Olimpo Informatico

[@83]

smjert non posso effettuare la scansione con sys71424
ho scaricato come scritto nella guida sedebug-restore ma mi dice che non è un comando riconosciuto cosa faccio io voglio elimenarlo

[Orange]

allora vogliamo rallentare un'attimo??

@ste: qui cerchiamo di dare un'aiuto agli utenti e non di perseguire i nostri fini per quanto "nobili". Stai creando parecchia confusione con i tuoi interventi, e di sicuro non sei di nessun aiuto a @83. se non sei sicuro come procedere, lascia fare a qualcuno più esperto.
D'ora in poi i messaggi di questo genere saranno segnalati agli amministratori ed eliminati senza preavviso.


@83 Mi scuso per questa confusione.

Vogliamo fare un riassunto? E' un'po difficile fare il punto di situazione con 6 pagine di thread.
Perche hai scaricato SeDebugRestore? Serve solamente per riaquistare i privilegi di amministratore, hai un problema simile?
SystemScan lo trovi a questo indirizzo.
segui la guida per fare e postare il log.

[Smjert]

Dunque, devi aver scaricato un codec (PCODEC) che in realtà è fasullo e ti installa un sacco di schifezze e in più si connette a Gromozon.
Prima di tutto togliamo il rootkit.

Proviamo ad usare i "vecchi" tool per il gromozon:

Scarica tool di rimozione della Prevx.
Scarica anche il tool della Symantec.
Scarica poi Avenger e decomprimilo sul dekstop.

Prima di tutto fai partire il tool della Prevx da modalità normale (di consiglio di disconnetterti da internet, salvati le operazioni su qualche file),alla fine dovrebbe riavviarti il pc (o comunque ti chiede di farlo, tu accetta).
Riavviato il pc fai partire Avenger, seleziona Input Script Manually, clicca poi sulla lente e nel box bianco che ti si apre mettici questo:

[@83]

grazie orange non ci stavo capendo + nulla

comunque ho effettuato per prima cosa il down load di sys71424
siccome mi è comparsa la citazione di warning presente nella guida ho scaricato anche SeDEbug pensando di risolvere il problema ma quando lo avvio mi caccia il seguente messagio
"\cscript.exe" non è riconosciuto come comando interno o estero un programma eseguibile o un file batch.
please reboot your machine
press any key to exit

ora non so che fare la guida si ferma con se debug che funziona

[Orange]

Il messaggio era proprio: Warning! You don't have the seDebugPrivilege, which is required for SystemScan to work. ?
oppure diceva qualcosa tipo Warning! You have a pop-up disabled... (o qualcosa simile, non mi ricordo più tanto bene)

Se è il primo caso, segui la procedura indicata da Smjert.
Se è il secondo invece, ti basta tener premuto il tasto CTRL e cliccare sul link del download.

[@83]

ho seguito la tua procedura fino a prima di dover tornare in modalità provvisoria quando mi sono accorto che nel log di avenger diceva di non aver trovato alcun file.
sono riandato nella cartella sistem 32 ed il file effettivamente ha un estensione diversa non è lpt1.yre
ma è lpt1yr_

è lo stesso cosa devo fare scusate

[Smjert]

Puoi postare il log di avenger perfavore?

[@83]

rimando avenger in esecuzione e ti posto il log e cmq si è il primo caso

evo scollegarmi un sec per avviare aveger

[Smjert]

Scusa non te l'ho scritto ma il log di avenger lo puoi trovare sul desktop o in C:\ (se non sbaglio) e si chiama semplicemente avenger.log, non serve farlo ripartire.

[@83]

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\pgbstmsa

*******************

Script file located at: \??\C:\WINDOWS\ctrkcbq^.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\lpt1.yre not found!
Deletion of file C:\WINDOWS\system32\lpt1.yre failed!

Could not process line:
C:\WINDOWS\system32\lpt1.yre
Status: 0xc0000034



File C:\WINDOWS\vnbad1.dll not found!
Deletion of file C:\WINDOWS\vnbad1.dll failed!

Could not process line:
C:\WINDOWS\vnbad1.dll
Status: 0xc0000034



File C:\Programmi\PCODEC not found!
Deletion of file C:\Programmi\PCODEC failed!

Could not process line:
C:\Programmi\PCODEC
Status: 0xc0000034


Questo è quello che mi ha dato la seconda volta

File C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS not found!
Deletion of file C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS failed!

Could not process line:
C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

[@83]

Questo è quello del tool prevx

Removal tool loaded into memory
Gromozon rootkit component not detected - searching for other components
Scanning: C:\WINDOWS
Scanning: C:\Programmi\File comuni
Removing protected file: C:\Programmi\File comuni\System\AAmMt.exe
Removing protected file: C:\Programmi\File comuni\System\aER.exe
Removing protected file: C:\Programmi\File comuni\System\AixbQa.exe
Removing protected file: C:\Programmi\File comuni\System\aMh.exe
Removing protected file: C:\Programmi\File comuni\System\AqXk.exe
Removing protected file: C:\Programmi\File comuni\System\aWMw.exe
Removing protected file: C:\Programmi\File comuni\System\Ayqgj.exe
Removing protected file: C:\Programmi\File comuni\System\AzNZL.exe
Removing protected file: C:\Programmi\File comuni\System\BbCNZ.exe
Removing protected file: C:\Programmi\File comuni\System\bEjijB.exe
Removing protected file: C:\Programmi\File comuni\System\BFU.exe
Removing protected file: C:\Programmi\File comuni\System\bHB.exe
Removing protected file: C:\Programmi\File comuni\System\bHi.exe
Removing protected file: C:\Programmi\File comuni\System\bHoTIr.exe
Removing protected file: C:\Programmi\File comuni\System\Bkk.exe
Removing protected file: C:\Programmi\File comuni\System\bMt.exe
Removing protected file: C:\Programmi\File comuni\System\BNUwt.exe
Removing protected file: C:\Programmi\File comuni\System\Bqz.exe
Removing protected file: C:\Programmi\File comuni\System\bRJfzJ.exe
Removing protected file: C:\Programmi\File comuni\System\caYFd.exe
Removing protected file: C:\Programmi\File comuni\System\CFqRBn.exe
Removing protected file: C:\Programmi\File comuni\System\cle.exe
Removing protected file: C:\Programmi\File comuni\System\cmF.exe
Removing protected file: C:\Programmi\File comuni\System\coLrbq.exe
Removing protected file: C:\Programmi\File comuni\System\CQE.exe
Removing protected file: C:\Programmi\File comuni\System\csc.exe
Removing protected file: C:\Programmi\File comuni\System\CyK.exe
Removing protected file: C:\Programmi\File comuni\System\DbQ.exe
Removing protected file: C:\Programmi\File comuni\System\DEy.exe
Removing protected file: C:\Programmi\File comuni\System\dhL.exe
Removing protected file: C:\Programmi\File comuni\System\dlj.exe
Removing protected file: C:\Programmi\File comuni\System\dnS.exe
Removing protected file: C:\Programmi\File comuni\System\dygdNk.exe
Removing protected file: C:\Programmi\File comuni\System\dyugVd.exe
Removing protected file: C:\Programmi\File comuni\System\EfUTPX.exe
Removing protected file: C:\Programmi\File comuni\System\EMh.exe
Removing protected file: C:\Programmi\File comuni\System\ENpVWU.exe
Removing protected file: C:\Programmi\File comuni\System\EWf.exe
Removing protected file: C:\Programmi\File comuni\System\eyVjC.exe
Removing protected file: C:\Programmi\File comuni\System\FCO.exe
Removing protected file: C:\Programmi\File comuni\System\FDz.exe
Removing protected file: C:\Programmi\File comuni\System\FGUOCp.exe
Removing protected file: C:\Programmi\File comuni\System\fIOv.exe
Removing protected file: C:\Programmi\File comuni\System\FsZMAV.exe
Removing protected file: C:\Programmi\File comuni\System\fWWzLk.exe
Removing protected file: C:\Programmi\File comuni\System\GbOw.exe
Removing protected file: C:\Programmi\File comuni\System\gFA.exe
Removing protected file: C:\Programmi\File comuni\System\ggF.exe
Removing protected file: C:\Programmi\File comuni\System\gHVJ.exe
Removing protected file: C:\Programmi\File comuni\System\gkq.exe
Removing protected file: C:\Programmi\File comuni\System\glwvB.exe
Removing protected file: C:\Programmi\File comuni\System\gnrF.exe
Removing protected file: C:\Programmi\File comuni\System\GNTtGq.exe
Removing protected file: C:\Programmi\File comuni\System\gOm.exe
Removing protected file: C:\Programmi\File comuni\System\GrSwX.exe
Removing protected file: C:\Programmi\File comuni\System\guR.exe
Removing protected file: C:\Programmi\File comuni\System\Gwaj.exe
Removing protected file: C:\Programmi\File comuni\System\hed.exe
Removing protected file: C:\Programmi\File comuni\System\Hel.exe
Removing protected file: C:\Programmi\File comuni\System\HEREao.exe
Removing protected file: C:\Programmi\File comuni\System\hfL.exe
Removing protected file: C:\Programmi\File comuni\System\HGIyz.exe
Removing protected file: C:\Programmi\File comuni\System\hiI.exe
Removing protected file: C:\Programmi\File comuni\System\Hli.exe
Removing protected file: C:\Programmi\File comuni\System\HLQjEy.exe
Removing protected file: C:\Programmi\File comuni\System\hmc.exe
Removing protected file: C:\Programmi\File comuni\System\hMs.exe
Removing protected file: C:\Programmi\File comuni\System\HNxAk.exe
Removing protected file: C:\Programmi\File comuni\System\IBO.exe
Removing protected file: C:\Programmi\File comuni\System\IDFCWF.exe
Removing protected file: C:\Programmi\File comuni\System\ieUvu.exe
Removing protected file: C:\Programmi\File comuni\System\IeXzZ.exe
Removing protected file: C:\Programmi\File comuni\System\IgtzY.exe
Removing protected file: C:\Programmi\File comuni\System\iKla.exe
Removing protected file: C:\Programmi\File comuni\System\ILV.exe
Removing protected file: C:\Programmi\File comuni\System\imJ.exe
Removing protected file: C:\Programmi\File comuni\System\ioJ.exe
Removing protected file: C:\Programmi\File comuni\System\iPZ.exe
Removing protected file: C:\Programmi\File comuni\System\Irk.exe
Removing protected file: C:\Programmi\File comuni\System\IUDWi.exe
Removing protected file: C:\Programmi\File comuni\System\Izww.exe
Removing protected file: C:\Programmi\File comuni\System\jng.exe
Removing protected file: C:\Programmi\File comuni\System\jTq.exe
Removing protected file: C:\Programmi\File comuni\System\kcFGu.exe
Removing protected file: C:\Programmi\File comuni\System\kej.exe
Removing protected file: C:\Programmi\File comuni\System\kER.exe
Removing protected file: C:\Programmi\File comuni\System\KJYpH.exe
Removing protected file: C:\Programmi\File comuni\System\kqlf.exe
Removing protected file: C:\Programmi\File comuni\System\kuotN.exe
Removing protected file: C:\Programmi\File comuni\System\lBPAhO.exe
Removing protected file: C:\Programmi\File comuni\System\lEWzh.exe
Removing protected file: C:\Programmi\File comuni\System\Lmb.exe
Removing protected file: C:\Programmi\File comuni\System\LxH.exe
Removing protected file: C:\Programmi\File comuni\System\lxv.exe
Removing protected file: C:\Programmi\File comuni\System\Lxx.exe
Removing protected file: C:\Programmi\File comuni\System\lyK.exe
Removing protected file: C:\Programmi\File comuni\System\lzMCP.exe
Removing protected file: C:\Programmi\File comuni\System\maf.exe
Removing protected file: C:\Programmi\File comuni\System\McU.exe
Removing protected file: C:\Programmi\File comuni\System\Mhc.exe
Removing protected file: C:\Programmi\File comuni\System\MIzmK.exe
Removing protected file: C:\Programmi\File comuni\System\MJu.exe
Removing protected file: C:\Programmi\File comuni\System\mLbY.exe
Removing protected file: C:\Programmi\File comuni\System\mNe.exe
Removing protected file: C:\Programmi\File comuni\System\MoxEm.exe
Removing protected file: C:\Programmi\File comuni\System\mPn.exe
Removing protected file: C:\Programmi\File comuni\System\mVi.exe
Removing protected file: C:\Programmi\File comuni\System\MZSlus.exe
Removing protected file: C:\Programmi\File comuni\System\NcvM.exe
Removing protected file: C:\Programmi\File comuni\System\NnI.exe
Removing protected file: C:\Programmi\File comuni\System\nUz.exe
Removing protected file: C:\Programmi\File comuni\System\nWG.exe
Removing protected file: C:\Programmi\File comuni\System\nws.exe
Removing protected file: C:\Programmi\File comuni\System\nyf.exe
Removing protected file: C:\Programmi\File comuni\System\nYms.exe
Removing protected file: C:\Programmi\File comuni\System\nzBgZB.exe
Removing protected file: C:\Programmi\File comuni\System\OAT.exe
Removing protected file: C:\Programmi\File comuni\System\OBw.exe
Removing protected file: C:\Programmi\File comuni\System\ODM.exe
Removing protected file: C:\Programmi\File comuni\System\OeYzO.exe
Removing protected file: C:\Programmi\File comuni\System\oFdH.exe
Removing protected file: C:\Programmi\File comuni\System\oiJqJ.exe
Removing protected file: C:\Programmi\File comuni\System\oMB.exe
Removing protected file: C:\Programmi\File comuni\System\oNZe.exe
Removing protected file: C:\Programmi\File comuni\System\oqioWw.exe
Removing protected file: C:\Programmi\File comuni\System\orY.exe
Removing protected file: C:\Programmi\File comuni\System\ovJ.exe
Removing protected file: C:\Programmi\File comuni\System\Oxo.exe
Removing protected file: C:\Programmi\File comuni\System\OYf.exe
Removing protected file: C:\Programmi\File comuni\System\pBK.exe
Removing protected file: C:\Programmi\File comuni\System\pGS.exe
Removing protected file: C:\Programmi\File comuni\System\PNMyP.exe
Removing protected file: C:\Programmi\File comuni\System\PyR.exe
Removing protected file: C:\Programmi\File comuni\System\QBp.exe
Removing protected file: C:\Programmi\File comuni\System\QCAVSw.exe
Removing protected file: C:\Programmi\File comuni\System\QIAZ.exe
Removing protected file: C:\Programmi\File comuni\System\QMELz.exe
Removing protected file: C:\Programmi\File comuni\System\qPIDUp.exe
Removing protected file: C:\Programmi\File comuni\System\qsc.exe
Removing protected file: C:\Programmi\File comuni\System\qvoG.exe
Removing protected file: C:\Programmi\File comuni\System\QxV.exe
Removing protected file: C:\Programmi\File comuni\System\qze.exe
Removing protected file: C:\Programmi\File comuni\System\QZOpr.exe
Removing protected file: C:\Programmi\File comuni\System\RaG.exe
Removing protected file: C:\Programmi\File comuni\System\RDD.exe
Removing protected file: C:\Programmi\File comuni\System\RSwzO.exe
Removing protected file: C:\Programmi\File comuni\System\RTe.exe
Removing protected file: C:\Programmi\File comuni\System\RUc.exe
Removing protected file: C:\Programmi\File comuni\System\rXt.exe
Removing protected file: C:\Programmi\File comuni\System\ryF.exe
Removing protected file: C:\Programmi\File comuni\System\SAT.exe
Removing protected file: C:\Programmi\File comuni\System\SeF.exe
Removing protected file: C:\Programmi\File comuni\System\SiS.exe
Removing protected file: C:\Programmi\File comuni\System\SIZ.exe
Removing protected file: C:\Programmi\File comuni\System\SKktW.exe
Removing protected file: C:\Programmi\File comuni\System\Slj.exe
Removing protected file: C:\Programmi\File comuni\System\StP.exe
Removing protected file: C:\Programmi\File comuni\System\SVvwj.exe
Removing protected file: C:\Programmi\File comuni\System\sWh.exe
Removing protected file: C:\Programmi\File comuni\System\sYW.exe
Removing protected file: C:\Programmi\File comuni\System\SzgjZy.exe
Removing protected file: C:\Programmi\File comuni\System\TdHYg.exe
Removing protected file: C:\Programmi\File comuni\System\TEQxSM.exe
Removing protected file: C:\Programmi\File comuni\System\TEy.exe
Removing protected file: C:\Programmi\File comuni\System\tUW.exe
Removing protected file: C:\Programmi\File comuni\System\Txyc.exe
Removing protected file: C:\Programmi\File comuni\System\uLjuR.exe
Removing protected file: C:\Programmi\File comuni\System\uofs.exe
Removing protected file: C:\Programmi\File comuni\System\uSeo.exe
Removing protected file: C:\Programmi\File comuni\System\uVm.exe
Removing protected file: C:\Programmi\File comuni\System\uvv.exe
Removing protected file: C:\Programmi\File comuni\System\uVvt.exe
Removing protected file: C:\Programmi\File comuni\System\uXDGn.exe
Removing protected file: C:\Programmi\File comuni\System\vcb.exe
Removing protected file: C:\Programmi\File comuni\System\vDHnd.exe
Removing protected file: C:\Programmi\File comuni\System\Ved.exe
Removing protected file: C:\Programmi\File comuni\System\vGj.exe
Removing protected file: C:\Programmi\File comuni\System\vmx.exe
Removing protected file: C:\Programmi\File comuni\System\vPLO.exe
Removing protected file: C:\Programmi\File comuni\System\Vqz.exe
Removing protected file: C:\Programmi\File comuni\System\vUj.exe
Removing protected file: C:\Programmi\File comuni\System\Vxx.exe
Removing protected file: C:\Programmi\File comuni\System\wAE.exe
Removing protected file: C:\Programmi\File comuni\System\wfdGNk.exe
Removing protected file: C:\Programmi\File comuni\System\WMNLL.exe
Removing protected file: C:\Programmi\File comuni\System\wngpl.exe
Removing protected file: C:\Programmi\File comuni\System\Wot.exe
Removing protected file: C:\Programmi\File comuni\System\WvJHtp.exe
Removing protected file: C:\Programmi\File comuni\System\wyyBU.exe
Removing protected file: C:\Programmi\File comuni\System\wZb.exe
Removing protected file: C:\Programmi\File comuni\System\wzEMiJ.exe
Removing protected file: C:\Programmi\File comuni\System\xFd.exe
Removing protected file: C:\Programmi\File comuni\System\xIWaT.exe
Removing protected file: C:\Programmi\File comuni\System\xjV.exe
Removing protected file: C:\Programmi\File comuni\System\Xlf.exe
Removing protected file: C:\Programmi\File comuni\System\xmG.exe
Removing protected file: C:\Programmi\File comuni\System\xND.exe
Removing protected file: C:\Programmi\File comuni\System\XuR.exe
Removing protected file: C:\Programmi\File comuni\System\xYl.exe
Removing protected file: C:\Programmi\File comuni\System\YAD.exe
Removing protected file: C:\Programmi\File comuni\System\YatFnb.exe
Removing protected file: C:\Programmi\File comuni\System\ycKX.exe
Removing protected file: C:\Programmi\File comuni\System\yFe.exe
Removing protected file: C:\Programmi\File comuni\System\yfkZDW.exe
Removing protected file: C:\Programmi\File comuni\System\yGQ.exe
Removing protected file: C:\Programmi\File comuni\System\YNe.exe
Removing protected file: C:\Programmi\File comuni\System\YqB.exe
Removing protected file: C:\Programmi\File comuni\System\YYDfQ.exe
Removing protected file: C:\Programmi\File comuni\System\yyM.exe
Removing protected file: C:\Programmi\File comuni\System\ZBBm.exe
Removing protected file: C:\Programmi\File comuni\System\ZlvXaW.exe
Removing protected file: C:\Programmi\File comuni\System\zmK.exe
Removing protected file: C:\Programmi\File comuni\System\zmOF.exe
Removing protected file: C:\Programmi\File comuni\System\ZMXCBa.exe
Removing protected file: C:\Programmi\File comuni\System\ZurWP.exe


Trojan.Gromozon Removed!

[@83]

Questo è quello che avva salvato in automatico in c a me sembrano identici

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\pgbstmsa

*******************

Script file located at: \??\C:\WINDOWS\ctrkcbq^.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\lpt1.yre not found!
Deletion of file C:\WINDOWS\system32\lpt1.yre failed!

Could not process line:
C:\WINDOWS\system32\lpt1.yre
Status: 0xc0000034



File C:\WINDOWS\vnbad1.dll not found!
Deletion of file C:\WINDOWS\vnbad1.dll failed!

Could not process line:
C:\WINDOWS\vnbad1.dll
Status: 0xc0000034



File C:\Programmi\PCODEC not found!
Deletion of file C:\Programmi\PCODEC failed!

Could not process line:
C:\Programmi\PCODEC
Status: 0xc0000034



File C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS not found!
Deletion of file C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS failed!

Could not process line:
C:\WINDOWS\System32\Drivers\aa7e6sxu.SYS
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

[Smjert]

Ok dunque ho scritto una cosa imprecisa nei comandi ad avenger.
Vediamo di togliere lpt1.yr_ e la cartella.

Usa di nuovo avenger e copiaci queste linee:

[@83]

grazie appena fatto avrai ancora mie notizie

[@83]

il log ha eliminato il file ma non il folder

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jueekpti

*******************

Script file located at: \??\C:\nscxfsjn.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\lpt1.yr_ deleted successfully.


Folder C:\Programmi\PCODEC not found!
Deletion of folder C:\Programmi\PCODEC failed!

Could not process line:
C:\Programmi\PCODEC
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

[Smjert]

Continua con le operazioni.
Disinstalla le voci se le trovi e se c'è ancora cancella quella cartella manualmente.

[@83]

in istalla applicazioni non ho trovato nessuna delle voci che mi hai chieto la cartella PCODEC non c'è e questo è il risultato del tool symantec

Symantec Trojan.Linkoptimizer Removal Tool 1.0.8
Restored SeDebugPrivilege to Administrators group

Trojan.Linkoptimizer has not been found on your computer.
ora procedo con kasper

[@83]

Ecco la scansione con kaspersky

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, November 24, 2007 7:49:34 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 24/11/2007
Kaspersky Anti-Virus database records: 465004
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 225015
Number of viruses found: 2
Number of infected objects: 2
Number of suspicious objects: 0
Duration of the scan process: 02:43:29

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Dati applicazioni\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Dati applicazioni\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Paolo\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Cronologia\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Cronologia\History.IE5\MSHist012007112420071125\index.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Dati applicazioni\ApplicationHistory\cli.exe.af01e8cc.ini.inuse Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\Perflib_Perfdata_59c.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\Perflib_Perfdata_cc0.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\Perflib_Perfdata_cd0.dat Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR10.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR11.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR12.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR13.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR14.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR15.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR16.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR17.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR18.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR19.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR1F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR20.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR21.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR22.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR23.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR24.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR25.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR26.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR27.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR28.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR29.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR2F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR30.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR31.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR32.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR33.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR34.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR35.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR36.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR37.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR38.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR39.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR3F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR40.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR41.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR42.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR43.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR44.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR45.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR46.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR47.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR48.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR49.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR4F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR50.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR51.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR52.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR53.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR54.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR55.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR56.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR57.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR58.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR59.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR5F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR60.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR61.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR62.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR63.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR64.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR65.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR66.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR67.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR68.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR69.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR6F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR70.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR71.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR72.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR73.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR74.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR75.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR76.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR77.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR78.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR79.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR7F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR80.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR81.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR82.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR83.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR84.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR85.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR86.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR87.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR88.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR89.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR8F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR90.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR91.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR92.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR93.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR94.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR95.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR96.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR97.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR98.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR99.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9A.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9B.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9C.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9D.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9E.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXR9F.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA0.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA1.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA2.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA3.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA4.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA5.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA6.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA7.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA8.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRA9.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAA.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAB.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAC.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAD.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAE.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRAF.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB0.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB1.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB2.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB3.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB4.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB5.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB6.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB7.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB8.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRB9.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBA.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBB.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBC.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBD.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBE.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRBF.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC0.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC1.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC2.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC3.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC4.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC5.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC6.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC7.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC8.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRC9.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCA.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCB.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCC.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCD.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCE.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRCF.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD0.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD1.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD2.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD3.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD4.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD5.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD6.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD7.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD8.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRD9.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDA.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDB.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDC.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDD.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDE.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRDF.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRE.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRE0.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRE1.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temp\PXRF.tmp Object is locked skipped
C:\Documents and Settings\Paolo\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Paolo\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Paolo\ntuser.dat.LOG Object is locked skipped
C:\Programmi\DAEMON Tools\SetupDTSB.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\Programmi\File comuni\System\mKjlTS.exe Object is locked skipped
C:\WINDOWS\bittorrent.exe Infected: Worm.Win32.RJump.c skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\gnserv.dat Object is locked skipped
C:\WINDOWS\Temp\spnserv.dat Object is locked skipped
C:\WINDOWS\Temp\spserv.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

[Orange]

e ci tocca ri-utilizzare Avenger

avvialo ed inserisci questo script:

[@83]

Avenger lo devo lanciare in modalità provvisoria?