Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Connected to net but cant not dl win updates connect to autolog and ma

Started by waynegr , Aug 21 2011 06:53 PM

This topic is locked

#1
waynegr

Posted 21 August 2011 - 06:53 PM

Member

Member
194 posts

Hi all, and thx for your time and help in advance.

I started DL free antivirus Avira, internet connection seemed to stop, before this, and without uninstalling, too which I have done now, I was on pay Kaspersky, but thought it was just cos I was DLing the program, it DLed, but still could not connect, so I got rid of it, but still could not connect, then seen internet explorer 64 in my programs, that connected, and its faster than the other time. But now my internet connection is only working at 90% in my network connections, it’s says on my local area connection, that on IPV4 and IPV6 connectivity, NOT connected, and in my network bridge says IPV4 connectivity internet, and IPV6 connectivity limited.

Could you please help with this problem ??? Just tried my other internet explorer on programs, and this would not work, it seems to try to connect, but then disappears, but with I hit internet explorer 64, that connects. So is there a 32 bit and 64 bit internet explorer ??? I have hit on a different but faster connection, but it will not let me do certain things, [b]as I can not dl windows updates, can not DL anything. Can not DL anything like Windows Reg check, can not update my Ad-whare, or Spybot, can not sign into auto log on the NFS games, launch my game NFS world, it’s a full online game, if I now go to the Forza site, it tells me I need Silverlight, but when I go to dl it, my system tells me I have it.

Also here is another problem which I never had before, tried to reload a game Hot Pursuit, NFS, did not like at first, thus took it off, and a error came up; error loading winstock library 2ws23l dll. But then it went on to load the game, but this time it did not ask me for the serial number. Then after it loaded, when I double click it says application manager failed to load. I have check for DLing files in the internet settings, and truied turning off Firewall and Anti virus, am now on free anti virus avast.

Wayne

#2
Dakeyras

Posted 24 August 2011 - 03:03 AM

Anti-Malware Mammoth

Expert
9,772 posts

Please Click here!, and follow the recommendations in the guide.

Someone will be along to tell you what steps to take after you post the contents of the scan results.

#3
waynegr

Posted 26 August 2011 - 11:20 AM

Member

Topic Starter
Member
194 posts

OTL logfile created on: 26/08/2011 18:11:29 - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\FLIPP\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 57.84% Memory free
8.20 Gb Paging File | 6.38 Gb Available in Paging File | 77.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.06 Gb Total Space | 642.66 Gb Free Space | 70.08% Space Free | Partition Type: NTFS
Drive D: | 14.46 Gb Total Space | 1.98 Gb Free Space | 13.73% Space Free | Partition Type: NTFS
Drive E: | 6.75 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: FLIPP-PC | User Name: FLIPP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\FLIPP\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\DRIVERS\xnacc.sys (Microsoft Corporation)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (MxlW2k) -- C:\Windows\SysWow64\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
DRV - (Secdrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)Laurence Shahlaei 400kg deadlift
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\FLIPP\AppData\Local\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\FLIPP\AppData\Local\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\FLIPP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/11 13:56:20 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011/04/17 18:05:32 | 000,432,311 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14882 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] File not found
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [4Y3Y0C3AVF7W1E5VDDUCAEJ] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series (Copy 1)] File not found
O4 - HKCU..\Run: [InstallShieldInstallShield] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 - File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\FLIPP\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\FLIPP\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/27 17:06:10 | 000,464,144 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2011/03/08 15:33:55 | 000,000,000 | R--D | M] - E:\Autorun -- [ UDF ]
O32 - AutoRun File - [2011/03/08 11:33:03 | 034,599,936 | R--- | M] () - E:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2011/03/08 15:33:54 | 000,000,147 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{42ee88da-e157-11dd-be7e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{42ee88da-e157-11dd-be7e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2011/01/27 17:06:10 | 000,464,144 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/26 01:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/08/26 01:18:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/24 13:45:20 | 000,000,000 | ---D | C] -- C:\f12f1591da052aec4117
[2011/08/21 17:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/08/21 17:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/08/19 23:56:15 | 000,000,000 | ---D | C] -- C:\Users\FLIPP\AppData\Local\Mozilla
[2011/08/19 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\FLIPP\AppData\Local\Deployment
[2011/08/19 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\FLIPP\AppData\Local\Apps
[2011/08/11 13:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/11 13:56:41 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/08/11 13:56:40 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/08/11 13:56:36 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/08/11 13:56:36 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/08/11 13:56:35 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/08/11 13:56:33 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/08/11 13:56:16 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/11 13:56:15 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/08/11 13:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/10 13:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/08/10 13:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/08/10 01:07:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/08/09 22:03:33 | 000,000,000 | ---D | C] -- C:\Users\FLIPP\Documents\OneNote Notebooks
[2011/08/09 19:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/08/08 21:25:18 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/08/08 21:25:18 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[18 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/26 17:36:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 17:36:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/26 17:36:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/26 13:25:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2204173278-169951079-703970126-1000UA1cc5e9cb2f8364c.job
[2011/08/26 12:47:34 | 000,002,635 | ---- | M] () -- C:\Users\FLIPP\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2011/08/25 19:25:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2204173278-169951079-703970126-1000Core1cc5e9cb2df08fc.job
[2011/08/25 12:03:21 | 000,715,772 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/25 12:03:21 | 000,599,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/25 12:03:21 | 000,105,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/19 19:25:00 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2011/08/19 02:42:21 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/19 02:42:21 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/14 21:07:34 | 000,144,144 | ---- | M] () -- C:\Users\FLIPP\Desktop\GetSystemInfo_FLIPP-PC_FLIPP_2011_08_14_21_06_21.zip
[2011/08/12 23:27:08 | 000,000,322 | ---- | M] () -- C:\Users\FLIPP\Desktop\Building Muscle Mass A Quick Look at Muscular Growth and Hypertrophy • AmpedTraining.com • Matthew Perryman, CSCS.url
[2011/08/11 13:56:42 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/11 13:56:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/08/09 22:34:48 | 000,000,951 | ---- | M] () -- C:\Users\FLIPP\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/08/09 22:03:33 | 000,001,103 | ---- | M] () -- C:\Users\FLIPP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/08/09 19:36:59 | 000,327,680 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/08/03 02:18:19 | 000,140,288 | ---- | M] () -- C:\Users\FLIPP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/03 02:10:13 | 3073,871,496 | ---- | M] () -- C:\Users\FLIPP\Desktop\shift2u 2011-08-03 02-04-21-61.avi
[18 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/19 19:20:39 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2204173278-169951079-703970126-1000UA1cc5e9cb2f8364c.job
[2011/08/19 19:20:39 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2204173278-169951079-703970126-1000Core1cc5e9cb2df08fc.job
[2011/08/14 21:06:48 | 000,144,144 | ---- | C] () -- C:\Users\FLIPP\Desktop\GetSystemInfo_FLIPP-PC_FLIPP_2011_08_14_21_06_21.zip
[2011/08/12 23:27:08 | 000,000,322 | ---- | C] () -- C:\Users\FLIPP\Desktop\Building Muscle Mass A Quick Look at Muscular Growth and Hypertrophy • AmpedTraining.com • Matthew Perryman, CSCS.url
[2011/08/11 13:56:42 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/09 22:34:48 | 000,000,951 | ---- | C] () -- C:\Users\FLIPP\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (64-bit).lnk
[2011/08/09 22:22:45 | 000,000,951 | ---- | C] () -- C:\Users\FLIPP\Desktop\Internet Explorer (64-bit).lnk
[2011/08/09 22:03:33 | 000,001,103 | ---- | C] () -- C:\Users\FLIPP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/08/09 19:04:15 | 000,327,680 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2011/08/03 02:23:11 | 3073,871,496 | ---- | C] () -- C:\Users\FLIPP\Desktop\shift2u 2011-08-03 02-04-21-61.avi
[2011/05/02 22:28:13 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/02 22:28:13 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/26 19:16:50 | 000,000,192 | ---- | C] () -- C:\ProgramData\video
[2011/04/21 12:39:04 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/09 02:12:01 | 000,000,036 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\housecall.guid.cache
[2011/02/27 23:03:48 | 000,822,636 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\tmpIMG008.0
[2011/02/27 23:03:48 | 000,589,257 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\tmpIMG008.JPG
[2011/02/18 15:26:49 | 000,000,732 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\d3d9caps64.dat
[2010/06/04 00:26:18 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/06/04 00:26:18 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/03/10 14:44:01 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/03/10 14:43:51 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/02/28 16:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/12/25 19:37:42 | 000,070,575 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/12/25 19:27:08 | 000,070,575 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/11 02:01:29 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2009/11/11 02:01:29 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2009/11/11 02:01:29 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2009/11/11 02:01:29 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2009/11/11 02:01:29 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2009/11/11 02:01:29 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2009/11/11 02:01:29 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2009/11/11 02:01:29 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2009/11/11 02:01:29 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2009/11/11 02:01:29 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2009/11/11 02:01:29 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2009/11/11 02:01:29 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2009/11/11 02:01:29 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2009/11/11 02:01:29 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2009/11/11 02:01:29 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2009/11/11 02:01:29 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2009/11/11 02:01:29 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2009/11/11 02:01:29 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2009/11/11 02:01:29 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2009/11/10 21:52:31 | 000,000,025 | ---- | C] () -- C:\Windows\CDER300Euro.ini
[2009/11/10 14:25:52 | 000,000,000 | ---- | C] () -- C:\Windows\pcfriend.INI
[2009/09/24 12:28:53 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/24 12:28:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/24 12:28:14 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/19 18:22:48 | 000,009,160 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\d3d9caps.dat
[2009/05/22 22:05:44 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009/04/08 19:45:11 | 000,140,288 | ---- | C] () -- C:\Users\FLIPP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/07 00:17:13 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/01/06 17:18:44 | 000,008,572 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/01/06 16:40:11 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2009/01/06 16:40:11 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2002/03/17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000071.DLL
[2000/08/29 03:09:26 | 000,011,616 | R--- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS

========== LOP Check ==========

[2009/09/02 00:12:03 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Auslogics
[2011/05/23 14:23:29 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\bizarre creations
[2009/12/29 16:05:41 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/02/27 22:20:35 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Epson
[2009/04/23 22:49:00 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\FloodLightGames
[2010/05/07 22:12:56 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Gadu-Gadu 10
[2009/12/11 02:18:19 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Imagic700N
[2010/05/28 18:29:50 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\ipla
[2010/03/10 14:39:17 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Leadertech
[2009/10/22 20:25:16 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Multi File Downloader
[2009/10/21 01:00:25 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\muvee Technologies
[2010/04/30 13:55:06 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Need for Speed World
[2010/03/20 00:41:34 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Need for Speed World Online
[2009/11/02 21:51:03 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\No Company Name
[2009/04/12 15:46:29 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Opera
[2011/04/24 18:17:42 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Qeytaz
[2011/01/29 14:39:11 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Siytcu
[2011/04/21 21:03:31 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\Sony
[2010/01/16 16:11:54 | 000,000,000 | ---D | M] -- C:\Users\FLIPP\AppData\Roaming\WinBatch
[2011/06/13 20:04:01 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\RegInOut Scheduled Scan - FLIPP.job
[2011/08/26 14:15:56 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/16 13:27:45 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2630C28E-E88E-49C7-9770-69E193BCAF2E}.job

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2011/08/12 23:24:34 | 000,000,647 | ---- | M] ()(C:\Users\FLIPP\Desktop\Tension-time index, fatigue, and energetics in isolated rat diaphragm a new experimental model--«???????»--??????--?????.url) -- C:\Users\FLIPP\Desktop\Tension-time index, fatigue, and energetics in isolated rat diaphragm a new experimental model--《应用生理学杂志》--医学期刊频道--首席医学网.url
[2011/08/12 23:24:34 | 000,000,647 | ---- | C] ()(C:\Users\FLIPP\Desktop\Tension-time index, fatigue, and energetics in isolated rat diaphragm a new experimental model--«???????»--??????--?????.url) -- C:\Users\FLIPP\Desktop\Tension-time index, fatigue, and energetics in isolated rat diaphragm a new experimental model--《应用生理学杂志》--医学期刊频道--首席医学网.url

========== Alternate Data Streams ==========

@Alternate Data Stream - 2873 bytes -> C:\Users\FLIPP\Documents\FW_ Animated Map of Europe During World War II.eml:OECustomProperty
@Alternate Data Stream - 16 bytes -> C:\Users\FLIPP\Documents\Shareaza Downloads:Shareaza.GUID
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:26F6D10D

< End of report >

Wayne

#4
Dakeyras

Posted 26 August 2011 - 12:46 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Could you post the OTL Extras log also please, it should be on the Desktop.

Also please move the executable for OTL to the Desktop, it is currently residing here:-

C:\Users\FLIPP\Downloads\OTL.exe

#5
waynegr

Posted 26 August 2011 - 01:46 PM

Member

Topic Starter
Member
194 posts

Hi there and thx for your help and time.

Also all my desktop internet icons will not work, or if I put a new one on. Also the link that I had that you had posted a reply to my thread, by my e-mail, that link or any other link will not work, it seems to try and find it for 10 seconds then disappears. It’s like the old connection {it could be internet 32, I don’t know that much about it} tries to connect but cant and disappears, but this internet 64, can connect, and faster, but can’t see or do everything. Not sure that will help, but thought best I say. Also I get getting logged out of all sites, even when I click to stayed logged in.

Could not see or find in a search the extra olt anywhere, nothing on desktop, and did a new scan ??? Found this, but don’t think you meant this.

~~~~~~~~~‚—••‹Šˆ‰odY`••`Tf£•Ÿ–bNnii’›¶˜¨™›v”E??^¥–”’†^›`xxŒ¤Œ¡œ¡™HIV˜‹“ŽŠŠhŸ—\pŽœ’Ÿ™žž‹™OSX•Œ‹’ll““Zo–”•˜“››RSP‹u‡’omaq–“‘”˜‘—\\PX…t‹yŒjjuj“˜™“““’Ž^W\†qquekkonœš™™’pbK5§²s\XXk[un°²u¬¤a©©—SeRŸ¥ˆžWbKfŽ”¦¢•£m™qTmXœ¢¢ŸYpVgtŒ¤¬¬Œ§`a‘S_]c š”aoX]—œ•––pŠrY_\etˆˆnjYaj™¢§˜“’’ˆvgU[m•š‰xmdW^c¢¢ŸŸžŽŠskUcqq•Ÿ‘uu\Qec¥¢¢¡Ÿ‹‹‹opYks•ŸŸ”otVPfd ¤œœo†psYdw›¤˜˜ouNNXc¯Ã¶™sZogh••yd™Ÿm•eUOPPeª½°šl^^gvvlt˜tbŽg_fci££´«™k‰llfur””šŠk‹lKVhl¦¶¶¶£v†mdlqi‹œ‹n–WWUd]¤²µ svkcctwt‹žˆkp†XQQcX«ÀÀ¢toZnppp‰¡otŒXM`XX¦Ã¿‹vw_yrrvŸ‹lsrTNm[ ËÊ§bhhwmwip“¨kjt””RDX]šÇÉ¯ \QQW—¢\cž¤Žbq_UUhef³²§–x`NŸŸ®bs“ffW[kkfi¹Ã¤mpl^£“qt‘vvqdV[sacµÆµuulghŽ›ˆn‡‘wuuvaUkfc¬º¸‡jhhn ohwws„iiPjd_«¶µ‹phnn•ŸlptrrseTjjhd¼•Škai’rru˜‹vmcWdcaºÚÂž¦¦KeŠ˜Y]ª^¡ZZTpWTŒ”ÓÄqŠYYg’jš`Uan‹VXXe_s‡ÐÍno\O›“_˜—mŠGRbbPp½ÄŽnbW§“‘\—˜˜iu[]n`u³¼gmb—‹pjŠ‰lljdbshi›¬¬ mmm`m˜‘qpp‹seiifmhcž®£koggz—psqŒqkmggka›±±²¦ppg‡•kwvv„qsmlile©©©c]f™•ªSRZ’mmee‡pW]Â½§UUS”˜”oq—“qTiiteZ[ˆ§®šˆl_f¬¢’’in‘rZYfxqaVV¹¼ŸlZ—“‰vŒ‘‘•r]q†nSbqš£¤¤—iddŸ km••bZbqŽcd¸Ã¨¨kZnrm‹pff…qZZZm£•“q^f”™™“je“mdbnp^^bµ¼¬qdtŒpq’’šd\]››[Pfž¤¤˜ˆ —^` £žZZZždZ`¡ŽT\¶º¥io‰““…o“wgpqxlrrhhv›¡›‹uo…††‘’‡sjpl`j…jji”ª©˜ch•”vii•—oe`‘fdg‘“‹kg‹œ˜qoŠ‘iaagzull–ª£ŽpqqŠˆ†‰w…njlttqiluž‘‹Žqluu•–ƒxqŒscdr……r_˜§§˜mlˆ”ggYŒ—Rn—”gZWj œg_q‰‘‘xseeRMh’leu¢¦”onafm›“ffkmmmlip’•Ž™Œ__o‰‡Šxxytiaii”riŒž‘‰si…qm”˜ššljejnsmmšŽŽ˜“hryŠŠ‡‹rryccdŠ‰im›˜‘††tq„rŠ•˜nnggnovpnŽ–ŒŒir{xˆˆswriee‹‰jo“š”Œvlss…vt—“rkknkujfj¬˜˜™obejq’š“uqqfYZ™šg^—Ž……“Šˆˆ‰•–‘mdfaa_‹pi¡ ˆŽ•‰‰lmr’ŠmqŒ]ZZeb—ž’–‰suq‹‹‰‰tmjfjŽhlœ¡¡†˜ŽemwŽŒŠŠwm_amŒml— ••ŽoiprrŒ“‘sddfi‹qim—£{”˜˜Œin…ŒŠ•sjcamoo“¡—”ldoo‡˜“sdamŠtplœœ ‡˜oph†‰ˆ–uecgy…rr•—‹‹’’gkpŽŠ‡••oohhkŠxsr“’‹‹—”muxxsx“‹rlkeqŠuups”ˆ‘”untnnx–“kikk†uvqŒŒ›‹Š“‡orvrŠ’’‘kiqirtysw““Œ”zhvŒvv‘pgplrr‰‚r‡“ŽŠ—†tuu‡uw’qksnnzz…xt›m’›`lhhŠ—’Yga^—gjjŒ‡žŽ‡—duŽd““™x‹`iˆ_‰mˆx–œw’’pe–qkž‰Šaaooc–”isš“’kkp‡j‘œŠeirerr‹ww„•Šˆlƒƒ„l’‡ohugs““wn“Œˆˆ‡tw{nŽ•wppoqhtŠˆq‰Ž‹‹‡yywˆwŒ‡ummojt‰xmˆ“Œ†…‰‰ypvvŒŽ„ooskkq…‰oˆ’‰ˆŒ„xxq…zŒŽ„rrlgsƒ„p…‘‘Œ†‰‡}qwƒ‹Œ‡‡uqpor„‡wˆŒŒ‡‹†zs…ˆyˆˆvvvmlp……uˆ‘‡‹‹†ƒtxx†‰‰wvqqqqy„yx‘Žˆ†||vz‡ƒ‡Œxtnnpp‡„ww”“…‰‰yw„ƒ…ˆŒxxpoonˆwz‡Ž‹ŒŒ†…wv„‡{‰„qqnmoˆxxx“ˆˆ‡‡yxzƒu‰zrmnns|vzy‰‰ˆŠxxzv‰yŒ†vmnq‚{tzŽŠ„‰x„w‡w‹‹{skpryyy‚‰††‡†‰u{v‰xŠ‰†ttnqr|ƒtx‹Œ‰„„Œw‡{†u‹‡}rllstv{w‡‡†ˆ‡‰r…wŠvv„ˆƒsossvxv††ˆŠ‰‡‡r†z…sˆˆˆ‡suvswwv‡ˆŠŠŠ‹†t{‡vƒˆyytvrsu{y‡‚‰‰‡„t†„|t„‡†vprur‡‡w††‡†‡‡z|z……rƒŽt‡utvrŠxxyƒ‹Š…w……yt||‹yypstqxv………‹Š……||ƒzƒŒŒˆytwup†{|‚‹ˆŠ|y††}ywyŽyvttuuux{y†‰‹„€ƒƒƒ||‰vtutqt{‚‚z†‹ˆ‡|xˆ†xzzyŠywvvvwz„xx†ˆ‡ƒ„†„yƒ|ƒvuvsspv{ƒy„ˆˆ‚zyyuˆ{}{„‡ƒyysssz†wƒ‡‘œ’utwwkovpqslfzž››Ž|zpssw{yyjj›˜‡{vvy‡‘†vbr‹‹Š‚}„„‰ŒˆˆsooVd–˜Š‹‰‡xtttombn›¡‘‰†trrvs{rsjqš‹††ywwyy}wvacŒŒ›Žˆ†{w{{{xwhi…›‰ˆvw{…„xvlffwšŒˆ††‚|}sssc^v¥˜‘Š„uvzzwvwskzž—pyƒƒƒƒ‰|triYhŸ››™‘Šursjkle‡ª¦—‰‰„pihgx„y„‹slmoxŒŽ‘‘omsŽlm~‡„‰qa]l’Ž‡‹ˆˆŠwplc]l¡Šztsqlrjf…§§¤Œ…nnoxvyxxnƒ¢ {vumvxƒ…ˆ„jr••”uwxvˆ‹‹ˆykk^hn–‘’‹y“›””j]SKs‡”— ¡ŽpjiiUMp²•–™™”qs_Vb§Ã¥º¾¾XeI4Jfl–¬]<8EEU[°•Á™¤K<ššœb¢Ž”šbRGYYda¹»¦º¿\fm‡bbb–›h´¤XW_X‘°³¦©^SŸ¤ammˆ†z•ŒUNjY\ŸŸ—£œllij“hg˜g]Ÿ’]]blgy‹®®”›cUU™˜q‹†zns…SKŽŽgf›ž˜o_d””Œo›Ža“r_`nkkx‹¨¬™”8U¤n‘gŠssœE/ž_[¡o¶½IN¡‰“—\uŒˆˆfF^‰uŠˆ ¤™ŽSSV˜–’do‚–^>>[h—k¨³šŽ[TTŸ›‹šadŽƒrRU‘st…››Ÿ—ˆidŒœ“vpqq†’eP`‰vtw¨««–‹jf”–ˆ‡hi…‡‡u`d‹pl|–¦˜vpo¨œuxkk–^^Wk††gn£©‹œgd—˜ˆ††n‘—FGugb˜˜—£”njt–¤–ljjdbš˜keˆ‡eh•¦¦‘Œg`£²šlmooooljgf]g¡˜˜šw`ž¬Ÿhep‘gdg™YWŒ›Œ‹xtž«££ebowl^[“__ZŒ¤Ÿ†uj£¬Ÿihhow†‰lj‹[T{{žƒož«¡cbpp‡s†me‡aZtš£‘ˆk––¦¢eel‰w‡jemmŠaZs–¡–‹nnªb_h‡v‹oej œœ_Y\²¥‡fiÑÂOOWmŒglŽnetebb“kl¯±’i¡ª¤OS…m¨••Y–’ohlp‹Ÿ¦˜˜g²²˜e]eŠ”sccg›jOhŒy–Ž—‘””””zj[[©£PSŠŠ“e]a— šqfº±±qkmykk™gfxphhnnn––”x”ž™hhpbdœikjc`nn ¦”jj§§œ^_kxsillˆq^hrpŒŒ”Ž£plck“˜jhn††ekA´¸t¬”©ºggjSJ Pª±V VDDif˜šg¸±Ÿ•MOŸYfq¥ZZ‘Lfdaªžii§‹±§X‰lsne¦¦_\•AU–r”o£³xx¬£R•a_x„¢ebbtV^†f¤¦‰š‘¢¢ dgqpyuŽŠxk]^x…‹‹Œ’£’”“lsmess‰–igudbxr–‹Ž‘•`evflyyhiV[n˜Â³™™ao“‘dbh˜—‘RRb–^NN•ªªr‘¦›FI‡‡^`k´¨–RSkmm_©´²n —e\RRŒ¢›_]pj`_g¡¢¢ˆˆ¥£’[U“labb¦£‘[Sp’l^d®®¨ž£odVb¥¥jdrtdd]Z“Š¦©”f]]Žt_i ¡p]Wjlhi¦Ÿ‘q—ŸŒe\\d“mbtuih`——”ŽŒ”œ˜ifŽzeem”¥s`W\”ut¦–pŸ„icg“˜—\ZppˆhOe®¨sn– mm^gwntg®¤SO^˜˜h]Ÿ¸£†p£”ZZ_h¢•wrŠg`f__¡§žj™ª”\f”g`l‹°œœZct‹\\±®‹››—‰lnka‹‹siijwaVb¬«oq°¥hhhmŠpmp¦¢d[nn…c\¬¨“‰‹“““khd”’†zvvq`b“£˜zz‡«£mwxqgo–ŸŸ˜h]dkfg¦Ÿ‘ˆˆŠtŒ±¥YQf›ŒnddnmKS›»£ik¢™™dt•‰ecœ¢d``_hfa £™Šyt‘‘›[[_‰Šnupccde«¢Œ‡—™t‹hdtŒœœsfcmnhš™•“‰‰zt”–bdg“ˆˆyy…k]ak¢ ‰™’qqsˆsiiˆ„’‹gffgps”™””zp——•_\f™†xƒˆj\]m™¤””Œ•‘ro`f‘‰‰ŽŒc^n…Š™ŒŒpquš£iXpq‘^V^_m´¥’——”˜g[ap†nm¤‘‘dfpef¤¤q’’˜\X‹‹‘Šv’lbajim®®t‰“‰j^nŒŒ’šlahicg¨±ˆˆm‰”’”fanˆ‡uuˆoeighi¨«‰nnŒ“ˆŒigs…ŠŒrehgddf°‡q†“‹†oggd‰wqllffggª²oŠ˜‡’likooŒŠkggbe¥°°’ww—ˆŽjaq••’ŒolhlZ`±pk“™s‹‹’fdj‹“Œ•fkpp`c©«˜s••y‘ŒŒeeoŽ‡…chgagg¥˜s’•orceen‹z…jjgco¨¨¨–s“Œsn’gem†‡kknddn¢˜ušrrsŒief‹…Žpkkgco˜¢ž„“Šv‰••fdkŽ‹wŒjeddl”£˜ˆ‡v†ppdk‹x’ˆfgfnŽ¡šˆ•Yœ¥Zhr’™fžž‘^ŠTSŸ¤¤r““p‹˜ahrl–ca™ZZgl\’—¡¢n“Œnn_R†‹kl—[cc`VžgrŠtcaˆ‚’’pp˜aetgŽ–ž——js‰xŽo\tŒxxxxeeqio™štuu‰††uet‹u……‹‹ohqpm’ ‘vw……‰†vknƒw†Žibook““¢—u‚‡ˆˆ„ml‹‹vr‡Žmaopj“žž“…†xŒ‡{sk‡xttˆŠofpnjŽœšyy„‡‡xxpm‚vq‰‰lcpkm‘œ™ƒ„ˆˆ‡wyrr{twŠ‹oohmij’››‚…†‡zttuyuuv‡tknnm‘Ÿžž|ˆŠ„xwƒwwywwˆnkoil‘œ¢ƒ††‡…{tyxwx|Œ††tmolmœš†‡ˆˆ…xv{ts„„Š{roqklšš‹†‰†xwwxvvƒ†‰yxmsnm••–y‹vwv|sqƒƒƒ‰wxprqnˆ•–zŒvyv{tu‚ƒˆˆz‚rqmlŒ“‘‚Žv{v{{rsy„‰x{tqpjjŒ“ƒˆtzx{ssw…†‡xƒtomm““Ž‹„Švwvƒru†††ƒ}|wmnox„‡y{xƒsx‰†yƒz{nnkrŠˆ‰wyzz{xxx‡|„|yjjjqx‹‘ˆ†|z{{rrw‰‰z‚|jmrvvŽ‰ˆzyz{xwwƒ†w…{xmouv‡Œˆ„zzy„yvx†‰w}‚€€mqpx‹Œ‡ƒ„xx{yvv|„w„‚xpppuv†Ž‹ƒy‚vvuy…‡w‚‚|rqrry‹‹‡ƒ‡x{vvzƒ„y‚‚…xrqtw‰Œ‹‚‚„y~uuxƒ…{{votwŒ‹‰‡yy{vx{|ƒ|ƒ„xssqwv‰ŒŒ‹{…{}}wxx~ƒ{„†„ynrpv‰‡‡‰…ˆ…zwuuuwwv‚‚x{xŠ‰†‚‚s{‡ˆ„…„|urvvrtov}”•‰{{{rsuz‡†‡‰……ppojpt‘”Š…yvsnq{{ˆŒ‹Š„zoompŠ‰‰‹|xstwwwz†‡†wwst‡ˆ…………‡‚ƒvzzyvvv~y|yvw†„z…z|{ƒ„zwx|ttss{{ˆ‘Š…wvuww||‚ˆ‰‚‚yxys|ˆˆ›Ÿ Žfloslmpqq‡ˆ…{ppi_U_’’®Ÿ“ƒ‚|yww}}|†‚zxqrkjj““¦¦–Œ‡†ƒx|{||y|{yqtg_oŠ˜š—‡ƒƒƒ‚…wyyw|vwx}}{p`c‡‰žšŠ„ƒƒ†ƒ|ttttxƒ€yyvaam‡Ÿœ„ˆ‡‡~zyoqt~„xtttn_f†–©š™–•qoqrrttv’eŽjks``cŽž§¦™jla‘¡¡ª–rmau‰l[llhWXd‘š†tbcciŸfmrŸž˜˜žž“Š’iRNUm‹’ˆ”jql¢¢stn…’›“Ÿ ž‹‹‘nZKUk„Š…ppge¡qqus“‘ˆ‘œ•›’VUWdutww”xup ™lsryŒŒ‰”‘’•‘aTRmqƒ…†‡‡muž‹…Œt„ŠŠŒŽ’–g_\kzrrsƒqorš’s‰©©¡Z¶iœchSL™™Z¨ª\œQN¯jc¤¤u§œª`¥¥d™QQop‘˜˜l–]Rof•n¨¤¤— ’˜•p”_ZkMM^žmšmmqZmgZœœšœ›’”“tŽks__Rduw™•‡ˆgjiionœŽœ‰†…wsebddh‰Ž†vpfcpii—œ••™“…‰Šrricel†•”z{rgffpf–˜™‘•–Žƒmocagr‰›nqqŒ–YWmp˜ŠŽ¯ª›‰‰rffabf‡ŒŠ‹s…qssrsdd‹•™ œ““ŠZ\lffŠš›nexx„vY`sluŽ¶©©””†gT\lužž•aewxgkfv…–˜¢¨•‹‹ŠbZYWr†›kkmlp]kmk––Ÿ©©£˜‘Œd\_ml‹–šššehqlcbntw¦¦¨«Ÿ”‡‹iZfhxxv’™qfouZ]lrruž§˜‘‡†kSaa•olx¸ºOQnfKF‡ž¡’’¨±Ž„‘‰RRW‹‹“‘gU`ipXX\©¥£¨rTn„uu_^—¤ªej\RVVrzc£§º®‘–iiX`qŽgˆª®i[ezbaajjm’¦µ¯¢rrnkgghpw†›ž’h`eeemjlb˜ª¨–ŒŠeejopjuŒšmjcco_ennf›¬»¯ŒŒŠshlvloŽ£®iihmbbbkwN¶µ¼ØQQ§§^kZSžL«©o¢==7›IOf\zmÀÒ¤¥¥¥N X[™Xc™i¼¼LNrSZhJ˜S[ÂÂŸ¯¬jŸ[\¦TbYZ£¡ƒ^^NnKL—Y^šÇ¿¿ˆ’q”gc[W“zz¬¥bhgelejdf±±¦–qr‡mnnnq™¢‘m`fdbtllr‘ž²²€y‰…zuoj‡‚‚¢ iggijonp““§¦£|y…{‰rqqlm‘›”pg\S[ˆˆ“qo—£™¤nrktt£—abi´•lhh^^fŠfe`¨¿Áœlhl“xjfff›˜›—^\redii`’“¢«£ˆˆhgrrw’npt” jfeeea‘fjv˜º±”kpp›¢“zm]eŽ’škkhƒe\fbc•¢¦›Œxs„„y‡…jgyš¦“`[[acwkmŠ ³³“ggtm£“ljfh—…ffetj[mdež™›‹‘ts™šk`d——Œ’’rmVE•—rb—ÁÀb]]k”¡ip‰`Š– _U[”_`]«—‹‹——‹qn‰Špl„tnnr—¥jIQi”^ii¤©«•lzp—™“ffci£œzklrrS[sv–šœœ’o“ƒqu‡Œ^^b‰˜•eZhij‹jjq›œµ®fhr¤¨paapq”…{yzy‚acc[^’«£‘’‡”ojjt’Šjrs‹ž’^WWUZ®QL®ª¿ºaii[X¥—iak¤ŠcegŠ”^iaaU`ž¹™—„Žu[jj’Ššidjuˆ¢baaiga]‘¡¸•qmmmv˜fmx–“mmqqxulge`q©¢Œ”’de‘…’‹ruvˆd__gq‰c^“¨¥¦nmmjr˜šrouŒ”rkklw‹rclmp¦§}‹hjŽ’•orrs„‰nilt‡shkk £®˜^]t¯Â¢aY^špllhs £iYU^ÁÄ––if£§g]k–§¢ff]Y‘“c]Z™“UYY´®¥fZd›aaaŠ‰…eYŽ‰rUaaus”œ•¢”utkp’‹vwrr†tsovpliqss‡”‘˜¢zrln«££hff•–qrkr‘jffZ\¡³ŸŠr”˜ffoŽŽŽiikŽ‹ˆ\\dtŒqa]¦œ•fmŒˆd†„twmxŠspeeeydtœžœ”sq††‹’wfq‡‰otl“iemu‘z–Š’£tpm¦¦ljf˜‘‘mpq‰olgbª¡‰r‘ˆˆnnŠˆqkr—Œwwbcu…ptm§§•ŠŠnsŠxtn‡xuw……u‰lijtˆmu–¢¢‘or…„oq‰tup’f`erˆ’’Ž™™‘trt™›kjjp‘‘ksr{rojkššœ„‰ŽoqŒŒtttqvˆŽUfmaŠggk¢ž™h’mq–nnitm””q…ST’dbŠŒŒ¯«vxn–l•`bb—ikŽj››^jb“m›™•£nptn–““yob™›wmoŠiiokk”ŽžuŽqqt‘”jrtr˜onuubkqmu{¤‹‡wwvry‰yˆnnƒ†wmllmm†nu¡¦ˆsxv––ŽxypsŠt{vtŽŽfelsˆ‰ˆ””‰wwxyŽ‡prn…ˆˆsrzjkupŠ”””Šƒ‡t‰ˆunn„w‘‹tzzjnqorˆš‘‡‚‚z†xx‰Œ{ooz‰‰wrnmpˆpt‹šŠstxwyst††uv†v†mimuƒ„„ƒ””Ž‡wx|ˆ‰„sqr‡yyˆvwxjmvqˆˆ’’—‰~zvˆŠŠ‹nssy|‹‹w|rqnpu‡‡Ž–Ž‰x……x{………„npy’‹splmmŒkvƒ˜œxxu““u‹qxx„uvˆu‰lojsyy‚†’Ž‘Œpwt…‹‹†{po†sŽv{wkii…n‰ˆ“”‹ƒ{uˆˆ‰ˆŒovt†ˆŒtƒƒuwllsu‰•‰u‰vƒˆˆ‡…nlywxqppl‰jq„‘”zvyy‹Ž…‰uyxx†x……srmswz‹Ž‹s†uƒ‹†}us}vv‹ˆ|xqmtqs†‘’Ž‡zvvwˆ‰‰txq…z‰zz{zwonrs‹’ˆˆyv†v„„‰ƒtqxyyŠŒysporpq„ˆszx‡‡ˆzzzwzxyz„vvorwyŽˆˆŠsƒx„‡†€xrwwx‡†}{opsxu††Œyxz„‰Štuutv„‚€{zyomvvs’Œˆ…w‡tw„„…„ytxz†Šzxprtxv„„Š’ˆtvy‚‰‰xxx{uŠs{ƒurmpppoƒ˜‹vrmˆžžŠhmkj‡‰ŒŒˆuijgbkl’’˜¤•Žlc^eo“˜š—wwtot†nu{‰¡¡’’‹wreXcnš›œ••‰vognp‡„‡††‹Ž‹sfcqp–””—‹ve`dnŠ“–†{ojtrvtw‡‰‰š˜“zfikrŒ‘ŒŠleooŒ…Š†…‰{ttqmsmy‡˜“‡rrllpo|Œ‘‡uqqrˆ|zsw„ŽŠ‡‡‡sra_n‰˜ ”‹‡‡ovnsv|yŠ…†zzŠ‹„rspv‹Žyojiih…‘ˆ†‡†ƒyrrxrvrr|‹‘˜’uuomy}…†Š„‰nrkktŠ††z…„ywvvƒvysvx“Ž’tvvuxzz‰Žmmqo‚‘||‰x…ƒ…zyvyrxxs‹Š’ˆ„ruwv„„‡ŠwˆtroŠŠŽimmš™ˆlphd’mbbUw§¥štŒk‘’’MPZ‘¬ ¤›¶µšRQIIWWaªŒowo—‹[AA>XŒusŒ»ËÀ©__WUpžšŽ”•˜ŽvnnlRHMh‰“¡ª¸²²²rRP_šŠžž˜ŠZieTXcj‹¥¦¢©®‰‰aGP—ž™‹d”Ÿ gaXXksXX¬®®¨›{vk`_Œipp‘˜uUPekdgg›»¬inptt„……‡wˆ‚yydV`qvwvq¥¥¹µ«8L¤Z•¥]žžh§¦V¢66œS_ŸŸa šÂÁX•LD£œžž©\fšq’UQiWšX¢d¥Ê§]VŠŠg«±m¢`Y¤QU`Isjk——a› ¡¸¥^kh’’–Ÿa`syaYellmŠnur˜±©Žpauuz‰š‘rsŠigeebhz…†rm•¨°¡¡jfsy•™‘qhŽ”ifdlsss„uvq‡¢¦—qtt{sŒ™œ–lqkee]Yl•Ÿ‘idn¬¥‘‘sŠ’eo¢£‰hn••kST\…Š‹’sXWWš£pq˜u‰”•nkswff`^l”“q_^nŸŸ¡”wˆ’yx‚ƒƒ‡hehllzŽ“`cciŸ¡Œˆ„}‘’qqls‡x\Ylz†Œ‡‡rcdn”š˜ˆŠˆŠ–––ˆejv‹ecir‘‘Ž…n[[u•ž—†‰ŠŒŒkknttlkon†—nn]]i™¥‡‰–¥¥’jw|lqqdUt‹‘¡@/H–¤ ”“œœšndª²KDdkYYˆj‘¨dMNT½Ì¯[²¼¢¢[pŒh`vrwsyzrvoxPI°ÑÅccšŸ“•dTc‘xwjjlŽ”fiavYQ©½½³u”˜wª°iUZss…“a_d¡™idk^U©° oo¦«qm˜ˆwY^d¢¢fV\™—osXNLªª¼«mŽžª•qmzkkke•c^Žjj’_%%;±ÏYT§›¬©@@•CN¡diq”¯FH–_p<77ËÇ™›_¸´Ž—ABBq’»8, ””APPkd”µ¯¼ª_žŒŒŒ=2Ÿ¡’`N§¨ˆˆ‘;=nvÇÄgŽ¡´´«Xkpbka—rxlnŽabb[GZÂÆ¨d©°ŸŒŒZ\lsz‹‚uxhfrlLPÃÉ¨s••˜›kYXj‡——Y\\¦§g]dt[`¬”””—‘‰vubXc´²FG¤¨¨—˜=8@fØÕ–a““ÓÓ OW\]…›™eec¥˜]ZUUvv¸¢¢††£¡kaŽgfn˜pnwmesbbjbb°À¯es±¡s`PO•“‰ggež sXR[•j•§§››¥¤jiw]Uss”««]`rs„kgXXX¹Î¨k’œ£–dbbbg‘‘ˆlcl˜lbccitpšŸ‘§—‹blr^kkŽ§±ddsg‹v`XXM¿áº`v±®Ÿ^YYYoŽ–“i[_©•NOOb›‰l‘£¨±hf’’‹wqdj—•ªh^fftšš?D^³É˜e—žžšœkkccŽ¢–caaŒ›c]hgem“£hœ“__fŽ\a–“žojkffibe_ŠÂ¼”lss¡•jYVe¤£˜hbŽŽžk_^_‘’x’—––©¥okr‰ŒPSŸ _ck†ŒZY`š¾¸^e¢¢¡škcci–™pšÁ]PU=\“e´¼¼£¹žsjc kf^n˜˜˜lqa]\\NS˜˜Â¾’qq‰—“bdaa”¦«jmq£ždVV]•š£ŸŸ¦¨`Zj{˜‘icc‹“–sujqŠaKQQŸÀÁŸou–™ddooŽ–•dkŠœš]`bblpžŸ’Ž‘pettzŽks‡Œwojkƒt\YY®¸¦oqŽ–ommft•ggr•’h___i”•—ŒŽ•’ett‡Škfs‰„‹Žnjjl‡rJI’µÕÃoaafg—f]_§ª`cgŸ£fMMBS¥•šn¢§XX^sof\š£›\\]j‡nMF˜³Áªa‹‹•b_p‹qssŠ„sdnoobm¡¢¢™Œ†œŠŽndnˆ„Švg›ŒŒkabgŽdo’±•““tnk˜l^V—Ÿœœfa—“qcW]w˜•‰š“šge‡{xlhh™›†xbhrr]_XXœ¥§›u’“rj’nlio’ˆˆwvmmi‡jd`“ªª¦‘n£§rrmmwz†u¢’aZkŽ[[a“¦°’v‰„‘^^ab˜–’hr‹nggjjnq”’““oq’ndbbt›™mq‡qrjiqqiŠ‘’‹›˜pn…lei‘œ•poloŠŠpjdk¦ŒuŽ£££mopp‡t{‹tffj‰Œ_a“œ¢Šx‹††ffh‘•Ž\ž¡TTeocŒc§yoll¬_glXb‘–™]g `rYX—hfˆy£žž‘™hj™uuUT©g_ŽnqmZo‹•¦¦kj˜^_Žgissj¤¤oƒbjssybZ™—‹ŠŠ¢œvpqrooˆ}zphh†xk`k££˜Šw‹™™ykfg‰okfbf†Žlloˆ“‘Œ‹ˆ|‰‰gg`d•˜›joƒsvqqzp–™™ˆƒŒ›žpkxunnnv““x|rloyxsshqœšvwššqtnnmu†…Žv‰ŠcavvˆŒij›–Ž‚ˆ“‘‘„qfcm”—sjsŽpffs‹‹ˆu…‰˜•ŒuuŽŽŒcau™ nmytttumvp™uw›’’nsurpxŽ‘„{yykhr€xqn•—‹xxŽ“xqxjj}ˆ–w†hddwv…iišœ‹‚…““•ƒrjhn†‘qyy‹sfipŒŠ{w|y‹‹Š…†‡•okt‹––Œmuqm…u…xyufgp””ŠŠ‡vq{Ž‚{{ƒtns{„{tqyppt“œ™‰v…mk{‡‡’zƒqhsw{nnŠŠ–‹†Ž…sskkk„ŒŽz{…teik††ŽŒ†Œtt‡††zvykiw‹‹’qsnnwˆ“Ž†††‡pqxŒ‰‚ssttltƒ‡}wtŒz‹‡……ˆƒxˆom‚‡Š„ssvmiqnŒŽŽsss{†zxzŠvsw‰ˆ†oliiiu‘–“ˆ†‹jjtt…Šˆv{vuƒ}vvuuwt†Œ•…|xtttx||ƒ„sptww‚‹Š†ˆqt…Œˆƒƒz†ppvx…†wxllyŒ•‘‘„{xptx‹‰}wwssz|xswyˆ|……ŽŠˆrtqq…ˆ…ƒƒ|ƒmkqr‚…|††‡…{wxoq||Œ‡zummwˆŒ…Š“•‚{{wxwmisz——––vhhebq‹š œ†utsqlmyŒ‹‰‰‰Šuppru|–••Š…gfns„†z||z†Œ‰†wuvvq…‹‹“’Šyphhx{„ƒƒƒ‚yƒŒ‰‚yxy{†Œ‰ƒ{{txlkz†ŠŠ|„yyuƒ„…†}„„vzzz…„xutoq‚‹Œ‹‡‡}uqvŒŒ‰ˆ|zuuuyxvytzyx’’ŽŒppmm‡Š‚wlmhhqŠŠŒ„z}{w{{}…‰…Šzmcddio‘’‘ˆnekrr‰Œ‹‹€‚}wpjjmsr’ž›zqeegt‰‹‰‡Š‰soprryw‹‹ŒŽ””„tkkpm‡‡“”™‘tfbfrz……•—Ž„wwxvsuvv†Ž„rjjek’’š——‹‚uorzv~~}Š‰zƒ‚yyjjvv‹–—‘‘›Š\Vh›wpoo]]s‘Ž”pqq•e[m‘–„¤ªº[[27hŽwl‰‡nHH@O‹”X^¢©´±WWQ˜ “‘Œ‹“OKSufii®²½´UQfŒ”¥ŸŸ›‡PAMwop˜˜¢´[Yl—““””‹aOOij]h ª¿¿»UR`tŠ‘Œ“–‘‘aVQmrd]•ÃcflŒŒruw’“iWToyll]oš¸¾cco“›““…sŽseRTo…mdjjŽÒÏKg–½kžžže¦AF”Mª²A£œœ¶½Vhq£¸gž¥[›YK\kk™©XXkÎST™dd±´g–cncE]baa³GFœsÊX‹l®²²l¥gcŒCZr‘Ÿ\\X‡À°\Ž¢¦tt–ˆvyQ^tl‘]Uo«¨ee‡•¡¡rjzord__rcYeˆ ¥ivv™Ÿš‘kvqkj]u“iW_t¤ox”¡¡›’opomgfuŒšškWZqŽ¨£dq¤¯®®sfc[EYš½©PPMjoŸš•Žrqtquvheeg´£MF_i•—•¡¡ª‡iop^cqkpp£™XPci¨ªŒŠ£ŸŸvgk’jmgmŠ ’’UK[_§µ¤Œ Ÿea†pmfio¦ [S^^™©©ž‡žžŽppˆtrppeh˜–]U[d›®¦¦Š››Œkmzporlss `PZYe¯¨Žšš£•puvlnk`qžž£kT^X™«¤ž¢–ttœbOOS‰§‡•_CDTžžµ¬ ®¹cJY§¦HHMO©žgTVbU²¹¹†•£¡h[¢¤sKHHœž SBUgS©®§§¢‘Žjh’ks[W¢¯T?FFm_•ž¬°¨•if••qebap¡¨iDC^^_™¡ž²›ob–cc_] MF^eŸŸ¬™¬¥m]——n\\_“–nNL^fœ¨° •jjXnŽo\fŽÃ»MaaBEjhÁÉž¼Ya””UŸ\<mr£°_`LJJdÀÈš¯¨emoš^ju–§QPbBee’®³²¤©\hplœ\[”ˆªªd[[HfŒ«•µ¡ªªYgŠxŽfd‡ŠŸ••Y\TY—¨¬°›š_jj†vuieŒ–“ŒV\\]]n©ªª–roqqŠvoh‹”Ž„WQ[]g©¨¨ ‹ujo‹wrmpx`QYZd¨«§¤¤uqxs†uni‡–tthRZcj§¦©¢Žuult‡†ssr†‹viiR^\RÁØÄbODn‘rfnn¤–kY“kSD=ÊÌÌ•›q£˜gX_mddf§˜™B;ehž¢´ºº•q[lg_cžš‹‹WflZQJÈÈ¯ssœ—f_i lcb šQFguu“—©°¡mh›—ccY‘ddr_MZ³³•ª—s•q_a–‰iii“”p[Ne‡’šš±j_g˜“ob‹““ddvpUTbª±˜š––“d_t–“kg‡sqqjhXWr¨½¢›–cVf£ffašbMbr`LRÊÊÁ¦dnžb_\¤¦ZZfh¢“RJd‡‹•žºº®`gm•llux—qqmiw`Vf•µ¥œ˜˜r‡nhk…Šwv‹tgLNkk”¥—¦°”qaboomp–˜i[ol[[ggÀ¹’–w•f\g‹—ttkysaZ\c†¡ –ªqkhk–”Qmm’S`m‰[\\“»– ‘³’^^`sŽ™qsˆmR@UUa” ’©ž‰pqppnc†—Šb\lU^nn¨’–„Žg^r‰‰Žu‹rtiYW\‘››œ“˜™wpjn…lx˜žŠi\\i_`jª—ŠŒdbn“wŠusjdd]j‹œ˜˜–™ywgrr‰ru–—…b`efjjl›¥ ‰‹Žlfii••…xvxs_]eŒ–‘’Ÿ££y„qsxrw‘ˆeegdjir˜œŽ—‰‰’r^_j£ ”Œ`mPPTQ‘Ÿ¢’Ÿ¨wtsstjm‰‡ciahhc–Ÿ“•mre`pŸžppuguV]]p“™˜˜°ŒpobjlŠŒ•kl^mcuŒš™˜”ŠŠ“ŽZXh’Œxmrr]Yb’œ•˜Ÿ’ˆˆu^cmŽ‘’k^bdp”––Ÿ˜‘Ž‘_ciš˜˜Šqjf]d‡˜›––˜”Ž‹ac‰“Žšš”[[^kq’–žŽŽ‹Œ‘dYn•‘‰Œuuhf[cp”˜“•™Šˆlfvv‘ˆŒd]bowˆˆ—™˜Ž‹‡ŒpcsŒŒ†ˆ‰cgckou›˜˜‘’ŽŒl]xŠxvvŽ–a`dom…™˜””ŽŠoan†‰“epgjjcŸ‘“‹keeŠ‰‡x‘“adgmhhu—›“ŒŒsgp‡‡Ž‰ikic^–xxª¢‰¢˜mt]˜’gg–‹qT_hZ‘Œœ““‰œ“g’T\r“””vv`dkU’ “™–” kˆeccŒw‰”rv]Zxcll˜“˜™”iŒic‡‡‰t–qilleo•˜“tuno†‰rr–rviigjo™›’’—vttpnˆˆ’tvfuddmp‹“wjqqts‡z‹oescppp’”‹’”stuvnppw‹Š„qgudok””–‘’ˆ‰pylq……‰†Žkmobsi‹˜—oˆˆs„kjtŠ„ŠlkrrdgkŒ“’’˜yŠssylwu‹zpkikkrƒ“•˜˜t†t†nnvuŠx‰toroaiiƒ“”“–{…yvmuvŽvˆŠŠvilhvz“–˜”ŠŠzvynwtŒz‰ˆttkpenu”••Š†††vmv‰w††ulmmfsv”‘”’‰yzyyotŒˆz‡…njqmsvš–‘‘‘Šzˆurw‹Šw‡‡Žnnqksw‘’‘‘‘yˆwstwˆ{‡‰rroqoqu‘‘‘{{‡wssˆ‹yƒ‹soooqpvŽ’uƒwxt„††y‡‰pnsrlx––’Žs‹tqt‡ƒtty‰wimnluŠ’‘ŽŽ‘x‡wur…‡w†‡‡wpqtjsˆš‘w…vvuƒ‰vyŒzmppjxx…”“wwwttƒƒ‡y‡Šyonvkp‡‡–“‹‹…„rytwzzy‰{uovrq‚—‹‹”wuyxx„‚ŠŠŒxooxoq{•Œ†{qwwtv‡ƒy†zwnrssoƒ—Š‘†zuz……u‚†u‹wtqwspzz“Œ‰wwxxw……Šv„vxpnoo‚‹‰xvw†r|‡ww†zuqsonw’‹‹Œv{xzw…Šx{yxppqqqˆŠ‘‰uvw…ww{…{„ztstx‡ˆˆŠŠ{„„Ž””tsnnnfcWNNw•˜••Žqmc`fž¥ •’ˆwnmeaeŠŸ¡œˆ|uunmhgdmœŸš‹‹‹†…wopjt‹ž™””Œy{jlobgk¢¢••ˆxwuqjmeq‘¦¦¥’‚ytpnqiouu™›„nrprrqol•Ÿ˜‡‡xuxvuwoqs‘——ˆ{ux‹vwvlhjj˜”‡„{|…Šojkgg”–Šyƒ‘Š…qqyy‚—jk‰ˆuŠwddcMHrª¢’•‹†uskdbff^˜®©™”ˆxjrqqqkop–«¤Švshhpyz‚††pˆ pfflz{ŒŠlWd‰‰s†ŒŽŠ‘ŠwbddX\”¢“““„ysqkmndaa¤®Ž…ztpvywwsjg‘§Š‹~zp„„†xove`†¨……‚‚{xut†v`R‹¢ƒ†Š…u‰{uooeet•†ŽoŒ‹nfsqŸ””¬¬_dY]daˆnnn«—bqfZdHO§¤¤¹¢nªfb’›f—i‘‘–TŽtphk•«£al–¢Žh—ŒWWV^š¢`d®™º¡ShfŽ£——•q˜_EYfr‹ll™¢ RG_…¢‰‰r§—iEH_ŽYi—œœÇ¯]i[au’’ŸfG]]moe›Ÿ°°¹_Rbms›p“¥™ŽST`ooRe‰™Ãºpl[nkk“›Sµ´as\RmTTmsœ±§–˜]›jp””h›šhˆRVœC_‹‹n»µsœ]¥œ]©iid¥LS•`“bc’q¨¸nbbg–uˆ†vfdjoobd‹{£¬wxj––”nœ™o“WYvdgyymˆˆ™³šlut—””‡Š†ƒub]xqyrrnŒ–¢khŠŒŠŒŒilggo…nwiil°nuk—–v‰‰‰ˆ[V‰``l‹]gŒ¡ªdf†uu‘œjsƒq’\^mŒŒaTh¯°mlsž›ss‡sq|dfŒZ‘kkhbª»˜d„¡šeet†ouilvy’m^oŽ–”ooi¥ªž“dfrdhttq–b`h›´¦svvqš‡ˆjk‹\^wˆˆ’[Lgq¥p“——Žprtkqhf’““lfde§œ‹tŒ—˜Œ‰jlzzplt{ŒdVer¨¨¨žpŒŽ’tsmi……ll‘“jd\^¨© ggg§{tgrY\›š[[pnnœšŽ||w˜¡ncmq‹^i˜‡oiammh¬¯ŽxŽžªhTdd•ŒY[›¤“cdpqqŠx’™‘š£‘OPoo‘wmm…e`aª««’t n`qrnrrŠŸ›Zfcmjš™•š“’’tadoˆ™mfpqq]O§¬œw•œ–‘bbhntmp –a_gohhž›“—”vippoy…“j`eE]c˜˜Ì±\¤…©¢PˆUe©J²²bbrLQq•¿ªS•—¦dc__ŸnŸœ[’’SLi…»½Yœ›¦ZZWi`¦]c¡_dWLLg¹¶a£¡p¥[[[oeœ‘‰Ž_bkJQ—²°m›ŽœXVstŽ†tŽŽlfdY]›¤ xšš‹˜–dmn‹Ž|†hddlUU¤¬£†w™‘““–^dv„‡{{pnee^_¢¢†Œˆ‹lihy|nni__ž© ‡‡Šš‘w‡nmns‰Œgbapkp•‘Ÿ´®®e^iˆndm¢—YYQVwee¦«›‹ooŽhY]v‡„r^^bV¤“yœ¨˜rqqŒwcffž¢gXQpuvŽ¡›™™ŠkŽšŽieŒŽtssl_``§¢tŽ¡¡’ovxzhjn™“__WqswŽŸ™‹‹q”jigt‹ov„l```c”¡¢Œrœ”mu{Šii““‰ui`pe]t§¬™™n›lipq„‰’’g\\IH¾Æmllœ›obfš›_^«®®NE`s{ƒš¦š”VVV¬¡Rd™np‹qhlUY««¬‰˜”t‰‰np‰‰ur‘lcdnn¤¤‘—mlŒnjlŒ’’yokmxURª¬›qqpš‘owo„„os••”g]_uko¡›Œ‹lrrmlŽvsklsedd—£ŸŒ‹“xu…l——eQjg®bTXf‰³˜jOš¡”ma——hŒnbd^Wi¦¯¯œ‹ŸnaŠcgunŸ–[iiqtŽ˜™’ˆgh——‘‰co›vzmnnhheqž¨ „’mk††ŠŠhbwz”cdvoppž ˜†ngŽ’xppq‹w{…nomlmœ§ŸŠŽqqnxvŽ†lv”–bb]ukoŒ—¢š‚nkk‘—klˆ‰vu„rfddki¤®•Œ’Šnp‰‰s†yww’jknccfš¦™’…utŒiitk``››—_IY”«•Œ‘‘“›Œngqž¦p`bddcnœª´Ÿodii“–Xa›¢dkkSW`Ÿ®®˜ik—“jl“˜f]jtiavo«¶¶—gan–ˆj“–mm\“‘tj^hp§µ¡¡ls“tlsqhh””’wlhhh³²œpll‡—ŠiŽŒtphŽŽqld]oµ¸¤hpŽ™rjŒ——sjs•“iobhl²rnukf‘qii‰q‘meŒn[j§´©©nk‰njl†’‡nrrŠ…llk`l¬°™xx‹wjip‘ooŒpŠvvj†q^o•¦epŒŒpqp’ˆpqpphl\pŸ©©‘ˆŠhl–‘ifuuŠwst‡iYl–²˜˜pŒŽrnvvuuii‡keYhž¦’ŒŒŒ‹nkŽ‹uyŠottv…d\l–®œšd¥nf”qŒŒ–rˆU`£ge\V²²´†Œu–me•lf””q\d¢f_]¨³‘‘‹ipšejrj›’pp]e£“[cd¤´Š‹‹x‰gŠrh”qfh››___c™©œ‹Œr—”nuup›p`o˜’W^ee”˜†‡Šssu„rˆˆ“„iqˆŽf``Žœœ¡‹zkt‰ust——l`uŽ‰b]i••‹rvtt|wzxŠ…ol‰sggcn‡”œ”{orˆuupx‘ocrtg_kk“”qsrys‡‡v{vvo…tjip……•–˜†v†ˆvm‰‰‹nmŒŒŒnjepŒŒ”•‰ŒrruvmŽ„‚uur‰pplpk†Ž“š…z{ˆrrm‹‹‹lsŒ†tihhrŠŒ‘’‰‰tvurr„„ptv…soql…–™xx{yŠql†ŠkrppŠ‹hlmˆŽ‘‹‹‹v‡rq‰„Šsxyvuurrmu••‹ˆxŠŠnkˆ‹prw‡|llkl„Ž…Ž…ˆpn‹†uuw{zurunx‡•““‰ˆ…ˆplxŠ‰tww{„zlnlxˆ„ƒll‘‚ux‡xxtrsru†”–‹‡ƒƒ…tnr…ƒqy‚ymqlt‹„Œ‹ylrŽzzwv†wusvtqŠ‘‘Š‡‡zurt‰y…uu‚zyvsnpŒŠ……‰Župr‰vzv‰‰wtsttoˆ‰„‰xuutt†w†x„v}yrpkk‹‰†‡uuu‡‰‰uzw‡tysurtŠ‰‰‹Œ‰‰yxvx„w……{}s{xqnp‹‰‰‰‡‹uss|ˆx||‚‚xxwsuxŒ‰Š‹‹‡vtx}ƒyƒ…|uxyqruŒŒ‹‰‰‰ˆrpv…zzƒ{zwvssy‹ˆˆ‡Š†qqy{‚{|……yxxxnkwŒŒ…ŽŽ†Œptt{|†x…yyxuyxtƒˆ†y†††t††ŠŠz{tƒvxuzvqyyˆzv{vlt…ˆŠŠ’†‰y†y|wszƒyyvƒ…ynvtƒŠ’ŽŽŽx†{‚vsx…{xx}†|strsyŒƒˆ‚zuuvy…xv„ŠztvyysoƒŠˆˆŠƒ{uxxxƒyx{ˆ|vvzyttwu|„ŒŠƒw{y……vy„Šxuy|xq††xyuƒ‹ˆŠ‚{‚w‡yˆyxxyyxs‰{wq{‡……‡‰‡…u‡†ˆwxyyxxtˆ‚{vvxt…ˆˆ‰…„Šz„z|{vuuu‰…zuzyrv}ˆˆ‹ˆ‰…ƒy{xwxw…ƒzyxxzwuww†…†ƒzz…{vvu†‡xw„„„vuuwwyŒŠŠ‡ƒxxyxy†„z†x‚xwwxttu„‡Š‡Š}ooqŠ…„uvpp†‰{…yƒƒƒztuhj‹„……wv}ywzttq““““†rgn””‹skdddŒngˆ•’ˆƒ……upx†„ƒ‹‡unqq[ZrŽ“…‰hgpom‰Ž‘‹‹‘xtY[o†ˆ‡‡Œ‡v‹olzŽ‘””‘†ˆ\]jx††‰……sŠjjxŠ‡Ž““‰Šbclyy†ˆ†uuŠro…‰…†‹Š‹‡‹gfkyyz„|…uvur†‘ŒŒ†ˆ‡ˆ„ˆkio„xx…{„qrvtˆ“‹Œ……‚„nhm…‡Šzz‚ppup‹—“ŽŒ……ƒ‚zngo‡‰Š|„rrnqq•‘‘‘‡„ƒƒxoek…‹Ž{ƒvmoq‹–”‘‘Ž‡ƒ…voem„ŠŒŒ}…vhjrq“‘“‰‚„vrfm‹‚yijnm““’ˆ„„ˆupgl‰Œ‚zzggop“”‘‰‚…utilzz‰Œƒ~zhgon”——’†‚ˆtrlnƒ‡‡‹„|zgeop”–”ŽŽ†€…tumozŠŒ‡‡z{henp“™—„„‚…stmpz‰‹…{|gemqq˜–‘†ƒ…suqrrwŠŽˆy|hgkpœš“†ƒ†ststy‰‰‹‡y}jgkr‹šš“†‚„stutwˆŠy|likquœ•…ƒ…uuutux†‹‰y|njkkqtœœ—‡ƒ‚ttvvuv†Œy{pklrss›˜…‚‚uswuww‡Œ‹x{qjkqr˜˜™†ƒ‚vtyuv…Œyzsskmpp–Ÿ‡‚‚yytytv…ŒŠxztjjlqq‘Ÿž‰ƒ‚xs{{uv„Šxyvmnrrp ‰‚zt{wwx…‹‰xzummqrvžž‹ƒƒƒyu}yx…‹‰xyyvpptstœ‚‚‚zw|zx…‰‡xyvooortvšœ…„{yy}{xzˆˆxytrqqttt™›‚ƒ{yzzy…‡‡‡xyvrprtu—˜„…|y||x{‡†xxytrptst–™’ƒƒƒ|{{{x{†‡xzwwrqtvw•˜’„„||z{}y{†‡z{wtrvuw““˜“„„~|||z‚ˆˆ‡zzxtruvx——’ƒ„}z{}{|††||{xtswwx˜“‚‚‚~}~}|}‡…zzzytsuuyŽ–‘ƒ‚}{}|}}{„ƒ}zytuvvyyŽ–‘„‚|€|}||†…|zzuutuzŒ””„ƒ|~}€|ƒ„„zzuvwwy‹”…‚€}€|}{ƒƒ|zzzwvvvzŠ‘„‚‚‚|€|~|‚‚|yuuwwy‰‰‘‘†‚€|€|}}‚|zzwwxwzˆ„ƒ}~|~~€||{zvwyxy†††ƒ€|}}€{zzzxwxvy†Ž„ƒ‚}~|}}}~€|zxwyxyy„‡‚}||}}~‚|{zyxxvy„Ž†‚‚}~}|}}|zyxxwy{ŽŽ‡}~}{}}‚‚|{zyyywy|ŒŒ‡}}}}|€}€|{yxzxxy{‹Œˆ€}~}|}}}ƒ‚|{zyzxx||ŠŒˆ|}~|€}}€|{zyzxy|‰Œˆ}}}€|~}‚||{yyyxx}‰‹ˆ}||€}}€||zyzyyy{‡Š‡‚}|€}}~}||{zzxxx{‡Š‡‚}}€}}}||zzzyz{†Šˆ‚€€}}€}}|||{{{zyz{†‰‡€~}}}~~‚}|zzzzzz|…‰ˆ‚€~}€€}}~‚||{z{zz{…‰‡‡‚€~~€}}~‚}}||{{zz|„ˆˆ‚‚€~~€}}~||||{{{z|ƒ‰ˆƒ€€€~~

Wayne

#6
Dakeyras

Posted 26 August 2011 - 02:18 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

thx for your help and time

You're welcome and thanks for the update also...lets see what we can do for now OK.

Temp' Disable Windows Defender:

This is so it will not hinder the Malware Removal process.

Launch Windows Defender via Start(Vista Orb), Control Panel, Windows Defender and go to Tools >> Options.
There will be a list of configuration options.
Scroll down to the end of the list to Administrator options.
Deselect the Use Windows Defender box and press the Save button.
Now you will receive a notification saying that Windows Defender is turned off.
Click on Save then Close on the Notification that appears.

A graphical tutorial explaining the above can be viewed here.

You may re-enable this when I give the all clear, though personally I would leave it disabled as it is not a particularly effective application and unfortunately it cannot be uninstalled because it is a integral part of the Vista Operating System.

Next:

Now please go to Start >> Control Panel >> Programs and Features and remove the following (if present):

Ad-Aware
Spybot - Search & Destroy

To do so click once on each of the above to highlight then click on Uninstall/Change and follow the prompts.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Please go here and download ERUNT.
ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
Right-click on erunt-setup.exe and select Run as Administrator to Install ERUNT by following the prompts.
Use the default install settings but say No to the portion that asks you to add ERUNT to the Start-Up folder.
Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
Make sure that at least the first two check boxes are selected.
Click on OK
Then click on YES to create the folder.

Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Custom OTL Script:

Right-click OTL.exe and select Run as Administrator to start the program.
Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - File not found
O4 - HKLM..\Run: [avgnt] File not found
O4 - HKCU..\Run: [4Y3Y0C3AVF7W1E5VDDUCAEJ] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series (Copy 1)] File not found
O4 - HKCU..\Run: [InstallShieldInstallShield] File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
[18 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:26F6D10D
 
:Files
ipconfig /flushdns /c

:Commands
[Purity]
[ResetHosts]
[EmptyFlash]
[EmptyTemp]
[CreateRestorePoint]
[Reboot]

Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
Then click the red Run Fix button.
Let the program run unhindered.
If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Next:

Please download Malwarebytes' Anti-Malware to your desktop.

Right-click mbam-setup.exe and select Run as Administrator then follow the prompts to install the program.

Note: The feel trial offered for the Protection Module is optional. Though I advise activate this when we've finished, if you so wish.

At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please post that log in your next reply.

The log can also be found here:

Launch Malwarebytes' Anti-Malware
Click on the Logs radio tab.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered?
OTL Log from the Custom Script.
Malwarebytes Anti-Malware Log.

#7
waynegr

Posted 26 August 2011 - 03:42 PM

Member

Topic Starter
Member
194 posts

Did what you asked. Never thought you would say get rid of Ad and Spy. Turned defender off, and glad you said to. Have I a virus ??? Just thought I was missing softwear somewhere. Here are the two logs I think you asked for.

All processes killed
Error: Unable to interpret <:OTLO3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - File not foundO4 - HKLM..\Run: [avgnt] File not foundO4 - HKCU..\Run: [4Y3Y0C3AVF7W1E5VDDUCAEJ] File not foundO4 - HKCU..\Run: [EPSON SX600FW Series] File not foundO4 - HKCU..\Run: [EPSON SX600FW Series (Copy 1)] File not foundO4 - HKCU..\Run: [InstallShieldInstallShield] File not foundO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not foundO18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found[18 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ][1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:26F6D10D :Filesipconfig /flushdns /c:Commands[Purity][ResetHosts][EmptyFlash][EmptyTemp][CreateRestorePoint][Reboot]> in the current context!

OTL by OldTimer - Version 3.2.26.5 log created on 08262011_223228

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7035

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

26/08/2011 22:41:57
mbam-log-2011-08-26 (22-41-57).txt

Scan type: Quick scan
Objects scanned: 181073
Time elapsed: 3 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4Y3Y0C3AVF7W1E5VDDUCAEJ (Trojan.SpyEyes) -> Value: 4Y3Y0C3AVF7W1E5VDDUCAEJ -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Files Infected:
c:\Recycle.Bin\2ddf24fb1b6ff46 (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Wayne

#8
waynegr

Posted 26 August 2011 - 04:01 PM

Member

Topic Starter
Member
194 posts

Hi there,

All the problems still seem to be there, cant dl win updates, google earth says I am not connected, I can not launch the free online game nfs world, not of my desktop links for the internet work, just created another one just to see if a new one would work but no, the other internet explorer in programs, that does not say internet explorer 64, it just say internet explorer, seems to try and connect, but then disappears, and keep getting log out of all web sites. No it all seems the same sorry.

Wayne

#9
waynegr

Posted 26 August 2011 - 04:15 PM

Member

Topic Starter
Member
194 posts

Also tried to reinstall the new NFS Hot Pursuit, that I uninstalled and then tried to reinstall just when this problem started, and got this massage again; exception eidstackinitalization failed 001137cd error on loading winstock liberty 2wss2332dll. I then went on with the loaded without asking me for the serial number, loads but it will not play.

Wayne

#10
waynegr

Posted 26 August 2011 - 05:09 PM

Member

Topic Starter
Member
194 posts

Just tried to launch NFS Hot Pursuit, and it said Activation Manager stopped working.

roblem signature:
Problem Event Name: APPCRASH
Application Name: activation.exe
Application Version: 2.0.1.160
Application Timestamp: 00000000
Fault Module Name: kernel32.dll
Fault Module Version: 6.0.6002.18449
Fault Module Timestamp: 4da47a32
Exception Code: 0eedfade
Exception Offset: 0001c83b
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 2057
Additional Information 1: 3f93
Additional Information 2: fadf46fa4aed62d5d6e30305c39bbdf3
Additional Information 3: d92d
Additional Information 4: f2c68df56837d128ff9c6a589caf166a

Wayne

#11
waynegr

Posted 26 August 2011 - 07:02 PM

Member

Topic Starter
Member
194 posts

Uninstalled Google Earth, then tried to install it again, but could not, bed time here; will look in first thing tomorrow.

Wayne

#12
Dakeyras

Posted 27 August 2011 - 05:54 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Never thought you would say get rid of Ad and Spy.

Ad-ware was active in system memory thus causing a security conflict plus it is not particularly effective at all these days. Spybot - Search & Destroy, specifically the active TeaTimer would have hindered the Malware Removal process, you may reinstall this when I give the all clear if you so wish.

OK no more attempting to do absolutely anything to your machine unless I advise so please...Please take note of the below:

I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for this issue on this machine!
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Refrain from running self fixes as this will hinder the malware removal process.
It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Custom OTL Script:

Right-click OTL.exe and select Run as Administrator to start the program.
Copy the lines from the quote-box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - File not found
O4 - HKLM..\Run: [avgnt] File not foundO4 - HKCU..\Run: [4Y3Y0C3AVF7W1E5VDDUCAEJ] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series] File not found
O4 - HKCU..\Run: [EPSON SX600FW Series (Copy 1)] File not found
O4 - HKCU..\Run: [InstallShieldInstallShield] File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
[18 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:26F6D10D

:Files
ipconfig /flushdns /c:

:Commands
[Purity]
[ResetHosts]
[EmptyFlash]
[EmptyTemp]
[CreateRestorePoint
[Reboot]

Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
Then click the red Run Fix button.
Let the program run unhindered.
If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Download/Run ComboFix:

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs <-- Click on this link.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If ComboFix detects Rootkit activitity and asks to reboot the system, please allow this to be done.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper

Next:

Click on Start(Vista Orb) >> Run.. >> then copy/paste the following:-

C:\Qoobox\Add-Remove Programs.txt

A text file should open. Post the contents of that file in your next reply.

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered?
OTL Log from the Custom Script.
ComboFix Log.
Add-Remove Programs.txt.

#13
waynegr

Posted 27 August 2011 - 07:55 AM

Member

Topic Starter
Member
194 posts

Hi done what you asked.

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avgnt deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON SX600FW Series deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON SX600FW Series (Copy 1) deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\InstallShieldInstallShield deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
C:\Windows\SysWow64\tmp531.tmp deleted successfully.
C:\Windows\SysWow64\tmp580.tmp deleted successfully.
C:\Windows\SysWow64\tmp5ACF.tmp deleted successfully.
C:\Windows\SysWow64\tmp5AF0.tmp deleted successfully.
C:\Windows\SysWow64\tmp6A37.tmp deleted successfully.
C:\Windows\SysWow64\tmp6A67.tmp deleted successfully.
C:\Windows\SysWow64\tmp7CB1.tmp deleted successfully.
C:\Windows\SysWow64\tmp7CC1.tmp deleted successfully.
C:\Windows\SysWow64\tmp84E.tmp deleted successfully.
C:\Windows\SysWow64\tmp8CC.tmp deleted successfully.
C:\Windows\SysWow64\tmpC294.tmp deleted successfully.
C:\Windows\SysWow64\tmpC2A4.tmp deleted successfully.
C:\Windows\SysWow64\tmpC68C.tmp deleted successfully.
C:\Windows\SysWow64\tmpC6AC.tmp deleted successfully.
C:\Windows\SysWow64\tmpCAC4.tmp deleted successfully.
C:\Windows\SysWow64\tmpCAC5.tmp deleted successfully.
C:\Windows\SysWow64\tmpE0FC.tmp deleted successfully.
C:\Windows\SysWow64\tmpE10D.tmp deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
ADS C:\ProgramData\Temp:26F6D10D deleted successfully.
========== FILES ==========
Invalid Switch: c:
File\Folder Commands not found.
File\Folder [Purity] not found.
File\Folder [ResetHosts] not found.
File\Folder [EmptyFlash] not found.
File\Folder [EmptyTemp] not found.
File\Folder [CreateRestorePoint not found.
File\Folder [Reboot] not found.

OTL by OldTimer - Version 3.2.26.5 log created on 08272011_142327

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Did the com bo fix scan, it fixed some errors, then asked me to buy.

Cant see any log ??? But will reboot now.

Copy that in run, but it said its not available, it could be on a hard drive or network, check make sure the disc is installed right, and or that you are connected to the internet, and try again, if you still can’t find it, it may have been moved.

Comp does seem far faster, I thought it was slower because all the programs I had on, that’s why I got rid of NFS Hot Pursuit and a few other things.

Wayne

#14
waynegr

Posted 27 August 2011 - 08:03 AM

Member

Topic Starter
Member
194 posts

Seems the problems are still here after a reboot, can not see find any ComboFix Log. Not sure what you mean by Add-Remove Programs.txt.

Back in three hours from now, have to go to work.

Wayne

#15
Dakeyras

Posted 27 August 2011 - 10:44 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi,

Did the com bo fix scan, it fixed some errors, then asked me to buy.

That most certainly should not occurred.

OK lets get a fresh set of logs so I can better asses the overall situation as follows....we will also try a reset for the 32 bit version of IE as that may help also at this juncture.

Follow the instructions in this article:-

Reset Internet Explorer 9 settings

Scan with TDSSKiller:

Please download TDSSKiller.zip and extract (unzip) it to your Desktop.

Right-click on TDSSKiller.exe and select Run as Administrator to launch it.
Click on Start Scan, the scan will run.
When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
Now click on Report to open the log file created by TDSSKiller in your root directory C:\
To find the log go to Start > Computer > C:
Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!

Re-scan with OTL:

Right-click on OTL.exe and select Run as Administrator to start OTL.
Ensure Include 64bit Scans is selected.
Under Output, ensure that Minimal Output is selected.
Under Extra Registry section, select Use SafeList.
Click the Scan All Users checkbox.
Click on Run Scan at the top left hand corner.
When done, two Notepad files will open.
- OTL.txt <-- Will be opened
- Extra.txt <-- Will be minimized
Please post the contents of these 2 Notepad files in your next reply.

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered?
TDSSKiller Log.
Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.