,314 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/04 19:23:27 | 000,136,456 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/30 23:09:46 | 000,097,243 | ---- | M] () -- C:\Users\Parent\Desktop\budgeting loan.pdf
[2012/08/19 19:52:28 | 000,302,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/15 18:00:46 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

========== Files Created - No Company Name ==========

[2012/09/09 22:10:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/09 22:10:07 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/05 17:34:39 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012/08/30 23:09:46 | 000,097,243 | ---- | C] () -- C:\Users\Parent\Desktop\budgeting loan.pdf
[2012/08/15 18:00:46 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012/06/12 15:34:40 | 000,121,856 | ---- | C] () -- C:\Users\Parent\01180727.dot
[2011/12/07 10:27:43 | 000,169,787 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011/12/07 10:27:43 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011/10/26 06:46:38 | 000,000,235 | ---- | C] () -- C:\Users\Parent\AppData\Roaming\fixpermissions.bat
[2011/06/29 20:19:01 | 000,000,000 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
[2011/06/09 08:44:00 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/02 22:26:38 | 000,006,144 | ---- | C] () -- C:\Users\Parent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/01 11:21:00 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== LOP Check ==========

[2010/06/15 11:36:32 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Facebook
[2010/08/01 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\InterVideo
[2010/05/06 20:11:15 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Issist
[2012/05/15 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Sony
[2010/05/25 22:42:23 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Texthelp Systems
[2012/08/21 12:09:50 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 09/09/2012 22:52:14 - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Parent\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

952.94 Mb Total Physical Memory | 132.51 Mb Available Physical Memory | 13.91% Memory free
1.93 Gb Paging File | 0.75 Gb Available in Paging File | 38.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 86.96 Gb Free Space | 63.50% Space Free | Partition Type: NTFS
Drive D: | 293.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: PC | User Name: Parent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A18B6CB-39DC-42E3-B44F-57DE2CEEDC3D}" = rport=139 | protocol=6 | dir=out | app=system |
"{211B665F-5033-4BE0-BBE1-F91F9B03A817}" = lport=138 | protocol=17 | dir=in | app=system |
"{2AFCBDC0-E9AF-4D34-AFA0-7308C6BBE19D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31898815-FBF8-46EB-8921-5B2749D55383}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{35309CF6-E215-4D46-98E2-5A7663B04244}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DB215B4-B8EA-4F4E-B519-333D0E62DA0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{56C009A8-2AA5-4B30-A01E-0465D29387DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B286AF0-3121-4957-B3AD-A9273CAE0F57}" = lport=445 | protocol=6 | dir=in | app=system |
"{60D3D929-134B-42C2-AF39-A0D8FAB580FB}" = rport=138 | protocol=17 | dir=out | app=system |
"{62B1482F-791B-4F2F-B202-2AF8EAA3D8A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{658525B9-C37D-422F-B249-2FFE2B4B2CD7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{674DE346-76AA-47E6-B544-36E23725DBC7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{67DDF36F-AC78-4F29-A3AE-7F080E68CA9A}" = lport=139 | protocol=6 | dir=in | app=system |
"{83B72432-A76E-455A-BB6D-F436FBFD0174}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84A1C746-B753-4D91-9C8A-2E15AF678177}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9331DBE3-EFD7-4D07-9621-983E6B4D034B}" = lport=137 | protocol=17 | dir=in | app=system |
"{A5485727-A403-4AF6-BD09-FF6A18F481CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A71A6FB0-8353-46E4-89AD-E1A32EBA8693}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7A72A8D-F1D1-4F64-8708-C52373ADB759}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B546BA82-BFE5-470A-A37E-9325D5977B68}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BE43F08F-6722-49F7-9CC8-8479C25C6D1D}" = rport=137 | protocol=17 | dir=out | app=system |
"{CBD2F939-FF68-47D4-80AA-FC676C42B349}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B4AF54-2A52-4D8D-A5AC-BEB1A9BD78CB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F58D24EE-FE7B-4FBE-BE29-9A4CE8D4ABE5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7C07F1A-F4A6-4163-A9EF-D4EFCB1E99FC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FE882846-DB04-4B22-99A9-843F92F0702F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06EEFEF2-B902-4029-B241-87F68B5DF260}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{08AFB834-71D9-4FA1-BCF9-FAD353966E35}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{0966A7EF-F31A-4018-A155-8225B6A1CE76}" = protocol=1 | dir=out | [email protected],-28544 |
"{0AD53C94-7313-45D4-B953-5118F1CCA825}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{195374DC-9108-4244-B780-C9AE550BBCFB}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{284D75C5-E3AC-4003-BFBE-C396B10DFD7D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2DE6CD4A-987B-4F5F-8759-615F9A4B10CD}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{315A7B64-F6F1-4602-88E4-9C5107D7DFA6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{32B39394-1E4C-49A2-AEE5-EFF42EBF2209}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34CA4FEB-FDB0-407D-B558-F77B325A95FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{35A89740-235A-44EE-BC77-41E9D2936AF9}" = protocol=58 | dir=out | [email protected],-28546 |
"{382C25F8-30BD-48B7-BBC4-2A1369A76348}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{40D2D470-57F7-4B99-9854-53CDF8EF01BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{412A73A3-3E83-48FB-92EE-D919FFF600D4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{46F8775E-ED37-4729-92E1-AAC0B7E1282F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{4B83A2CC-68DF-4214-8C7A-CD0B1189C0CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54CF6CCF-CBDA-496D-A154-58DF4443ACF1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5A20A6A3-0C12-45EE-9F28-95999D2BA46A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5D68B1FE-76CD-4661-96A4-9EE4CA2AFF30}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{5D9C215C-3FBE-4DBD-8D66-1C8AC61B6EC9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{614A0AEB-94F6-439E-A33B-D8D09B6D8268}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{6C4417AE-64B3-474E-AB9B-80B3D19F7E7C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6D08CCDC-CA1B-4977-87F0-72AA05628565}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{725F5A9D-932B-4FAA-8CE5-5E2327C59E64}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{75324B79-885F-4DB6-92F6-C0802CDEF556}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A7C706E-E7B4-451E-B7AF-C46D7C26A9E9}" = protocol=58 | dir=in | [email protected],-28545 |
"{7B15AAEA-DE0D-4F9D-9E45-519F27D7C586}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{82422EAB-BF48-4929-AD24-ABAA828C5830}" = protocol=1 | dir=in | [email protected],-28543 |
"{877FEFEE-5559-4595-AA59-A769AD712A71}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{94FFC3F8-7C5C-484D-91FE-23F6E4EA2A81}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A5920AC5-2165-4528-B4CA-42F7F2333BE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{A914658F-B999-424E-A37C-FD5B600DF709}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA430776-A2F8-4739-9E0A-6B2717E17F8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{AB62A9B0-85FB-4F99-A889-06A3939A66D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCF9FFC3-C6FB-471B-8000-EEC46E37A1D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C16A00B2-9204-4864-B823-F2A4D696863B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6B6006D-EB99-4758-86C9-FCBF1AB4EC17}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D5229890-1F12-45B7-AC51-0277706BB00B}" = protocol=6 | dir=out | app=system |
"{DD1237EE-F1E6-4440-8BFA-EC91CBA405DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E122BB1C-8D55-42A7-9BFA-9AE234B915D5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{E4246227-E57D-411B-B89D-1808AFA439B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB793B51-7B90-46B6-8C69-6626A019F719}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F788E4EF-864F-4F3E-BB99-0E503CF58D9C}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{F7C3BF2F-844C-46F1-B048-9B5A686A7C3C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{F8EAE536-60E7-4C4D-8081-81EE05558216}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{F9027A13-321E-42B2-8918-18E07B6B4B93}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FB2827F7-D1EA-4FCD-ABB7-E75922B34AB2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.0 (Redists)
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0E837AF0-4C92-4077-83F0-D022073F17C0}" = Microsoft Expression Blend 3 SDK
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2775D83C-A85F-4CC2-84A1-FC5E63F682BB}" = Read And Write Home Access
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44F7BA74-C11A-49FC-B2FC-1B827C491F74}" = Microsoft Expression Studio 3
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5BFB956C-3AB9-492A-9E91-5D8C87DCC598}" = Paint.NET v3.5.1
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit June 2009 (Version 3.5.40619.1)
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BCF909-6AF7-4B01-8EB3-713CE2873DC8}" = Microsoft Expression Web 3
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{752E90AC-3F11-4EA3-88EA-96441047EC31}" = Microsoft Expression Web 3 SP1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}" = Media Go Video Playback Engine 1.88.102.12050
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9B39B512-1E22-45B6-9561-83DBFEA00A33}" = BECTA Home Access Activation Tool
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A4FA40F1-B88C-4BDF-B291-ED34982CB48F}" = Microsoft Expression Blend 3
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{d05a1414-a955-4c5c-9716-b7777ef86e85}" = F4100
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E9980014-BE11-4891-A5F4-0F2917B856BC}" = Microsoft Expression Design 3
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F1F1A2AD-A1CE-4D9D-B510-31F280B45E0B}" = Microsoft Expression Encoder 3
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F3B899DB-B138-4698-BE99-A4271BCA47A4}" = MatchWare MindView 3.0 Home Access
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Blend_3.0.1927.0" = Microsoft Expression Blend 3
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Coupon Printer2.0" = Coupon Printer
"Design_6.0.1739.0" = Microsoft Expression Design 3
"Encoder_3.0.1332.0" = Microsoft Expression Encoder 3
"ExpressionStudio_3.0.1061.0" = Microsoft Expression Studio 3
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"LManager" = Launch Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Mozilla Firefox 6.0.2 (x86 en-GB)" = Mozilla Firefox 6.0.2 (x86 en-GB)
"Netintelligence Home Edition" = Netintelligence Home Edition
"Shop for HP Supplies" = Shop for HP Supplies
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel® TV Wizard
"Update Engine" = Sony Ericsson Update Engine
"Web_3.0.3813.0" = Microsoft Expression Web 3
"WinLiveSuite" = Windows Live Essentials
"XP Codec Pack" = XP Codec Pack

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09/09/2012 13:27:49 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22511

Error - 09/09/2012 13:27:49 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22511

Error - 09/09/2012 13:27:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 09/09/2012 13:27:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 23556

Error - 09/09/2012 13:27:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 23556

Error - 09/09/2012 13:27:51 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 09/09/2012 13:27:51 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 24617

Error - 09/09/2012 13:27:51 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 24617

Error - 09/09/2012 17:11:35 | Computer Name = PC | Source = MsiInstaller | ID = 11719
Description =

Error - 09/09/2012 17:11:35 | Computer Name = PC | Source = MsiInstaller | ID = 1024
Description =

[ Media Center Events ]
Error - 26/07/2011 03:41:31 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 08:41:30 - Error connecting to the internet. 08:41:31 - Unable
to contact server..

Error - 26/07/2011 03:41:43 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 08:41:36 - Error connecting to the internet. 08:41:36 - Unable
to contact server..

Error - 02/08/2011 10:39:41 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 15:38:00 - Failed to retrieve Directory (Error: The operation has
timed out)

Error - 02/08/2011 10:53:52 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 15:46:21 - Failed to retrieve MCEClientUX (Error: The request was
aborted: The request was canceled.)

[ System Events ]
Error - 09/09/2012 17:12:34 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:12:34 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:12:59 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:12:59 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:09 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:13 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:14 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:18 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:39 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 09/09/2012 17:14:39 | Computer Name = PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.


< End of report >

Edited by RKinner, 10 September 2012 - 10:27 AM.

  • 0

Advertisements

#2
RKinner
Posted 10 September 2012 - 11:19 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Are you talking about your home page in IE: http://www.nextgener...rning.org.uk/?f
The site is served by an ad-server so my bet is your netintelligence is blocking the server. I assume it has some way to allow certain sites. When I right click on the page and select Source I see it is getting something from:

http://return.domainnamesales.com. My bet is the netintelligence considers that an ad server and has blocked it. IF that's not the website you are worried about then give me the URL of the website and I will look at it but it's probably the same thing just with a different server.

We can clean up your Firefox a bit so it starts faster and also fix the hosts file error that you are getting in your logs.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

Uninstall obsolete Java™ 6 Update 33

Copy the text in the code box by highlighting and Ctrl + c


:OTL
[2011/10/25 19:47:31 | 000,002,573 | ---- | M] () -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\searchplugins\askcom.xml
[2011/06/20 14:47:53 | 000,001,742 | ---- | M] () -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\searchplugins\search-the-web.xml
[2010/06/11 00:00:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2012/01/28 11:15:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/04/27 12:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/07/09 12:15:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [PLD_FrameworkRun] C:\Windows\System32\OEM\_NowIntoDT.vbs ()
O4 - HKLM..\Run: [SDU_Path] C:\Users\Parent\AppData\Local\Temp\7zS0B38\HPSDU.exe File not found
O4 - HKLM..\RunOnce: [PLD_FrameworkRunOnce] C:\Windows\System32\OEM\_waitAndLaunch_PLD_Framework_NoWait.vbs ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{68c29d2d-88cc-11e1-9c6c-c80aa926b46e}\Shell - "" = AutoRun
O33 - MountPoints2\{68c29d2d-88cc-11e1-9c6c-c80aa926b46e}\Shell\AutoRun\command - "" = E:\Enterprise_Launcher.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Enterprise_Launcher.exe

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply. This will also create a file winsock2.reg on your desktop. It is an insurance file. If you can't get on the Internet after the fix, try right clicking on the winsock2.reg and Merge then reboot. If that doesn't help then do a System Restore.
It appears that Old Timer is now hiding the log in c:\_OTL\RemovedFiles\09102012-some number.log.

Download HostsXpert from http://www.funkytoad...HostsXpert.zip. Save the file then right click and Extract All. It will create a new folder in the same place. In the folder find HostsXpert.exe and right click on it and Run As Administrator.

It will take a few seconds to appear. If the top line in the left column says Make Writeable, click on it and it should change to Make Read Only? If it already says Make Read Only? that's OK just go on to the next step.
Now click on the left column entry that says: Restore MSHosts file. Click on the Make Read Only? entry then close HostXpert. Run OTL again, Quickscan and post the log and let's see if the hosts file is happy now.

Download and run Speedy Fox by right clicking and Run As Admin.
http://www.crystalidea.com/speedyfox

Close Firefox then Speedup My Firefox then when it finishes, Exit. Firefox should start a lot faster now.

Ron
  • 0

#3
Nickinacknoo
Posted 10 September 2012 - 03:13 PM

Nickinacknoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Hi Ron,

Thank you very much indeed for taking the time to reply, and in such detail. I have followed the steps provided closely, here is the report that the final scan produced:

OTL logfile created on: 10/09/2012 21:36:19 - Run 2
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Parent\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

952.94 Mb Total Physical Memory | 189.81 Mb Available Physical Memory | 19.92% Memory free
1.93 Gb Paging File | 1.09 Gb Available in Paging File | 56.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 87.33 Gb Free Space | 63.77% Space Free | Partition Type: NTFS
Drive D: | 293.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: PC | User Name: Parent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/10 21:19:25 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Parent\Desktop\OTL(1).exe
PRC - [2012/07/27 21:51:36 | 000,035,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/31 15:00:22 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012/04/30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/09 04:24:48 | 002,165,104 | ---- | M] () -- C:\Windows\System32\srvmon.exe
PRC - [2010/11/09 04:24:40 | 002,381,680 | ---- | M] (Netintelligence Ltd) -- C:\Program Files\Netintelligence Home\LiteClient.exe
PRC - [2010/08/25 20:45:32 | 003,156,504 | ---- | M] (Intel Corporation) -- C:\Windows\System32\GfxUI.exe
PRC - [2009/10/28 01:19:04 | 001,196,544 | ---- | M] (Netintelligence Ltd) -- C:\Program Files\Netintelligence Home\LiteClientAM.exe
PRC - [2009/09/30 23:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 23:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/24 13:14:56 | 000,825,864 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.EXE
PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/07/20 07:29:00 | 000,484,920 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/12/04 07:20:46 | 000,657,408 | ---- | M] () -- C:\Program Files\Netintelligence Home\AMMon.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/24 11:50:32 | 000,203,776 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/05/12 19:38:00 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7edca5be5fb91df4d5eb66097437f546\mscorlib.ni.dll
MOD - [2012/04/30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/04/30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/08 07:43:57 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/12/04 07:20:46 | 000,657,408 | ---- | M] () -- C:\Program Files\Netintelligence Home\AMMon.exe


========== Services (SafeList) ==========

SRV - [2012/09/09 22:06:47 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010/11/09 04:24:48 | 002,165,104 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvmon.exe -- (ServiceMonitor)
SRV - [2010/11/09 04:24:40 | 002,381,680 | ---- | M] (Netintelligence Ltd) [Auto | Running] -- C:\Program Files\Netintelligence Home\LiteClient.exe -- (NILiteClient)
SRV - [2010/05/18 20:03:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/09/30 23:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC1078E7-912B-4231-9B52-804018610BFB}\MpKslecf2ddc2.sys -- (MpKslecf2ddc2)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/10/05 02:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/11 05:58:30 | 000,488,448 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/07/27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2008/07/10 11:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2003/10/01 15:29:50 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\OEM\factory\int15.sys -- (int15.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nextgener...k/ourhomeaccess
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nextgener...k/ourhomeaccess
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Parent\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/07 10:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/30 21:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/09 22:10:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/07 10:36:34 | 000,000,000 | ---D | M]

[2010/05/06 23:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Extensions
[2012/01/07 20:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\extensions
[2012/01/07 20:47:38 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Parent\AppData\Roaming\Mozilla\Firefox\Profiles\cuww7uph.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/10 21:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/08 07:43:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/06/18 06:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/07/16 21:15:58 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/06/06 10:46:49 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/06/06 10:46:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/06/06 10:46:49 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/06/06 10:46:49 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/06/06 10:46:49 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/09/10 21:32:02 | 000,000,698 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (txthlpBHO Class) - {060235DC-6D84-47BD-95D7-A4EF5099A59D} - C:\Program Files\Texthelp Systems\Read and Write 9\texthelpbho.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ba3HelperObj Class) - {A17B153F-2267-4161-A165-73DCD6C31BEF} - C:\Program Files\Texthelp Systems\Read and Write 9\ba3bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NIHomeAM] C:\Program Files\Netintelligence Home\LiteClientAM.exe (Netintelligence Ltd)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\NIHLSP.DLL (iomart Ltd)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{976C358F-90C4-4DE6-9A37-386AD6063C28}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB22F05E-956F-42F1-AC50-2329D467E09E}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/10 21:46:59 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Roaming\CrystalIdea Software
[2012/09/10 21:22:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/10 21:12:23 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Parent\Desktop\OTL(1).exe
[2012/09/10 14:29:10 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{033FB6AF-C314-44C8-B06D-DBB6C7531101}
[2012/09/09 22:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/09/09 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/09 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{7E59FFAD-2DC2-4FDB-8562-CDA81F15B626}
[2012/09/09 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{013A31C3-FB92-454E-9A8E-B7F3E6A5A2C7}
[2012/09/08 17:30:17 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{8E8B679D-502E-4476-8B92-0E62F12681A1}
[2012/09/07 20:08:59 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{8BECEB2F-A783-4223-8AEC-DC5CED0A3EB6}
[2012/09/07 08:51:30 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{6F16E2AA-9707-4CB0-A009-88B84B57FEF7}
[2012/09/05 17:33:33 | 000,000,000 | -HSD | C] -- C:\found.005
[2012/09/05 13:29:04 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{811EAFCF-A961-4D1B-AC35-7A08FA083600}
[2012/09/03 17:19:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3C5107B3-4ED4-4EC1-B655-420D5FDE03DD}
[2012/09/02 19:57:54 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{CE8F9149-A304-4996-A678-A3C9809CB837}
[2012/08/31 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{D381171F-0DD1-4D63-B825-B5DD31DA71A6}
[2012/08/31 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{4F2916AE-4E23-4CA1-A173-D5FE7849239D}
[2012/08/27 11:40:00 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{10C32FB8-C4E1-491F-9AB8-FA50E25F7160}
[2012/08/24 07:58:08 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{65AAF50C-2289-425D-BDC6-CB97E9C1B94C}
[2012/08/23 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{814B52B7-34AD-4FD1-82BA-46C5CEE2AF95}
[2012/08/22 13:16:42 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{813F7AC0-F0C6-4021-B1A4-1DD3034AFD6C}
[2012/08/21 12:12:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{EF3AD05C-E55D-4594-B741-83B06DEA01D4}
[2012/08/20 11:57:43 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3FF7977B-73CA-4E2A-BBCF-7AF0CB0141CD}
[2012/08/19 19:54:53 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B83D2DF7-AD77-4B8D-ACAB-DCC73DF1478C}
[2012/08/19 13:39:07 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B28F02DB-1AC2-487D-AC85-436ED164EA79}
[2012/08/18 07:46:41 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{E0B09CE1-51DA-473D-B059-901F9B0C319C}
[2012/08/18 07:45:47 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{5CC8486D-25D2-404C-9779-35D6B10FFD93}
[2012/08/17 20:16:54 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{B185B301-887D-4488-B3A6-47910E71F0E7}
[2012/08/17 11:30:01 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{A331E0CA-A7FE-418B-A80D-7E90521AC3B3}
[2012/08/16 09:34:22 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{BE939AD0-573B-4EB4-B4AD-46E16895A172}
[2012/08/15 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{97AA41F6-FD1D-40E1-948C-7240157120D9}
[2012/08/14 10:44:57 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{15A708DA-45B0-462C-B619-C49B612EE567}
[2012/08/12 19:47:16 | 000,000,000 | ---D | C] -- C:\Users\Parent\AppData\Local\{3E50691D-C784-4201-B7A8-BFF0953E25DD}

========== Files - Modified Within 30 Days ==========

[2012/09/10 21:55:17 | 000,019,464 | ---- | M] () -- C:\Windows\System32\srvmon.startuplog
[2012/09/10 21:46:23 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 21:46:23 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 21:34:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/10 21:34:33 | 749,420,544 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/10 21:32:02 | 000,000,698 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2012/09/10 21:24:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/10 21:19:25 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Parent\Desktop\OTL(1).exe
[2012/09/09 22:10:07 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/05 17:34:39 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012/09/04 19:23:27 | 000,696,314 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/04 19:23:27 | 000,136,456 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/30 23:09:46 | 000,097,243 | ---- | M] () -- C:\Users\Parent\Desktop\budgeting loan.pdf
[2012/08/19 19:52:28 | 000,302,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/15 18:00:46 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

========== Files Created - No Company Name ==========

[2012/09/09 22:10:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/09 22:10:07 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/05 17:34:39 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012/08/30 23:09:46 | 000,097,243 | ---- | C] () -- C:\Users\Parent\Desktop\budgeting loan.pdf
[2012/08/15 18:00:46 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012/06/12 15:34:40 | 000,121,856 | ---- | C] () -- C:\Users\Parent\01180727.dot
[2011/12/07 10:27:43 | 000,169,787 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011/12/07 10:27:43 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011/10/26 06:46:38 | 000,000,235 | ---- | C] () -- C:\Users\Parent\AppData\Roaming\fixpermissions.bat
[2011/06/29 20:19:01 | 000,000,000 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
[2011/06/09 08:44:00 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/02 22:26:38 | 000,006,144 | ---- | C] () -- C:\Users\Parent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/01 11:21:00 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== LOP Check ==========

[2012/09/10 21:46:59 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\CrystalIdea Software
[2010/06/15 11:36:32 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Facebook
[2010/08/01 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\InterVideo
[2010/05/06 20:11:15 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Issist
[2012/05/15 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Sony
[2010/05/25 22:42:23 | 000,000,000 | ---D | M] -- C:\Users\Parent\AppData\Roaming\Texthelp Systems
[2012/08/21 12:09:50 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Am just going to check the website and see if I can see all the text once I have rebooted.

Nicki
  • 0

#4
Nickinacknoo
Posted 10 September 2012 - 03:21 PM

Nickinacknoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Still not working. This is the site https://www.slimmingworld.com/login/ "Free to group members - lifeline online" text flashes up briefly then disappears when I reload the page, as does the red text giving the speil about joining a friendly group (it disappears too quickly for me to see what it says).

Nicki
  • 0

#5
RKinner
Posted 10 September 2012 - 04:49 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
No adobe flash that I can see. First thing it does is link to "http://www.w3.org/TR...ansitional.dtd" to pick up a style sheet. Can you go to:

http://www.w3.org

or is that blocked?

If you go to:

http://www.w3.org/TR...ransitional.dtd it will think for a long time then offer to download a file called xhtml1-transitional.dtd. You can download it and open it in Wordpad and it seems quite normal.

Then it looks at:

http://www.w3.org/1999/xhtml

which you should be able to see too.

There is a lot of Javascript and then some references to

http://www.slimmingworld.ie
http://www.slimmingworldusa.com
http://www.facebook.com/slimmingworld
http://twitter.com/#!/slimmingworld
http://www.youtube.com/slimmingworld

https://secure.img-c...&Login=1&mpuid=

https://group.slimmi...d.com/register/

https://online.slimm...d.com/register/

Tho they shouldn't be important in displaying the page.

I expect your Netintelligence Home program has taken a dislike to http://www.w3.org and is blocking access to it so that the website has no style sheet and doesn't know how to display its info. Do you know how to tell NetIntelligence to allow a site?
  • 0

#6
Nickinacknoo
Posted 11 September 2012 - 02:32 AM

Nickinacknoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I have no idea how to tell NetIntelligence that, imagine a three year old who can type...thats me! and I really appreciate your help :)

Could open http://www.w3.org/

and the notepad text that was produced when I followed the link after that is here:

<!--
Extensible HTML version 1.0 Transitional DTD

This is the same as HTML 4 Transitional except for
changes due to the differences between XML and SGML.

Namespace = http://www.w3.org/1999/xhtml

For further information, see: http://www.w3.org/TR/xhtml1

Copyright © 1998-2002 W3C (MIT, INRIA, Keio),
All Rights Reserved.

This DTD module is identified by the PUBLIC and SYSTEM identifiers:

PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
SYSTEM "http://www.w3.org/TR...ansitional.dtd"

$Revision: 1.2 $
$Date: 2002/08/01 18:37:55 $

-->

<!--================ Character mnemonic entities =========================-->

<!ENTITY % HTMLlat1 PUBLIC
"-//W3C//ENTITIES Latin 1 for XHTML//EN"
"xhtml-lat1.ent">
%HTMLlat1;

<!ENTITY % HTMLsymbol PUBLIC
"-//W3C//ENTITIES Symbols for XHTML//EN"
"xhtml-symbol.ent">
%HTMLsymbol;

<!ENTITY % HTMLspecial PUBLIC
"-//W3C//ENTITIES Special for XHTML//EN"
"xhtml-special.ent">
%HTMLspecial;

<!--================== Imported Names ====================================-->

<!ENTITY % ContentType "CDATA">
<!-- media type, as per [RFC2045] -->

<!ENTITY % ContentTypes "CDATA">
<!-- comma-separated list of media types, as per [RFC2045] -->

<!ENTITY % Charset "CDATA">
<!-- a character encoding, as per [RFC2045] -->

<!ENTITY % Charsets "CDATA">
<!-- a space separated list of character encodings, as per [RFC2045] -->

<!ENTITY % LanguageCode "NMTOKEN">
<!-- a language code, as per [RFC3066] -->

<!ENTITY % Character "CDATA">
<!-- a single character, as per section 2.2 of [XML] -->

<!ENTITY % Number "CDATA">
<!-- one or more digits -->

<!ENTITY % LinkTypes "CDATA">
<!-- space-separated list of link types -->

<!ENTITY % MediaDesc "CDATA">
<!-- single or comma-separated list of media descriptors -->

<!ENTITY % URI "CDATA">
<!-- a Uniform Resource Identifier, see [RFC2396] -->

<!ENTITY % UriList "CDATA">
<!-- a space separated list of Uniform Resource Identifiers -->

<!ENTITY % Datetime "CDATA">
<!-- date and time information. ISO date format -->

<!ENTITY % Script "CDATA">
<!-- script expression -->

<!ENTITY % StyleSheet "CDATA">
<!-- style sheet data -->

<!ENTITY % Text "CDATA">
<!-- used for titles etc. -->

<!ENTITY % FrameTarget "NMTOKEN">
<!-- render in this frame -->

<!ENTITY % Length "CDATA">
<!-- nn for pixels or nn% for percentage length -->

<!ENTITY % MultiLength "CDATA">
<!-- pixel, percentage, or relative -->

<!ENTITY % Pixels "CDATA">
<!-- integer representing length in pixels -->

<!-- these are used for image maps -->

<!ENTITY % Shape "(rect|circle|poly|default)">

<!ENTITY % Coords "CDATA">
<!-- comma separated list of lengths -->

<!-- used for object, applet, img, input and iframe -->
<!ENTITY % ImgAlign "(top|middle|bottom|left|right)">

<!-- a color using sRGB: #RRGGBB as Hex values -->
<!ENTITY % Color "CDATA">

<!-- There are also 16 widely known color names with their sRGB values:

Black = #000000 Green = #008000
Silver = #C0C0C0 Lime = #00FF00
Gray = #808080 Olive = #808000
White = #FFFFFF Yellow = #FFFF00
Maroon = #800000 Navy = #000080
Red = #FF0000 Blue = #0000FF
Purple = #800080 Teal = #008080
Fuchsia= #FF00FF Aqua = #00FFFF
-->

<!--=================== Generic Attributes ===============================-->

<!-- core attributes common to most elements
id document-wide unique id
class space separated list of classes
style associated style info
title advisory title/amplification
-->
<!ENTITY % coreattrs
"id ID #IMPLIED
class CDATA #IMPLIED
style %StyleSheet; #IMPLIED
title %Text; #IMPLIED"
>

<!-- internationalization attributes
lang language code (backwards compatible)
xml:lang language code (as per XML 1.0 spec)
dir direction for weak/neutral text
-->
<!ENTITY % i18n
"lang %LanguageCode; #IMPLIED
xml:lang %LanguageCode; #IMPLIED
dir (ltr|rtl) #IMPLIED"
>

<!-- attributes for common UI events
onclick a pointer button was clicked
ondblclick a pointer button was double clicked
onmousedown a pointer button was pressed down
onmouseup a pointer button was released
onmousemove a pointer was moved onto the element
onmouseout a pointer was moved away from the element
onkeypress a key was pressed and released
onkeydown a key was pressed down
onkeyup a key was released
-->
<!ENTITY % events
"onclick %Script; #IMPLIED
ondblclick %Script; #IMPLIED
onmousedown %Script; #IMPLIED
onmouseup %Script; #IMPLIED
onmouseover %Script; #IMPLIED
onmousemove %Script; #IMPLIED
onmouseout %Script; #IMPLIED
onkeypress %Script; #IMPLIED
onkeydown %Script; #IMPLIED
onkeyup %Script; #IMPLIED"
>

<!-- attributes for elements that can get the focus
accesskey accessibility key character
tabindex position in tabbing order
onfocus the element got the focus
onblur the element lost the focus
-->
<!ENTITY % focus
"accesskey %Character; #IMPLIED
tabindex %Number; #IMPLIED
onfocus %Script; #IMPLIED
onblur %Script; #IMPLIED"
>

<!ENTITY % attrs "%coreattrs; %i18n; %events;">

<!-- text alignment for p, div, h1-h6. The default is
align="left" for ltr headings, "right" for rtl -->

<!ENTITY % TextAlign "align (left|center|right|justify) #IMPLIED">

<!--=================== Text Elements ====================================-->

<!ENTITY % special.extra
"object | applet | img | map | iframe">

<!ENTITY % special.basic
"br | span | bdo">

<!ENTITY % special
"%special.basic; | %special.extra;">

<!ENTITY % fontstyle.extra "big | small | font | basefont">

<!ENTITY % fontstyle.basic "tt | i | b | u
| s | strike ">

<!ENTITY % fontstyle "%fontstyle.basic; | %fontstyle.extra;">

<!ENTITY % phrase.extra "sub | sup">
<!ENTITY % phrase.basic "em | strong | dfn | code | q |
samp | kbd | var | cite | abbr | acronym">

<!ENTITY % phrase "%phrase.basic; | %phrase.extra;">

<!ENTITY % inline.forms "input | select | textarea | label | button">

<!-- these can occur at block or inline level -->
<!ENTITY % misc.inline "ins | del | script">

<!-- these can only occur at block level -->
<!ENTITY % misc "noscript | %misc.inline;">

<!ENTITY % inline "a | %special; | %fontstyle; | %phrase; | %inline.forms;">

<!-- %Inline; covers inline or "text-level" elements -->
<!ENTITY % Inline "(#PCDATA | %inline; | %misc.inline;)*">

<!--================== Block level elements ==============================-->

<!ENTITY % heading "h1|h2|h3|h4|h5|h6">
<!ENTITY % lists "ul | ol | dl | menu | dir">
<!ENTITY % blocktext "pre | hr | blockquote | address | center | noframes">

<!ENTITY % block
"p | %heading; | div | %lists; | %blocktext; | isindex |fieldset | table">

<!-- %Flow; mixes block and inline and is used for list items etc. -->
<!ENTITY % Flow "(#PCDATA | %block; | form | %inline; | %misc;)*">

<!--================== Content models for exclusions =====================-->

<!-- a elements use %Inline; excluding a -->

<!ENTITY % a.content
"(#PCDATA | %special; | %fontstyle; | %phrase; | %inline.forms; | %misc.inline;)*">

<!-- pre uses %Inline excluding img, object, applet, big, small,
font, or basefont -->

<!ENTITY % pre.content
"(#PCDATA | a | %special.basic; | %fontstyle.basic; | %phrase.basic; |
%inline.forms; | %misc.inline;)*">

<!-- form uses %Flow; excluding form -->

<!ENTITY % form.content "(#PCDATA | %block; | %inline; | %misc;)*">

<!-- button uses %Flow; but excludes a, form, form controls, iframe -->

<!ENTITY % button.content
"(#PCDATA | p | %heading; | div | %lists; | %blocktext; |
table | br | span | bdo | object | applet | img | map |
%fontstyle; | %phrase; | %misc;)*">

<!--================ Document Structure ==================================-->

<!-- the namespace URI designates the document profile -->

<!ELEMENT html (head, body)>
<!ATTLIST html
%i18n;
id ID #IMPLIED
xmlns %URI; #FIXED 'http://www.w3.org/1999/xhtml'
>

<!--================ Document Head =======================================-->

<!ENTITY % head.misc "(script|style|meta|link|object|isindex)*">

<!-- content model is %head.misc; combined with a single
title and an optional base element in any order -->

<!ELEMENT head (%head.misc;,
((title, %head.misc;, (base, %head.misc;)?) |
(base, %head.misc;, (title, %head.misc;))))>

<!ATTLIST head
%i18n;
id ID #IMPLIED
profile %URI; #IMPLIED
>

<!-- The title element is not considered part of the flow of text.
It should be displayed, for example as the page header or
window title. Exactly one title is required per document.
-->
<!ELEMENT title (#PCDATA)>
<!ATTLIST title
%i18n;
id ID #IMPLIED
>

<!-- document base URI -->

<!ELEMENT base EMPTY>
<!ATTLIST base
id ID #IMPLIED
href %URI; #IMPLIED
target %FrameTarget; #IMPLIED
>

<!-- generic metainformation -->
<!ELEMENT meta EMPTY>
<!ATTLIST meta
%i18n;
id ID #IMPLIED
http-equiv CDATA #IMPLIED
name CDATA #IMPLIED
content CDATA #REQUIRED
scheme CDATA #IMPLIED
>

<!--
Relationship values can be used in principle:

a) for document specific toolbars/menus when used
with the link element in document head e.g.
start, contents, previous, next, index, end, help
b) to link to a separate style sheet (rel="stylesheet")
c) to make a link to a script (rel="script")
d) by stylesheets to control how collections of
html nodes are rendered into printed documents
e) to make a link to a printable version of this document
e.g. a PostScript or PDF version (rel="alternate" media="print")
-->

<!ELEMENT link EMPTY>
<!ATTLIST link
%attrs;
charset %Charset; #IMPLIED
href %URI; #IMPLIED
hreflang %LanguageCode; #IMPLIED
type %ContentType; #IMPLIED
rel %LinkTypes; #IMPLIED
rev %LinkTypes; #IMPLIED
media %MediaDesc; #IMPLIED
target %FrameTarget; #IMPLIED
>

<!-- style info, which may include CDATA sections -->
<!ELEMENT style (#PCDATA)>
<!ATTLIST style
%i18n;
id ID #IMPLIED
type %ContentType; #REQUIRED
media %MediaDesc; #IMPLIED
title %Text; #IMPLIED
xml:space (preserve) #FIXED 'preserve'
>

<!-- script statements, which may include CDATA sections -->
<!ELEMENT script (#PCDATA)>
<!ATTLIST script
id ID #IMPLIED
charset %Charset; #IMPLIED
type %ContentType; #REQUIRED
language CDATA #IMPLIED
src %URI; #IMPLIED
defer (defer) #IMPLIED
xml:space (preserve) #FIXED 'preserve'
>

<!-- alternate content container for non script-based rendering -->

<!ELEMENT noscript %Flow;>
<!ATTLIST noscript
%attrs;
>

<!--======================= Frames =======================================-->

<!-- inline subwindow -->

<!ELEMENT iframe %Flow;>
<!ATTLIST iframe
%coreattrs;
longdesc %URI; #IMPLIED
name NMTOKEN #IMPLIED
src %URI; #IMPLIED
frameborder (1|0) "1"
marginwidth %Pixels; #IMPLIED
marginheight %Pixels; #IMPLIED
scrolling (yes|no|auto) "auto"
align %ImgAlign; #IMPLIED
height %Length; #IMPLIED
width %Length; #IMPLIED
>

<!-- alternate content container for non frame-based rendering -->

<!ELEMENT noframes %Flow;>
<!ATTLIST noframes
%attrs;
>

<!--=================== Document Body ====================================-->

<!ELEMENT body %Flow;>
<!ATTLIST body
%attrs;
onload %Script; #IMPLIED
onunload %Script; #IMPLIED
background %URI; #IMPLIED
bgcolor %Color; #IMPLIED
text %Color; #IMPLIED
link %Color; #IMPLIED
vlink %Color; #IMPLIED
alink %Color; #IMPLIED
>

<!ELEMENT div %Flow;> <!-- generic language/style container -->
<!ATTLIST div
%attrs;
%TextAlign;
>

<!--=================== Paragraphs =======================================-->

<!ELEMENT p %Inline;>
<!ATTLIST p
%attrs;
%TextAlign;
>

<!--=================== Headings =========================================-->

<!--
There are six levels of headings from h1 (the most important)
to h6 (the least important).
-->

<!ELEMENT h1 %Inline;>
<!ATTLIST h1
%attrs;
%TextAlign;
>

<!ELEMENT h2 %Inline;>
<!ATTLIST h2
%attrs;
%TextAlign;
>

<!ELEMENT h3 %Inline;>
<!ATTLIST h3
%attrs;
%TextAlign;
>

<!ELEMENT h4 %Inline;>
<!ATTLIST h4
%attrs;
%TextAlign;
>

<!ELEMENT h5 %Inline;>
<!ATTLIST h5
%attrs;
%TextAlign;
>

<!ELEMENT h6 %Inline;>
<!ATTLIST h6
%attrs;
%TextAlign;
>

<!--=================== Lists ============================================-->

<!-- Unordered list bullet styles -->

<!ENTITY % ULStyle "(disc|square|circle)">

<!-- Unordered list -->

<!ELEMENT ul (li)+>
<!ATTLIST ul
%attrs;
type %ULStyle; #IMPLIED
compact (compact) #IMPLIED
>

<!-- Ordered list numbering style

1 arabic numbers 1, 2, 3, ...
a lower alpha a, b, c, ...
A upper alpha A, B, C, ...
i lower roman i, ii, iii, ...
I upper roman I, II, III, ...

The style is applied to the sequence number which by default
is reset to 1 for the first list item in an ordered list.
-->
<!ENTITY % OLStyle "CDATA">

<!-- Ordered (numbered) list -->

<!ELEMENT ol (li)+>
<!ATTLIST ol
%attrs;
type %OLStyle; #IMPLIED
compact (compact) #IMPLIED
start %Number; #IMPLIED
>

<!-- single column list (DEPRECATED) -->
<!ELEMENT menu (li)+>
<!ATTLIST menu
%attrs;
compact (compact) #IMPLIED
>

<!-- multiple column list (DEPRECATED) -->
<!ELEMENT dir (li)+>
<!ATTLIST dir
%attrs;
compact (compact) #IMPLIED
>

<!-- LIStyle is constrained to: "(%ULStyle;|%OLStyle;)" -->
<!ENTITY % LIStyle "CDATA">

<!-- list item -->

<!ELEMENT li %Flow;>
<!ATTLIST li
%attrs;
type %LIStyle; #IMPLIED
value %Number; #IMPLIED
>

<!-- definition lists - dt for term, dd for its definition -->

<!ELEMENT dl (dt|dd)+>
<!ATTLIST dl
%attrs;
compact (compact) #IMPLIED
>

<!ELEMENT dt %Inline;>
<!ATTLIST dt
%attrs;
>

<!ELEMENT dd %Flow;>
<!ATTLIST dd
%attrs;
>

<!--=================== Address ==========================================-->

<!-- information on author -->

<!ELEMENT address (#PCDATA | %inline; | %misc.inline; | p)*>
<!ATTLIST address
%attrs;
>

<!--=================== Horizontal Rule ==================================-->

<!ELEMENT hr EMPTY>
<!ATTLIST hr
%attrs;
align (left|center|right) #IMPLIED
noshade (noshade) #IMPLIED
size %Pixels; #IMPLIED
width %Length; #IMPLIED
>

<!--=================== Preformatted Text ================================-->

<!-- content is %Inline; excluding
"img|object|applet|big|small|sub|sup|font|basefont" -->

<!ELEMENT pre %pre.content;>
<!ATTLIST pre
%attrs;
width %Number; #IMPLIED
xml:space (preserve) #FIXED 'preserve'
>

<!--=================== Block-like Quotes ================================-->

<!ELEMENT blockquote %Flow;>
<!ATTLIST blockquote
%attrs;
cite %URI; #IMPLIED
>

<!--=================== Text alignment ===================================-->

<!-- center content -->
<!ELEMENT center %Flow;>
<!ATTLIST center
%attrs;
>

<!--=================== Inserted/Deleted Text ============================-->

<!--
ins/del are allowed in block and inline content, but its
inappropriate to include block content within an ins element
occurring in inline content.
-->
<!ELEMENT ins %Flow;>
<!ATTLIST ins
%attrs;
cite %URI; #IMPLIED
datetime %Datetime; #IMPLIED
>

<!ELEMENT del %Flow;>
<!ATTLIST del
%attrs;
cite %URI; #IMPLIED
datetime %Datetime; #IMPLIED
>

<!--================== The Anchor Element ================================-->

<!-- content is %Inline; except that anchors shouldn't be nested -->

<!ELEMENT a %a.content;>
<!ATTLIST a
%attrs;
%focus;
charset %Charset; #IMPLIED
type %ContentType; #IMPLIED
name NMTOKEN #IMPLIED
href %URI; #IMPLIED
hreflang %LanguageCode; #IMPLIED
rel %LinkTypes; #IMPLIED
rev %LinkTypes; #IMPLIED
shape %Shape; "rect"
coords %Coords; #IMPLIED
target %FrameTarget; #IMPLIED
>

<!--===================== Inline Elements ================================-->

<!ELEMENT span %Inline;> <!-- generic language/style container -->
<!ATTLIST span
%attrs;
>

<!ELEMENT bdo %Inline;> <!-- I18N BiDi over-ride -->
<!ATTLIST bdo
%coreattrs;
%events;
lang %LanguageCode; #IMPLIED
xml:lang %LanguageCode; #IMPLIED
dir (ltr|rtl) #REQUIRED
>

<!ELEMENT br EMPTY> <!-- forced line break -->
<!ATTLIST br
%coreattrs;
clear (left|all|right|none) "none"
>

<!ELEMENT em %Inline;> <!-- emphasis -->
<!ATTLIST em %attrs;>

<!ELEMENT strong %Inline;> <!-- strong emphasis -->
<!ATTLIST strong %attrs;>

<!ELEMENT dfn %Inline;> <!-- definitional -->
<!ATTLIST dfn %attrs;>

<!ELEMENT code %Inline;> <!-- program code -->
<!ATTLIST code %attrs;>

<!ELEMENT samp %Inline;> <!-- sample -->
<!ATTLIST samp %attrs;>

<!ELEMENT kbd %Inline;> <!-- something user would type -->
<!ATTLIST kbd %attrs;>

<!ELEMENT var %Inline;> <!-- variable -->
<!ATTLIST var %attrs;>

<!ELEMENT cite %Inline;> <!-- citation -->
<!ATTLIST cite %attrs;>

<!ELEMENT abbr %Inline;> <!-- abbreviation -->
<!ATTLIST abbr %attrs;>

<!ELEMENT acronym %Inline;> <!-- acronym -->
<!ATTLIST acronym %attrs;>

<!ELEMENT q %Inline;> <!-- inlined quote -->
<!ATTLIST q
%attrs;
cite %URI; #IMPLIED
>

<!ELEMENT sub %Inline;> <!-- subscript -->
<!ATTLIST sub %attrs;>

<!ELEMENT sup %Inline;> <!-- superscript -->
<!ATTLIST sup %attrs;>

<!ELEMENT tt %Inline;> <!-- fixed pitch font -->
<!ATTLIST tt %attrs;>

<!ELEMENT i %Inline;> <!-- italic font -->
<!ATTLIST i %attrs;>

<!ELEMENT b %Inline;> <!-- bold font -->
<!ATTLIST b %attrs;>

<!ELEMENT big %Inline;> <!-- bigger font -->
<!ATTLIST big %attrs;>

<!ELEMENT small %Inline;> <!-- smaller font -->
<!ATTLIST small %attrs;>

<!ELEMENT u %Inline;> <!-- underline -->
<!ATTLIST u %attrs;>

<!ELEMENT s %Inline;> <!-- strike-through -->
<!ATTLIST s %attrs;>

<!ELEMENT strike %Inline;> <!-- strike-through -->
<!ATTLIST strike %attrs;>

<!ELEMENT basefont EMPTY> <!-- base font size -->
<!ATTLIST basefont
id ID #IMPLIED
size CDATA #REQUIRED
color %Color; #IMPLIED
face CDATA #IMPLIED
>

<!ELEMENT font %Inline;> <!-- local change to font -->
<!ATTLIST font
%coreattrs;
%i18n;
size CDATA #IMPLIED
color %Color; #IMPLIED
face CDATA #IMPLIED
>

<!--==================== Object ======================================-->
<!--
object is used to embed objects as part of HTML pages.
param elements should precede other content. Parameters
can also be expressed as attribute/value pairs on the
object element itself when brevity is desired.
-->

<!ELEMENT object (#PCDATA | param | %block; | form | %inline; | %misc;)*>
<!ATTLIST object
%attrs;
declare (declare) #IMPLIED
classid %URI; #IMPLIED
codebase %URI; #IMPLIED
data %URI; #IMPLIED
type %ContentType; #IMPLIED
codetype %ContentType; #IMPLIED
archive %UriList; #IMPLIED
standby %Text; #IMPLIED
height %Length; #IMPLIED
width %Length; #IMPLIED
usemap %URI; #IMPLIED
name NMTOKEN #IMPLIED
tabindex %Number; #IMPLIED
align %ImgAlign; #IMPLIED
border %Pixels; #IMPLIED
hspace %Pixels; #IMPLIED
vspace %Pixels; #IMPLIED
>

<!--
param is used to supply a named property value.
In XML it would seem natural to follow RDF and support an
abbreviated syntax where the param elements are replaced
by attribute value pairs on the object start tag.
-->
<!ELEMENT param EMPTY>
<!ATTLIST param
id ID #IMPLIED
name CDATA #REQUIRED
value CDATA #IMPLIED
valuetype (data|ref|object) "data"
type %ContentType; #IMPLIED
>

<!--=================== Java applet ==================================-->
<!--
One of code or object attributes must be present.
Place param elements before other content.
-->
<!ELEMENT applet (#PCDATA | param | %block; | form | %inline; | %misc;)*>
<!ATTLIST applet
%coreattrs;
codebase %URI; #IMPLIED
archive CDATA #IMPLIED
code CDATA #IMPLIED
object CDATA #IMPLIED
alt %Text; #IMPLIED
name NMTOKEN #IMPLIED
width %Length; #REQUIRED
height %Length; #REQUIRED
align %ImgAlign; #IMPLIED
hspace %Pixels; #IMPLIED
vspace %Pixels; #IMPLIED
>

<!--=================== Images ===========================================-->

<!--
To avoid accessibility problems for people who aren't
able to see the image, you should provide a text
description using the alt and longdesc attributes.
In addition, avoid the use of server-side image maps.
-->

<!ELEMENT img EMPTY>
<!ATTLIST img
%attrs;
src %URI; #REQUIRED
alt %Text; #REQUIRED
name NMTOKEN #IMPLIED
longdesc %URI; #IMPLIED
height %Length; #IMPLIED
width %Length; #IMPLIED
usemap %URI; #IMPLIED
ismap (ismap) #IMPLIED
align %ImgAlign; #IMPLIED
border %Length; #IMPLIED
hspace %Pixels; #IMPLIED
vspace %Pixels; #IMPLIED
>

<!-- usemap points to a map element which may be in this document
or an external document, although the latter is not widely supported -->

<!--================== Client-side image maps ============================-->

<!-- These can be placed in the same document or grouped in a
separate document although this isn't yet widely supported -->

<!ELEMENT map ((%block; | form | %misc;)+ | area+)>
<!ATTLIST map
%i18n;
%events;
id ID #REQUIRED
class CDATA #IMPLIED
style %StyleSheet; #IMPLIED
title %Text; #IMPLIED
name CDATA #IMPLIED
>

<!ELEMENT area EMPTY>
<!ATTLIST area
%attrs;
%focus;
shape %Shape; "rect"
coords %Coords; #IMPLIED
href %URI; #IMPLIED
nohref (nohref) #IMPLIED
alt %Text; #REQUIRED
target %FrameTarget; #IMPLIED
>

<!--================ Forms ===============================================-->

<!ELEMENT form %form.content;> <!-- forms shouldn't be nested -->

<!ATTLIST form
%attrs;
action %URI; #REQUIRED
method (get|post) "get"
name NMTOKEN #IMPLIED
enctype %ContentType; "application/x-www-form-urlencoded"
onsubmit %Script; #IMPLIED
onreset %Script; #IMPLIED
accept %ContentTypes; #IMPLIED
accept-charset %Charsets; #IMPLIED
target %FrameTarget; #IMPLIED
>

<!--
Each label must not contain more than ONE field
Label elements shouldn't be nested.
-->
<!ELEMENT label %Inline;>
<!ATTLIST label
%attrs;
for IDREF #IMPLIED
accesskey %Character; #IMPLIED
onfocus %Script; #IMPLIED
onblur %Script; #IMPLIED
>

<!ENTITY % InputType
"(text | password | checkbox |
radio | submit | reset |
file | hidden | image | button)"
>

<!-- the name attribute is required for all but submit & reset -->

<!ELEMENT input EMPTY> <!-- form control -->
<!ATTLIST input
%attrs;
%focus;
type %InputType; "text"
name CDATA #IMPLIED
value CDATA #IMPLIED
checked (checked) #IMPLIED
disabled (disabled) #IMPLIED
readonly (readonly) #IMPLIED
size CDATA #IMPLIED
maxlength %Number; #IMPLIED
src %URI; #IMPLIED
alt CDATA #IMPLIED
usemap %URI; #IMPLIED
onselect %Script; #IMPLIED
onchange %Script; #IMPLIED
accept %ContentTypes; #IMPLIED
align %ImgAlign; #IMPLIED
>

<!ELEMENT select (optgroup|option)+> <!-- option selector -->
<!ATTLIST select
%attrs;
name CDATA #IMPLIED
size %Number; #IMPLIED
multiple (multiple) #IMPLIED
disabled (disabled) #IMPLIED
tabindex %Number; #IMPLIED
onfocus %Script; #IMPLIED
onblur %Script; #IMPLIED
onchange %Script; #IMPLIED
>

<!ELEMENT optgroup (option)+> <!-- option group -->
<!ATTLIST optgroup
%attrs;
disabled (disabled) #IMPLIED
label %Text; #REQUIRED
>

<!ELEMENT option (#PCDATA)> <!-- selectable choice -->
<!ATTLIST option
%attrs;
selected (selected) #IMPLIED
disabled (disabled) #IMPLIED
label %Text; #IMPLIED
value CDATA #IMPLIED
>

<!ELEMENT textarea (#PCDATA)> <!-- multi-line text field -->
<!ATTLIST textarea
%attrs;
%focus;
name CDATA #IMPLIED
rows %Number; #REQUIRED
cols %Number; #REQUIRED
disabled (disabled) #IMPLIED
readonly (readonly) #IMPLIED
onselect %Script; #IMPLIED
onchange %Script; #IMPLIED
>

<!--
The fieldset element is used to group form fields.
Only one legend element should occur in the content
and if present should only be preceded by whitespace.
-->
<!ELEMENT fieldset (#PCDATA | legend | %block; | form | %inline; | %misc;)*>
<!ATTLIST fieldset
%attrs;
>

<!ENTITY % LAlign "(top|bottom|left|right)">

<!ELEMENT legend %Inline;> <!-- fieldset label -->
<!ATTLIST legend
%attrs;
accesskey %Character; #IMPLIED
align %LAlign; #IMPLIED
>

<!--
Content is %Flow; excluding a, form, form controls, iframe
-->
<!ELEMENT button %button.content;> <!-- push button -->
<!ATTLIST button
%attrs;
%focus;
name CDATA #IMPLIED
value CDATA #IMPLIED
type (button|submit|reset) "submit"
disabled (disabled) #IMPLIED
>

<!-- single-line text input control (DEPRECATED) -->
<!ELEMENT isindex EMPTY>
<!ATTLIST isindex
%coreattrs;
%i18n;
prompt %Text; #IMPLIED
>

<!--======================= Tables =======================================-->

<!-- Derived from IETF HTML table standard, see [RFC1942] -->

<!--
The border attribute sets the thickness of the frame around the
table. The default units are screen pixels.

The frame attribute specifies which parts of the frame around
the table should be rendered. The values are not the same as
CALS to avoid a name clash with the valign attribute.
-->
<!ENTITY % TFrame "(void|above|below|hsides|lhs|rhs|vsides|box|border)">

<!--
The rules attribute defines which rules to draw between cells:

If rules is absent then assume:
"none" if border is absent or border="0" otherwise "all"
-->

<!ENTITY % TRules "(none | groups | rows | cols | all)">

<!-- horizontal placement of table relative to document -->
<!ENTITY % TAlign "(left|center|right)">

<!-- horizontal alignment attributes for cell contents

char alignment char, e.g. char=':'
charoff offset for alignment char
-->
<!ENTITY % cellhalign
"align (left|center|right|justify|char) #IMPLIED
char %Character; #IMPLIED
charoff %Length; #IMPLIED"
>

<!-- vertical alignment attributes for cell contents -->
<!ENTITY % cellvalign
"valign (top|middle|bottom|baseline) #IMPLIED"
>

<!ELEMENT table
(caption?, (col*|colgroup*), thead?, tfoot?, (tbody+|tr+))>
<!ELEMENT caption %Inline;>
<!ELEMENT thead (tr)+>
<!ELEMENT tfoot (tr)+>
<!ELEMENT tbody (tr)+>
<!ELEMENT colgroup (col)*>
<!ELEMENT col EMPTY>
<!ELEMENT tr (th|td)+>
<!ELEMENT th %Flow;>
<!ELEMENT td %Flow;>

<!ATTLIST table
%attrs;
summary %Text; #IMPLIED
width %Length; #IMPLIED
border %Pixels; #IMPLIED
frame %TFrame; #IMPLIED
rules %TRules; #IMPLIED
cellspacing %Length; #IMPLIED
cellpadding %Length; #IMPLIED
align %TAlign; #IMPLIED
bgcolor %Color; #IMPLIED
>

<!ENTITY % CAlign "(top|bottom|left|right)">

<!ATTLIST caption
%attrs;
align %CAlign; #IMPLIED
>

<!--
colgroup groups a set of col elements. It allows you to group
several semantically related columns together.
-->
<!ATTLIST colgroup
%attrs;
span %Number; "1"
width %MultiLength; #IMPLIED
%cellhalign;
%cellvalign;
>

<!--
col elements define the alignment properties for cells in
one or more columns.

The width attribute specifies the width of the columns, e.g.

width=64 width in screen pixels
width=0.5* relative width of 0.5

The span attribute causes the attributes of one
col element to apply to more than one column.
-->
<!ATTLIST col
%attrs;
span %Number; "1"
width %MultiLength; #IMPLIED
%cellhalign;
%cellvalign;
>

<!--
Use thead to duplicate headers when breaking table
across page boundaries, or for static headers when
tbody sections are rendered in scrolling panel.

Use tfoot to duplicate footers when breaking table
across page boundaries, or for static footers when
tbody sections are rendered in scrolling panel.

Use multiple tbody sections when rules are needed
between groups of table rows.
-->
<!ATTLIST thead
%attrs;
%cellhalign;
%cellvalign;
>

<!ATTLIST tfoot
%attrs;
%cellhalign;
%cellvalign;
>

<!ATTLIST tbody
%attrs;
%cellhalign;
%cellvalign;
>

<!ATTLIST tr
%attrs;
%cellhalign;
%cellvalign;
bgcolor %Color; #IMPLIED
>

<!-- Scope is simpler than headers attribute for common tables -->
<!ENTITY % Scope "(row|col|rowgroup|colgroup)">

<!-- th is for headers, td for data and for cells acting as both -->

<!ATTLIST th
%attrs;
abbr %Text; #IMPLIED
axis CDATA #IMPLIED
headers IDREFS #IMPLIED
scope %Scope; #IMPLIED
rowspan %Number; "1"
colspan %Number; "1"
%cellhalign;
%cellvalign;
nowrap (nowrap) #IMPLIED
bgcolor %Color; #IMPLIED
width %Length; #IMPLIED
height %Length; #IMPLIED
>

<!ATTLIST td
%attrs;
abbr %Text; #IMPLIED
axis CDATA #IMPLIED
headers IDREFS #IMPLIED
scope %Scope; #IMPLIED
rowspan %Number; "1"
colspan %Number; "1"
%cellhalign;
%cellvalign;
nowrap (nowrap) #IMPLIED
bgcolor %Color; #IMPLIED
width %Length; #IMPLIED
height %Length; #IMPLIED
>
  • 0

#7
RKinner
Posted 11 September 2012 - 08:29 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I would just uninstall netintelligence and see if that fixes the problem. I assume this is a paid version so you should have the license around somewhere so you can reinstall it if it doesn't fix the problem.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP