Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-01-2014 02 Ran by kamil (administrator) on KAMIL-2A039540C on 14-01-2014 11:30:17 Running from C:\Documents and Settings\kamil\Pulpit\skan\Rist Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AQQ Sp. z o.o.) C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe () C:\Documents and Settings\kamil\WapSter\AQQ Folder\Profiles\bandzior\Plugins\SkypeCore\skype.core (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-06] (AVAST Software) Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [136136 2007-09-06] (DT Soft Ltd.) HKCU\...\Run: [AQQ] - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe [8174592 2013-10-16] (AQQ Sp. z o.o.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365491554734 Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: HDvid Codec 3 - C:\Documents and Settings\kamil\Dane aplikacji\Mozilla\Firefox\profiles\extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\pdf.dll () CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll No File CHR Extension: (Google Docs) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-08-29] CHR Extension: (Google Drive) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-08-29] CHR Extension: (YouTube) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-08-29] CHR Extension: (Google Search) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-08-29] CHR Extension: (avast! Online Security) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0 [2014-01-06] CHR Extension: (Google Wallet) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-08] CHR Extension: (Gmail) - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-08-29] CHR HKLM\...\Chrome\Extension: [gbdabnfmdemcjjadpkpjibhhacggangd] - C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx [2013-08-29] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-25] ========================== Services (Whitelisted) ================= S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-11-25] (AVAST Software) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation) ==================== Drivers (Whitelisted) ==================== R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2013-11-25] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software) R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [247192 2013-12-16] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-25] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-06] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2013-04-04] () R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. ) S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] () R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2013-04-04] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2013-04-04] () S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2013-06-21] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2013-06-21] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2013-06-21] (MCCI Corporation) R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] () S3 catchme; \??\C:\DOCUME~1\kamil\USTAWI~1\Temp\catchme.sys [x] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x] S4 IntelIde; No ImagePath U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U3 ag4w5uvr; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-14 10:11 - 2014-01-14 11:01 - 00000000 ____D C:\Documents and Settings\kamil\Pulpit\skan 2014-01-14 10:08 - 2014-01-14 10:08 - 00000000 ____D C:\FRST 2014-01-06 13:35 - 2014-01-06 13:35 - 00001733 _____ C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2013-12-25 06:15 - 2013-12-25 06:15 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Adobe 2013-12-20 09:43 - 2014-01-14 10:43 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-18 07:20 - 2013-12-18 07:20 - 00001915 _____ C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk 2013-12-18 07:20 - 2013-12-18 07:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Earth 2013-12-16 17:44 - 2013-12-16 17:44 - 00000000 ____D C:\WINDOWS\Cache ==================== One Month Modified Files and Folders ======= 2014-01-14 11:27 - 2013-11-21 17:09 - 00000000 ____D C:\Documents and Settings\kamil\Dane aplikacji\SkypeKit 2014-01-14 11:18 - 2013-03-26 12:49 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-14 11:01 - 2014-01-14 10:11 - 00000000 ____D C:\Documents and Settings\kamil\Pulpit\skan 2014-01-14 10:43 - 2013-12-20 09:43 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-14 10:19 - 2013-04-16 19:00 - 00000462 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{5F6A6A7C-BF08-4E73-A898-3E538DA3DF34}.job 2014-01-14 10:19 - 2013-03-26 11:07 - 00032550 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-14 10:11 - 2013-03-26 11:10 - 00000000 ____D C:\Documents and Settings\kamil\Pulpit 2014-01-14 10:08 - 2014-01-14 10:08 - 00000000 ____D C:\FRST 2014-01-14 10:05 - 2013-03-26 11:02 - 01868366 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-14 09:28 - 2013-03-26 13:22 - 00000000 ____D C:\Documents and Settings\kamil\Dane aplikacji\TS3Client 2014-01-14 09:28 - 2013-03-26 12:36 - 00000000 ____D C:\Documents and Settings\kamil\Dane aplikacji\BitTorrent 2014-01-14 09:28 - 2013-03-26 11:10 - 00000000 ____D C:\Documents and Settings\kamil 2014-01-14 09:17 - 2013-08-02 07:23 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-01-14 09:11 - 2013-03-26 12:49 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-14 09:11 - 2013-03-26 11:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-14 09:10 - 2013-03-26 12:22 - 00065536 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2014-01-14 09:10 - 2013-03-26 11:10 - 00000188 ___SH C:\Documents and Settings\kamil\ntuser.ini 2014-01-14 08:41 - 2001-07-22 01:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-09 17:46 - 2013-12-13 19:17 - 00000097 _____ C:\Documents and Settings\kamil\Pulpit\Nowy Dokument tekstowy.txt 2014-01-08 01:19 - 2013-08-29 18:27 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-01-06 13:35 - 2014-01-06 13:35 - 00001733 _____ C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk 2014-01-06 13:35 - 2013-11-25 09:15 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Avast 2014-01-06 13:35 - 2013-03-26 11:52 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2014-01-06 13:34 - 2013-08-02 07:23 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2014-01-06 13:34 - 2013-08-02 07:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2014-01-06 13:34 - 2013-04-09 07:59 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-01-04 22:39 - 2013-04-04 17:09 - 00000000 ____D C:\Documents and Settings\kamil\Ustawienia lokalne\Dane aplikacji\The Witcher 2014-01-04 18:20 - 2013-09-13 13:56 - 00000000 ____D C:\Program Files\LittleFighter2 2014-01-04 18:19 - 2013-03-26 11:10 - 00000000 ___RD C:\Documents and Settings\kamil\Menu Start\Programy 2013-12-29 13:04 - 2013-04-28 00:13 - 00000000 ____D C:\Documents and Settings\kamil\Moje dokumenty\FIFA 10 2013-12-25 06:15 - 2013-12-25 06:15 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Adobe 2013-12-25 06:15 - 2013-03-26 11:07 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji 2013-12-20 10:43 - 2013-08-10 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-12-20 10:43 - 2013-08-10 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-12-18 07:20 - 2013-12-18 07:20 - 00001915 _____ C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk 2013-12-18 07:20 - 2013-12-18 07:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Earth 2013-12-18 07:20 - 2013-03-26 11:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy 2013-12-18 07:19 - 2013-03-26 11:17 - 00000000 ____D C:\Program Files\Google 2013-12-16 21:13 - 2013-11-25 09:11 - 00247192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndis2.sys 2013-12-16 21:01 - 2013-11-25 09:15 - 00001799 _____ C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk 2013-12-16 20:58 - 2013-03-26 12:46 - 00000000 ____D C:\Documents and Settings\Administrator 2013-12-16 20:58 - 2013-03-26 11:07 - 00000000 __SHD C:\Documents and Settings\NetworkService 2013-12-16 20:58 - 2013-03-26 11:07 - 00000000 __SHD C:\Documents and Settings\LocalService 2013-12-16 20:58 - 2013-03-26 11:00 - 00000000 ____D C:\WINDOWS\Registration 2013-12-16 20:57 - 2013-08-01 09:51 - 00000000 ____D C:\Program Files\GameforgeLive 2013-12-16 20:41 - 2013-07-27 14:04 - 00000000 ____D C:\Documents and Settings\kamil\Pulpit\zdjecia tel 2013-12-16 20:40 - 2013-03-26 11:10 - 00000000 ___RD C:\Documents and Settings\kamil\Moje dokumenty 2013-12-16 17:44 - 2013-12-16 17:44 - 00000000 ____D C:\WINDOWS\Cache Some content of TEMP: ==================== C:\Documents and Settings\kamil\Ustawienia lokalne\temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2004-08-03 23:44] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2004-08-03 23:44] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2004-08-03 23:44] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\rpcss.dll [2004-08-03 23:44] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 C:\Windows\System32\Drivers\volsnap.sys [2004-08-03 23:36] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================