Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2014 Ran by PatrykG (administrator) on PIJALNIA on 19-12-2014 14:06:06 Running from J:\INSTALKI\Antywirusy etc\Farbar Recovery Scanner Tool (FRST) Loaded Profile: PatrykG (Available profiles: PatrykG & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) I:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) I:\WINDOWS\system32\ati2evxx.exe (Microsoft Corporation) I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE () I:\Program Files\CDBurnerXP\NMSAccessU.exe (ACE Lab) I:\PROGRA~1\ACELAB~1\SMARTV~1\SMARTSrv.exe (Microsoft Corporation) I:\WINDOWS\system32\wscntfy.exe (VIA Technologies, Inc.) I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (Microsoft Corporation) I:\Program Files\Messenger\msmsgs.exe (Flux Software LLC) I:\Documents and Settings\PatrykG\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe (mech) I:\Program Files\Eyes Relax\EyesRelax.exe (Sysinternals) J:\PROGRAMIKI (BEZ INSTALACJI)\ProcessExplorer\procexp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HDAudDeck] => I:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [40983152 2010-08-11] (VIA Technologies, Inc.) HKLM\...\Run: [S.M.A.R.T. Vision] => I:\Program Files\ACE Lab\SMART Vision\SMART.exe [911872 2010-12-02] (ACE Lab) HKLM\...\Run: [QuickTime Task] => I:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [Wondershare Helper Compact.exe] => I:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare) HKLM\...\Run: [Ptipbmf] => rundll32.exe ptipbmf.dll,SetWriteCacheMode HKLM\...\Run: [BrMfcWnd] => I:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1150976 2009-01-19] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => I:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2009-01-09] (Brother Industries, Ltd.) Winlogon\Notify\AtiExtEvent: I:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1960408961-117609710-725345543-1003\...\Run: [Komunikator] => I:\Program Files\Tlen.pl\tlen.exe [5853672 2009-01-17] (o2.pl Sp. z o.o.) HKU\S-1-5-21-1960408961-117609710-725345543-1003\...\Run: [MSMSGS] => I:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1960408961-117609710-725345543-1003\...\Run: [f.lux] => I:\Documents and Settings\PatrykG\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-1960408961-117609710-725345543-1003\...\Run: [FreeAC] => I:\Program Files\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group) HKU\S-1-5-21-1960408961-117609710-725345543-1003\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF Startup: I:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Eyes Relax.lnk ShortcutTarget: Eyes Relax.lnk -> I:\WINDOWS\Installer\{A90FC348-A38F-46A1-8752-464B4FFDCEEA}\EyeIcon.ico () Startup: I:\Documents and Settings\PatrykG\Menu Start\Programy\Autostart\Skrót do DO_POZNANIA,_NAUCZENIA_ITP..txt.lnk ShortcutTarget: Skrót do DO_POZNANIA,_NAUCZENIA_ITP..txt.lnk -> J:\WAŻNE\DO_POZNANIA,_NAUCZENIA_ITP..txt () Startup: I:\Documents and Settings\PatrykG\Menu Start\Programy\Autostart\Skrót do OCZY--PRZYPOMNIENIE.txt.lnk ShortcutTarget: Skrót do OCZY--PRZYPOMNIENIE.txt.lnk -> J:\WAŻNE\OCZY--PRZYPOMNIENIE.txt () Startup: I:\Documents and Settings\PatrykG\Menu Start\Programy\Autostart\Skrót do procexp.exe.lnk ShortcutTarget: Skrót do procexp.exe.lnk -> J:\PROGRAMIKI (BEZ INSTALACJI)\ProcessExplorer\procexp.exe (Sysinternals) Startup: I:\Documents and Settings\PatrykG\Menu Start\Programy\Autostart\Skrót do ROBOTA.txt.lnk ShortcutTarget: Skrót do ROBOTA.txt.lnk -> J:\WAŻNE\ROBOTA.txt () ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => I:\Documents and Settings\PatrykG\Dane aplikacji\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => I:\Documents and Settings\PatrykG\Dane aplikacji\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => I:\Documents and Settings\PatrykG\Dane aplikacji\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => I:\Documents and Settings\PatrykG\Dane aplikacji\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKU\S-1-5-21-1960408961-117609710-725345543-1003 -> DefaultScope {E8B24D01-F376-415F-99A7-857F7D12BAA4} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-1960408961-117609710-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKU\S-1-5-21-1960408961-117609710-725345543-1003 -> {E8B24D01-F376-415F-99A7-857F7D12BAA4} URL = http://www.google.com/search?hl=pl&q={searchTerms} BHO: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> I:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> I:\Program Files\Java\jre6\bin\jp2ssv.dll No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - I:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 I:\WINDOWS\system32\PrxerNsp.dll [61440] (Initex Software) Winsock: Catalog9 01 I:\WINDOWS\system32\PrxerDrv.dll [73728] (Initex Software) Winsock: Catalog9 07 I:\WINDOWS\system32\PrxerDrv.dll [73728] (Initex Software) Tcpip\Parameters: [DhcpNameServer] 10.30.0.132 10.30.0.133 FireFox: ======== FF ProfilePath: I:\Documents and Settings\PatrykG\Dane aplikacji\Mozilla\Firefox\Profiles\ydhbxs8t.default FF SelectedSearchEngine: Google FF Homepage: hxxp://traditio.com/cal.htm FF Keyword.URL: hxxp://www.google.pl/search?q= FF NetworkProxy: "autoconfig_url", "http://www.w3cache.pw.edu.pl/" FF NetworkProxy: "ftp", "http 10.2.1.208:8080" FF NetworkProxy: "http", "ipn.student.pw.edu.pl" FF NetworkProxy: "socks", "localhost" FF NetworkProxy: "socks_port", 8080 FF NetworkProxy: "ssl", "http ipn.student.pw.edu.pl" FF NetworkProxy: "type", 0 FF Plugin: @caminova.com/DjVuPlugin -> I:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll (Caminova, Inc.) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> I:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin: @java.com/DTPlugin -> I:\Program Files\Java\jre6\bin\npDeployJava1.dll No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> I:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> I:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> I:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> I:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin HKU\S-1-5-21-1960408961-117609710-725345543-1003: @tools.google.com/Google Update;version=3 -> I:\Documents and Settings\PatrykG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1960408961-117609710-725345543-1003: @tools.google.com/Google Update;version=9 -> I:\Documents and Settings\PatrykG\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Extension: Flashblock - I:\Documents and Settings\PatrykG\Dane aplikacji\Mozilla\Firefox\Profiles\ydhbxs8t.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-19] FF Extension: rollApp File Opener - I:\Documents and Settings\PatrykG\Dane aplikacji\Mozilla\Firefox\Profiles\ydhbxs8t.default\Extensions\extension@rollapp.com.xpi [2012-12-21] FF Extension: Session Manager - I:\Documents and Settings\PatrykG\Dane aplikacji\Mozilla\Firefox\Profiles\ydhbxs8t.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2011-06-10] FF Extension: FlashGot - I:\Documents and Settings\PatrykG\Dane aplikacji\Mozilla\Firefox\Profiles\ydhbxs8t.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-11-07] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 NMSAccess; I:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () R2 srvSMART; I:\Program Files\ACE Lab\SMART Vision\SMARTSrv.exe [222208 2010-04-27] (ACE Lab) [File not signed] S4 VIAKaraokeService; I:\WINDOWS\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.) S4 WMPNetworkSvc; I:\Program Files\Windows Media Player\WMPNetwk.exe [918016 2006-12-01] (Microsoft Corporation) [File not signed] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ALCXSENS; I:\WINDOWS\System32\drivers\ALCXSENS.SYS [400384 2004-02-24] (Sensaura) [File not signed] S3 ALCXWDM; I:\WINDOWS\System32\drivers\ALCXWDM.SYS [626204 2004-06-21] (Realtek Semiconductor Corp.) [File not signed] S3 AMBFilt; I:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) R3 AtiHDAudioService; I:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices) S3 BrScnUsb; I:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) R0 fasttx2k; I:\WINDOWS\System32\DRIVERS\fasttx2k.sys [159744 2003-08-06] (Promise Technology, Inc.) S3 KMWDFILTER; I:\WINDOWS\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider) S3 MonFilt; I:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.) R2 NPF; I:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 pcouffin; I:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2013-05-11] (VSO Software) [File not signed] S3 PortTalk; I:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed] R2 StarOpen; I:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed] R3 VIAHdAudAddService; I:\WINDOWS\System32\drivers\viahduaa.sys [2127728 2010-08-04] (VIA Technologies, Inc.) R0 viasraid; I:\WINDOWS\System32\DRIVERS\viasraid.sys [77312 2011-06-08] (VIA Technologies inc,.ltd) S3 VMfilt; I:\WINDOWS\System32\drivers\VMfilt32.sys [17920 2009-07-31] (Creative Technology Ltd.) S3 WpdUsb; I:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed] R3 WsAudioDevice_383; I:\WINDOWS\System32\drivers\WsAudioDevice_383.sys [25632 2013-05-30] (Wondershare) S3 yukonwxp; I:\WINDOWS\System32\DRIVERS\yukonwxp.sys [174464 2003-11-10] (Marvell Semiconductor Inc.) S4 IntelIde; No ImagePath U5 ScsiPort; I:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-17 18:53 - 2014-12-19 14:06 - 00000000 ____D () I:\FRST 2014-12-03 01:03 - 2014-12-03 01:03 - 00000000 ____D () I:\boot-sav ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-19 14:06 - 2011-06-08 19:24 - 00000000 ____D () I:\Documents and Settings\PatrykG\Ustawienia lokalne\Temp 2014-12-19 13:59 - 2011-06-08 21:09 - 00000259 _____ () I:\WINDOWS\wiadebug.log 2014-12-19 13:58 - 2014-04-05 13:52 - 00000226 _____ () I:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-12-19 13:58 - 2011-06-08 21:09 - 00000050 _____ () I:\WINDOWS\wiaservc.log 2014-12-19 13:58 - 2011-06-08 19:24 - 00000000 __SHD () I:\Documents and Settings\PatrykG\Ustawienia lokalne\Historia 2014-12-19 13:58 - 2011-06-08 19:23 - 00000006 ____H () I:\WINDOWS\Tasks\SA.DAT 2014-12-19 13:58 - 2004-08-04 13:00 - 00012598 _____ () I:\WINDOWS\system32\wpa.dbl 2014-12-19 13:56 - 2011-06-08 19:23 - 00032312 _____ () I:\WINDOWS\SchedLgU.Txt 2014-12-19 13:56 - 2011-06-08 19:18 - 01170826 _____ () I:\WINDOWS\WindowsUpdate.log 2014-12-19 13:54 - 2012-07-08 13:54 - 00000000 __SHD () I:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2014-12-19 13:54 - 2012-07-08 13:54 - 00000000 ____D () I:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2014-12-19 13:54 - 2011-06-08 19:24 - 00000292 ___SH () I:\Documents and Settings\PatrykG\ntuser.ini 2014-12-19 13:53 - 2013-07-09 08:57 - 00000000 ____D () I:\Documents and Settings\PatrykG\Pulpit\uporzadkiiiiiii 2014-12-19 13:53 - 2012-02-06 21:54 - 00000000 ____D () I:\WINDOWS\pss 2014-12-19 13:53 - 2011-06-08 22:46 - 00000000 ____D () I:\Documents and Settings\PatrykG\Pulpit\Pulpit 2014-12-19 13:53 - 2011-06-08 21:07 - 00000000 __SHD () I:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2014-12-19 13:53 - 2011-06-08 21:05 - 00000000 __RHD () I:\Documents and Settings\All Users\Dane aplikacji 2014-12-19 13:53 - 2011-06-08 19:24 - 00000000 __RHD () I:\Documents and Settings\PatrykG\Dane aplikacji 2014-12-19 13:53 - 2011-06-08 19:23 - 00000000 __SHD () I:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2014-12-19 13:53 - 2011-06-08 19:23 - 00000000 ___HD () I:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2014-12-19 13:45 - 2012-03-10 02:47 - 00000466 ____H () I:\WINDOWS\Tasks\User_Feed_Synchronization-{DC265B07-AE25-4B67-9395-CD6D85E24A0C}.job 2014-12-19 13:45 - 2011-07-08 20:46 - 00000000 ____D () I:\Documents and Settings\PatrykG\Dane aplikacji\vlc 2014-12-19 13:43 - 2011-06-20 00:03 - 00000000 ____D () I:\Program Files\Java 2014-12-19 13:42 - 2014-11-14 20:32 - 00000000 ____D () I:\Program Files\Mozilla Firefox 2014-12-19 13:35 - 2011-06-09 19:28 - 00000000 ____D () I:\Program Files\Foxit Software 2014-12-19 13:35 - 2011-06-08 21:07 - 00000000 ___RD () I:\Documents and Settings\All Users\Menu Start\Programy 2014-12-19 13:34 - 2012-07-14 12:07 - 00000000 ____D () I:\Documents and Settings\All Users\Dane aplikacji\Adobe 2014-12-19 13:34 - 2012-03-30 03:39 - 00000000 ____D () I:\Program Files\Adobe 2014-12-19 09:26 - 2011-06-11 18:54 - 00000000 ____D () I:\Documents and Settings\PatrykG\Dane aplikacji\foobar2000 2014-12-19 01:32 - 2011-06-08 19:24 - 00000000 ____D () I:\Documents and Settings\PatrykG\Pulpit 2014-12-18 18:11 - 2012-11-02 10:46 - 00000000 ___HD () I:\WINDOWS\system32\GroupPolicy 2014-12-18 17:49 - 2011-06-08 21:05 - 00333064 _____ () I:\WINDOWS\setupact.log 2014-12-18 17:14 - 2012-12-21 15:08 - 00000008 __RSH () I:\Documents and Settings\All Users\ntuser.pol 2014-12-08 19:40 - 2014-04-05 13:52 - 00000220 _____ () I:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-12-01 10:30 - 2012-07-08 13:54 - 00000188 ___SH () I:\Documents and Settings\Administrator\ntuser.ini 2014-11-26 13:49 - 2012-07-08 14:17 - 00001324 _____ () I:\WINDOWS\system32\d3d9caps.dat 2014-11-26 03:21 - 2011-06-10 20:07 - 00000000 ____D () I:\Documents and Settings\PatrykG\Dane aplikacji\Orbit 2014-11-26 02:15 - 2011-06-08 19:24 - 00000000 ___RD () I:\Documents and Settings\PatrykG\Moje dokumenty\Moje obrazy 2014-11-26 00:56 - 2011-06-19 17:52 - 00000786 _____ () I:\WINDOWS\YDPDICT.INI 2014-11-24 17:07 - 2011-06-08 19:24 - 00000000 ___RD () I:\Documents and Settings\PatrykG\Moje dokumenty 2014-11-23 10:38 - 2012-04-27 10:41 - 00000000 ____D () I:\Program Files\Mozilla Maintenance Service 2014-11-21 19:14 - 2011-08-28 20:49 - 00000000 ____D () I:\Program Files\Notepad++ 2014-11-21 19:14 - 2011-06-22 08:32 - 00000000 ____D () I:\Documents and Settings\PatrykG\Dane aplikacji\Notepad++ 2014-11-21 11:45 - 2011-06-08 19:24 - 00000000 ___RD () I:\Documents and Settings\PatrykG\Moje dokumenty\Moja muzyka 2014-11-20 00:18 - 2011-06-30 03:23 - 00000116 _____ () I:\WINDOWS\NeroDigital.ini 2014-11-19 05:41 - 2011-06-08 19:41 - 00072704 _____ () I:\Documents and Settings\PatrykG\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) I:\WINDOWS\explorer.exe => File is digitally signed I:\WINDOWS\system32\winlogon.exe => File is digitally signed I:\WINDOWS\system32\svchost.exe => File is digitally signed I:\WINDOWS\system32\services.exe => File is digitally signed I:\WINDOWS\system32\User32.dll => File is digitally signed I:\WINDOWS\system32\userinit.exe => File is digitally signed I:\WINDOWS\system32\rpcss.dll => File is digitally signed I:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================