Terserang backdoor Backdoor.IRC.Aladinz.K
Written by pnyet   
          Hari ini salah satu PC di kantor terserang Backdoor.IRC.Aladinz.K virus ini masuk dalam kategori trojan horse dan mempunyai risk level low. Meski tidak terlalu berbahaya namun trojan ini dapat melakukan disabling terhadap beberapa servis di windows. Saat memeriksa PC servis yang telah didisable oleh trojan ini adalah symantec antivirus dan juga msconfig.

Symantec Security Response

http://www.symantec.com/security_response/index.jsp

Backdoor.IRC.Aladinz.K

Risk Level 1: Very Low

Discovered: February 19, 2004
Updated: February 13, 2007 12:17:45 PM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows XP

SUMMARY


Backdoor.IRC.Aladinz.K is a backdoor Trojan horse that uses malicious scripts in the mIRC client software, allowing unauthorized remote access.

Protection

  • Initial Rapid Release version February 19, 2004
  • Latest Rapid Release version July 19, 2008 revision 019
  • Initial Daily Certified version February 19, 2004
  • Latest Daily Certified version July 19, 2008 revision 018
  • Initial Weekly Certified release date February 25, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Moderate

Damage

  • Damage Level: Medium

Distribution

  • Distribution Level: Low

TECHNICAL DETAILS


When Backdoor.IRC.Aladinz.K is executed, it performs the following actions:
  1. Creates the following files:
    • C:\upd.exe (detected as Backdoor.IRC.Aladinz.K)
    • C:\inst.bat
    • C:\pv.exe
    • C:\restore.exe (detected as Hacktool.HideWindow)

  2. Runs the file, C:\upd.exe, which creates the following folders:
    • %Windir%\System32\plugins
    • %Windir%\System32\plugins\dat
    • %Windir%\System32\plugins\downloads
    • %Windir%\System32\plugins\log
    • %Windir%\System32\plugins\logs
    • %Windir%\System32\plugins\plugins
    • %Windir%\System32\plugins\sounds

      and the following files:

    • %Windir%\System32\plugins\dat\config.ini
    • %Windir%\System32\plugins\dat\easy_user.dic
    • %Windir%\System32\plugins\dat\language.ini
    • %Windir%\System32\plugins\dat\nt_pass.dic
    • %Windir%\System32\plugins\dat\nt_user.dic
    • %Windir%\System32\plugins\dat\os.finger
    • %Windir%\System32\plugins\dat\port.ini
    • %Windir%\System32\plugins\dat\rpc.ini
    • %Windir%\System32\plugins\plugin\010-port.xpn (detected as Hacktool.Xscan)
    • %Windir%\System32\plugins\plugin\020-netbios.xpn (detected as Hacktool.Xscan)
    • %Windir%\System32\plugins\plugin\030-rpc.xpn (detected as Hacktool.Xscan)
    • %Windir%\System32\plugins\plugin\090-ntpass.xpn (detected as Hacktool.Xscan)
    • %Windir%\System32\plugins\addreg.bat
    • %Windir%\System32\plugins\addreg.reg (detected as Backdoor.Trojan)
    • %Windir%\System32\plugins\addregnt.reg
    • %Windir%\System32\plugins\addregxp.reg
    • %Windir%\System32\plugins\avupd.exe
    • %Windir%\System32\plugins\background.jpg
    • %Windir%\System32\plugins\dd9a.wav
    • %Windir%\System32\plugins\delroot.bat
    • %Windir%\System32\plugins\delscans.bat
    • %Windir%\System32\plugins\get.exe
    • %Windir%\System32\plugins\icon.jpg
    • %Windir%\System32\plugins\init.bat (detected as Backdoor.IRC.Aladinz.K)
    • %Windir%\System32\plugins\onrpc.dll
    • %Windir%\System32\plugins\parse.txt
    • %Windir%\System32\plugins\preset.ini (detected as Backdoor.IRC.Aladinz.K)
    • %Windir%\System32\plugins\psexec.exe
    • %Windir%\System32\plugins\random.txt
    • %Windir%\System32\plugins\Rar.exe
    • %Windir%\System32\plugins\remote.ini
    • %Windir%\System32\plugins\remove.exe
    • %Windir%\System32\plugins\restart.bat
    • %Windir%\System32\plugins\restore.exe (detected as Hacktool.HideWindow)
    • %Windir%\System32\plugins\spool.exe
    • %Windir%\System32\plugins\svhost.exe (detected as Hacktool.Xscan)
    • %Windir%\System32\plugins\test.ini (detected as Backdoor.IRC.Aladinz.K)
    • %Windir%\System32\plugins\upd.bat (detected as Backdoor.IRC.Aladinz.K)
    • %Windir%\System32\plugins\X-ScanCfg.ini

  3. Deletes all the values in the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Run

    which prevents programs that use this key from starting when Windows starts.

  4. Adds the value:

    "PrinterSpool"="%System%\PLUGINS\RESTORE.EXE %System%\PLUGINS\
    SPOOL.EXE"

    to the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Run

    so that the Trojan runs when you start Windows.

  5. Sets the values to zero as shown here:

    "AutoShareWks"=0
    "AutoShareServer"=0

    in the registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
    lanmanserver\parameters

    so that the administrative shares of the computer are disabled.

  6. Adds the subkey:

    HKEY_CURRENT_USER\Software\mIRC\UserName

    and sets the value to:

    "(Default)"="mirc6"

  7. Adds the subkey:

    HKEY_CURRENT_USER\Software\mIRC\License

    and sets the value:

    "(Default)"="1413-156222"

  8. Adds the subkey:

    HKEY_CURRENT_USER\Software\mIRC\LastRun

    and sets the value to:

    "(Default)"="1072676713,0"

  9. Attempts to overwrite the following configuration files:
    • C:\Program Files\nav\CfgWiz.dat
    • C:\Program Files\nav\exclude.dat
    • C:\Program Files\nav\navopts.dat
    • C:\Program Files\nav\savrt.dat
    • C:\Program Files\nav\srtsexcl.dat
    • C:\Program Files\Norton AntiVirus\CfgWiz.dat
    • C:\Program Files\Norton AntiVirus\exclude.dat
    • C:\Program Files\Norton AntiVirus\navopts.dat
    • C:\Program Files\Norton AntiVirus\savrt.dat
    • C:\Program Files\Norton AntiVirus\srtsexcl.dat
    • C:\Program Files\Norton SystemWorks\Norton AntiVirus\CfgWiz.dat
    • C:\Program Files\Norton SystemWorks\Norton AntiVirus\exclude.dat
    • C:\Program Files\Norton SystemWorks\Norton AntiVirus\navopts.dat
    • C:\Program Files\Norton SystemWorks\Norton AntiVirus\savrt.dat
    • C:\Program Files\Norton SystemWorks\Norton AntiVirus\srtsexcl.dat

      which may modify certain settings in Norton AntiVirus. In particular, it may cause the following folders to be excluded from virus scanning:

    • C:\Windows\System32
    • C:\Winnt\System32
    • D:\Windows\System32
    • D:\Winnt\System32

  10. Allows a remote attacker to control the computer. The functions provided include:
    • Retrieving information about the computer.
    • Stopping and restarting the Trojan.
    • Downloading and running files.
    • Scanning hosts for vulnerabilities using the X-Scan network vulnerability scanner.


Recommendations

Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":

  • Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
  • If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
  • Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.
  • Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
  • Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
  • Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
  • Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

REMOVAL


The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
  1. Disable System Restore (Windows Me/XP).
  2. Update the virus definitions.
  3. Delete the values that were added to the registry.
  4. Uninstall and re-install Norton AntiVirus.
  5. Run a full system scan and delete all the files detected as Backdoor.IRC.Aladinz.K.
For specific details on each of these steps, read the following instructions.

1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:
Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, re-enable System Restore by following the instructions in the aforementioned documents.

For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article, "Antivirus Tools Cannot Clean Infected Files in the _Restore Folder," Article ID: Q263455.

2. Updating the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
  • Running LiveUpdate, which is the easiest way to obtain virus definitions: These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).
  • Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).

    The Intelligent Updater virus definitions are available: Read "How to update virus definition files using the Intelligent Updater" for detailed instructions.

3. Deleting the values from the registry

WARNING: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified keys only. Read the document, "How to make a backup of the Windows registry," for instructions.
  1. Click Start, and then click Run. (The Run dialog box appears.)
  2. Type regedit

    Then click OK. (The Registry Editor opens.)

  3. Navigate to the key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

  4. In the right pane, delete the value:

    "PrinterSpool"="%System%\PLUGINS\RESTORE.EXE %System%\PLUGINS\SPOOL.EXE"

  5. Navigate to the key:

    HKEY_CURRENT_USER\Software\mIRC

    Note: If you do not use mIRC, you can delete this key and go to step i. If you use mIRC, complete steps f through h.

  6. Navigate to the key:

    HKEY_CURRENT_USER\Software\mIRC\UserName

    and reset the value:

    "(Default)"

    to the correct value.

  7. Navigate to the key:

    HKEY_CURRENT_USER\Software\mIRC\License

    and reset the value:

    "(Default)"

    to the correct value.

  8. Navigate to the key:

    HKEY_CURRENT_USER\Software\mIRC\LastRun

    and reset the value:

    "(Default)"

    to the correct value.

  9. Exit the Registry Editor.


4. Uninstalling and re-installing Norton AntiVirus
Since Backoor.IRC.Aladinz.K attempts to modify certain Norton AntiVirus files, you will need to uninstall and re-install Norton AntiVirus to completely remove this Trojan. For instructions, read the following document relevant to your version of Norton AntiVirus:
5. Scanning for and deleting the infected files
  1. Start your Symantec antivirus program and make sure that it is configured to scan all the files.
  2. Run a full system scan.
  3. If any files are detected as Backdoor.IRC.Aladinz.K, Backdoor.Trojan, Hacktool.HideWindow, or Hacktool.X-Scan, click Delete.

    Symantec Security Response also recommends that you also delete all the other files that Backdoor.IRC.Aladinz.K dropped, as described in steps 1 and 2 of the "Technical Details" section.
+/-
Write comment
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:):grin;)8):p:roll:eek:upset:zzz:sigh:?:cry
:(:x
 
Please input the anti-spam code that you can read in the image.
+/- Comments
Add New Search RSS
Lineage2 adena  - Lineage2 adena   |221.6.130.xxx |11-08-2010 08:21:17
L2 is very popular. Recently my friend and I always play it. And it is my
favorite game L2 adena is very useful. As soon as you play this game, L2 adena is necessary. I
often use Lineage2 adena to get the L2 gold . My friends make money just through buy L2 adena, when they find someone want to sell their L2 adena as cheap L2 adena,they will buy it.
Reply | Quote
0 0
Audemars Piguet Watches 14908O  - Audemars Piguet Watches 14908OR.OO.D067CR.01     |59.61.138.xxx |13-11-2010 10:50:27
Replica Cheap Watches specializes during export you the critical Baume & Mercier Hampton Watches little both retailer in the midst of broker. both brittle watches we has
wellle are imitated restack beginning the ingenious ones. killing our Mens Watches, you awith regard tomizer silent gawk fashionable. during through
advantageously informal manufacturers, our Armani Watch AR1408 are clearly praised earlier patron's. every utter of built-up is under
precise authority and through elevation order. retail knockoff watch
starting our store is a truthful concede. Enjoying Jaeger LeCoultre Duometre Watches doesn
Reply | Quote
0 0
louboutins uk  - louboutins uk     |112.111.174.xxx |26-05-2011 13:30:41
Postmortem oneself life louboutins uk, see oneself satisfactory for direction is of vital importance? See if you
need in life in some way to change louboutins shoes on sale? See yourself whether getting results? Practice life christian louboutin 70% off, there are many things can't use an excuse to cover. Don't find excuses
thoughts can enhance your self-worth christian louboutin pumps, improve your own respect and love. You will not pull the other people as
you do christian louboutin sandals, and learn to depend on oneself committed to create christian louboutin mary jane pumps new relationships and new life. http://www.cheaplouboutinsuk.com/
Reply | Quote
0 0
Cheap Louboutins  - Cheap Louboutins     |112.111.174.xxx |26-05-2011 13:32:52
In this way, not work the possible problems are commonplace christian louboutin shoes, constantly meet a new problem new difficulty is the cheap louboutin pumps high-speed development of the social bring us the inevitable result louboutin sandals discount of the mentality, only our own flat louboutin boots sale, don't lose confidence in yourself, problems are difficult is not terrible
christian louboutin sale, afraid of is our back before them and not depressed, fight. http://www.louboutinshoes4you.com/
Reply | Quote
0 0
Louboutins Sales  - Louboutins Sales     |112.111.174.xxx |26-05-2011 13:36:34
On the voyage of life new christian louboutin shoes, people always can meet this or that the problem of prior is uncertain louboutins sale . And there will always be those who suggest that we would be so as to
deal with problems christian louboutins 80% off, but make what choose finally should be the parties themselves christian louboutin ankle boots . Therefore, when we want to get a problem when the final solution discount louboutin boots, still had better Yourheartknows. Psychologists call this christian louboutin pumps return to oneself, religious leaders call: strengthen self ability louboutins pumps. No matter what, let people called the end of their cheap louboutins sandals life ability can...
Reply | Quote
0 0
zjcjy   |182.149.54.xxx |16-06-2011 14:20:17
Of the principal cast for "Book of Mormon," Nikki M. James won forZentaiperformance by an actress in a featured role in a musical. The show alsoZentai Suitwon trophies for best original score and for best book (to Parker, Stonelycra zentaiand Robert Lopez), direction (Parker and Casey Nicholaw), orchestrationSexy Lingerie(Larry Hochman and Stephen Oremus), scenic design (Scott Pask), lightingbustierdesign (Brian MacDevitt), sound design (Brian Ronan)***y costumes"The Book of Mormon," the exuberantly foul-mouthed hit show aboutZentai Clothescomically mismatched missionaries in AIDS-ravaged Africa, won the awardlycra spandexfor best musical, along with eight other awards, and Nic...
Reply | Quote
0 0
zjcjy   |182.149.54.xxx |16-06-2011 14:22:47
"War Horse," which is based on a children's novel set during World
War Iray ban sunglassesand is being adapted into a feature film by Steven Spielberg, won awardsrayban sunglassfor its directors, Marianne Elliott and Tom Morris. It also won for bestray ban salesound, scenic and lighting designray ban 3025 aviatorsMcDormand, the star of the Coen brothers' "Fargo" and other films,
scoredraybanwith her portrayal of an embattled Boston single mother in David Lindsayrayban aviatorIn one of the evening's most competitive categories, best actor Rylanceray ban eyeglasswon for his turn as a Falstaffian modern-day anti-hero in Jez
Reply | Quote
0 0
zjcjy   |182.149.54.xxx |16-06-2011 14:24:33
Butterworth's "Jerusalem." Fixing the audience with a mischievous
lookCartier Glasses FrameRylance turned his acceptance speech into a slyly absurdist, blank-verseglasses frameramble (courtesy of a Louis Jenkins poem) before concluding with a simpleeye glasses framesEchoing the honors bestowed on "The Normal Heart," the ceremony at
thecartier frameBeacon Theatre made a point several times of emphasizing ***ual tolerancecartier spectacle framesThat started with a comic opening number led by host Neil Patrick Harriscartier sunglasseson the theme that Broadway isn't "just for gays anymore," it's also
"forcartier eyeglassesfine upstanding Christians who know all th...
Reply | Quote
0 0
Anonymous   |113.111.55.xxx |01-07-2011 09:25:22
Honda CBR 1000 RR fairings
Honda VFR 400 NC30 fairings
Honda CBR 250 RR fairings
Honda CBR 600 RR fairings
Honda CBR 600 RR fairings
Honda CBR 900 RR fairings
Honda CBR 1100XX fairings
Honda VFR 800i fairings
Honda VTR 1000 RC51 fairings
Honda CBR 1100XX fairings
Reply | Quote
0 0
ccocoo  - a good news   |174.139.230.xxx |29-07-2011 13:56:46
Right now north face sale is actually on the market also! north face men Only, you can find not much work with hugging for a most liked denim coat
once the frosty blowing wind is actually roaring outdoor north face women. That's the reason you should consider north face jackets insulated denim north face outlet any combination connected with denim garment and also the insulation
required to keep you cozy in addition to cozy north face fleece. These kinds of denim insulated overcoats comes in several different
colors so you contain the choice to choose that hooded or maybe
non-hooded overcoats depending on your own choice.
Reply | Quote
0 0
mac cosmetics  - mac cosmetics     |58.22.65.xxx |30-07-2011 08:33:26
Why will need to it be okay for celebrities and rock stars anywaychi flat iron,chi hair straightener and not the normal man on the streetchi flat iron sale.chi flat irons cheap When you believe about itchi flat iron hair,chi camo flat iron it is just a way of a man expressing his individualitychi hair dryer sale,chi turbo hair iron his enthusiasm for diverseCHI Zebra Ceramic Collection,Pink Zebra CHI currently being capable to go left when every single one particular else
is going properchi flat iron Pink.
http://macmakeup12.parenting.gr
http://www.thoughts.com
http://macmakeup12.mylivepage.com
macmakeup12
http://hi.baidu.com
http://blog.sina.com.cn
http://www.mywebprofile.com
http://blog.sohu...
Reply | Quote
0 0
shuijin  - links of london     |112.111.166.xxx |03-08-2011 13:06:24
Although you may think that flat irons are only for this type of hairDiscount GHD Straighteners,Cheap Ghd Hair they also work great straight hairGhd Hair Straighteners Sale.Hair Straighteners Sale They add volume and direction to the hair2010 New GHD Red Lust IV Styler.2010 New ghd iv green envy Straightening irons also works to tame your frizzies2010 New ghd Blue Serenity IV Styler.GHD New IV Styler Did you know that you can also use it to curls your hairGHD IV Styling Set Hair Straighteners?Discount GHD StraightenersThere are may irons to choose from soCheap Ghd Hair,Ghd Hair Straighteners Sale which one is the best for your hairHair Straighteners Sale?Hair Straighteners Sale Below I have listed a few of the most popular...
Reply | Quote
0 0
mac makeup  - mac makeup     |58.22.65.xxx |10-08-2011 16:17:30
http://chen123456.parenting.gr/
http://qingfeng.mylivepage.com/blog/index
http://toryburch110.blog.163.com/
http://www.thoughts.com/qingfeng111/
http://hi.baidu.com/qingfeng11121/blog
http://blog.sina.com.cn/u/2140755255
http://17113694.blog.hexun.com/
http://blog.sohu.com/people/!YTM5MzI2ODY5MUBob3...
http://www.mywebprofile.com/user/qingfeng123/blogs
http://www.phillymusic.org/blogs.php?action=sho...
http://toryburch521.over-blog.com/
http://www.toryburch122.19dog.com/
http://www.darksiders.net/user/qingfeng123/blogs
http://www.blurty.com/users/qingfeng/
http://qingfeng.blogs.experienceproject.com/
http://gvrl.com/blogsearchresults.asp?basicsear...
http://blogusers.com/sme_blog.php?u=qingfeng&ac...
http://www.blogusers...
Reply | Quote
0 0
nba shoes  - nba shoes     |175.44.23.xxx |14-08-2011 07:52:52
To do the honors to the nba shoes Americans, coming from Latvia where they followed the FIFA World u-19,
there was also the President of the Consorzio Ancona for Sport, Renzo
Lucioli, the impression given to the staff of the San Antonio from the
sports facility; the American entourage in lebron james shoes occasion confirmed the excellent nba players shoes friendship established with the company marches which,cheap nba shoes in turn, through this interchange can have a watch on players of interest
and the dense network of scout nba jerseys on sale Americans can relate in detail, but also understand the organizational
issues that will tracy mcgrady shoes enable the comp...
Reply | Quote
0 0
christianlouboutinshoes  - christian louboutin shoes     |66.79.163.xxx |15-08-2011 15:56:02
We want to thank christian louboutin shoes all the people here for christian louboutin canada taking time out christian louboutin pumps of your busy christian louboutin sandals schedule at the busiest christian louboutin ireland time of the year to come christian louboutin bridal shoes to our year-end party.Tonight christian louboutin shoes we are very fortunate to christian louboutin pumps have our friends from Johnson ugg boots uk Company with us here to ugg boots in canada celebrate the year-end festivities christian louboutin pumps together.We all hope you christian louboutin pumps sale will be able to have a good time tasting the Chinese cuisine.ZML0815
Reply | Quote
0 0
tissot  - fake gucci watches     |123.153.65.xxx |25-08-2011 12:28:40
hublot classic watches replica tag heuer watches replica tag heuer watches pure super avenger watches replica watches aquanaut watches fake breitling watches breitling replica calat replica cartier replica cartier springfield-inch grass replica omega watches for sale fake omega watches rolex replica control replica rolex tclassic watches.
Reply | Quote
0 0
AS   |113.109.190.xxx |12-09-2011 22:44:27
Moncler Mokacine long down jacket Red with hoody
New coming styles moncler Red coats
Moncler Melina Fur Coat Black
Moncler Angers fur hood quilted jacket Sliver
Women's Fashion Moncler Special Long Down Coats Purple
Womens moncler Tulsa White Jackets
Womens moncler Tulsa dark grey Jackets
Womens Moncler SKI BLOUSON deep blue
Womens Moncler Ski BLACK blouson Jackets
Womens Moncler newstyles down jackets with belts Red
Womens Moncler newstyles down jackets with belts Brown
Womens Moncler newstyles down jackets with belts Black
Womens Moncler Dark blue down quilted jackets
Womens moncler clairy pink Jackets
Womens Moncler clairy blue Jackets Womens
Womens Moncler Angers fur hood quilted jackets
Womens Moncler Angers fur ...
Reply | Quote
0 0
Burberry Outlet   |59.58.159.xxx |15-09-2011 14:37:04
Thank you for your great article and I enjoyed reading it keep the good
work.
welcome to Burberry Outlet
Reply | Quote
0 0
Chanel J12 Watch     |184.22.233.xxx |17-09-2011 15:45:14
I found this article useful in a paper I am writing at university.
Hopefully, I get an A+ now! web:Chanel J12 Watch
Reply | Quote
0 0
Canada Goose Expedition     |70.32.38.xxx |22-09-2011 07:25:23
That is exactly what I am lookng for!You have done a brilliant job. Your
article is truly relevant to my study at this moment, and I am really happy
to read it.Thanks for great share! You can like our web: Canada Goose Expedition and Canada Goose Expedition Parka
Reply | Quote
0 0
Canada Goose Parka     |174.34.150.xxx |23-09-2011 08:26:50
Thank you for your great article and I enjoyed reading it keep the good
work. welcome to Canada Goose Parka, Canada Goose Coats and Canada Goose UK.
Reply | Quote
0 0
Classic UGG  - Classic UGG   |72.18.206.xxx |24-09-2011 14:40:31
Thank you very much to us to share your blog, you blog is very good,
content is also very rich and I was like. I have to share my website Classic UGG, Bailey Button UGG or Sheepskin UGG Boots.
Thank you very much to us to share your blog, you blog is very good,
content is also very rich and I was like. I have to share my website Canada Goose Parka, Canada Goose Jacket or Canada Goose Coats.
Reply | Quote
0 0
Canada Goose Parka     |174.34.150.xxx |04-10-2011 12:18:24
Your blog is very well, I hope can share with you together more wonderful
blog,welcome to Canada Goose Parka, Canada Goose Coats and Canada Goose UK.
Reply | Quote
0 0
Anonymous   |205.209.143.xxx |28-10-2011 10:45:33
New era hats
red bull hats
NBA hats
Adjustable Hats
DC hats
baseball hats
monster energy hats
cheap hats
hat club
wholesale hats
hats for winter
winter hat
cheap snapback hats
wool caps
scarf and hat sets
hats gloves
Reply | Quote
0 0
Air max 2011  - Air max 2011     |110.82.129.xxx |31-10-2011 15:11:08
t is so good article,I learn a lot from your post.
Air max 2011
air max 90
air max LTD
cheap air maxNike air max 2011
Air max 2011 shoes
air max 2011 for sale
cheap air max 90
air max 90 wholesale
air max 90 women
nike air max LTD
air max LTD shoes
air max LTD women
air max fusions
air max fusions shoes
air max kids
cheap air max 2010
air max 2009 shoes


cheap air max 2012
cheap air max for women
air max for sale
air max 2012
air max women
air max women shoes
air max 2011 for women
Reply | Quote
0 0
mens shox running,nike air max  - cheap nfl jersey,nike air max 2011,nike shox 2012,     |112.111.184.xxx |01-11-2011 10:12:34
Air Jordan High Heels
jordan 1 high heels
jordan 11 high heels
jordan 13 high heels
jordan 23 high heels
jordan 3.5 high heels
jordan 4 high heels
jordan 5 high heels
jordan 7 high heels
jordan 8 high heels
jordan 9 high heels
new nike shox R6
Nike Shox Agent
Nike Shox Agent Mens
Nike Shox Agent Womens
Nike Shox Dress
Nike Shox Dress Women
Nike Shox NZ
Nike Shox NZ Mens
Nike Shox NZ Womens
Nike Shox NZ 2.0
Nike Shox NZ 2.0 Mens
Nike Shox NZ 2.0 Womens
Nike Shox NZ SI
Nike Shox NZ SI Mens
Nike Shox NZ SI Womens
Nike Shox R2
Nike Shox R2 Mens
Nike Shox R2 Womens
Nike Shox R3
Nike Shox R3 Mens
Nike Shox R3 Women
Nike Shox R4
Nike Shox R4 Mens
...
Reply | Quote
0 0
nike griffeys 2011  - nike shox 2012,nike air max 2011,nike air force du     |112.111.184.xxx |01-11-2011 10:13:16
Air Jordan High Heels
jordan 1 high heels
jordan 11 high heels
jordan 13 high heels
jordan 23 high heels
jordan 3.5 high heels
jordan 4 high heels
jordan 5 high heels
jordan 7 high heels
jordan 8 high heels
jordan 9 high heels
new nike shox R6
Nike Shox Agent
Nike Shox Agent Mens
Nike Shox Agent Womens
Nike Shox Dress
Nike Shox Dress Women
Nike Shox NZ
Nike Shox NZ Mens
Nike Shox NZ Womens
Nike Shox NZ 2.0
Nike Shox NZ 2.0 Mens
Nike Shox NZ 2.0 Womens
Nike Shox NZ SI
Nike Shox NZ SI Mens
Nike Shox NZ SI Womens
Nike Shox R2
Nike Shox R2 Mens
Nike Shox R2 Womens
Nike Shox R3
Nike Shox R3 Mens
Nike Shox R3 Women
Nike Shox R4
Nike Shox R4 Mens
...
Reply | Quote
0 0
mens shox running,nike air max  - cheap nfl jersey,nike air max 2011,nike shox 2012,     |112.111.184.xxx |01-11-2011 10:13:52
Air Jordan High Heels
jordan 1 high heels
jordan 11 high heels
jordan 13 high heels
jordan 23 high heels
jordan 3.5 high heels
jordan 4 high heels
jordan 5 high heels
jordan 7 high heels
jordan 8 high heels
jordan 9 high heels
new nike shox R6
Nike Shox Agent
Nike Shox Agent Mens
Nike Shox Agent Womens
Nike Shox Dress
Nike Shox Dress Women
Nike Shox NZ
Nike Shox NZ Mens
Nike Shox NZ Womens
Nike Shox NZ 2.0
Nike Shox NZ 2.0 Mens
Nike Shox NZ 2.0 Womens
Nike Shox NZ SI
Nike Shox NZ SI Mens
Nike Shox NZ SI Womens
Nike Shox R2
Nike Shox R2 Mens
Nike Shox R2 Womens
Nike Shox R3
Nike Shox R3 Mens
Nike Shox R3 Women
Nike Shox R4
Nike Shox R4 Mens
...
Reply | Quote
0 0
Justin Bieber Shoes  - Justin Bieber Shoes     |173.231.13.xxx |09-11-2011 14:38:20
It seems that all women enjoy the summer, Christian Louboutin Outlet is because of Christian Louboutin Sale beautiful faces and ***y show season. Summer Cheap Christian Louboutin Boots Fashion, you know Cheap Christian Louboutin Wedges you have ***ual feeling pump Christian Louboutin Outlet.Date, loubutin,
retroand luxury, usually surrounded by.
ugg outlet

cheap uggs

ugg boots sale

Cheap UGG Classic Short Boots

Cheap UGG Classic Tall Boots

Cheap UGG Nightfall Boots

Cheap UGG Classic Mini Boots

Cheap UGG Classic Cardy Boots

Cheap UGG Classic Crochet Boots

Discount UGG Kenly Boots
I am an idiot in the form of Justin Bieber Shoes beautiful shoes.Although many women laugh at Supra Shoes Sa...
Reply | Quote
0 0
hat monster  - my hat monster     |205.209.143.xxx |16-11-2011 10:33:17
love cartier bracelet
key chain rings
string bracelets
bracelet designs
friendship bracelets
scarf tying
knit scarves
head scarves
scarf shawl
hat monster
new era red bull
new era yankees
scarf set
hat scarf set
los angeles caps
chicago white sox
yankees hat
DC shoes
new york capt
chicago hat
new era snapback
wholesale hats
Reply | Quote
0 0
Coach Outlet Online  - Coach Outlet Online     |121.158.55.xxx |16-11-2011 12:59:26
One Coach Factory Outlet of clothing

Coach Online Outlet be loose

Coach Outlet Store Online compliment the

Coach Outlet Store Online of
the [url=http://www.coachsfactory-

online.net/]Coach Factory[/url]. A
loose Coach Factory Outlet

 or a skirt Coach Factory Online help the

Coach Outlet Online Bags flow

Coach Factory Outlet what you

Coach Store Online wearing. Small

Coach Factory Store Online with a

Coach Outlet Online strap are

Coach Outlet Store to be matched

Coach Factory Store a sun dress

Coach Online Outlet Store jeans with

Coach Outlet snug top. Coach

Outlet Online type of Coach Outlet Online is the

Coach Factory to wear

Coach Outlet Store Online is usually

Coach Factory Outlet ...
Reply | Quote
0 0
cx   |118.112.29.xxx |18-11-2011 16:28:50
Today my best Cycling Jerseys friend will come here to do Cycling Apparel some things about her. But I have Cycling Clothes to work. When she arrived mens cycling jerseys the station she gave me a call, just Buy Cycling Jerseys told me that she was Cycling Gloves here. I intent to ask for a Cycling Headband leave. But she told me that her classmate was Cycling Helmet with her, so I didn't need to do it. As her best friend I should be with
her, womens cycling jerseys because I think this is my duty. Now discount cycling jerseys I only can say I'm so sorry that I can't be with you. Wish her everything
goes well. Cycling Underpants So this morning I spent the half day staying at home. Because my Cycling Shoe Cover b...
Reply | Quote
0 0
cx   |118.112.29.xxx |18-11-2011 16:29:07
Today is a short
football jerseys day. Why I say it like this? Because I waked up too late, about ten
o'clock. It's exactly not my style, I' m used to waking up soccer jerseys early in the morning, because I think the morning is a pretty important
time and I shouldn't Liverpool Jerseys waste it in sleeping. Instead of sleeping, I'd like to do some Arsenal Jerseys reading. In order to improving my spoken English. But this morning was an
exception. The reason AC Milan Jerseys lead this situation is that I watched the "Friends" too late last
night. This TV is my Juventus Jerseys favorite now. I like the actors in it, the six people they help each other
and care about ...
Reply | Quote
0 0
cx   |118.112.29.xxx |18-11-2011 16:29:25
I Want to Have a Family with You Monster beats like This
I want to have a family with you like this. Every morning,
you ask me to get up monster beats headphones on time to have the "love breakfast". Then, I wear my favourite
and you take me to my company whatever with a car or a bike. Then,
you go to your work after seeing me monster beats pro walking into my company hall.
I want to have a family with you like
this. Every afternoon, you pick me up home after monster beats lady gaga your work. We walk together on our we home talking and laughing happily.
We go to the vegetable market to buy some dishes for our supper. Then,
we go monster beats j...
Reply | Quote
0 0
cx   |118.112.29.xxx |18-11-2011 16:29:44
I am a Cycling Jerseysalopex lagopus who have been Cycling Supplies waiting for one for thousands Cycling Helmet of years. In this thousands of Golf Supplies years, I have been standing Golf Clothing all kinds of difficulties Golf Shoes and the loneliness. Golf Accessories
From a little Hunting Clothing lovely alopex lagopus Hunting Footwear to a maturer beautiful woman; Running Products from wearing the thick Mens Running Clothing fur to the gorgeous; Womens Running Shoes from the wild forest Womens Running Clothing to the disciplined Running Underwear city.
Reply | Quote
0 0
Anonymous   |98.126.85.xxx |24-11-2011 08:33:43
You will notice that DC hats is nothing better than a hat to turn any hats scarves into something very different. To help with this topic, you can choose
stylish looking winter hats. These gorgeous hats hat designs come in
different brands that are suitable for women, men and styles for both
***es. Looking at these different designs of new era winter hats will notice that some have the brand design for them.
Reply | Quote
0 0
yankees jersey  - http://www.yankeesmlbjerseys.com     |184.22.230.xxx |29-11-2011 08:27:57
Considerably, the article is in reality the greatest on this Authentic Yankees Jersey noteworthy topic. I agree with your conclusions and will eagerly look
forward to your next updates. Saying thanks will not just be
sufficient Jim McMahon Jersey, for the wonderful clarity in your writing. I will immediately grab your
rss feed to stay privy of any updates. Pleasant work and much success
derek jeter jersey New York Yankees Jerseys
brett gardner jersey
alex rodriguez ersey
Reply | Quote
0 0
nike shox 2012,nike shox agent  - new griffeys 2012,nike shox agent,nike shox 2012,a     |72.18.206.xxx |05-12-2011 08:43:19
Moncler Coats
Moncler Jackets Outlet
Nike Shox 2012
Nike Shox Agent
Nike Shox Agent Mens
Nike Shox Agent Womens
Air Jordan High Heels
jordan 1 high heels
jordan 11 high heels
jordan 13 high heels
jordan 23 high heels
jordan 3.5 high heels
jordan 4 high heels
jordan 5 high heels
jordan 7 high heels
jordan 8 high heels
jordan 9 high heels
new nike shox R6
Nike Shox Dress
Nike Shox Dress Women
Nike Shox NZ
Nike Shox NZ Mens
Nike Shox NZ Womens
Nike Shox NZ 2.0
Nike Shox NZ 2.0 Mens
Nike Shox NZ 2.0 Women
Nike Shox NZ SI
Nike Shox NZ SI Mens
Nike Shox NZ SI Womens
Nike Shox R2
Nike Shox R2 Mens
Nike Shox R2 Womens
Nike Shox R3
Nike Shox R3 Mens
...
Reply | Quote
0 0
Coach Outlet Online  - Coach Outlet Online     |65.113.35.xxx |05-12-2011 09:35:36
A classic Coach Outlet post-win celebration Coach Outlet Online
Louis Vuitton Outlet turned into Louis Vuitton Outlet
Coach Factory Outlet
Coach Factory Outlet Online a stampede Saturday Coach Outlet Coupon
Coach Purse Outlet
Coach Factory Outlet
Coach Outlet Store Online as thousands of fans Coach Outlet Coupons
Coach Factory Store Online
Louis Vuitton Outlet
Coach Online Outlet Store stormed the Oklahoma Coach Factory Store Online
Coach Outlets
Coach Outlet Purses
Coach Outlet Stores State football Burberry Scarf
Coach Outlet Store
Coach Outlet Online
Coach Online Factory Store field to celebrate the Cowboys
Reply | Quote
0 0
DC shoes  - DC shoes     |205.209.140.xxx |06-12-2011 13:20:15
Thank you for your analysis and sharing, from your article I learned
more.

love cartier bracelet
key chain rings
string bracelets
bracelet designs
friendship bracelets
scarf tying
knit scarves
head scarves
scarf shawl
hat monster
new era red bull
new era yankees
scarf set
hat scarf set
los angeles caps
chicago white sox
yankees hat
DC shoes
new york cap
chicago hat
new era snapback
wholesale hats
Reply | Quote
0 0
soccer jerseys  - soccer jerseys     |72.52.116.xxx |06-12-2011 14:16:33
Your articles and reviews, it's very nice, I hope you can be with Soccer Jerseys learning, this is my website, welcome to visit Custom Soccer Jerseys put forward your valuable opinions, thank you!!!!! My website is:http://www.soccersshopworld.com/.football Shirt with
Reply | Quote
0 0
cctv  - knitted scarves     |98.126.85.xxx |06-12-2011 15:56:20
silk scarf
man scarf
muffler scarvest
knit scarf
knitted scarves
winter scarf
snapback caps
winter caps
winter knit hat
winter scarves
scarf hats
rasta hat
vogue sunglasses
eyeglass lenses
sunglasses man
brands sunglasses
polarized lenses sunglasses
eyeglasses brands
celebrity sunglasses
best sunglasses
new eyeglasses
sunglass hut
Reply | Quote
0 0
linhuang  - linhuang   |58.22.65.xxx |10-12-2011 15:02:34
If you chi flat iron are the proud owner of a Chi flat iron, then you may also need to know the
right method for chi hair straightener fixing this chi flat iron sale brand if chi flat irons cheap it went chi flat iron hair wrong. Generally chi camo flat iron all types of irons demand regular cleaning and maintenance to keep it
going in good condition. If you want to increase chi hair dryer sale the life expectancy of your Chi hair straightener, you should chi turbo hair iron always CHI Zebra Ceramic Collection clean it regularly Pink Zebra CHI and if it chi flat iron Pink stops working, you should be aware of how to fix it perfectly to get
going. Here we provide with opi nail polish some of the opi...
Reply | Quote
0 0
soccer jerseys  - soccer jerseys     |70.32.38.xxx |19-12-2011 13:14:58
Your articles and reviews, it's very nice, I hope you can be with Soccer Jerseys learning, this is my website, welcome to visit Custom Soccer Jerseys put forward your valuable opinions, thank you!!!!! My website is:http://www.soccersshopworld.com/.football Shirt with
Reply | Quote
0 0

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
[ Back ]

Yahoo Chatt

Blogroll

Dhanuxe
fl3xu5
Kamas Muhammad
Irving Nazmi
Masterpop3
Melwin
Ozie
P. Nanang Sg.
Pataka
Republik Blogger
Yogie
Yusuf Hadiwinata
Vavai

Community

CentOS ID
ECHO
Forum Linux
Kecoak Elektronik
Linux Questions
OS Commerce's Forum
Security Focus
Zimbra ID

Security Advisories

ECHO
IPSecs
Milw0rm
mod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_counter
mod_vvisit_counterToday28
mod_vvisit_counterYesterday123
mod_vvisit_counterThis week485
mod_vvisit_counterThis month1092
mod_vvisit_counterAll270778

My Google Page Rank

My Google Page Rank