ecco il report di avenger
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Fri Jul 11 01:55:08 2008
01:54:36: Error: Invalid registry syntax in command:
"HKCU\Software\Microsoft\Windows\CurrentVersion\Ru n|ChristmasTree"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry value deletion mode)
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\AppCert\prx992h.dll" deleted successfully.
File "C:\WINDOWS\system32\AppCert\hb241g.dll" deleted successfully.
File "C:\WINDOWS\system32\AppCert\wsil32.dll" deleted successfully.
Error: could not open file "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\InfoWindowd.dll "
Deletion of file "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\InfoWindowd.dll " failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Error: could not open file "c:\windows\system32\iukykol.dll"
Deletion of file "c:\windows\system32\iukykol.dll" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Error: could not open file "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\Rar$EX01.786\Ch ristmas.exe"
Deletion of file "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\Rar$EX01.786\Ch ristmas.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist
File "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\crthjuad.in i" deleted successfully.
File "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\10467.exe" deleted successfully.
File "C:\DOCUME~1\rodolfo\IMPOST~1\Temp\jar_cache32744. tmp" deleted successfully.
File "C:\WINDOWS\temp\crthjuad.ini" deleted successfully.
Error: could not open file "C:\WINDOWS\system32\drivers\vfyujpfl.sys"
Deletion of file "C:\WINDOWS\system32\drivers\vfyujpfl.sys" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Folder "C:\Documents and Settings\rodolfo\Dati applicazioni\tarxqexk" deleted successfully.
Folder "C:\WINDOWS\system32\AppCert" deleted successfully.
Error: could not open registry key "HKLM\system\currentcontrolset\services\vfyujp fl" for deletion
Deletion of registry key "HKLM\system\currentcontrolset\services\vfyujp fl" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Error: could not open registry key "HKLM\system\controlset002\services\vfyujpfl" for deletion
Deletion of registry key "HKLM\system\controlset002\services\vfyujpfl" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Registry key "HKLM\system\currentcontrolset\enum\root\legacy_vf yujpfl" deleted successfully.
Registry key "HKLM\system\controlset002\enum\root\legacy_vfyujp fl" deleted successfully.
Error: could not open registry key "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\zilqdgsn" for deletion
Deletion of registry key "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\zilqdgsn" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Error: could not open registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects\{761F33EE-FBDB-4B55-9834-B7CB6215E227}" for deletion
Deletion of registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects\{761F33EE-FBDB-4B55-9834-B7CB6215E227}" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Error: could not open registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects\{62DF542A-9520-4D7C-A8C7-7784F32B9A34}" for deletion
Deletion of registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects\{62DF542A-9520-4D7C-A8C7-7784F32B9A34}" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)
Completed script processing.
*******************
Finished! Terminate.
Rispondi quotando