Webroot AntiZeroAccess 0.8 Log File
Execution time: 13/11/2011 - 21:57
Host operation System: Windows Xp X86 version 5.1.2600 Dodatek Service Pack 3
21:57:20 - CheckSystem - Begin to check system...
21:57:20 - OpenRootDrive - Opening system root volume and physical drive....
21:57:20 - C Root Drive: Disk number: 0  Start sector: 0x0000003F   Partition Size: 0x0FBADCA1 sectors.
21:57:20 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
21:57:20 - InstallAndStartDriver - Main driver was installed and now is running.
21:57:20 - CheckSystem - Warning! Disk class driver is INFECTED.
21:57:22 - CheckFile - Warning! File "fips.sys" is Infected by ZeroAccess Rootkit.
21:57:30 - CheckExecutableEP - Unable to open "c:\windows\system32\acs.exe" file. CreateFile last error: 2
21:57:30 - DoSecondPhaseCheck - Found and destroyed ZeroAccess self defense Service Key: "cc808513".
21:57:30 - CheckExecutableEP - Unable to open "c:\windows\system32\lexbces.exe" file. CreateFile last error: 2
21:57:31 - CheckExecutableEP - Unable to open "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe" file. CreateFile last error: 2
21:57:31 - CheckExecutableEP - Unable to open "c:\windows\system32\psasrv.exe" file. CreateFile last error: 2
21:57:38 - DoRepair - Begin to perform system repair....
21:57:38 - DoRepair - System Disk class driver was repaired.
21:57:38 - DoRepair - Infected "fips.sys" file was renamed.
21:57:38 - DoRepair - Infected "fips.sys" file was successfully cleaned!
21:57:38 - DoRepair - "desktop.ini" ZeroAccess file NOT found.
21:57:38 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
21:57:38 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
21:57:38 - Execution Ended!