Questo è il report di avenger che mi hai chiesto, ora eseguo le altre operazioni
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Syntax error in line --- no registry value to delete found. Line will be ignored.
Error code: 0
Line: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: | {42445467-183A-C20F-DD27-CF14D224B679}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: A172-FA5D54D3E3EE}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4ED7-A172-FA5D54D3E3EE}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4FEF-A907-ED9B4E010967}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 40D9-B0F1-60B4528DB626}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4D3C-A7C6-D089279D5C24}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4917-8DAF-30954ED315BF}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4069-8CF2-4F523205D610}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 4AA3-8925-284255DA0455}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 43F7-A6A9-ADB4C51D5543}
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 183
Line: 403e-8DD8-394C54984B2C}
//////////////////////////////////////////
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Service s\cxsrqglv
*******************
Script file located at: \??\C:\Documents and Settings\ngsyytgs.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Folder C:\Programmi\AskTBar not found!
Deletion of folder C:\Programmi\AskTBar failed!
Could not process line:
C:\Programmi\AskTBar
Status: 0xc0000034
File C:\WINDOWS\system32\xxyxVlMg.dll not found!
Deletion of file C:\WINDOWS\system32\xxyxVlMg.dll failed!
Could not process line:
C:\WINDOWS\system32\xxyxVlMg.dll
Status: 0xc0000034
File C:\WINDOWS\system32\mlJYpooO.dll not found!
Deletion of file C:\WINDOWS\system32\mlJYpooO.dll failed!
Could not process line:
C:\WINDOWS\system32\mlJYpooO.dll
Status: 0xc0000034
File C:\WINDOWS\system32\xxywVnNE.dll not found!
Deletion of file C:\WINDOWS\system32\xxywVnNE.dll failed!
Could not process line:
C:\WINDOWS\system32\xxywVnNE.dll
Status: 0xc0000034
File C:\WINDOWS\system32\cbXQiHXp.dll not found!
Deletion of file C:\WINDOWS\system32\cbXQiHXp.dll failed!
Could not process line:
C:\WINDOWS\system32\cbXQiHXp.dll
Status: 0xc0000034
File C:\WINDOWS\system32\efcATKDv.dll not found!
Deletion of file C:\WINDOWS\system32\efcATKDv.dll failed!
Could not process line:
C:\WINDOWS\system32\efcATKDv.dll
Status: 0xc0000034
File C:\WINDOWS\system32\wvUllJAs.dll not found!
Deletion of file C:\WINDOWS\system32\wvUllJAs.dll failed!
Could not process line:
C:\WINDOWS\system32\wvUllJAs.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ddcYqqOi.dll not found!
Deletion of file C:\WINDOWS\system32\ddcYqqOi.dll failed!
Could not process line:
C:\WINDOWS\system32\ddcYqqOi.dll
Status: 0xc0000034
File C:\WINDOWS\system32\qoMffEXp.dll not found!
Deletion of file C:\WINDOWS\system32\qoMffEXp.dll failed!
Could not process line:
C:\WINDOWS\system32\qoMffEXp.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ENnVwyxx.ini not found!
Deletion of file C:\WINDOWS\system32\ENnVwyxx.ini failed!
Could not process line:
C:\WINDOWS\system32\ENnVwyxx.ini
Status: 0xc0000034
File C:\WINDOWS\system32\ENnVwyxx.ini2 not found!
Deletion of file C:\WINDOWS\system32\ENnVwyxx.ini2 failed!
Could not process line:
C:\WINDOWS\system32\ENnVwyxx.ini2
Status: 0xc0000034
File C:\WINDOWS\system32\sAJllUvw.ini not found!
Deletion of file C:\WINDOWS\system32\sAJllUvw.ini failed!
Could not process line:
C:\WINDOWS\system32\sAJllUvw.ini
Status: 0xc0000034
File C:\WINDOWS\system32\sAJllUvw.ini2 not found!
Deletion of file C:\WINDOWS\system32\sAJllUvw.ini2 failed!
Could not process line:
C:\WINDOWS\system32\sAJllUvw.ini2
Status: 0xc0000034
File C:\WINDOWS\system32\gMlVxyxx.ini not found!
Deletion of file C:\WINDOWS\system32\gMlVxyxx.ini failed!
Could not process line:
C:\WINDOWS\system32\gMlVxyxx.ini
Status: 0xc0000034
File C:\WINDOWS\system32\gMlVxyxx.ini2 not found!
Deletion of file C:\WINDOWS\system32\gMlVxyxx.ini2 failed!
Could not process line:
C:\WINDOWS\system32\gMlVxyxx.ini2
Status: 0xc0000034
File C:\WINDOWS\system32\vDKTAcfe.ini not found!
Deletion of file C:\WINDOWS\system32\vDKTAcfe.ini failed!
Could not process line:
C:\WINDOWS\system32\vDKTAcfe.ini
Status: 0xc0000034
File C:\WINDOWS\system32\vDKTAcfe.ini2 not found!
Deletion of file C:\WINDOWS\system32\vDKTAcfe.ini2 failed!
Could not process line:
C:\WINDOWS\system32\vDKTAcfe.ini2
Status: 0xc0000034
File C:\WINDOWS\system32\OoopYJlm.ini2 not found!
Deletion of file C:\WINDOWS\system32\OoopYJlm.ini2 failed!
Could not process line:
C:\WINDOWS\system32\OoopYJlm.ini2
Status: 0xc0000034
File C:\WINDOWS\system32\OoopYJlm.ini not found!
Deletion of file C:\WINDOWS\system32\OoopYJlm.ini failed!
Could not process line:
C:\WINDOWS\system32\OoopYJlm.ini
Status: 0xc0000034
File C:\WINDOWS\system32\pXHiQXbc.ini not found!
Deletion of file C:\WINDOWS\system32\pXHiQXbc.ini failed!
Could not process line:
C:\WINDOWS\system32\pXHiQXbc.ini
Status: 0xc0000034
Registry value HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs replaced with dummy successfully.
Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks|{11635C4A-ECC7-4ED7-
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks|{11635C4A-ECC7-4ED7- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{11635C4A-ECC7- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{11635C4A-ECC7- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{E006915A-42F5- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{E006915A-42F5- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{A8D83A8E-B7D4- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{A8D83A8E-B7D4- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{91BA3F3A-3E16- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{91BA3F3A-3E16- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{8DBBBC71-E019- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{8DBBBC71-E019- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6166D6F6-992B- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6166D6F6-992B- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{51323C91-EE33- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{51323C91-EE33- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{2B83B087-6BCE- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{2B83B087-6BCE- failed!
Status: 0xc0000034
Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{FE063DB1-4EC0- not found!
Deletion of registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{FE063DB1-4EC0- failed!
Status: 0xc0000034
Program D:\Documenti\varie\sys36436.exe successfully set up to run once on reboot.
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\DOCUME~1\User\IMPOST~1\Temp\1.tmp" deleted successfully.
File "C:\DOCUME~1\User\IMPOST~1\Temp\1.exe" deleted successfully.
Error: file "C:\Programmi\NoDNS\NoDNS.exe" not found!
Deletion of file "C:\Programmi\NoDNS\NoDNS.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
File "C:\WINDOWS\system32\wdaol.dll" deleted successfully.
Registry value "HKLM\SYSTEM\CurrentControlSet\Services\SharedAcce ss\Parameters\FirewallPolicy\StandardProfile\Autho rizedApplications\List|C:\DOCUME~1\Abba\IMPOST~1\T emp\winlogon.exe" deleted successfully.
Registry value "HKLM\Software\Microsoft\Windows\CurrentVersion\Ru n|Streams Drivers" deleted successfully.
Registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\ShellServiceObjectDelayLoad|oledll" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Rispondi quotando