posto il log di hijack
e un paio di antivir l`ultimo e ripulito delle cose non interessanti
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.17.02, on 23/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\windows\system32\spoolsv.exe
C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
C:\windows\system32\cisvc.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\windows\system32\svchost.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\compaq-flash.exe",
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programmi\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PCTVRemote] C:\Programmi\Pinnacle\PCTV Stereo\Remote\Remoterm.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ImMsn] C:\WINDOWS\msncomm.exe /i
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Startup Guard] "C:\Programmi\iolo\System Mechanic 5\StartupGuard.exe"
O4 - HKLM\..\Policies\Explorer\Run: [1] C:\WINDOWS\winsys.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-2000478354-413027322-839522115-1003\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Andrea')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tittuz88.spaces.live.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: 0F65FB12 - Unknown owner - C:\windows\system32\1DDDD796.EXE (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmi\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: B4620E06 - Unknown owner - C:\windows\system32\CC3980EC.EXE (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6323 bytes
ANTIVIR PRIMA VOLTA VIRUS
AntiVir PersonalEdition Classic
Report file date: giovedì 12 luglio 2007 19:00
Scanning for 915634 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Andrea
Computer name: BIBO-7676FB98A5
Version information:
BUILD.DAT : 247 11838 Bytes 10/05/2007 11:48:00
AVSCAN.EXE : 7.0.4.15 274472 Bytes 22/04/2007 20:13:06
AVSCAN.DLL : 7.0.4.4 33832 Bytes 22/04/2007 20:13:06
LUKE.DLL : 7.0.4.11 135208 Bytes 22/04/2007 20:13:06
LUKERES.DLL : 7.0.4.0 10280 Bytes 22/04/2007 20:13:06
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 18:25:39
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 17:24:47
ANTIVIR2.VDF : 6.39.0.130 2048 Bytes 10/07/2007 17:24:47
ANTIVIR3.VDF : 6.39.0.131 2048 Bytes 10/07/2007 17:24:47
AVEWIN32.DLL : 7.4.0.39 2482688 Bytes 05/07/2007 17:18:53
AVWINLL.DLL : 1.0.0.7 14376 Bytes 22/04/2007 20:13:06
AVPREF.DLL : 7.0.2.1 18984 Bytes 22/04/2007 20:13:06
AVREP.DLL : 7.0.0.1 122920 Bytes 22/04/2007 20:13:07
AVPACK32.DLL : 7.3.0.13 348200 Bytes 27/06/2007 17:17:40
AVREG.DLL : 7.0.1.2 31784 Bytes 22/04/2007 20:13:06
AVEVTLOG.DLL : 7.0.0.18 81960 Bytes 22/04/2007 20:13:06
AVARKT.DLL : No Information!
NETNT.DLL : 6.32.0.0 6696 Bytes 27/09/2005 07:56:45
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 22/04/2007 20:13:03
RCTEXT.DLL : 7.0.45.0 86056 Bytes 22/04/2007 20:13:03
Configuration settings for the scan:
Jobname..........................: Active Processes
Configuration file...............: C:\Programmi\AntiVir PersonalEdition Classic\process.avp
Logging..........................: medium
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: on
Extended process scan............: on
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +Netscape/Mozilla Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +GAME,+JOKE,+PCK,+SPR,
Start of the scan: giovedì 12 luglio 2007 19:00
The scan of running processes will be started
Scan process 'avscan.exe' - '31' Module(s) have been scanned
Scan process 'avcenter.exe' - '55' Module(s) have been scanned
Scan process 'PCLEScheduler.exe' - '23' Module(s) have been scanned
Scan process 'iPodService.exe' - '0' Module(s) have been scanned
Scan process 'soundman.exe' - '20' Module(s) have been scanned
Scan process 'alg.exe' - '0' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '25' Module(s) have been scanned
Scan process 'rundll32.exe' - '30' Module(s) have been scanned
Scan process 'remoterm.exe' - '17' Module(s) have been scanned
Scan process 'avgnt.exe' - '34' Module(s) have been scanned
Scan process 'acrotray.exe' - '19' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '0' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '0' Module(s) have been scanned
Scan process 'btwdins.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'avguard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '0' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '0' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '87' Module(s) have been scanned
Module is infected -> 'C:\windows\system32\41E3EBE0.DLL'
Scan process 'compaq-flash.exe' - '32' Module(s) have been scanned
Module is infected -> 'C:\windows\system32\41E3EBE0.DLL'
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
11 processes with 373 modules were scanned
End of the scan: giovedì 12 luglio 2007 19:00
Used time: 00:19 min
The scan has been done completely.
0 Scanning directories
372 Files were scanned
2 viruses and/or unwanted programs were found
2 classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
368 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
0 Hidden objects were found
ANTIVIR ULTIMO SCAN COMPLETO, LOG TRONCATO DELLE PARTI POCO INTERESSANTI
AntiVir PersonalEdition Classic
Report file date: lunedì 23 luglio 2007 21:03
Scanning for 915634 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Andrea
Computer name: BIBO-7676FB98A5
Version information:
BUILD.DAT : 247 11838 Bytes 10/05/2007 11:48:00
AVSCAN.EXE : 7.0.4.15 274472 Bytes 22/04/2007 20:13:06
AVSCAN.DLL : 7.0.4.4 33832 Bytes 22/04/2007 20:13:06
LUKE.DLL : 7.0.4.11 135208 Bytes 22/04/2007 20:13:06
LUKERES.DLL : 7.0.4.0 10280 Bytes 22/04/2007 20:13:06
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 18:25:39
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 17:24:47
ANTIVIR2.VDF : 6.39.0.130 2048 Bytes 10/07/2007 17:24:47
ANTIVIR3.VDF : 6.39.0.131 2048 Bytes 10/07/2007 17:24:47
AVEWIN32.DLL : 7.4.0.39 2482688 Bytes 05/07/2007 17:18:53
AVWINLL.DLL : 1.0.0.7 14376 Bytes 22/04/2007 20:13:06
AVPREF.DLL : 7.0.2.1 18984 Bytes 22/04/2007 20:13:06
AVREP.DLL : 7.0.0.1 122920 Bytes 22/04/2007 20:13:07
AVPACK32.DLL : 7.3.0.13 348200 Bytes 27/06/2007 17:17:40
AVREG.DLL : 7.0.1.2 31784 Bytes 22/04/2007 20:13:06
AVEVTLOG.DLL : 7.0.0.18 81960 Bytes 22/04/2007 20:13:06
AVARKT.DLL : No Information!
NETNT.DLL : 6.32.0.0 6696 Bytes 27/09/2005 07:56:45
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 22/04/2007 20:13:03
RCTEXT.DLL : 7.0.45.0 86056 Bytes 22/04/2007 20:13:03
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Dati applicazioni\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: medium
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +Netscape/Mozilla Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lunedì 23 luglio 2007 21:03
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'compaq-flash.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
4 processes with 4 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\
C:\Programmi\Adobe\Acrobat 7.0\Distillr\
C:\Programmi\AntiVir PersonalEdition Classic\
C:\Programmi\Pinnacle\PCTV Stereo\Remote\
C:\windows\system32\
C:\WINDOWS\system32\
C:\Programmi\iTunes\
C:\WINDOWS\system32\
C:\Programmi\Zone Labs\ZoneAlarm\
C:\WINDOWS\
C:\WINDOWS\system32\
C:\Programmi\Skype\Phone\
C:\WINDOWS\system32\
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
C:\Programmi\Pinnacle\Shared Files\Programs\Scheduler\
C:\Documents and Settings\Andrea\Menu Avvio\Programmi\Esecuzione automatica\
C:\WINDOWS\system32\config\systemprofile\Menu Avvio\Programmi\Esecuzione automatica\
The registry was scanned ( '18' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\
C:\pagefile.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\_cleaned.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\
[email protected]\SharingMetadata\Working\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Messenger\
[email protected]\SharingMetadata\Working\database_8AA8_C62B_A8C6_161B\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Movie Maker\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\OIS\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Outlook\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Outlook\backupppostavecchia.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:archivio posta in arrivo 2005 - 06][Subject:Administration][From:
[email protected]]2135.document.zip
[DETECTION] Contains signature of the worm WORM/NetSky.P
[WARNING] Infected files in archives cannot be repaired!
[1] Archive type: ZIP
--> details.txt .pif
[DETECTION] Contains signature of the worm WORM/NetSky.P
[WARNING] Infected files in archives cannot be repaired!
--> Mailbox_[Folder:archivio posta in arrivo 2005 - 06][Subject:Hi][From:
[email protected]]4912.application.zip
[DETECTION] Contains signature of the worm WORM/NetSky.P
[WARNING] Infected files in archives cannot be repaired!
[1] Archive type: ZIP
--> document.txt .exe
[DETECTION] Contains signature of the worm WORM/NetSky.P
[WARNING] Infected files in archives cannot be repaired!
--> Mailbox_[Folder:archivio posta in arrivo 2005 - 06][Subject:Your password has been updated][From:
[email protected]]5590.updated-password.zip
[DETECTION] Contains signature of the worm WORM/Mytob.GK
[WARNING] Infected files in archives cannot be repaired!
[1] Archive type: ZIP
--> updated-password.htm .pif
[DETECTION] Contains signature of the worm WORM/Mytob.GK
[WARNING] Infected files in archives cannot be repaired!
[WARNING] The file was ignored!
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Outlook\Outlook.pst
[0] Archive type: MS Outlook Mailbox
--> Mailbox_[Folder:Titta][Subject:noia... actun!][From:
[email protected]]5651.Che_noia.zip
[1] Archive type: ZIP
--> Che noia!.exe
[DETECTION] Contains signature of the joke program JOKE/Noia
[WARNING] Infected files in archives cannot be repaired!
--> Mailbox_[Folder:Titta][Subject:noia... actun!][From:
[email protected]]5653.Che_noia.zip
[1] Archive type: ZIP
--> Che noia!.exe
[DETECTION] Contains signature of the joke program JOKE/Noia
[WARNING] Infected files in archives cannot be repaired!
--> Mailbox_[Folder:Posta eliminata][Subject:Video CNN][From:
[email protected]]576.cnn_news.asx
[DETECTION] Is the Trojan horse TR/Dldr.VB.FT.89
[WARNING] Infected files in archives cannot be repaired!
[WARNING] The file was ignored!
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Windows\
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Dati applicazioni\Sun\Java\jre1.5.0_09\
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR10.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR11.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR12.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR13.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR14.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR15.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR16.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR17.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR18.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR19.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1A.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1B.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1C.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1D.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1E.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR1F.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR20.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR21.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR22.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR23.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR24.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR25.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR26.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR27.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR28.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR29.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2A.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2B.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2C.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2D.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2E.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR2F.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR30.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR31.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR32.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR33.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR34.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR35.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR36.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR37.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR38.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR39.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3A.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3B.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3C.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3D.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3E.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR3F.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR40.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR41.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR42.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR43.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR44.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR45.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR46.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR47.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR48.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR49.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4A.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4B.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4C.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4D.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4E.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR4F.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR5.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR50.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR51.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR52.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR53.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR54.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR55.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR56.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR57.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR58.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR6.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR7.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR8.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXR9.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRA.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRB.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRC.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRD.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRE.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temp\PXRF.tmp
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\jz0619[1].exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '77db2dba.qua'!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\jz0619[2].exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '76fc2657.qua'!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\mh0618[1].exe
[DETECTION] Is the Trojan horse TR/PSW.Agent.20480
[INFO] A backup was created as '77db2da9.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\qj0617[1].exe
[DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
[INFO] A backup was created as '77db2dab.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\wow0617[1].exe
[DETECTION] Is the Trojan horse TR/PSW.Agent.20480
[INFO] A backup was created as '7cd574b0.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\wow0617[2].exe
[DETECTION] Is the Trojan horse TR/PSW.Agent.20480
[INFO] A backup was created as '7df27f5d.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\zt0616[1].exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] A backup was created as '77db2db6.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\Andrea\Impostazioni locali\Temporary Internet Files\Content.IE5\ST67W9AB\zt0616[2].exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] A backup was created as '76fc265b.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\Documents and Settings\LocalService\
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\LocalService\Cookies\
C:\Documents and Settings\LocalService\Dati applicazioni\Microsoft\HTML Help\
C:\Documents and Settings\LocalService\Impostazioni locali\
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\MSHist012006072520060726\
C:\Documents and Settings\LocalService\Impostazioni locali\Cronologia\History.IE5\MSHist012006072820060729\
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\LocalService\Impostazioni locali\Temporary Internet Files\
C:\Documents and Settings\NetworkService\
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Programmi\File comuni\Services\lbA.exe
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Programmi\File comuni\Services\uvO.exe
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Programmi\File comuni\Services\VlymF.exe
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Programmi\File comuni\System\Yco.exe
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\Programmi\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask
[0] Archive type: ZIP
--> Ad-Aware SE Default.skn
[WARNING] The archive is encrypted
[WARNING] The archive is encrypted
C:\WINDOWS\
C:\WINDOWS\compaq-flash.exe
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\
C:\WINDOWS\system32\41E3EBE0.DLL
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '8bd8465e.qua'!
C:\WINDOWS\system32\7B1DE621.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] A backup was created as '8be9326f.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\WINDOWS\system32\k11852036782.exe
[DETECTION] Is the Trojan horse TR/PSW.Agent.20480
[INFO] A backup was created as '7bdd326f.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\WINDOWS\system32\k11852172122.exe
[DETECTION] Is the Trojan horse TR/PSW.Agent.20480
[INFO] A backup was created as '7bdd3270.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\WINDOWS\system32\1033\
C:\WINDOWS\system32\1040\
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\
C:\WINDOWS\system32\CatRoot2\
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\
C:\WINDOWS\system32\Color\
C:\WINDOWS\system32\Com\
C:\WINDOWS\system32\config\
C:\WINDOWS\system32\config\default
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\default.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\SAM
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\SAM.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\SECURITY
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\SECURITY.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\software
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\software.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\system
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\config\system.LOG
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\drivers\dtscsi.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
C:\WINDOWS\system32\drivers\sptd9981.sys
[WARNING] The file could not be opened!
[WARNING] Error code: 0x000D
[WARNING] Access error/file locked!
End of the scan: lunedì 23 luglio 2007 21:29
Used time: 26:07 min
The scan has been done completely.
6007 Scanning directories
179636 Files were scanned
21 viruses and/or unwanted programs were found
3 classified as suspicious:
9 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
621 Files cannot be scanned
179612 Files not concerned
2294 Archives were scanned
672 Warnings
0 Notes
0 Hidden objects were found