Computing.Net > Forums > Security and Virus > Help vid codec virus

Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free!

Help vid codec virus

Reply to Message Icon

Original Message
Name: viviter
Date: November 7, 2007 at 18:03:01 Pacific
Subject: Help vid codec virus
OS: Windows XP
CPU/Ram: 3.0GHZ processor, 2GB Ram
Model/Manufacturer: Everything original but p
Comment:

HEY I NEED HELP please, i am new in this site, I DOWNLOADED A VIDEO FROM THE INTERNET AND IT ASKED ME FOR A NEW CODEC I DIDN'T HAVE, I NEVER DO THIS WITHOUT PREVIOUS INQUIRING BUT I WAS GOING ON A TRIP, WANTED TO MAKE A DVD OUT OF IT SO I DOWNLOADED IT AND THEN CHAOS, MY VIDO FILES CAN NO LONGER BE EDITED OR TRANSFERED TO MY VIDEO PLAYING DEVICE, MY NOD32 ANTIVIRUS ALWAYS PROMPTS A MESSAGE THAT TELLS ME IT CAN'T UPDATE ANYMORE AND THE COMPUTER IS BEHAVING SLOW AND WEIRD!!! HOW DO I GET HELP FOR THIS? I NOTICES IT IS BECOMING A VERY COMMON PROBLEM.
AND ALSO, MY DAD ALWAYS GETS IN THOSE HARMFULL PORN SITES, I ALWAYS TELL HIM THAT THIS SITES ARE HARMFULL BUT HE Keeps doing this, how can I protect my computer against this or how can I BLock his access to this sites. THANKS


Report Offensive Message For Removal


Response Number 1
Name: jabuck
Date: November 7, 2007 at 18:49:57 Pacific
Reply: (edit)

Please download SmitFraudFix from this link http://siri.urz.free.fr/Fix/Smitfra... Then extract the contents to your desktop.

!!!! Only run option #1 as runing the other options on an uninfected computer will damage the desktop.!!!!


Open the "SmitfraudFix" folder and double-click "smitfraudfix.cmd"
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

Please download and install the latest version of HijackThis v2.0.2:

Download the HijackThis Installer from this link: HijackThis

1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.


Report Offensive Follow Up For Removal

Response Number 2
Name: viviter
Date: November 10, 2007 at 08:51:54 Pacific
Reply: (edit)

Thank You Very Much
for replying

SMITFRAUD REPORT

SmitFraudFix v2.252

Scan done at 12:45:59,26, 10/11/2007
Run from C:\Documents and Settings\SALVADOR1\Escritorio\Nueva carpeta\SmitfraudFix
OS: Microsoft Windows XP [Versi¢n 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Archivos de programa\Analog Devices\SoundMAX\Smax4.exe
C:\Archivos de programa\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Archivos de programa\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\ARCHIV~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Archivos de programa\BitLord\BitLord.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Archivos de programa\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Archivos de programa\Nero\Nero 7\InCD\InCDsrv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Soulseek\slsk.exe
C:\ARCHIV~1\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

hosts file corrupted !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\SALVADOR1


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\SALVADOR1\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SALVAD~1\FAVORI~1

C:\DOCUME~1\SALVAD~1\FAVORI~1\Online Security Test.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Archivos de programa


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Mi p gina de inicio actual"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{25b7d2fd-4f71-46d1-801a-7de323e4ec82}"="equiparant"

[HKEY_CLASSES_ROOT\CLSID\{25b7d2fd-4f71-46d1-801a-7de323e4ec82}\InProcServer32]
@="C:\WINDOWS\system32\indwvm.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{25b7d2fd-4f71-46d1-801a-7de323e4ec82}\InProcServer32]
@="C:\WINDOWS\system32\indwvm.dll"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Adaptador Ethernet basado en Macronix MX98715 (Genérico) - Minipuerto del administrador de paquetes
DNS Server Search Order: 216.72.226.12
DNS Server Search Order: 216.72.226.10

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: NameServer=216.72.226.12,216.72.226.10
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: NameServer=216.72.226.12,216.72.226.10
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: NameServer=216.72.226.12,216.72.226.10
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=200.82.134.4 200.82.134.5 200.82.134.7 200.82.134.8


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


HIJACKTHIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:49 p.m., on 10/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Archivos de programa\Analog Devices\SoundMAX\Smax4.exe
C:\Archivos de programa\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Archivos de programa\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\ARCHIV~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Archivos de programa\BitLord\BitLord.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Archivos de programa\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Archivos de programa\Nero\Nero 7\InCD\InCDsrv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Soulseek\slsk.exe
C:\ARCHIV~1\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\Windows Media Player\wmplayer.exe
C:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Archivos de programa\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Archivos de programa\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Archivos de programa\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [zzzHPSETUP] F:\Setup.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Archivos de programa\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Archivos de programa\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Archivos de programa\Archivos comunes\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Archivos de programa\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Delete Phone Bird Five] C:\Documents and Settings\All Users\Datos de programa\wave boob delete phone\SUPPORT DALE.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Archivos de programa\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [cool link] C:\DOCUME~1\SALVAD~1\DATOSD~1\WAYTRA~1\VgaTwo.exe
O4 - HKCU\..\Run: [swg] C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Archivos de programa\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Archivos de programa\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Archivos de programa\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Archivos de programa\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://carlacompagnone.spaces.live....
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://salvatorinox.spaces.live.com...
O17 - HKLM\System\CCS\Services\Tcpip\..\{A60C6F32-F2BB-4056-AA78-0032D92E2548}: NameServer = 216.72.226.12,216.72.226.10
O22 - SharedTaskScheduler: equiparant - {25b7d2fd-4f71-46d1-801a-7de323e4ec82} - C:\WINDOWS\system32\indwvm.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Archivos de programa\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Archivos de programa\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8480 bytes


Report Offensive Follow Up For Removal

Response Number 3
Name: jabuck
Date: November 10, 2007 at 10:25:43 Pacific
Reply: (edit)

Temporarily disable any of the following anti-spyware realtime protection programs that you may have Disable Realtime Protection or the fixes will not work. Be sure to turn yout anti-spyware programs back on once the computer is clean.

Next, please reboot your computer in Safe Mode by doing the following :

Restart your computer

After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;

Instead of Windows loading as normal, a menu with options should appear;

Select the first option, to run Windows in Safe Mode, then press "Enter".

Choose your usual account.

Once in Safe Mode, open the "SmitfraudFix" folder again and double-click "smitfraudfix.cmd"
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing " Y " and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if "wininet.dll " is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing "Y" and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.

A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Download "HostXpert" from this link HostXpert to your desktop.
Open up the HostsXpert program.

Make sure that the "make hosts writable?" button in the upper right corner is enabled.
Click back up Host files.
Then click Restore orginal host files.
Close the program.

Please download ComboFix to the desktop from this link:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)

Please post the log it produces and a new Hijack This log please.


Report Offensive Follow Up For Removal

Response Number 4
Name: viviter
Date: November 10, 2007 at 14:11:15 Pacific
Reply: (edit)

Ok, Here they Go

SmitFraudFix v2.252

Scan done at 17:50:05,32, 10/11/2007
Run from C:\Documents and Settings\SALVADOR1\Escritorio\SmitfraudFix
OS: Microsoft Windows XP [Versi¢n 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br. ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de. ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es. ## added by CiD
127.0.0.1 fr. ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go. ## added by CiD
127.0.0.1 hk. ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog. ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb. ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure. ## added by CiD
127.0.0.1 support. ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog. ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils. ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www. ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2007-download.com
127.0.0.1 www.2007-download.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 2every.net
127.0.0.1 www.2every.net
127.0.0.1 2ndpower.com
127.0.0.1 2search.com
127.0.0.1 www.2search.com
127.0.0.1 2search.org
127.0.0.1 www.2search.org
127.0.0.1 2squared.com
127.0.0.1 www.2squared.com
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 365soft.info
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3bay.it
127.0.0.1 www.3bay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3ebay.it
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4repubblica.it
127.0.0.1 www.4repubblica.it
127.0.0.1 4softget.com
127.0.0.1 www.4softget.com
127.0.0.1 5iscali.it
127.0.0.1 www.5iscali.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 5tiscali.it
127.0.0.1 www.5tiscali.it
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 6iscali.it
127.0.0.1 www.6iscali.it
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 6tiscali.it
127.0.0.1 www.6tiscali.it
127.0.0.1 7322.com
127.0.0.1 www.7322.com
127.0.0.1 75tz.com
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 7939.com
127.0.0.1 www.7939.com
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 9505.com
127.0.0.1 www.9505.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aavc.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 access.Navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accessorygeeks.com
127.0.0.1 www.accessorygeeks.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-stop.com
127.0.0.1 www.acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.mokead.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.yieldmanager.com
127.0.0.1 www.ad.yieldmanager.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 add-manager.com
127.0.0.1 www.add-manager.com
127.0.0.1 adgate.info
127.0.0.1 www.adgate.info
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads183.com
127.0.0.1 www.ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 adult777search.info
127.0.0.1 www.adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 adultsper.com
127.0.0.1 www.adultsper.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 aflgate.com
127.0.0.1 www.aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 aginegialle.it
127.0.0.1 www.aginegialle.it
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 aitalia.it
127.0.0.1 www.aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 aklitalia.it
127.0.0.1 www.aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 alialia.it
127.0.0.1 www.alialia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitala.it
127.0.0.1 www.alitala.it
127.0.0.1 alitali.it
127.0.0.1 www.alitali.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 ALL1COUNT.NET
127.0.0.1 www.ALL1COUNT.NET
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 alliesecurity.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 all-limewire.com
127.0.0.1 www.all-limewire.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allprotections.com
127.0.0.1 www.allprotections.com
127.0.0.1 allresultz.net
127.0.0.1 www.allresultz.net
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allstarsvideos.net
127.0.0.1 www.allstarsvideos.net
127.0.0.1 alltruesoftware.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 aloitalia.it
127.0.0.1 www.aloitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 amaena.com
127.0.0.1 www.amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasource.com
127.0.0.1 www.amediasource.com
127.0.0.1 americancarbargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 analcord.com
127.0.0.1 www.analcord.com
127.0.0.1 analmovi.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 andromedical.com
127.0.0.1 www.andromedical.com
127.0.0.1 animepornmag.com
127.0.0.1 www.animepornmag.com
127.0.0.1 anin.org
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 antiddos.us
127.0.0.1 www.antiddos.us
127.0.0.1 Antiespiadorado.com
127.0.0.1 www.Antiespiadorado.com
127.0.0.1 Antiespionspack.com
127.0.0.1 www.Antiespionspack.com
127.0.0.1 Antigusanos2008.com
127.0.0.1 www.Antigusanos2008.com
127.0.0.1 Antispionage.com
127.0.0.1 www.Antispionage.com
127.0.0.1 Antispionagepro.com
127.0.0.1 www.Antispionagepro.com
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 Antispywaresuite.com
127.0.0.1 www.Antispywaresuite.com
127.0.0.1 Antispyweb.net
127.0.0.1 www.Antispyweb.net
127.0.0.1 Antiver2008.com
127.0.0.1 www.Antiver2008.com
127.0.0.1 antivermins.com
127.0.0.1 www.antivermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antivirus-hq.net
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 Antiworm2008.com
127.0.0.1 www.Antiworm2008.com
127.0.0.1 Antiwurm2008.com
127.0.0.1 www.Antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 anyofus.com
127.0.0.1 www.anyofus.com
127.0.0.1 anysn.seproger.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 apicpreview.com
127.0.0.1 www.apicpreview.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 aprotectedpage.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 archiviosex.net
127.0.0.1 www.archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 arespro2007.com
127.0.0.1 www.arespro2007.com
127.0.0.1 aresultra.com
127.0.0.1 www.aresultra.com
127.0.0.1 ares-usa.com
127.0.0.1 www.ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asiankingkong.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 aslitalia.it
127.0.0.1 www.aslitalia.it
127.0.0.1 ass-gals.com
127.0.0.1 assureprotection.com
127.0.0.1 www.assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 asupereva.it
127.0.0.1 www.asupereva.it
127.0.0.1 athenrye.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 attackware.com
127.0.0.1 www.attackware.com
127.0.0.1 attrezzi.biz
127.0.0.1 www.attrezzi.biz
127.0.0.1 aulde.net
127.0.0.1 www.aulde.net
127.0.0.1 aupereva.it
127.0.0.1 www.aupereva.it
127.0.0.1 autocontext.begun.ru
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg-secure.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avian-ads.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 awarninglist.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 awesomehomepage.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 aximageobject.com
127.0.0.1 www.aximageobject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideosetup.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azzetta.it
127.0.0.1 www.azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 baccarat-other.info
127.0.0.1 www.baccarat-other.info
127.0.0.1 Backstripgirls.com
127.0.0.1 www.Backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 bardownload.com
127.0.0.1 www.bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearshare-usa.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 beebappyy.biz
127.0.0.1 www.beebappyy.biz
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 best-hardpics.com
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestporngate.com
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 best-spyware.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-voyeur.info
127.0.0.1 www.best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestxporno.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigwww.com
127.0.0.1 www.bigwww.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 bitchesonline.net
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 biz.biz
127.0.0.1 blackblues00.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 blondetgp.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bnmgate.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 bonzi.com
127.0.0.1 www.bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 bookedspace.com
127.0.0.1 www.bookedspace.com
127.0.0.1 boom.com.vn
127.0.0.1 www.boom.com.vn
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bqgate.com
127.0.0.1 www.bqgate.com
127.0.0.1 bradcoem.org
127.0.0.1 braincodec.com
127.0.0.1 www.braincodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 brodbfm.net
127.0.0.1 www.brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 browserwise.com
127.0.0.1 www.browserwise.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 busysearch.net
127.0.0.1 www.busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 buy-find.info
127.0.0.1 www.buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 bvirgilio.it
127.0.0.1 www.bvirgilio.it
127.0.0.1 c.centralmedia.ws
127.0.0.1 c.enhance.com
127.0.0.1 www.c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c5.www4free.info
127.0.0.1 www.c5.www4free.info
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 calcioturris.com
127.0.0.1 calendaralerts.net
127.0.0.1 www.calendaralerts.net
127.0.0.1 cameouk.co.uk
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 camouflageclothingonline.net
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 canidetect.org
127.0.0.1 www.canidetect.org
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 CashUnlim.com
127.0.0.1 www.CashUnlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 catch-dc.info
127.0.0.1 www.catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cc.panet.org
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 ccorriere.it
127.0.0.1 www.ccorriere.it
127.0.0.1 cdegate.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 cdorriere.it
127.0.0.1 www.cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 cforriere.it
127.0.0.1 www.cforriere.it
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 checkin100.com
127.0.0.1 www.checkin100.com
127.0.0.1 checkssecurity.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 chenshijituan.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 ciorriere.it
127.0.0.1 www.ciorriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 cleansoftwares.com
127.0.0.1 www.cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 click-codec.com
127.0.0.1 www.click-codec.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 click-now.net
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 click-to-download.com
127.0.0.1 www.click-to-download.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 clorriere.it
127.0.0.1 www.clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnzz.com
127.0.0.1 www.cnzz.com
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvd.net
127.0.0.1 codec-fun.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codecsoft.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codrriere.it
127.0.0.1 www.codrriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 coirriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerrecover.com
127.0.0.1 www.computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.ireit.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 contra-virus.com
127.0.0.1 www.contra-virus.com
127.0.0.1 controlmeh.com
127.0.0.1 www.controlmeh.com
127.0.0.1 cooldeskalert.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 coorriere.it
127.0.0.1 www.coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 coprriere.it
127.0.0.1 www.coprriere.it
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 coreiere.it
127.0.0.1 www.coreiere.it
127.0.0.1 coreriere.it
127.0.0.1 www.coreriere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 correiere.it
127.0.0.1 www.correiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corridere.it
127.0.0.1 www.corridere.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriee.it
127.0.0.1 www.corriee.it
127.0.0.1 corrieere.it
127.0.0.1 www.corrieere.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corrierde.it
127.0.0.1 www.corrierde.it
127.0.0.1 corriered.it
127.0.0.1 www.corriered.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriete.it
127.0.0.1 www.corriete.it
127.0.0.1 corrietre.it
127.0.0.1 www.corrietre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corrifere.it
127.0.0.1 www.corrifere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrire.it
127.0.0.1 www.corrire.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrisere.it
127.0.0.1 www.corrisere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwre.it
127.0.0.1 www.corriwre.it
127.0.0.1 corrliere.it
127.0.0.1 www.corrliere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruiere.it
127.0.0.1 www.corruiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortriere.it
127.0.0.1 www.cortriere.it
127.0.0.1 costrike.com
127.0.0.1 www.costrike.com
127.0.0.1 cotriere.it
127.0.0.1 www.cotriere.it
127.0.0.1 cotrriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 countdutycall.info
127.0.0.1 www.countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 cporriere.it
127.0.0.1 www.cporriere.it
127.0.0.1 cprriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 crapsgold.info
127.0.0.1 www.crapsgold.info
127.0.0.1 Crazygirls-world.com
127.0.0.1 crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 crriere.it
127.0.0.1 www.crriere.it
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 curedc.info
127.0.0.1 www.curedc.info
127.0.0.1 curepcsolutions.com
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutadult.com
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvorriere.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cxorriere.it
127.0.0.1 www.cxorriere.it
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 cydoor.com
127.0.0.1 www.cydoor.com
127.0.0.1 daily-gals.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dancingbabycd.com
127.0.0.1 data-hoster.com
127.0.0.1 www.data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 dating-galaxy.info
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbxcompany.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 dcorriere.it
127.0.0.1 www.dcorriere.it
127.0.0.1 dcurtis.com
127.0.0.1 www.dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de98.remsys.org
127.0.0.1 debay.it
127.0.0.1 www.debay.it
127.0.0.1 dedmazay.3322.org
127.0.0.1 dedsearch.com
127.0.0.1 www.dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 Defensaantimalware.com
127.0.0.1 www.Defensaantimalware.com
127.0.0.1 deja-rue.com
127.0.0.1 www.deja-rue.com
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 derrari.it
127.0.0.1 www.derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskwizz.com
127.0.0.1 www.deskwizz.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dgbusiness.com
127.0.0.1 www.dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietp--sy.com
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 directdvdpro.com
127.0.0.1 www.directdvdpro.com
127.0.0.1 directporta.info
127.0.0.1 www.directporta.info
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmcast.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.searchtabs.net
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download-2007.com
127.0.0.1 www.download-2007.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download-ad-aware.com
127.0.0.1 www.download-ad-aware.com
127.0.0.1 download-all-4-free.com
127.0.0.1 www.download-all-4-free.com
127.0.0.1 download-all-area.com
127.0.0.1 www.download-all-area.com
127.0.0.1 download-antivir.com
127.0.0.1 www.download-antivir.com
127.0.0.1 downloadanysong.com
127.0.0.1 www.downloadanysong.com
127.0.0.1 download-avast.com
127.0.0.1 www.download-avast.com
127.0.0.1 downloadcorporation.com
127.0.0.1 www.downloadcorporation.com
127.0.0.1 download-dvdshrink.com
127.0.0.1 www.download-dvdshrink.com
127.0.0.1 download-for-free.net
127.0.0.1 www.download-for-free.net
127.0.0.1 downloadfreesoft.com
127.0.0.1 www.downloadfreesoft.com
127.0.0.1 downloadfreeway.com
127.0.0.1 www.downloadfreeway.com
127.0.0.1 downloadimesh.com
127.0.0.1 www.downloadimesh.com
127.0.0.1 download-itunes-now.com
127.0.0.1 www.download-itunes-now.com
127.0.0.1 download-limewire.org
127.0.0.1 www.download-limewire.org
127.0.0.1 downloadlost.tv
127.0.0.1 www.downloadlost.tv
127.0.0.1 downloadmax.net
127.0.0.1 www.downloadmax.net
127.0.0.1 download-mcafee.com
127.0.0.1 www.download-mcafee.com
127.0.0.1 download-me.info
127.0.0.1 downloadmediaax.com
127.0.0.1 www.downloadmediaax.com
127.0.0.1 downloadpics.net
127.0.0.1 www.downloadpics.net
127.0.0.1 download-real-player.com
127.0.0.1 www.download-real-player.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 downloads.adaware.cc
127.0.0.1 downloadservicearea.com
127.0.0.1 www.downloadservicearea.com
127.0.0.1 downloads-free.org
127.0.0.1 www.downloads-free.org
127.0.0.1 downloadsglobe.com
127.0.0.1 www.downloadsglobe.com
127.0.0.1 download-this.us
127.0.0.1 www.download-this.us
127.0.0.1 download-trillian.com
127.0.0.1 www.download-trillian.com
127.0.0.1 downloadv3.com
127.0.0.1 www.downloadv3.com
127.0.0.1 downloadvax.com
127.0.0.1 www.downloadvax.com
127.0.0.1 download-windvd.com
127.0.0.1 www.download-windvd.com
127.0.0.1 download-winrar.com
127.0.0.1 www.download-winrar.com
127.0.0.1 downloadwizard.com
127.0.0.1 downloadzcenter.com
127.0.0.1 downloadzcentral.com
127.0.0.1 downloadzfree.com
127.0.0.1 www.downloadzfree.com
127.0.0.1 downloadznow.net
127.0.0.1 download-zone-free.com
127.0.0.1 www.download-zone-free.com
127.0.0.1 download-zone-free.net
127.0.0.1 www.download-zone-free.net
127.0.0.1 dp-host.com
127.0.0.1 dr.mcboo.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 dr38.mcboo.com
127.0.0.1 dr47.mcboo.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drepubblica.it
127.0.0.1 www.drepubblica.it
127.0.0.1 drivecleanr.com
127.0.0.1 www.drivecleanr.com
127.0.0.1 drocherway.com
127.0.0.1 dropspam.com
127.0.0.1 www.dropspam.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dsupereva.it
127.0.0.1 www.dsupereva.it
127.0.0.1 dtlproduct.com
127.0.0.1 www.dtlproduct.com
127.0.0.1 dudu.com
127.0.0.1 www.dudu.com
127.0.0.1 dulcineasystems.net
127.0.0.1 dumpserv.com
127.0.0.1 duolaimi.net
127.0.0.1 dutch-sex.com
127.0.0.1 dvdaccess.net
127.0.0.1 www.dvdaccess.net
127.0.0.1 dvdbank.org
127.0.0.1 dvdcodec.net
127.0.0.1 www.dvdcodec.net
127.0.0.1 dvdsmovies.net
127.0.0.1 www.dvdsmovies.net
127.0.0.1 dvdsvideos.net
127.0.0.1 www.dvdsvideos.net
127.0.0.1 dvdtocdsite.com
127.0.0.1 www.dvdtocdsite.com
127.0.0.1 e3bay.it
127.0.0.1 www.e3bay.it
127.0.0.1 e4bay.it
127.0.0.1 www.e4bay.it
127.0.0.1 eager-sex.com
127.0.0.1 earthllnk.net
127.0.0.1 www.earthllnk.net
127.0.0.1 eases.net
127.0.0.1 easyantispy.com
127.0.0.1 easybestdeals.com
127.0.0.1 www.easybestdeals.com
127.0.0.1 easycategories.com
127.0.0.1 easymp3musicnow.com
127.0.0.1 www.easymp3musicnow.com
127.0.0.1 easy-pharmacy.info
127.0.0.1 www.easy-pharmacy.info
127.0.0.1 easy-search.net
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 easysearchingtips.com
127.0.0.1 easyspyware.com
127.0.0.1 www.easyspyware.com
127.0.0.1 easywww.info
127.0.0.1 www.easywww.info
127.0.0.1 eba6y.it
127.0.0.1 www.eba6y.it
127.0.0.1 eba7y.it
127.0.0.1 www.eba7y.it
127.0.0.1 ebaay.it
127.0.0.1 www.ebaay.it
127.0.0.1 ebagy.it
127.0.0.1 www.ebagy.it
127.0.0.1 ebahy.it
127.0.0.1 www.ebahy.it
127.0.0.1 ebajy.it
127.0.0.1 www.ebajy.it
127.0.0.1 ebaqy.it
127.0.0.1 www.ebaqy.it
127.0.0.1 ebasy.it
127.0.0.1 www.ebasy.it
127.0.0.1 ebaty.it
127.0.0.1 www.ebaty.it
127.0.0.1 ebauy.it
127.0.0.1 www.ebauy.it
127.0.0.1 ebav.com
127.0.0.1 ebaw.com
127.0.0.1 ebawy.it
127.0.0.1 www.ebawy.it
127.0.0.1 ebaxy.it
127.0.0.1 www.ebaxy.it
127.0.0.1 ebay6.it
127.0.0.1 www.ebay6.it
127.0.0.1 ebay7.it
127.0.0.1 www.ebay7.it
127.0.0.1 ebayg.it
127.0.0.1 www.ebayg.it
127.0.0.1 ebayh.it
127.0.0.1 www.ebayh.it
127.0.0.1 ebayj.it
127.0.0.1 www.ebayj.it
127.0.0.1 ebayt.it
127.0.0.1 www.ebayt.it
127.0.0.1 ebayu.it
127.0.0.1 www.ebayu.it
127.0.0.1 ebazy.it
127.0.0.1 www.ebazy.it
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebestfind.org
127.0.0.1 www.ebestfind.org
127.0.0.1 ebgay.it
127.0.0.1 www.ebgay.it
127.0.0.1 ebgo.com
127.0.0.1 ebhay.it
127.0.0.1 www.ebhay.it
127.0.0.1 ebjp.com
127.0.0.1 ebkb.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 ebmu.com
127.0.0.1 ebnay.it
127.0.0.1 www.ebnay.it
127.0.0.1 ebony-pornmag.com
127.0.0.1 www.ebony-pornmag.com
127.0.0.1 ebonypornmag.com
127.0.0.1 www.ebonypornmag.com
127.0.0.1 ebqay.it
127.0.0.1 www.ebqay.it
127.0.0.1 ebsay.it
127.0.0.1 www.ebsay.it
127.0.0.1 ebsy.it
127.0.0.1 www.ebsy.it
127.0.0.1 ebvay.it
127.0.0.1 www.ebvay.it
127.0.0.1 ebvr.com
127.0.0.1 ebway.it
127.0.0.1 www.ebway.it
127.0.0.1 ebxay.it
127.0.0.1 www.ebxay.it
127.0.0.1 ebzay.it
127.0.0.1 www.ebzay.it
127.0.0.1 ecmh.com
127.0.0.1 ecmp.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecpm.com
127.0.0.1 ecstasyporn.net
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 edbay.it
127.0.0.1 www.edbay.it
127.0.0.1 edhq.com
127.0.0.1 edietprogram.com
127.0.0.1 www.edietprogram.com
127.0.0.1 edty.com
127.0.0.1 eduy.com
127.0.0.1 eebay.it
127.0.0.1 www.eebay.it
127.0.0.1 eeev.com
127.0.0.1 eepubblica.it
127.0.0.1 www.eepubblica.it
127.0.0.1 efbay.it
127.0.0.1 www.efbay.it
127.0.0.1 egbay.it
127.0.0.1 www.egbay.it
127.0.0.1 ehbay.it
127.0.0.1 www.ehbay.it
127.0.0.1 eikokoike.com
127.0.0.1 elitecodec.com
127.0.0.1 www.elitecodec.com
127.0.0.1 elitemediagroup.net
127.0.0.1 www.elitemediagroup.net
127.0.0.1 e-localad.com
127.0.0.1 emailicon.org
127.0.0.1 www.emailicon.org
127.0.0.1 emch.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emule.mp3-muzic.com
127.0.0.1 www.emule.mp3-muzic.com
127.0.0.1 emuledownloadhome.com
127.0.0.1 www.emuledownloadhome.com
127.0.0.1 emule-freebie.com
127.0.0.1 www.emule-freebie.com
127.0.0.1 enay.it
127.0.0.1 www.enay.it
127.0.0.1 enbay.it
127.0.0.1 www.enbay.it
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 engineplay.com
127.0.0.1 www.engineplay.com
127.0.0.1 engine-ticket.com
127.0.0.1 www.engine-ticket.com
127.0.0.1 enhance.com
127.0.0.1 www.enhance.com
127.0.0.1 enhancevideos.com
127.0.0.1 www.enhancevideos.com
127.0.0.1 enitinvest.net
127.0.0.1 enjoywebsurf.com
127.0.0.1 entertainsite.net
127.0.0.1 www.entertainsite.net
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 e-plus.cc
127.0.0.1 epornsex.com
127.0.0.1 eprotectionline.com
127.0.0.1 www.eprotectionline.com
127.0.0.1 eprotectpage.com
127.0.0.1 www.eprotectpage.com
127.0.0.1 erbay.it
127.0.0.1 www.erbay.it
127.0.0.1 erepubblica.it
127.0.0.1 www.erepubblica.it
127.0.0.1 ergosites.com
127.0.0.1 erossoalice.it
127.0.0.1 www.erossoalice.it
127.0.0.1 errari.it
127.0.0.1 www.errari.it
127.0.0.1 error404site.com
127.0.0.1 www.error404site.com
127.0.0.1 error404site.net
127.0.0.1 www.error404site.net
127.0.0.1 errorkiller.com
127.0.0.1 www.errorkiller.com
127.0.0.1 errorsdns.com
127.0.0.1 www.errorsdns.com
127.0.0.1 ert0003.e76.163ns.com
127.0.0.1 ertikadeswiokinganfujas.com
127.0.0.1 www.ertikadeswiokinganfujas.com
127.0.0.1 es0-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es1-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es2-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es3-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es4-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es5-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es6-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es7-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es8-www.5zgmu7o20kt5d8yq.com
127.0.0.1 es9-www.5zgmu7o20kt5d8yq.com
127.0.0.1 esafetylist.com
127.0.0.1 www.esafetylist.com
127.0.0.1 esafetypage.com
127.0.0.1 www.esafetypage.com
127.0.0.1 esbay.it
127.0.0.1 www.esbay.it
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 esecuritynote.com
127.0.0.1 www.esecuritynote.com
127.0.0.1 esecuritypage.com
127.0.0.1 www.esecuritypage.com
127.0.0.1 esupereva.it
127.0.0.1 www.esupereva.it
127.0.0.1 etomi.all-downloads-now.com
127.0.0.1 www.etomi.all-downloads-now.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 euuu.com
127.0.0.1 evbay.it
127.0.0.1 www.evbay.it
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 ewbay.it
127.0.0.1 www.ewbay.it
127.0.0.1 ewebsearch.net
127.0.0.1 e-websitesolutions.com
127.0.0.1 ewizard.cc
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 excellentsckin.com
127.0.0.1 exeupdate.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exflow.org
127.0.0.1 www.exflow.org
127.0.0.1 exit.megago.com
127.0.0.1 expandvideo.com
127.0.0.1 www.expandvideo.com
127.0.0.1 exportplay.com
127.0.0.1 www.exportplay.com
127.0.0.1 extremepaidsurveys.com
127.0.0.1 www.extremepaidsurveys.com
127.0.0.1 extremeseek.net
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezcybersearch.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 ez-searching.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 f1.bestmanage.org
127.0.0.1 f1.truth-is-out-there.org
127.0.0.1 f1organizer.com
127.0.0.1 www.f1organizer.com
127.0.0.1 f2.bestmanage.org
127.0.0.1 f2.truth-is-out-there.org
127.0.0.1 f3.bestmanage.org
127.0.0.1 f3.truth-is-out-there.org
127.0.0.1 f4.bestmanage.org
127.0.0.1 f4.truth-is-out-there.org
127.0.0.1 f5.bestmanage.org
127.0.0.1 f5.truth-is-out-there.org
127.0.0.1 f6.bestmanage.org
127.0.0.1 f7.bestmanage.org
127.0.0.1 f7.truth-is-out-there.org
127.0.0.1 f8.bestmanage.org
127.0.0.1 f8.truth-is-out-there.org
127.0.0.1 f9.bestmanage.org
127.0.0.1 f9.truth-is-out-there.org
127.0.0.1 fairsearcher.com
127.0.0.1 www.fairsearcher.com
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmacept32.phpnet.us
127.0.0.1 farmsteadbandb.com
127.0.0.1 farse.com
127.0.0.1 fartpost.com
127.0.0.1 fastfreedownload.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 fastssearch.com
127.0.0.1 www.fastssearch.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fazzetta.it
127.0.0.1 www.fazzetta.it
127.0.0.1 fcorriere.it
127.0.0.1 www.fcorriere.it
127.0.0.1 featured-results.com
127.0.0.1 febay.it
127.0.0.1 www.febay.it
127.0.0.1 feed.dedsearch.com
127.0.0.1 feeds.2search.com
127.0.0.1 www.feeds.2search.com
127.0.0.1 feeds2.2search.org
127.0.0.1 www.feeds2.2search.org
127.0.0.1 ferraeri.it
127.0.0.1 www.ferraeri.it
127.0.0.1 ferrai.it
127.0.0.1 www.ferrai.it
127.0.0.1 ferrarei.it
127.0.0.1 www.ferrarei.it
127.0.0.1 ferrarti.it
127.0.0.1 www.ferrarti.it
127.0.0.1 ferrasri.it
127.0.0.1 www.ferrasri.it
127.0.0.1 ferratri.it
127.0.0.1 www.ferratri.it
127.0.0.1 ferreari.it
127.0.0.1 www.ferreari.it
127.0.0.1 ferrri.it
127.0.0.1 www.ferrri.it
127.0.0.1 ferrsari.it
127.0.0.1 www.ferrsari.it
127.0.0.1 ferrtari.it
127.0.0.1 www.ferrtari.it
127.0.0.1 fetrrari.it
127.0.0.1 www.fetrrari.it
127.0.0.1 fgazzetta.it
127.0.0.1 www.fgazzetta.it
127.0.0.1 fgoogle.it
127.0.0.1 www.fgoogle.it
127.0.0.1 fhg.panet.org
127.0.0.1 fhgate.com
127.0.0.1 www.fhgate.com
127.0.0.1 fickenisgeil.de
127.0.0.1 file.unionsms.net
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 filetretporn.com
127.0.0.1 www.filetretporn.com
127.0.0.1 Filtrodetrojan.com
127.0.0.1 www.Filtrodetrojan.com
127.0.0.1 finalfantasyactionfigures.com
127.0.0.1 www.finalfantasyactionfigures.com
127.0.0.1 finance-loans.com
127.0.0.1 find4u.net
127.0.0.1 find-52.com
127.0.0.1 www.find-52.com
127.0.0.1 findanyshow.org
127.0.0.1 www.findanyshow.org
127.0.0.1 find-find-777.net
127.0.0.1 www.find-find-777.net
127.0.0.1 find-itnow.com
127.0.0.1 findit-now.com
127.0.0.1 findloss.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 findwapsite.org
127.0.0.1 www.findwapsite.org
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 fined.biz
127.0.0.1 fine-search.net
127.0.0.1 fionasteel.com
127.0.0.1 firefoxdownload-now.com
127.0.0.1 www.firefoxdownload-now.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 firgilio.it
127.0.0.1 www.firgilio.it
127.0.0.1 firstbookmark.net
127.0.0.1 firstgoodsearch.com
127.0.0.1 www.firstgoodsearch.com
127.0.0.1 fitness-free.com
127.0.0.1 fixerantispy.com
127.0.0.1 www.fixerantispy.com
127.0.0.1 fjsynebcod.com
127.0.0.1 www.fjsynebcod.com
127.0.0.1 flashdollars.com
127.0.0.1 www.flashdollars.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 floorsovertexas.com
127.0.0.1 www.floorsovertexas.com
127.0.0.1 floproject.com
127.0.0.1 www.floproject.com
127.0.0.1 flrxtools.greatnuke.com
127.0.0.1 flrx-tools.net
127.0.0.1 www.flrx-tools.net
127.0.0.1 fn777.greatbahamas.com
127.0.0.1 www.fn777.greatbahamas.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 foxmin.com
127.0.0.1 www.foxmin.com
127.0.0.1 fp.gad-network.com
127.0.0.1 fr.drivecleaner.com
127.0.0.1 www.fr.drivecleaner.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 free-adobe-download-support.com
127.0.0.1 www.free-adobe-download-support.com
127.0.0.1 free-avg.org
127.0.0.1 www.free-avg.org
127.0.0.1 free-avg-download.com
127.0.0.1 www.free-avg-download.com
127.0.0.1 free-bearshares.com
127.0.0.1 www.free-bearshares.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecat.biz
127.0.0.1 www.freecat.biz
127.0.0.1 freecategories.com
127.0.0.1 free-chipes.com
127.0.0.1 freecj.com
127.0.0.1 freecoolhost.com
127.0.0.1 freedownloadhq.com
127.0.0.1 www.freedownloadhq.com
127.0.0.1 freedownloadpage.com
127.0.0.1 www.freedownloadpage.com
127.0.0.1 free-download-place.com
127.0.0.1 www.free-download-place.com
127.0.0.1 free-download-support.com
127.0.0.1 www.free-download-support.com
127.0.0.1 freedownloadzone.com
127.0.0.1 www.freedownloadzone.com
127.0.0.1 free-hit.com
127.0.0.1 freehqmovies.com
127.0.0.1 freeimageheaven.com
127.0.0.1 www.freeimageheaven.com
127.0.0.1 freemp3access.com
127.0.0.1 www.freemp3access.com
127.0.0.1 free-music-network.com
127.0.0.1 www.free-music-network.com
127.0.0.1 free-pics-and-movies.com
127.0.0.1 free-popup-killer.com
127.0.0.1 www.free-popup-killer.com
127.0.0.1 free-porn-movies.info
127.0.0.1 www.free-porn-movies.info
127.0.0.1 free-program-download.com
127.0.0.1 www.free-program-download.com
127.0.0.1 freerbhost.com
127.0.0.1 freescratchandwin.com
127.0.0.1 free-sex-movie-clips.net
127.0.0.1 freeshemalepics.net
127.0.0.1 free-software-center.com
127.0.0.1 www.free-software-center.com
127.0.0.1 free-spybot.com
127.0.0.1 www.free-spybot.com
127.0.0.1 freeunlimitedskype.com
127.0.0.1 www.freeunlimitedskype.com
127.0.0.1 freeyaho.com
127.0.0.1 fregat.drocherway.com
127.0.0.1 frepubblica.it
127.0.0.1 www.frepubblica.it
127.0.0.1 freshseek.com
127.0.0.1 freshteensite.com
127.0.0.1 fric.cn
127.0.0.1 frrari.it
127.0.0.1 www.frrari.it
127.0.0.1 frrrari.it
127.0.0.1 www.frrrari.it
127.0.0.1 ftiscali.it
127.0.0.1 www.ftiscali.it
127.0.0.1 ftrenitalia.it
127.0.0.1 www.ftrenitalia.it
127.0.0.1 ftuttogratis.it
127.0.0.1 www.ftuttogratis.it
127.0.0.1 full-search.net
127.0.0.1 fullsoftwaredownloadz.com
127.0.0.1 www.fullsoftwaredownloadz.com
127.0.0.1 full-tgp.net
127.0.0.1 funcodec.com
127.0.0.1 www.funcodec.com
127.0.0.1 funny-girls.com
127.0.0.1 funnysuperxxx.com
127.0.0.1 www.funnysuperxxx.com
127.0.0.1 fun-photo.com
127.0.0.1 www.fun-


Report Offensive Follow Up For Removal

Response Number 5
Name: jabuck
Date: November 11, 2007 at 12:41:21 Pacific
Reply: (edit)

Go to this link, VirusTotal copy the following files one at the time into the "upload and scan box", click submit then post the results.

C:\Archivos de programa\bit3.bat
C:\Archivos de programa\bit2.bat
C:\Archivos de programa\bit.bat
C:\Archivos de programa\inc1.bat
C:\Archivos de programa\sleep.bat
C:\Archivos de programa\temp3.exe.txt
C:\Archivos de programa\temp2.exe.txt
C:\Archivos de programa\temp1.exe.txt
C:\Archivos de programa\bit2.exe


Report Offensive Follow Up For Removal


Response Number 6
Name: viviter
Date: November 11, 2007 at 19:28:15 Pacific
Reply: (edit)

bit 3.bat

Motor antivirus Versión Última actualización Resultado
AhnLab-V3 2007.11.10.0 2007.11.09 -
AntiVir 7.6.0.34 2007.11.11 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.12 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.11 -
Ikarus T3.1.1.12 2007.11.12 -
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.11 -
Prevx1 V2 2007.11.12 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 -

BIT 2 . EXE

Motor antivirus Versión Última actualización Resultado
AhnLab-V3 2007.11.10.0 2007.11.09 Win-Trojan/Agent.116224.B
AntiVir 7.6.0.34 2007.11.11 TR/Spy.Suspect.DB
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 Adware Generic2.PPG
BitDefender 7.2 2007.11.12 Adware.Winad.CY
CAT-QuickHeal 9.00 2007.11.10 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 Suspicious File
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 Logger.Small.db
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 Adware_WinAd
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.12 -
Ikarus T3.1.1.12 2007.11.12 Backdoor.Win32.Ciadoor.13
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 W32/Ezula.EC
Panda 9.0.0.4 2007.11.11 Generic Malware
Rising 20.17.62.00 2007.11.11 Trojan.DL.Agent.xad
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 VIPRE.Suspicious
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 BackDoor.Pigeon.1604
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Spy.Suspect.DB
Información adicional
Tama�o archivo: 116224 bytes
MD5: b1898eee09fd0608116353b9810e87c9
SHA1: 590192e52c91776208553580c7d869f84a22863d
packers: PEBundle
packers: PEBundle, PEBundle
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

BIT.BAT

Motor antivirus Versión Última actualización Resultado
AhnLab-V3 2007.11.10.0 2007.11.12 -
AntiVir 7.6.0.34 2007.11.11 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.12 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.12 -
Ikarus T3.1.1.12 2007.11.12 -
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.11 -
Prevx1 V2 2007.11.12 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 -
Información adicional
Tama�o archivo: 61 bytes
MD5: e95097be077f4299af7f0c0e81754278
SHA1: 15e3165671dc9c2778ada406375e4a5f2be2515f


INC1.BAT

AhnLab-V3 2007.11.10.0 2007.11.12 -
AntiVir 7.6.0.34 2007.11.11 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.12 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.12 -
Ikarus T3.1.1.12 2007.11.12 -
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.11 -
Prevx1 V2 2007.11.12 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 -
Información adicional
Tama�o archivo: 54 bytes
MD5: 4327faf11e32458166ec2dd55850f8e0
SHA1: 55f30f1099ae3c7dd822188766d9a332ec03e5e2


SLEEP.BAT

AhnLab-V3 2007.11.10.0 2007.11.12 -
AntiVir 7.6.0.34 2007.11.11 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.12 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.12 -
Ikarus T3.1.1.12 2007.11.12 -
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.11 -
Prevx1 V2 2007.11.12 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 -
Información adicional
Tama�o archivo: 41 bytes
MD5: a98ea95e9a1da178e4612deef8c381af
SHA1: 46f278ec7706ff352573ab59a6460ab48fff8026


BIT2.BAT


Motor antivirus Versión Última actualización Resultado
AhnLab-V3 2007.11.10.0 2007.11.12 -
AntiVir 7.6.0.34 2007.11.11 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.12 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.12 -
Ikarus T3.1.1.12 2007.11.12 -
Kaspersky 7.0.0.125 2007.11.12 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.11 -
Prevx1 V2 2007.11.12 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.12 -
Información adicional
Tama�o archivo: 61 bytes
MD5: 516a770793278969b63a7c6da61c49c8
SHA1: b7b385c2d6a686b78fce0f23056aa1d607abb694


TEMP1.EXE.TXT/TEMP2.EXE.TXT AND TEMP3.EXE.TXT
Told me 0 bytes size received for your are sending an empty file


thank you so much for this


Report Offensive Follow Up For Removal

Response Number 7
Name: jabuck
Date: November 11, 2007 at 19:41:49 Pacific
Reply: (edit)

Open Notepad and copy/paste everything between the X"s into it and make sure "File::" is at the very top of the page.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
File::
C:\Archivos de programa\bit2.exe

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red X on your desktop) if combofix does not auto start click "run".

Please download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ We will need it later in safe mode

Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Next, please reboot your computer in Safe Mode by doing the following :

Restart your computer

After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;

Instead of Windows loading as normal, a menu with options should appear;

Select the first option, to run Windows in Safe Mode, then press "Enter".

Choose your usual account.

Run ATF-Cleaner from safe mode.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Is the computer operating better?



Report Offensive Follow Up For Removal

Response Number 8
Name: viviter
Date: November 12, 2007 at 21:15:01 Pacific
Reply: (edit)

Yes it is, and thank you very much but here's the deal, the real problem hasn't been solved.
I edit lot's of videos in my apple, but here at home I edit some for fun in windows movie maker, since the day i downloaded that harmfull "CODEC" the software, or even nero burning rom doesn't recognize any video files, to make a dvd or to import to any video softwares, they play in media player but I can't do anything with them, all the softwares tell me the files is not recognized, or that the file is damged and it's not true, it's the first time that happens to me and it was right after I downloaded that codec, even the vidos I capture from my videocamera aren't accepted, and tHE other thing is that My antivirus NOD32 always updated itself and right after this problem with the CODEC it tells me every 10 minutes that the software failed in some operation I dunno "IT DETECTED A PROBLEM AND WILL SHUT DOWN" and it's the update cause when i try to update it it says the same and aborts the UPDATE. What can i do :(


Report Offensive Follow Up For Removal

Response Number 9
Name: viviter
Date: November 12, 2007 at 21:16:25 Pacific
Reply: (edit)

OH AND also I own a Creative ZEN VISIOn, it is like an ipod but better, and now I can't tranfer any video files from my pc to the CREATIVE


Report Offensive Follow Up For Removal

Response Number 10
Name: jabuck
Date: November 13, 2007 at 16:08:59 Pacific
Reply: (edit)

Post a new Smitfraudfix option #1 log.

Run Hijack This> click "open the misc. tool section"> click "open uninstall manager"> click "save list"> click "save"> click "yes"> post that log please.

Please download SilentRunners from this link http://www.silentrunners.org/Silent%20Runners.zip. Unzip it to the desktop and double-click on it. If you get any kind of warning message about scripts, please choose to allow the script to run. When the scan is finished, it will create a logfile on the desktop. Please post the entire contents of this logfile in a reply to this post.


Report Offensive Follow Up For Removal

Response Number 11
Name: viviter
Date: November 13, 2007 at 17:23:58 Pacific
Reply: (edit)

OK HERE IT GOES


SmitFraudFix v2.252

Scan done at 21:19:15,84, 13/11/2007
Run from C:\Documents and Settings\SALVADOR1\Escritorio\ANTIVIRUSES\SmitfraudFix
OS: Microsoft Windows XP [Versión 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\Eset\nod32kui.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Archivos de programa\Nero\Nero 7\InCD\InCDsrv.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Archivos de programa\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Archivos de programa\Analog Devices\SoundMAX\Smax4.exe
C:\Archivos de programa\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Archivos de programa\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Archivos de programa\Nero\Nero 7\InCD\InCD.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Java\jre1.6.0_03\bin\jusched.exe
C:\ARCHIV~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe
C:\Archivos de programa\BitLord\BitLord.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Archivos de programa\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Archivos de programa\Internet Explorer\iexplore.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\ARCHIV~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»