Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

4000+ unwanted "hostess" domains/trojans


  • Please log in to reply

#1
Alan1960

Alan1960

    Member

  • Member
  • PipPip
  • 14 posts
Hi, my daughter accidently spelled a website wrong and got some nasty pictures and pop ups on our computer. When I visit certain websites, my name and town comes up ("ie: alan get laid in Coventry" as soon as I get on the site. I looked in the registry and found over 4000 domains with gambling, [bleep] etc on it from various countries, mostly Italy. I ran a high jack this log. Hopefully someone can help me. My computer is beyond slow. Any antivirus or trojan removers come up with nothing. Thanks for any help. Here is the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:28, on 8/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\PROGRA~1\VCOM\SYSTEM~1\mxtask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60327
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,[email protected]
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec....ta/nprdtinf.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1170180881718
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O23 - Service: McAfee Application Installer Cleanup (0263311218871818) (0263311218871818mcinstcleanup) - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\026331~1.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SystemSuite Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7651 bytes
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello Alan1960

Welcome to G2Go. :)
=====================

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

  • 0

#3
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Thanks for looking at my problem. Here's the Deckards results:
eckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Sempron™ Processor 3100+
Percentage of Memory in Use: 70%
Physical Memory (total/avail): 447.48 MiB / 132.24 MiB
Pagefile Memory (total/avail): 670.6 MiB / 275.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1943.46 MiB

C: is Fixed (NTFS) - 37.26 GiB total, 32.52 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
G: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST340015A - 37.27 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.26 GiB - C:

\\.\PHYSICALDRIVE1 - Lexmark USB Mass Storage USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe:*:Enabled:BearShare"
"C:\\SRN Micro\\SOLOCFG.EXE"="C:\\SRN Micro\\SOLOCFG.EXE:*:Enabled:Solo Scheduler"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ALAN-8CE98F298D
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\ALAN-8CE98F298D
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 44 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2c00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=ALAN-8CE98F298D
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acrobat.com --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com --> MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
C-Media WDM Audio Driver --> C:\WINDOWS\system32\cmirmdrv.exe
Corel WordPerfect Suite 8 --> C:\Corel\Suite8\AppMan\Setup\REMOVELAUNCHER.EXE
EVEREST Home Edition v1.10 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel RSX 3D --> C:\WINDOWS\system32\rsxunins.exe
iTunes --> MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
Java™ 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lexmark 4300 Series --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxceUNST.EXE -NOLICENSE
Lexmark Fax Solutions --> C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Owner\Application Data\Move Networks\ie_bin\Uninst.exe
Nero 8 Trial --> MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
RegScrubXP 3.25 --> "C:\Program Files\RegScrubXP\unins000.exe"
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
StarCodec --> "C:\Program Files\StarCodec\Uninstall.exe"
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
VCOM SystemSuite 5 --> MsiExec.exe /I{B74BF9E1-63E3-4A19-88EA-5DE77ED34748}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
XP Codec Pack --> C:\Program Files\XP Codec Pack\Uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type9910 / Warning
Event Submitted/Written: 08/15/2008 08:30:39 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{00000409-78E1-11D2-B60F-006097C998E7}', feature 'OutlookOMI' failed during request for component '{6485D250-C2AC-11D1-AD3E-00A0C911C9C0}'

Event Record #/Type9909 / Warning
Event Submitted/Written: 08/15/2008 08:30:39 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{00000409-78E1-11D2-B60F-006097C998E7}', feature 'OutlookMessaging', component '{6485D260-C2AC-11D1-AD3E-00A0C911C9C0}' failed. The resource 'C:\Program Files\Common Files\System\Mapi\1033\NT\MAPISVC.INF' does not exist.

Event Record #/Type9908 / Warning
Event Submitted/Written: 08/15/2008 08:30:39 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{00000409-78E1-11D2-B60F-006097C998E7}', feature 'OutlookMessaging', component '{6485D260-C2AC-11D1-AD3E-00A0C911C9C0}' failed. The resource 'C:\Program Files\Common Files\System\Mapi\1033\NT\MAPISVC.INF' does not exist.

Event Record #/Type9906 / Warning
Event Submitted/Written: 08/15/2008 08:30:39 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{00000409-78E1-11D2-B60F-006097C998E7}', feature 'OutlookOMI' failed during request for component '{6485D250-C2AC-11D1-AD3E-00A0C911C9C0}'

Event Record #/Type9905 / Warning
Event Submitted/Written: 08/15/2008 08:30:39 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{00000409-78E1-11D2-B60F-006097C998E7}', feature 'OutlookMessaging', component '{6485D260-C2AC-11D1-AD3E-00A0C911C9C0}' failed. The resource 'C:\Program Files\Common Files\System\Mapi\1033\NT\MAPISVC.INF' does not exist.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type80247 / Error
Event Submitted/Written: 08/16/2008 09:54:35 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register with DCOM within the required timeout.

Event Record #/Type80217 / Error
Event Submitted/Written: 08/16/2008 08:35:31 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register with DCOM within the required timeout.

Event Record #/Type80213 / Error
Event Submitted/Written: 08/16/2008 08:33:38 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type80212 / Error
Event Submitted/Written: 08/16/2008 08:33:30 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Event Record #/Type80211 / Error
Event Submitted/Written: 08/16/2008 08:33:04 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}



-- End of Deckard's System Scanner: finished at 2008-08-16 13:02:45 ------------
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi can you post the main.txt please.
It can be found here > C:\Deckard\System scanner\main.txt.
  • 0

#5
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Heres the other:
Deckard's System Scanner v20071014.68
Run by Owner on 2008-08-16 13:01:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 2 Restore Point(s) --
2: 2008-08-16 17:01:16 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2008-08-16 09:12:18 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:02:04, on 8/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\PROGRA~1\VCOM\SYSTEM~1\mxtask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60327
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,[email protected]
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec....ta/nprdtinf.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1170180881718
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O23 - Service: McAfee Application Installer Cleanup (0263311218871818) (0263311218871818mcinstcleanup) - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\026331~1.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SystemSuite Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\SYSTEM~1\MXTask.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7684 bytes

-- File Associations -----------------------------------------------------------

.js - jsfile - DefaultIcon - c:\Corel\Suite8\Programs\CCWin\Cscape.exe ,1
.js - jsfile - shell\open\command - c:\Corel\Suite8\Programs\CCWin\Cscape.exe
.scr - scrfile - shell\open\command - "%1" %*
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\CScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 SystemSuite Task Manager - c:\progra~1\vcom\system~1\mxtask.exe -service <Not Verified; V Communications, Inc.; >
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 0263311218871818mcinstcleanup (McAfee Application Installer Cleanup (0263311218871818)) - c:\docume~1\owner\locals~1\temp\026331~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-08-16 01:36:12 340 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-08-16 01:36:11 332 --a------ C:\WINDOWS\Tasks\McQcTask.job


-- Files created between 2008-07-16 and 2008-08-16 -----------------------------

2008-08-16 11:33:01 0 d-------- C:\Program Files\Trend Micro
2008-08-16 11:19:31 0 d-------- C:\Program Files\Lavalys
2008-08-16 04:59:40 3632 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-16 04:49:17 0 d-------- C:\!KillBox
2008-08-16 03:36:12 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-08-16 03:35:58 0 d-------- C:\Program Files\SiteAdvisor
2008-08-16 03:35:57 0 d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor
2008-08-16 03:35:57 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-08-16 01:35:55 0 d-------- C:\Program Files\McAfee.com
2008-08-16 01:35:46 0 d-------- C:\Program Files\Common Files\McAfee
2008-08-16 01:35:35 0 d-------- C:\Program Files\McAfee
2008-08-16 00:57:33 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-08-16 00:40:16 0 d-------- C:\SRN Micro
2008-08-16 00:27:13 0 d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-08-15 23:53:31 0 d-------- C:\Program Files\Enigma Software Group
2008-08-15 22:05:21 0 d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-08-13 20:37:44 164 --a------ C:\install.dat
2008-08-03 20:44:19 0 d-------- C:\Documents and Settings\Owner\Application Data\Nero
2008-08-03 20:39:44 0 d-------- C:\Program Files\Nero
2008-08-03 20:39:43 0 d-------- C:\Program Files\Common Files\Nero
2008-08-03 20:39:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-02 12:17:41 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-02 12:17:34 0 d-------- C:\Program Files\SpywareBlaster
2008-07-22 20:57:31 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-07-22 20:53:09 0 d-------- C:\Program Files\NOS
2008-07-22 20:53:09 0 d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-19 12:43:51 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-07-16 22:12:29 0 d-------- C:\Program Files\Windows Live Safety Center


-- Find3M Report ---------------------------------------------------------------

2008-08-16 09:54:41 0 d-------- C:\Program Files\Lx_cats
2008-08-16 03:01:37 0 d-------- C:\Program Files\Messenger
2008-08-16 01:35:46 0 d-------- C:\Program Files\Common Files
2008-08-16 01:32:46 0 d-------- C:\Program Files\RegScrubXP
2008-08-16 01:05:22 0 --a------ C:\AUTOEXEC.BAT
2008-08-06 16:58:56 157 --a------ C:\Documents and Settings\Owner\Application Data\default.pls
2008-07-26 22:27:03 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-07-25 23:30:20 0 d-------- C:\Program Files\Java
2008-07-25 23:10:57 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-07-22 20:56:45 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-16 22:38:42 0 d-------- C:\Program Files\Alwil Software
2008-07-12 12:49:07 0 d-------- C:\Program Files\StarCodec
2008-06-20 21:29:52 0 d-------- C:\Documents and Settings\Owner\Application Data\dvdcss


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
06/11/2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTrayp"="VTtrayp.exe" [05/13/2005 00:57 C:\WINDOWS\system32\VTTrayp.exe]
"VTTimer"="VTTimer.exe" [05/13/2005 00:57 C:\WINDOWS\system32\VTTimer.exe]
"Cmaudio"="cmicnfg.cpl" []
"SoundMan"="SOUNDMAN.EXE" [06/07/2005 20:31 C:\WINDOWS\SOUNDMAN.EXE]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [03/22/2005 13:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [02/15/2005 06:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [03/16/2005 05:10]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 23:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/16/2007 10:54]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/14/2007 19:05]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [06/19/2008 09:53]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [06/08/2008 09:31]
"LXCECATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [03/22/2005 06:45]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 19:12]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [08/24/2007 17:57]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [11/30/2007 05:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 08:00]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [06/24/2008 16:06]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8938 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-08-16 13:02:45 ------------
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please download DAFT and save it to your desktop:
  • Double-click the daft.exe icon.
  • Click on the Scan button.
  • Select everything it is displaying there
  • Click the Fix button.
  • Then rescan with DAFT again - it should say now that "All associations are OK"
  • Close DAFT if you receive that message. This means that it is fixed now.
=============
Download GMER from Here :
Unzip it to the desktop.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.
  • 0

#7
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-08-16 13:42:31
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xF58429AA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateKey [0xF5842A41]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0xF5842958]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0xF584296C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteKey [0xF5842A55]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xF5842A81]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateKey [0xF5842AEF]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateValueKey [0xF5842AD9]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xF58429EA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0xF5842B1B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenKey [0xF5842A2D]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xF5842930]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xF5842944]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xF58429BE]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryKey [0xF5842B57]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryMultipleValueKey [0xF5842AC3]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryValueKey [0xF5842AAD]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRenameKey [0xF5842A6B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0xF5842B43]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0xF5842B2F]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0xF5842996]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0xF5842982]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetValueKey [0xF5842A97]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0xF5842A19]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnloadKey [0xF5842B05]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xF5842A00]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xF58429D4]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Kernel code sections - GMER 1.0.14 ----

.text ntkrnlpa.exe!ZwYieldExecution 8050189C 7 Bytes JMP F58429D8 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtCreateFile 8056D3CA 2 Bytes JMP F58429AE \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtCreateFile + 3 8056D3CD 2 Bytes [ 2D, 75 ]
PAGE ntkrnlpa.exe!NtMapViewOfSection 805A6206 7 Bytes JMP F58429EE \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwUnmapViewOfSection 805A701C 5 Bytes JMP F5842A04 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwProtectVirtualMemory 805AC78E 7 Bytes JMP F58429C2 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenProcess 805BFE1E 5 Bytes JMP F5842934 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenThread 805C00AA 5 Bytes JMP F5842948 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtSetInformationProcess 805C28DC 5 Bytes JMP F5842986 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C5ED8 7 Bytes JMP F5842970 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcess 805C5F8E 5 Bytes JMP F584295C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwSetContextThread 805C64B0 5 Bytes JMP F584299A \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwTerminateProcess 805C776C 5 Bytes JMP F5842A1D \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwQueryValueKey 80616F40 7 Bytes JMP F5842AB1 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwRestoreKey 8061728E 5 Bytes JMP F5842B33 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwSetValueKey 80617546 7 Bytes JMP F5842A9B \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwUnloadKey 8061780E 7 Bytes JMP F5842B09 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwQueryMultipleValueKey 80618054 7 Bytes JMP F5842AC7 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwRenameKey 806188AC 7 Bytes JMP F5842A6F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateKey 80618E86 5 Bytes JMP F5842A45 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwDeleteKey 80619316 7 Bytes JMP F5842A59 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwDeleteValueKey 806194E6 7 Bytes JMP F5842A85 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwEnumerateKey 806196C6 7 Bytes JMP F5842AF3 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwEnumerateValueKey 80619930 7 Bytes JMP F5842ADD \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwOpenKey 8061A21C 5 Bytes JMP F5842A31 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwQueryKey 8061A540 7 Bytes JMP F5842B5B \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwReplaceKey 8061AA66 5 Bytes JMP F5842B47 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwNotifyChangeKey 8061AB80 5 Bytes JMP F5842B1F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 01160000
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 01160F9E
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 01160FAF
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 01160089
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 0116006C
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01160047
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 01160F5C
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 011600AE
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 01160F29
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 01160F3A
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 011600DD
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 01160FCA
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 0116001B
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 01160F8D
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 01160036
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 01160FE5
.text C:\WINDOWS\system32\services.exe[552] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 01160F4B
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00980FB9
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00980F72
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00980FCA
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00980000
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00980F8D
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00980025
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00980FEF
.text C:\WINDOWS\system32\services.exe[552] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00980FA8
.text C:\WINDOWS\system32\services.exe[552] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 00950000
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00C70000
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00C70F4B
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00C70F5C
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00C70040
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00C70F83
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00C70FAF
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00C70F09
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00C70F24
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00C70080
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00C70EDD
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00C70091
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00C70F94
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00C70FE5
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00C70051
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00C70FC0
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00C7001B
.text C:\WINDOWS\system32\lsass.exe[564] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00C70EF8
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00C60FCD
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00C60054
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00C60FDE
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00C60FEF
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00C60FA1
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00C60043
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00C60000
.text C:\WINDOWS\system32\lsass.exe[564] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00C60FB2
.text C:\WINDOWS\system32\lsass.exe[564] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 00C40000
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[680] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 0041C340 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[680] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 0041C3C0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00AF0000
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00AF0F97
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00AF008C
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00AF0071
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00AF004A
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00AF002F
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00AF0F72
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00AF00C4
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00AF00F0
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00AF00DF
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00AF010B
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00AF0FA8
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00AF0FDB
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00AF00A7
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00AF0FB9
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00AF0FCA
.text C:\WINDOWS\system32\svchost.exe[720] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00AF0F61
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00AE001B
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00AE0F9B
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00AE0FD4
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00AE000A
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00AE004E
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00AE003D
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00AE0FEF
.text C:\WINDOWS\system32\svchost.exe[720] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00AE002C
.text C:\WINDOWS\system32\svchost.exe[720] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 00AA000A
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00CE0FE5
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00CE0064
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00CE0049
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00CE0038
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00CE0F6F
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00CE0F94
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00CE007F
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00CE0F43
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00CE0F01
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00CE0F12
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00CE00B5
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00CE001B
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00CE0FCA
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00CE0F54
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00CE0FAF
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00CE0000
.text C:\WINDOWS\system32\svchost.exe[768] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00CE0090
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00CD0051
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00CD0F8A
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00CD0040
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00CD0025
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00CD0FA5
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00CD0FC0
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00CD0000
.text C:\WINDOWS\system32\svchost.exe[768] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00CD0FDB
.text C:\WINDOWS\system32\svchost.exe[768] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 00CB0FE5
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 01740000
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 01740067
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 01740F7C
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 01740056
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 01740F8D
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01740FAF
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 01740093
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 01740078
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 01740F30
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 017400BF
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 01740F1F
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 01740F9E
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 01740FEF
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 01740F57
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 01740FCA
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 01740025
.text C:\WINDOWS\System32\svchost.exe[832] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 017400AE
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 011B0FA8
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 011B0F6B
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 011B0FC3
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 011B0FDE
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 011B0F86
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 011B0028
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 011B0FEF
.text C:\WINDOWS\System32\svchost.exe[832] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 011B0F97
.text C:\WINDOWS\System32\svchost.exe[832] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 01190FEF
.text C:\WINDOWS\System32\svchost.exe[832] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 011C0000
.text C:\WINDOWS\System32\svchost.exe[832] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 011C001B
.text C:\WINDOWS\System32\svchost.exe[832] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 011C0FDB
.text C:\WINDOWS\System32\svchost.exe[832] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 011C0036
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 0087000A
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00870089
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00870F94
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00870FAF
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 0087006C
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 0087004A
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00870F57
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00870F68
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00870F10
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00870F2B
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 008700C4
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 0087005B
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 0087001B
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00870F79
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00870FD4
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00870FE5
.text C:\WINDOWS\system32\svchost.exe[888] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00870F46
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00860FB9
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00860F68
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00860FD4
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00860FEF
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00860025
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00860F8D
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 0086000A
.text C:\WINDOWS\system32\svchost.exe[888] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00860FA8
.text C:\WINDOWS\system32\svchost.exe[888] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 007B0000
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00A50FEF
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00A50F6B
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00A50F7C
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00A5004A
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00A50F8D
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00A5001B
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00A50F2E
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00A50F3F
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00A50EF1
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00A50F0C
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00A50ED6
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00A50F9E
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00A5000A
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00A50F50
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00A50FAF
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00A50FD4
.text C:\WINDOWS\system32\svchost.exe[1008] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00A50F1D
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 007F0036
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 007F005B
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 007F0FE5
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 007F0025
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 007F0FA8
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 007F0FB9
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 007F0000
.text C:\WINDOWS\system32\svchost.exe[1008] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 007F0FD4
.text C:\WINDOWS\system32\svchost.exe[1008] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 007D000A
.text C:\WINDOWS\system32\svchost.exe[1008] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00800FE5
.text C:\WINDOWS\system32\svchost.exe[1008] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00800000
.text C:\WINDOWS\system32\svchost.exe[1008] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00800FCA
.text C:\WINDOWS\system32\svchost.exe[1008] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 00800025
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 01E60FE5
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 01E60F5F
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 01E60F70
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 01E60F81
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 01E6004A
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 01E60039
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 01E60083
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 01E60F31
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 01E60094
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 01E60F05
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 01E60EE0
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 01E60FB2
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 01E6000A
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 01E60F4E
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 01E60FC3
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 01E60FD4
.text C:\WINDOWS\Explorer.EXE[1316] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 01E60F16
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 01770036
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 01770F8A
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 01770025
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 01770FEF
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 01770FA5
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 01770047
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 0177000A
.text C:\WINDOWS\Explorer.EXE[1316] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 01770FC0
.text C:\WINDOWS\Explorer.EXE[1316] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 018E0FE5
.text C:\WINDOWS\Explorer.EXE[1316] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 018E000A
.text C:\WINDOWS\Explorer.EXE[1316] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 018E0FCA
.text C:\WINDOWS\Explorer.EXE[1316] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 018E0025
.text C:\WINDOWS\Explorer.EXE[1316] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 01470000
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00E70000
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00E7006C
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00E70F77
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00E70051
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00E70F9E
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00E70036
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 00E70087
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00E70F3F
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 00E70F02
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00E70F13
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00E70EF1
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00E70FAF
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00E7001B
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00E70F5C
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 00E70FCA
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 00E70FE5
.text C:\Program Files\Messenger\msmsgs.exe[1676] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00E70F24
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00E50022
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 00E50047
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00E50011
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00E50FDB
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00E50F8A
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00E50F9B
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00E50000
.text C:\Program Files\Messenger\msmsgs.exe[1676] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00E50FC0
.text C:\Program Files\Messenger\msmsgs.exe[1676] WS2_32.dll!socket 71AB3B91 5 Bytes JMP 00E30000
.text C:\Program Files\Messenger\msmsgs.exe[1676] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00E60FE5
.text C:\Program Files\Messenger\msmsgs.exe[1676] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00E60000
.text C:\Program Files\Messenger\msmsgs.exe[1676] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00E60011
.text C:\Program Files\Messenger\msmsgs.exe[1676] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 00E60022
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 001A0000
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001A0F9C
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 001A0FB7
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 001A0FC8
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 001A0091
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 001A005B
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 001A0F5D
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 001A0F6E
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001A0F16
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 001A0F31
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 001A00CA
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 001A0080
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 001A0025
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 001A0F8B
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 001A0FEF
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 001A0040
.text C:\WINDOWS\system32\svchost.exe[2228] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 001A0F42
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 0028001B
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 0028005B
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00280000
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00280FD4
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00280F9E
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00280FAF
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00280FE5
.text C:\WINDOWS\system32\svchost.exe[2228] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 0028002C
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateFileA 7C801A24 5 Bytes JMP 00260000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 00260073
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00260062
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00260F94
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!LoadLibraryExA 7C801D4F 5 Bytes JMP 00260FA5
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00260FC0
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!GetStartupInfoW 7C801E50 5 Bytes JMP 002600B5
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes JMP 00260F6D
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 002600E4
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00260F41
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes JMP 00260F26
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!LoadLibraryW 7C80AE4B 5 Bytes JMP 00260047
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateFileW 7C810760 5 Bytes JMP 00260FE5
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes JMP 00260098
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateNamedPipeW 7C82F0D4 5 Bytes JMP 0026002C
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!CreateNamedPipeA 7C85FC74 5 Bytes JMP 0026001B
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] kernel32.dll!WinExec 7C86136D 5 Bytes JMP 00260F52
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegOpenKeyExW 77DD6A78 5 Bytes JMP 00340FA5
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegCreateKeyExW 77DD7535 5 Bytes JMP 0034002C
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegOpenKeyExA 77DD761B 5 Bytes JMP 00340FC0
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegOpenKeyW 77DD770F 5 Bytes JMP 00340FE5
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegCreateKeyExA 77DDEAF4 5 Bytes JMP 00340F6F
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegCreateKeyW 77DF8F7D 5 Bytes JMP 00340011
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegOpenKeyA 77DFC41B 5 Bytes JMP 00340000
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] ADVAPI32.dll!RegCreateKeyA 77DFD5BB 5 Bytes JMP 00340F94
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 42F0F301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 430A1667 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 430A15E8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 430A162C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 430A1574 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 430A15AE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 430A16A2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 42F316B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01460FEF
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01460FCA
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3224] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 0146
  • 0

#8
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
  • 0

#9
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
alwarebytes' Anti-Malware 1.24
Database version: 1058
Windows 5.1.2600 Service Pack 2

1:57:51 PM 8/16/2008
mbam-log-8-16-2008 (13-57-51).txt

Scan type: Quick Scan
Objects scanned: 43729
Time elapsed: 6 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#10
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi are you still getting popups?
I really can't see anything at this point.
  • 0

Advertisements


#11
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
No, computer is still slow. I usually look at "mycrazyvideos.com" that's where I usually get them but I don't want to go to that site anymore in case that's where some of this crap came from. what do you think?
  • 0

#12
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I just check the "hosts domains in my registry, you can see all the crap on it. If I try to delete it, it just returns.
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.139mm.com
127.0.0.1 139mm.com
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180solutions.com
127.0.0.1 180solutions.com
127.0.0.1 www.181.365soft.info
127.0.0.1 181.365soft.info
127.0.0.1 www.1987324.com
127.0.0.1 1987324.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-extreme.biz
127.0.0.1 1-extreme.biz
127.0.0.1 www.1sexparty.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 www.2006ooo.com
127.0.0.1 2006ooo.com
127.0.0.1 www.2007-download.com
127.0.0.1 2007-download.com
127.0.0.1 www.2020search.com
127.0.0.1 2020search.com
127.0.0.1 20x2p.com
127.0.0.1 www.24.365soft.info
127.0.0.1 24.365soft.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24teen.com
127.0.0.1 24teen.com
127.0.0.1 www.2every.net
127.0.0.1 2every.net
127.0.0.1 2ndpower.com
127.0.0.1 www.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2squared.com
127.0.0.1 2squared.com
127.0.0.1 www.3322.org
127.0.0.1 3322.org
127.0.0.1 365soft.info
127.0.0.1 www.36site.com
127.0.0.1 36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 3abetterinternet.com
127.0.0.1 www.3bay.it
127.0.0.1 3bay.it
127.0.0.1 www.3ebay.it
127.0.0.1 3ebay.it
127.0.0.1 www.3xclipsonline.com
127.0.0.1 3xclipsonline.com
127.0.0.1 www.3xcurves.com
127.0.0.1 3xcurves.com
127.0.0.1 www.3xfestival.com
127.0.0.1 3xfestival.com
127.0.0.1 www.3x-festival.com
127.0.0.1 3x-festival.com
127.0.0.1 www.3x-galls.com
127.0.0.1 3x-galls.com
127.0.0.1 www.3xmiracle.com
127.0.0.1 3xmiracle.com
127.0.0.1 www.3xmoviesblog.com
127.0.0.1 3xmoviesblog.com
127.0.0.1 www.404dns.com
127.0.0.1 404dns.com
127.0.0.1 www.4199.com
127.0.0.1 4199.com
127.0.0.1 www.4corn.net
127.0.0.1 4corn.net
127.0.0.1 www.4ebay.it
127.0.0.1 4ebay.it
127.0.0.1 4klm.com
127.0.0.1 www.4mpg.com
127.0.0.1 4mpg.com
127.0.0.1 www.4repubblica.it
127.0.0.1 4repubblica.it
127.0.0.1 www.4softget.com
127.0.0.1 4softget.com
127.0.0.1 www.59cn.cn
127.0.0.1 59cn.cn
127.0.0.1 www.5iscali.it
127.0.0.1 5iscali.it
127.0.0.1 www.5repubblica.it
127.0.0.1 5repubblica.it
127.0.0.1 www.5starvideos.com
127.0.0.1 5starvideos.com
127.0.0.1 www.5tiscali.it
127.0.0.1 5tiscali.it
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.680180.net
127.0.0.1 680180.net
127.0.0.1 www.6iscali.it
127.0.0.1 6iscali.it
127.0.0.1 www.6njaga.com
127.0.0.1 6njaga.com
127.0.0.1 www.6sek.com
127.0.0.1 6sek.com
127.0.0.1 www.6tiscali.it
127.0.0.1 6tiscali.it
127.0.0.1 www.70-music.com
127.0.0.1 70-music.com
127.0.0.1 www.7322.com
127.0.0.1 7322.com
127.0.0.1 www.745970.com
127.0.0.1 745970.com
127.0.0.1 75tz.com
127.0.0.1 www.777search.com
127.0.0.1 777search.com
127.0.0.1 www.777top.com
127.0.0.1 777top.com
127.0.0.1 www.7939.com
127.0.0.1 7939.com
127.0.0.1 www.7search.com
127.0.0.1 7search.com
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 www.80-music.com
127.0.0.1 80-music.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 www.88vcd.com
127.0.0.1 88vcd.com
127.0.0.1 www.8ad.com
127.0.0.1 8ad.com
127.0.0.1 www.90-music.com
127.0.0.1 90-music.com
127.0.0.1 www.9505.com
127.0.0.1 9505.com
127.0.0.1 www.971searchbox.com
127.0.0.1 971searchbox.com
127.0.0.1 9mmporn.com
127.0.0.1 a.bestmanage.org
127.0.0.1 www.aaabesthomepage.com
127.0.0.1 aaabesthomepage.com
127.0.0.1 aaasexypics.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaqadarsztriv.com
127.0.0.1 aaqadarsztriv.com
127.0.0.1 www.aaqada-rsztriv.com
127.0.0.1 aaqada-rsztriv.com
127.0.0.1 www.aaqadaueorn.com
127.0.0.1 aaqadaueorn.com
127.0.0.1 www.aaqada-ueorn.com
127.0.0.1 aaqada-ueorn.com
127.0.0.1 www.aaqada-ygco.com
127.0.0.1 aaqada-ygco.com
127.0.0.1 www.aaqada-ymct.com
127.0.0.1 aaqada-ymct.com
127.0.0.1 www.aav2008.com
127.0.0.1 aav2008.com
127.0.0.1 aavc.com
127.0.0.1 www.abccodec.com
127.0.0.1 abccodec.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 abcdperformance.com
127.0.0.1 www.abc-find.info
127.0.0.1 abc-find.info
127.0.0.1 www.abcsearch.com
127.0.0.1 abcsearch.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abetterinternet.com
127.0.0.1 www.abnetsoft.info
127.0.0.1 abnetsoft.info
127.0.0.1 www.about-adult.net
127.0.0.1 about-adult.net
127.0.0.1 www.aboutclicker.com
127.0.0.1 aboutclicker.com
127.0.0.1 www.abrp.net
127.0.0.1 abrp.net
127.0.0.1 www.absolutee.com
127.0.0.1 absolutee.com
127.0.0.1 www.abyssmedia.com
127.0.0.1 abyssmedia.com
127.0.0.1 www.ac66.cn
127.0.0.1 ac66.cn
127.0.0.1 access.navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessactivexvideo.com
127.0.0.1 www.accessclips.com
127.0.0.1 accessclips.com
127.0.0.1 www.access-dvd.com
127.0.0.1 access-dvd.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessvid.net
127.0.0.1 accessvid.net
127.0.0.1 www.acemedic.com
127.0.0.1 acemedic.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-center.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-stop.com
127.0.0.1 acrobat-stop.com
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.activesearcher.info
127.0.0.1 activesearcher.info
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatool.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexsource.com
127.0.0.1 www.activexupdate.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideo.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.mokead.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 www.ad25.com
127.0.0.1 ad25.com
127.0.0.1 www.ad45.com
127.0.0.1 ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 ad86.com
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adarmor.com
127.0.0.1 adarmor.com
127.0.0.1 www.adasearch.com
127.0.0.1 adasearch.com
127.0.0.1 adaware.cc
127.0.0.1 www.adawarenow.com
127.0.0.1 adawarenow.com
127.0.0.1 adchannel.contextplus.net
127.0.0.1 www.addetect.com
127.0.0.1 addetect.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addioerrori.com
127.0.0.1 addioerrori.com
127.0.0.1 www.add-manager.com
127.0.0.1 add-manager.com
127.0.0.1 www.adgate.info
127.0.0.1 adgate.info
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 www.adioserrores.com
127.0.0.1 adioserrores.com
127.0.0.1 www.adipics.com
127.0.0.1 adipics.com
127.0.0.1 www.adlogix.com
127.0.0.1 adlogix.com
127.0.0.1 www.admin2cash.biz
127.0.0.1 admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 www.adnetserver.com
127.0.0.1 adnetserver.com
127.0.0.1 adobe-download-now.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adprotect.com
127.0.0.1 adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.kw.revenue.net
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads1.revenue.net
127.0.0.1 www.ads183.com
127.0.0.1 ads183.com
127.0.0.1 www.adscontex.com
127.0.0.1 adscontex.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 adservs.com
127.0.0.1 www.adsextend.net
127.0.0.1 adsextend.net
127.0.0.1 www.adshttp.com
127.0.0.1 adshttp.com
127.0.0.1 www.adsniffer.com
127.0.0.1 adsniffer.com
127.0.0.1 www.adsonwww.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adspics.com
127.0.0.1 adspics.com
127.0.0.1 www.adsrevenue.net
127.0.0.1 adsrevenue.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 www.adult18codec.com
127.0.0.1 adult18codec.com
127.0.0.1 www.adult777search.info
127.0.0.1 adult777search.info
127.0.0.1 www.adultan.com
127.0.0.1 adultan.com
127.0.0.1 www.adultcodec-2008.com
127.0.0.1 adultcodec-2008.com
127.0.0.1 www.adultcodecstars.com
127.0.0.1 adultcodecstars.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adultmovieplus.com
127.0.0.1 www.adult-mpg.net
127.0.0.1 adult-mpg.net
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 www.adultsonlyvids.com
127.0.0.1 adultsonlyvids.com
127.0.0.1 www.adultsper.com
127.0.0.1 adultsper.com
127.0.0.1 www.adulttds.com
127.0.0.1 adulttds.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 www.advcash.biz
127.0.0.1 advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 www.advertising-money.info
127.0.0.1 advertising-money.info
127.0.0.1 ad-ware.cc
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.adware.pro
127.0.0.1 adware.pro
127.0.0.1 www.adwarealert.com
127.0.0.1 adwarealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarecommander.com
127.0.0.1 adwarecommander.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwaregold.com
127.0.0.1 adwaregold.com
127.0.0.1 www.adwarepatrol.com
127.0.0.1 adwarepatrol.com
127.0.0.1 www.adwareplatinum.com
127.0.0.1 adwareplatinum.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwareremover.ws
127.0.0.1 adwareremover.ws
127.0.0.1 www.adwaresafety.com
127.0.0.1 adwaresafety.com
127.0.0.1 www.adwarexp.com
127.0.0.1 adwarexp.com
127.0.0.1 affiliate.idownload.com
127.0.0.1 www.aflgate.com
127.0.0.1 aflgate.com
127.0.0.1 africaspromise.org
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 agentstudio.com
127.0.0.1 www.ageofconans.net
127.0.0.1 ageofconans.net
127.0.0.1 www.aginegialle.it
127.0.0.1 aginegialle.it
127.0.0.1 www.ahnenforschung.de
127.0.0.1 ahnenforschung.de
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 www.airtleworld.com
127.0.0.1 airtleworld.com
127.0.0.1 www.aitalia.it
127.0.0.1 aitalia.it
127.0.0.1 akamai.downloadv3.com
127.0.0.1 www.aklitalia.it
127.0.0.1 aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 www.alertspy.com
127.0.0.1 alertspy.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 www.alialia.it
127.0.0.1 alialia.it
127.0.0.1 www.aliotalia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitala.it
127.0.0.1 alitala.it
127.0.0.1 www.alitali.it
127.0.0.1 alitali.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitalias.it
127.0.0.1 alitalias.it
127.0.0.1 www.alitaliaz.it
127.0.0.1 alitaliaz.it
127.0.0.1 www.alitalioa.it
127.0.0.1 alitalioa.it
127.0.0.1 www.alitalisa.it
127.0.0.1 alitalisa.it
127.0.0.1 www.alitaliua.it
127.0.0.1 alitaliua.it
127.0.0.1 www.alitalkia.it
127.0.0.1 alitalkia.it
127.0.0.1 www.alitaloia.it
127.0.0.1 alitaloia.it
127.0.0.1 www.alitaluia.it
127.0.0.1 alitaluia.it
127.0.0.1 www.alitaslia.it
127.0.0.1 alitaslia.it
127.0.0.1 www.alitlia.it
127.0.0.1 alitlia.it
127.0.0.1 www.alitralia.it
127.0.0.1 alitralia.it
127.0.0.1 www.alitsalia.it
127.0.0.1 alitsalia.it
127.0.0.1 www.aliutalia.it
127.0.0.1 aliutalia.it
127.0.0.1 www.all1count.net
127.0.0.1 all1count.net
127.0.0.1 www.all4internet.com
127.0.0.1 all4internet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 www.all-bittorrent.com
127.0.0.1 all-bittorrent.com
127.0.0.1 www.allcollisions.com
127.0.0.1 allcollisions.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.alldnserrors.com
127.0.0.1 alldnserrors.com
127.0.0.1 www.all-downloads-now.com
127.0.0.1 all-downloads-now.com
127.0.0.1 www.all-edonkey.com
127.0.0.1 all-edonkey.com
127.0.0.1 www.allertaminacce.com
127.0.0.1 allertaminacce.com
127.0.0.1 allforadult.com
127.0.0.1 allhyperlinks.com
127.0.0.1 www.alliesecurity.com
127.0.0.1 alliesecurity.com
127.0.0.1 all-inet.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 www.all-limewire.com
127.0.0.1 all-limewire.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allprotections.com
127.0.0.1 allprotections.com
127.0.0.1 www.allresultz.net
127.0.0.1 allresultz.net
127.0.0.1 www.allsearch.us
127.0.0.1 allsearch.us
127.0.0.1 www.allsecuritynotes.com
127.0.0.1 allsecuritynotes.com
127.0.0.1 www.allsecuritysite.com
127.0.0.1 allsecuritysite.com
127.0.0.1 www.allstarsvideos.net
127.0.0.1 allstarsvideos.net
127.0.0.1 www.alltiettantivirus.com
127.0.0.1 alltiettantivirus.com
127.0.0.1 www.alltruesoftware.com
127.0.0.1 alltruesoftware.com
127.0.0.1 www.allvideoactivex.com
127.0.0.1 allvideoactivex.com
127.0.0.1 www.almanah.biz
127.0.0.1 almanah.biz
127.0.0.1 almarvideos.com
127.0.0.1 www.aloitalia.it
127.0.0.1 aloitalia.it
127.0.0.1 www.aluitalia.it
127.0.0.1 aluitalia.it
127.0.0.1 www.amaena.com
127.0.0.1 amaena.com
127.0.0.1 amandamountains.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amediasoftware.com
127.0.0.1 amediasoftware.com
127.0.0.1 www.amediasource.com
127.0.0.1 amediasource.com
127.0.0.1 www.americanautobargains.com
127.0.0.1 americanautobargains.com
127.0.0.1 www.americancarbargains.com
127.0.0.1 americancarbargains.com
127.0.0.1 american-teens.net
127.0.0.1 amigeek.com
127.0.0.1 www.amigobore.com
127.0.0.1 amigobore.com
127.0.0.1 amisbusiness.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.analcord.com
127.0.0.1 analcord.com
127.0.0.1 analmovi.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 www.andromedical.com
127.0.0.1 andromedical.com
127.0.0.1 www.animepornmag.com
127.0.0.1 animepornmag.com
127.0.0.1 anin.org
127.0.0.1 www.anjpn-avxiz.biz
127.0.0.1 anjpn-avxiz.biz
127.0.0.1 www.anjpnzqav.biz
127.0.0.1 anjpnzqav.biz
127.0.0.1 www.anjpn-zqav.biz
127.0.0.1 anjpn-zqav.biz
127.0.0.1 annaromeo.com
127.0.0.1 www.antiddos.us
127.0.0.1 antiddos.us
127.0.0.1 www.antiespiadorado.com
127.0.0.1 antiespiadorado.com
127.0.0.1 www.antiespionspack.com
127.0.0.1 antiespionspack.com
127.0.0.1 www.antigusanos2008.com
127.0.0.1 antigusanos2008.com
127.0.0.1 www.antispamassistant.com
127.0.0.1 antispamassistant.com
127.0.0.1 www.antispamdeluxe.com
127.0.0.1 antispamdeluxe.com
127.0.0.1 www.antispionage.com
127.0.0.1 antispionage.com
127.0.0.1 www.antispionagepro.com
127.0.0.1 antispionagepro.com
127.0.0.1 www.antispyadvanced.com
127.0.0.1 antispyadvanced.com
127.0.0.1 www.antispycheck.com
127.0.0.1 antispycheck.com
127.0.0.1 www.antispydns.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispykit.com
127.0.0.1 antispykit.com
127.0.0.1 www.antispylab.com
127.0.0.1 antispylab.com
127.0.0.1 www.antispyshield.com
127.0.0.1 antispyshield.com
127.0.0.1 www.antispysolutions.com
127.0.0.1 antispysolutions.com
127.0.0.1 www.antispyware.com
127.0.0.1 antispyware.com
127.0.0.1 www.antispyware-2008.info
127.0.0.1 antispyware-2008.info
127.0.0.1 www.antispyware2008.name
127.0.0.1 antispyware2008.name
127.0.0.1 www.antispyware-2008.name
127.0.0.1 antispyware-2008.name
127.0.0.1 www.antispyware2008.org
127.0.0.1 antispyware2008.org
127.0.0.1 www.antispyware-2008.org
127.0.0.1 antispyware-2008.org
127.0.0.1 www.antispyware2008-download.com
127.0.0.1 antispyware2008-download.com
127.0.0.1 www.antispyware-2008-download.com
127.0.0.1 antispyware-2008-download.com
127.0.0.1 www.antispyware2008-download.name
127.0.0.1 antispyware2008-download.name
127.0.0.1 www.antispyware2008-download.org
127.0.0.1 antispyware2008-download.org
127.0.0.1 www.antispyware-2008-download.org
127.0.0.1 antispyware-2008-download.org
127.0.0.1 www.antispywareboot.com
127.0.0.1 antispywareboot.com
127.0.0.1 www.antispywarebot.com
127.0.0.1 antispywarebot.com
127.0.0.1 www.antispywarebox.com
127.0.0.1 antispywarebox.com
127.0.0.1 www.antispywaredownloads.com
127.0.0.1 antispywaredownloads.com
127.0.0.1 www.antispywaresuite.com
127.0.0.1 antispywaresuite.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.antispywarexp.com
127.0.0.1 antispywarexp.com
127.0.0.1 www.antispyweb.net
127.0.0.1 antispyweb.net
127.0.0.1 www.antiver2008.com
127.0.0.1 antiver2008.com
127.0.0.1 www.antivermins.com
127.0.0.1 antivermins.com
127.0.0.1 www.anti-vermins.com
127.0.0.1 anti-vermins.com
127.0.0.1 www.antivir2007.com
127.0.0.1 antivir2007.com
127.0.0.1 www.antivirgear.com
127.0.0.1 antivirgear.com
127.0.0.1 www.antivirprotect.com
127.0.0.1 antivirprotect.com
127.0.0.1 www.antivirus.fastfreedownload.com
127.0.0.1 antivirus.fastfreedownload.com
127.0.0.1 www.antivirus2008pro.com
127.0.0.1 antivirus2008pro.com
127.0.0.1 www.antivirus-2008pro.com
127.0.0.1 antivirus-2008pro.com
127.0.0.1 www.antivirus-2008-pro.com
127.0.0.1 antivirus-2008-pro.com
127.0.0.1 www.antivirus2008pro.info
127.0.0.1 antivirus2008pro.info
127.0.0.1 www.antivirus-2008pro.info
127.0.0.1 antivirus-2008pro.info
127.0.0.1 www.antivirus-2008-pro.info
127.0.0.1 antivirus-2008-pro.info
127.0.0.1 www.antivirus2008pro.net
127.0.0.1 antivirus2008pro.net
127.0.0.1 www.antivirus-2008pro.net
127.0.0.1 antivirus-2008pro.net
127.0.0.1 www.antivirus-2008-pro.net
127.0.0.1 antivirus-2008-pro.net
127.0.0.1 www.antivirus2008pro.org
127.0.0.1 antivirus2008pro.org
127.0.0.1 www.antivirus-2008pro.org
127.0.0.1 antivirus-2008pro.org
127.0.0.1 www.antivirus-2008-pro.org
127.0.0.1 antivirus-2008-pro.org
127.0.0.1 www.antivirus2008x.com
127.0.0.1 antivirus2008x.com
127.0.0.1 www.antivirusadvance.com
127.0.0.1 antivirusadvance.com
127.0.0.1 www.antivirusaskeladd.com
127.0.0.1 antivirusaskeladd.com
127.0.0.1 www.antivirus-database.com
127.0.0.1 antivirus-database.com
127.0.0.1 www.antivirusgereedschap.com
127.0.0.1 antivirusgereedschap.com
127.0.0.1 www.antivirusgolden.com
127.0.0.1 antivirusgolden.com
127.0.0.1 www.antivirus-hq.net
127.0.0.1 antivirus-hq.net
127.0.0.1 www.antiviruspcsuite.com
127.0.0.1 antiviruspcsuite.com
127.0.0.1 www.antiviruspremium.com
127.0.0.1 antiviruspremium.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.antivirusprotector.com
127.0.0.1 antivirusprotector.com
127.0.0.1 www.antivirus-scanner.com
127.0.0.1 antivirus-scanner.com
127.0.0.1 www.antivirusscherm.com
127.0.0.1 antivirusscherm.com
127.0.0.1 www.antivirussecuritypro.com
127.0.0.1 antivirussecuritypro.com
127.0.0.1 www.antivirus-server.com
127.0.0.1 antivirus-server.com
127.0.0.1 www.antivirus-stop.com
127.0.0.1 antivirus-stop.com
127.0.0.1 www.antivirussuite.com
127.0.0.1 antivirussuite.com
127.0.0.1 www.antiworm2008.com
127.0.0.1 antiworm2008.com
127.0.0.1 www.antiwurm2008.com
127.0.0.1 antiwurm2008.com
127.0.0.1 antrocity.com
127.0.0.1 www.anyofus.com
127.0.0.1 anyofus.com
127.0.0.1 www.anysafereviews.com
127.0.0.1 anysafereviews.com
127.0.0.1 www.anysn.seproger.com
127.0.0.1 anysn.seproger.com
127.0.0.1 anything4health.com
127.0.0.1 www.apicpreview.com
127.0.0.1 apicpreview.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 approvedlinks.com
127.0.0.1 apps.deskwizz.com
127.0.0.1 apps.webservicehost.com
127.0.0.1 www.aprotectedpage.com
127.0.0.1 aprotectedpage.com
127.0.0.1 apsua.com
127.0.0.1 www.archivioadulti.com
127.0.0.1 archivioadulti.com
127.0.0.1 www.archiviosex.net
127.0.0.1 archiviosex.net
127.0.0.1 aregay.com
127.0.0.1 www.ares.click-new-download.com
127.0.0.1 ares.click-new-download.com
127.0.0.1 www.ares-freebie.com
127.0.0.1 ares-freebie.com
127.0.0.1 www.arespro2007.com
127.0.0.1 arespro2007.com
127.0.0.1 www.aresultra.com
127.0.0.1 aresultra.com
127.0.0.1 www.ares-usa.com
127.0.0.1 ares-usa.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 www.arquivojpgs.smtp.ru
127.0.0.1 arquivojpgs.smtp.ru
127.0.0.1 artachnid.com
127.0.0.1 art-func.com
127.0.0.1 art-xxx.com
127.0.0.1 www.asafebrowser.com
127.0.0.1 asafebrowser.com
127.0.0.1 www.asafetyalways.com
127.0.0.1 asafetyalways.com
127.0.0.1 www.asafetynote.com
127.0.0.1 asafetynote.com
127.0.0.1 www.asafetynotice.com
127.0.0.1 asafetynotice.com
127.0.0.1 www.asafetypage.com
127.0.0.1 asafetypage.com
127.0.0.1 www.asdbiz.biz
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdeykuddq.com
127.0.0.1 asdeykuddq.com
127.0.0.1 www.asecurebar.com
127.0.0.1 asecurebar.com
127.0.0.1 www.asecureboard.com
127.0.0.1 asecureboard.com
127.0.0.1 www.asecurevalue.com
127.0.0.1 asecurevalue.com
127.0.0.1 www.asecurityissue.com
127.0.0.1 asecurityissue.com
127.0.0.1 www.asecuritynotice.com
127.0.0.1 asecuritynotice.com
127.0.0.1 www.asecuritypaper.com
127.0.0.1 asecuritypaper.com
127.0.0.1 www.asecuritystuff.com
127.0.0.1 asecuritystuff.com
127.0.0.1 www.asfadaptation.com
127.0.0.1 asfadaptation.com
127.0.0.1 asiankingkong.com
127.0.0.1 www.asianpornmag.com
127.0.0.1 asianpornmag.com
127.0.0.1 www.asiantoolbar.com
127.0.0.1 asiantoolbar.com
127.0.0.1 www.asidseiupc.com
127.0.0.1 asidseiupc.com
127.0.0.1 www.aslitalia.it
127.0.0.1 aslitalia.it
127.0.0.1 [bleep]-gals.com
127.0.0.1 www.assureprotection.com
127.0.0.1 assureprotection.com
127.0.0.1 asta-killer.com
127.0.0.1 www.astrologie-server.com
127.0.0.1 astrologie-server.com
127.0.0.1 www.asupereva.it
127.0.0.1 asupereva.it
127.0.0.1 www.ataprogram.com
127.0.0.1 ataprogram.com
127.0.0.1 athenrye.com
127.0.0.1 www.atotalsafety.com
127.0.0.1 atotalsafety.com
127.0.0.1 www.atrueprotection.com
127.0.0.1 atrueprotection.com
127.0.0.1 www.atruesecurity.com
127.0.0.1 atruesecurity.com
127.0.0.1 www.attackware.com
127.0.0.1 attackware.com
127.0.0.1 www.attrezzi.biz
127.0.0.1 attrezzi.biz
127.0.0.1 www.aucunsvirus.com
127.0.0.1 aucunsvirus.com
127.0.0.1 www.aulde.net
127.0.0.1 aulde.net
127.0.0.1 www.aupereva.it
127.0.0.1 aupereva.it
127.0.0.1 www.autobargains.org
127.0.0.1 autobargains.org
127.0.0.1 www.autobargainsnetwork.com
127.0.0.1 autobargainsnetwork.com
127.0.0.1 www.autocontext.begun.ru
127.0.0.1 autocontext.begun.ru
127.0.0.1 autoescrowpay.com
127.0.0.1 www.autotuningportal.com
127.0.0.1 autotuningportal.com
127.0.0.1 www.avadvance.com
127.0.0.1 avadvance.com
127.0.0.1 www.avast.free-software-center.com
127.0.0.1 avast.free-software-center.com
127.0.0.1 www.avast-2007.com
127.0.0.1 avast-2007.com
127.0.0.1 www.avast-downloads.com
127.0.0.1 avast-downloads.com
127.0.0.1 www.avast-hq.com
127.0.0.1 avast-hq.com
127.0.0.1 www.avforce.com
127.0.0.1 avforce.com
127.0.0.1 www.avg.grab-it-today.net
127.0.0.1 avg.grab-it-today.net
127.0.0.1 www.avg.softwarecenterz.com
127.0.0.1 avg.softwarecenterz.com
127.0.0.1 www.avg-secure.com
127.0.0.1 avg-secure.com
127.0.0.1 www.aviadaptation.com
127.0.0.1 aviadaptation.com
127.0.0.1 avian-ads.com
127.0.0.1 www.avicoupler.com
127.0.0.1 avicoupler.com
127.0.0.1 www.avideoaxaccess.com
127.0.0.1 avideoaxaccess.com
127.0.0.1 www.avideosurfer.com
127.0.0.1 avideosurfer.com
127.0.0.1 www.avidirection.com
127.0.0.1 avidirection.com
127.0.0.1 www.aviewersoft.com
127.0.0.1 aviewersoft.com
127.0.0.1 www.aviexecution.com
127.0.0.1 aviexecution.com
127.0.0.1 www.avihelper.com
127.0.0.1 avihelper.com
127.0.0.1 www.aviinstrument.com
127.0.0.1 aviinstrument.com
127.0.0.1 www.avitool.com
127.0.0.1 avitool.com
127.0.0.1 www.aviutility.com
127.0.0.1 aviutility.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avsmanufacture.com
127.0.0.1 avsmanufacture.com
127.0.0.1 www.avsystemcare.com
127.0.0.1 avsystemcare.com
127.0.0.1 www.avxizaaqada.biz
127.0.0.1 avxizaaqada.biz
127.0.0.1 www.avxiz-anjpn.biz
127.0.0.1 avxiz-anjpn.biz
127.0.0.1 www.avxizueorn.biz
127.0.0.1 avxizueorn.biz
127.0.0.1 www.avxiz-ueorn.biz
127.0.0.1 avxiz-ueorn.biz
127.0.0.1 www.avxiz-vtvcp.biz
127.0.0.1 avxiz-vtvcp.biz
127.0.0.1 www.avxiz-ygco.biz
127.0.0.1 avxiz-ygco.biz
127.0.0.1 www.avxiz-zqav.biz
127.0.0.1 avxiz-zqav.biz
127.0.0.1 www.awarenesstech.com
127.0.0.1 awarenesstech.com
127.0.0.1 www.awarninglist.com
127.0.0.1 awarninglist.com
127.0.0.1 awbeta.net-nucleus.com
127.0.0.1 www.awesomehomepage.com
127.0.0.1 awesomehomepage.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 www.axemediasoftware.com
127.0.0.1 axemediasoftware.com
127.0.0.1 www.aximageobject.com
127.0.0.1 aximageobject.com
127.0.0.1 www.axmediaproject.com
127.0.0.1 axmediaproject.com
127.0.0.1 www.axmediasoftware.com
127.0.0.1 axmediasoftware.com
127.0.0.1 www.axmediasolutions.com
127.0.0.1 axmediasolutions.com
127.0.0.1 www.axobjectpage.com
127.0.0.1 axobjectpage.com
127.0.0.1 www.axobjectsource.com
127.0.0.1 axobjectsource.com
127.0.0.1 www.axsoftwaretool.com
127.0.0.1 axsoftwaretool.com
127.0.0.1 www.axvideoproject.com
127.0.0.1 axvideoproject.com
127.0.0.1 www.axvideosetup.com
127.0.0.1 axvideosetup.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 ayb.netbios-wait.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 azebar.com
127.0.0.1 www.azureusclub.com
127.0.0.1 azureusclub.com
127.0.0.1 www.azureus-freebie.com
127.0.0.1 azureus-freebie.com
127.0.0.1 www.azzetta.it
127.0.0.1 azzetta.it
127.0.0.1 b.casalemedia.com
127.0.0.1 b122.mcboo.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babenet.com
127.0.0.1 babenet.com
127.0.0.1 www.babespornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babeweb.de
127.0.0.1 babeweb.de
127.0.0.1 www.baccarat-other.info
127.0.0.1 baccarat-other.info
127.0.0.1 www.backstripgirls.com
127.0.0.1 backstripgirls.com
127.0.0.1 backup.mabou.org
127.0.0.1 www.baiduqqsina.cn
127.0.0.1 baiduqqsina.cn
127.0.0.1 www.balotierra.com
127.0.0.1 balotierra.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 www.bardownload.com
127.0.0.1 bardownload.com
127.0.0.1 barnandfence.com
127.0.0.1 www.basteln-und-heimwerken.com
127.0.0.1 basteln-und-heimwerken.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bb.wudiliuliang.com
127.0.0.1 bbbsearch.com
127.0.0.1 bb-search.com
127.0.0.1 www.bcnproduction.com
127.0.0.1 bcnproduction.com
127.0.0.1 bdsmlibrary.net
127.0.0.1 www.bdsmpornmag.com
127.0.0.1 bdsmpornmag.com
127.0.0.1 www.bealent.com
127.0.0.1 bealent.com
127.0.0.1 www.bearshare.click-new-download.com
127.0.0.1 bearshare.click-new-download.com
127.0.0.1 www.bearshare.download-me.info
127.0.0.1 bearshare.download-me.info
127.0.0.1 www.bearshare.mp3-muzic.com
127.0.0.1 bearshare.mp3-muzic.com
127.0.0.1 www.bearshare-download.org
127.0.0.1 bearshare-download.org
127.0.0.1 www.bearshare-downloads.net
127.0.0.1 bearshare-downloads.net
127.0.0.1 www.bearsharelive.co.uk
127.0.0.1 bearsharelive.co.uk
127.0.0.1 www.bearshare-music-downloads.com
127.0.0.1 bearshare-music-downloads.com
127.0.0.1 www.bearsharepro2007.com
127.0.0.1 bearsharepro2007.com
127.0.0.1 www.bearshare-usa.com
127.0.0.1 bearshare-usa.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 www.beebappyy.biz
127.0.0.1 beebappyy.biz
127.0.0.1 www.begin2search.com
127.0.0.1 begin2search.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 www.berufe-jobs.de
127.0.0.1 berufe-jobs.de
127.0.0.1 www.berufe-server.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 www.berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 www.beruijindegunhadesun.com
127.0.0.1 beruijindegunhadesun.com
127.0.0.1 www.best3xclips.com
127.0.0.1 best3xclips.com
127.0.0.1 www.bestadults.com
127.0.0.1 bestadults.com
127.0.0.1 www.best-codec.com
127.0.0.1 best-codec.com
127.0.0.1 best-counter.com
127.0.0.1 bestcrawler.com
127.0.0.1 www.bestdailyvids.com
127.0.0.1 bestdailyvids.com
127.0.0.1 bestfor.ru
127.0.0.1 www.best[bleep]vids.com
127.0.0.1 best[bleep]vids.com
127.0.0.1 best-hardpics.com
127.0.0.1 www.bestmanage.org
127.0.0.1 bestmanage.org
127.0.0.1 www.bestmanage0.org
127.0.0.1 bestmanage0.org
127.0.0.1 www.bestmanage1.org
127.0.0.1 bestmanage1.org
127.0.0.1 www.bestmanage2.org
127.0.0.1 bestmanage2.org
127.0.0.1 www.bestmanage3.org
127.0.0.1 bestmanage3.org
127.0.0.1 www.bestmanage4.org
127.0.0.1 bestmanage4.org
127.0.0.1 www.bestmanage5.org
127.0.0.1 bestmanage5.org
127.0.0.1 www.bestmanage6.org
127.0.0.1 bestmanage6.org
127.0.0.1 www.bestmanage7.org
127.0.0.1 bestmanage7.org
127.0.0.1 www.bestmanage8.org
127.0.0.1 bestmanage8.org
127.0.0.1 www.bestmanage9.org
127.0.0.1 bestmanage9.org
127.0.0.1 www.bestmovszone.com
127.0.0.1 bestmovszone.com
127.0.0.1 www.bestoffersnetworks.com
127.0.0.1 bestoffersnetworks.com
127.0.0.1 www.best-porncollection.com
127.0.0.1 best-porncollection.com
127.0.0.1 bestporngate.com
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsearch.cc
127.0.0.1 bestsearch.cc
127.0.0.1 www.bestsearchworld.info
127.0.0.1 bestsearchworld.info
127.0.0.1 www.best-spyware.info
127.0.0.1 best-spyware.info
127.0.0.1 www.best-targeted-traffic.com
127.0.0.1 best-targeted-traffic.com
127.0.0.1 www.best-voyeur.info
127.0.0.1 best-voyeur.info
127.0.0.1 bestweblinks.com
127.0.0.1 best-winning-casino.com
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestxclips.com
127.0.0.1 bestxclips.com
127.0.0.1 bestxporno.com
127.0.0.1 www.bestxxxmpegs.com
127.0.0.1 bestxxxmpegs.com
127.0.0.1 www.bettersearch.biz
127.0.0.1 bettersearch.biz
127.0.0.1 www.bewerbungsexperte.com
127.0.0.1 bewerbungsexperte.com
127.0.0.1 www.bgazzetta.it
127.0.0.1 bgazzetta.it
127.0.0.1 www.bgoogle.it
127.0.0.1 bgoogle.it
127.0.0.1 www.bigcodecadult.com
127.0.0.1 bigcodecadult.com
127.0.0.1 www.bigcodecadult2008.com
127.0.0.1 bigcodecadult2008.com
127.0.0.1 www.bigcodecadult2008-17.com
127.0.0.1 bigcodecadult2008-17.com
127.0.0.1 www.bighot18adult2008.com
127.0.0.1 bighot18adult2008.com
127.0.0.1 www.bighot18-adult2008.com
127.0.0.1 bighot18-adult2008.com
127.0.0.1 www.bighot18codec2008.com
127.0.0.1 bighot18codec2008.com
127.0.0.1 www.bighot18-codec2008.com
127.0.0.1 bighot18-codec2008.com
127.0.0.1 www.bigtrafficnetwork.com
127.0.0.1 bigtrafficnetwork.com
127.0.0.1 www.bigwww.com
127.0.0.1 bigwww.com
127.0.0.1 www.bill.de
127.0.0.1 bill.de
127.0.0.1 bin.errorprotector.com
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 bis.180solutions.com
127.0.0.1 [bleep]esonline.net
127.0.0.1 www.bitcomet-freebie.com
127.0.0.1 bitcomet-freebie.com
127.0.0.1 www.bittorrent.click-new-download.com
127.0.0.1 bittorrent.click-new-download.com
127.0.0.1 biz.biz
127.0.0.1 www.bkvcompany.com
127.0.0.1 bkvcompany.com
127.0.0.1 www.blackblues00.com
127.0.0.1 blackblues00.com
127.0.0.1 www.blackcodec.com
127.0.0.1 blackcodec.com
127.0.0.1 www.black-codec.com
127.0.0.1 black-codec.com
127.0.0.1 www.blackcodec.net
127.0.0.1 blackcodec.net
127.0.0.1 www.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 blackjack-free.net
127.0.0.1 www.blacklegion.info
127.0.0.1 blacklegion.info
127.0.0.1 blazefind.com
127.0.0.1 blender.xu.pl
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 blondetgp.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.bm.theaimonline.com
127.0.0.1 bm.theaimonline.com
127.0.0.1 www.bnmgate.com
127.0.0.1 bnmgate.com
127.0.0.1 bodaciousbabette.com
127.0.0.1 www.bonzi.com
127.0.0.1 bonzi.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 www.bookedspace.com
127.0.0.1 bookedspace.com
127.0.0.1 www.boom.com.vn
127.0.0.1 boom.com.vn
127.0.0.1 www.boomgirltv.com
127.0.0.1 boomgirltv.com
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 www.bpfq02.com
127.0.0.1 bpfq02.com
127.0.0.1 www.bqgate.com
127.0.0.1 bqgate.com
127.0.0.1 br.errorsafe.com
127.0.0.1 br.winantivirus.com
127.0.0.1 br.winfixer.com
127.0.0.1 bradcoem.org
127.0.0.1 www.braincodec.com
127.0.0.1 braincodec.com
127.0.0.1 www.brakecodec.com
127.0.0.1 brakecodec.com
127.0.0.1 brandiyoung.com
127.0.0.1 www.bravesentry.com
127.0.0.1 bravesentry.com
127.0.0.1 www.breenten.biz
127.0.0.1 breenten.biz
127.0.0.1 www.brodbfm.net
127.0.0.1 brodbfm.net
127.0.0.1 brookeburn.com
127.0.0.1 www.browserwise.com
127.0.0.1 browserwise.com
127.0.0.1 bsa.safetydownload.com
127.0.0.1 www.bsplaycodec.com
127.0.0.1 bsplaycodec.com
127.0.0.1 bucps.com
127.0.0.1 buhartes.info
127.0.0.1 buldog-stats.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 www.burningsite.com
127.0.0.1 burningsite.com
127.0.0.1 www.burnsrecyclinginc.com
127.0.0.1 burnsrecyclinginc.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 www.busysearch.net
127.0.0.1 busysearch.net
127.0.0.1 buttejazz.org
127.0.0.1 www.buy-find.info
127.0.0.1 buy-find.info
127.0.0.1 buyselldomain.net
127.0.0.1 www.buytraff.biz
127.0.0.1 buytraff.biz
127.0.0.1 buz.ru
127.0.0.1 www.bvdtechinque.com
127.0.0.1 bvdtechinque.com
127.0.0.1 www.bvirgilio.it
127.0.0.1 bvirgilio.it
127.0.0.1 www.bye-spyware.com
127.0.0.1 bye-spyware.com
127.0.0.1 c.centralmedia.ws
127.0.0.1 www.c.enhance.com
127.0.0.1 c.enhance.com
127.0.0.1 c.goclick.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 c4tdownload.com
127.0.0.1 www.c5.www4free.info
127.0.0.1 c5.www4free.info
127.0.0.1 www.cache.surfaccuracy.com
127.0.0.1 cache.surfaccuracy.com
127.0.0.1 cache.ysbweb.com
127.0.0.1 www.cadesfinjeriokas.com
127.0.0.1 cadesfinjeriokas.com
127.0.0.1 calcioturris.com
127.0.0.1 www.calendaralerts.net
127.0.0.1 calendaralerts.net
127.0.0.1 www.callinghome.biz
127.0.0.1 callinghome.biz
127.0.0.1 www.cameouk.co.uk
127.0.0.1 cameouk.co.uk
127.0.0.1 cameup.com
127.0.0.1 www.camouflageclothingonline.net
127.0.0.1 camouflageclothingonline.net
127.0.0.1 campaigns.outerinfo.net
127.0.0.1 www.camping-community.com
127.0.0.1 camping-community.com
127.0.0.1 camup.net
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 www.canidetect.org
127.0.0.1 canidetect.org
127.0.0.1 www.cantfind.com
127.0.0.1 cantfind.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 cartoes.uol.com.br
127.0.0.1 www.casalemedia.com
127.0.0.1 casalemedia.com
127.0.0.1 www.cashdeluxe.net
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashengines.com
127.0.0.1 cashengines.com
127.0.0.1 cashsearch.biz
127.0.0.1 www.cashsurfers.com
127.0.0.1 cashsurfers.com
127.0.0.1 www.cashunlim.com
127.0.0.1 cashunlim.com
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 casino-onlines.net
127.0.0.1 www.castingsamateur.com
127.0.0.1 castingsamateur.com
127.0.0.1 catallogue.com
127.0.0.1 www.catch-dc.info
127.0.0.1 catch-dc.info
127.0.0.1 categories.mygeek.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cazygirls-world.com
127.0.0.1 cc.panet.org
127.0.0.1 www.ccecaedbebfcaf.com
127.0.0.1 ccecaedbebfcaf.com
127.0.0.1 cclebali.org
127.0.0.1 www.ccorriere.it
127.0.0.1 ccorriere.it
127.0.0.1 www.cdcopysite.com
127.0.0.1 cdcopysite.com
127.0.0.1 www.cdegate.com
127.0.0.1 cdegate.com
127.0.0.1 cdn.drivecleaner.com
127.0.0.1 cdn.errorsafe.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn.winsoftware.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 www.cdorriere.it
127.0.0.1 cdorriere.it
127.0.0.1 ceewawires.org
127.0.0.1 centralmedia.ws
127.0.0.1 certumgroup.com
127.0.0.1 www.cforriere.it
127.0.0.1 cforriere.it
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.checkin100.com
127.0.0.1 checkin100.com
127.0.0.1 www.checkssecurity.com
127.0.0.1 checkssecurity.com
127.0.0.1 chelancatering.com
127.0.0.1 www.chenshijituan.com
127.0.0.1 chenshijituan.com
127.0.0.1 childrenvilla.com
127.0.0.1 www.chilly3xvids.com
127.0.0.1 chilly3xvids.com
127.0.0.1 www.chillymovs.com
127.0.0.1 chillymovs.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 www.cia-trjn.myvnc.com
127.0.0.1 cia-trjn.myvnc.com
127.0.0.1 www.cinemadownload.com
127.0.0.1 cinemadownload.com
127.0.0.1 www.ciorriere.it
127.0.0.1 ciorriere.it
127.0.0.1 www.cirriere.it
127.0.0.1 cirriere.it
127.0.0.1 www.citycodec.com
127.0.0.1 citycodec.com
127.0.0.1 ckick4thumbs.com
127.0.0.1 cl55.biz
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 www.clckm.com
127.0.0.1 clckm.com
127.0.0.1 www.cleancodec.com
127.0.0.1 cleancodec.com
127.0.0.1 www.cleancodec.net
127.0.0.1 cleancodec.net
127.0.0.1 www.cleansoftwares.com
127.0.0.1 cleansoftwares.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 www.click-codec.com
127.0.0.1 click-codec.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.click-new-download.com
127.0.0.1 click-new-download.com
127.0.0.1 click-now.net
127.0.0.1 www.clickspring.net
127.0.0.1 clickspring.net
127.0.0.1 www.click-to-download.com
127.0.0.1 click-to-download.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 clickyestoenter.net
127.0.0.1 client.exeupdate.com
127.0.0.1 client.myadultexplorer.com
127.0.0.1 www.cliks.org
127.0.0.1 cliks.org
127.0.0.1 www.cliparts4free.com
127.0.0.1 cliparts4free.com
127.0.0.1 www.clipsfestival.com
127.0.0.1 clipsfestival.com
127.0.0.1 www.clipsreality.com
127.0.0.1 clipsreality.com
127.0.0.1 www.clorriere.it
127.0.0.1 clorriere.it
127.0.0.1 clrsch.com
127.0.0.1 www.clubxxxvideo.com
127.0.0.1 clubxxxvideo.com
127.0.0.1 clusif.free.fr
127.0.0.1 cmtapestry.com
127.0.0.1 www.cnetadd.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnomy.com
127.0.0.1 cnomy.com
127.0.0.1 www.cnzz.com
127.0.0.1 cnzz.com
127.0.0.1 www.cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 code.ignphrases.com
127.0.0.1 codec.ninoa.com
127.0.0.1 www.codecadult18.com
127.0.0.1 codecadult18.com
127.0.0.1 www.codecbest.com
127.0.0.1 codecbest.com
127.0.0.1 www.codecbsplay.com
127.0.0.1 codecbsplay.com
127.0.0.1 www.codecdemo.com
127.0.0.1 codecdemo.com
127.0.0.1 www.codecdvd.net
127.0.0.1 codecdvd.net
127.0.0.1 www.codecdvi.com
127.0.0.1 codecdvi.com
127.0.0.1 www.codec-fun.com
127.0.0.1 codec-fun.com
127.0.0.1 www.codechard.com
127.0.0.1 codechard.com
127.0.0.1 www.codechot.net
127.0.0.1 codechot.net
127.0.0.1 www.codechq.net
127.0.0.1 codechq.net
127.0.0.1 www.codecmeg.net
127.0.0.1 codecmeg.net
127.0.0.1 www.codecmega.com
127.0.0.1 codecmega.com
127.0.0.1 www.codecmega.net
127.0.0.1 codecmega.net
127.0.0.1 www.codecmoon.com
127.0.0.1 codecmoon.com
127.0.0.1 www.codecmpg.com
127.0.0.1 codecmpg.com
127.0.0.1 www.codecnice.net
127.0.0.1 codecnice.net
127.0.0.1 www.codecnitro.com
127.0.0.1 codecnitro.com
127.0.0.1 www.codecops.net
127.0.0.1 codecops.net
127.0.0.1 www.codecplay.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecpretty.net
127.0.0.1 codecpretty.net
127.0.0.1 www.codecpro.net
127.0.0.1 codecpro.net
127.0.0.1 www.codecred.net
127.0.0.1 codecred.net
127.0.0.1 www.codecsoft.net
127.0.0.1 codecsoft.net
127.0.0.1 www.codecthe.com
127.0.0.1 codecthe.com
127.0.0.1 www.codectime.com
127.0.0.1 codectime.com
127.0.0.1 www.codecultra.net
127.0.0.1 codecultra.net
127.0.0.1 www.codecvids.com
127.0.0.1 codecvids.com
127.0.0.1 www.codecvip.com
127.0.0.1 codecvip.com
127.0.0.1 www.codecviva.com
127.0.0.1 codecviva.com
127.0.0.1 www.codeczang.net
127.0.0.1 codeczang.net
127.0.0.1 www.codrriere.it
127.0.0.1 codrriere.it
127.0.0.1 www.coeriere.it
127.0.0.1 coeriere.it
127.0.0.1 www.coerriere.it
127.0.0.1 coerriere.it
127.0.0.1 www.cofrriere.it
127.0.0.1 cofrriere.it
127.0.0.1 www.cogrriere.it
127.0.0.1 cogrriere.it
127.0.0.1 www.coirriere.it
127.0.0.1 coirriere.it
127.0.0.1 command.adservs.com
127.0.0.1 www.commonname.com
127.0.0.1 commonname.com
127.0.0.1 www.computerpcgames.net
127.0.0.1 computerpcgames.net
127.0.0.1 www.computerrecover.com
127.0.0.1 computerrecover.com
127.0.0.1 config.180solutions.com
127.0.0.1 www.congtouzailai.net
127.0.0.1 congtouzailai.net
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.ireit.com
127.0.0.1 content.ireit.com
127.0.0.1 content.onerateld.com
127.0.0.1 www.contentmatch.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contextplus.net
127.0.0.1 contextplus.net
127.0.0.1 www.contra-virus.com
127.0.0.1 contra-virus.com
127.0.0.1 www.controlmeh.com
127.0.0.1 controlmeh.com
127.0.0.1 www.convenient-search.com
127.0.0.1 convenient-search.com
127.0.0.1 www.cookingluck.com
127.0.0.1 cookingluck.com
127.0.0.1 www.cooldeskalert.com
127.0.0.1 cooldeskalert.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 www.coolonlinebusiness.com
127.0.0.1 coolonlinebusiness.com
127.0.0.1 coolpornsearch.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 coolsearcher.info
127.0.0.1 www.coolservecorp.net
127.0.0.1 coolservecorp.net
127.0.0.1 www.coolwebsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolwebsearsh.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwwwsearch.com
127.0.0.1 cool-xxx.net
127.0.0.1 www.coorriere.it
127.0.0.1 coorriere.it
127.0.0.1 copmtraine.com
127.0.0.1 www.coprriere.it
127.0.0.1 coprriere.it
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.coreiere.it
127.0.0.1 coreiere.it
127.0.0.1 www.coreriere.it
127.0.0.1 coreriere.it
127.0.0.1 www.corrdiere.it
127.0.0.1 corrdiere.it
127.0.0.1 www.correiere.it
127.0.0.1 correiere.it
127.0.0.1 www.corrfiere.it
127.0.0.1 corrfiere.it
127.0.0.1 www.corrgiere.it
127.0.0.1 corrgiere.it
127.0.0.1 www.corridere.it
127.0.0.1 corridere.it
127.0.0.1 www.corriedre.it
127.0.0.1 corriedre.it
127.0.0.1 www.corriee.it
127.0.0.1 corriee.it
127.0.0.1 www.corrieere.it
127.0.0.1 corrieere.it
127.0.0.1 www.corriefre.it
127.0.0.1 corriefre.it
127.0.0.1 www.corriegre.it
127.0.0.1 corriegre.it
127.0.0.1 www.corrierde.it
127.0.0.1 corrierde.it
127.0.0.1 www.corriered.it
127.0.0.1 corriered.it
127.0.0.1 www.corrieree.it
127.0.0.1 corrieree.it
127.0.0.1 www.corrieref.it
127.0.0.1 corrieref.it
127.0.0.1 www.corrierer.it
127.0.0.1 corrierer.it
127.0.0.1 www.corrieres.it
127.0.0.1 corrieres.it
127.0.0.1 www.corrierew.it
127.0.0.1 corrierew.it
127.0.0.1 www.corrierfe.it
127.0.0.1 corrierfe.it
127.0.0.1 www.corrierge.it
127.0.0.1 corrierge.it
127.0.0.1 www.corrierr.it
127.0.0.1 corrierr.it
127.0.0.1 www.corrierre.it
127.0.0.1 corrierre.it
127.0.0.1 www.corrierse.it
127.0.0.1 corrierse.it
127.0.0.1 www.corrierte.it
127.0.0.1 corrierte.it
127.0.0.1 www.corrierw.it
127.0.0.1 corrierw.it
127.0.0.1 www.corrierwe.it
127.0.0.1 corrierwe.it
127.0.0.1 www.corriesre.it
127.0.0.1 corriesre.it
127.0.0.1 www.corriete.it
127.0.0.1 corriete.it
127.0.0.1 www.corrietre.it
127.0.0.1 corrietre.it
127.0.0.1 www.corriewre.it
127.0.0.1 corriewre.it
127.0.0.1 www.corrifere.it
127.0.0.1 corrifere.it
127.0.0.1 www.corriiere.it
127.0.0.1 corriiere.it
127.0.0.1 www.corrilere.it
127.0.0.1 corrilere.it
127.0.0.1 www.corrioere.it
127.0.0.1 corrioere.it
127.0.0.1 www.corrire.it
127.0.0.1 corrire.it
127.0.0.1 www.corrirere.it
127.0.0.1 corrirere.it
127.0.0.1 www.corrirre.it
127.0.0.1 corrirre.it
127.0.0.1 www.corrisere.it
127.0.0.1 corrisere.it
127.0.0.1 www.corriuere.it
127.0.0.1 corriuere.it
127.0.0.1 www.corriwere.it
127.0.0.1 corriwere.it
127.0.0.1 www.corriwre.it
127.0.0.1 corriwre.it
127.0.0.1 www.corrliere.it
127.0.0.1 corrliere.it
127.0.0.1 www.corroere.it
127.0.0.1 corroere.it
127.0.0.1 www.corroiere.it
127.0.0.1 corroiere.it
127.0.0.1 www.corrriere.it
127.0.0.1 corrriere.it
127.0.0.1 www.corrtiere.it
127.0.0.1 corrtiere.it
127.0.0.1 www.corruere.it
127.0.0.1 corruere.it
127.0.0.1 www.corruiere.it
127.0.0.1 corruiere.it
127.0.0.1 www.cortiere.it
127.0.0.1 cortiere.it
127.0.0.1 www.cortriere.it
127.0.0.1 cortriere.it
127.0.0.1 www.costrike.com
127.0.0.1 costrike.com
127.0.0.1 www.cotriere.it
127.0.0.1 cotriere.it
127.0.0.1 www.cotrriere.it
127.0.0.1 cotrriere.it
127.0.0.1 couldnotfind.com
127.0.0.1 count.cc
127.0.0.1 count.hitscount.net
127.0.0.1 count-all.com
127.0.0.1 www.countdutycall.info
127.0.0.1 countdutycall.info
127.0.0.1 counter.sexmaniack.com
127.0.0.1 www.courtrecordslookup.com
127.0.0.1 courtrecordslookup.com
127.0.0.1 www.cporriere.it
127.0.0.1 cporriere.it
127.0.0.1 www.cprriere.it
127.0.0.1 cprriere.it
127.0.0.1 cpvfeed.com
127.0.0.1 cracks.me.uk
127.0.0.1 www.cracks4all.com
127.0.0.1 cracks4all.com
127.0.0.1 www.crapsgold.info
127.0.0.1 crapsgold.info
127.0.0.1 www.crazygirls-world.com
127.0.0.1 crazygirls-world.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 crazywinnings.com
127.0.0.1 creamedcutties.com
127.0.0.1 www.createaccesskey.com
127.0.0.1 createaccesskey.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 www.crriere.it
127.0.0.1 crriere.it
127.0.0.1 www.cryptdrive.com
127.0.0.1 cryptdrive.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 cts.180solutions.com
127.0.0.1 www.cuisinartoven.com
127.0.0.1 cuisinartoven.com
127.0.0.1 www.curedc.info
127.0.0.1 curedc.info
127.0.0.1 www.curepcsolutions.com
127.0.0.1 curepcsolutions.com
127.0.0.1 curvedspaces.com
127.0.0.1 www.cutadult.com
127.0.0.1 cutadult.com
127.0.0.1 www.cutoffspyware.com
127.0.0.1 cutoffspyware.com
127.0.0.1 www.cvirgilio.it
127.0.0.1 cvirgilio.it
127.0.0.1 www.cvorriere.it
127.0.0.1 cvorriere.it
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 www.cxorriere.it
127.0.0.1 cxorriere.it
127.0.0.1 www.cyberrape.com
127.0.0.1 cyberrape.com
127.0.0.1 cydom.com
127.0.0.1 www.cydoor.com
127.0.0.1 cydoor.com
127.0.0.1 d34s.qfdfqawd.cn
127.0.0.1 www.daily3xlinks.com
127.0.0.1 daily3xlinks.com
127.0.0.1 www.dailybestclips.com
127.0.0.1 dailybestclips.com
127.0.0.1 daily-gals.com
127.0.0.1 www.dailyhugemovs.com
127.0.0.1 dailyhugemovs.com
127.0.0.1 www.dailykeys.com
127.0.0.1 dailykeys.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 dailypornmag.com
127.0.0.1 dailyteenspic.com
127.0.0.1 www.dailytoolbar.com
127.0.0.1 dailytoolbar.com
127.0.0.1 www.dailyxvids.com
127.0.0.1 dailyxvids.com
127.0.0.1 dancingbabycd.com
127.0.0.1 www.dapsol.com
127.0.0.1 dapsol.com
127.0.0.1 www.dapsolution.com
127.0.0.1 dapsolution.com
127.0.0.1 www.data-hoster.com
127.0.0.1 data-hoster.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 www.dateanybabe.com
127.0.0.1 dateanybabe.com
127.0.0.1 www.dateanychick.com
127.0.0.1 dateanychick.com
127.0.0.1 www.datingdoctorsite.com
127.0.0.1 datingdoctorsite.com
127.0.0.1 www.dating-galaxy.info
127.0.0.1 dating-galaxy.info
127.0.0.1 dating-search.net
127.0.0.1 davemarshall.org
127.0.0.1 db105.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbxcompany.com
127.0.0.1 dbxcompany.com
127.0.0.1 dcdl.dmcast.com
127.0.0.1 dcfitusa.com
127.0.0.1 www.dcorriere.it
127.0.0.1 dcorriere.it
127.0.0.1 www.dcurtis.com
127.0.0.1 dcurtis.com
127.0.0.1 dcww.dmcast.com
127.0.0.1 de.ag
127.0.0.1 de.drivecleaner.com
127.0.0.1 de.errorsafe.com
127.0.0.1 de.winantivirus.com
127.0.0.1 de98.remsys.org
127.0.0.1 www.debay.it
127.0.0.1 debay.it
127.0.0.1 www.decknews.com
127.0.0.1 decknews.com
127.0.0.1 dedmazay.3322.org
127.0.0.1 www.dedsearch.com
127.0.0.1 dedsearch.com
127.0.0.1 defaultsearch.net
127.0.0.1 www.defensaantimalware.com
127.0.0.1 defensaantimalware.com
127.0.0.1 www.deja-rue.com
127.0.0.1 deja-rue.com
127.0.0.1 www.delficodec.com
127.0.0.1 delficodec.com
127.0.0.1 www.democodec.com
127.0.0.1 democodec.com
127.0.0.1 www.democodec.net
127.0.0.1 democodec.net
127.0.0.1 www.demo-codec.net
127.0.0.1 demo-codec.net
127.0.0.1 www.derklaif.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derrari.it
127.0.0.1 derrari.it
127.0.0.1 desarrollocreativo.com
127.0.0.1 www.deskbar.worldtostart.com
127.0.0.1 deskbar.worldtostart.com
127.0.0.1 www.deskwizz.com
127.0.0.1 deskwizz.com
127.0.0.1 www.destroy-spyware.net
127.0.0.1 destroy-spyware.net
127.0.0.1 www.destruktor.to.pl
127.0.0.1 destruktor.to.pl
127.0.0.1 www.detectivehound.com
127.0.0.1 detectivehound.com
127.0.0.1 www.detectivesearches.com
127.0.0.1 detectivesearches.com
127.0.0.1 dev.ntcor.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 www.dgbusiness.com
127.0.0.1 dgbusiness.com
127.0.0.1 dialer2004.com
127.0.0.1 www.dialerclub.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialoff.com
127.0.0.1 dialoff.com
127.0.0.1 www.did.i-used.cc
127.0.0.1 did.i-used.cc
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 www.digikeygen.com
127.0.0.1 digikeygen.com
127.0.0.1 digistreamsa.com
127.0.0.1 www.digitalcoders.net
127.0.0.1 digitalcoders.net
127.0.0.1 www.digitalfan.com
127.0.0.1 digitalfan.com
127.0.0.1 digital-pornography.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 www.directdvdpro.com
127.0.0.1 directdvdpro.com
127.0.0.1 www.directnameservice.com
127.0.0.1 directnameservice.com
127.0.0.1 www.directporta.info
127.0.0.1 directporta.info
127.0.0.1 www.directsearchzone.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.diskretter.com
127.0.0.1 diskretter.com
127.0.0.1 dist.checkin100.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 dl.malwarewipe.com
127.0.0.1 dl.mcboo.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 dl.web-nexus.net
127.0.0.1 dl1.antivermins.com
127.0.0.1 dl1.antivirgear.com
127.0.0.1 dl1.spydawn.com
127.0.0.1 dl1.virusprotectpro.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl2.spyheal.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl3.spyheal.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spyheal.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dload.contextplus.net
127.0.0.1 www.dltsolution.com
127.0.0.1 dltsolution.com
127.0.0.1 www.dmcast.com
127.0.0.1 dmcast.com
127.0.0.1 www.dmqfirm.com
127.0.0.1 dmqfirm.com
127.0.0.1 www.dnaads.com
127.0.0.1 dnaads.com
127.0.0.1 dnl.mabou.org
127.0.0.1 www.dns-look-up.com
127.0.0.1 dns-look-up.com
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 www.dogproblemswebsite.com
127.0.0.1 dogproblemswebsite.com
127.0.0.1 doktorxxx.com
127.0.0.1 dollarrevenue.com
127.0.0.1 www.domaincar.com
127.0.0.1 domaincar.com
127.0.0.1 domains2003.net
127.0.0.1 domains-for-you-online.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domkrat.com
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 www.dota11.cn
127.0.0.1 dota11.cn
127.0.0.1 www.dotcomtoolbar.com
127.0.0.1 dotcomtoolbar.com
127.0.0.1 down.136136.net
127.0.0.1 download.abetterinternet.com
127.0.0.1 download.adintelligence.net
127.0.0.1 www.download.antispywarebot.com
127.0.0.1 download.antispywarebot.com
127.0.0.1 www.download.bardownload.com
127.0.0.1 download.bardownload.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 download.bravesentry.com
127.0.0.1 download.cdn.drivecleaner.com
127.0.0.1 download.cdn.errorsafe.com
127.0.0.1 download.cdn.winsoftware.com
127.0.0.1 download.contextplus.net
127.0.0.1 download.errorsafe.com
127.0.0.1 www.download.jupitersatellites.biz
127.0.0.1 download.jupitersatellites.biz
127.0.0.1 download.malwarealarm.com
127.0.0.1 download.searchtabs.net
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 download.secureyournet.biz
127.0.0.1 download.spyonthis.net
127.0.0.1 download.spy-shredder.com
127.0.0.1 download.spywares-removal.info
127.0.0.1 download.systemdoctor.com
127.0.0.1 download.winantispyware.com
127.0.0.1 download.winantivirus.com
127.0.0.1 download.windrivecleaner.com
127.0.0.1 download.winfixer.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 do
  • 0

#13
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Download the HostsXpert 4.2 - Hosts File Manager.
Unzip HostsXpert 4.2 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.2 - Hosts File Manager
======================================================
*Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.

Then:
  • Run HostsXpert 4.2 - Hosts File Manager from its new home
  • Click on "File Handling".
  • Click on "Restore MS Hosts File".
  • Click OK on the Confirmation box.
  • Click on "Make Read Only?"
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
=========
After that reboot back into normal mode.
Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
==============================================
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#14
Alan1960

Alan1960

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Thanks again for taking the time to look this over. Here are the results of the online scan>
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, August 16, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, August 16, 2008 19:19:27
Records in database: 1098818


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
G:\

Scan statistics
Files scanned 28227
Threat name 1
Infected objects 2
Suspicious objects 0
Duration of the scan 00:52:45

File name Threat name Threats count
C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Documents and Settings\Owner\Desktop\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

The selected area was scanned.
  • 0

#15
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
No problem were you able to restore the Hists file wit Hosts expert?

Can you please post a new Dss log.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP