Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-06-2015 01
Ran by Dale at 2015-06-24 02:05:17
Running from C:\Users\Dale\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3144670501-793434127-3194825423-500 - Administrator - Disabled)
Dale (S-1-5-21-3144670501-793434127-3194825423-1000 - Administrator - Enabled) => C:\Users\Dale
Guest (S-1-5-21-3144670501-793434127-3194825423-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2011 (Disabled - Out of date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2011 (Disabled - Out of date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Crystal Eye Webcam 2.0.8 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8 - SuYin)
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer Registration (HKLM\...\Acer Registration) (Version: - Acer - Leader Technologies)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 3 (HKLM\...\Advanced SystemCare 3_is1) (Version: 3.7.3 - IObit)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2011 (Version: 10.0.1390 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1391 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1392 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1410 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1411 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1415 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1416 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.1424 - AVG Technologies) Hidden
BearShare (HKLM\...\BearShare) (Version: 12.0.0.134600 - Musiclab, LLC)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
EPSON Artisan 730 Series Printer Uninstall (HKLM\...\EPSON Artisan 730 Series) (Version: - SEIKO EPSON Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FrostWire 6.0.7 (HKLM\...\FrostWire 6) (Version: 6.0.7.4 - FrostWire LLC)
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
IObit Malware Fighter 3 (HKLM\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 -
http://www.lightscribe.com) Hidden
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.55.3.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.0.657.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.2.6322 - NewTech Infosystems) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
StudioTax 2013 (HKLM\...\{8D18F314-6668-4E2F-936A-70025F2D40C7}) (Version: 9.1.7.0 - BHOK IT Consulting)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.4.0 - Synaptics)
System Requirements Lab CYRI (HKLM\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Zune (HKLM\...\Zune) (Version: 04.07.1404.01 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-3144670501-793434127-3194825423-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No Filepath
==================== Restore Points =========================
21-06-2015 14:02:46 Restore Operation
21-06-2015 14:32:33 Windows Update
21-06-2015 15:39:14 Restore Operation
21-06-2015 16:00:08 Windows Update
21-06-2015 17:22:19 Restore Operation
22-06-2015 16:53:54 Restore Operation
22-06-2015 19:50:03 Windows Update
22-06-2015 20:29:51 Removed AVG 2011
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E652846-4486-4FB0-81E2-AD45CE5A8805} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {76B2689C-627C-4A0B-B17C-70E54857A832} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3144670501-793434127-3194825423-1000Core => C:\Users\Dale\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {7B6079D5-842E-4801-96BF-286CB4D3FDC7} - System32\Tasks\AWC AutoCare => C:\Program Files\IObit\Advanced SystemCare 3\AutoCare.exe [2010-01-22] (IObit)
Task: {88C17DE1-2F8C-4D25-A035-2067152EFB7C} - System32\Tasks\{459B19C3-ADE4-4DA6-AE75-AB606A76100D} => pcalua.exe -a C:\Users\Dale\Pictures\MP10Setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {8B138EAB-A157-41D7-B89A-C41E6A4D3492} - System32\Tasks\{AE2DA9EE-362D-4A49-8FE4-20E9561F5F22} => C:\Program Files\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {8CA173C4-9CB2-493D-B5DD-B410A62AB0A4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3144670501-793434127-3194825423-1000UA => C:\Users\Dale\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {9CFFFDF0-6AF6-42B4-8AA9-AFABB39505E3} - System32\Tasks\{C6D949DF-AE47-48EF-87EE-B54BD9AC7D12} => pcalua.exe -a C:\Users\Dale\Pictures\MP10Setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A462787A-EAA5-4DB5-879D-7CD2E66A4782} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Dale => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {A4BADB48-0AFE-427C-9405-43F51308F095} - System32\Tasks\{FFF16A5D-303A-4AA0-AA20-82DC0D1E162E} => pcalua.exe -a E:\Sims2DoubleDeluxe_uninst.exe -d E:\
Task: {F060B5CD-AC9E-41AD-B482-DFB0C25E0373} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {FE937C5B-BE95-47BC-95D4-149075CAA287} - System32\Tasks\{5BE699E8-84B5-4640-8E3C-B38EF1C0471C} => C:\Program Files\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AWC AutoCare.job => C:\Program Files\IObit\Advanced SystemCare 3\AutoCare.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144670501-793434127-3194825423-1000Core.job => C:\Users\Dale\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144670501-793434127-3194825423-1000UA.job => C:\Users\Dale\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2009-01-25 16:42 - 2007-12-06 17:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe
2009-01-25 16:42 - 2007-11-27 16:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2015-06-24 01:06 - 2015-06-24 01:06 - 16867504 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3144670501-793434127-3194825423-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4952 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3144670501-793434127-3194825423-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dale\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Dale^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\Windows\pss\LimeWire On Startup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dale^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acer Product Registration => "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher =>
MSCONFIG\startupreg: ArcadeDeluxeAgent =>
MSCONFIG\startupreg: AutoStartNPSAgent =>
MSCONFIG\startupreg: AVG9_TRAY =>
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: BkupTray => "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
MSCONFIG\startupreg: CLMLServer =>
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: eDataSecurity Loader =>
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: ePower_DMC =>
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LManager => C:\PROGRA~1\LAUNCH~1\LManager.exe
MSCONFIG\startupreg: MSSE => "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PlayMovie =>
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: QuickTime Plugin Install => C:\Program Files\QuickTime\Plugins\DeleteMe1.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile-based device management => %windir%\WindowsMobile\wmdSync.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{55E5AC1D-E66C-4A6D-AB6E-40A1926AA6D5}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{5B94FB7E-4F9E-4B8F-BE1F-9FE57EAFC1EE}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{D96831D0-CC53-4431-93DF-12540E7B4B56}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{A9040098-4CFE-4906-BCF6-B3995F1428DE}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{43ED8461-8264-41CF-A543-E155F7D1C18B}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{7A345D19-4342-4FF5-9267-2E3B9E92DA01}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0B538B91-DA99-4709-B4D4-0B6AC6ADA895}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{782B1532-616A-4555-933B-0D7A609CB435}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{CBFCEE09-B268-40D0-9B98-8253B9881C48}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{0F388B47-814E-4F3F-82B2-859760D32881}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [TCP Query User{02A73F59-0CE5-42DA-9244-C1621584DC74}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A181BEE0-910D-45F5-9E76-4C52078BBA42}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{7ED23C7C-332C-46F3-B042-FC120E681AA2}] => (Allow) svchost.exe
FirewallRules: [{FD7E183A-BB57-40C8-BD78-3DB69DA0798A}] => (Allow) LPort=80
FirewallRules: [{CC526EDB-19C9-412B-9E36-7138A1F6EA0E}] => (Allow) LPort=80
FirewallRules: [{BEE08D17-F826-4F1A-B428-2F60F4A0F8D7}] => (Allow) LPort=80
FirewallRules: [{BACE67D1-27C4-4C2C-AD6B-0A434CB73BA8}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{7BA2D625-8B4B-4FD9-9A0D-3AD3A9524404}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{56336479-9737-4FFE-8855-918D7F9C9FBD}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{DD607388-D62F-4111-AB7F-5F425F6834A5}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A387A9DE-08E2-4D72-B51E-9300D996A556}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{7E086363-D096-4BC5-8180-A3282A5428AE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D68679D9-B780-41DC-ADAF-6E612F319B8D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C9CF640F-13DD-41A7-9D8F-CE726782E236}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B83F0FAC-1B5E-4F53-9F88-BA95E060C321}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{11F8C88E-22A9-4159-B2C1-EC9F16779F11}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{9F6D66FA-766E-4B94-8EEE-FEFF60F641AC}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{E404DEC5-0DB3-4E68-8156-0EC707A5928D}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{14D17D38-9566-45AA-A679-265382624BBC}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{584EB9BC-7127-4721-A8DE-5F6695981C65}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{A9897707-6CBD-4577-96B5-190E3F64E8A5}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{D5DFA828-2EDF-48E6-9214-0DE1E4BBD070}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3C7E5A60-00F0-4B5E-99C4-EE789FEE5557}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{9E0B2BB4-38A8-4BC5-A1EE-8691BAB10217}] => (Allow) svchost.exe
FirewallRules: [{DE73DD72-30B0-4256-9A95-1D0A571254ED}] => (Allow) C:\Program Files\FrostWire\FrostWire.exe
FirewallRules: [{CB1F1EAA-FB90-4370-9B20-B67D151CB612}] => (Allow) C:\Program Files\FrostWire\FrostWire.exe
FirewallRules: [TCP Query User{26DEC40E-E861-40CB-A0FA-B97443253640}C:\program files\frostwire\frostwire.exe] => (Block) C:\program files\frostwire\frostwire.exe
FirewallRules: [UDP Query User{F85B39CE-932A-4367-83F0-E13A32D78027}C:\program files\frostwire\frostwire.exe] => (Block) C:\program files\frostwire\frostwire.exe
FirewallRules: [TCP Query User{006E1401-1F8F-4EF5-8EAD-6DB57ACDB3CA}C:\program files\rogers\rogers one number\rogersonenumber.exe] => (Allow) C:\program files\rogers\rogers one number\rogersonenumber.exe
FirewallRules: [UDP Query User{0AD2F68B-E1C6-45DE-890F-585FF498E92E}C:\program files\rogers\rogers one number\rogersonenumber.exe] => (Allow) C:\program files\rogers\rogers one number\rogersonenumber.exe
FirewallRules: [TCP Query User{4D72A92C-4A5E-463C-8B29-FB09E9D680CD}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B12173E9-92A5-4E2A-B198-7E3C7831DE23}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{67EA706C-7BA4-4DCE-B03A-FFCE0B479A3D}C:\program files\frostwire 5\frostwire.exe] => (Block) C:\program files\frostwire 5\frostwire.exe
FirewallRules: [UDP Query User{5EED698D-66CD-4228-A3B5-E5D537431E5E}C:\program files\frostwire 5\frostwire.exe] => (Block) C:\program files\frostwire 5\frostwire.exe
FirewallRules: [{4C073957-B916-4F17-8810-BB6389DC9630}] => (Allow) C:\Program Files\FrostWire 5\FrostWire.exe
FirewallRules: [{7917CF22-5E36-453A-B6FE-B0BC8F582881}] => (Allow) C:\Program Files\FrostWire 5\FrostWire.exe
FirewallRules: [{C892A4BF-25B9-46E0-9B42-9F1FF1043691}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{99835B51-E93A-4807-824F-A29DAB4DBF88}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{2EBF4329-8003-4652-9484-B3066F935589}] => (Allow) LPort=4481
FirewallRules: [{8913A08E-A97D-4EB6-B123-7DCB9F3A6B57}] => (Allow) LPort=4481
FirewallRules: [{E9D1A187-D8FB-47BC-8EEC-3BAE32D766E0}] => (Allow) LPort=4482
FirewallRules: [{E7C22CAB-245F-4648-9F49-B88C118A1808}] => (Allow) LPort=4482
FirewallRules: [{F0997C44-BA8C-4AD2-89EB-894382A3EE6D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{151A665F-9CCB-4E2D-8881-699B98A6E02F}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{10A30EBE-D4BB-41E1-A806-6029CDD96ECC}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{FF202521-EA8A-4FD6-B47B-090B87D05EB7}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{E08795A5-0821-40FE-ACF8-D4E8C50C7FB6}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{A2572CBC-05F8-4BF4-A922-5FB532AD01A1}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{0A731BC3-13D9-4DAE-9F3F-A22814271D8B}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{3FDC47B8-ED94-4701-B7A7-FCB0793A0E43}] => (Allow) C:\Users\Dale\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{50D1D51E-791B-4A31-B5A3-FF8BAC7650F6}] => (Allow) C:\Program Files\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{19D9DB35-8934-4977-B586-44719616AF34}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C7BB032C-B472-4EDB-9F69-4FB761F5FA94}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{7DB59092-B79B-4746-BE7F-8669D8711736}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{36669886-1431-4090-9800-B56130714205}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1B40E914-45AB-49AF-A199-12F5B4A57C08}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{C4D0B3C2-63BD-4E34-872E-8B9C849387E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{42912EDA-30C2-485E-BBA9-A850B39160A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45CB51E0-CE17-4C92-8042-91CD5C870A84}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{156D555D-1624-4CB1-A2A8-8D051C6D5C7C}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2F895A2B-F01F-4817-B905-68D51CF9EF76}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6B63475E-135D-43CE-B1CB-7B7FB8E229B7}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{616B726B-BC02-413C-92CF-39FBF470CE8D}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1C3A1DF6-B549-4552-ADC9-16ECCFAB4479}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5FB223C7-6C95-4756-A403-614196119A78}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/24/2015 00:13:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2015 05:19:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2015 01:31:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2015 11:40:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2015 10:25:26 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
Error: (06/22/2015 10:25:26 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
Error: (06/22/2015 09:37:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2015 07:36:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2015 07:36:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -551
Error: (06/22/2015 07:36:25 PM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (1496) Catalog Database: Database recovery/restore failed with unexpected error -551.
System errors:
=============
Error: (06/24/2015 00:14:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (06/24/2015 00:13:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/24/2015 00:13:32 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (06/24/2015 00:11:31 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (06/23/2015 05:20:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (06/23/2015 05:20:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (06/23/2015 05:19:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/23/2015 05:19:00 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (06/23/2015 05:17:01 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (06/23/2015 01:32:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-06-24 02:04:42.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:41.204
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:39.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:39.055
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:28.471
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:27.669
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:26.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:26.063
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:25.125
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-06-24 02:04:24.305
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 3000.12 MB
Available physical RAM: 1229.39 MB
Total Pagefile: 6244.48 MB
Available Pagefile: 4532.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.56 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:111.57 GB) (Free:36.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:111.55 GB) (Free:105.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: E199D812)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=111.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111.6 GB) - (Type=07 NTFS)
==================== End of log ============================