Please Help.... Virtumonde, Vundo & Many Other Malicious Trojans

Shaba · Oct 22, 2008

Thanks for info.

We will continue with this:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

DownloadLop S&D here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (C:\lopR.txt)

TheOnlyBigDog · Oct 22, 2008

Requested Log

--------------------\\ Lop S&D 4.2.4-6 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : TheOnlyBigDog ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2005 2005 (Not Activated)
Firewall : Norton Internet Worm Protection 2005 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 465 Go Free : 253 Go
D:\ (Local Disk) - NTFS - Total : 465 Go Free : 204 Go
E:\ (Local Disk) - NTFS - Total : 349 Go Free : 88 Go
F:\ (Local Disk) - NTFS - Total : 698 Go Free : 121 Go
G:\ (Local Disk) - NTFS - Total : 349 Go Free : 166 Go
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)
L:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go
M:\ (USB) - FAT32 - Total : 7654 Mo Free : 6 Go

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
Option : [1] ( Wed 10/22/2008|13:16 )

--------------------\\ Listing folders in APPLIC~1

[10/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/26/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[09/26/2008|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[10/03/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Babylon
[09/13/2008|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CanonBJ
[10/05/2008|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Drv Audio Dog About
[09/10/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/13/2008|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[09/10/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[10/21/2008|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[10/19/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macromedia
[09/12/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[10/17/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[10/18/2008|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[10/05/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NOS
[09/09/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
[09/28/2008|07:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Drivers HeadQuarters
[09/11/2008|04:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[09/24/2008|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Stardock
[09/11/2008|04:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/09/2008|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[10/22/2008|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[09/25/2008|02:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TVU Networks
[09/09/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Winamp Toolbar
[09/09/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/14/2008|02:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Live Toolbar
[10/14/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
[10/14/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[09/08/2008|02:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[09/08/2008|02:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[09/09/2008|02:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Symantec

[09/08/2008|02:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[10/04/2008|12:15] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Adobe
[09/13/2008|05:49] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> AdobeUM
[10/13/2008|11:05] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Ahead
[10/03/2008|01:20] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Babylon
[10/04/2008|12:15] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[09/08/2008|03:48] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Creative
[09/19/2008|06:47] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Debs Karaoke Renamer
[10/13/2008|12:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> EAST Technologies
[09/10/2008|03:46] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Google
[09/08/2008|02:51] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Identities
[09/26/2008|05:05] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> InstallShield
[09/26/2008|07:10] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Jasc
[10/19/2008|05:21] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Macromedia
[10/14/2008|02:56] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Microsoft
[09/25/2008|02:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Mozilla
[09/25/2008|01:33] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Musicmatch
[09/10/2008|02:41] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> NeroVision
[09/12/2008|08:06] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Paltalk
[09/26/2008|04:57] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Reallusion
[10/17/2008|08:02] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> settingsbytewindow
[09/24/2008|09:23] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Stardock
[09/19/2008|06:29] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Sun
[09/11/2008|04:16] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/09/2008|01:31] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Symantec
[09/10/2008|01:23] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Syntrillium
[09/25/2008|02:54] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> TVU Networks
[10/22/2008|12:18] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> U3
[09/23/2008|02:59] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Vso
[09/10/2008|01:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> WinRAR
[10/14/2008|12:03] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Yahoo!

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[10/22/2008 12:32 PM][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[10/22/2008 01:00 PM][--ah-----] C:\WINDOWS\tasks\BF450B8182A2B679.job
[10/18/2008 08:35 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/17/2008 09:18 PM][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - TheOnlyBigDog.job
[10/22/2008 09:50 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/28/2006 05:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( BF450B8182A2B679.job )=( c:\docume~1\theonl~1\applic~1\settin~1\BendThirdLocks.exe )

--------------------\\ Listing Folders in C:\Program Files

[09/15/2008|11:32] C:\Program Files\<DIR> Access 97 Runtime
[09/27/2008|08:48] C:\Program Files\<DIR> Act-3D
[10/03/2008|01:03] C:\Program Files\<DIR> Adobe
[09/10/2008|09:28] C:\Program Files\<DIR> Ahead
[09/26/2008|01:22] C:\Program Files\<DIR> ALCATech
[09/26/2008|12:26] C:\Program Files\<DIR> Apple Software Update
[09/10/2008|02:58] C:\Program Files\<DIR> Babylon
[09/12/2008|01:45] C:\Program Files\<DIR> Bradbury
[09/10/2008|01:45] C:\Program Files\<DIR> CAVS
[09/10/2008|01:41] C:\Program Files\<DIR> CD+G AutoName
[09/10/2008|02:33] C:\Program Files\<DIR> CDRWIN3
[10/22/2008|09:47] C:\Program Files\<DIR> Common Files
[09/08/2008|02:44] C:\Program Files\<DIR> ComPlus Applications
[09/23/2008|04:18] C:\Program Files\<DIR> CompuHost
[09/10/2008|02:58] C:\Program Files\<DIR> Conduit
[09/10/2008|01:25] C:\Program Files\<DIR> coolpro2
[09/08/2008|03:40] C:\Program Files\<DIR> Creative
[10/10/2008|06:56] C:\Program Files\<DIR> Cucusoft
[09/14/2008|12:08] C:\Program Files\<DIR> Damar Systems
[09/19/2008|06:47] C:\Program Files\<DIR> Debs Karaoke Renamer
[10/10/2008|06:52] C:\Program Files\<DIR> Deskshare
[09/26/2008|05:04] C:\Program Files\<DIR> Digital Photo Software
[09/17/2008|02:28] C:\Program Files\<DIR> Doblon
[09/10/2008|02:37] C:\Program Files\<DIR> DVD Shrink
[10/13/2008|12:42] C:\Program Files\<DIR> East-Tec Eraser 2008
[09/24/2008|05:25] C:\Program Files\<DIR> Eraser
[10/10/2008|07:02] C:\Program Files\<DIR> eXtreme Movie Manager
[09/10/2008|01:25] C:\Program Files\<DIR> Gaa Moa's Plugins for Cool Edit Pro
[09/19/2008|06:40] C:\Program Files\<DIR> Gateway151 File-2-Folder
[10/18/2008|03:41] C:\Program Files\<DIR> Gateway151 Karaoke Zip Player
[09/10/2008|02:44] C:\Program Files\<DIR> Google
[10/19/2008|05:19] C:\Program Files\<DIR> InstallShield Installation Information
[10/10/2008|03:05] C:\Program Files\<DIR> Internet Explorer
[09/26/2008|07:08] C:\Program Files\<DIR> Jasc Software Inc
[09/19/2008|06:29] C:\Program Files\<DIR> Java
[09/16/2008|03:56] C:\Program Files\<DIR> Karaoke Zip Scanner
[09/10/2008|10:48] C:\Program Files\<DIR> KJ Pro
[09/29/2008|11:08] C:\Program Files\<DIR> Kjpro
[10/19/2008|05:19] C:\Program Files\<DIR> Macromedia
[09/23/2008|02:59] C:\Program Files\<DIR> MagicDVDCopier
[09/23/2008|02:53] C:\Program Files\<DIR> MagicDVDRipper
[09/26/2008|06:21] C:\Program Files\<DIR> MagicISO
[09/09/2008|05:23] C:\Program Files\<DIR> Messenger
[09/10/2008|01:33] C:\Program Files\<DIR> Micro Technology Unlimited
[09/10/2008|10:46] C:\Program Files\<DIR> Microsoft Access Runtime
[10/17/2008|10:58] C:\Program Files\<DIR> Microsoft ActiveSync
[09/26/2008|03:05] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[09/25/2008|10:24] C:\Program Files\<DIR> Microsoft Expression
[09/08/2008|02:46] C:\Program Files\<DIR> microsoft frontpage
[10/17/2008|10:57] C:\Program Files\<DIR> Microsoft Office
[09/25/2008|10:16] C:\Program Files\<DIR> Microsoft Visual Studio
[09/25/2008|10:14] C:\Program Files\<DIR> Microsoft Visual Studio 8
[09/25/2008|10:16] C:\Program Files\<DIR> Microsoft Works
[09/25/2008|10:15] C:\Program Files\<DIR> Microsoft.NET
[09/09/2008|01:03] C:\Program Files\<DIR> Movie Maker
[10/20/2008|08:23] C:\Program Files\<DIR> Mozilla Firefox
[10/18/2008|02:17] C:\Program Files\<DIR> MP3 WAV Converter
[09/13/2008|04:29] C:\Program Files\<DIR> Mp3+G Toolz
[09/09/2008|02:36] C:\Program Files\<DIR> MP3+G Toolz .NET
[09/25/2008|10:16] C:\Program Files\<DIR> MSBuild
[09/08/2008|04:00] C:\Program Files\<DIR> MSI
[09/08/2008|02:43] C:\Program Files\<DIR> MSN
[09/08/2008|02:44] C:\Program Files\<DIR> MSN Gaming Zone
[10/14/2008|02:44] C:\Program Files\<DIR> MSN Messenger
[09/25/2008|01:33] C:\Program Files\<DIR> Musicmatch
[09/10/2008|02:58] C:\Program Files\<DIR> myBabylon
[09/12/2008|12:51] C:\Program Files\<DIR> MySurvey Messenger
[09/10/2008|09:31] C:\Program Files\<DIR> Nero
[09/09/2008|12:59] C:\Program Files\<DIR> NetMeeting
[10/09/2008|05:15] C:\Program Files\<DIR> Norton AntiVirus
[09/09/2008|01:20] C:\Program Files\<DIR> NVIDIA Corporation
[09/09/2008|12:59] C:\Program Files\<DIR> Outlook Express
[09/12/2008|08:05] C:\Program Files\<DIR> Paltalk Messenger
[09/25/2008|10:47] C:\Program Files\<DIR> PopCap Games
[09/26/2008|12:27] C:\Program Files\<DIR> QuickTime
[09/26/2008|07:02] C:\Program Files\<DIR> Reallusion
[09/10/2008|02:09] C:\Program Files\<DIR> RoxBox
[09/13/2008|11:17] C:\Program Files\<DIR> Sax & Dottys Karaoke Zip Player
[10/05/2008|10:20] C:\Program Files\<DIR> Spybot - Search & Destroy
[09/24/2008|09:32] C:\Program Files\<DIR> Stardock
[09/11/2008|04:16] C:\Program Files\<DIR> SUPERAntiSpyware
[09/09/2008|01:53] C:\Program Files\<DIR> Symantec
[09/09/2008|01:53] C:\Program Files\<DIR> SymNetDrv
[09/10/2008|04:06] C:\Program Files\<DIR> The_Pirate_Bay
[10/20/2008|03:04] C:\Program Files\<DIR> Trend Micro
[10/18/2008|01:01] C:\Program Files\<DIR> Winamp
[09/09/2008|02:37] C:\Program Files\<DIR> Winamp Toolbar
[09/10/2008|01:40] C:\Program Files\<DIR> WinCDG Pro 2
[10/14/2008|02:46] C:\Program Files\<DIR> Windows Live Favorites
[10/14/2008|02:46] C:\Program Files\<DIR> Windows Live Toolbar
[09/09/2008|01:04] C:\Program Files\<DIR> Windows Media Player
[09/09/2008|12:59] C:\Program Files\<DIR> Windows NT
[09/08/2008|02:45] C:\Program Files\<DIR> WindowsUpdate
[09/10/2008|01:17] C:\Program Files\<DIR> WinRAR
[09/09/2008|02:33] C:\Program Files\<DIR> WinZip
[09/08/2008|02:46] C:\Program Files\<DIR> xerox
[10/14/2008|12:12] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[09/17/2008|10:03] C:\Program Files\Common Files\<DIR> Adobe
[09/17/2008|10:03] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[09/10/2008|09:32] C:\Program Files\Common Files\<DIR> Ahead
[09/26/2008|12:27] C:\Program Files\Common Files\<DIR> Apple
[09/10/2008|01:41] C:\Program Files\Common Files\<DIR> Borland Shared
[09/10/2008|02:06] C:\Program Files\Common Files\<DIR> cdrdao
[09/10/2008|10:46] C:\Program Files\Common Files\<DIR> Damar Systems
[09/10/2008|10:47] C:\Program Files\Common Files\<DIR> Designer
[09/10/2008|10:37] C:\Program Files\Common Files\<DIR> Doblon
[09/09/2008|01:20] C:\Program Files\Common Files\<DIR> InstallShield
[09/19/2008|06:28] C:\Program Files\Common Files\<DIR> Java
[10/17/2008|10:57] C:\Program Files\Common Files\<DIR> L&H
[10/19/2008|05:20] C:\Program Files\Common Files\<DIR> Macromedia
[09/12/2008|01:46] C:\Program Files\Common Files\<DIR> Macromedia Shared
[10/17/2008|11:00] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/08/2008|02:45] C:\Program Files\Common Files\<DIR> MSSoap
[09/08/2008|07:28] C:\Program Files\Common Files\<DIR> ODBC
[09/08/2008|02:45] C:\Program Files\Common Files\<DIR> Services
[09/08/2008|07:28] C:\Program Files\Common Files\<DIR> SpeechEngines
[09/24/2008|05:24] C:\Program Files\Common Files\<DIR> Stardock
[10/19/2008|11:54] C:\Program Files\Common Files\<DIR> Symantec Shared
[10/17/2008|10:57] C:\Program Files\Common Files\<DIR> System
[09/12/2008|01:45] C:\Program Files\Common Files\<DIR> Vbox
[09/11/2008|04:16] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 46 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Drv Audio Dog About
C:\DOCUME~1\THEONL~1\APPLIC~1\settin~1
C:\WINDOWS\Tasks\BF450B8182A2B679.job

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN

--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-22 13:16:50
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous\Microsoft Keygen.exe
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\3D Haunted Halloween Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Autumn Time 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Autumn Time 3D Screensaver v1[2].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Christmas Eve 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Christmas_Eve_3D_Screensaver_v1[1].0_Keygen_s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Dinosaurs 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Fish_Aquarium_3D_Screensaver_v1[1].0_Incl_Keygen_by_SoS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\nightcity3dscreensaverv1.0keygens0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Night_City_3D_Screensaver_1_Crack_by_FFF.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Planet_Earth_3D_Screensaver_v1[1].1_Incl_Keygen_by_SoS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Winter Night 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\3dmatrixcorridorsscreensaverkeygenknetus.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\Army_of_Darkness_3D_Screensaver_v1[1].0_WinALL_Incl_Keygen_by_CSS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\Marine Life 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\My Music\BIGDOG'S MP3'S\BIGDOG'S MUSIC\MP3s\MP3'S\Little Bitty Crack In His Heart - Ruby Lovett.mp3
C:\DOCUME~1\THEONL~1\My Documents\My Music\BIGDOG'S MP3'S\BIGDOG'S MUSIC\NEEDS EDITING\Neil Diamond - The Best Of\11 - Neil Diamond - Cracklin' Rose.mp3
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Billion_Chords_v1[1].0_incl_KeyGen_by_BEAT.zip
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Crasy_Talk_pro_5.1_with_keygen.4354468.TPB.torrent
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Magic DVD Ripper 5[1].3 Build 5_KeyGen_Under SEH Team.rar
C:\DOCUME~1\THEONL~1\My Documents\Text Files\Fast Defrag Pro Keygen.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\How To Crack Any Type Of Registration Protection.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\mmjb crack.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\musicmatch crack.txt
C:\DOCUME~1\THEONL~1\Recent\Nero Burning Rom 7 Ultra Edition Incl Keygen & Serial.lnk

[F:3][D:0]-> C:\DOCUME~1\THEONL~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\THEONL~1\Cookies
[F:1][D:0]-> C:\DOCUME~1\THEONL~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Wed 10/22/2008|13:17 - Option : [1]

--------------------\\ Scan completed at 13:17:09

Shaba · Oct 23, 2008

Restart Lop S&D

This time choose Option 2 (Fix + Hosts)
Don't close the window during suppression!
Post the log which is created: (C:\lopR.txt)

TheOnlyBigDog · Oct 23, 2008

Requested Log

Good morning Shaba. Here is the requested lop.txt log2...

--------------------\\ Lop S&D 4.2.4-6 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : TheOnlyBigDog ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 2005 2005 (Not Activated)
Firewall : Norton Internet Worm Protection 2005 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 465 Go Free : 253 Go
D:\ (Local Disk) - NTFS - Total : 465 Go Free : 204 Go
E:\ (Local Disk) - NTFS - Total : 349 Go Free : 88 Go
F:\ (Local Disk) - NTFS - Total : 698 Go Free : 121 Go
G:\ (Local Disk) - NTFS - Total : 349 Go Free : 166 Go
H:\ (CD or DVD)
I:\ (CD or DVD)
J:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
Option : [2] ( Thu 10/23/2008| 5:01 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\WINDOWS\Tasks\BF450B8182A2B679.job
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Drv Audio Dog About
Deleted! - C:\DOCUME~1\THEONL~1\APPLIC~1\settin~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing folders in APPLIC~1

[10/04/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/26/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[09/26/2008|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[10/03/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Babylon
[09/13/2008|05:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CanonBJ
[09/10/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/13/2008|02:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[09/10/2008|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[10/21/2008|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[10/19/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macromedia
[09/12/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[10/17/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[10/18/2008|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[10/05/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NOS
[09/09/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
[09/28/2008|07:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Drivers HeadQuarters
[09/11/2008|04:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[09/24/2008|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Stardock
[09/11/2008|04:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/09/2008|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[10/22/2008|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[09/25/2008|02:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TVU Networks
[09/09/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Winamp Toolbar
[09/09/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/14/2008|02:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Live Toolbar
[10/14/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
[10/14/2008|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[09/08/2008|02:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[09/08/2008|02:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[09/09/2008|02:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Symantec

[09/08/2008|02:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[10/04/2008|12:15] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Adobe
[09/13/2008|05:49] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> AdobeUM
[10/13/2008|11:05] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Ahead
[10/03/2008|01:20] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Babylon
[10/04/2008|12:15] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[09/08/2008|03:48] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Creative
[09/19/2008|06:47] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Debs Karaoke Renamer
[10/13/2008|12:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> EAST Technologies
[09/10/2008|03:46] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Google
[09/08/2008|02:51] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Identities
[09/26/2008|05:05] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> InstallShield
[09/26/2008|07:10] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Jasc
[10/19/2008|05:21] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Macromedia
[10/14/2008|02:56] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Microsoft
[09/25/2008|02:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Mozilla
[09/25/2008|01:33] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Musicmatch
[09/10/2008|02:41] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> NeroVision
[09/12/2008|08:06] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Paltalk
[09/26/2008|04:57] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Reallusion
[09/24/2008|09:23] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Stardock
[09/19/2008|06:29] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Sun
[09/11/2008|04:16] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/09/2008|01:31] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Symantec
[09/10/2008|01:23] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Syntrillium
[09/25/2008|02:54] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> TVU Networks
[10/22/2008|01:19] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> U3
[09/23/2008|02:59] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Vso
[09/10/2008|01:43] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> WinRAR
[10/14/2008|12:03] C:\DOCUME~1\THEONL~1\APPLIC~1\<DIR> Yahoo!

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[10/23/2008 04:32 AM][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[10/18/2008 08:35 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/17/2008 09:18 PM][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - TheOnlyBigDog.job
[10/22/2008 09:50 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/28/2006 05:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[09/15/2008|11:32] C:\Program Files\<DIR> Access 97 Runtime
[09/27/2008|08:48] C:\Program Files\<DIR> Act-3D
[10/03/2008|01:03] C:\Program Files\<DIR> Adobe
[09/10/2008|09:28] C:\Program Files\<DIR> Ahead
[09/26/2008|01:22] C:\Program Files\<DIR> ALCATech
[09/26/2008|12:26] C:\Program Files\<DIR> Apple Software Update
[09/10/2008|02:58] C:\Program Files\<DIR> Babylon
[09/12/2008|01:45] C:\Program Files\<DIR> Bradbury
[09/10/2008|01:45] C:\Program Files\<DIR> CAVS
[09/10/2008|01:41] C:\Program Files\<DIR> CD+G AutoName
[09/10/2008|02:33] C:\Program Files\<DIR> CDRWIN3
[10/22/2008|09:47] C:\Program Files\<DIR> Common Files
[09/08/2008|02:44] C:\Program Files\<DIR> ComPlus Applications
[09/23/2008|04:18] C:\Program Files\<DIR> CompuHost
[09/10/2008|02:58] C:\Program Files\<DIR> Conduit
[09/10/2008|01:25] C:\Program Files\<DIR> coolpro2
[09/08/2008|03:40] C:\Program Files\<DIR> Creative
[10/10/2008|06:56] C:\Program Files\<DIR> Cucusoft
[09/14/2008|12:08] C:\Program Files\<DIR> Damar Systems
[09/19/2008|06:47] C:\Program Files\<DIR> Debs Karaoke Renamer
[10/10/2008|06:52] C:\Program Files\<DIR> Deskshare
[09/26/2008|05:04] C:\Program Files\<DIR> Digital Photo Software
[09/17/2008|02:28] C:\Program Files\<DIR> Doblon
[09/10/2008|02:37] C:\Program Files\<DIR> DVD Shrink
[10/13/2008|12:42] C:\Program Files\<DIR> East-Tec Eraser 2008
[09/24/2008|05:25] C:\Program Files\<DIR> Eraser
[10/10/2008|07:02] C:\Program Files\<DIR> eXtreme Movie Manager
[09/10/2008|01:25] C:\Program Files\<DIR> Gaa Moa's Plugins for Cool Edit Pro
[09/19/2008|06:40] C:\Program Files\<DIR> Gateway151 File-2-Folder
[10/18/2008|03:41] C:\Program Files\<DIR> Gateway151 Karaoke Zip Player
[09/10/2008|02:44] C:\Program Files\<DIR> Google
[10/19/2008|05:19] C:\Program Files\<DIR> InstallShield Installation Information
[10/10/2008|03:05] C:\Program Files\<DIR> Internet Explorer
[09/26/2008|07:08] C:\Program Files\<DIR> Jasc Software Inc
[09/19/2008|06:29] C:\Program Files\<DIR> Java
[09/16/2008|03:56] C:\Program Files\<DIR> Karaoke Zip Scanner
[09/10/2008|10:48] C:\Program Files\<DIR> KJ Pro
[09/29/2008|11:08] C:\Program Files\<DIR> Kjpro
[10/19/2008|05:19] C:\Program Files\<DIR> Macromedia
[09/23/2008|02:59] C:\Program Files\<DIR> MagicDVDCopier
[09/23/2008|02:53] C:\Program Files\<DIR> MagicDVDRipper
[09/26/2008|06:21] C:\Program Files\<DIR> MagicISO
[09/09/2008|05:23] C:\Program Files\<DIR> Messenger
[09/10/2008|01:33] C:\Program Files\<DIR> Micro Technology Unlimited
[09/10/2008|10:46] C:\Program Files\<DIR> Microsoft Access Runtime
[10/17/2008|10:58] C:\Program Files\<DIR> Microsoft ActiveSync
[09/26/2008|03:05] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[09/25/2008|10:24] C:\Program Files\<DIR> Microsoft Expression
[09/08/2008|02:46] C:\Program Files\<DIR> microsoft frontpage
[10/17/2008|10:57] C:\Program Files\<DIR> Microsoft Office
[09/25/2008|10:16] C:\Program Files\<DIR> Microsoft Visual Studio
[09/25/2008|10:14] C:\Program Files\<DIR> Microsoft Visual Studio 8
[09/25/2008|10:16] C:\Program Files\<DIR> Microsoft Works
[09/25/2008|10:15] C:\Program Files\<DIR> Microsoft.NET
[09/09/2008|01:03] C:\Program Files\<DIR> Movie Maker
[10/20/2008|08:23] C:\Program Files\<DIR> Mozilla Firefox
[10/18/2008|02:17] C:\Program Files\<DIR> MP3 WAV Converter
[09/13/2008|04:29] C:\Program Files\<DIR> Mp3+G Toolz
[09/09/2008|02:36] C:\Program Files\<DIR> MP3+G Toolz .NET
[09/25/2008|10:16] C:\Program Files\<DIR> MSBuild
[09/08/2008|04:00] C:\Program Files\<DIR> MSI
[09/08/2008|02:43] C:\Program Files\<DIR> MSN
[09/08/2008|02:44] C:\Program Files\<DIR> MSN Gaming Zone
[10/14/2008|02:44] C:\Program Files\<DIR> MSN Messenger
[09/25/2008|01:33] C:\Program Files\<DIR> Musicmatch
[09/10/2008|02:58] C:\Program Files\<DIR> myBabylon
[09/12/2008|12:51] C:\Program Files\<DIR> MySurvey Messenger
[09/10/2008|09:31] C:\Program Files\<DIR> Nero
[09/09/2008|12:59] C:\Program Files\<DIR> NetMeeting
[10/09/2008|05:15] C:\Program Files\<DIR> Norton AntiVirus
[09/09/2008|01:20] C:\Program Files\<DIR> NVIDIA Corporation
[09/09/2008|12:59] C:\Program Files\<DIR> Outlook Express
[09/12/2008|08:05] C:\Program Files\<DIR> Paltalk Messenger
[09/25/2008|10:47] C:\Program Files\<DIR> PopCap Games
[09/26/2008|12:27] C:\Program Files\<DIR> QuickTime
[09/26/2008|07:02] C:\Program Files\<DIR> Reallusion
[09/10/2008|02:09] C:\Program Files\<DIR> RoxBox
[09/13/2008|11:17] C:\Program Files\<DIR> Sax & Dottys Karaoke Zip Player
[10/05/2008|10:20] C:\Program Files\<DIR> Spybot - Search & Destroy
[09/24/2008|09:32] C:\Program Files\<DIR> Stardock
[09/11/2008|04:16] C:\Program Files\<DIR> SUPERAntiSpyware
[09/09/2008|01:53] C:\Program Files\<DIR> Symantec
[09/09/2008|01:53] C:\Program Files\<DIR> SymNetDrv
[09/10/2008|04:06] C:\Program Files\<DIR> The_Pirate_Bay
[10/20/2008|03:04] C:\Program Files\<DIR> Trend Micro
[10/18/2008|01:01] C:\Program Files\<DIR> Winamp
[09/09/2008|02:37] C:\Program Files\<DIR> Winamp Toolbar
[09/10/2008|01:40] C:\Program Files\<DIR> WinCDG Pro 2
[10/14/2008|02:46] C:\Program Files\<DIR> Windows Live Favorites
[10/14/2008|02:46] C:\Program Files\<DIR> Windows Live Toolbar
[09/09/2008|01:04] C:\Program Files\<DIR> Windows Media Player
[09/09/2008|12:59] C:\Program Files\<DIR> Windows NT
[09/08/2008|02:45] C:\Program Files\<DIR> WindowsUpdate
[09/10/2008|01:17] C:\Program Files\<DIR> WinRAR
[09/09/2008|02:33] C:\Program Files\<DIR> WinZip
[09/08/2008|02:46] C:\Program Files\<DIR> xerox
[10/14/2008|12:12] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[09/17/2008|10:03] C:\Program Files\Common Files\<DIR> Adobe
[09/17/2008|10:03] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[09/10/2008|09:32] C:\Program Files\Common Files\<DIR> Ahead
[09/26/2008|12:27] C:\Program Files\Common Files\<DIR> Apple
[09/10/2008|01:41] C:\Program Files\Common Files\<DIR> Borland Shared
[09/10/2008|02:06] C:\Program Files\Common Files\<DIR> cdrdao
[09/10/2008|10:46] C:\Program Files\Common Files\<DIR> Damar Systems
[09/10/2008|10:47] C:\Program Files\Common Files\<DIR> Designer
[09/10/2008|10:37] C:\Program Files\Common Files\<DIR> Doblon
[09/09/2008|01:20] C:\Program Files\Common Files\<DIR> InstallShield
[09/19/2008|06:28] C:\Program Files\Common Files\<DIR> Java
[10/17/2008|10:57] C:\Program Files\Common Files\<DIR> L&H
[10/19/2008|05:20] C:\Program Files\Common Files\<DIR> Macromedia
[09/12/2008|01:46] C:\Program Files\Common Files\<DIR> Macromedia Shared
[10/17/2008|11:00] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/08/2008|02:45] C:\Program Files\Common Files\<DIR> MSSoap
[09/08/2008|07:28] C:\Program Files\Common Files\<DIR> ODBC
[09/08/2008|02:45] C:\Program Files\Common Files\<DIR> Services
[09/08/2008|07:28] C:\Program Files\Common Files\<DIR> SpeechEngines
[09/24/2008|05:24] C:\Program Files\Common Files\<DIR> Stardock
[10/19/2008|11:54] C:\Program Files\Common Files\<DIR> Symantec Shared
[10/17/2008|10:57] C:\Program Files\Common Files\<DIR> System
[09/12/2008|01:45] C:\Program Files\Common Files\<DIR> Vbox
[09/11/2008|04:16] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 43 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN

--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-23 05:02:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous\Microsoft Keygen.exe
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\3D Haunted Halloween Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Autumn Time 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Autumn Time 3D Screensaver v1[2].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Christmas Eve 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Christmas_Eve_3D_Screensaver_v1[1].0_Keygen_s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Dinosaurs 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Fish_Aquarium_3D_Screensaver_v1[1].0_Incl_Keygen_by_SoS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\nightcity3dscreensaverv1.0keygens0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Night_City_3D_Screensaver_1_Crack_by_FFF.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Planet_Earth_3D_Screensaver_v1[1].1_Incl_Keygen_by_SoS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\SCREENSAVERS\Winter Night 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\3dmatrixcorridorsscreensaverkeygenknetus.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\Army_of_Darkness_3D_Screensaver_v1[1].0_WinALL_Incl_Keygen_by_CSS.zip
C:\DOCUME~1\THEONL~1\My Documents\Miscellaneous Downloads\THEMES\Marine Life 3D Screensaver v1[1].0 Keygen - s0m.zip
C:\DOCUME~1\THEONL~1\My Documents\My Music\BIGDOG'S MP3'S\BIGDOG'S MUSIC\MP3s\MP3'S\Little Bitty Crack In His Heart - Ruby Lovett.mp3
C:\DOCUME~1\THEONL~1\My Documents\My Music\BIGDOG'S MP3'S\BIGDOG'S MUSIC\NEEDS EDITING\Neil Diamond - The Best Of\11 - Neil Diamond - Cracklin' Rose.mp3
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Billion_Chords_v1[1].0_incl_KeyGen_by_BEAT.zip
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Crasy_Talk_pro_5.1_with_keygen.4354468.TPB.torrent
C:\DOCUME~1\THEONL~1\My Documents\My Received Files\Magic DVD Ripper 5[1].3 Build 5_KeyGen_Under SEH Team.rar
C:\DOCUME~1\THEONL~1\My Documents\Text Files\Fast Defrag Pro Keygen.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\How To Crack Any Type Of Registration Protection.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\mmjb crack.txt
C:\DOCUME~1\THEONL~1\My Documents\Text Files\musicmatch crack.txt
C:\DOCUME~1\THEONL~1\Recent\Nero Burning Rom 7 Ultra Edition Incl Keygen & Serial.lnk

[F:3][D:0]-> C:\DOCUME~1\THEONL~1\LOCALS~1\Temp
[F:1][D:0]-> C:\DOCUME~1\THEONL~1\Cookies
[F:67][D:4]-> C:\DOCUME~1\THEONL~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Wed 10/22/2008|12:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Thu 10/23/2008| 5:03 - Option : [2]

--------------------\\ Scan completed at 5:03:04

Shaba · Oct 23, 2008

It appears that some of your software aren't legit.

So please uninstall these next:

Magic DVD Ripper V5.3 build 7
Nero 7 Demo

After that:

Please download this tool from Microsoft.
Double click on MGADiag.exe to run it.
Click Continue.
The program will run. It takes a while to finish the diagnosis, please be patient.
Once done, click on Copy.
Open Notepad and paste the contents in. Save this file and post it in your next reply.

Post back a fresh uninstall list and MGADiag results.

TheOnlyBigDog · Oct 23, 2008

Requested Log

Diagnostic Report (1.7.0095.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0
Online Validation Code: N/A
Cached Validation Code: N/A
Windows Product Key: *****-*****-9RCQG-9PDHJ-QHGB8
Windows Product Key Hash: FsUXZLTh6gy37gNwjd5Y2g1ILks=
Windows Product ID: 76487-OEM-2240051-79467
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.pro
CSVLK Server: N/A
CSVLK PID: N/A
ID: {04679EDD-D408-4D71-A78E-E974E2703A99}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.8.31.9
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-171-1
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A
Version: N/A

WGA Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.8.31.9
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
WGATray.exe Signed By: Microsoft
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Publisher 2002 - 100 Genuine
Microsoft Office XP Professional with FrontPage - 114 Blocked VLK 2
Microsoft Office Enterprise 2007 - 100 Genuine
Microsoft Office Project Professional 2007 - 100 Genuine
Microsoft Office Visio Professional 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 7E90FEE8-198-80004005_7E90FEE8-198-80004005_025D1FF3-171-1_E2AD56EA-338-8009_E2AD56EA-339-2ee7_16E0B333-89-80004005_B4D0AA8B-1029-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{04679EDD-D408-4D71-A78E-E974E2703A99}</UGUID><Version>1.7.0095.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-QHGB8</PKey><PID>76487-OEM-2240051-79467</PID><PIDType>3</PIDType><SID>S-1-5-21-1844237615-688789844-725345543</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>ASUS M2N-SLI DELUXE ACPI BIOS Revision 1102</Version><SMBIOSVersion major="2" minor="4"/><Date>20070620000000.000000+000</Date></BIOS><HWID>AB8931F701848076</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90190409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Publisher 2002</Name><Ver>10</Ver><Val>BABFAAD4C4D61B0</Val><Hash>SEishkJimZrBR/u8NT774CIf0yg=</Hash><Pid>54197-640-0698487-16542</Pid><PidType>14</PidType></Product><Product GUID="{90280409-6000-11D3-8CFE-0050048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office XP Professional with FrontPage</Name><Ver>10</Ver><Val>39476F84C4B4004</Val><Hash>4iCnywwNW1w4s9ukTIwGMGxyGic=</Hash><Pid>54185-640-0000025-17690</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65660</Pid><PidType>14</PidType></Product><Product GUID="{90120000-003B-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Project Professional 2007</Name><Ver>12</Ver><Val>3AB862DE70D8D86</Val><Hash>UfpXsJvSSVcPufbDdjd0NK73+ug=</Hash><Pid>89403-707-4159871-63971</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0051-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2007</Name><Ver>12</Ver><Val>3AB862DE70D8D86</Val><Hash>UfpXsJvSSVcPufbDdjd0NK73+ug=</Hash><Pid>89405-707-4159871-63585</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="10" Result="114"/><App Id="16" Version="10" Result="114"/><App Id="17" Version="10" Result="114"/><App Id="18" Version="10" Result="114"/><App Id="19" Version="10" Result="100"/><App Id="1A" Version="10" Result="114"/><App Id="1B" Version="10" Result="114"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="3A" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="53" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Shaba · Oct 23, 2008

I have some information for you:

Link

"(Office status=114 means non-Genuine).VLKs are blocked by Microsoft at the request of the original keyholder for such reasons as the key was lost, stolen, compromised, misused, or expired. Also, MS may have blocked the key if it notices a pattern of misuse, ie, more installations of XP using that key than authorized."

Is there anything you want to comment on that?

TheOnlyBigDog · Oct 23, 2008

I read the link and have no idea what that all means. I have the original windows xp disc with a legitimate product key.

Shaba · Oct 23, 2008

Yes, XP seems to legit.

But Office doesn't seem to be as it has been installed using blocked VLK.

TheOnlyBigDog · Oct 23, 2008

I also have the office disc and frontpage disc and 10 million other discs to boot. But back to the problem at hand...

Shaba · Oct 23, 2008

Unfortunately it doesn't go that way.

Report shows that your office isn't legit.

LOP S&D report shows that you have a lot of cracks and keygens.

As said here

"We do not support the use of illegal Pirated/Warez/Cracked software.

Helping a person who insists on using such software, could be construed in the eyes of the law to be aiding and abetting a crime. Therefore you will be asked to remove any cracked programs and in the case of your operating system, to obtain a valid licensed copy."

This thread is now closed.

You are welcome to come back when your programs are all legit.

Please Help.... Virtumonde, Vundo & Many Other Malicious Trojans

Shaba

Security Expert: Emeritus

TheOnlyBigDog

Guest-has new account

Shaba

Security Expert: Emeritus

TheOnlyBigDog

Guest-has new account

Shaba

Security Expert: Emeritus

TheOnlyBigDog

Guest-has new account

Shaba

Security Expert: Emeritus

TheOnlyBigDog

Guest-has new account

Shaba

Security Expert: Emeritus

TheOnlyBigDog

Guest-has new account

Shaba

Security Expert: Emeritus