Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01 Ran by dkoloszc at 2014-12-23 12:22:08 Running from C:\Users\dkoloszc\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AirServer (64-bit) (HKLM\...\{B121A8E8-49B7-42C2-9D08-55597E9B91D2}) (Version: 1.9.7 - App Dynamic) Akamai NetSession Interface (HKU\S-1-5-21-29074177-2114273088-3454551869-225919\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Axure RP Pro 7.0 (HKLM-x32\...\Axure RP Pro 7.0) (Version: 7.0.0.3174 - Axure Software Solutions, Inc.) Axure RP Pro 7.0 (x32 Version: 7.0.0.3174 - Axure Software Solutions, Inc.) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Camtasia Studio 8 (HKLM-x32\...\{765AD29A-7EF5-4456-8F6F-83467E52AB52}) (Version: 8.4.3.1792 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version: - Jay Prall) ConfigMgr Client Setup Bootstrap (x32 Version: 5.00.7958.1000 - Microsoft Corporation) Hidden Configuration Manager Client (Version: 5.00.7958.1000 - Microsoft Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.) Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.) Dell ControlVault Host Components Installer 64 bit (HKLM\...\{E48B5C04-39F5-4569-B793-F028203B0B47}) (Version: 2.3.318.1675 - Broadcom Corporation) Dell Custom Help (Version: 16.01.3000.0254 - Intel Corporation) Hidden Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Power Manager (HKLM\...\{E45D7941-F3F0-4E8E-AD55-DCE2FE0AE6D8}) (Version: 1.1.0 - Dell Inc.) Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.129 - ALPS ELECTRIC CO., LTD.) Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd) Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd) ERDAS ECWP and 3D Plug-in for Firefox & Chrome (HKLM-x32\...\ERDAS ECWP and 3D Plug-in for Firefox & Chrome) (Version: 14.00.0001.00210 - Intergraph Corporation) ERDAS ECWP and 3D Plug-in for Internet Explorer (HKLM-x32\...\ERDAS ECWP and 3D Plug-in for Internet Explorer) (Version: 14.00.0001.00210 - Intergraph Corporation) Esri Maps for Office 2.1.4 (HKLM-x32\...\{BB3CFC2C-79E7-474A-BC28-46EED8F4DE7C}) (Version: 2.1.4.280 - Environmental Systems Research Institute, Inc.) FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GoToMeeting 7.0.4.2033 (HKU\S-1-5-21-29074177-2114273088-3454551869-225919\...\GoToMeeting) (Version: 7.0.4.2033 - CitrixOnline) iExplorer 3.4.0.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Network Connections 18.1.59.00 (HKLM\...\PROSetDX) (Version: 18.1.59.00 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3220 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.3) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.2.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Intel(R) WiDi (HKLM\...\{24A36A7A-108C-4846-BE1F-2CD05497B998}) (Version: 4.2.15.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{8361f8a3-b0a1-4278-a12e-5ee41e61ec4a}) (Version: 16.1.3 - Intel Corporation) Intergraph GeoMedia Desktop 2014 (HKLM-x32\...\{90EBF96D-6378-4034-A51A-C0634F5B4F57}) (Version: 14.00.0002.00088 - Intergraph Corporation) Intergraph Licensing 11.11.1 (HKLM-x32\...\{FD647A53-54A0-4FAF-BBDE-68697BD760E4}) (Version: 11.11.0100.00141 - Intergraph Security, Government & Infrastructure) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Juniper Networks Host Checker (HKU\S-1-5-21-29074177-2114273088-3454551869-225919\...\Neoteris_Host_Checker) (Version: 8.0.4.31475 - Juniper Networks) Juniper Networks Setup Client (HKU\S-1-5-21-29074177-2114273088-3454551869-225919\...\Juniper_Setup_Client) (Version: 8.0.4.47117 - Juniper Networks) Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPRO) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation) Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.9.0.1 - RSUPPORT) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 33.1.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 pl)) (Version: 33.1.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Network Recording Player (HKLM-x32\...\{EA7547D9-708C-4496-BF2D-8623FB3C4F13}) (Version: 29.8.2.10049 - Cisco WebEx LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team) Obsługa programów Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) OpenJUMP 1.7.1 rev.4004 PLUS (HKLM-x32\...\OpenJUMP 1.7.1 rev.4004 PLUS) (Version: - ) OpenJUMP 20140803 rev.4040 PLUS (HKLM-x32\...\OpenJUMP 20140803 rev.4040 PLUS) (Version: - ) Operations Dashboard (HKU\S-1-5-21-29074177-2114273088-3454551869-225919\...\cc67ed9802614d8b) (Version: 10.2.3.538 - ArcGIS) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Password Unmask 2.0 (HKLM-x32\...\Password Unmask 2.0) (Version: - ) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio) Pencil (HKLM-x32\...\Pencil) (Version: - Evolus Co., Ltd.) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) Python 2.7 PIL-1.1.7 (HKLM-x32\...\PIL-py2.7) (Version: - ) Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5975 - Realtek Semiconductor Corp.) Reflector (HKLM-x32\...\{DE9E8A01-AD46-4708-93FF-1D20DECDA638}) (Version: 1.3.4.10 - Squirrels) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.0.13091.39 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.0.13091.39 - Samsung Electronics Co., Ltd.) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0041 - ST Microelectronics) Syncios version 4.1.4 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.4 - Anvsoft, Inc.) Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.) USB Debugging Driver (HKLM\...\{B61F9010-3474-11E4-8C21-0800200C9A66}) (Version: 1.0.2 - Invisibility Ltd) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden WebEx Productivity Tools (HKLM-x32\...\{2E25E4DA-9800-401D-B786-9A6917ADACC2}) (Version: 2.36.900.10068 - Cisco WebEx LLC) Windows Driver Package - Invisibility Ltd (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00005) (HKLM\...\75C08D52970A346B942241A586E034CE1ED766DE) (Version: 08/27/2012 7.0.0000.00005 - Invisibility Ltd) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-29074177-2114273088-3454551869-225919_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 08-12-2014 07:46:54 Windows Update 11-12-2014 11:43:57 Windows Update 15-12-2014 07:55:05 Windows Update 15-12-2014 09:48:16 paint.net 4.0.5 19-12-2014 17:19:13 Windows Update 23-12-2014 12:10:47 Punkt przywracania stworzony przez HitmanPro ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-08-22 10:02 - 00000852 ____N C:\Windows\system32\Drivers\etc\hosts 74.208.10.249 gs.apple.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {19F7E17A-BD01-4B2F-AAE5-D4D9A5F8983E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {2B59DCEC-1414-42C4-82C3-D50B842D916C} - System32\Tasks\AdobeAAMUpdater-1.0-INGRNET-dkoloszc => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {484F45B1-2342-46D0-A90A-E9EA9E373410} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated) Task: {7BF5F9CF-3F27-41A1-B091-A5A920DCDB5C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {A4E57F6D-06D4-4364-AFB4-A9057A1194DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {A7D99078-3F5C-459D-8D9C-073037E9C10B} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2013-09-11] (Microsoft Corporation) Task: {AC158099-AB03-4E1F-8C16-457286279C8C} - System32\Tasks\G2MUpdateTask-S-1-5-21-29074177-2114273088-3454551869-225919 => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe [2014-11-28] (Citrix Online, a division of Citrix Systems, Inc.) Task: {C8E438FB-675F-49A9-97E3-44679B470802} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.) Task: {CCA376C9-4144-49FC-8EA0-D510BDFA4568} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {CEDCC3C1-C1BA-4C1A-9847-6673D1117F6C} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection Task: {D6C793A4-7A0D-46B2-93E7-B8EB119A398A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {DD8ED2BB-5A8E-4159-AA3F-2BBF796528E3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {EF116380-4607-4CC9-8378-71607356862E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {F54C65B0-6407-4299-9680-7F6A46921D09} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-29074177-2114273088-3454551869-225919.job => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-03 11:15 - 2011-08-31 12:55 - 00801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll 2013-04-03 11:15 - 2007-05-16 10:42 - 00089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll 2010-04-22 22:54 - 2012-12-19 03:06 - 01300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll 2014-07-23 17:20 - 2014-11-07 02:06 - 01016104 _____ () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe 2013-01-16 09:19 - 2013-01-16 09:19 - 00048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll 2013-04-02 11:25 - 2013-04-02 11:25 - 00675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll 2013-01-16 09:23 - 2013-01-16 09:23 - 00058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll 2014-03-20 10:24 - 2014-03-20 10:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-01-11 12:30 - 2013-04-19 22:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll 2014-01-11 12:30 - 2013-04-19 22:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll 2014-01-11 12:30 - 2013-04-19 22:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-01-11 12:30 - 2013-04-19 22:51 - 00034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll 2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2014-12-12 23:25 - 2014-12-12 23:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-04-14 20:41 - 2014-04-14 20:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2014-10-31 08:59 - 2014-08-12 10:42 - 00736768 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe 2014-02-18 16:03 - 2014-02-18 16:03 - 04697968 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe 2014-01-11 12:30 - 2013-04-19 22:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-03-18 22:22 - 2014-03-18 22:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll 2014-10-31 08:59 - 2014-10-15 13:56 - 00382464 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll 2014-10-31 08:59 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll 2014-10-31 08:59 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll 2014-10-31 08:59 - 2014-04-29 17:11 - 00067072 _____ () C:\Program Files (x86)\Syncios\zlib1.dll 2014-10-31 08:59 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2014-01-11 12:19 - 2013-09-12 22:55 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-01-11 12:30 - 2013-05-02 23:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll 2014-12-15 08:38 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-15 08:38 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-15 08:38 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-15 08:38 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3204 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3256 AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3357 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2371548481-2500731307-350997382-500 - Administrator - Disabled) Dominik Koloszczyk (S-1-5-21-2371548481-2500731307-350997382-1000 - Administrator - Enabled) => C:\Users\Dominik Koloszczyk Guest (S-1-5-21-2371548481-2500731307-350997382-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/23/2014 00:10:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3 Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4 Exception code: 0xc0000005 Fault offset: 0x0000d455 Faulting process id: 0x1fb0 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (12/23/2014 00:03:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 11:08:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 11:03:43 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/23/2014 11:03:43 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/23/2014 10:47:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 09:24:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 08:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2014 10:18:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: PaintDotNet.exe, version: 4.5.5454.39504, time stamp: 0x5484cd44 Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f83ff Exception code: 0xc0000005 Fault offset: 0x000000000003c3f9 Faulting process id: 0x1cbc Faulting application start time: 0xPaintDotNet.exe0 Faulting application path: PaintDotNet.exe1 Faulting module path: PaintDotNet.exe2 Report Id: PaintDotNet.exe3 Error: (12/22/2014 09:26:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AxureRP.exe, version: 7.0.0.3174, time stamp: 0x54417bfe Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86 Exception code: 0xe0434352 Fault offset: 0x0000c42d Faulting process id: 0x26a8 Faulting application start time: 0xAxureRP.exe0 Faulting application path: AxureRP.exe1 Faulting module path: AxureRP.exe2 Report Id: AxureRP.exe3 System errors: ============= Error: (12/23/2014 00:03:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (12/23/2014 11:08:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (12/23/2014 10:47:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (12/23/2014 09:24:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{1CCB96F4-B8AD-4B43-9688-B273F58E0910}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/23/2014 09:24:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (12/23/2014 09:23:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (12/23/2014 09:23:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (12/23/2014 09:23:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (12/23/2014 09:23:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (12/23/2014 09:23:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{1CCB96F4-B8AD-4B43-9688-B273F58E0910}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (12/23/2014 00:10:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe39.0.2171.95548243f3chrome.dll39.0.2171.9554823ff4c00000050000d4551fb001d01ea032d75eb6C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll57b8a9e6-8a94-11e4-85fe-ecf4bb036f5a Error: (12/23/2014 00:03:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 11:08:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 11:03:43 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe Error: (12/23/2014 11:03:43 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files\CCleaner\CCleaner64.exe Error: (12/23/2014 10:47:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 09:24:08 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/23/2014 08:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/22/2014 10:18:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: PaintDotNet.exe4.5.5454.395045484cd44MSVCR120.dll12.0.21005.1524f83ffc0000005000000000003c3f91cbc01d01dc2dfaab886C:\Program Files\paint.net\PaintDotNet.exeC:\Windows\system32\MSVCR120.dll8ee95db2-89bb-11e4-a01f-ecf4bb036f5a Error: (12/22/2014 09:26:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AxureRP.exe7.0.0.317454417bfeKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d26a801d01dbebb730e42C:\Program Files (x86)\Axure\Axure RP Pro 7.0\AxureRP.exeC:\Windows\syswow64\KERNELBASE.dll2be92973-89b4-11e4-a01f-ecf4bb036f5a ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz Percentage of memory in use: 37% Total physical RAM: 8097.41 MB Available physical RAM: 5064.6 MB Total Pagefile: 16193.01 MB Available Pagefile: 12376.86 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:226.19 GB) (Free:143.46 GB) NTFS Drive y: (RECOVERY) (Fixed) (Total:12.25 GB) (Free:4.35 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive z: () (Network) (Total:3246.46 GB) (Free:3.55 GB) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: B9C0B2A6) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=226.2 GB) - (Type=07 NTFS) ==================== End Of Log ============================