Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015 Ran by Włodek at 2015-07-16 01:01:16 Running from C:\Users\Włodek\Desktop\Walka z Update Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-287265340-2162033715-3200400593-500 - Administrator - Disabled) Gość (S-1-5-21-287265340-2162033715-3200400593-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-287265340-2162033715-3200400593-1243 - Limited - Enabled) UpdatusUser (S-1-5-21-287265340-2162033715-3200400593-1005 - Limited - Enabled) => C:\Users\UpdatusUser Włodek (S-1-5-21-287265340-2162033715-3200400593-1001 - Administrator - Enabled) => C:\Users\Włodek ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C} AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ActiveSMART (HKLM\...\ActiveSMART) (Version: 2.97 - Ariolic Software, Ltd.) Adblock plus dla IE (32-bitowego) (HKLM\...\{0B3F04EC-0C2E-4EDA-9A28-D4DD0A4D2509}) (Version: 1.3 - Eyeo GmbH) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Ashampoo HDD Control 3 v.3.00.90 (HKLM\...\{4209F371-7505-A040-718A-C57DA1CB7247}_is1) (Version: 3.00.90 - Ashampoo GmbH & Co. KG) calibre (HKLM\...\{8854EE3C-5031-499F-B5EB-51A82F1B28EF}) (Version: 2.21.0 - Kovid Goyal) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP) DriverIdentifier 4.2.8 (HKLM\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier) EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) Feature Update Service (YFD) (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\YourFileDownloaderUpdater) (Version: 2.14.23 - ) <==== ATTENTION Google Chrome (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\Google Chrome) (Version: 16.0.912.75 - Google Inc.) ipla 2.8.4 (HKLM\...\ipla) (Version: 2.8.4 - Redefine Sp z o.o.) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40620.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-287265340-2162033715-3200400593-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\SkyDriveSetup.exe) (Version: 17.0.2006.0314 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKLM\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security) Panda Devices Agent (Version: 1.05.00 - Panda Security) Hidden Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0004 - Panda Security) Panda Free Antivirus (Version: 7.82.00.0000 - Panda Security) Hidden PhotoFiltre (HKU\S-1-5-21-287265340-2162033715-3200400593-1001\...\PhotoFiltre) (Version: - ) PhotoFiltre (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\PhotoFiltre) (Version: - ) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Spotify (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB) WinFast PVR2 (HKU\S-1-5-21-287265340-2162033715-3200400593-1005\...\{C92C584E-C781-475E-A8E2-C67D993A6B95}) (Version: 2.0.3.39 - Leadtek) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Włodek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> D:\Programy\Best Player\Best Player.exe (Karol Winnicki) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Włodek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Włodek\AppData\Local\Facebook\Update\FacebookUpdate.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Włodek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Włodek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> "C:\Users\Włodek\AppData\Local\Google\Google Talk Plugin\googletalkax.dll" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Włodek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Włodek\AppData\Local\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{9793fbbf-e9db-3b01-b322-3430cbcf3cd5}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> "C:\Users\Włodek\AppData\Local\Google\Google Talk Plugin\o1dax.dll" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611}\InprocServer32 -> No Filepath CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Włodek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File CustomCLSID: HKU\S-1-5-21-287265340-2162033715-3200400593-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2014-10-16 21:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1BA85EAB-5D29-4A58-8A7A-0D87EAC35F0B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Włodek => D:\Programy\Windows Calendar\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation) Task: {5374278D-A7E4-4F2C-9698-1756893B1E9B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-287265340-2162033715-3200400593-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {54BA5D9D-36DF-4615-8F40-C8DD77CF323B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {61F8E6F5-447C-412F-ABE6-BA6664F2F460} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.) Task: {6FCC5F61-EB46-4C31-A33A-1220B3A398BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated) Task: {78AFE24D-9849-4E79-8C04-D26094873899} - System32\Tasks\{19C750D8-55ED-4027-BC25-4672055D30B1} => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe [2015-02-27] (Panda Security, S.L.) Task: {FA79695E-EE2F-4F34-AED9-F9692C65B908} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-287265340-2162033715-3200400593-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4b86568f057d.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff08013b0803d.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287265340-2162033715-3200400593-1001Core.job => C:\Users\Włodek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287265340-2162033715-3200400593-1001UA1cf6bb4a4e102af.job => C:\Users\Włodek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\{19C750D8-55ED-4027-BC25-4672055D30B1}.job => C:\Program Files\Panda Security\Panda Security Protection\JobLauncher.exe ==================== Loaded Modules (Whitelisted) ============== 2011-11-09 01:21 - 2014-07-02 21:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2012-10-23 17:30 - 2012-10-23 17:30 - 00026888 _____ () C:\Windows\system32\BsTrace.dll 2012-10-23 17:30 - 2012-10-23 17:30 - 00053000 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2015-04-24 23:21 - 2015-02-02 16:07 - 00324456 _____ () C:\Program Files\Ashampoo\Ashampoo HDD Control 3\HDDC3Service.exe 2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll 2011-03-15 07:13 - 2011-03-15 07:13 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-20 01:17 - 2009-07-13 21:50 - 00325120 _____ () C:\Program Files\TeraCopy\TeraCopy.dll 2010-03-09 04:55 - 2010-03-09 04:55 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2014-03-20 01:17 - 2009-06-22 00:26 - 00305664 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll 2012-10-23 17:30 - 2012-10-23 17:30 - 00352520 _____ () C:\Windows\system32\BsExtendFunc.dll 2012-01-19 22:53 - 2005-09-28 11:54 - 00020480 ____N () C:\Windows\CameraFixer.exe 2012-10-23 17:30 - 2012-10-23 17:30 - 00070408 _____ () C:\Windows\system32\BsProfilefunc.dll 2012-10-23 17:30 - 2012-10-23 17:30 - 00018696 _____ () C:\Windows\system32\SCChangeMonitor.dll 2012-03-23 22:54 - 2012-06-08 20:40 - 01086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD AlternateDataStreams: C:\ProgramData\Dane aplikacji:$SS_DESCRIPTOR_LBP6VPVFLVGVTFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GV6PYM54U3M96HFNXH553Y8VPHKL606FVGEG1P6ERPVRDVT8JL9JJMPYV0PRUEF39P8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVV1VTVVTVMVV7 AlternateDataStreams: C:\ProgramData\Dane aplikacji:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-287265340-2162033715-3200400593-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Włodek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.204.159.1 - 194.204.152.34 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: TapiSrv => 2 MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe MSCONFIG\startupreg: egui => MSCONFIG\startupreg: KONICA MINOLTA PagePro 1350WStatusDisplay => C:\Windows\system32\MSTMON_Q.EXE ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [{E71C9B53-ECB1-481E-9101-12A4564AE59E}] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [{E66B1093-0C32-444D-A35A-0D08250CB2B8}] => (Allow) %SystemRoot%\System32\mmc.exe FirewallRules: [{312C9F24-80DD-4A87-BE32-864B2E886D3F}] => (Allow) C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{69E0BCD8-0319-4F3A-AD67-55B7CB8586CA}] => (Allow) C:\Program Files\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [TCP Query User{48965B8B-04DB-411B-AEBF-DF978696C6A4}D:\programy\portable emule 0.50a\app\emule\emule.exe] => (Allow) D:\programy\portable emule 0.50a\app\emule\emule.exe FirewallRules: [UDP Query User{31D9231B-FFE9-4D93-BA5F-A42908E68AA5}D:\programy\portable emule 0.50a\app\emule\emule.exe] => (Allow) D:\programy\portable emule 0.50a\app\emule\emule.exe FirewallRules: [{CAC67734-53AE-4373-95B8-CA19E556347B}] => (Allow) D:\Programy\uTorrentPortable\App\uTorrent\uTorrent.exe FirewallRules: [{C785D244-BB38-4A15-9E72-4C32C5ACFC26}] => (Allow) D:\Programy\uTorrentPortable\App\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{083911D9-647A-4518-8B3A-D4E315183EA2}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [UDP Query User{3866EE75-202E-440B-8623-9E0F02AB4D7A}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{110CBD79-9E29-4E48-8127-E2C0160FFC33}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{899FC38B-7160-44AD-85F0-DB9CB713B6AB}C:\program files\tlen.pl\tlen.exe] => (Allow) C:\program files\tlen.pl\tlen.exe FirewallRules: [UDP Query User{0AD1AA83-7A03-4E05-AF88-D36B70770607}C:\program files\tlen.pl\tlen.exe] => (Allow) C:\program files\tlen.pl\tlen.exe FirewallRules: [{95F08AEE-56E8-458F-A252-FA1594201047}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6905AD8D-2CD6-44EA-B21F-247B237E00B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{310FDA00-A3AA-4DD6-A492-C2650B950146}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2015 12:58:00 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST.exe w wersji 12.7.2015.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1498 Godzina rozpoczęcia: 01d0bf4b33bf0f06 Godzina zakończenia: 7 Ścieżka aplikacji: C:\Users\Włodek\Desktop\Walka z Update\FRST.exe Identyfikator raportu: Error: (07/16/2015 12:37:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (07/16/2015 12:37:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (07/16/2015 12:11:35 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {fb07a884-10c7-4106-ba80-52947ca3aee1} Error: (07/15/2015 11:58:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/15/2015 11:58:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (07/15/2015 09:52:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/15/2015 09:52:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (07/14/2015 10:02:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/14/2015 10:02:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] System errors: ============= Error: (07/16/2015 12:59:46 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (07/15/2015 11:59:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (07/15/2015 11:58:37 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (07/15/2015 11:58:35 PM) (Source: WMPNetworkSvc) (EventID: 14319) (User: ) Description: Usługa „WMPNetworkSvc” nie została uruchomiona, ponieważ zasady grupy uniemożliwiają programowi Windows Media Player udostępnianie multimediów innym urządzeniom. Error: (07/15/2015 11:58:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WebcamMax, WDM Video Capture z powodu następującego błędu: %%1058 Error: (07/15/2015 11:55:48 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa ESET Uninstaller Service jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (07/15/2015 11:55:22 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046} Error: (07/15/2015 11:55:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (07/15/2015 11:55:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (07/15/2015 11:55:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office: ========================= Error: (07/16/2015 12:58:00 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST.exe12.7.2015.1149801d0bf4b33bf0f067C:\Users\Włodek\Desktop\Walka z Update\FRST.exe Error: (07/16/2015 12:37:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabWymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (07/16/2015 12:37:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabWymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (07/16/2015 12:11:35 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Odmowa dostępu. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {fb07a884-10c7-4106-ba80-52947ca3aee1} Error: (07/15/2015 11:58:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/15/2015 11:58:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (07/15/2015 09:52:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/15/2015 09:52:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (07/14/2015 10:02:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (07/14/2015 10:02:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz Percentage of memory in use: 30% Total physical RAM: 3582.49 MB Available physical RAM: 2502.03 MB Total Virtual: 7163.27 MB Available Virtual: 6033.93 MB ==================== Drives ================================ Drive c: (SYSTEMOWY) (Fixed) (Total:48.83 GB) (Free:0.42 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Programy i Filmy) (Fixed) (Total:221.52 GB) (Free:89.3 GB) NTFS Drive e: (Muzyka) (Fixed) (Total:195.31 GB) (Free:89.04 GB) NTFS Drive f: (Nowy) (Fixed) (Total:233.34 GB) (Free:106.97 GB) NTFS Drive g: (Nowy) (Fixed) (Total:232.42 GB) (Free:232.33 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D6FFA5F8) Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.5 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 62E20562) Partition 1: (Not Active) - (Size=233.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS) ==================== End of log ============================