Hi,
I am definately a novice at this game!
Have just spent many ecstatic???? hours attempting to sort out my PC after an update from Zone Alarm froze me out amongst other things

Managed to eventually remove that altogether and relying on Windows firewall now,but am left with an Avira anti virus prog which won't open OR uninstall.

Have installed AVG successfully,but Security centre reports more than 1 anti virus installed,at least 1 up to date.

Add/Remove progs throws up a message that "Setup could not determine the feature control file or was unable to read it correctly"
Clicking on Avira logo in Control Panel AND on rebotting throws up message "Unable to find file C:\ProgramFiles\Antivir\PersonalEdition Classic\ccplg.xml

Should I worry?
Anyone got a suggestion how I can remove the Avira entirely,please?
Easy step by step instructions much appreciated if so...THANKS

Uninstall AVG, using AVG Remover: AVG Antivirus and Security Software - Tools download
Reinstall Avira over the top, and try to uninstall again, if that's your wish.
Personally, I don't recommend AVG anymore. What is the reason, you don't want to stay with Avira?

Hi ,thanks for your input.

I tried to install Avira again several times before getting the AVG,but it gets to a point in the installation when it reports I already have a version of it installed,do I wish to overwrite it (or similar wording).
I agree to do that,but a bit further on I get the report that because of the missing file it can't continue.
I've had Avira for quite a while now and had no wish to lose it...just can't find a way back in.

Did you try to re-download Avira?
Is AVG totally gone?

Hi again,
Yes,have tried again to install Avira after removing AVG as you suggested.
However,the result is exactly the same as before I gave up and installed AVG in frustration.

After downloading the file and clicking Run I get a message to say an incompatible Avira product is already installed and can be auto removed...yes or no?

Clicking yes puts up a further message to warn it could affect other installations etc. do I wish to proceed?

A Yes sends all the little blue lines racing across the installation box ;but not for long!

The next message - Setup could not determine the feature control file or was not able to read it properly.

Clicking OK I get a report that the old Avira is being removed.

PC then re-boots

At end of re-boot the final message "Unable to find file C:\ProgramFiles\Avira\AntiVirPersonalEdition Classic\ccplg.xml" appears.

A click OK leaves the desktop clear and no Avira to be found.

The Avira Logo is in the left side panel of Start with recently used programmes,but clicking it gives up the final message above.

I'm currently running without anti virus so if you aren't able to find me an Avira solution and don't recommend AVG; do you favour any other free programme ?

Thanks for your interest so far.

Do three things for me:
1. Re-run AVG Remover
2. Try to install Avast! free antivirus: Download FREE antivirus software - avast! Home Edition
3. No matter, if Avast installs, or not....
Download avz4.zip from here

• Unzip it to your desktop to a folder named avz4
• Double click on AVZ.exe to run it.
• Run an update by clicking the Auto Update button on the Right of the Log window:
• Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again

• After the update, from the "File" menu, choose "Standard Scripts"
• Put a check next to item 2: Advanced System Investigation
• Click Execute selected scripts
• At the next prompt, click the OK button
• Let the scan run and click "OK" when the completion prompt pops up
• Now Close out of the Standard Scripts window, and exit AVZ
• Navigate to the avz4 folder and locate the folder LOG
• Inside the LOG folder you will find virusinfo_syscheck.htm and virusinfo_syscheck.zip
• Attach the compressed file, virusinfo_syscheck.zip, to your next reply.

All went differently this time (even download appeared changed and completed in 5 mins instead of the previous 30's).
Installation completed with a re-boot and scan...though error message came up at re-boot just as before.
Hopefully have managed req.attachment,if not may need instructions on that too,please!

Attachment is fine.
Are you talking about this error message:

"Unable to find file C:\ProgramFiles\Avira\AntiVirPersonalEdition Classic\ccplg.xml"

If so, don't worry about it, for now.
It looks like, we're dealing with some infection here.

First of all, download, and run Autorun Eater: Download Autorun Eater 2.3 - Scan and Remove Suspicious 'autorun.inf' Files Automatically! - Softpedia

Then....

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

STEP 1. Download SUPERAntiSpyware Free for Home Users:
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: SUPERAntiSpyware.com - Database Definition Information.)
* Close SUPERAntiSpyware.

PHYSICALLY DISCONNECT FROM THE INTERNET

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; select Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Under Configuration and Preferences, click the Preferences button.
* Under General and Startup tab, make sure, Start SUPERAntiSpyware when Windows starts option is UN-checked.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
* Click the Close button to leave the control center screen.
* Back on the main screen, under Scan for Harmful Software click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
* Make sure everything has a checkmark next to it and click Next.
* A notification will appear that Quarantine and Removal is Complete. Click OK and then click the Finish button to return to the main menu.
* If asked if you want to reboot, click Yes.
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.
Post SUPERAntiSpyware log.
NOTE: Tracking cookies can be omitted from the log.

RECONNECT TO THE INTERNET

RESTART COMPUTER!

STEP 2. Download Malwarebytes' Anti-Malware: Malwarebytes.org to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 3. Download gmer.zip: GMER - Rootkit Detector and Remover - Files
Unzip the file, and double click on gmer.exe, select Rootkit tab and click the Scan button.
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

RESTART COMPUTER

STEP 4. Download, install, and run HijackThis:
TrendMicro HijackThis Freeware download and review - investigate browser add-ons from SnapFiles
Post HijackThis log.
Do NOT attempt to "fix" anything!


DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Hi ,Yes,the message at start up is the one you thought,and continues to show.

I did my best to follow all your instructions and the results are pasted below.
Thanks for your continued interest in helping me.



SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

Generated 04/02/2009 at 01:11 AM

Application Version : 4.26.1000

Core Rules Database Version : 3823
Trace Rules Database Version: 1779

Scan type : Complete Scan
Total Scan Time : 01:43:09

Memory items scanned : 204
Memory threats detected : 0
Registry items scanned : 5127GMER 1.0.15.14966 - http://www.gmer.net
Rootkit scan 2009-04-03 00:52:24
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xAA2A86B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xAA2A8574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xAA2A8A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xAA2A814C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xAA2A864E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xAA2A808C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xAA2A80F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xAA2A876E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xAA2A872E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xAA2A88AE]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A17C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A18BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[600] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003A0002
IAT C:\WINDOWS\system32\services.exe[600] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003A0000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

---- EOF - GMER 1.0.15 ----

Registry threats detected : 0
File items scanned : 77748
File threats detected : 429

Adware.Tracking Cookie
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@imrworldwide[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6walokhcpahq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlyejdjkdq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yadro[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.click.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgmisjcjsep.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.magicalia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.adrevolve r[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@directtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkokmcjggo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkoehajico.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgliald5odp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tradedoubler[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgliendpslo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertstream[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statcounter[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserve.tescofi nance[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyanazkfq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmiklazogo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@questionmarket[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracker.wmps[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pdv.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whl4akdpabp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@paypal.112.2o7[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyancjgfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@servedby.adxpow er[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.keywor dmax[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.jackpotmadn ess[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.uk.tangozebr a[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlykicjcao.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyemcpeep.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyggc5kko.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6walyckdzoeo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fastclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wcliakazslo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@specificclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnportal.112.2 o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@estat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statse.webtrend slive[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyagajwap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@indexstats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmiehc5wgp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tribalfusion[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.emediate[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revsci[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@apmebf[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@serving-sys[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.sextoyshq[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmysldjgbo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlieoc5mkp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adrevolver[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-ladbrokes.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.clash-media[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@amazonms.122.2o 7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dynamic.media.a drevolver[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfk4sjc5ofp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-magicalia.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.zanox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertising[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnywgajcbp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.addfreestat s[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@overture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlieicpshp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adviva[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whlikhdpafp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkowhdziep.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.pointroll[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bluestreak[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zedo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wamiwndpsko.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stat.aldi[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whk4glazmkq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnywldjokq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ukbingotraffic. directtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkospc5mdq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@archant.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyqkdjkgp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmiqkd5olo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bs.serving-sys[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.adrevolve r[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@teletext.112.2o 7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.summit media.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@metacafe.122.2o 7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wbmykid5who.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfliujdzkeo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfloegcpcdp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adbrite[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkyanczslp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.webtrekk[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[5].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@flightcentre.11 2.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.littlestarm edia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.etracker[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.3dstats[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@doubleclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@umstreet.adbure au[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliehcjekq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@list[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdmykndzweq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkokicpibq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoendzsdp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@atdmt[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflicoczgbo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wclyuiajako.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfloolc5sdp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@click.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.yieldmanager[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.euroclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wcmiamcjghq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@z.blogads[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfloajcjefp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmiqkdzsdo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfligkazacp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlocidzago.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlicldzmlp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnygpdzchq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkigjdzobo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediaplex[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkowlcpefp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@192com.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyapd5ckq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@freefind[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@indextools[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjk4sndjicp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyqjdzefo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[8].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflocpczifp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgmysidzego.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.adform[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.renault.c o[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.lsfint eractive[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@casalemedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dmtracker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkiwlc5ebq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.sup[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wmkocgazclp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wcmygodzwlq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickbathrooms. co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@xiti[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlouncpoho.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfliqod5gdp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediataskmaster[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mfacts.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@kontera[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.redditchadv ertiser.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgk4woczseo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoepdpobo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmyklczggo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nextstat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliejazelo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@americangolf.11 2.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@richmedia.yahoo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@plumbworldltd.1 12.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkiepajmao.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-logantod.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmiwjcjmlq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkigjcpofo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoglajsep.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfliwod5egp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediametrics.mp sa[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfl4qgazwep.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkyeoc5kcp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfk4cpdjecq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkiqmdjsgo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www6.addfreesta ts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkykpdzibo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@phones4ultd.112 .2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@247realmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.motogp[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjny-1iczal.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-rodale.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfl4uiajekq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wck4wjdpcbp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stat.youku[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlieocpskp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@highbeam.122.2o 7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.anm.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bizrate.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trafficmp[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlyemdzscp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tacoda[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoupdjmcq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.which-bank-account-4u.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjl4spc5ifq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@healingenhancem ents[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nissaneurope.11 2.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.widgetbucks[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@chitika[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media6degrees[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflyggcjsbp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlospazehp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgmyclcjakp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.vertadnet[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkysmc5map.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@phg.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkykmcjsbq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@roiservice[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wck4egc5gfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliemdzmao.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adcentriconline[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[5].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@at.atwola[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdloeld5oeo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoegdzcko.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmiegazsaq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmycnc5eeq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflisjcpmfp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnywlczkbp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tns-counter[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkigpdpmeo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ice.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfliamajwcq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkyohcpokp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@electronicarts. 112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@specificmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wbliejcjaeo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyujd5sfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@femalefirst.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viacom.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjk4cldpscq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@gostats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bravenet[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.inteletrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlykkdjwbo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdmygpazsgq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmyaoc5wcp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pr.valueclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zanox.parship.c o[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickbank[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyeidjago.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nettexmedia.112 .2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.paypal[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.acountrylif e[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bidandclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stat.onestat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkyamdzodo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.burstbeacon[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyqgcpado.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wak4qkcpsfp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflieodjecq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@microsoftwindow s.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkoklc5ibq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAPD5KQ5.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@videoegg.adbure au[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdmiqmcjmfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlyujd5wdo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.webgains[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlougdzgbq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkosgdzmep.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyemdjcgp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revenue[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@theprizefinder[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adtech[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@saletrack.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eas.apm.emediat e[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfk4qoazehq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@discountedheati ng.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyomdzofp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nl.sitestat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@which.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkyamcpkcq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adinterax[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.healingenha ncements[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkyeidzwfq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www8.addfreesta ts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trader.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkysodzgeo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[8].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliehcjahp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wblywgazocp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whmialazico.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkiqpdpkkq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.zanox-affiliate[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wbkyugdpkeo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wmkooncpwap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.cpmstar[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnycpc5elp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdlygmc5wco.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmikidzaco.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.telegraph.c o[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkyumdzcfp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adfarm1.adition[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.discountcod es[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@web-stat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@jibjab.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nextag.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@provolabs.112.2 o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.clicktrac ks[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyqmdjaco.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmyooczwep.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkionazmhq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.burstnet[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.glispa[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nextag[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@c7.zedo[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[10].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.fastclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wcmysgc5klp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmiooajsbo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wmkyckdpsfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.trilulilu[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfk4cid5wdq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cmpi.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.goldentiger casino[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nl.sitestat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ufindus[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sitestat.mayocl inic[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.advertising antiques.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmyahc5kaq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@coolsavings[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@content.yieldma nager[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserver.aol[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@britishtelecom. 112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.cdiscount.c o[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfl4woczsfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@allyours.virgin media[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adecn[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-systemax.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fr.sitestat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@burstnet[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[11].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@uk.sitestat[9].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-reed.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hotlog[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserver.oddsch ecker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkikjdpodp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whk4cmdzmlq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@valueclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnaccountservi ces.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfliwlcpskp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlosgc5wlp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[5].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.theprizefin der[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkyumcpgao.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6waliukdjodo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hearstdigital.1 22.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkoqgazcko.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliupd5kao.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@account.live[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tileclick.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CA9L9ZXC.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whkikidzmbq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@upclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bannersng.yell[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6whloojc5ilp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdliagdpccp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wblicodzeap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[9].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlyekajwao.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@men.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6walyqncpigo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@login.tracktor. co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmyugcjsbo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkygmcjogo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkiekdzekp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-baa.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@na.blogads[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkigic5iep.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@collective-media[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[10].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@premiumtv.122.2 o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-capitalgroup.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.yme[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.yme[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediaweb.musicr adio[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@webstats.wthost ing.co[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.specificc lick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eliteregistry.c o[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@virginmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.menmediasal es.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[8].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.zmags[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@webstats.plus[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wmlyooazihp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@int.sitestat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fr.sitestat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wamyumdpkbo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nickelodeonuk.1 12.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cdiscount.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjmiulc5clp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAOE56R6.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAAKAIE1.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAK72W1J.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@carphonewarehou se.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlougdpsbq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6waliqmajclp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wclicpdzeko.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkoapd5mhp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.lon.live person[8].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlyqld5sep.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@affilate.mikkel senmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracksandpoles[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@insightexpressa i[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@avgtechnologies .112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.monster[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.smartadserv er[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@webstats.plus[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.live person[9].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wbkiqnajabq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkokodzoap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadser vices[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkokicpsfp.stats.esomniture[2].txt
-- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A187F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A1800 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A1844 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A178C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 430A17C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 430A18BA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[344] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 42F316F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)


Malwarebytes' Anti-Malware 1.35
Database version: 1935
Windows 5.1.2600 Service Pack 3

02/04/2009 23:32:54
mbam-log-2009-04-02 (23-32-54).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 152761
Time elapsed: 37 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[600] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003A0002
IAT C:\WINDOWS\system32\services.exe[600] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003A0000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

---- EOF - GMER 1.0.15 ----


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:33:52, on 03/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL | HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing UK
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Orange Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search Marketing UK
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing UK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Thomson - Broadband UK - Home.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} (Auctiva Image Uploader Control) - http://www.auctiva.com/Aurigma/ImageUploader55.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{72940D5F-D8E2-402F-9DAE-34B242C1917B}: NameServer = 195.92.195.90 195.92.195.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9560 bytes