win32 trojan tdss

Hello,

I got a win32 trojan tdss on my vista laptop. It won't boot on normal mode, but I can boot on safe mode with and w/o networking. Because I changed the names of the files, I was able to install malwarebytes and spybot search and destroy (for example, I changed the name malwarebytes to just mwb). However I still can't boot normally to my computer and I can't delete the infected files using malwarebytes because it says they can't be deleted, but they will be deleted when I boot my computer again, but they are still there after booting. Reformating and starting over is not an option.

This is the log that malwarebytes gives me:

Malwarebytes' Anti-Malware 1.38
Database version: 2411
Windows 6.0.6001 Service Pack 1

7/12/2009 1:51:52 AM
mbam-log-2009-07-12 (01-51-52).txt

Scan type: Quick Scan
Objects scanned: 439141
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\Temp\_avast4_\unp103104887.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp180029364.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp97449126.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.

This is the hijackthis notepad:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:58:33 AM, on 7/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\mwb\mba.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HJ\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://smessql.smes.org/helpline/techweb.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\bot\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\mwb\mba.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [SpybotDeletingA4931] command.com /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7978] cmd.exe /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3233] command.com /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6400] cmd.exe /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7324] command.com /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8736] cmd.exe /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7731] command.com /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5738] cmd.exe /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9374] command.com /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2563] cmd.exe /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA869] command.com /c del "C:\Windows\System32\uacinit.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9600] cmd.exe /c del "C:\Windows\System32\uacinit.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5402] command.com /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4232] cmd.exe /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9700] command.com /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC89] cmd.exe /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8402] command.com /c del "C:\Windows\Temp\UAC79c6.tmp"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9300] cmd.exe /c del "C:\Windows\Temp\UAC79c6.tmp"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\bot\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB4351] command.com /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3729] cmd.exe /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5742] command.com /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3364] cmd.exe /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5177] command.com /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9660] cmd.exe /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5505] command.com /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3536] cmd.exe /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2830] command.com /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1859] cmd.exe /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9101] command.com /c del "C:\Windows\System32\uacinit.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9013] cmd.exe /c del "C:\Windows\System32\uacinit.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2231] command.com /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7814] cmd.exe /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8601] command.com /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7657] cmd.exe /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB882] command.com /c del "C:\Windows\Temp\UAC79c6.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8] cmd.exe /c del "C:\Windows\Temp\UAC79c6.tmp"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: PASPortal.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\bot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\bot\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = smes.org
O17 - HKLM\Software\..\Telephony: DomainName = smes.org
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = smes.org
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = smes.org
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\bot\SDWinSec.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe

--
End of file - 10027 bytes

Hello.

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.

Please make sure Teatimer is disable before we do this, otherwise this fix will fail.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
  O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\mwb\mba.exe" /runcleanupscript
  O4 - HKLM\..\RunOnce: [SpybotDeletingA4931] command.com /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC7978] cmd.exe /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA3233] command.com /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC6400] cmd.exe /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA7324] command.com /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC8736] cmd.exe /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA7731] command.com /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC5738] cmd.exe /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA9374] command.com /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC2563] cmd.exe /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA869] command.com /c del "C:\Windows\System32\uacinit.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC9600] cmd.exe /c del "C:\Windows\System32\uacinit.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA5402] command.com /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC4232] cmd.exe /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA9700] command.com /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC89] cmd.exe /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
  O4 - HKLM\..\RunOnce: [SpybotDeletingA8402] command.com /c del "C:\Windows\Temp\UAC79c6.tmp"
  O4 - HKLM\..\RunOnce: [SpybotDeletingC9300] cmd.exe /c del "C:\Windows\Temp\UAC79c6.tmp"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB4351] command.com /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD3729] cmd.exe /c del "C:\Windows\System32\drivers\UACpjdwxuwtqjecmsqst.sys"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB5742] command.com /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD3364] cmd.exe /c del "C:\Windows\System32\UACcywtpqfyxaicxeufq.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB5177] command.com /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD9660] cmd.exe /c del "C:\Windows\System32\UACdtkiggiktmdvnfhui.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB5505] command.com /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD3536] cmd.exe /c del "C:\Windows\System32\UACgbltwrwqqpvmhhcfv.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB2830] command.com /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD1859] cmd.exe /c del "C:\Windows\System32\UACgpnmjrpsepxdbtvrx.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB9101] command.com /c del "C:\Windows\System32\uacinit.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD9013] cmd.exe /c del "C:\Windows\System32\uacinit.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB2231] command.com /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD7814] cmd.exe /c del "C:\Windows\System32\UACwqviipokbyqmfvipp.dll"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB8601] command.com /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD7657] cmd.exe /c del "C:\Windows\System32\UACtrtbxdnymlxqybdie.dat"
  O4 - HKCU\..\RunOnce: [SpybotDeletingB882] command.com /c del "C:\Windows\Temp\UAC79c6.tmp"
  O4 - HKCU\..\RunOnce: [SpybotDeletingD8] cmd.exe /c del "C:\Windows\Temp\UAC79c6.tmp"
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Next,

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV. (avast!)
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: could not open file "c:\programdata\14041714\14041714"
Deletion of file "c:\programdata\14041714\14041714" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\programdata\14041714\14041714.exe"
Deletion of file "c:\programdata\14041714\14041714.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "\\?\globalroot\systemroot\System32\UACdtkiggiktmdvnfhui.dll"
Deletion of file "\\?\globalroot\systemroot\System32\UACdtkiggiktmdvnfhui.dll" failed!
Status: 0xc0000033 (STATUS_OBJECT_NAME_INVALID)
--> an object cannot have this name


Error: file "C:\Windows\System32\net.net" not found!
Deletion of file "C:\Windows\System32\net.net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\b.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\b.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\c.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\c.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\msxml71.dll" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\msxml71.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rwnxeosacm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rwnxeosacm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\LocalLow\Sun\Java\deployment\cache\6.0\32\43fbc220-2d12ba2a" not found!
Deletion of file "c:\Users\egutierrez\AppData\LocalLow\Sun\Java\deployment\cache\6.0\32\43fbc220-2d12ba2a" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp130217888.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp130217888.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp135916022.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp135916022.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp201020539.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp201020539.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp68335337.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp68335337.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp83571672.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp83571672.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp94206965.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp94206965.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete file "C:\Windows\system32\uacinit.dll"
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000156


Error: file "C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job" not found!
Deletion of file "C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "c:\programdata\14041714\14041714"
Deletion of file "c:\programdata\14041714\14041714" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\programdata\14041714\14041714.exe"
Deletion of file "c:\programdata\14041714\14041714.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "\\?\globalroot\systemroot\System32\UACdtkiggiktmdvnfhui.dll"
Deletion of file "\\?\globalroot\systemroot\System32\UACdtkiggiktmdvnfhui.dll" failed!
Status: 0xc0000033 (STATUS_OBJECT_NAME_INVALID)
--> an object cannot have this name


Error: file "C:\Windows\System32\net.net" not found!
Deletion of file "C:\Windows\System32\net.net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\b.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\b.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\c.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\c.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\msxml71.dll" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\msxml71.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rwnxeosacm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rwnxeosacm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\LocalLow\Sun\Java\deployment\cache\6.0\32\43fbc220-2d12ba2a" not found!
Deletion of file "c:\Users\egutierrez\AppData\LocalLow\Sun\Java\deployment\cache\6.0\32\43fbc220-2d12ba2a" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp130217888.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp130217888.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp135916022.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp135916022.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp201020539.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp201020539.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp68335337.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp68335337.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp83571672.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp83571672.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp94206965.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp94206965.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete file "C:\Windows\system32\uacinit.dll"
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000156


Error: file "C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job" not found!
Deletion of file "C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: folder "C:\ProgramData\14041714" not found!
Deletion of folder "C:\ProgramData\14041714" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d}" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d}" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\UAC" deleted successfully.

Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "c:\Windows\Temp\_avast4_\unp185368531.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp185368531.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp262201133.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp262201133.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp267800607.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp267800607.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete file "C:\Windows\system32\uacinit.dll"
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000156


Error: file "c:\Windows\Temp\_avast4_\unp185368531.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp185368531.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp262201133.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp262201133.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp267800607.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp267800607.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not delete file "C:\Windows\system32\uacinit.dll"
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000156

Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\UAC" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: could not open file "c:\Windows\Temp\_avast4_\unp103314080.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp103314080.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp120881658.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp120881658.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp177496088.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp177496088.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp216604380.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp216604380.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp58117880.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp58117880.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp96973418.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp96973418.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp103314080.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp103314080.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp120881658.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp120881658.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp177496088.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp177496088.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp216604380.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp216604380.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp58117880.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp58117880.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp96973418.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp96973418.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: file "C:\Windows\system32\uacinit.dll" not found!
Deletion of file "C:\Windows\system32\uacinit.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\UAC" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\UAC" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "c:\Windows\Temp\_avast4_\unp103104887.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp103104887.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp180029364.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp180029364.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp97449126.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp97449126.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp103104887.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp103104887.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp180029364.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp180029364.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp97449126.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp97449126.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

Error: file "c:\Windows\Temp\_avast4_\unp97449126.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp97449126.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp103104887.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp103104887.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp180029364.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp180029364.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp97449126.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp97449126.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: file "C:\Windows\System32\net.net" not found!
Deletion of file "C:\Windows\System32\net.net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\msa.exe" not found!
Deletion of file "c:\Windows\msa.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\a.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\a.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\awcroxsemn.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\awcroxsemn.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\bucksnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\bucksnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\g.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\g.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\h.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\h.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\noxwrcaesm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\noxwrcaesm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\ocanrwsexm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\ocanrwsexm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\omscweraxn.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\omscweraxn.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\prun.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\prun.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\secawnmxor.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\secawnmxor.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\smarenowcx.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\smarenowcx.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\wmaesnrocx.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\wmaesnrocx.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp116692780.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp116692780.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp175997740.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp175997740.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp88769687.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp88769687.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Windows\System32\msxml71.dll" not found!
Deletion of file "C:\Windows\System32\msxml71.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Windows\System32\net.net" not found!
Deletion of file "C:\Windows\System32\net.net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\msa.exe" not found!
Deletion of file "c:\Windows\msa.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\a.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\a.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\awcroxsemn.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\awcroxsemn.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\bucksnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\bucksnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\d.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\e.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\f.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\g.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\g.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\h.exe" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\h.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\noxwrcaesm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\noxwrcaesm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\ocanrwsexm.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\ocanrwsexm.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\omscweraxn.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\omscweraxn.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\prun.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\prun.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\rasvsnet.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\secawnmxor.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\secawnmxor.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\smarenowcx.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\smarenowcx.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Users\egutierrez\AppData\Local\Temp\wmaesnrocx.tmp" not found!
Deletion of file "c:\Users\egutierrez\AppData\Local\Temp\wmaesnrocx.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp116692780.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp116692780.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp175997740.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp175997740.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "c:\Windows\Temp\_avast4_\unp88769687.tmp" not found!
Deletion of file "c:\Windows\Temp\_avast4_\unp88769687.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "C:\Windows\System32\msxml71.dll" not found!
Deletion of file "C:\Windows\System32\msxml71.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.



Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:


Error: could not open file "c:\Windows\Temp\_avast4_\unp194511300.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp194511300.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp257443216.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp257443216.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp258655177.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp258655177.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp194511300.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp194511300.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp257443216.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp257443216.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "c:\Windows\Temp\_avast4_\unp258655177.tmp"
Deletion of file "c:\Windows\Temp\_avast4_\unp258655177.tmp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Completed script processing.

*******************

Finished! Terminate.

After running the program combofix, my computer went back to the log in screen (it seems it turned off), then it let me log in in what appears to be normal mode. Videos and music worked. The only thing is that there was no wallpaper. Afterwards, I turned it back off and turned it back on, and after I put on my username and pass (it took a long time to boot), windows tells me either two things:

1. Activate windows now

2. Or that there's a problem checking my windows authenticity.

What should I do?

Don't use the avenger, it's too powerful and shouldn't be used without supervision.
Your Windows OS isn't real, I would advise you to buy a real version. XP is usually cheap if you can get your hands on a copy, but they are hard to find selling by CD now, MS are trying to get everyone to use Vista.

Okay, I think I can do that.

Does that mean my computer is fixed? Can I use the usb ports without fear of transfering the trojan? What else can I do so that this problem doesn't happen again?

Thanks!!

Tony

It looks like the infection is gone and yes you can use a USB port with no problem.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865
https://addons.mozilla.org/en-US/firefox/addon/433

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
Update Checker

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found here.

Hopefully this should take care of your problems! Good luck.