Norton shows its scanning but it shows no progress

ancp41 · June 10, 2009, 9:58am

Hi,

My norton is giving me a hard time. Norton will open and when I click on full, quick, or custom scan, it says its scanning but it shows no progress. Before, it'll show me how many files it scanned, how many viruses were found, and how many viruses were resolved. It doesn't show me. When it first started acting up I left it to scan for the whole night (maybe for 5 hours), when I woke up it was still at zero. Please let me know what I need to do to solve this issue. Thanks.

ancp41 · June 10, 2009, 10:22am

ok. here's it again.

GMER log: http://pastebay.com/21232

ROOTREPEAL log:

ROOTREPEAL (c) AD, 2007-2008
==================================================
Scan Time:   2009/06/10 20:19
Program Version:  Version 1.2.3.0
Windows Version:  Windows Vista SP1
==================================================

Drivers
-------------------
Name: aujasnkj.sys
Image Path: C:\Users\ahah\AppData\Local\Temp\aujasnkj.sys
Address: 0x8A5EB000 Size: 81664 File Visible: No
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x91FF5000 Size: 45056 File Visible: No
Status: -

Name: dump_msahci.sys
Image Path: C:\Windows\System32\Drivers\dump_msahci.sys
Address: 0x91E00000 Size: 40960 File Visible: No
Status: -

Name: qmvhld.sys
Image Path: C:\Windows\system32\drivers\qmvhld.sys
Address: 0x8ADC2000 Size: 61440 File Visible: No
Status: -

Name: rootrepeal[1].sys
Image Path: C:\Windows\system32\drivers\rootrepeal[1].sys
Address: 0xAE800000 Size: 45056 File Visible: No
Status: -

Name: SKYNETokvviotn.sys
Image Path: C:\Windows\system32\drivers\SKYNETokvviotn.sys
Address: 0x8F77D000 Size: 172032 File Visible: -
Status: Hidden from Windows API!

Stealth Objects
-------------------
Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wininit.exe (PID: 520) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: winlogon.exe (PID: 560) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: services.exe (PID: 600) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: lsass.exe (PID: 612) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: lsm.exe (PID: 620) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETtqsxqrwn.dll]
Process: svchost.exe (PID: 772) Address: 0x00940000 Size: 57344

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 772) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 856) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 912) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1040) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 1040) Address: 0x00d60000 Size: 8192

Object: Hidden Module [Name: luafv.sys]
Process: svchost.exe (PID: 1040) Address: 0x01450000 Size: 106496

Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 1040) Address: 0x015c0000 Size: 323584

Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 1040) Address: 0x01d90000 Size: 323584

Object: Hidden Module [Name: adtschema.dll]
Process: svchost.exe (PID: 1040) Address: 0x68130000 Size: 606208

Object: Hidden Module [Name: ci.dll]
Process: svchost.exe (PID: 1040) Address: 0x32f10000 Size: 913408

Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 1040) Address: 0x70290000 Size: 8192

Object: Hidden Module [Name: tquery.dll]
Process: svchost.exe (PID: 1040) Address: 0x708e0000 Size: 1589248

Object: Hidden Module [Name: profsvc.dll]
Process: svchost.exe (PID: 1040) Address: 0x73cb0000 Size: 163840

Object: Hidden Module [Name: MpEvMsg.dll]
Process: svchost.exe (PID: 1040) Address: 0x74280000 Size: 57344

Object: Hidden Module [Name: wevtapi.dll]
Process: svchost.exe (PID: 1040) Address: 0x75000000 Size: 258048

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1080) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1112) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1196) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SLsvc.exe (PID: 1232) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1312) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1504) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Dwm.exe (PID: 1704) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Explorer.EXE (PID: 1744) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: imageres.dll]
Process: Explorer.EXE (PID: 1744) Address: 0x606f0000 Size: 15822848

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: WLANExt.exe (PID: 1772) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: spoolsv.exe (PID: 1860) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: taskeng.exe (PID: 1916) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ccSvcHst.exe (PID: 1936) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: taskeng.exe (PID: 2032) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 832) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: AppleMobileDeviceService.exe (PID: 1564) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: mDNSResponder.exe (PID: 1368) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: LSSrvc.exe (PID: 2056) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: mdm.exe (PID: 2252) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2280) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: BLService.exe (PID: 2368) Address: 0x001d0000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: RichVideo.exe (PID: 2384) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2412) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2480) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SearchIndexer.exe (PID: 2568) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: xaudio.exe (PID: 2696) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SynTPEnh.exe (PID: 3244) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxtray.exe (PID: 3276) Address: 0x001d0000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hkcmd.exe (PID: 3292) Address: 0x00390000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxpers.exe (PID: 3304) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: QPService.exe (PID: 3320) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: MSASCui.exe (PID: 3420) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: QLBCTRL.exe (PID: 3432) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: jusched.exe (PID: 3468) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hpwuSchd2.exe (PID: 3484) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: HPWAMain.exe (PID: 3492) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ICO.EXE (PID: 3524) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iTunesHelper.exe (PID: 3552) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: GrooveMonitor.exe (PID: 3560) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: LightScribeControlPanel.exe (PID: 3604) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: msgslang.14.0.8064.0206.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x6ab00000 Size: 315392

Object: Hidden Module [Name: msgsres.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x66b60000 Size: 11403264

Object: Hidden Module [Name: msgrvsta.thm]
Process: msnmsgr.exe (PID: 3620) Address: 0x6c510000 Size: 20480

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ehtray.exe (PID: 3632) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxsrvc.exe (PID: 3656) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ccSvcHst.exe (PID: 3716) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmpnscfg.exe (PID: 3836) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hpqwmiex.exe (PID: 3848) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmpnetwk.exe (PID: 3984) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ehmsas.exe (PID: 3996) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmiprvse.exe (PID: 4064) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: unsecapp.exe (PID: 2360) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: WiFiMsg.EXE (PID: 1528) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Com4QLBEx.exe (PID: 984) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: HpqToaster.exe (PID: 3380) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iPodService.exe (PID: 4412) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wlcomm.exe (PID: 5188) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SynTPHelper.exe (PID: 5548) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: navw32.exe (PID: 5572) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 4700) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 4836) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: AluSchedulerSvc.exe (PID: 4920) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: HP.ActiveSupportLibrary.dll]
Process: hphc_service.exe (PID: 5616) Address: 0x00f90000 Size: 110592

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hphc_service.exe (PID: 5616) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: navw32.exe (PID: 5528) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 5108) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: NOTEPAD.EXE (PID: 292) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 3960) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 1348) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: RootRepeal[1].exe (PID: 324) Address: 0x10000000 Size: 32768

Object: Hidden Code [ETHREAD: 0x848f2d78]
Process: System Address: 0x8b4562a8 Size: -

Object: Hidden Code [ETHREAD: 0x84918d78]
Process: System Address: 0xadb91910 Size: -

Object: Hidden Code [ETHREAD: 0x84918828]
Process: System Address: 0xadb49768 Size: -

Object: Hidden Code [ETHREAD: 0x849182d8]
Process: System Address: 0x849184cc Size: -

Object: Hidden Code [ETHREAD: 0x84919020]
Process: System Address: 0x84919214 Size: -

Object: Hidden Code [ETHREAD: 0x84919d78]
Process: System Address: 0x9183bfe0 Size: -

Object: Hidden Code [ETHREAD: 0x875c7d78]
Process: System Address: 0xb9f95d40 Size: -

Hidden Services
-------------------
Service Name: SKYNETrdvvtnic
Image Path: C:\Windows\system32\drivers\SKYNETokvviotn.sys

Quads · June 10, 2009, 10:47am

That is still not the full GMER log,

But in the Rootrepeal log this

Service Name: SKYNETrdvvtnic

Image Path: C:\Windows\system32\drivers\SKYNETokvviotn.sys

SKYNET[random characters].sys

I will have to look that up, maybe a form of Conficker

Quads

ancp41 · June 10, 2009, 11:04am

I used pastebay for the gmer. I dont know why it wont copy the whole thing but here's the rest of the gmer log. Its the continuation of the log.

GMER log: http://pastebay.com/21241

GMER log continuation: http://pastebay.com/21245

hope this works.

Quads · June 10, 2009, 11:12am

Ok yippie that worked

I have saved your log on to my PC and will script it tomorrow morning, it's getting towards Midnight here.

See you tomorrow

Quads

ancp41 · June 10, 2009, 11:15am

thanks.

by the way... i already downloaded avenger. trying to help you so that the process is faster.

ancp41 · June 10, 2009, 9:58am

Hi,

My norton is giving me a hard time. Norton will open and when I click on full, quick, or custom scan, it says its scanning but it shows no progress. Before, it'll show me how many files it scanned, how many viruses were found, and how many viruses were resolved. It doesn't show me. When it first started acting up I left it to scan for the whole night (maybe for 5 hours), when I woke up it was still at zero. Please let me know what I need to do to solve this issue. Thanks.

Quads · June 10, 2009, 11:19am

Avenger can be dangerous to use I will PM you your script tomorrow ( I have to create it).

Quads

Quads · June 11, 2009, 1:01am

Hi

Now after you have read the other Avenger post, where you downloaded from, when you get to number 3. insert this script below instead, After the script don't Run Malwaarebytes. As I would like the zipped (zip) Avenger folder

Here is the script.

3. In the "Input script here:" copy and paste the script between the lines

Drivers to disable:

SKYNETrdvvtnic

SKYNETokvviotn.sys

Drivers to delete:

SKYNETrdvvtnic

SKYNETokvviotn.sys

Files to delete:

C:\WINDOWS\system32\drivers\SKYNETokvviotn.sys

C:\WINDOWS\System32\SKYNETmhxdfufx.dll

C:\WINDOWS\System32\SKYNETtqsxqrwn.dll

C:\Windows\System32\SKYNETcodrxpyq.dat

C:\Windows\System32\SKYNETiuwjpohn.dat

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbwqaecrotd.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbxxitndkpv.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETcsbrwvbyqb.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETevfpdxbepw.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETfwtmvqnpxt.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETorqwtfxfej.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETovwpwdxdsf.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNEToxbbdapvde.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETqfohupkoof.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETtmdsvedpuf.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETvcjherlmcr.tmp

C:\Users\ahah\AppData\Local\Temp\Low\SKYNETwptqiperbk.tmp

Registry keys to delete:

HKEY_LOCAL_MACHINE\SOFTWARE\SKYNET

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNETrdvvtnic

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SKYNETrdvvtnic

Quads

delphinium · June 11, 2009, 1:09am

Absolutely brilliant, Quads. I love watching this work! :smileyvery-happy:

ancp41 · June 11, 2009, 1:36am

Hey Quads,

Do you need the avenger log for anything?

Quads · June 11, 2009, 1:41am

Yes Please,

Also can you happen to find a file called "skynet.exe"

Also the zipped avenger folder is in "C:\avenger" could you please upload to http://rapidshare.com/index.html and PM me the link so I can download

The you can see if the likes of Malwarebytes updated and Norton works

Quads

ancp41 · June 11, 2009, 1:42am

Here's the avenger log:

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows NT 6.0 (build 6001, Service Pack 1)
Thu Jun 11 11:22:50 2009

11:22:42: Warning: Skipping potentially dangerous line:
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNETrdvvtnic" (Registry key deletion mode)
11:22:50: Error: Execution aborted by user!

//////////////////////////////////////////

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Disablement of driver "SKYNETrdvvtnic" failed!
Status: 0xc0000001 (STATUS_UNSUCCESSFUL)

Error: could not open driver "SKYNETokvviotn.sys"
Disablement of driver "SKYNETokvviotn.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Driver "SKYNETrdvvtnic" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\SKYNETokvviotn.sys" not found!
Deletion of driver "SKYNETokvviotn.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: could not delete file "C:\WINDOWS\system32\drivers\SKYNETokvviotn.sys"
Deletion of file "C:\WINDOWS\system32\drivers\SKYNETokvviotn.sys" failed!
Status: 0xc0000156

Error: could not delete file "C:\WINDOWS\System32\SKYNETmhxdfufx.dll"
Deletion of file "C:\WINDOWS\System32\SKYNETmhxdfufx.dll" failed!
Status: 0xc0000156

Error: could not delete file "C:\WINDOWS\System32\SKYNETtqsxqrwn.dll"
Deletion of file "C:\WINDOWS\System32\SKYNETtqsxqrwn.dll" failed!
Status: 0xc0000156

Error: could not delete file "C:\Windows\System32\SKYNETcodrxpyq.dat"
Deletion of file "C:\Windows\System32\SKYNETcodrxpyq.dat" failed!
Status: 0xc0000156

Error: file "C:\Windows\System32\SKYNETiuwjpohn.dat" not found!
Deletion of file "C:\Windows\System32\SKYNETiuwjpohn.dat" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbwqaecrotd.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbwqaecrotd.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbxxitndkpv.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETbxxitndkpv.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETcsbrwvbyqb.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETcsbrwvbyqb.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETevfpdxbepw.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETevfpdxbepw.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETfwtmvqnpxt.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETfwtmvqnpxt.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETorqwtfxfej.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETorqwtfxfej.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETovwpwdxdsf.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETovwpwdxdsf.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNEToxbbdapvde.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNEToxbbdapvde.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETqfohupkoof.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETqfohupkoof.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETtmdsvedpuf.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETtmdsvedpuf.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETvcjherlmcr.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETvcjherlmcr.tmp" failed!
Status: 0xc0000156

Error: could not delete file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETwptqiperbk.tmp"
Deletion of file "C:\Users\ahah\AppData\Local\Temp\Low\SKYNETwptqiperbk.tmp" failed!
Status: 0xc0000156

Registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNETrdvvtnic" deleted successfully.
Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SKYNETrdvvtnic" deleted successfully.

Error: registry key "HKEY_LOCAL_MACHINE\SOFTWARE\SKYNET" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SOFTWARE\SKYNET" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Completed script processing.

*******************

Finished! Terminate.

ancp41 · June 11, 2009, 1:54am

avenger compressed file link:

http://rapidshare.com/files/243196563/backup.zip.html

where can I find the skynet.exe file?

Quads · June 11, 2009, 1:57am

Hi

That is strange

"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNETrdvvtnic" (Registry key deletion mode)
11:22:50: Error: Execution aborted by user!

it got it further down anyway

Quads

Quads · June 11, 2009, 2:00am

Use the Windows Search and type in Skynet.exe

Quads

Quads · June 11, 2009, 2:21am

I am trying to figure out why Avenger is not allowed to get the files. Did get reg entries and the service, for loading

What Security software do you have installed??

Did you run Avenger as Administrator??

Quads

ancp41 · June 11, 2009, 2:29am

I still can’t find the skynet.exe ftle.

ancp41 · June 11, 2009, 2:31am

I dont think I used it as an administrator. What do I have to do now?

ancp41 · June 11, 2009, 2:33am

As for the security… Whatever came with my computer is what I use. I have Norton Internet Security and my windows defender and firewalls, etc.

Norton shows its scanning but it shows no progress

Announcements