MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: e-catalog homepage hijacker
November 19, 2019, 03:38:10 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 19, 2019, 03:38:10 AM

Login with username, password and session length
 Featured Sites:
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: e-catalog homepage hijacker  (Read 7837 times)
cmit
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 5


Bookmark and Share

View Profile
« on: August 08, 2004, 10:58:28 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:win xp professioal
Problem Application Name & Version:internet explorer 6.0
Problem Hardware Make & Model:
Error Messages:my homepage has been hijacked by e-catalog.com and my favorites has drusearch which always comes back. i have attached my hjt log. can you please help me get rid of this





Download Attachment: hjtlog.txt 532 Bytes
Right click and select Save Target As... then rename the file as shown here and save.
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #1 on: August 08, 2004, 11:10:02 PM »

Can you please copy and paste your WHOLE log in a reply, thanks
Logged

 
cmit
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 5


Bookmark and Share

View Profile
« Reply #2 on: August 08, 2004, 11:44:41 PM »

Logfile of HijackThis v1.98.2
Scan saved at 12:52:40 PM, on 8/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\hrtcm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\WISPTIS.EXE

C:\WINDOWS\hrtcm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Craig *****\My Documents\hjt\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.e-catalog.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.e-catalog.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.e-catalog.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.0 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3EA23F74-EF1D-7CE1-825B-655578A52638} - C:\WINDOWS\System32\tmcly.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [hrtcm] C:\WINDOWS\hrtcm.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll

« Last Edit: August 09, 2004, 02:13:21 AM by benditup » Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #3 on: August 09, 2004, 12:12:23 AM »

Let's try some cleanup
But first Download and Install the free version of Ad-Aware
After installation-CHECK FOR UPDATES

Next: You may have to disable Spysweeper till we get you clean

Disconnect from the NET
Enter your Task Manager (Hold down the CTRL+SHIFT keys and tap ESC)
End process on this if you can
hrtcm.exe <--any occurance of it

Do another Scan with Hijackthis and put a check next to these entries
and then FIX CHECKED when ALL other windows are closed

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.e-catalog.org
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.e-catalog.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.e-catalog.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.e-catalog.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.e-catalog.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.0 localhost

O2 - BHO: (no name) - {3EA23F74-EF1D-7CE1-825B-655578A52638} - C:\WINDOWS\System32\tmcly.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hrtcm] C:\WINDOWS\hrtcm.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

RESTART your Computer in SAFE MODE

Find and delete this file
C:\WINDOWS\hrtcm.exe <--this file

You may have to Set Windows to Show Hidden Files and Folders

Do a Disk Cleanup in safe mode
START---RUN--type in "cleanmgr" without quotes
Ensure that temp, temporary internet files and recyclebin are checked

RESTART back in Normal mode--stay disconnected from the internet
Open Ad-Aware and set these additional options for a custom scan
click the gear wheel at the top and check these options:

General> activate these: "Automatically save log-file" and "Automatically quarantine objects prior to removal"

Scanning > activate these: "Scan within archives", "Scan active processes", "Scan registry", "Deep scan registry", "Scan my IE Favorites for banned sites" and "Scan my Hosts file"

Tweaks > Scanning Engine> activate this: "Unload recognized processes during scanning."

Tweaks > Cleaning Engine: activate these: "Automatically try to unregister objects prior to deletion" and "Let Windows remove files in use after reboot."

Click "Proceed" to save your settings, then click "Start", make sure "Activate in-depth scan" is ticked green then scan your system. When the scan is finished, the screen will tell you if anything has been found, click "Next". The bad files will be listed, right click the pane and click "Select all objects" - this will put a check mark in the box at the side, click "Next" again and click "OK" at the prompt "# objects will be removed. Continue?".

RESTART your computer again
Don't open a browser yet, instead access Internet Options via Control
Panel
Under the Programs tab "Reset Web Settings"
Under the General tab--- Reset home page

Post back with a fresh hijackthis log afterwards

Can you also do me one more favor
Open hijackthis----Click CONFIG---MiscTools---Open Hosts File Manager---Open in Notepad

Can you copy and paste the contents also of notepad to your next reply
Logged

 
cmit
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 5


Bookmark and Share

View Profile
« Reply #4 on: August 09, 2004, 01:29:22 AM »

Logfile of HijackThis v1.98.2
Scan saved at 9:26:55 PM, on 8/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\PKWARE\PKZIPM\8.00.0017\PKTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Craig *****\My Documents\hjt\hijackthis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: PKZIP Attachments Status.lnk = C:\Program Files\PKWARE\PKZIPM\8.00.0017\PKTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-127.0.0.1   and.doxdesk.com
127.0.0.1  localhost
127.0.0.1  www.doubleclick.net
127.0.0.1  ad.preferances.com
127.0.0.1  ad.doubleclick.com
127.0.0.1  ads.web.aol.com
127.0.0.1  ad.doubleclick.net
127.0.0.1  ad.preferences.com
127.0.0.1  ad.washingtonpost.com
127.0.0.1  adpick.switchboard.com
127.0.0.1  ads.doubleclick.com
127.0.0.1  ads.infospace.com
127.0.0.1  ads.msn.com
127.0.0.1  ads.switchboard.com
127.0.0.1  ads.enliven.com
127.0.0.1  oz.valueclick.com
127.0.0.1  doubleclick.net
127.0.0.1  ads.doubleclick.net
127.0.0.1  ad2.doubleclick.net
127.0.0.1  ad3.doubleclick.net
127.0.0.1  ad4.doubleclick.net
127.0.0.1  ad5.doubleclick.net
127.0.0.1  ad6.doubleclick.net
127.0.0.1  ad7.doubleclick.net
127.0.0.1  ad8.doubleclick.net
127.0.0.1  ad9.doubleclick.net
127.0.0.1  ad10.doubleclick.net
127.0.0.1  ad11.doubleclick.net
127.0.0.1  ad12.doubleclick.net
127.0.0.1  ad13.doubleclick.net
127.0.0.1  ad14.doubleclick.net
127.0.0.1  ad15.doubleclick.net
127.0.0.1  ad16.doubleclick.net
127.0.0.1  ad17.doubleclick.net
127.0.0.1  ad18.doubleclick.net
127.0.0.1  ad19.doubleclick.net
127.0.0.1  ad20.doubleclick.net
127.0.0.1  ad.ch.doubleclick.net
127.0.0.1  ad.linkexchange.com
127.0.0.1  banner.linkexchange.com
127.0.0.1  ads*.focalink.com
127.0.0.1  ads.imdb.com
127.0.0.1  commonwealth.riddler.com
127.0.0.1  globaltrak.net
127.0.0.1  nrsite.com
127.0.0.1  www.nrsite.com
127.0.0.1  ad-up.com
127.0.0.1  ad.adsmart.net
127.0.0.1  ad.atlas.cz
127.0.0.1  ad.blm.net
127.0.0.1  ad.dogpile.com
127.0.0.1  ad.infoseek.com
127.0.0.1  ad.net-service.de
127.0.0.1  ad.preferences.com
127.0.0.1  ad.vol.at
127.0.0.1  adbot.com
127.0.0.1  adbureau.net
127.0.0.1  adcount.hollywood.com
127.0.0.1  add.yaho.com
127.0.0.1  adex3.flycast.com
127.0.0.1  adforce.adtech.de
127.0.0.1  adforce.imgis.com
127.0.0.1  adimage.blm.net
127.0.0.1  adlink.deh.de
127.0.0.1  ads.criticalmass.com
127.0.0.1  ads.csi.emcweb.com
127.0.0.1  ads.filez.com
127.0.0.1  ads.imagine-inc.com
127.0.0.1  ads.imdb.com
127.0.0.1  ads.infospace.com
127.0.0.1  ads.jwtt3.com
127.0.0.1  ads.mirrormedia.co.uk
127.0.0.1  ads.msn.com
127.0.0.1  ads.narrowline.com
127.0.0.1  ads.newcitynet.com
127.0.0.1  ads.realcities.com
127.0.0.1  ads.realmedia.com
127.0.0.1  ads.switchboard.com
127.0.0.1  ads.tripod.com
127.0.0.1  ads.usatoday.com
127.0.0.1  ads.washingtonpost.com
127.0.0.1  ads.web.de
127.0.0.1  ads.web21.com
127.0.0.1  adserv.newcentury.net
127.0.0.1  adservant.guj.de
127.0.0.1  adservant.mediapoint.de
127.0.0.1  adserver-espnet.sportszone.com
127.0.0.1  advert.heise.de
127.0.0.1  banners.internetextra.com
127.0.0.1  bannerswap.com
127.0.0.1  dino.mainz.ibm.de
127.0.0.1  ganges.imagine-inc.com
127.0.0.1  globaltrack.com
127.0.0.1  207-87-18-203.wsmg.digex.net
127.0.0.1  garden.ngadcenter.net
127.0.0.1  ogilvy.ngadcenter.net
127.0.0.1  responsemedia-ad.flycast.com
127.0.0.1  suissa-ad.flycast.com
127.0.0.1  ugo.eu-adcenter.net
127.0.0.1  vnu.eu-adcenter.net
127.0.0.1  ad-adex3.flycast.com
127.0.0.1  ad.adsmart.net
127.0.0.1  ad.ca.doubleclick.net
127.0.0.1  ad.de.doubleclick.net
127.0.0.1  ad.fr.doubleclick.net
127.0.0.1  ad.jp.doubleclick.net
127.0.0.1  ad.linkexchange.com
127.0.0.1  ad.linksynergy.com
127.0.0.1  ad.nl.doubleclick.net
127.0.0.1  ad.no.doubleclick.net
127.0.0.1  ad.sma.punto.net
127.0.0.1  ad.uk.doubleclick.net
127.0.0.1  ad.webprovider.com
127.0.0.1  ad08.focalink.com
127.0.0.1  adcontroller.unicast.com
127.0.0.1  adcreatives.imaginemedia.com
127.0.0.1  adforce.ads.imgis.com
127.0.0.1  adforce.imgis.com
127.0.0.1  adfu.blockstackers.com
127.0.0.1  adimages.earthweb.com
127.0.0.1  adimg.egroups.com
127.0.0.1  admedia.xoom.com
127.0.0.1  adremote.pathfinder.com
127.0.0.1  ads.admaximize.com
127.0.0.1  ads.bfast.com
127.0.0.1  ads.clickhouse.com
127.0.0.1  ads.fairfax.com.au
127.0.0.1  ads.fool.com
127.0.0.1  ads.freshmeat.net
127.0.0.1  ads.hollywood.com
127.0.0.1  ads.i33.com
127.0.0.1  ads.infi.net
127.0.0.1  ads.link4ads.com
127.0.0.1  ads.lycos.com
127.0.0.1  ads.madison.com
127.0.0.1  ads.mediaodyssey.com
127.0.0.1  ads.msn.com
127.0.0.1  ads.ninemsn.com.au
127.0.0.1  ads.seattletimes.com
127.0.0.1  ads.smartclicks.com
127.0.0.1  ads.smartclicks.net
127.0.0.1  ads.sptimes.com
127.0.0.1  ads.web.aol.com
127.0.0.1  ads.x10.com
127.0.0.1  ads.xtra.co.nz
127.0.0.1  ads.zdnet.com
127.0.0.1  ads01.focalink.com
127.0.0.1  ads02.focalink.com
127.0.0.1  ads03.focalink.com
127.0.0.1  ads04.focalink.com
127.0.0.1  ads05.focalink.com
127.0.0.1  ads06.focalink.com
127.0.0.1  ads08.focalink.com
127.0.0.1  ads09.focalink.com
127.0.0.1  ads1.activeagent.at
127.0.0.1  ads10.focalink.com
127.0.0.1  ads11.focalink.com
127.0.0.1  ads12.focalink.com
127.0.0.1  ads14.focalink.com
127.0.0.1  ads16.focalink.com
127.0.0.1  ads17.focalink.com
127.0.0.1  ads18.focalink.com
127.0.0.1  ads19.focalink.com
127.0.0.1  ads2.zdnet.com
127.0.0.1  ads20.focalink.com
127.0.0.1  ads21.focalink.com
127.0.0.1  ads22.focalink.com
127.0.0.1  ads23.focalink.com
127.0.0.1  ads24.focalink.com
127.0.0.1  ads25.focalink.com
127.0.0.1  ads3.zdnet.com
127.0.0.1  ads5.gamecity.net
127.0.0.1  adserv.iafrica.com
127.0.0.1  adserv.quality-channel.de
127.0.0.1  adserver.dbusiness.com
127.0.0.1  adserver.garden.com
127.0.0.1  adserver.janes.com
127.0.0.1  adserver.merc.com
127.0.0.1  adserver.monster.com
127.0.0.1  adserver.track-star.com
127.0.0.1  adserver1.ogilvy-interactive.de
127.0.0.1  adtegrity.spinbox.net
127.0.0.1  antfarm-ad.flycast.com
127.0.0.1  au.ads.link4ads.com
127.0.0.1  banner.media-system.de
127.0.0.1  banner.orb.net
127.0.0.1  banner.relcom.ru
127.0.0.1  banners.easydns.com
127.0.0.1  banners.looksmart.com
127.0.0.1  banners.wunderground.com
127.0.0.1  barnesandnoble.bfast.com
127.0.0.1  beseenad.looksmart.com
127.0.0.1  bizad.nikkeibp.co.jp
127.0.0.1  bn.bfast.com
127.0.0.1  c3.xxxcounter.com
127.0.0.1  califia.imaginemedia.com
127.0.0.1  cds.mediaplex.com
127.0.0.1  click.avenuea.com
127.0.0.1  click.go2net.com
127.0.0.1  click.linksynergy.com
127.0.0.1  cookies.cmpnet.com
127.0.0.1  cornflakes.pathfinder.com
127.0.0.1  counter.hitbox.com
127.0.0.1  crux.songline.com
127.0.0.1  erie.smartage.com
127.0.0.1  etad.telegraph.co.uk
127.0.0.1  fp.valueclick.com
127.0.0.1  gadgeteer.pdamart.com
127.0.0.1  gm.preferences.com
127.0.0.1  gp.dejanews.com
127.0.0.1  hg1.hitbox.com
127.0.0.1  image.click2net.com
127.0.0.1  image.eimg.com
127.0.0.1  images2.nytimes.com
127.0.0.1  jobkeys.ngadcenter.net
127.0.0.1  kansas.valueclick.com
127.0.0.1  leader.linkexchange.com
127.0.0.1  liquidad.narrowcastmedia.com
127.0.0.1  ln.doubleclick.net
127.0.0.1  m.doubleclick.net
127.0.0.1  macaddictads.snv.futurenet.com
127.0.0.1  maximumpcads.imaginemedia.com
127.0.0.1  media.preferences.com
127.0.0.1  mercury.rmuk.co.uk
127.0.0.1  mojofarm.sjc.mediaplex.com
127.0.0.1  nbc.adbureau.net
127.0.0.1  newads.cmpnet.com
127.0.0.1  ng3.ads.warnerbros.com
127.0.0.1  ngads.smartage.com
127.0.0.1  nsads.hotwired.com
127.0.0.1  ntbanner.digitalriver.com
127.0.0.1  ph-ad05.focalink.com
127.0.0.1  ph-ad07.focalink.com
127.0.0.1  ph-ad16.focalink.com
127.0.0.1  ph-ad17.focalink.com
127.0.0.1  ph-ad18.focalink.com
127.0.0.1  realads.realmedia.com
127.0.0.1  redherring.ngadcenter.net
127.0.0.1  redirect.click2net.com
127.0.0.1  retaildirect.realmedia.com
127.0.0.1  s2.focalink.com
127.0.0.1  sh4sure-images.adbureau.net
127.0.0.1  spin.spinbox.net
127.0.0.1  static.admaximize.com
127.0.0.1  stats.superstats.com
127.0.0.1  sview.avenuea.com
127.0.0.1  thinknyc.eu-adcenter.net
127.0.0.1  tracker.clicktrade.com
127.0.0.1  tsms-ad.tsms.com
127.0.0.1  v0.extreme-dm.com
127.0.0.1  v1.extreme-dm.com
127.0.0.1  van.ads.link4ads.com
127.0.0.1  view.accendo.com
127.0.0.1  view.avenuea.com
127.0.0.1  w113.hitbox.com
127.0.0.1  w25.hitbox.com
127.0.0.1  web2.deja.com
127.0.0.1  webads.bizservers.com
127.0.0.1  www.postmasterbannernet.com
127.0.0.1  www.ad-up.com
127.0.0.1  www.admex.com
127.0.0.1  www.alladvantage.com
127.0.0.1  www.burstnet.com
127.0.0.1  www.commission-junction.com
127.0.0.1  www.eads.com
127.0.0.1  www.freestats.com
127.0.0.1  www.imaginemedia.com
127.0.0.1  www.netdirect.nl
127.0.0.1  www.oneandonlynetwork.com
127.0.0.1  www.targetshop.com
127.0.0.1  www.teknosurf2.com
127.0.0.1  www.teknosurf3.com
127.0.0.1  www.valueclick.com
127.0.0.1  www.websitefinancing.com
127.0.0.1  www2.burstnet.com
127.0.0.1  www4.trix.net
127.0.0.1  www80.valueclick.com
127.0.0.1  z.extreme-dm.com
127.0.0.1  z0.extreme-dm.com
127.0.0.1  z1.extreme-dm.com
127.0.0.1  ads.forbes.net
127.0.0.1  ads.newcity.com
127.0.0.1  ads.ign.com
127.0.0.1  adserver.ign.com
127.0.0.1  ads.scifi.com
127.0.0.1  adengine.theglobe.com
127.0.0.1  ads.tucows.com
127.0.0.1  adcontent.gamespy.com
127.0.0.1  ads4.advance.net
127.0.0.1  ads1.advance.net
127.0.0.1  eur.yimg.com
127.0.0.1  us.a1.yimg.com
127.0.0.1  ad.harmony-central.com
127.0.0.1  sg.yimg.com
127.0.0.1  adverity.adverity.com
127.0.0.1  ads.bloomberg.com
127.0.0.1  mojofarm.mediaplex.com
127.0.0.1  ads.mysimon.com
127.0.0.1  ad.img.yahoo.co.kr
127.0.0.1  adimages.go.com
127.0.0.1  kr-adimage.lycos.co.kr
127.0.0.1  ad.kimo.com.tw
127.0.0.1  ads.paxnet.co.kr
127.0.0.1  ads.paxnet.com
127.0.0.1  ads.eu.msn.com
127.0.0.1  ads.admonitor.net
127.0.0.1  wwa.hitbox.com
127.0.0.1  ads.nytimes.com
127.0.0.1  ads.erotism.com
127.0.0.1  banner.rootsweb.com
127.0.0.1  ads.ole.com
127.0.0.1  adimg1.chosun.com
127.0.0.1  ss.mtree.com
127.0.0.1  adpulse.ads.targetnet.com
127.0.0.1  adserver.ugo.com
127.0.0.1  ad.sales.olympics.com
127.0.0.1  m2.doubleclick.net
127.0.0.1  ph-ad21.focalink.com
127.0.0.1  focusin.ads.targetnet.com
127.0.0.1  www.datais.com
127.0.0.1  oas.mmd.ch
127.0.0.1  pub-g.ifrance.com
127.0.0.1  ads.bianca.com
127.0.0.1  wap.adlink.de
127.0.0.1  click.adlink.de
127.0.0.1  banner.adlink.de
127.0.0.1  hurricane.adlink.de
127.0.0.1  west.adlink.de
127.0.0.1  scand.adlink.de
127.0.0.1  regio.adlink.de
127.0.0.1  direct.adlink.de
127.0.0.1  classic.adlink.de
127.0.0.1  adlui001.adlink.de
127.0.0.1  banner1.adlink.de
127.0.0.1  click.mp3.com
127.0.0.1  adcodes.bla-bla.com
127.0.0.1  icover.realmedia.com
127.0.0.1  ca.fp.sandpiper.net
127.0.0.1  adfarm.mediaplex.com
127.0.0.1  ads.tmcs.net
127.0.0.1  amedia.techies.com
127.0.0.1  www.exchange-it.com
127.0.0.1  www.ad.tomshardware.com
127.0.0.1  ad.tomshardware.com
127.0.0.1  ads.currantbun.com
127.0.0.1  phoenix-adrunner.mycomputer.com
127.0.0.1  ads15.focalink.com
127.0.0.1  ads13.focalink.com
127.0.0.1  adserver.colleges.com
127.0.0.1  ads.nwsource.com
127.0.0.1  ads.guardianunlimited.co.uk
127.0.0.1  ads.newsint.co.uk
127.0.0.1  ads.starnews.com
127.0.0.1  www.linksynergy.com
127.0.0.1  ieee-images.adbureau.net
127.0.0.1  connect.247media.ads.link4ads.com
127.0.0.1  ads.newsdigital.net
127.0.0.1  arc5.msn.com
127.0.0.1  arc4.msn.com
127.0.0.1  arc3.msn.com
127.0.0.1  arc2.msn.com
127.0.0.1  arc1.msn.com
127.0.0.1  ads.discovery.com
127.0.0.1  im.800.com
127.0.0.1  img.cmpnet.com
127.0.0.1  ad7.internetadserver.com
127.0.0.1  ads.dai.net
127.0.0.1  ads.cbc.ca
127.0.0.1  www75.valueclick.com
127.0.0.1  ads.clearbluemedia.com
127.0.0.1  ti.click2net.com
127.0.0.1  www.onresponse.com
127.0.0.1  ads.list-universe.com
127.0.0.1  advert.bayarea.com
127.0.0.1  www3.pagecount.com
127.0.0.1  www.netsponsors.com
127.0.0.1  adthru.com
127.0.0.1  ads.newtimes.com
127.0.0.1  ads.ugo.com
127.0.0.1  ads.belointeractive.com
127.0.0.1  wwb.hitbox.com
127.0.0.1  comtrack.comclick.com
127.0.0.1  www.24pm-affiliation.com
127.0.0.1  www.click-fr.com
127.0.0.1  www.cibleclick.com
127.0.0.1  reply.mediatris.net
127.0.0.1  cgi.declicnet.com
127.0.0.1  pubs.mgn.net
127.0.0.1  ads.mcafee.com
127.0.0.1  ads1.ad-flow.com
127.0.0.1  ad.be.doubleclick.net
127.0.0.1  ad.adtraq.com
127.0.0.1  ad.sg.doubleclick.net
127.0.0.1  adpop.theglobe.com
127.0.0.1  ads-03.tor.focusin.ads.targetnet.com
127.0.0.1  ads.adflight.com
127.0.0.1  ads.detelefoongids.nl
127.0.0.1  ads.ecircles.com
127.0.0.1  ads.god.co.uk
127.0.0.1  ads.hyperbanner.net
127.0.0.1  ads.jpost.com
127.0.0.1  ads.netmechanic.com
127.0.0.1  ads.webcash.nl
127.0.0.1  adserver.netcast.nl
127.0.0.1  adserver.webads.com
127.0.0.1  adserver.webads.nl
127.0.0.1  adserver1.realtracker.com
127.0.0.1  adserver2.realtracker.com
127.0.0.1  adserver3.realtracker.com
127.0.0.1  delivery1.ads.telegraaf.nl
127.0.0.1  holland.hyperbanner.net
127.0.0.1  images.webads.nl
127.0.0.1  sc.clicksupply.com
127.0.0.1  service.bfast.com
127.0.0.1  www.ad4ex.com
127.0.0.1  www.bannercampaign.com
127.0.0.1  www.cyberbounty.com
127.0.0.1  www.netvertising.be
127.0.0.1  www.speedyclick.com
127.0.0.1  www.webads.nl
127.0.0.1  ads.snowball.com
127.0.0.1  ads.amazingmedia.com
127.0.0.1  www10.valueclick.com
127.0.0.1  js1.hitbox.com
127.0.0.1  rd1.hitbox.com
127.0.0.1  mt37.mtree.com
127.0.0.1  ads.gameanswers.com
127.0.0.1  ads7.udc.advance.net
127.0.0.1  www23.valueclick.com
127.0.0.1  ads.fortunecity.com
127.0.0.1  banners.nextcard.com
127.0.0.1  ads.iwon.com
127.0.0.1  www.qksrv.net
127.0.0.1  clickserve.cc-dt.com
127.0.0.1  ads-b.focalink.com
127.0.0.1  ad2.peel.com
127.0.0.1  ads.floridatoday.com
127.0.0.1  stats.adultrevenueservice.com
127.0.0.1  ads18.bpath.com
127.0.0.1  ph-ad06.focalink.com
127.0.0.1  global.msads.net
127.0.0.1  pluto1.iserver.net
127.0.0.1  ads1.intelliads.com
127.0.0.1  primetime.ad.asap-asp.net
127.0.0.1  ads.stileproject.com
127.0.0.1  di.image.eshop.msn.com
127.0.0.1  www.blissnet.net
127.0.0.1  www.consumerinfo.com
127.0.0.1  ads.rottentomatoes.com
127.0.0.1  k5ads.osdn.com
127.0.0.1  actionsplash.com
127.0.0.1  campaigns.f2.com.au
127.0.0.1  adserver.news.com.au
127.0.0.1  servedby.advertising.com
127.0.0.1  java.yahoo.com
127.0.0.1  ad.howstuffworks.com
127.0.0.1  ads.1for1.com
127.0.0.1  images.ads.fairfax.com.au
127.0.0.1  ads.devx.com
127.0.0.1  utils.mediageneral.com
127.0.0.1  banners.friendfinder.com
127.0.0.1  adserver.matchcraft.com
127.0.0.1  www.dnps.com
127.0.0.1  creative.whi.co.nz
127.0.0.1  rmedia.boston.com
127.0.0.1  webaffiliate.covad.com
127.0.0.1  ad.iwin.com
127.0.0.1  www.nailitonline2.com
127.0.0.1  mds.centrport.net
127.0.0.1  oas.dispatch.com
127.0.0.1  adserver.ads360.com
127.0.0.1  banners.adultfriendfinder.com
127.0.0.1  ads.as4x.tmcs.net
127.0.0.1  ads.clickagents.com
127.0.0.1  banners.chek.com
127.0.0.1  zi.r.tv.com
127.0.0.1  ph-ad19.focalink.com
127.0.0.1  ads.greensboro.com
127.0.0.1  ad2.adcept.net
127.0.0.1  ads.colo.kiva.net
127.0.0.1  adsrv.iol.co.za
127.0.0.1  mjxads.internet.com
127.0.0.1  adimage.asiaone.com.sg
127.0.0.1  ads.vnuemedia.com
127.0.0.1  affiliate.doteasy.com
127.0.0.1  m.tribalfusion.com
127.0.0.1  oas.lee.net
127.0.0.1  www.banneroverdrive.com
127.0.0.1  ad3.peel.com
127.0.0.1  ad1.peel.comwww.xbn.ru
127.0.0.1  adserver.snowball.com
127.0.0.1  media15.fastclick.net
127.0.0.1  ads5.advance.net
127.0.0.1  ads3.advance.net
127.0.0.1  ads2.advance.net
127.0.0.1  ads.advance.net
127.0.0.1  usbytecom.orbitcycle.com
127.0.0.1  adbanner.sweepsclub.com
127.0.0.1  oas.villagevoice.com
127.0.0.1  www.ad-flow.com
127.0.0.1  ads.guardian.co.uk
127.0.0.1  ads.hitcents.com
127.0.0.1  media19.fastclick.net
127.0.0.1  a.tribalfusion.com
127.0.0.1  ads.nypost.com
127.0.0.1  ads.premiumnetwork.com
127.0.0.1  ads.ad-flow.com
127.0.0.1  adserver.hispavista.com
127.0.0.1  ads.musiccity.com
127.0.0.1  banners.revenuelink.com
127.0.0.1  ads1.sptimes.com
127.0.0.1  adserver.bizland-inc.net
127.0.0.1  ads.adtegrity.net
127.0.0.1  media13.fastclick.net
127.0.0.1  adserver.ukplus.co.uk
127.0.0.1  ads.live365.com
127.0.0.1  ads.fredericksburg.com
127.0.0.1  banners.affiliatefuel.com
127.0.0.1  ar.atwola.com
127.0.0.1  ads.bigcitytools.com
127.0.0.1  netshelter.adtrix.com
127.0.0.1  y.ibsys.com
127.0.0.1  adserver.nydailynews.com
127.0.0.1  s0b.bluestreak.com
127.0.0.1  images.scripps.com
127.0.0.1  images.cybereps.com
127.0.0.1  altfarm.mediaplex.com
127.0.0.1  krd.realcities.com
127.0.0.1  www3.bannerspace.com
127.0.0.1  view.atdmt.com
127.0.0.1  ads7.advance.net
127.0.0.1  ad.abcnews.com
127.0.0.1  ads.newsquest.co.uk
127.0.0.1  secure.webconnect.net
127.0.0.1  ads.nandomedia.com
127.0.0.1  banners.babylon-x.com
127.0.0.1  media17.fastclick.net
127.0.0.1  techreview-images.adbureau.net
127.0.0.1  ads.exhedra.com
127.0.0.1  ad.trafficmp.com
127.0.0.1  realmedia-a800.d4p.net
127.0.0.1  banner.northsky.com
127.0.0.1  ftp.nacorp.com
127.0.0.1  www.digitalbettingcasinos.com
127.0.0.1  c1.zedo.com
127.0.0.1  ads4.condenet.com
127.0.0.1  www.brilliantdigital.com
127.0.0.1  desktop.kazaa.com
127.0.0.1  shop.kazaa.com
127.0.0.1  www.bonzi.com
127.0.0.1  www.b3d.com
127.0.0.1  neighborhood.standard.net
127.0.0.1  ads.telegraph.co.uk
127.0.0.1  spinbox.techtracker.com
127.0.0.1  toads.osdn.com
127.0.0.1  ads.themes.org
127.0.0.1  adserver.trb.com
127.0.0.1  media.fastclick.net
127.0.0.1  banner.easyspace.com
127.0.0.1  www.banner2u.com
127.0.0.1  ads.thestar.com
127.0.0.1  ads.digitalmedianet.com
127.0.0.1  www.fineclicks.com
127.0.0.1  ads.mdchoice.com
127.0.0.1  ad.horvitznewspapers.net
127.0.0.1  adtegrity.thruport.com
127.0.0.1  a.mktw.net
127.0.0.1  ads.pennyweb.com
127.0.0.1  www3.ad.tomshardware.com
127.0.0.1  www4.ad.tomshardware.com
127.0.0.1  www6.ad.tomshardware.com
127.0.0.1  www8.ad.tomshardware.com
127.0.0.1  www15.ad.tomshardware.com
127.0.0.1  ads.forbes.com
127.0.0.1  ads.desmoinesregister.com
127.0.0.1  adserver.tribuneinteractive.com
127.0.0.1  bannerads.anytimenews.com
127.0.0.1  ads1.condenet.com
127.0.0.1  adserver.anm.co.uk
127.0.0.1  zrap.zdnet.com.com
127.0.0.1  bidclix.net
127.0.0.1  media.popuptraffic.com
127.0.0.1  coreg.flashtrack.net
127.0.0.1  rmads.msn.com
127.0.0.1  ads.icq.com
127.0.0.1  cb.icq.com
127.0.0.1  cf.icq.com
127.0.0.1  www2.newtopsites.com
127.0.0.1  adserv.internetfuel.com
127.0.0.1  images.fastclick.net
127.0.0.1  adserver.securityfocus.com
127.0.0.1  www.avsads.com
127.0.0.1  banners.moviegoods.com
127.0.0.1  ads.bitsonthewire.com
127.0.0.1  ads.iambic.com
127.0.0.1  sfads.osdn.com
127.0.0.1  fl01.ct2.comclick.com
127.0.0.1  adserver.phillyburbs.com
127.0.0.1  marketing.nyi.net
127.0.0.1  www.netflip.com
127.0.0.1  image.imgfarm.com
127.0.0.1  ads.viaarena.com
127.0.0.1  phpads2.cnpapers.com
127.0.0.1  ads.astalavista.us
127.0.0.1  banner.coza.com
127.0.0.1  adcreative.tribuneinteractive.com
127.0.0.1  ads.democratandchronicle.com
127.0.0.1  adlog.com.com
127.0.0.1  adimg.com.com
127.0.0.1  adimage.bankrate.com
127.0.0.1  ads.mediadevil.com
127.0.0.1  imageserv.adtech.de
127.0.0.1  ad.se.doubleclick.net
127.0.0.1  ads.cashsurfers.com
127.0.0.1  ads.specificpop.com
127.0.0.1  z1.adserver.com
127.0.0.1  images.bizrate.com
127.0.0.1  q.pni.com
127.0.0.1  ad01.mediacorpsingapore.com
127.0.0.1  adimage.asia1.com.sg
127.0.0.1  images.newsx.cc
127.0.0.1  www.adireland.com
127.0.0.1  ads.iafrica.com
127.0.0.1  ads.nyi.net
127.0.0.1  geoads.osdn.com
127.0.0.1  www.crisscross.com
127.0.0.1  netcomm.spinbox.net
127.0.0.1  i.i.com.com
127.0.0.1  ads.videoaxs.com
127.0.0.1  mediamgr.ugo.com
127.0.0.1  adserver.pollstar.com
127.0.0.1  information.gopher.com
127.0.0.1  ads.adviva.net
127.0.0.1  adsrv.bankrate.com
127.0.0.1  a207.p.f.qz3.net
127.0.0.1  ehg-bestbuy.hitbox.com
127.0.0.1  ehg-intel.hitbox.com
127.0.0.1  ehg-espn.hitbox.com
127.0.0.1  ehg-macromedia.hitbox.com
127.0.0.1  ehg-dig.hitbox.com
127.0.0.1  speed.pointroll.com
127.0.0.1  amch.questionmarket.com
127.0.0.1  ads.gamespy.com
127.0.0.1  spd.atdmt.com
127.0.0.1  ads.columbian.com
127.0.0.1  clickit.go2net.com
127.0.0.1  vpdc.ru4.com
127.0.0.1  ads.developershed.com
127.0.0.1  ads.globeandmail.com
127.0.0.1  ads.nerve.com
127.0.0.1  iv.doubleclick.net
127.0.0.1  ads2.condenet.com
127.0.0.1  www.burstnet.com
127.0.0.1  ads5.canoe.ca
127.0.0.1  askmen.thruport.com
127.0.0.1  adsrv2.gainesvillesun.com
127.0.0.1  ads.theolympian.com
127.0.0.1  ads.courierpostonline.com
127.0.0.1  i.timeinc.net
127.0.0.1  oasads.whitepages.com
127.0.0.1  rad.msn.com
127.0.0.1  serve.thisbanner.com
127.0.0.1  images.trafficmp.com
127.0.0.1  www.kaplanindex.com
127.0.0.1  kaplanindex.com
127.0.0.1  1.httpdads.com
127.0.0.1  spinbox.maccentral.com
127.0.0.1  akaads-abc.starwave.com
127.0.0.1  webad.ajeeb.com
127.0.0.1  ads.granadamedia.com
127.0.0.1  oas.uniontrib.com
127.0.0.1  ads.wnd.com
127.0.0.1  a3.suntimes.com
127.0.0.1  tmsads.tribune.com
127.0.0.1  ads.peel.com
127.0.0.1  ads.mh5.com
127.0.0.1  ad.usatoday.com
127.0.0.1  adserver.digitalpartners.com
127.0.0.1  ads.mediaturf.net
127.0.0.1  ads4.clearchannel.com
127.0.0.1  ads.clearchannel.com
127.0.0.1  ads2.clearchannel.com
127.0.0.1  ads.jacksonsun.com
127.0.0.1  servads.aip.org
127.0.0.1  ad.au.doubleclick.net
127.0.0.1  adng.ascii24.com
127.0.0.1  engage.speedera.net
127.0.0.1  ads.msn-ppe.com
127.0.0.1  ad.openfind.com.tw
127.0.0.1  adi.mainichi.co.jp
127.0.0.1  ads.northjersey.com
127.0.0.1  ad.moscowtimes.ru
127.0.0.1  banners.valuead.com
127.0.0.1  ad1.aaddzz.com
127.0.0.1  ds.eyeblaster.com
127.0.0.1  adserver.digitalpartners.com
127.0.0.1  oas.uniontrib.com
127.0.0.1  ads.statesmanjournal.com
127.0.0.1  ads.centralohio.com
00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll

« Last Edit: August 09, 2004, 02:14:10 AM by benditup » Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #5 on: August 09, 2004, 02:11:22 AM »

How's everything running?
It looks like you added your own custom hosts file to block ads

I guess you knew that?
You may want to remove this one
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-127.0.0.1 and.doxdesk.com

Logged

 
cmit
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 5


Bookmark and Share

View Profile
« Reply #6 on: August 09, 2004, 02:19:08 AM »

thanks everything seems to be fine now. thankyou for all the help
my daughter told me about this site and after two weeks of trying to get rid of this you made it easy
thankyou again
cmit
Logged

 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #7 on: August 09, 2004, 04:34:05 AM »

Hi cmit, can you do me a favor
I'm  getting mixed reactions on this one
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-127.0.0.1 and.doxdesk.com

Can you
Open hijackthis----Click CONFIG---MiscTools---Open Hosts File Manager---Click "Open in Notepad"
Copy and paste the contents of your hosts file in your reply
Then after that I would like to see
another hijackthis log in a seperate reply, thanks
Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page August 27, 2019, 02:18:54 PM