Wklejka #792762 – Wklej.org

Anonim / 5 lat, 9 miesięcy temu | Download | Plaintext | Odpowiedz |
syntax
19:32:39.0167 3236	TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
19:32:39.0227 3236	============================================================
19:32:39.0227 3236	Current date / time: 2012/07/06 19:32:39.0227
19:32:39.0227 3236	SystemInfo:
19:32:39.0227 3236	
19:32:39.0227 3236	OS Version: 5.1.2600 ServicePack: 2.0
19:32:39.0227 3236	Product type: Workstation
19:32:39.0227 3236	ComputerName: LD
19:32:39.0227 3236	UserName: LESZEK
19:32:39.0227 3236	Windows directory: C:\WINDOWS
19:32:39.0227 3236	System windows directory: C:\WINDOWS
19:32:39.0227 3236	Processor architecture: Intel x86
19:32:39.0227 3236	Number of processors: 1
19:32:39.0227 3236	Page size: 0x1000
19:32:39.0227 3236	Boot type: Normal boot
19:32:39.0227 3236	============================================================
19:32:40.0659 3236	Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:32:40.0659 3236	Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:32:40.0669 3236	Drive \Device\Harddisk2\DR9 - Size: 0x1E3E0000 (0.47 Gb), SectorSize: 0x200, Cylinders: 0x3D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:32:40.0669 3236	============================================================
19:32:40.0669 3236	\Device\Harddisk0\DR0:
19:32:40.0669 3236	MBR partitions:
19:32:40.0669 3236	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
19:32:40.0689 3236	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x2373C4B
19:32:40.0689 3236	\Device\Harddisk1\DR1:
19:32:40.0689 3236	MBR partitions:
19:32:40.0689 3236	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
19:32:40.0699 3236	\Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x2711637
19:32:40.0719 3236	\Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x4E22D2B, BlocksNum 0x46E78D5
19:32:40.0719 3236	\Device\Harddisk2\DR9:
19:32:40.0719 3236	MBR partitions:
19:32:40.0719 3236	============================================================
19:32:40.0869 3236	C: <-> \Device\Harddisk0\DR0\Partition0
19:32:40.0899 3236	F: <-> \Device\Harddisk0\DR0\Partition1
19:32:40.0929 3236	G: <-> \Device\Harddisk1\DR1\Partition0
19:32:40.0959 3236	H: <-> \Device\Harddisk1\DR1\Partition1
19:32:41.0019 3236	I: <-> \Device\Harddisk1\DR1\Partition2
19:32:41.0019 3236	============================================================
19:32:41.0019 3236	Initialize success
19:32:41.0019 3236	============================================================
19:32:45.0275 3396	============================================================
19:32:45.0275 3396	Scan started
19:32:45.0275 3396	Mode: Manual; 
19:32:45.0275 3396	============================================================
19:32:46.0557 3396	Abiosdsk - ok
19:32:46.0577 3396	abp480n5 - ok
19:32:46.0637 3396	ACPI            (a966410ecf83b81f3b0b8e07a71957d4) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:32:46.0637 3396	ACPI - ok
19:32:46.0677 3396	ACPIEC          (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:32:46.0677 3396	ACPIEC - ok
19:32:46.0788 3396	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:32:46.0808 3396	AdobeFlashPlayerUpdateSvc - ok
19:32:46.0828 3396	adpu160m - ok
19:32:46.0888 3396	aec             (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
19:32:46.0898 3396	aec - ok
19:32:46.0948 3396	AFD             (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
19:32:46.0958 3396	AFD - ok
19:32:46.0978 3396	Aha154x - ok
19:32:46.0998 3396	aic78u2 - ok
19:32:47.0018 3396	aic78xx - ok
19:32:47.0509 3396	Akamai          (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
19:32:47.0509 3396	Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
19:32:47.0539 3396	Akamai ( HiddenFile.Multi.Generic ) - warning
19:32:47.0539 3396	Akamai - detected HiddenFile.Multi.Generic (1)
19:32:47.0689 3396	Alerter         (f79b5c5b0a77a134c5671992335d1409) C:\WINDOWS\system32\alrsvc.dll
19:32:47.0689 3396	Alerter - ok
19:32:47.0739 3396	ALG             (9d12991bc6b6c5c0fbab4c06e7073df1) C:\WINDOWS\System32\alg.exe
19:32:47.0739 3396	ALG - ok
19:32:47.0779 3396	AliIde - ok
19:32:47.0829 3396	AmdK7           (2efcb57ddfb0aeda0751c29f844e3298) C:\WINDOWS\system32\DRIVERS\amdk7.sys
19:32:47.0839 3396	AmdK7 - ok
19:32:47.0859 3396	amsint - ok
19:32:47.0939 3396	AppMgmt         (8d60b308d061da209cc271d9b480468c) C:\WINDOWS\System32\appmgmts.dll
19:32:47.0949 3396	AppMgmt - ok
19:32:47.0969 3396	asc - ok
19:32:47.0989 3396	asc3350p - ok
19:32:48.0009 3396	asc3550 - ok
19:32:48.0059 3396	aslm75          (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
19:32:48.0059 3396	aslm75 - ok
19:32:48.0190 3396	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:32:48.0300 3396	aspnet_state - ok
19:32:48.0360 3396	AsyncMac        (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:32:48.0360 3396	AsyncMac - ok
19:32:48.0410 3396	atapi           (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:32:48.0410 3396	atapi - ok
19:32:48.0430 3396	Atdisk - ok
19:32:48.0470 3396	Atmarpc         (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:32:48.0470 3396	Atmarpc - ok
19:32:48.0510 3396	AudioSrv        (18bff5eba35f2562c5aa03eb9c6ba29e) C:\WINDOWS\System32\audiosrv.dll
19:32:48.0510 3396	AudioSrv - ok
19:32:48.0560 3396	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:32:48.0570 3396	audstub - ok
19:32:48.0680 3396	Autodesk Licensing Service (b4dc95966915a4f5d28062112de9cadb) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
19:32:48.0690 3396	Autodesk Licensing Service - ok
19:32:48.0740 3396	bcftdi          (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\GoProto.dll
19:32:48.0760 3396	bcftdi ( Backdoor.Multi.ZAccess.gen ) - infected
19:32:48.0760 3396	bcftdi - detected Backdoor.Multi.ZAccess.gen (0)
19:32:48.0801 3396	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:32:48.0801 3396	Beep - ok
19:32:48.0881 3396	BITS            (a6bfd910074b02c8794fc65f39cc6b28) C:\WINDOWS\System32\qmgr.dll
19:32:48.0921 3396	BITS - ok
19:32:48.0981 3396	Browser         (210830d2497fef78694076179af8c795) C:\WINDOWS\System32\browser.dll
19:32:48.0981 3396	Browser - ok
19:32:49.0031 3396	C-Dilla         (b48362954d9e0b3069ebfdc283325fe5) C:\WINDOWS\system32\drivers\CDANT.SYS
19:32:49.0041 3396	C-Dilla - ok
19:32:49.0101 3396	C-DillaSrv      (8eef3110372d329549c8fb53209fe92c) C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
19:32:49.0101 3396	C-DillaSrv - ok
19:32:49.0171 3396	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:32:49.0171 3396	cbidf2k - ok
19:32:49.0181 3396	cd20xrnt - ok
19:32:49.0211 3396	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:32:49.0211 3396	Cdaudio - ok
19:32:49.0261 3396	Cdfs            (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
19:32:49.0261 3396	Cdfs - ok
19:32:49.0301 3396	Cdrom           (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:32:49.0301 3396	Cdrom - ok
19:32:49.0321 3396	Changer - ok
19:32:49.0371 3396	cisvc           (b4e0a9b9064aa79ae188c0d953543520) C:\WINDOWS\System32\cisvc.exe
19:32:49.0371 3396	cisvc - ok
19:32:49.0421 3396	ClipSrv         (1b11121083c32ea9a55abe547a23ff71) C:\WINDOWS\system32\clipsrv.exe
19:32:49.0421 3396	ClipSrv - ok
19:32:49.0522 3396	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:32:49.0622 3396	clr_optimization_v2.0.50727_32 - ok
19:32:49.0642 3396	CmdIde - ok
19:32:49.0722 3396	cmpci           (441e7522e2579e5bda9d7d111fa0f30e) C:\WINDOWS\system32\drivers\cmaudio.sys
19:32:49.0732 3396	cmpci - ok
19:32:49.0752 3396	COMSysApp - ok
19:32:49.0792 3396	Cpqarray - ok
19:32:49.0842 3396	CryptSvc        (91723cd7c96c5854149f9cae820a90dd) C:\WINDOWS\System32\cryptsvc.dll
19:32:49.0852 3396	CryptSvc - ok
19:32:49.0872 3396	dac2w2k - ok
19:32:49.0892 3396	dac960nt - ok
19:32:49.0962 3396	DcomLaunch      (b5d78596effbeb82f3b86d9a002538e1) C:\WINDOWS\system32\rpcss.dll
19:32:49.0992 3396	DcomLaunch - ok
19:32:50.0042 3396	Dhcp            (4035e9d4cf275b08a200bf8ac7dc6454) C:\WINDOWS\System32\dhcpcsvc.dll
19:32:50.0052 3396	Dhcp - ok
19:32:50.0092 3396	Disk            (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
19:32:50.0092 3396	Disk - ok
19:32:50.0122 3396	dmadmin - ok
19:32:50.0203 3396	dmboot          (3b809ffad55dcebdb156d5ca1bd3da65) C:\WINDOWS\system32\drivers\dmboot.sys
19:32:50.0233 3396	dmboot - ok
19:32:50.0283 3396	dmio            (27725b6501201c3080ba73048bce389a) C:\WINDOWS\system32\drivers\dmio.sys
19:32:50.0293 3396	dmio - ok
19:32:50.0313 3396	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:32:50.0313 3396	dmload - ok
19:32:50.0363 3396	dmserver        (4adbb7593ec0115f7622c335b427c3da) C:\WINDOWS\System32\dmserver.dll
19:32:50.0363 3396	dmserver - ok
19:32:50.0383 3396	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:32:50.0393 3396	DMusic - ok
19:32:50.0423 3396	Dnscache        (d7ccd8ea85aa802afea26fc352e3736e) C:\WINDOWS\System32\dnsrslvr.dll
19:32:50.0433 3396	Dnscache - ok
19:32:50.0453 3396	dpti2o - ok
19:32:50.0503 3396	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:32:50.0503 3396	drmkaud - ok
19:32:50.0543 3396	ERSvc           (efd32591f9e29c00a5814df3f6d46683) C:\WINDOWS\System32\ersvc.dll
19:32:50.0543 3396	ERSvc - ok
19:32:50.0593 3396	Eventlog        (ed4e5391100287b9eabf8f2cf4b42235) C:\WINDOWS\system32\services.exe
19:32:50.0603 3396	Eventlog - ok
19:32:50.0663 3396	EventSystem     (878fa7b8ffbcffdaeb05f0484a99562d) C:\WINDOWS\System32\es.dll
19:32:50.0673 3396	EventSystem - ok
19:32:50.0723 3396	Fastfat         (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
19:32:50.0733 3396	Fastfat - ok
19:32:50.0783 3396	FastUserSwitchingCompatibility (e659de1d3e1de67461ec5cc88eb460b2) C:\WINDOWS\System32\shsvcs.dll
19:32:50.0793 3396	FastUserSwitchingCompatibility - ok
19:32:50.0823 3396	Fdc             (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:32:50.0823 3396	Fdc - ok
19:32:50.0863 3396	Fips            (c5fb298257c0a6514ea17835e774ea0a) C:\WINDOWS\system32\drivers\Fips.sys
19:32:50.0863 3396	Fips - ok
19:32:50.0904 3396	Flpydisk        (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:32:50.0904 3396	Flpydisk - ok
19:32:50.0944 3396	FltMgr          (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
19:32:50.0954 3396	FltMgr - ok
19:32:51.0064 3396	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:32:51.0064 3396	FontCache3.0.0.0 - ok
19:32:51.0124 3396	FsUsbExDisk     (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
19:32:51.0124 3396	FsUsbExDisk - ok
19:32:51.0164 3396	FsUsbExService  (d3f9205cc4cb07553f2f9472c767ea87) C:\WINDOWS\system32\FsUsbExService.Exe
19:32:51.0184 3396	FsUsbExService - ok
19:32:51.0234 3396	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:32:51.0234 3396	Fs_Rec - ok
19:32:51.0264 3396	Ftdisk          (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:32:51.0274 3396	Ftdisk - ok
19:32:51.0324 3396	gagp30kx        (4216cd545e5c30807b560c5dcaa812e6) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
19:32:51.0324 3396	gagp30kx - ok
19:32:51.0384 3396	gameenum        (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:32:51.0394 3396	gameenum - ok
19:32:51.0444 3396	Gpc             (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:32:51.0444 3396	Gpc - ok
19:32:51.0534 3396	hardlock        (303ce8b1397d88fa0f1b9e8ab212939f) C:\WINDOWS\system32\drivers\hardlock.sys
19:32:51.0565 3396	hardlock - ok
19:32:51.0595 3396	Haspnt          (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys
19:32:51.0595 3396	Haspnt - ok
19:32:51.0685 3396	helpsvc         (e1552a082e8c0fbb70b758f170b3aff8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:32:51.0695 3396	helpsvc - ok
19:32:51.0715 3396	HidServ - ok
19:32:51.0765 3396	HidUsb          (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:32:51.0765 3396	HidUsb - ok
19:32:51.0775 3396	hpn - ok
19:32:51.0935 3396	hpqcxs08        (f50f7984fdd151edd8a70a8dbd9e2a44) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:32:51.0935 3396	hpqcxs08 - ok
19:32:51.0985 3396	hpqddsvc        (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:32:51.0985 3396	hpqddsvc - ok
19:32:52.0015 3396	hpt3xx - ok
19:32:52.0055 3396	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:32:52.0055 3396	HPZid412 - ok
19:32:52.0095 3396	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:32:52.0095 3396	HPZipr12 - ok
19:32:52.0155 3396	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:32:52.0155 3396	HPZius12 - ok
19:32:52.0225 3396	HTTP            (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
19:32:52.0235 3396	HTTP - ok
19:32:52.0286 3396	HTTPFilter      (2d303caf3c6dcfb246e74550dbed5880) C:\WINDOWS\System32\w3ssl.dll
19:32:52.0286 3396	HTTPFilter - ok
19:32:52.0306 3396	i2omgmt - ok
19:32:52.0336 3396	i2omp - ok
19:32:52.0396 3396	i8042prt        (2656fdfe0a7916c3a16f374454c55dd9) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:32:52.0406 3396	i8042prt - ok
19:32:52.0516 3396	IBUpdaterService (47ff95bdc8c2d6652152b3393104ba2d) C:\Documents and Settings\All Users\Dane aplikacji\IBUpdaterService\ibsvc.exe
19:32:52.0536 3396	IBUpdaterService - ok
19:32:52.0706 3396	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:32:52.0746 3396	idsvc - ok
19:32:52.0796 3396	Imapi           (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:32:52.0796 3396	Imapi - ok
19:32:52.0856 3396	ImapiService    (bc74431e59fb0badf3e9162bd8d37b00) C:\WINDOWS\System32\imapi.exe
19:32:52.0856 3396	ImapiService - ok
19:32:52.0916 3396	InCDfs          (580904d6cdb481bb72fee15aa575b5bd) C:\WINDOWS\system32\drivers\InCDfs.sys
19:32:52.0916 3396	InCDfs - ok
19:32:52.0957 3396	InCDPass        (37b31b5741674525bba5c1659b132418) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
19:32:52.0957 3396	InCDPass - ok
19:32:52.0977 3396	InCDrec         (a2f6306e5e12b9f78cca5485b312fcbd) C:\WINDOWS\system32\drivers\InCDrec.sys
19:32:52.0977 3396	InCDrec - ok
19:32:53.0007 3396	incdrm          (084f6c2e3e2be980242984b74279bfb6) C:\WINDOWS\system32\drivers\incdrm.sys
19:32:53.0007 3396	incdrm - ok
19:32:53.0167 3396	InCDsrv         (edbf2717f21a9f0db6065ea166e6ee1d) C:\Program Files\Ahead\InCD\InCDsrv.exe
19:32:53.0197 3396	InCDsrv - ok
19:32:53.0217 3396	InCDsrvR - ok
19:32:53.0247 3396	ini910u - ok
19:32:53.0277 3396	IntelIde - ok
19:32:53.0357 3396	ip6fw           (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
19:32:53.0357 3396	ip6fw - ok
19:32:53.0387 3396	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:32:53.0387 3396	IpFilterDriver - ok
19:32:53.0437 3396	IpInIp          (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:32:53.0437 3396	IpInIp - ok
19:32:53.0497 3396	IpNat           (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:32:53.0497 3396	IpNat - ok
19:32:53.0547 3396	IPSec           (564a2378d4d6127ee09acfbc010a7ed2) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:32:53.0557 3396	IPSec ( Virus.Win32.ZAccess.k ) - infected
19:32:53.0557 3396	IPSec - detected Virus.Win32.ZAccess.k (0)
19:32:53.0587 3396	IRENUM          (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:32:53.0597 3396	IRENUM - ok
19:32:53.0647 3396	isapnp          (01a9e68528f4f34e5702123d27c67bd4) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:32:53.0647 3396	isapnp - ok
19:32:53.0758 3396	JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
19:32:53.0768 3396	JavaQuickStarterService - ok
19:32:53.0818 3396	Kbdclass        (cc13db862f929ae33f64c3bedc01cd31) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:32:53.0818 3396	Kbdclass - ok
19:32:53.0888 3396	kmixer          (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
19:32:53.0888 3396	kmixer - ok
19:32:53.0958 3396	KSecDD          (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
19:32:53.0958 3396	KSecDD - ok
19:32:54.0028 3396	lanmanserver    (85bd4942637cd12470f29f31595d04d3) C:\WINDOWS\System32\srvsvc.dll
19:32:54.0038 3396	lanmanserver - ok
19:32:54.0108 3396	lanmanworkstation (f8442b1e1a60aad8824cb540d2b20fb2) C:\WINDOWS\System32\wkssvc.dll
19:32:54.0118 3396	lanmanworkstation - ok
19:32:54.0148 3396	lbrtfdc - ok
19:32:54.0258 3396	LightScribeService (575ed0f5dcb34e5c243d2a7ebc860484) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:32:54.0258 3396	LightScribeService - ok
19:32:54.0308 3396	LmHosts         (94136b41f35666254de29006dccc30fc) C:\WINDOWS\System32\lmhsvc.dll
19:32:54.0308 3396	LmHosts - ok
19:32:54.0389 3396	MDM             (065d94130cad2d0756f2c1650b40aa11) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
19:32:54.0399 3396	MDM - ok
19:32:54.0439 3396	Messenger       (1d0ebf9edae8a61cbf56ed1ff8489fac) C:\WINDOWS\System32\msgsvc.dll
19:32:54.0449 3396	Messenger - ok
19:32:54.0489 3396	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:32:54.0489 3396	mnmdd - ok
19:32:54.0549 3396	mnmsrvc         (db082aafd0859e28744e6629b64e0a91) C:\WINDOWS\System32\mnmsrvc.exe
19:32:54.0549 3396	mnmsrvc - ok
19:32:54.0629 3396	Modem           (15f33d12d604d0198ce5561f102cd9c5) C:\WINDOWS\system32\drivers\Modem.sys
19:32:54.0629 3396	Modem - ok
19:32:54.0709 3396	Mouclass        (69c12b99ae8b6b99ec314e9b99833728) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:32:54.0749 3396	Mouclass - ok
19:32:54.0799 3396	mouhid          (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:32:54.0799 3396	mouhid - ok
19:32:54.0859 3396	MountMgr        (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
19:32:54.0869 3396	MountMgr - ok
19:32:54.0889 3396	mraid35x - ok
19:32:54.0969 3396	MRxDAV          (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:32:54.0979 3396	MRxDAV - ok
19:32:55.0060 3396	MRxSmb          (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:32:55.0120 3396	MRxSmb - ok
19:32:55.0170 3396	MSDTC           (fb68f196b215782333fa1467cbafc8b0) C:\WINDOWS\System32\msdtc.exe
19:32:55.0170 3396	MSDTC - ok
19:32:55.0230 3396	Msfs            (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
19:32:55.0230 3396	Msfs - ok
19:32:55.0240 3396	MSIServer - ok
19:32:55.0290 3396	MSKSSRV         (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:32:55.0300 3396	MSKSSRV - ok
19:32:55.0310 3396	MSPCLOCK        (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:32:55.0310 3396	MSPCLOCK - ok
19:32:55.0360 3396	MSPQM           (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
19:32:55.0360 3396	MSPQM - ok
19:32:55.0410 3396	mssmbios        (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:32:55.0410 3396	mssmbios - ok
19:32:55.0470 3396	Mup             (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
19:32:55.0470 3396	Mup - ok
19:32:55.0520 3396	NDIS            (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
19:32:55.0530 3396	NDIS - ok
19:32:55.0590 3396	NdisTapi        (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:32:55.0590 3396	NdisTapi - ok
19:32:55.0620 3396	Ndisuio         (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:32:55.0620 3396	Ndisuio - ok
19:32:55.0660 3396	NdisWan         (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:32:55.0660 3396	NdisWan - ok
19:32:55.0700 3396	NDProxy         (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
19:32:55.0700 3396	NDProxy - ok
19:32:55.0761 3396	Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
19:32:55.0761 3396	Net Driver HPZ12 - ok
19:32:55.0811 3396	NetBIOS         (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:32:55.0811 3396	NetBIOS - ok
19:32:55.0871 3396	NetBT           (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:32:55.0881 3396	NetBT - ok
19:32:55.0921 3396	NetDDE          (8de3841527161abdfae5c44ab570f8e1) C:\WINDOWS\system32\netdde.exe
19:32:55.0931 3396	NetDDE - ok
19:32:55.0951 3396	NetDDEdsdm      (8de3841527161abdfae5c44ab570f8e1) C:\WINDOWS\system32\netdde.exe
19:32:55.0951 3396	NetDDEdsdm - ok
19:32:56.0001 3396	Netlogon        (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\System32\lsass.exe
19:32:56.0001 3396	Netlogon - ok
19:32:56.0071 3396	Netman          (d7714c689005359e16aafbc15f31aa3f) C:\WINDOWS\System32\netman.dll
19:32:56.0081 3396	Netman - ok
19:32:56.0261 3396	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:32:56.0311 3396	NetTcpPortSharing - ok
19:32:56.0381 3396	Nla             (d4abfcd86af9533ef94f291a1bb3e9a2) C:\WINDOWS\System32\mswsock.dll
19:32:56.0391 3396	Nla - ok
19:32:56.0452 3396	Npfs            (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
19:32:56.0452 3396	Npfs - ok
19:32:56.0522 3396	Ntfs            (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
19:32:56.0542 3396	Ntfs - ok
19:32:56.0562 3396	NtLmSsp         (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\System32\lsass.exe
19:32:56.0562 3396	NtLmSsp - ok
19:32:56.0672 3396	NtmsSvc         (c8ce1566b0537c3f5f7ae1ca458a6697) C:\WINDOWS\system32\ntmssvc.dll
19:32:56.0682 3396	NtmsSvc - ok
19:32:56.0732 3396	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:32:56.0732 3396	Null - ok
19:32:56.0932 3396	nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:32:57.0002 3396	nv - ok
19:32:57.0143 3396	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:32:57.0143 3396	NwlnkFlt - ok
19:32:57.0173 3396	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:32:57.0173 3396	NwlnkFwd - ok
19:32:57.0253 3396	P3              (26c5ac11a3e0d6c36ae03577d8aca4a5) C:\WINDOWS\system32\DRIVERS\p3.sys
19:32:57.0253 3396	P3 - ok
19:32:57.0313 3396	Parport         (2ff48d8fdc815a8492fb2bd81e6999c2) C:\WINDOWS\system32\DRIVERS\parport.sys
19:32:57.0313 3396	Parport - ok
19:32:57.0343 3396	PartMgr         (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
19:32:57.0343 3396	PartMgr - ok
19:32:57.0383 3396	ParVdm          (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
19:32:57.0383 3396	ParVdm - ok
19:32:57.0413 3396	PCANDIS5 - ok
19:32:57.0463 3396	pccsmcfd        (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:32:57.0463 3396	pccsmcfd - ok
19:32:57.0513 3396	PCI             (5fd05c92ec56f696eaa50b68cef1b84a) C:\WINDOWS\system32\DRIVERS\pci.sys
19:32:57.0523 3396	PCI - ok
19:32:57.0543 3396	PCIDump - ok
19:32:57.0593 3396	PCIIde          (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:32:57.0593 3396	PCIIde - ok
19:32:57.0643 3396	Pcmcia          (2849812217ecec059cb45f80eb6e52d4) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:32:57.0653 3396	Pcmcia - ok
19:32:57.0673 3396	PDCOMP - ok
19:32:57.0693 3396	PDFRAME - ok
19:32:57.0713 3396	PDRELI - ok
19:32:57.0743 3396	PDRFRAME - ok
19:32:57.0763 3396	perc2 - ok
19:32:57.0783 3396	perc2hib - ok
19:32:57.0864 3396	PlugPlay        (ed4e5391100287b9eabf8f2cf4b42235) C:\WINDOWS\system32\services.exe
19:32:57.0864 3396	PlugPlay - ok
19:32:57.0924 3396	Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
19:32:57.0924 3396	Pml Driver HPZ12 - ok
19:32:57.0974 3396	PolicyAgent     (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\System32\lsass.exe
19:32:57.0974 3396	PolicyAgent - ok
19:32:58.0024 3396	PptpMiniport    (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:32:58.0024 3396	PptpMiniport - ok
19:32:58.0064 3396	Processor       (0914733fb2fc58f69cda0e929bf2df22) C:\WINDOWS\system32\DRIVERS\processr.sys
19:32:58.0074 3396	Processor - ok
19:32:58.0094 3396	ProtectedStorage (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
19:32:58.0094 3396	ProtectedStorage - ok
19:32:58.0164 3396	ProtexisLicensing (f115af58abe5605d7d709cbfbd83f418) C:\WINDOWS\system32\PSIService.exe
19:32:58.0164 3396	ProtexisLicensing - ok
19:32:58.0184 3396	PSched          (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
19:32:58.0194 3396	PSched - ok
19:32:58.0214 3396	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:32:58.0214 3396	Ptilink - ok
19:32:58.0234 3396	ql1080 - ok
19:32:58.0254 3396	Ql10wnt - ok
19:32:58.0284 3396	ql12160 - ok
19:32:58.0304 3396	ql1240 - ok
19:32:58.0324 3396	ql1280 - ok
19:32:58.0374 3396	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:32:58.0374 3396	RasAcd - ok
19:32:58.0434 3396	RasAuto         (5ed5af86ee8cc13f6392b37a81af5d5b) C:\WINDOWS\System32\rasauto.dll
19:32:58.0444 3396	RasAuto - ok
19:32:58.0504 3396	Rasl2tp         (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:32:58.0504 3396	Rasl2tp - ok
19:32:58.0565 3396	RasMan          (aaa8287f49e398a297b59f01f1519f57) C:\WINDOWS\System32\rasmans.dll
19:32:58.0565 3396	RasMan - ok
19:32:58.0595 3396	RasPppoe        (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:32:58.0595 3396	RasPppoe - ok
19:32:58.0625 3396	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:32:58.0625 3396	Raspti - ok
19:32:58.0695 3396	Rdbss           (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:32:58.0695 3396	Rdbss - ok
19:32:58.0725 3396	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:32:58.0725 3396	RDPCDD - ok
19:32:58.0815 3396	rdpdr           (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:32:58.0825 3396	rdpdr - ok
19:32:58.0885 3396	RDPWD           (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
19:32:58.0895 3396	RDPWD - ok
19:32:58.0935 3396	RDSessMgr       (ee93399bc7cd84624ab7890dd7d8b296) C:\WINDOWS\system32\sessmgr.exe
19:32:58.0945 3396	RDSessMgr - ok
19:32:58.0985 3396	redbook         (bddcece9acdad26841c987d10376f6f7) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:32:58.0985 3396	redbook - ok
19:32:59.0085 3396	RemoteAccess    (6a9cb0c18b634b187b8b5a32b0fc2773) C:\WINDOWS\System32\mprdim.dll
19:32:59.0085 3396	RemoteAccess - ok
19:32:59.0155 3396	RemoteRegistry  (a19bfed61736127db5b8b815afb35190) C:\WINDOWS\system32\regsvc.dll
19:32:59.0155 3396	RemoteRegistry - ok
19:32:59.0205 3396	RpcLocator      (6be739f700580f23740efa1d1b57c0a5) C:\WINDOWS\System32\locator.exe
19:32:59.0216 3396	RpcLocator - ok
19:32:59.0286 3396	RpcSs           (b5d78596effbeb82f3b86d9a002538e1) C:\WINDOWS\system32\rpcss.dll
19:32:59.0296 3396	RpcSs - ok
19:32:59.0356 3396	RSVP            (9acee3313020a01235336c2a483afd1a) C:\WINDOWS\System32\rsvp.exe
19:32:59.0366 3396	RSVP - ok
19:32:59.0416 3396	SamSs           (f485fefc8cc4fd29243d800be5d275d1) C:\WINDOWS\system32\lsass.exe
19:32:59.0416 3396	SamSs - ok
19:32:59.0476 3396	SCardSvr        (8df7262f72c3ab75486d21ba78b9f749) C:\WINDOWS\System32\SCardSvr.exe
19:32:59.0486 3396	SCardSvr - ok
19:32:59.0546 3396	Schedule        (e5f1c9ead4c6617acd40ca90882cc7d4) C:\WINDOWS\system32\schedsvc.dll
19:32:59.0556 3396	Schedule - ok
19:32:59.0616 3396	SE27bus         (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
19:32:59.0616 3396	SE27bus - ok
19:32:59.0666 3396	SE27mgmt        (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
19:32:59.0676 3396	SE27mgmt - ok
19:32:59.0716 3396	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:32:59.0726 3396	Secdrv - ok
19:32:59.0776 3396	seclogon        (60255ac385a08aaf4897ab4a42483500) C:\WINDOWS\System32\seclogon.dll
19:32:59.0776 3396	seclogon - ok
19:32:59.0826 3396	SENS            (1398df553e701c7948188a7d4e347a18) C:\WINDOWS\system32\sens.dll
19:32:59.0826 3396	SENS - ok
19:32:59.0876 3396	serenum         (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:32:59.0876 3396	serenum - ok
19:32:59.0906 3396	Serial          (859bc6f8c3d58cfda9181e9926c7ddb9) C:\WINDOWS\system32\DRIVERS\serial.sys
19:32:59.0917 3396	Serial - ok
19:33:00.0057 3396	ServiceLayer    (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:33:00.0097 3396	ServiceLayer - ok
19:33:00.0377 3396	Sfloppy         (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:33:00.0377 3396	Sfloppy - ok
19:33:00.0467 3396	SG_Service      (f0a836a34fbfb77c9bc67c461ff256ab) C:\Program Files\Common Files\RbtProt\sgsrv.exe
19:33:00.0467 3396	SG_Service - ok
19:33:00.0537 3396	SharedAccess    (ddc87adf808d192a5212cc8a1e7f8e87) C:\WINDOWS\System32\ipnathlp.dll
19:33:00.0557 3396	SharedAccess - ok
19:33:00.0618 3396	ShellHWDetection (e659de1d3e1de67461ec5cc88eb460b2) C:\WINDOWS\System32\shsvcs.dll
19:33:00.0628 3396	ShellHWDetection - ok
19:33:00.0648 3396	Simbad - ok
19:33:00.0698 3396	SiS300i         (c1e381b6e480dd936d92e1aed5be29c4) C:\WINDOWS\system32\DRIVERS\sis300ip.sys
19:33:00.0698 3396	SiS300i - ok
19:33:00.0758 3396	SiS630          (290d2aa18b499a9a1b0184e1efa94f6c) C:\WINDOWS\system32\DRIVERS\sis630p.sys
19:33:00.0758 3396	SiS630 - ok
19:33:00.0818 3396	SISNIC          (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:33:00.0818 3396	SISNIC - ok
19:33:00.0858 3396	Sparrow - ok
19:33:00.0898 3396	splitter        (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
19:33:00.0898 3396	splitter - ok
19:33:00.0958 3396	Spooler         (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
19:33:00.0968 3396	Spooler - ok
19:33:01.0088 3396	SPService       (66789dd833e763ae557e04f0c091f236) c:\documents and settings\leszek\dane aplikacji\adobe\sp.dll
19:33:01.0098 3396	SPService - ok
19:33:01.0148 3396	sr              (6145ca23bccda679a772ec0af42d6eb5) C:\WINDOWS\System32\DRIVERS\sr.sys
19:33:01.0148 3396	sr - ok
19:33:01.0208 3396	srservice       (f309d9894fca821e3c2f557a8032d47a) C:\WINDOWS\System32\srsvc.dll
19:33:01.0218 3396	srservice - ok
19:33:01.0309 3396	Srv             (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
19:33:01.0329 3396	Srv - ok
19:33:01.0379 3396	sscdbus         (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
19:33:01.0389 3396	sscdbus - ok
19:33:01.0429 3396	sscdmdfl        (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
19:33:01.0439 3396	sscdmdfl - ok
19:33:01.0469 3396	sscdmdm         (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
19:33:01.0479 3396	sscdmdm - ok
19:33:01.0539 3396	SSDPSRV         (bb754c4be0b18f0faf01a7ebde7025c4) C:\WINDOWS\System32\ssdpsrv.dll
19:33:01.0549 3396	SSDPSRV - ok
19:33:01.0599 3396	stisvc          (cb07cd1f566a4898a4846e29b17e1a6d) C:\WINDOWS\system32\wiaservc.dll
19:33:01.0609 3396	stisvc - ok
19:33:01.0649 3396	Stmatm          (2fc0c3d5615395585abdb16660efbc3a) C:\WINDOWS\system32\DRIVERS\stmatm.sys
19:33:01.0649 3396	Stmatm - ok
19:33:01.0709 3396	swenum          (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:33:01.0709 3396	swenum - ok
19:33:01.0749 3396	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:33:01.0749 3396	swmidi - ok
19:33:01.0779 3396	SwPrv - ok
19:33:01.0819 3396	symc810 - ok
19:33:01.0839 3396	symc8xx - ok
19:33:01.0859 3396	sym_hi - ok
19:33:01.0879 3396	sym_u3 - ok
19:33:01.0919 3396	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:33:01.0919 3396	sysaudio - ok
19:33:01.0969 3396	SysmonLog       (5893b3b5b966233cae426b2fedc34ddf) C:\WINDOWS\system32\smlogsvc.exe
19:33:01.0969 3396	SysmonLog - ok
19:33:02.0050 3396	TapiSrv         (da38c22eb4a3f9a15b9b9b885f4f5251) C:\WINDOWS\System32\tapisrv.dll
19:33:02.0060 3396	TapiSrv - ok
19:33:02.0160 3396	TaurusUsb       (c91729d2488619161a9052f10231d645) C:\WINDOWS\system32\DRIVERS\torususb.sys
19:33:02.0190 3396	TaurusUsb - ok
19:33:02.0270 3396	Tcpip           (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:33:02.0300 3396	Tcpip - ok
19:33:02.0350 3396	TDPIPE          (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:33:02.0350 3396	TDPIPE - ok
19:33:02.0390 3396	TDTCP           (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
19:33:02.0390 3396	TDTCP - ok
19:33:02.0410 3396	TermDD          (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:33:02.0420 3396	TermDD - ok
19:33:02.0500 3396	TermService     (2c28157229925280916b3041ccc5fe4b) C:\WINDOWS\System32\termsrv.dll
19:33:02.0510 3396	TermService - ok
19:33:02.0570 3396	Themes          (e659de1d3e1de67461ec5cc88eb460b2) C:\WINDOWS\System32\shsvcs.dll
19:33:02.0570 3396	Themes - ok
19:33:02.0630 3396	TlntSvr         (cac717418ccdf09110f406108017bfa6) C:\WINDOWS\System32\tlntsvr.exe
19:33:02.0630 3396	TlntSvr - ok
19:33:02.0650 3396	TosIde - ok
19:33:02.0731 3396	TrkWks          (facbc230aa93401d2fe88976e7cb7369) C:\WINDOWS\system32\trkwks.dll
19:33:02.0741 3396	TrkWks - ok
19:33:02.0801 3396	Udfs            (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
19:33:02.0811 3396	Udfs - ok
19:33:02.0831 3396	ultra - ok
19:33:02.0901 3396	Update          (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
19:33:02.0931 3396	Update - ok
19:33:02.0981 3396	upnphost        (8383e639d93083a91b2804ac482e4ccf) C:\WINDOWS\System32\upnphost.dll
19:33:02.0991 3396	upnphost - ok
19:33:03.0081 3396	UPS             (576a2c38cf3904f2ca1107f922288435) C:\WINDOWS\System32\ups.exe
19:33:03.0081 3396	UPS - ok
19:33:03.0121 3396	usbccgp         (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:33:03.0131 3396	usbccgp - ok
19:33:03.0181 3396	usbehci         (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:33:03.0191 3396	usbehci - ok
19:33:03.0241 3396	usbhub          (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:33:03.0241 3396	usbhub - ok
19:33:03.0291 3396	usbohci         (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:33:03.0291 3396	usbohci - ok
19:33:03.0331 3396	usbprint        (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:33:03.0331 3396	usbprint - ok
19:33:03.0381 3396	usbscan         (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:33:03.0381 3396	usbscan - ok
19:33:03.0432 3396	USBSTOR         (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:33:03.0442 3396	USBSTOR - ok
19:33:03.0482 3396	VgaSave         (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
19:33:03.0482 3396	VgaSave - ok
19:33:03.0512 3396	ViaIde - ok
19:33:03.0542 3396	VolSnap         (ecd173739b8ec10a814cc18653df5a36) C:\WINDOWS\system32\drivers\VolSnap.sys
19:33:03.0542 3396	VolSnap - ok
19:33:03.0612 3396	VSS             (fec1e19b91972105044960b23c442949) C:\WINDOWS\System32\vssvc.exe
19:33:03.0622 3396	VSS - ok
19:33:03.0682 3396	W32Time         (000a0d516a2e20441e77aea44e46b19b) C:\WINDOWS\System32\w32time.dll
19:33:03.0692 3396	W32Time - ok
19:33:03.0742 3396	Wanarp          (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:33:03.0752 3396	Wanarp - ok
19:33:03.0772 3396	WDICA - ok
19:33:03.0832 3396	wdmaud          (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
19:33:03.0832 3396	wdmaud - ok
19:33:03.0892 3396	WebClient       (af9f5e017fb9b7d6b123b0acdb0b69df) C:\WINDOWS\System32\webclnt.dll
19:33:03.0902 3396	WebClient - ok
19:33:04.0002 3396	winmgmt         (482435b2a2de8e06c83c3b1eb3237c2c) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:33:04.0012 3396	winmgmt - ok
19:33:04.0093 3396	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:33:04.0103 3396	WmdmPmSN - ok
19:33:04.0203 3396	Wmi             (c5507cdda7fb1141b296fd0b9a10130e) C:\WINDOWS\System32\advapi32.dll
19:33:04.0233 3396	Wmi - ok
19:33:04.0293 3396	WmiApSrv        (45e43704611d7c2202a180ff87e63550) C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:33:04.0303 3396	WmiApSrv - ok
19:33:04.0483 3396	WMPNetworkSvc   (cdfa647aa82fdba6c9c7a06155afcb40) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:33:04.0513 3396	WMPNetworkSvc - ok
19:33:04.0583 3396	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:33:04.0583 3396	WpdUsb - ok
19:33:04.0633 3396	wuauserv        (40c600488ff127953aa2f1835e5fd433) C:\WINDOWS\system32\wuauserv.dll
19:33:04.0653 3396	wuauserv - ok
19:33:04.0693 3396	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:33:04.0693 3396	WudfPf - ok
19:33:04.0733 3396	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:33:04.0733 3396	WudfRd - ok
19:33:04.0794 3396	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:33:04.0804 3396	WudfSvc - ok
19:33:04.0874 3396	WZCSVC          (98a8014dbe72349f73462262cf493574) C:\WINDOWS\System32\wzcsvc.dll
19:33:04.0884 3396	WZCSVC - ok
19:33:04.0964 3396	xmlprov         (e3c9ef5bcc9eb171bd81051cd19bded7) C:\WINDOWS\System32\xmlprov.dll
19:33:04.0974 3396	xmlprov - ok
19:33:04.0994 3396	ZDCndis5 - ok
19:33:05.0054 3396	ZDPSp50         (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys
19:33:05.0054 3396	ZDPSp50 - ok
19:33:05.0104 3396	MBR (0x1B8)     (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0
19:33:05.0615 3396	\Device\Harddisk0\DR0 - ok
19:33:05.0635 3396	MBR (0x1B8)     (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk1\DR1
19:33:05.0645 3396	\Device\Harddisk1\DR1 - ok
19:33:05.0665 3396	MBR (0x1B8)     (de96dd2bb2b7898d3ad3be61bdb29596) \Device\Harddisk2\DR9
19:33:05.0675 3396	\Device\Harddisk2\DR9 - ok
19:33:05.0695 3396	Boot (0x1200)   (b1f1b8870b07a276de3ec6d28d147347) \Device\Harddisk0\DR0\Partition0
19:33:05.0695 3396	\Device\Harddisk0\DR0\Partition0 - ok
19:33:05.0715 3396	Boot (0x1200)   (e0b3842e533f054bf98336ddb9f912a2) \Device\Harddisk0\DR0\Partition1
19:33:05.0715 3396	\Device\Harddisk0\DR0\Partition1 - ok
19:33:05.0725 3396	Boot (0x1200)   (37cbee08a854aea1b01d9799464c2570) \Device\Harddisk1\DR1\Partition0
19:33:05.0725 3396	\Device\Harddisk1\DR1\Partition0 - ok
19:33:05.0755 3396	Boot (0x1200)   (ece82d3a1d648f78a67ff42f12db408a) \Device\Harddisk1\DR1\Partition1
19:33:05.0755 3396	\Device\Harddisk1\DR1\Partition1 - ok
19:33:05.0785 3396	Boot (0x1200)   (04466b1ffd0ced1447da9c03f17e744c) \Device\Harddisk1\DR1\Partition2
19:33:05.0795 3396	\Device\Harddisk1\DR1\Partition2 - ok
19:33:05.0795 3396	============================================================
19:33:05.0795 3396	Scan finished
19:33:05.0795 3396	============================================================
19:33:05.0835 3384	Detected object count: 3
19:33:05.0835 3384	Actual detected object count: 3
19:33:34.0366 3384	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:33:34.0366 3384	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
19:33:34.0426 3384	C:\WINDOWS\system32\GoProto.dll - copied to quarantine
19:33:34.0426 3384	HKLM\SYSTEM\ControlSet001\services\bcftdi - will be deleted on reboot
19:33:34.0426 3384	HKLM\SYSTEM\ControlSet003\services\bcftdi - will be deleted on reboot
19:33:34.0426 3384	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured
19:33:34.0436 3384	C:\WINDOWS\system32\GoProto.dll - will be deleted on reboot
19:33:34.0436 3384	bcftdi ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete 
19:33:34.0496 3384	C:\WINDOWS\system32\DRIVERS\ipsec.sys - copied to quarantine
19:33:34.0676 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\@ - copied to quarantine
19:33:34.0676 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\cfg.ini - copied to quarantine
19:33:34.0687 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\Desktop.ini - copied to quarantine
19:33:34.0697 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\L\00000004.@ - copied to quarantine
19:33:34.0707 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\L\akygdmgo - copied to quarantine
19:33:34.0757 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\twl.dll - copied to quarantine
19:33:34.0787 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000001.@ - copied to quarantine
19:33:34.0857 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000002.@ - copied to quarantine
19:33:34.0867 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000004.@ - copied to quarantine
19:33:34.0917 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000000.@ - copied to quarantine
19:33:34.0927 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000004.@ - copied to quarantine
19:33:34.0967 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000032.@ - copied to quarantine
19:33:34.0997 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\version - copied to quarantine
19:33:35.0988 3384	VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\ipsec.sys) error 1813
19:33:38.0512 3384	Backup copy found, using it..
19:33:38.0522 3384	C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\2612137210 - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\cfg.ini - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\Desktop.ini - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\twl.dll - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000001.@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000002.@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\00000004.@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000000.@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000004.@ - will be deleted on reboot
19:33:40.0425 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\U\80000032.@ - will be deleted on reboot
19:33:40.0435 3384	C:\WINDOWS\$NtUninstallKB2712$\3875204194\version - will be deleted on reboot
19:33:40.0435 3384	IPSec ( Virus.Win32.ZAccess.k ) - User select action: Cure