VIRUSTOTAL Antivirus Version Update Result AntiVir 7.2.0.25 10.06.2006 no virus found Authentium 4.93.8 10.06.2006 no virus found Avast 4.7.892.0 10.08.2006 no virus found AVG 386 10.07.2006 no virus found BitDefender 7.2 10.08.2006 no virus found CAT-QuickHeal 8.00 10.07.2006 no virus found ClamAV devel-20060426 10.08.2006 no virus found DrWeb 4.33 10.08.2006 no virus found eTrust-InoculateIT 23.73.16 10.07.2006 no virus found eTrust-Vet 30.3.3118 10.06.2006 no virus found Ewido 4.0 10.08.2006 no virus found Fortinet 2.82.0.0 10.08.2006 no virus found F-Prot 3.16f 10.06.2006 no virus found F-Prot4 4.2.1.29 10.06.2006 no virus found Ikarus 0.2.65.0 10.07.2006 no virus found Kaspersky 4.0.2.24 10.08.2006 no virus found McAfee 4868 10.06.2006 no virus found Microsoft 1.1603 10.08.2006 no virus found NOD32v2 1.1794 10.06.2006 no virus found Norman 5.80.02 10.06.2006 no virus found Panda 9.0.0.4 10.08.2006 no virus found Sophos 4.10.0 10.05.2006 no virus found TheHacker 6.0.1.093 10.06.2006 no virus found UNA 1.83 10.06.2006 no virus found VBA32 3.11.1 10.08.2006 no virus found VirusBuster 4.3.7:9 10.07.2006 no virus found Aditional Information File size: 666624 bytes MD5: 1250e341aa720bd51f66b33eab07604a SHA1: 118d1aebd0bebfbc7fa647bf7a3d92a635e69782 AVANGER Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\xkcmqcvw ******************* Script file located at: \??\C:\WINDOWS\System32\vpgbogti.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Spooler Service deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows Spooler Service deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Windows Spooler Service not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Windows Spooler Service failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Windows Spooler Service Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_SPOOLER_SERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Spooler Service not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Spooler Service failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Spooler Service Status: 0xc0000034 File C:\WINDOWS\system32\TFTP3232 deleted successfully. File C:\WINDOWS\system32\i deleted successfully. File C:\WINDOWS\system32\TFTP3344 deleted successfully. File C:\WINDOWS\system32\TFTP3176 deleted successfully. Completed script processing. ******************* Finished! Terminate.