Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017 Ran by SYSTEM on REATOGO (01-09-2017 19:17:09) Running from H:\ Platform: Microsoft Windows XP Dodatek Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2015-03-01] (Windows (R) 2000 DDK provider) S0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-01 19:16 - 2017-09-01 19:16 - 000000000 ____D C:\FRST 2017-09-01 17:07 - 2015-03-01 07:25 - 002883584 _____ C:\Windows\System32\config\Copy of system 2017-09-01 10:40 - 2017-09-01 10:40 - 000000000 __HDC C:\Windows\$NtUninstallKB970430$ 2017-09-01 10:40 - 2017-09-01 10:40 - 000000000 __HDC C:\Windows\$NtUninstallKB2345886$ 2017-09-01 10:39 - 2017-09-01 10:40 - 000001355 _____ C:\Windows\imsins.BAK 2017-09-01 10:39 - 2017-09-01 10:39 - 000000000 __HDC C:\Windows\$NtUninstallKB2868038$ 2017-09-01 10:39 - 2013-07-16 20:58 - 000123008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys 2017-09-01 10:39 - 2013-07-16 20:58 - 000123008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys 2017-09-01 10:39 - 2013-07-16 20:58 - 000046848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irbus.sys 2017-09-01 10:39 - 2013-07-16 20:58 - 000046848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irbus.sys 2017-08-29 13:23 - 2017-08-29 16:26 - 000223232 _____ C:\Protokół (version 1).xls 2017-08-13 11:04 - 2017-08-13 09:55 - 003460443 _____ C:\dreamboxEDIT_without_setup_5.0.2.0.zip 2017-08-13 10:39 - 2017-08-13 16:51 - 000000000 ____D C:\18.07.24 nowa lista polska full 2017-08-13 09:10 - 2017-08-13 10:20 - 000000000 ____D C:\E2_HD_settings_HB13E_HSWG_18062017 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-01 20:37 - 2013-09-03 16:47 - 000000000 ____D C:\Documents and Settings\Adm\Pulpit 2017-09-01 14:28 - 2017-06-01 08:06 - 000000000 ____D C:\Wypadek 2017-09-01 11:15 - 2013-09-03 16:47 - 000000188 ___SH C:\Documents and Settings\Adm\ntuser.ini 2017-09-01 11:15 - 2013-09-03 16:45 - 000004004 _____ C:\Windows\SchedLgU.Txt 2017-09-01 11:09 - 2013-09-03 18:35 - 000763990 _____ C:\Windows\System32\PerfStringBackup.INI 2017-09-01 11:09 - 2001-10-26 12:15 - 000355486 _____ C:\Windows\System32\perfh015.dat 2017-09-01 11:09 - 2001-10-26 12:15 - 000049492 _____ C:\Windows\System32\perfc015.dat 2017-09-01 11:07 - 2001-07-21 18:17 - 000002206 _____ C:\Windows\System32\wpa.dbl 2017-09-01 10:40 - 2013-09-03 18:22 - 000000000 RSHDC C:\Windows\System32\dllcache 2017-09-01 10:40 - 2013-09-03 18:22 - 000000000 ___HD C:\Windows\inf 2017-09-01 10:39 - 2013-09-03 16:42 - 000000000 ___HD C:\Windows\$hf_mig$ 2017-08-31 06:38 - 2017-06-01 08:29 - 000000000 ____D C:\Wspólnota 2017-08-23 12:57 - 2014-03-27 08:50 - 004825088 _____ C:\SYSTEM 2017-08-17 13:26 - 2017-07-17 12:53 - 000000000 ____D C:\FAKTURY MEBLE ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe [2008-04-14 16:51] - [2008-04-14 16:51] - 001035264 _____ (Microsoft Corporation) C791ED9EAC5E76D9525E157B1D7A599A C:\Windows\System32\winlogon.exe [2008-04-14 16:51] - [2008-04-14 16:51] - 000510464 _____ (Microsoft Corporation) 51FD2E13D723857B9CA239AE77150F48 C:\Windows\System32\svchost.exe [2008-04-14 16:51] - [2008-04-14 16:51] - 000014336 _____ (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE C:\Windows\System32\services.exe [2008-04-14 16:51] - [2009-02-09 07:25] - 000111104 _____ (Microsoft Corporation) 02A467E27AF55F7064C5B251E587315F C:\Windows\System32\User32.dll [2008-04-14 16:50] - [2008-04-14 16:50] - 000580096 _____ (Microsoft Corporation) A435C5C069AFD901751AC323AD238793 C:\Windows\System32\userinit.exe [2008-04-14 16:51] - [2008-04-14 16:51] - 000026624 _____ (Microsoft Corporation) 2A5B37D520508BE6570A3EA79695F5B5 C:\Windows\System32\rpcss.dll [2008-04-14 16:50] - [2009-02-09 06:53] - 000401408 _____ (Microsoft Corporation) A37311D9D628C1042A2836731787F0F3 C:\Windows\System32\dnsapi.dll [2008-04-14 16:50] - [2011-03-03 02:55] - 000149504 _____ (Microsoft Corporation) 6599CFCB40329C37282E4E80E813E799 C:\Windows\System32\Drivers\volsnap.sys [2008-04-14 15:31] - [2008-04-14 15:31] - 000052864 _____ (Microsoft Corporation) 56B191AC5FC0DF219949C95A6C87AFE7 ==================== Association (Whitelisted) ============= ==================== Restore Points (XP) ===================== RP: -> 2017-09-01 10:39 - 024576 _restore{D007C56F-B3A8-47C7-90D4-A329F35B660A}\RP9 RP: -> 2015-03-01 05:33 - 024576 _restore{D007C56F-B3A8-47C7-90D4-A329F35B660A}\RP5 RP: -> 2015-03-01 05:11 - 024576 _restore{D007C56F-B3A8-47C7-90D4-A329F35B660A}\RP3 RP: -> 2013-09-03 11:37 - 024576 _restore{D007C56F-B3A8-47C7-90D4-A329F35B660A}\RP2 RP: -> 2013-09-03 16:47 - 024576 _restore{D007C56F-B3A8-47C7-90D4-A329F35B660A}\RP1 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 2047.48 MB Available physical RAM: 1809.08 MB Total Virtual: 1878.13 MB Available Virtual: 1813.01 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS Drive c: () (Fixed) (Total:11.72 GB) (Free:3.38 GB) NTFS ==>[drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:19.53 GB) (Free:5.56 GB) NTFS Drive e: (PROGRAMY) (Fixed) (Total:58.59 GB) (Free:49.9 GB) NTFS Drive f: (DOKUMENTY) (Fixed) (Total:68.36 GB) (Free:59.26 GB) NTFS Drive g: (VIDEO) (Fixed) (Total:74.54 GB) (Free:53.53 GB) NTFS Drive h: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT Drive x: (ReatogoPE) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 42744273) Partition 1: (Active) - (Size=11.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=221 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 961 MB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=961 MB) - (Type=06) ==================== End of FRST.txt ============================