Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Ran by kimi (27-12-2016 19:04:52) Running from C:\Users\kimi\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-09-30 11:16:40) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2019573516-1231449209-3208073683-500 - Administrator - Disabled) Guest (S-1-5-21-2019573516-1231449209-3208073683-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2019573516-1231449209-3208073683-1003 - Limited - Enabled) kimi (S-1-5-21-2019573516-1231449209-3208073683-1000 - Administrator - Enabled) => C:\Users\kimi Masz chuju (S-1-5-21-2019573516-1231449209-3208073683-1004 - Limited - Enabled) => C:\Users\Masz chuju ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2019573516-1231449209-3208073683-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.) 4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.1.1870 - Open Media LLC) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam) Aktualizacje NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Ansel (Version: 375.95 - NVIDIA Corporation) Hidden Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology) ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.) Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody) Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - ) Cole2k Media - Codec Pack (Advanced) 8.0.6 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.6 - Cole2k Media) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd) DisplayFusion 8.0 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 8.0.0.0 - Binary Fortress Software) Elsword 1.0 (HKLM-x32\...\Elsword_pl_is1) (Version: 1.0 - Gameforge4d) Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge) Google Update Helper (x32 Version: 1.3.21.57 - Google Inc.) Hidden Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation) Malwarebytes (wersja 3.0.5.1299) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft) Mozilla Firefox 50.1.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pl)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD) Norton Security (HKLM-x32\...\NS) (Version: 22.8.1.14 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Sterownik graficzny 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden osu! (HKLM-x32\...\{07e684f6-bdaa-4d34-a422-812b7623b424}) (Version: latest - ppy Pty Ltd) Panel sterowania NVIDIA 375.95 (Version: 375.95 - NVIDIA Corporation) Hidden Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD) RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd) The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd) TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Transport Fever (HKLM-x32\...\1720767912_is1) (Version: 2.0.0.2 - GOG.com) Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - ) Unity Web Player (HKU\S-1-5-21-2019573516-1231449209-3208073683-1000\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) War Thunder Launcher 1.0.1.721 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) World of Tanks (HKU\S-1-5-21-2019573516-1231449209-3208073683-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-2019573516-1231449209-3208073683-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2019573516-1231449209-3208073683-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0327C35B-48DF-4636-ADC1-B1FA2F667107} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation) Task: {072D06FF-25CB-4065-BBFA-70273F520C25} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation) Task: {167E70D9-6163-42FE-93EE-230362815985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-21] (Adobe Systems Incorporated) Task: {2B7B51B4-24F4-47A0-BD3E-343E1DFF6F51} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation) Task: {5C7A3134-D3E4-40AE-A9A7-F6FE2ACE4E71} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\ProgramData\ASUS\AASP\1.02.00\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.) Task: {5F6A4739-6050-46FC-A73A-5ABA2D2407D3} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.) Task: {791F5295-3471-455F-AA0F-5D9F46B8257E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {99A0783F-E8CD-400E-BDFC-F630BC4989E2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation) Task: {A3706BAC-0733-4E6E-9CB4-9024692E27BD} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-11-12] (Symantec Corporation) Task: {A5D6FE4C-BF80-4725-B3C2-926EFB247C8E} - System32\Tasks\{1069D89E-4297-4359-8EE0-E4172A983940} => Chrome.exe hxxps://ui.skype.com/ui/0/7.29.0.102/pl/abandoninstall?page=tsProgressBar Task: {A9AA82D2-BF4A-4D20-836E-4D0BC302D519} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation) Task: {B5CB4971-925C-4DCE-92B0-160832399A88} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation) Task: {BE6B65F0-A690-4B79-981F-F62032C780F2} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.) Task: {CE1AE64A-5B56-4B8A-AD23-835AEBA61B07} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.8.1.14\WSCStub.exe [2016-11-12] (Symantec Corporation) Task: {D0D15173-8110-4C68-AC9C-D61E694A4EA7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-30] (AVAST Software) Task: {D1781F48-F64D-4AE0-85F4-8875EFE13F8F} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation) Task: {DA59F11A-86C1-4FCF-AF8F-E7B2C4C068A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation) Task: {DB2CFF50-8CD1-4B18-B927-4800799487C7} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-25] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe 2016-05-22 18:33 - 2016-05-22 18:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-11-27 23:31 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-11-27 23:31 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-11-27 23:32 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-11-27 23:30 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-26 20:36 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-12-26 20:36 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\ANTI-MALWARE\arwlib.dll 2015-09-30 13:17 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2016-12-01 12:42 - 2016-12-01 12:42 - 00055576 _____ () C:\Program Files (x86)\CCleaner\branding.dll 2015-09-30 13:30 - 2015-07-17 18:34 - 00061440 _____ () C:\Program Files (x86)\CCleaner\lang\lang-1045.dll 2015-09-30 12:23 - 2011-12-06 02:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2015-09-30 12:23 - 2011-12-06 02:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe 2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe 2016-12-16 13:42 - 2016-12-16 13:43 - 03977168 _____ () C:\Users\kimi\Desktop\adwcleaner_6.041.exe 2016-12-27 18:54 - 2016-12-27 18:54 - 00380928 _____ () C:\Users\kimi\Downloads\kl7y2rdp.exe 2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll 2016-11-27 23:32 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-11-27 23:31 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-11-27 23:31 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2015-09-30 13:17 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2016-12-26 14:39 - 2009-04-29 14:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll 2016-12-26 14:39 - 2009-04-29 14:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll 2016-12-26 14:39 - 2009-04-29 14:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2016-05-12 02:27 - 00000967 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2019573516-1231449209-3208073683-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kimi\AppData\Local\DisplayFusion\Wallpaper_1 DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup MSCONFIG\startupreg: 360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e => C:\Users\kimi\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: CCleaner => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /AUTO MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: Zune Launcher => "c:\Program Files\Zune\ZuneLauncher.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DF77A842-D8FA-4E38-A89E-B970BED438EF}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{ADCC3EF0-3EAA-4020-B789-79C87F980271}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{07E0E1CC-2047-4A38-854A-0D576B1A86AA}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9FABF68E-66DE-40FA-9A1F-EEE587057F28}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A0F6C9BC-DDB7-4895-9082-F313FB35BF92}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{24011387-43CC-475B-9A9D-7223DFD09278}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{90E88E4F-24C8-46E6-8092-36B7088235CB}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{77876033-3E80-467C-862F-4722BF51030A}] => C:\Users\kimi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4123A96D-2652-4E88-B39C-23C3C2DCB27E}] => C:\Users\kimi\AppData\Roaming\Andy\Setup.exe FirewallRules: [{065E27D5-1768-41B1-B2B9-ED55134F67D5}] => C:\Users\kimi\AppData\Roaming\Andy\Setup.exe FirewallRules: [{6BD6796C-BDAE-4CB4-8F0F-EE82961D2BD3}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{49A5AD75-428A-468A-A6CD-C5E9CC0B7765}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4B8B2506-F1EC-4094-A5F9-767440C32586}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{39EEB3FC-F0FC-434E-972C-48EAFB1EDEF9}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{6611B65A-8749-4032-A31D-0F6FFA9B3DA4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7F891E18-0F16-4317-A02C-DA637AA69DA4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{936965C7-C541-47EB-B889-36413D7E402E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B398AA99-C46C-45C8-BF75-27A8A9B5573A}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{29D2932E-B545-45A9-A4D0-4F55512ED4E1}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{23834432-E2C0-4428-B7A7-6043F5E0437B}] => C:\Gry\WarThunder\launcher.exe FirewallRules: [{544AE5FF-C213-4957-A5AD-8B5D4A35C09A}] => C:\Gry\WarThunder\launcher.exe FirewallRules: [{FF7D4F7D-AC31-4DB1-B838-390749AE312E}] => C:\Gry\WarThunder\run.exe FirewallRules: [{5C0E924F-2AC5-4DF5-A6B1-0D01A3FBC1BF}] => C:\Gry\WarThunder\run.exe FirewallRules: [{17CE9CD7-044F-4B35-AC7E-A935726CA50B}] => C:\Gry\World_of_Tanks\WoTLauncher.exe FirewallRules: [{ABAD899D-92B8-4A08-8635-0177B70684CB}] => C:\Gry\World_of_Tanks\WoTLauncher.exe FirewallRules: [{11206797-5742-4E6B-9910-79A0F240453B}] => C:\Gry\World_of_Tanks\worldoftanks.exe FirewallRules: [{D64A79C0-4B64-49C2-83D8-6DB75999E605}] => C:\Gry\World_of_Tanks\worldoftanks.exe FirewallRules: [{CB24A29D-CDC4-43C8-A581-50D30A38A76B}] => C:\Gry\World_of_Warships\WoWSLauncher.exe FirewallRules: [{6A0461CF-3772-4943-B783-6C18E80563DF}] => C:\Gry\World_of_Warships\WoWSLauncher.exe FirewallRules: [{915D2CBF-D6E7-4B20-8562-85B7ECBC7207}] => C:\Gry\World_of_Warships\worldofwarships.exe FirewallRules: [{233800DD-B62B-4520-8A23-B05F0765A8EA}] => C:\Gry\World_of_Warships\worldofwarships.exe FirewallRules: [{8A3F2BB3-E089-486A-A2C6-178B12361345}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BEE1FB72-6B04-4693-BACC-E43D74B2FAE9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{167ECB29-6873-40CF-8B1E-4AD5A2EECD9A}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8ACA7EEE-E00E-41F8-819B-C464B6EF21F7}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8D856186-DE20-4F2F-A1D8-95E234D90420}] => C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{AFCC42CE-9404-401D-AE60-7EA806C55822}] => C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= 24-12-2016 21:21:28 Zainstalowano: Microsoft Office PowerPoint Viewer 2007 (Polish) 26-12-2016 01:43:12 Installed Minecraft 26-12-2016 14:38:57 Installed Turbo Key 26-12-2016 16:49:54 Removed Minecraft ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/27/2016 03:10:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/27/2016 03:58:28 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program ALLPlayer.exe w wersji 6.3.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1ac0 Godzina rozpoczęcia: 01d25fed0d972518 Godzina zakończenia: 55 Ścieżka aplikacji: C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe Identyfikator raportu: 5442e3ac-cbe0-11e6-a4f1-d850e6becdc3 Error: (12/27/2016 01:08:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/26/2016 08:35:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.23418, sygnatura czasowa: 0x570898dc Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x0000000004d80fd8 Identyfikator procesu powodującego błąd: 0xa68 Godzina uruchomienia aplikacji powodującej błąd: 0x01d25fa45815de97 Ścieżka aplikacji powodującej błąd: C:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6a6e0908-cba2-11e6-95f0-d850e6becdc3 Error: (12/26/2016 08:35:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.23418, sygnatura czasowa: 0x570898dc Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000004d80fd8 Identyfikator procesu powodującego błąd: 0xa68 Godzina uruchomienia aplikacji powodującej błąd: 0x01d25fa45815de97 Ścieżka aplikacji powodującej błąd: C:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6814f50a-cba2-11e6-95f0-d850e6becdc3 Error: (12/26/2016 07:17:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/26/2016 05:00:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/25/2016 05:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/25/2016 04:18:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SndVol.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7aced Nazwa modułu powodującego błąd: SndVol.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7aced Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000001d612 Identyfikator procesu powodującego błąd: 0x1a0c Godzina uruchomienia aplikacji powodującej błąd: 0x01d25e498e305668 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\SndVol.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\SndVol.exe Identyfikator raportu: d93e6353-ca50-11e6-be00-d850e6becdc3 Error: (12/25/2016 12:00:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SndVol.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7aced Nazwa modułu powodującego błąd: SndVol.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7aced Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000001d612 Identyfikator procesu powodującego błąd: 0x220 Godzina uruchomienia aplikacji powodującej błąd: 0x01d25e29c0c49f68 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\SndVol.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\SndVol.exe Identyfikator raportu: b99f16ca-ca2c-11e6-be00-d850e6becdc3 System errors: ============= Error: (12/27/2016 05:17:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 05:17:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 04:13:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 04:13:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:41:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:41:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:25:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:25:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:17:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. Error: (12/27/2016 03:17:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Odebrano następujący alert krytyczny: 40. CodeIntegrity: =================================== Date: 2016-06-30 20:02:07.161 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-30 20:02:06.864 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-06-30 15:57:16.621 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-26 00:00:47.525 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-26 00:00:47.447 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-25 22:02:15.700 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-25 22:02:15.627 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hamachi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 45% Total physical RAM: 8174.12 MB Available physical RAM: 4457.25 MB Total Virtual: 16346.42 MB Available Virtual: 12397.58 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:911.98 GB) (Free:237.49 GB) NTFS Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (Nikola) (Fixed) (Total:297.99 GB) (Free:0.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 21E3E293) Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=912 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 08000000) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================