View Single Post

koolkid12349 · 08-05-2008, 08:28 PM

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\imsins.BAK" deleted successfully.
File "C:\sqmdata19.sqm" deleted successfully.
File "C:\sqmnoopt19.sqm" deleted successfully.
File "C:\sqmdata18.sqm" deleted successfully.
File "C:\sqmnoopt18.sqm" deleted successfully.
File "C:\sqmdata17.sqm" deleted successfully.
File "C:\sqmnoopt17.sqm" deleted successfully.
File "C:\sqmdata16.sqm" deleted successfully.
File "C:\sqmnoopt16.sqm" deleted successfully.
File "C:\sqmdata15.sqm" deleted successfully.
File "C:\sqmnoopt15.sqm" deleted successfully.
File "C:\sqmdata14.sqm" deleted successfully.
File "C:\sqmnoopt14.sqm" deleted successfully.
File "C:\sqmdata13.sqm" deleted successfully.
File "C:\sqmnoopt13.sqm" deleted successfully.
File "C:\sqmdata12.sqm" deleted successfully.
File "C:\sqmnoopt12.sqm" deleted successfully.
File "C:\sqmdata11.sqm" deleted successfully.
File "C:\sqmnoopt11.sqm" deleted successfully.
File "C:\sqmdata10.sqm" deleted successfully.
File "C:\sqmnoopt10.sqm" deleted successfully.
File "C:\sqmdata08.sqm" deleted successfully.
File "C:\sqmnoopt08.sqm" deleted successfully.
File "C:\sqmdata07.sqm" deleted successfully.
File "C:\sqmnoopt07.sqm" deleted successfully.
File "C:\sqmdata06.sqm" deleted successfully.
File "C:\sqmnoopt06.sqm" deleted successfully.
File "C:\WINDOWS\005344_.tmp" deleted successfully.
File "C:\sqmdata09.sqm" deleted successfully.
File "C:\sqmnoopt09.sqm" deleted successfully.
File "C:\WINDOWS\system32\IEDFix.exe" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(5).sys" not found!
Deletion of driver "dump_wmimmc(5).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(6).sys" not found!
Deletion of driver "dump_wmimmc(6).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(7).sys" not found!
Deletion of driver "dump_wmimmc(7).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(8).sys" not found!
Deletion of driver "dump_wmimmc(8).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(9).sys" not found!
Deletion of driver "dump_wmimmc(9).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(10).sys" not found!
Deletion of driver "dump_wmimmc(10).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(11).sys" not found!
Deletion of driver "dump_wmimmc(11).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(12).sys" not found!
Deletion of driver "dump_wmimmc(12).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(13).sys" not found!
Deletion of driver "dump_wmimmc(13).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc.sys" not found!
Deletion of driver "dump_wmimmc.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(2).sys" not found!
Deletion of driver "dump_wmimmc(2).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(3).sys" not found!
Deletion of driver "dump_wmimmc(3).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(4).sys" not found!
Deletion of driver "dump_wmimmc(4).sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Folder "C:\WINDOWS\l2schemas" deleted successfully.
Folder "C:\WINDOWS\system32\CatRoot_bak" deleted successfully.

Error: folder "C:\Program Files\Viewpoint" not found!
Deletion of folder "C:\Program Files\Viewpoint" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Completed script processing.

*******************

Finished! Terminate.

what was the infection doing?

08-05-2008, 08:28 PM	#9 (permalink)
koolkid12349 Bronze Member Join Date: Oct 2007 Posts: 95	Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\WINDOWS\imsins.BAK" deleted successfully. File "C:\sqmdata19.sqm" deleted successfully. File "C:\sqmnoopt19.sqm" deleted successfully. File "C:\sqmdata18.sqm" deleted successfully. File "C:\sqmnoopt18.sqm" deleted successfully. File "C:\sqmdata17.sqm" deleted successfully. File "C:\sqmnoopt17.sqm" deleted successfully. File "C:\sqmdata16.sqm" deleted successfully. File "C:\sqmnoopt16.sqm" deleted successfully. File "C:\sqmdata15.sqm" deleted successfully. File "C:\sqmnoopt15.sqm" deleted successfully. File "C:\sqmdata14.sqm" deleted successfully. File "C:\sqmnoopt14.sqm" deleted successfully. File "C:\sqmdata13.sqm" deleted successfully. File "C:\sqmnoopt13.sqm" deleted successfully. File "C:\sqmdata12.sqm" deleted successfully. File "C:\sqmnoopt12.sqm" deleted successfully. File "C:\sqmdata11.sqm" deleted successfully. File "C:\sqmnoopt11.sqm" deleted successfully. File "C:\sqmdata10.sqm" deleted successfully. File "C:\sqmnoopt10.sqm" deleted successfully. File "C:\sqmdata08.sqm" deleted successfully. File "C:\sqmnoopt08.sqm" deleted successfully. File "C:\sqmdata07.sqm" deleted successfully. File "C:\sqmnoopt07.sqm" deleted successfully. File "C:\sqmdata06.sqm" deleted successfully. File "C:\sqmnoopt06.sqm" deleted successfully. File "C:\WINDOWS\005344_.tmp" deleted successfully. File "C:\sqmdata09.sqm" deleted successfully. File "C:\sqmnoopt09.sqm" deleted successfully. File "C:\WINDOWS\system32\IEDFix.exe" deleted successfully. Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(5).sys" not found! Deletion of driver "dump_wmimmc(5).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(6).sys" not found! Deletion of driver "dump_wmimmc(6).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(7).sys" not found! Deletion of driver "dump_wmimmc(7).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(8).sys" not found! Deletion of driver "dump_wmimmc(8).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(9).sys" not found! Deletion of driver "dump_wmimmc(9).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(10).sys" not found! Deletion of driver "dump_wmimmc(10).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(11).sys" not found! Deletion of driver "dump_wmimmc(11).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(12).sys" not found! Deletion of driver "dump_wmimmc(12).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(13).sys" not found! Deletion of driver "dump_wmimmc(13).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc.sys" not found! Deletion of driver "dump_wmimmc.sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(2).sys" not found! Deletion of driver "dump_wmimmc(2).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(3).sys" not found! Deletion of driver "dump_wmimmc(3).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Servic es\dump_wmimmc(4).sys" not found! Deletion of driver "dump_wmimmc(4).sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Folder "C:\WINDOWS\l2schemas" deleted successfully. Folder "C:\WINDOWS\system32\CatRoot_bak" deleted successfully. Error: folder "C:\Program Files\Viewpoint" not found! Deletion of folder "C:\Program Files\Viewpoint" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ***************** Finished! Terminate. what was the infection doing?