Mam problem. Jakiś wirus blokuje mi dostęp do serwerów antywirusów itp. Nie mogę nic pobrać ani aktualizować.
hijackthisa nie mogę pobrać bo zabrania mi dostępu do serwera ten wirus.
Logi z combofixa:
ComboFix 12-06-08.02 - Wojciech 2012-06-09 11:08:43.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.618 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Wojciech\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\Wojciech\Pulpit\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\kbdblr32.exe
.
.
((((((((((((((((((((((((( Pliki utworzone od 2012-05-09 do 2012-06-09 )))))))))))))))))))))))))))))))
.
.
2012-06-09 08:16 . 2012-06-09 08:16 -------- d-----w- c:\program files\CCleaner
2012-06-08 21:46 . 2012-06-08 21:46 0 ----a-w- c:\windows\system32\A2.tmp
2012-06-08 21:46 . 2012-06-08 21:46 0 ----a-w- c:\windows\system32\A1.tmp
2012-06-07 07:36 . 2012-06-07 07:36 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-07 07:36 . 2012-06-07 07:36 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-06 16:21 . 2012-06-06 16:21 0 ----a-w- c:\windows\system32\1D.tmp
2012-06-06 16:21 . 2012-06-06 16:21 0 ----a-w- c:\windows\system32\1C.tmp
2012-05-31 17:50 . 2012-05-31 17:50 0 ----a-w- c:\windows\system32\A0.tmp
2012-05-31 17:50 . 2012-05-31 17:50 0 ----a-w- c:\windows\system32\9F.tmp
2012-05-29 18:46 . 2012-05-29 18:46 0 ----a-w- c:\windows\system32\64.tmp
2012-05-29 18:45 . 2012-05-29 18:45 0 ----a-w- c:\windows\system32\63.tmp
2012-05-25 19:15 . 2012-05-25 19:15 0 ----a-w- c:\windows\system32\60.tmp
2012-05-25 19:14 . 2012-05-25 19:14 0 ----a-w- c:\windows\system32\5E.tmp
2012-05-24 18:26 . 2012-05-24 18:26 0 ----a-w- c:\windows\system32\94.tmp
2012-05-24 18:26 . 2012-05-24 18:26 0 ----a-w- c:\windows\system32\8F.tmp
2012-05-21 18:35 . 2012-05-21 18:35 0 ----a-w- c:\windows\system32\10A.tmp
2012-05-21 18:34 . 2012-05-21 18:34 0 ----a-w- c:\windows\system32\109.tmp
2012-05-17 14:35 . 2012-05-17 14:35 0 ----a-w- c:\windows\system32\5D.tmp
2012-05-17 14:35 . 2012-05-17 14:35 0 ----a-w- c:\windows\system32\5C.tmp
2012-05-14 14:06 . 2012-05-14 14:06 0 ----a-w- c:\windows\system32\1EB.tmp
2012-05-14 14:05 . 2012-05-14 14:05 0 ----a-w- c:\windows\system32\1EA.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 12:04 . 2012-05-04 12:04 0 ----a-w- c:\windows\system32\57.tmp
2012-05-04 12:04 . 2012-05-04 12:04 0 ----a-w- c:\windows\system32\54.tmp
2012-05-02 15:25 . 2012-05-02 15:25 0 ----a-w- c:\windows\system32\8D.tmp
2012-05-02 15:25 . 2012-05-02 15:25 0 ----a-w- c:\windows\system32\8B.tmp
2012-05-01 18:48 . 2012-05-01 18:48 0 ----a-w- c:\windows\system32\B9.tmp
2012-05-01 13:48 . 2012-05-01 13:48 0 ----a-w- c:\windows\system32\8A.tmp
2012-04-30 15:19 . 2012-04-30 15:19 0 ----a-w- c:\windows\system32\53.tmp
2012-04-30 15:19 . 2012-04-30 15:19 0 ----a-w- c:\windows\system32\4F.tmp
2012-04-27 18:21 . 2012-04-27 18:21 0 ----a-w- c:\windows\system32\4E.tmp
2012-04-27 18:21 . 2012-04-27 18:21 0 ----a-w- c:\windows\system32\4B.tmp
2012-04-25 19:29 . 2012-04-25 19:29 0 ----a-w- c:\windows\system32\32.tmp
2012-04-25 19:28 . 2012-04-25 19:28 0 ----a-w- c:\windows\system32\2F.tmp
2012-04-23 16:30 . 2012-04-23 16:30 0 ----a-w- c:\windows\system32\EC.tmp
2012-04-23 16:30 . 2012-04-23 16:30 0 ----a-w- c:\windows\system32\EB.tmp
2012-04-20 12:57 . 2012-04-20 12:57 0 ----a-w- c:\windows\system32\152.tmp
2012-04-20 12:56 . 2012-04-20 12:56 0 ----a-w- c:\windows\system32\151.tmp
2012-04-19 16:59 . 2012-04-19 16:59 0 ----a-w- c:\windows\system32\89.tmp
2012-04-19 16:59 . 2012-04-19 16:59 0 ----a-w- c:\windows\system32\87.tmp
2012-04-16 11:21 . 2012-04-16 11:21 0 ----a-w- c:\windows\system32\148.tmp
2012-04-16 11:21 . 2012-04-16 11:21 0 ----a-w- c:\windows\system32\147.tmp
2012-04-15 20:13 . 2012-04-15 20:13 0 ----a-w- c:\windows\system32\9E.tmp
2012-04-15 20:13 . 2012-04-15 20:13 0 ----a-w- c:\windows\system32\9D.tmp
2012-04-13 17:13 . 2012-04-13 17:13 0 ----a-w- c:\windows\system32\85.tmp
2012-04-13 12:13 . 2012-04-13 12:13 0 ----a-w- c:\windows\system32\5B.tmp
2012-04-11 17:55 . 2012-04-11 17:55 0 ----a-w- c:\windows\system32\12B.tmp
2012-04-11 12:54 . 2012-04-11 12:54 0 ----a-w- c:\windows\system32\9C.tmp
2012-04-10 11:19 . 2012-04-10 11:19 0 ----a-w- c:\windows\system32\B4.tmp
2012-04-10 11:19 . 2012-04-10 11:19 0 ----a-w- c:\windows\system32\B3.tmp
2012-04-07 15:17 . 2012-04-07 15:17 0 ----a-w- c:\windows\system32\E.tmp
2012-04-07 15:17 . 2012-04-07 15:17 0 ----a-w- c:\windows\system32\D.tmp
2012-04-05 16:54 . 2012-04-05 16:54 0 ----a-w- c:\windows\system32\83.tmp
2012-04-05 16:53 . 2012-04-05 16:53 0 ----a-w- c:\windows\system32\82.tmp
2012-04-04 12:09 . 2012-04-04 12:09 0 ----a-w- c:\windows\system32\4D.tmp
2012-04-04 12:09 . 2012-04-04 12:09 0 ----a-w- c:\windows\system32\4C.tmp
2012-04-03 17:55 . 2012-04-03 17:55 0 ----a-w- c:\windows\system32\BE.tmp
2012-04-03 12:55 . 2012-04-03 12:55 0 ----a-w- c:\windows\system32\62.tmp
2012-04-02 19:37 . 2012-04-02 19:37 0 ----a-w- c:\windows\system32\9B.tmp
2012-04-02 14:37 . 2012-04-02 14:37 0 ----a-w- c:\windows\system32\4A.tmp
2012-03-30 16:59 . 2012-03-30 16:59 0 ----a-w- c:\windows\system32\81.tmp
2012-03-30 16:58 . 2012-03-30 16:58 0 ----a-w- c:\windows\system32\80.tmp
2012-03-25 16:08 . 2012-03-25 16:08 0 ----a-w- c:\windows\system32\17.tmp
2012-03-25 16:07 . 2012-03-25 16:07 0 ----a-w- c:\windows\system32\16.tmp
2012-03-23 14:17 . 2012-03-23 14:17 0 ----a-w- c:\windows\system32\49.tmp
2012-03-23 14:17 . 2012-03-23 14:17 0 ----a-w- c:\windows\system32\47.tmp
2012-03-22 18:53 . 2012-03-22 18:53 0 ----a-w- c:\windows\system32\A7.tmp
2012-03-22 13:53 . 2012-03-22 13:53 0 ----a-w- c:\windows\system32\90.tmp
2012-03-21 16:04 . 2012-03-21 16:04 0 ----a-w- c:\windows\system32\46.tmp
2012-03-21 16:04 . 2012-03-21 16:04 0 ----a-w- c:\windows\system32\45.tmp
2012-03-20 20:04 . 2012-03-20 20:04 0 ----a-w- c:\windows\system32\2E.tmp
2012-03-20 20:04 . 2012-03-20 20:04 0 ----a-w- c:\windows\system32\2D.tmp
2012-03-18 21:07 . 2012-03-18 21:07 0 ----a-w- c:\windows\system32\2C.tmp
2012-03-18 21:06 . 2012-03-18 21:06 0 ----a-w- c:\windows\system32\2B.tmp
2012-03-15 14:14 . 2012-03-15 14:14 0 ----a-w- c:\windows\system32\56.tmp
2012-03-15 14:14 . 2012-03-15 14:14 0 ----a-w- c:\windows\system32\55.tmp
2012-03-14 21:22 . 2012-03-14 21:22 0 ----a-w- c:\windows\system32\C6.tmp
2012-03-13 14:29 . 2012-03-13 14:29 0 ----a-w- c:\windows\system32\7F.tmp
2012-03-13 14:28 . 2012-03-13 14:28 0 ----a-w- c:\windows\system32\78.tmp
2012-03-12 16:53 . 2012-03-12 16:53 0 ----a-w- c:\windows\system32\A4.tmp
2012-03-12 16:52 . 2012-03-12 16:52 0 ----a-w- c:\windows\system32\A3.tmp
2003-03-21 12:37 . 2003-03-21 12:37 16056 ----a-w- c:\program files\owcstp16.dll
2012-06-07 07:36 . 2011-12-04 18:24 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-11-17 12:30 512512 --sh--w- c:\windows\wdigestwow.exe
2011-06-29 16:50 522752 --sh--w- c:\windows\wmerrorwow.exe
2011-03-06 09:07 203776 --sh--w- c:\windows\system32\unrar.exe
2011-03-06 09:07 203776 --sh--w- c:\windows\system32\567B5433A72B8D858EA715178277C159\unrar.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-09_08.54.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-09 09:04 . 2012-06-09 09:04 16384 c:\windows\Temp\Perflib_Perfdata_170.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06230520-1E04-4807-AAB0-AF88A6459735}]
2011-03-06 09:07 413184 ----a-w- c:\windows\system32\atmpvcno32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-12-05 8523776]
"nwiz"="nwiz.exe" [2007-12-05 1626112]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-12-05 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"wdigestwow.exe"="c:\windows\wdigestwow.exe" [2011-11-17 512512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\mll_mtf32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 17:43 69632 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2005-12-10 14:57 133016 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 20:51 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OWCWebCamDV]
2004-05-20 07:59 1056768 ----a-w- c:\windows\system\wcdvtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-07-05 15:08 16380416 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-04-01 18:49 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmerrorwow.exe]
2011-06-29 16:50 522752 --sh--w- c:\windows\wmerrorwow.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ServiceLayer"=3 (0x3)
"SbPF.Launcher"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\wmerrorwow.exe"=
"c:\\Documents and Settings\\Wojciech\\Dane aplikacji\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"d:\\Gry\\Medieval 2\\kingdoms.exe"=
"c:\\WINDOWS\\system32\\kbdpl132.exe"=
"c:\\WINDOWS\\wdigestwow.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2049:TCP"= 2049:TCP:iklei
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-01-05 639224]
R2 WebCamDV;WebCamDV DV to Webcam Converter;c:\windows\system32\drivers\WebCamDV.sys [2004-09-17 212608]
S2 izdqojflw;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [2001-10-26 14336]
S2 TrkWks32;Klient śledzenia łączy rozproszonych ;c:\windows\system32\kbdpl132.exe [2011-03-06 1421824]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2009-02-01 219136]
S3 cpuz130;cpuz130;\??\c:\docume~1\Wojciech\USTAWI~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Wojciech\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 koobnsa;koobnsa;c:\windows\system32\02.tmp [2011-06-05 4096]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [2008-06-24 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\windows\system32\DRIVERS\kwflower.sys --> c:\windows\system32\DRIVERS\kwflower.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 113120]
S3 TESTCAP;Mobicam, Video Capture Device;c:\windows\system32\drivers\mobicam.sys [2009-01-31 230144]
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
izdqojflw
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Pobierz z &BitSpirit - d:\bartek\BitSpirit\bsurl.htm
TCP: DhcpNameServer = 82.139.8.7 88.156.63.9
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Wojciech\Dane aplikacji\Mozilla\Firefox\Profiles\m959ucrs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1408409&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-09 11:12
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\koobnsa]
"ImagePath"="\??\c:\windows\system32\02.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\izdqojflw]
"ServiceDll"="c:\windows\system32\lbysv.dll"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{507DDBB2-0FC3-4A72-E0B7-88141908C1BC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paebemiimebnpmpfkdoampngiapbeann"=hex:6a,61,6e,64,6c,64,6a,69,63,67,69,67,64,
6e,69,62,68,65,67,65,00,fb
"oagcaepbgiljnhpcjdjedfejbmcojj"=hex:6a,61,6e,64,6c,64,6a,69,63,67,69,67,64,6e,
69,62,68,65,67,65,00,fb
"abackgmhbfjnnfibammnkbnmamdaanmidi"=hex:61,61,00,00
"manbjgmcochjnkeelimfihfiie"=hex:61,61,00,00
.
[HKEY_USERS\S-1-5-21-343818398-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A04AC9A1-9008-974E-45EA-26EF41FB1EDF}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaaigmlbpfjpmldffk"=hex:69,61,64,66,69,6a,62,68,68,6b,6a,6c,6d,64,61,70,70,63,
00,00
"haoimfkkilociaca"=hex:69,61,64,66,69,6a,62,68,68,6b,6a,6c,6d,64,61,70,70,63,
00,00
.
[HKEY_USERS\S-1-5-21-343818398-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DAEDDC80-BB95-B937-AC12-1B991C077167}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iabppeeabmahodblhi"=hex:69,61,6b,64,68,6d,65,64,70,6e,62,63,66,69,66,65,66,6a,
00,02
"hahpjjojeplofdae"=hex:69,61,6b,64,68,6d,65,64,70,6e,62,63,66,69,66,65,66,6a,
00,02
.
Czas ukończenia: 2012-06-09 11:14:02
ComboFix-quarantined-files.txt 2012-06-09 09:13
ComboFix2.txt 2012-06-09 08:55
.
Przed: 12 418 871 296 bajtów wolnych
Po: 12 407 566 336 bajtów wolnych
.
- - End Of File - - EB106608A64A39295A5E2862348826F9
logi z avegera:
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sat Jun 09 11:02:30 2012
11:02:22: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78420468-dbff-11dd-8bb7-0011a3031bf2}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
11:02:28: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb3c8af0-d0e3-11dd-a804-806d6172696f}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
11:02:30: Error: Execution aborted by user!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Dodatek Service Pack 3)
Sat Jun 09 11:02:47 2012
11:02:45: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78420468-dbff-11dd-8bb7-0011a3031bf2}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
11:02:47: Error: Invalid registry syntax in command:
"HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb3c8af0-d0e3-11dd-a804-806d6172696f}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)
11:02:47: Error: Execution aborted by user!
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Completed script processing.
*******************
Finished! Terminate.