Sujet Précédent Sujet Suivant

Fond ecran bureau

didier -  
mariesimone Messages postés 2 Statut Membre -
ci joint le scan
merci de m'aider

Logfile of HijackThis v1.99.1
Scan saved at 10:42:57, on 18/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\system32\Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\??erinit.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\HighPoint Technologies, Inc\HighPoint ATA RAID Management Software\raidman.exe
C:\Program Files\IcoSauve\IcoSauve.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\Elise & Didier\Bureau\Nouveau dossier (2)\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50162
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {8102481A-8982-D503-8639-8A1D804310CE} - C:\WINDOWS\system32\btd.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AS00_Gear311T] C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels32.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [g0rnRjYsi] xviaa6.exe
O4 - HKCU\..\Run: [Teo] C:\WINDOWS\system32\??erinit.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: IcoSauve.lnk = C:\Program Files\IcoSauve\IcoSauve.exe
O4 - Global Startup: HighPoint ATA RAID Management Software.lnk = C:\Program Files\HighPoint Technologies, Inc\HighPoint ATA RAID Management Software\raidman.exe
O4 - Global Startup: Start Remote Administrator server.lnk = C:\WINDOWS\system32\r_server.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download with IDM - C:\PROGRA~1\INTERN~2\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O21 - SSODL: IEFilter - {35D6DEFB-1BC3-440E-A3DF-5665B33FC652} - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)
O23 - Service: Service - Unknown owner - C:\WINDOWS\system32\Service.exe
A voir également:

5 réponses

Réponse 1 / 5
gouache Messages postés 394 Date d'inscription   Statut Membre Dernière intervention   43
 
Salut,

Fix çà :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50162

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels32.exe

O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [g0rnRjYsi] xviaa6.exe
O4 - HKCU\..\Run: [Teo] C:\WINDOWS\system32\??erinit.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm

O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm

O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)

O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab

O23 - Service: Service - Unknown owner - C:\WINDOWS\system32\Service.exe

Et oui tu es bien infecté.

Télécharge Spybot :
http://telecharger.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/26157.html

et scan moi tout ca.

Pareil avec Cwshredder :
www.intermute.com/spysubtract/cwshredder_download.html

Installe un firewall et un antivirus au plus vite !!!

ZoneAlarm :
www.zonelabs.com

Avast antivirus (home edition) :
www.avast.com

Tous ces logiciels sont gratuits et efficaces.

Tiens moi au courant.
0
Réponse 2 / 5
gouache Messages postés 394 Date d'inscription   Statut Membre Dernière intervention   43
 
Euh je me suis trompé, il y a une ligne que tu ne dois pas fixer, la ligne :
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab

Voilà, sinon pour ton probleme, tu ne l'as pas expliqué. Si c'est le probleme d'un fond d'écran du bureau qui est une page de pub, clic droit sur le bureau > Propriétés > Affichage > Personnalisation du bureau > Web > supprime tout et coche verrouiller les éléments du bureau.

Ensuite peut être que BrowserHelper s'est installé sur ton pc, a ce moment là Panneau de Configuraition > Ajout/Suppression de programmes > BrowserHelper (ou un nom approchant) > Supprimer

Tiens moi au courant
0
bernie61
 
Salut gouache et didier
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html >>> inutile de fixer
Idem avec lignes Avant Browser >> inutile de fixer
Idem avec ceci : C:\Program Files\Internet Download Manager\IDMan.exe >> bon normalement

Mais surtout il faut effacer ces fichiers :
C :…nwiz.exe /install
C:\WINDOWS\system32\kernels32.exe
c :…xviaa6.exe
C:\WINDOWS\system32\??erinit.exe
C:\WINDOWS\system32\Service.exe

Pour la ligne O16 pas de problème à l’effacer ça revient dès qu on retourne sur le site, pas de danger pour celle là


il faut aussi éditer le fichier HOSTS. pour retirer de la liste les adresses qui sont en O15
a+
0
bernie61
 
honte à moi
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
celui là non plus ne pas fixer et ne pas effacer (carte nvdia)
a+
0
gouache Messages postés 394 Date d'inscription   Statut Membre Dernière intervention   43
 
exact pour nwiz, sinon pour google je suis plutot pour le fixer, mais ca dépend du choix de l'utilisateur.

A plus
0
didier
 
bonjour
je renvoie les scan

Logfile of HijackThis v1.99.1
Scan saved at 10:42:57, on 18/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\system32\Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\??erinit.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\HighPoint Technologies, Inc\HighPoint ATA RAID Management Software\raidman.exe
C:\Program Files\IcoSauve\IcoSauve.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\Elise & Didier\Bureau\Nouveau dossier (2)\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50162
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {8102481A-8982-D503-8639-8A1D804310CE} - C:\WINDOWS\system32\btd.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AS00_Gear311T] C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels32.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [g0rnRjYsi] xviaa6.exe
O4 - HKCU\..\Run: [Teo] C:\WINDOWS\system32\??erinit.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: IcoSauve.lnk = C:\Program Files\IcoSauve\IcoSauve.exe
O4 - Global Startup: HighPoint ATA RAID Management Software.lnk = C:\Program Files\HighPoint Technologies, Inc\HighPoint ATA RAID Management Software\raidman.exe
O4 - Global Startup: Start Remote Administrator server.lnk = C:\WINDOWS\system32\r_server.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Bloquer ce serveur... - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download with IDM - C:\PROGRA~1\INTERN~2\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Rechercher sur le Web... - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O21 - SSODL: IEFilter - {35D6DEFB-1BC3-440E-A3DF-5665B33FC652} - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)
O23 - Service: Service - Unknown owner - C:\WINDOWS\system32\Service.exe



pour sbybot aucun mouchard



pour cwshedder
scan is complete
coolwebsearch wasnot on this system

**** Run Keys ****

RUN: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
RUN: [nwiz] nwiz.exe /install
RUN: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
RUN: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
RUN: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
RUN: [MMTray] MMTray.exe
RUN: [MMTray2K] MMTray2k.exe
RUN: [MMTrayLSI] MMTrayLSI.exe
RUN: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
RUN: [AS00_Gear311T] C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
RUN: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
RUN: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
RUN: [g0rnRjYsi] xviaa6.exe
RUN: [Teo] C:\WINDOWS\system32\??erinit.exe
RUN: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0


**** Browser Helper Objects ****

BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [AcroIEHlprObj Class] G:\sbybout\Spybot - Search & Destroy\SDHelper.dll
BHO: [AcroIEHlprObj Class] C:\WINDOWS\system32\btd.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar1.dll


**** IE Toolbars ****

TOOLBAR: [&Google] c:\program files\google\googletoolbar1.dll
TOOLBAR: [ICQ Toolbar] C:\Program Files\ICQToolbar\toolbaru.dll


**** IE Extensions ****

IEExt: [Run WinHTTrack]
IEExt: [Recherche]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 www.doubleclick.net
HOSTS: 127.0.0.1 ad.preferances.com
HOSTS: 127.0.0.1 ad.doubleclick.com
HOSTS: 127.0.0.1 ads.web.aol.com
HOSTS: 127.0.0.1 ad.doubleclick.net
HOSTS: 127.0.0.1 ad.preferences.com
HOSTS: 127.0.0.1 ad.washingtonpost.com
HOSTS: 127.0.0.1 adpick.switchboard.com
HOSTS: 127.0.0.1 ads.doubleclick.com
HOSTS: 127.0.0.1 ads.infospace.com
HOSTS: 127.0.0.1 ads.msn.com
HOSTS: 127.0.0.1 ads.switchboard.com
HOSTS: 127.0.0.1 ads.enliven.com
HOSTS: 127.0.0.1 oz.valueclick.com
HOSTS: 127.0.0.1 doubleclick.net
HOSTS: 127.0.0.1 ads.doubleclick.net
HOSTS: 127.0.0.1 ad2.doubleclick.net
HOSTS: 127.0.0.1 ad3.doubleclick.net
HOSTS: 127.0.0.1 ad4.doubleclick.net
HOSTS: 127.0.0.1 ad5.doubleclick.net
HOSTS: 127.0.0.1 ad6.doubleclick.net
HOSTS: 127.0.0.1 ad7.doubleclick.net
HOSTS: 127.0.0.1 ad8.doubleclick.net
HOSTS: 127.0.0.1 ad9.doubleclick.net
HOSTS: 127.0.0.1 ad10.doubleclick.net
HOSTS: 127.0.0.1 ad11.doubleclick.net
HOSTS: 127.0.0.1 ad12.doubleclick.net
HOSTS: 127.0.0.1 ad13.doubleclick.net
HOSTS: 127.0.0.1 ad14.doubleclick.net
HOSTS: 127.0.0.1 ad15.doubleclick.net
HOSTS: 127.0.0.1 ad16.doubleclick.net
HOSTS: 127.0.0.1 ad17.doubleclick.net
HOSTS: 127.0.0.1 ad18.doubleclick.net
HOSTS: 127.0.0.1 ad19.doubleclick.net
HOSTS: 127.0.0.1 ad20.doubleclick.net
HOSTS: 127.0.0.1 ad.ch.doubleclick.net
HOSTS: 127.0.0.1 ad.linkexchange.com
HOSTS: 127.0.0.1 banner.linkexchange.com
HOSTS: 127.0.0.1 ads*.focalink.com
HOSTS: 127.0.0.1 ads.imdb.com
HOSTS: 127.0.0.1 commonwealth.riddler.com
HOSTS: 127.0.0.1 globaltrak.net
HOSTS: 127.0.0.1 nrsite.com
HOSTS: 127.0.0.1 www.nrsite.com
HOSTS: 127.0.0.1 ad-up.com
HOSTS: 127.0.0.1 ad.adsmart.net
HOSTS: 127.0.0.1 ad.atlas.cz
HOSTS: 127.0.0.1 ad.blm.net
HOSTS: 127.0.0.1 ad.dogpile.com
HOSTS: 127.0.0.1 ad.infoseek.com
HOSTS: 127.0.0.1 ad.net-service.de
HOSTS: 127.0.0.1 ad.preferences.com
HOSTS: 127.0.0.1 ad.vol.at
HOSTS: 127.0.0.1 adbot.com
HOSTS: 127.0.0.1 adbureau.net
HOSTS: 127.0.0.1 adcount.hollywood.com
HOSTS: 127.0.0.1 add.yaho.com
HOSTS: 127.0.0.1 adex3.flycast.com
HOSTS: 127.0.0.1 adforce.adtech.de
HOSTS: 127.0.0.1 adforce.imgis.com
HOSTS: 127.0.0.1 adimage.blm.net
HOSTS: 127.0.0.1 adlink.deh.de
HOSTS: 127.0.0.1 ads.criticalmass.com
HOSTS: 127.0.0.1 ads.csi.emcweb.com
HOSTS: 127.0.0.1 ads.filez.com
HOSTS: 127.0.0.1 ads.imagine-inc.com
HOSTS: 127.0.0.1 ads.imdb.com
HOSTS: 127.0.0.1 ads.infospace.com
HOSTS: 127.0.0.1 ads.jwtt3.com
HOSTS: 127.0.0.1 ads.mirrormedia.co.uk
HOSTS: 127.0.0.1 ads.msn.com
HOSTS: 127.0.0.1 ads.narrowline.com
HOSTS: 127.0.0.1 ads.newcitynet.com
HOSTS: 127.0.0.1 ads.realcities.com
HOSTS: 127.0.0.1 ads.realmedia.com
HOSTS: 127.0.0.1 ads.switchboard.com
HOSTS: 127.0.0.1 ads.tripod.com
HOSTS: 127.0.0.1 ads.usatoday.com
HOSTS: 127.0.0.1 ads.washingtonpost.com
HOSTS: 127.0.0.1 ads.web.de
HOSTS: 127.0.0.1 ads.web21.com
HOSTS: 127.0.0.1 adserv.newcentury.net
HOSTS: 127.0.0.1 adservant.guj.de
HOSTS: 127.0.0.1 adservant.mediapoint.de
HOSTS: 127.0.0.1 adserver-espnet.sportszone.com
HOSTS: 127.0.0.1 advert.heise.de
HOSTS: 127.0.0.1 banners.internetextra.com
HOSTS: 127.0.0.1 bannerswap.com
HOSTS: 127.0.0.1 dino.mainz.ibm.de
HOSTS: 127.0.0.1 ganges.imagine-inc.com
HOSTS: 127.0.0.1 globaltrack.com
HOSTS: 127.0.0.1 207-87-18-203.wsmg.digex.net
HOSTS: 127.0.0.1 garden.ngadcenter.net
HOSTS: 127.0.0.1 ogilvy.ngadcenter.net
HOSTS: 127.0.0.1 responsemedia-ad.flycast.com
HOSTS: 127.0.0.1 suissa-ad.flycast.com
HOSTS: 127.0.0.1 ugo.eu-adcenter.net
HOSTS: 127.0.0.1 vnu.eu-adcenter.net
HOSTS: 127.0.0.1 ad-adex3.flycast.com
HOSTS: 127.0.0.1 ad.adsmart.net
HOSTS: 127.0.0.1 ad.ca.doubleclick.net
HOSTS: 127.0.0.1 ad.de.doubleclick.net
HOSTS: 127.0.0.1 ad.fr.doubleclick.net
HOSTS: 127.0.0.1 ad.jp.doubleclick.net
HOSTS: 127.0.0.1 ad.linkexchange.com
HOSTS: 127.0.0.1 ad.linksynergy.com
HOSTS: 127.0.0.1 ad.nl.doubleclick.net
HOSTS: 127.0.0.1 ad.no.doubleclick.net
HOSTS: 127.0.0.1 ad.sma.punto.net
HOSTS: 127.0.0.1 ad.uk.doubleclick.net
HOSTS: 127.0.0.1 ad.webprovider.com
HOSTS: 127.0.0.1 ad08.focalink.com
HOSTS: 127.0.0.1 adcontroller.unicast.com
HOSTS: 127.0.0.1 adcreatives.imaginemedia.com
HOSTS: 127.0.0.1 adforce.ads.imgis.com
HOSTS: 127.0.0.1 adforce.imgis.com
HOSTS: 127.0.0.1 adfu.blockstackers.com
HOSTS: 127.0.0.1 adimages.earthweb.com
HOSTS: 127.0.0.1 adimg.egroups.com
HOSTS: 127.0.0.1 admedia.xoom.com
HOSTS: 127.0.0.1 adremote.pathfinder.com
HOSTS: 127.0.0.1 ads.admaximize.com
HOSTS: 127.0.0.1 ads.bfast.com
HOSTS: 127.0.0.1 ads.clickhouse.com
HOSTS: 127.0.0.1 ads.fairfax.com.au
HOSTS: 127.0.0.1 ads.fool.com
HOSTS: 127.0.0.1 ads.freshmeat.net
HOSTS: 127.0.0.1 ads.hollywood.com
HOSTS: 127.0.0.1 ads.i33.com
HOSTS: 127.0.0.1 ads.infi.net
HOSTS: 127.0.0.1 ads.link4ads.com
HOSTS: 127.0.0.1 ads.lycos.com
HOSTS: 127.0.0.1 ads.madison.com
HOSTS: 127.0.0.1 ads.mediaodyssey.com
HOSTS: 127.0.0.1 ads.msn.com
HOSTS: 127.0.0.1 ads.ninemsn.com.au
HOSTS: 127.0.0.1 ads.seattletimes.com
HOSTS: 127.0.0.1 ads.smartclicks.com
HOSTS: 127.0.0.1 ads.smartclicks.net
HOSTS: 127.0.0.1 ads.sptimes.com
HOSTS: 127.0.0.1 ads.web.aol.com
HOSTS: 127.0.0.1 ads.x10.com
HOSTS: 127.0.0.1 ads.xtra.co.nz
HOSTS: 127.0.0.1 ads.zdnet.com
HOSTS: 127.0.0.1 ads01.focalink.com
HOSTS: 127.0.0.1 ads02.focalink.com
HOSTS: 127.0.0.1 ads03.focalink.com
HOSTS: 127.0.0.1 ads04.focalink.com
HOSTS: 127.0.0.1 ads05.focalink.com
HOSTS: 127.0.0.1 ads06.focalink.com
HOSTS: 127.0.0.1 ads08.focalink.com
HOSTS: 127.0.0.1 ads09.focalink.com
HOSTS: 127.0.0.1 ads1.activeagent.at
HOSTS: 127.0.0.1 ads10.focalink.com
HOSTS: 127.0.0.1 ads11.focalink.com
HOSTS: 127.0.0.1 ads12.focalink.com
HOSTS: 127.0.0.1 ads14.focalink.com
HOSTS: 127.0.0.1 ads16.focalink.com
HOSTS: 127.0.0.1 ads17.focalink.com
HOSTS: 127.0.0.1 ads18.focalink.com
HOSTS: 127.0.0.1 ads19.focalink.com
HOSTS: 127.0.0.1 ads2.zdnet.com
HOSTS: 127.0.0.1 ads20.focalink.com
HOSTS: 127.0.0.1 ads21.focalink.com
HOSTS: 127.0.0.1 ads22.focalink.com
HOSTS: 127.0.0.1 ads23.focalink.com
HOSTS: 127.0.0.1 ads24.focalink.com
HOSTS: 127.0.0.1 ads25.focalink.com
HOSTS: 127.0.0.1 ads3.zdnet.com
HOSTS: 127.0.0.1 ads5.gamecity.net
HOSTS: 127.0.0.1 adserv.iafrica.com
HOSTS: 127.0.0.1 adserv.quality-channel.de
HOSTS: 127.0.0.1 adserver.dbusiness.com
HOSTS: 127.0.0.1 adserver.garden.com
HOSTS: 127.0.0.1 adserver.janes.com
HOSTS: 127.0.0.1 adserver.merc.com
HOSTS: 127.0.0.1 adserver.monster.com
HOSTS: 127.0.0.1 adserver.track-star.com
HOSTS: 127.0.0.1 adserver1.ogilvy-interactive.de
HOSTS: 127.0.0.1 adtegrity.spinbox.net
HOSTS: 127.0.0.1 antfarm-ad.flycast.com
HOSTS: 127.0.0.1 au.ads.link4ads.com
HOSTS: 127.0.0.1 banner.media-system.de
HOSTS: 127.0.0.1 banner.orb.net
HOSTS: 127.0.0.1 banner.relcom.ru
HOSTS: 127.0.0.1 banners.easydns.com
HOSTS: 127.0.0.1 banners.looksmart.com
HOSTS: 127.0.0.1 banners.wunderground.com
HOSTS: 127.0.0.1 barnesandnoble.bfast.com
HOSTS: 127.0.0.1 beseenad.looksmart.com
HOSTS: 127.0.0.1 bizad.nikkeibp.co.jp
HOSTS: 127.0.0.1 bn.bfast.com
HOSTS: 127.0.0.1 c3.xxxcounter.com
HOSTS: 127.0.0.1 califia.imaginemedia.com
HOSTS: 127.0.0.1 cds.mediaplex.com
HOSTS: 127.0.0.1 click.avenuea.com
HOSTS: 127.0.0.1 click.go2net.com
HOSTS: 127.0.0.1 click.linksynergy.com
HOSTS: 127.0.0.1 cookies.cmpnet.com
HOSTS: 127.0.0.1 cornflakes.pathfinder.com
HOSTS: 127.0.0.1 counter.hitbox.com
HOSTS: 127.0.0.1 crux.songline.com
HOSTS: 127.0.0.1 erie.smartage.com
HOSTS: 127.0.0.1 etad.telegraph.co.uk
HOSTS: 127.0.0.1 fp.valueclick.com
HOSTS: 127.0.0.1 gadgeteer.pdamart.com
HOSTS: 127.0.0.1 gm.preferences.com
HOSTS: 127.0.0.1 gp.dejanews.com
HOSTS: 127.0.0.1 hg1.hitbox.com
HOSTS: 127.0.0.1 image.click2net.com
HOSTS: 127.0.0.1 image.eimg.com
HOSTS: 127.0.0.1 images2.nytimes.com
HOSTS: 127.0.0.1 jobkeys.ngadcenter.net
HOSTS: 127.0.0.1 kansas.valueclick.com
HOSTS: 127.0.0.1 leader.linkexchange.com
HOSTS: 127.0.0.1 liquidad.narrowcastmedia.com
HOSTS: 127.0.0.1 ln.doubleclick.net
HOSTS: 127.0.0.1 m.doubleclick.net
HOSTS: 127.0.0.1 macaddictads.snv.futurenet.com
HOSTS: 127.0.0.1 maximumpcads.imaginemedia.com
HOSTS: 127.0.0.1 media.preferences.com
HOSTS: 127.0.0.1 mercury.rmuk.co.uk
HOSTS: 127.0.0.1 mojofarm.sjc.mediaplex.com
HOSTS: 127.0.0.1 nbc.adbureau.net
HOSTS: 127.0.0.1 newads.cmpnet.com
HOSTS: 127.0.0.1 ng3.ads.warnerbros.com
HOSTS: 127.0.0.1 ngads.smartage.com
HOSTS: 127.0.0.1 nsads.hotwired.com
HOSTS: 127.0.0.1 ntbanner.digitalriver.com
HOSTS: 127.0.0.1 ph-ad05.focalink.com
HOSTS: 127.0.0.1 ph-ad07.focalink.com
HOSTS: 127.0.0.1 ph-ad16.focalink.com
HOSTS: 127.0.0.1 ph-ad17.focalink.com
HOSTS: 127.0.0.1 ph-ad18.focalink.com
HOSTS: 127.0.0.1 realads.realmedia.com
HOSTS: 127.0.0.1 redherring.ngadcenter.net
HOSTS: 127.0.0.1 redirect.click2net.com
HOSTS: 127.0.0.1 retaildirect.realmedia.com
HOSTS: 127.0.0.1 s2.focalink.com
HOSTS: 127.0.0.1 sh4sure-images.adbureau.net
HOSTS: 127.0.0.1 spin.spinbox.net
HOSTS: 127.0.0.1 static.admaximize.com
HOSTS: 127.0.0.1 stats.superstats.com
HOSTS: 127.0.0.1 sview.avenuea.com
HOSTS: 127.0.0.1 thinknyc.eu-adcenter.net
HOSTS: 127.0.0.1 tracker.clicktrade.com
HOSTS: 127.0.0.1 tsms-ad.tsms.com
HOSTS: 127.0.0.1 v0.extreme-dm.com
HOSTS: 127.0.0.1 v1.extreme-dm.com
HOSTS: 127.0.0.1 van.ads.link4ads.com
HOSTS: 127.0.0.1 view.accendo.com
HOSTS: 127.0.0.1 view.avenuea.com
HOSTS: 127.0.0.1 w113.hitbox.com
HOSTS: 127.0.0.1 w25.hitbox.com
HOSTS: 127.0.0.1 web2.deja.com
HOSTS: 127.0.0.1 webads.bizservers.com
HOSTS: 127.0.0.1 www.postmasterbannernet.com
HOSTS: 127.0.0.1 www.ad-up.com
HOSTS: 127.0.0.1 www.admex.com
HOSTS: 127.0.0.1 www.alladvantage.com
HOSTS: 127.0.0.1 www.burstnet.com
HOSTS: 127.0.0.1 www.commission-junction.com
HOSTS: 127.0.0.1 www.eads.com
HOSTS: 127.0.0.1 www.freestats.com
HOSTS: 127.0.0.1 www.imaginemedia.com
HOSTS: 127.0.0.1 www.netdirect.nl
HOSTS: 127.0.0.1 www.oneandonlynetwork.com
HOSTS: 127.0.0.1 www.targetshop.com
HOSTS: 127.0.0.1 www.teknosurf2.com
HOSTS: 127.0.0.1 www.teknosurf3.com
HOSTS: 127.0.0.1 www.valueclick.com
HOSTS: 127.0.0.1 www.websitefinancing.com
HOSTS: 127.0.0.1 www2.burstnet.com
HOSTS: 127.0.0.1 www4.trix.net
HOSTS: 127.0.0.1 www80.valueclick.com
HOSTS: 127.0.0.1 z.extreme-dm.com
HOSTS: 127.0.0.1 z0.extreme-dm.com
HOSTS: 127.0.0.1 z1.extreme-dm.com
HOSTS: 127.0.0.1 ads.forbes.net
HOSTS: 127.0.0.1 ads.newcity.com
HOSTS: 127.0.0.1 ads.ign.com
HOSTS: 127.0.0.1 adserver.ign.com
HOSTS: 127.0.0.1 ads.scifi.com
HOSTS: 127.0.0.1 adengine.theglobe.com
HOSTS: 127.0.0.1 ads.tucows.com
HOSTS: 127.0.0.1 adcontent.gamespy.com
HOSTS: 127.0.0.1 ads4.advance.net
HOSTS: 127.0.0.1 ads1.advance.net
HOSTS: 127.0.0.1 eur.yimg.com
HOSTS: 127.0.0.1 us.a1.yimg.com
HOSTS: 127.0.0.1 ad.harmony-central.com
HOSTS: 127.0.0.1 sg.yimg.com
HOSTS: 127.0.0.1 adverity.adverity.com
HOSTS: 127.0.0.1 ads.bloomberg.com
HOSTS: 127.0.0.1 mojofarm.mediaplex.com
HOSTS: 127.0.0.1 ads.mysimon.com
HOSTS: 127.0.0.1 ad.img.yahoo.co.kr
HOSTS: 127.0.0.1 adimages.go.com
HOSTS: 127.0.0.1 kr-adimage.lycos.co.kr
HOSTS: 127.0.0.1 ad.kimo.com.tw
HOSTS: 127.0.0.1 ads.paxnet.co.kr
HOSTS: 127.0.0.1 ads.paxnet.com
HOSTS: 127.0.0.1 ads.eu.msn.com
HOSTS: 127.0.0.1 ads.admonitor.net
HOSTS: 127.0.0.1 wwa.hitbox.com
HOSTS: 127.0.0.1 ads.nytimes.com
HOSTS: 127.0.0.1 ads.erotism.com
HOSTS: 127.0.0.1 banner.rootsweb.com
HOSTS: 127.0.0.1 ads.ole.com
HOSTS: 127.0.0.1 adimg1.chosun.com
HOSTS: 127.0.0.1 ss.mtree.com
HOSTS: 127.0.0.1 adpulse.ads.targetnet.com
HOSTS: 127.0.0.1 adserver.ugo.com
HOSTS: 127.0.0.1 ad.sales.olympics.com
HOSTS: 127.0.0.1 m2.doubleclick.net
HOSTS: 127.0.0.1 ph-ad21.focalink.com
HOSTS: 127.0.0.1 focusin.ads.targetnet.com
HOSTS: 127.0.0.1 www.datais.com
HOSTS: 127.0.0.1 oas.mmd.ch
HOSTS: 127.0.0.1 pub-g.ifrance.com
HOSTS: 127.0.0.1 ads.bianca.com
HOSTS: 127.0.0.1 wap.adlink.de
HOSTS: 127.0.0.1 click.adlink.de
HOSTS: 127.0.0.1 banner.adlink.de
HOSTS: 127.0.0.1 hurricane.adlink.de
HOSTS: 127.0.0.1 west.adlink.de
HOSTS: 127.0.0.1 scand.adlink.de
HOSTS: 127.0.0.1 regio.adlink.de
HOSTS: 127.0.0.1 direct.adlink.de
HOSTS: 127.0.0.1 classic.adlink.de
HOSTS: 127.0.0.1 adlui001.adlink.de
HOSTS: 127.0.0.1 banner1.adlink.de
HOSTS: 127.0.0.1 click.mp3.com
HOSTS: 127.0.0.1 adcodes.bla-bla.com
HOSTS: 127.0.0.1 icover.realmedia.com
HOSTS: 127.0.0.1 ca.fp.sandpiper.net
HOSTS: 127.0.0.1 adfarm.mediaplex.com
HOSTS: 127.0.0.1 ads.tmcs.net
HOSTS: 127.0.0.1 amedia.techies.com
HOSTS: 127.0.0.1 www.exchange-it.com
HOSTS: 127.0.0.1 www.ad.tomshardware.com
HOSTS: 127.0.0.1 ad.tomshardware.com
HOSTS: 127.0.0.1 ads.currantbun.com
HOSTS: 127.0.0.1 phoenix-adrunner.mycomputer.com
HOSTS: 127.0.0.1 ads15.focalink.com
HOSTS: 127.0.0.1 ads13.focalink.com
HOSTS: 127.0.0.1 adserver.colleges.com
HOSTS: 127.0.0.1 ads.nwsource.com
HOSTS: 127.0.0.1 ads.guardianunlimited.co.uk
HOSTS: 127.0.0.1 ads.newsint.co.uk
HOSTS: 127.0.0.1 ads.starnews.com
HOSTS: 127.0.0.1 www.linksynergy.com
HOSTS: 127.0.0.1 ieee-images.adbureau.net
HOSTS: 127.0.0.1 connect.247media.ads.link4ads.com
HOSTS: 127.0.0.1 ads.newsdigital.net
HOSTS: 127.0.0.1 arc5.msn.com
HOSTS: 127.0.0.1 arc4.msn.com
HOSTS: 127.0.0.1 arc3.msn.com
HOSTS: 127.0.0.1 arc2.msn.com
HOSTS: 127.0.0.1 arc1.msn.com
HOSTS: 127.0.0.1 ads.discovery.com
HOSTS: 127.0.0.1 im.800.com
HOSTS: 127.0.0.1 img.cmpnet.com
HOSTS: 127.0.0.1 ad7.internetadserver.com
HOSTS: 127.0.0.1 ads.dai.net
HOSTS: 127.0.0.1 ads.cbc.ca
HOSTS: 127.0.0.1 www75.valueclick.com
HOSTS: 127.0.0.1 ads.clearbluemedia.com
HOSTS: 127.0.0.1 ti.click2net.com
HOSTS: 127.0.0.1 www.onresponse.com
HOSTS: 127.0.0.1 ads.list-universe.com
HOSTS: 127.0.0.1 advert.bayarea.com
HOSTS: 127.0.0.1 www3.pagecount.com
HOSTS: 127.0.0.1 www.netsponsors.com
HOSTS: 127.0.0.1 adthru.com
HOSTS: 127.0.0.1 ads.newtimes.com
HOSTS: 127.0.0.1 ads.ugo.com
HOSTS: 127.0.0.1 ads.belointeractive.com
HOSTS: 127.0.0.1 wwb.hitbox.com
HOSTS: 127.0.0.1 comtrack.comclick.com
HOSTS: 127.0.0.1 www.24pm-affiliation.com
HOSTS: 127.0.0.1 www.click-fr.com
HOSTS: 127.0.0.1 www.cibleclick.com
HOSTS: 127.0.0.1 reply.mediatris.net
HOSTS: 127.0.0.1 cgi.declicnet.com
HOSTS: 127.0.0.1 pubs.mgn.net
HOSTS: 127.0.0.1 ads.mcafee.com
HOSTS: 127.0.0.1 ads1.ad-flow.com
HOSTS: 127.0.0.1 ad.be.doubleclick.net
HOSTS: 127.0.0.1 ad.adtraq.com
HOSTS: 127.0.0.1 ad.sg.doubleclick.net
HOSTS: 127.0.0.1 adpop.theglobe.com
HOSTS: 127.0.0.1 ads-03.tor.focusin.ads.targetnet.com
HOSTS: 127.0.0.1 ads.adflight.com
HOSTS: 127.0.0.1 ads.detelefoongids.nl
HOSTS: 127.0.0.1 ads.ecircles.com
HOSTS: 127.0.0.1 ads.god.co.uk
HOSTS: 127.0.0.1 ads.hyperbanner.net
HOSTS: 127.0.0.1 ads.jpost.com
HOSTS: 127.0.0.1 ads.netmechanic.com
HOSTS: 127.0.0.1 ads.webcash.nl
HOSTS: 127.0.0.1 adserver.netcast.nl
HOSTS: 127.0.0.1 adserver.webads.com
HOSTS: 127.0.0.1 adserver.webads.nl
HOSTS: 127.0.0.1 adserver1.realtracker.com
HOSTS: 127.0.0.1 adserver2.realtracker.com
HOSTS: 127.0.0.1 adserver3.realtracker.com
HOSTS: 127.0.0.1 delivery1.ads.telegraaf.nl
HOSTS: 127.0.0.1 holland.hyperbanner.net
HOSTS: 127.0.0.1 images.webads.nl
HOSTS: 127.0.0.1 sc.clicksupply.com
HOSTS: 127.0.0.1 service.bfast.com
HOSTS: 127.0.0.1 www.ad4ex.com
HOSTS: 127.0.0.1 www.bannercampaign.com
HOSTS: 127.0.0.1 www.cyberbounty.com
HOSTS: 127.0.0.1 www.netvertising.be
HOSTS: 127.0.0.1 www.speedyclick.com
HOSTS: 127.0.0.1 www.webads.nl
HOSTS: 127.0.0.1 ads.snowball.com
HOSTS: 127.0.0.1 ads.amazingmedia.com
HOSTS: 127.0.0.1 www10.valueclick.com
HOSTS: 127.0.0.1 js1.hitbox.com
HOSTS: 127.0.0.1 rd1.hitbox.com
HOSTS: 127.0.0.1 mt37.mtree.com
HOSTS: 127.0.0.1 ads.gameanswers.com
HOSTS: 127.0.0.1 ads7.udc.advance.net
HOSTS: 127.0.0.1 www23.valueclick.com
HOSTS: 127.0.0.1 ads.fortunecity.com
HOSTS: 127.0.0.1 banners.nextcard.com
HOSTS: 127.0.0.1 ads.iwon.com
HOSTS: 127.0.0.1 www.qksrv.net
HOSTS: 127.0.0.1 clickserve.cc-dt.com
HOSTS: 127.0.0.1 ads-b.focalink.com
HOSTS: 127.0.0.1 ad2.peel.com
HOSTS: 127.0.0.1 ads.floridatoday.com
HOSTS: 127.0.0.1 stats.adultrevenueservice.com
HOSTS: 127.0.0.1 ads18.bpath.com
HOSTS: 127.0.0.1 ph-ad06.focalink.com
HOSTS: 127.0.0.1 global.msads.net
HOSTS: 127.0.0.1 pluto1.iserver.net
HOSTS: 127.0.0.1 ads1.intelliads.com
HOSTS: 127.0.0.1 primetime.ad.asap-asp.net
HOSTS: 127.0.0.1 ads.stileproject.com
HOSTS: 127.0.0.1 di.image.eshop.msn.com
HOSTS: 127.0.0.1 www.blissnet.net
HOSTS: 127.0.0.1 www.consumerinfo.com
HOSTS: 127.0.0.1 ads.rottentomatoes.com
HOSTS: 127.0.0.1 k5ads.osdn.com
HOSTS: 127.0.0.1 actionsplash.com
HOSTS: 127.0.0.1 campaigns.f2.com.au
HOSTS: 127.0.0.1 adserver.news.com.au
HOSTS: 127.0.0.1 servedby.advertising.com
HOSTS: 127.0.0.1 java.yahoo.com
HOSTS: 127.0.0.1 ad.howstuffworks.com
HOSTS: 127.0.0.1 ads.1for1.com
HOSTS: 127.0.0.1 images.ads.fairfax.com.au
HOSTS: 127.0.0.1 ads.devx.com
HOSTS: 127.0.0.1 utils.mediageneral.com
HOSTS: 127.0.0.1 banners.friendfinder.com
HOSTS: 127.0.0.1 adserver.matchcraft.com
HOSTS: 127.0.0.1 www.dnps.com
HOSTS: 127.0.0.1 creative.whi.co.nz
HOSTS: 127.0.0.1 rmedia.boston.com
HOSTS: 127.0.0.1 webaffiliate.covad.com
HOSTS: 127.0.0.1 ad.iwin.com
HOSTS: 127.0.0.1 www.nailitonline2.com
HOSTS: 127.0.0.1 mds.centrport.net
HOSTS: 127.0.0.1 oas.dispatch.com
HOSTS: 127.0.0.1 adserver.ads360.com
HOSTS: 127.0.0.1 banners.adultfriendfinder.com
HOSTS: 127.0.0.1 ads.as4x.tmcs.net
HOSTS: 127.0.0.1 ads.clickagents.com
HOSTS: 127.0.0.1 banners.chek.com
HOSTS: 127.0.0.1 zi.r.tv.com
HOSTS: 127.0.0.1 ph-ad19.focalink.com
HOSTS: 127.0.0.1 ads.greensboro.com
HOSTS: 127.0.0.1 ad2.adcept.net
HOSTS: 127.0.0.1 ads.colo.kiva.net
HOSTS: 127.0.0.1 adsrv.iol.co.za
HOSTS: 127.0.0.1 mjxads.internet.com
HOSTS: 127.0.0.1 adimage.asiaone.com.sg
HOSTS: 127.0.0.1 ads.vnuemedia.com
HOSTS: 127.0.0.1 affiliate.doteasy.com
HOSTS: 127.0.0.1 m.tribalfusion.com
HOSTS: 127.0.0.1 oas.lee.net
HOSTS: 127.0.0.1 www.banneroverdrive.com
HOSTS: 127.0.0.1 ad3.peel.com
HOSTS: 127.0.0.1 ad1.peel.comwww.xbn.ru
HOSTS: 127.0.0.1 adserver.snowball.com
HOSTS: 127.0.0.1 media15.fastclick.net
HOSTS: 127.0.0.1 ads5.advance.net
HOSTS: 127.0.0.1 ads3.advance.net
HOSTS: 127.0.0.1 ads2.advance.net
HOSTS: 127.0.0.1 ads.advance.net
HOSTS: 127.0.0.1 usbytecom.orbitcycle.com
HOSTS: 127.0.0.1 adbanner.sweepsclub.com
HOSTS: 127.0.0.1 oas.villagevoice.com
HOSTS: 127.0.0.1 www.ad-flow.com
HOSTS: 127.0.0.1 ads.guardian.co.uk
HOSTS: 127.0.0.1 ads.hitcents.com
HOSTS: 127.0.0.1 media19.fastclick.net
HOSTS: 127.0.0.1 a.tribalfusion.com
HOSTS: 127.0.0.1 ads.nypost.com
HOSTS: 127.0.0.1 ads.premiumnetwork.com
HOSTS: 127.0.0.1 ads.ad-flow.com
HOSTS: 127.0.0.1 adserver.hispavista.com
HOSTS: 127.0.0.1 ads.musiccity.com
HOSTS: 127.0.0.1 banners.revenuelink.com
HOSTS: 127.0.0.1 ads1.sptimes.com
HOSTS: 127.0.0.1 adserver.bizland-inc.net
HOSTS: 127.0.0.1 ads.adtegrity.net
HOSTS: 127.0.0.1 media13.fastclick.net
HOSTS: 127.0.0.1 adserver.ukplus.co.uk
HOSTS: 127.0.0.1 ads.live365.com
HOSTS: 127.0.0.1 ads.fredericksburg.com
HOSTS: 127.0.0.1 banners.affiliatefuel.com
HOSTS: 127.0.0.1 ar.atwola.com
HOSTS: 127.0.0.1 ads.bigcitytools.com
HOSTS: 127.0.0.1 netshelter.adtrix.com
HOSTS: 127.0.0.1 y.ibsys.com
HOSTS: 127.0.0.1 adserver.nydailynews.com
HOSTS: 127.0.0.1 s0b.bluestreak.com
HOSTS: 127.0.0.1 images.scripps.com
HOSTS: 127.0.0.1 images.cybereps.com
HOSTS: 127.0.0.1 altfarm.mediaplex.com
HOSTS: 127.0.0.1 krd.realcities.com
HOSTS: 127.0.0.1 www3.bannerspace.com
HOSTS: 127.0.0.1 view.atdmt.com
HOSTS: 127.0.0.1 ads7.advance.net
HOSTS: 127.0.0.1 ad.abcnews.com
HOSTS: 127.0.0.1 ads.newsquest.co.uk
HOSTS: 127.0.0.1 secure.webconnect.net
HOSTS: 127.0.0.1 ads.nandomedia.com
HOSTS: 127.0.0.1 banners.babylon-x.com
HOSTS: 127.0.0.1 media17.fastclick.net
HOSTS: 127.0.0.1 techreview-images.adbureau.net
HOSTS: 127.0.0.1 ads.exhedra.com
HOSTS: 127.0.0.1 ad.trafficmp.com
HOSTS: 127.0.0.1 realmedia-a800.d4p.net
HOSTS: 127.0.0.1 banner.northsky.com
HOSTS: 127.0.0.1 ftp.nacorp.com
HOSTS: 127.0.0.1 www.digitalbettingcasinos.com
HOSTS: 127.0.0.1 c1.zedo.com
HOSTS: 127.0.0.1 ads4.condenet.com
HOSTS: 127.0.0.1 www.brilliantdigital.com
HOSTS: 127.0.0.1 desktop.kazaa.com
HOSTS: 127.0.0.1 shop.kazaa.com
HOSTS: 127.0.0.1 www.bonzi.com
HOSTS: 127.0.0.1 www.b3d.com
HOSTS: 127.0.0.1 neighborhood.standard.net
HOSTS: 127.0.0.1 ads.telegraph.co.uk
HOSTS: 127.0.0.1 spinbox.techtracker.com
HOSTS: 127.0.0.1 toads.osdn.com
HOSTS: 127.0.0.1 ads.themes.org
HOSTS: 127.0.0.1 adserver.trb.com
HOSTS: 127.0.0.1 media.fastclick.net
HOSTS: 127.0.0.1 banner.easyspace.com
HOSTS: 127.0.0.1 www.banner2u.com
HOSTS: 127.0.0.1 ads.thestar.com
HOSTS: 127.0.0.1 ads.digitalmedianet.com
HOSTS: 127.0.0.1 www.fineclicks.com
HOSTS: 127.0.0.1 ads.mdchoice.com
HOSTS: 127.0.0.1 ad.horvitznewspapers.net
HOSTS: 127.0.0.1 adtegrity.thruport.com
HOSTS: 127.0.0.1 a.mktw.net
HOSTS: 127.0.0.1 ads.pennyweb.com
HOSTS: 127.0.0.1 www3.ad.tomshardware.com
HOSTS: 127.0.0.1 www4.ad.tomshardware.com
HOSTS: 127.0.0.1 www6.ad.tomshardware.com
HOSTS: 127.0.0.1 www8.ad.tomshardware.com
HOSTS: 127.0.0.1 www15.ad.tomshardware.com
HOSTS: 127.0.0.1 ads.forbes.com
HOSTS: 127.0.0.1 ads.desmoinesregister.com
HOSTS: 127.0.0.1 adserver.tribuneinteractive.com
HOSTS: 127.0.0.1 bannerads.anytimenews.com
HOSTS: 127.0.0.1 ads1.condenet.com
HOSTS: 127.0.0.1 adserver.anm.co.uk
HOSTS: 127.0.0.1 zrap.zdnet.com.com
HOSTS: 127.0.0.1 bidclix.net
HOSTS: 127.0.0.1 media.popuptraffic.com
HOSTS: 127.0.0.1 coreg.flashtrack.net
HOSTS: 127.0.0.1 rmads.msn.com
HOSTS: 127.0.0.1 ads.icq.com
HOSTS: 127.0.0.1 cb.icq.com
HOSTS: 127.0.0.1 cf.icq.com
HOSTS: 127.0.0.1 www2.newtopsites.com
HOSTS: 127.0.0.1 adserv.internetfuel.com
HOSTS: 127.0.0.1 images.fastclick.net
HOSTS: 127.0.0.1 adserver.securityfocus.com
HOSTS: 127.0.0.1 www.avsads.com
HOSTS: 127.0.0.1 banners.moviegoods.com
HOSTS: 127.0.0.1 ads.bitsonthewire.com
HOSTS: 127.0.0.1 ads.iambic.com
HOSTS: 127.0.0.1 sfads.osdn.com
HOSTS: 127.0.0.1 fl01.ct2.comclick.com
HOSTS: 127.0.0.1 adserver.phillyburbs.com
HOSTS: 127.0.0.1 marketing.nyi.net
HOSTS: 127.0.0.1 www.netflip.com
HOSTS: 127.0.0.1 image.imgfarm.com
HOSTS: 127.0.0.1 ads.viaarena.com
HOSTS: 127.0.0.1 phpads2.cnpapers.com
HOSTS: 127.0.0.1 ads.astalavista.us
HOSTS: 127.0.0.1 banner.coza.com
HOSTS: 127.0.0.1 adcreative.tribuneinteractive.com
HOSTS: 127.0.0.1 ads.democratandchronicle.com
HOSTS: 127.0.0.1 adlog.com.com
HOSTS: 127.0.0.1 adimg.com.com
HOSTS: 127.0.0.1 adimage.bankrate.com
HOSTS: 127.0.0.1 ads.mediadevil.com
HOSTS: 127.0.0.1 imageserv.adtech.de
HOSTS: 127.0.0.1 ad.se.doubleclick.net
HOSTS: 127.0.0.1 ads.cashsurfers.com
HOSTS: 127.0.0.1 ads.specificpop.com
HOSTS: 127.0.0.1 z1.adserver.com
HOSTS: 127.0.0.1 images.bizrate.com
HOSTS: 127.0.0.1 q.pni.com
HOSTS: 127.0.0.1 ad01.mediacorpsingapore.com
HOSTS: 127.0.0.1 adimage.asia1.com.sg
HOSTS: 127.0.0.1 images.newsx.cc
HOSTS: 127.0.0.1 www.adireland.com
HOSTS: 127.0.0.1 ads.iafrica.com
HOSTS: 127.0.0.1 ads.nyi.net
HOSTS: 127.0.0.1 geoads.osdn.com
HOSTS: 127.0.0.1 www.crisscross.com
HOSTS: 127.0.0.1 netcomm.spinbox.net
HOSTS: 127.0.0.1 ads.videoaxs.com
HOSTS: 127.0.0.1 mediamgr.ugo.com
HOSTS: 127.0.0.1 adserver.pollstar.com
HOSTS: 127.0.0.1 information.gopher.com
HOSTS: 127.0.0.1 ads.adviva.net
HOSTS: 127.0.0.1 adsrv.bankrate.com
HOSTS: 127.0.0.1 a207.p.f.qz3.net
HOSTS: 127.0.0.1 ehg-bestbuy.hitbox.com
HOSTS: 127.0.0.1 ehg-intel.hitbox.com
HOSTS: 127.0.0.1 ehg-espn.hitbox.com
HOSTS: 127.0.0.1 ehg-macromedia.hitbox.com
HOSTS: 127.0.0.1 ehg-dig.hitbox.com
HOSTS: 127.0.0.1 speed.pointroll.com
HOSTS: 127.0.0.1 amch.questionmarket.com
HOSTS: 127.0.0.1 ads.gamespy.com
HOSTS: 127.0.0.1 spd.atdmt.com
HOSTS: 127.0.0.1 ads.columbian.com
HOSTS: 127.0.0.1 clickit.go2net.com
HOSTS: 127.0.0.1 vpdc.ru4.com
HOSTS: 127.0.0.1 ads.developershed.com
HOSTS: 127.0.0.1 ads.globeandmail.com
HOSTS: 127.0.0.1 ads.nerve.com
HOSTS: 127.0.0.1 iv.doubleclick.net
HOSTS: 127.0.0.1 ads2.condenet.com
HOSTS: 127.0.0.1 www.burstnet.com
HOSTS: 127.0.0.1 ads5.canoe.ca
HOSTS: 127.0.0.1 askmen.thruport.com
HOSTS: 127.0.0.1 adsrv2.gainesvillesun.com
HOSTS: 127.0.0.1 ads.theolympian.com
HOSTS: 127.0.0.1 ads.courierpostonline.com
HOSTS: 127.0.0.1 i.timeinc.net
HOSTS: 127.0.0.1 oasads.whitepages.com
HOSTS: 127.0.0.1 rad.msn.com
HOSTS: 127.0.0.1 serve.thisbanner.com
HOSTS: 127.0.0.1 images.trafficmp.com
HOSTS: 127.0.0.1 www.kaplanindex.com
HOSTS: 127.0.0.1 kaplanindex.com
HOSTS: 127.0.0.1 1.httpdads.com
HOSTS: 127.0.0.1 spinbox.maccentral.com
HOSTS: 127.0.0.1 akaads-abc.starwave.com
HOSTS: 127.0.0.1 webad.ajeeb.com
HOSTS: 127.0.0.1 ads.granadamedia.com
HOSTS: 127.0.0.1 oas.uniontrib.com
HOSTS: 127.0.0.1 ads.wnd.com
HOSTS: 127.0.0.1 a3.suntimes.com
HOSTS: 127.0.0.1 tmsads.tribune.com
HOSTS: 127.0.0.1 ads.peel.com
HOSTS: 127.0.0.1 ads.mh5.com
HOSTS: 127.0.0.1 ad.usatoday.com
HOSTS: 127.0.0.1 adserver.digitalpartners.com
HOSTS: 127.0.0.1 ads.mediaturf.net
HOSTS: 127.0.0.1 ads4.clearchannel.com
HOSTS: 127.0.0.1 ads.clearchannel.com
HOSTS: 127.0.0.1 ads2.clearchannel.com
HOSTS: 127.0.0.1 ads.jacksonsun.com
HOSTS: 127.0.0.1 servads.aip.org
HOSTS: 127.0.0.1 ad.au.doubleclick.net
HOSTS: 127.0.0.1 adng.ascii24.com
HOSTS: 127.0.0.1 engage.speedera.net
HOSTS: 127.0.0.1 ads.msn-ppe.com
HOSTS: 127.0.0.1 ad.openfind.com.tw
HOSTS: 127.0.0.1 adi.mainichi.co.jp
HOSTS: 127.0.0.1 ads.northjersey.com
HOSTS: 127.0.0.1 ad.moscowtimes.ru
HOSTS: 127.0.0.1
HOSTS: 127.0.0.1 ad1.aaddzz.com
HOSTS: 127.0.0.1 ds.eyeblaster.com
HOSTS: 127.0.0.1 adserver.digitalpartners.com
HOSTS: 127.0.0.1 oas.uniontrib.com
HOSTS: 127.0.0.1 ads.statesmanjournal.com
HOSTS: 127.0.0.1 ads.centralohio.com
HOSTS: 127.0.0.1 banners.valuead.com
HOSTS: 127.0.0.1 banners.valuead.com


**** IE Settings ****

Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page: C:\WINDOWS\system32\blank.htm
Search Bar: http://www.websearch.com/ie.aspx?tb_id=50162
Search Page: http://google.icq.com


**** IE Context Menu (Right click) ****

IEContext: [&Google Search] res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
IEContext: [Bloquer ce serveur...] C:\Program Files\Avant Browser\AddAllToADBlackList.htm
IEContext: [Bloquer cette publicité...] C:\Program Files\Avant Browser\AddToADBlackList.htm
IEContext: [Download with IDM] C:\PROGRA~1\INTERN~2\IEExt.htm
IEContext: [E&xporter vers Microsoft Excel] res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IEContext: [Ouvrir tous les liens de la page...] C:\Program Files\Avant Browser\OpenAllLinks.htm
IEContext: [Pages liées] res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
IEContext: [Pages similaires] res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
IEContext: [Rechercher sur le Web...] C:\Program Files\Avant Browser\Search.htm
IEContext: [Surligner] C:\Program Files\Avant Browser\Highlight.htm
IEContext: [Version de la page actuelle disponible dans le cache Google] res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html


**** Layered Service Providers ****

LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AFDC07C1-DE71-4AA9-B81E-2E2D01FBAAC9}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AFDC07C1-DE71-4AA9-B81E-2E2D01FBAAC9}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1158A611-F70A-40EC-84A2-12DC9CDB45C7}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1158A611-F70A-40EC-84A2-12DC9CDB45C7}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5CF6861-8EE0-4F23-9BFA-9F557A1B99E4}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5CF6861-8EE0-4F23-9BFA-9F557A1B99E4}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{18E16FC5-BF60-4869-BE4A-6264B0D8FBB1}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{18E16FC5-BF60-4869-BE4A-6264B0D8FBB1}] DATAGRAM 2


**** Blocked Control Panel Items ****

BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No


**** Downloaded Program Files ****

DirectAnimation Java Classes [file://C:\WINDOWS\Java\classes\dajava.cab]
Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab]
teleir_cert [https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [http://www.apple.com/qtactivex/qtplugin.cab]
{2917297F-F02B-4B9D-81DF-494B6333150B} [http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab] C:\WINDOWS\Downloaded Program Files\minesweeper.dll
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} [http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab]
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} [http://messenger.msn.com/download/msnmessengersetupdownloader.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab]
{F6BF0D00-0B2A-4A75-BF7B-F385591623AF} [http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab]


**** Windows Services ****

[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\System32\imapi.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\System32\msdtc.exe
[MSIServer] C:\WINDOWS\System32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[NVSvc] %SystemRoot%\system32\nvsvc32.exe
[ose] "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[r_server] "C:\WINDOWS\system32\r_server.exe" /service
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Service] C:\WINDOWS\system32\Service.exe
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{769384E3-123D-46D0-8761-13C8CD96F1E1}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] C:\WINDOWS\System32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemRoot%\System32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs


**** Custom IE Search Items ****

SEARCH: [SearchAssistant]
SEARCH: [CustomizeSearch]
SEARCH: [SearchAssistant] http://www.websearch.com/ie.aspx?tb_id=50162
SEARCH: [CustomizeSearch] http://www.websearch.com/ie.aspx?tb_id=50162


**** Complete IE Options ****

IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://www.free.fr/
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://google.icq.com
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [Use Search Asst] no
IEOPT: [Search Bar] http://www.websearch.com/ie.aspx?tb_id=50162
IEOPT: [Enable Browser Extensions] yes
IEOPT: [Use FormSuggest] yes
IEOPT: [AddToFavoritesExpanded]
IEOPT: [Use_Combobox_DlgBox_Colors_Complete] 3
IEOPT: [Use_Combobox_DlgBox_Colors_Failed] 5
IEOPT: [Use_Combobox_DlgBox_Colors_Error] 22
IEOPT: [Prev Use Search Asst] no
IEOPT: [Prev Search Page] http://www.google.com
IEOPT: [Prev Search Bar] http://www.google.com/ie
IEOPT: [Use Custom Search URL]
IEOPT: [AutoSearch]
IEOPT: [Move System Caret] no
IEOPT: [Expand Alt Text] no
IEOPT: [Print_Background] no
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Show image placeholders]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [FavIntelliMenus] no
IEOPT: [UseThemes]
IEOPT: [NoWebJITSetup]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Page_Transitions]
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [NscSingleExpand]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [SmoothScroll]
IEOPT: [LastCheckedHi] ~qÅs
IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Search Bar]
IEOPT: []
IEOPT: [CustomizeSearch]
IEOPT: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IEOPT: [IEWatsonEnabled]


voila tout est la pour anti spyware j'ai spy sweeper

merci a toi pour m'aider
0
Réponse 3 / 5
gouache Messages postés 394 Date d'inscription   Statut Membre Dernière intervention   43
 
Salut,

Ca n'a pas marché. Refais tout, mais cette fois-ci, avant de procéder, clique droit sur Poste de travail > Propriétés > onglet Restauration > coche désactiver la restauration du système.

Ensuite redémarre ton pc en mode sans échec : dès l'allumage tu tapotes sur la touche f8 plusieurs fois. Tu vas pouvoir ainsi choisir le mode sans échec.

Enfin quand ton pc est bien en mode sans echec avec la restauration systeme désactivée, tu fixes sur hijack et tu fais un quoi d'adaware spybot et tout ltralala. Ensuite tu redémarres en mode normal, réactive la restauration systeme (clique droit Poste de travail > etc.....) refait un dernier log hijackthis, copie colle ici et prie pour qu'on te dise que ca a marché.

A plus
0
Réponse 4 / 5
bernie61
 
salut à tous
0. Installe ce nettoyeur CCLEANER http://www.ccleaner.com/ ensuite
*Pour scan complet il faut pouvoir scanner tous les dossiers donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers

1. Tu connais ça ? non, alors vérifie (cliq droit souris/propriété) sinon ZIP (compresse) et efface le .EXE

2. Relances Hijackthis et coche (puis FIX)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50162
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: (no name) - {8102481A-8982-D503-8639-8A1D804310CE} - C:\WINDOWS\system32\btd.dll (file missing)
O4- RUN: [Teo] C:\WINDOWS\system32\??erinit.exe
O4 - HKCU\..\Run: [g0rnRjYsi] xviaa6.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\system32\kernels32.exe
O15 - Trusted Zone: *.blazefind.com > toutes les O15

3. Effacer ces programmes .EXE ( et à la fin vider la corbeille)
C:\WINDOWS\system32\??erinit.exe
C :… xviaa6.exe
C:\WINDOWS\system32\kernels32.exe

4. vider les répertoires temps et la corbeille, en lançant Ccleaner
Refais un hijackthis de contrôle
a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
mariesimone Messages postés 2 Statut Membre
 
lorsque je veux changer de fond décran
le bouton appliquer n'est pas actif le fond d'écran choisi apparait puis,il est recouvert,au bout de 10 secondes par unancien fond d'écran,toujours le même.
J'ai windows XP1 et je navigue avec FIREFOX.
0

Discussions similaires

Fond d'écran carousel xiaomi
Thomasg -
Albator -

3 réponses
Impossible de changer mon fond d'écran Redmi Note 9
Slooping -
Do -

27 réponses
Enlever les fond d'ecran carousel auto du tel XIAMI 14
Joo2795 -
MPMP10 -

1 réponse