////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6002, Service Pack 2) Thu May 20 17:13:53 2010 17:13:43: Error: Invalid registry syntax in command: "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uefmfz]" Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program. Skipping line. (Registry key deletion mode) 17:13:53: Error: Execution aborted by user! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6002, Service Pack 2) Thu May 20 19:10:18 2010 19:10:13: Error: Invalid registry syntax in command: "[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uefmfz]" Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program. Skipping line. (Registry key deletion mode) 19:10:18: Error: Execution aborted by user! ////////////////////////////////////////// Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Driver "yqdpvyhdkpqr" disabled successfully. Driver "CRSICBZKXS" disabled successfully. Driver "yegxolurgfjl" disabled successfully. Driver "uefmfz" disabled successfully. Driver "VRGAVGLOSE" disabled successfully. Driver "TGB" disabled successfully. Driver "NSQWZDVMU" disabled successfully. Driver "CRSICBZKXS" deleted successfully. Driver "uefmfz" deleted successfully. Driver "yqdpvyhdkpqr" deleted successfully. Driver "NSQWZDVMU" deleted successfully. Driver "yegxolurgfjl" deleted successfully. Driver "VRGAVGLOSE" deleted successfully. Driver "TGB" deleted successfully. File "c:\windows\system32\drivers\yegxolurgfjl.sys" deleted successfully. Error: file "c:\users\Andreas\AppData\Local\Temp\CRSICBZKXS.exe" not found! Deletion of file "c:\users\Andreas\AppData\Local\Temp\CRSICBZKXS.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "c:\users\Andreas\AppData\Local\Temp\NSQWZDVMU.exe" not found! Deletion of file "c:\users\Andreas\AppData\Local\Temp\NSQWZDVMU.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: file "c:\users\Andreas\AppData\Local\Temp\TGB.exe" not found! Deletion of file "c:\users\Andreas\AppData\Local\Temp\TGB.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "c:\windows\winstart.bat" deleted successfully. File "c:\windows\system32\drivers\yqdpvyhdkpqr.sys" deleted successfully. File "c:\windows\system32\drivers\uefmfz.sys" deleted successfully. Error: file "c:\users\Andreas\AppData\Local\Temp\VRGAVGLOSE.exe" not found! Deletion of file "c:\users\Andreas\AppData\Local\Temp\VRGAVGLOSE.exe" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: could not open folder "c:\windows\system32\C:\Users\Andreas\AppData\Roaming" Deletion of folder "c:\windows\system32\C:\Users\Andreas\AppData\Roaming" failed! Status: 0xc0000033 (STATUS_OBJECT_NAME_INVALID) --> an object cannot have this name Folder "c:\users\Andreas\AppData\Roaming\lowsec" deleted successfully. Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uefmfz" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uefmfz" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ******************* Finished! Terminate.