Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by dbube (11-04-2019 09:55:21)
Running from C:\Users\dbube\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-25 08:35:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4246267622-4105470206-3163352383-500 - Administrator - Disabled)
dbube (S-1-5-21-4246267622-4105470206-3163352383-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-4246267622-4105470206-3163352383-503 - Limited - Disabled)
Guest (S-1-5-21-4246267622-4105470206-3163352383-501 - Limited - Disabled)
SERVIS (S-1-5-21-4246267622-4105470206-3163352383-1003 - Limited - Enabled) => C:\Users\SERVIS
Vlasta Petrová (S-1-5-21-4246267622-4105470206-3163352383-1002 - Administrator - Enabled) => C:\Users\Vlasta Petrová
WDAGUtilityAccount (S-1-5-21-4246267622-4105470206-3163352383-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
AIDA64 Extreme v5.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.92 - FinalWire Ltd.)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Creative Photos 1.7.0.0 (HKLM-x32\...\Creative Photos) (Version: 1.7.0.0 - Imaxel Labs S.L)
Discord (HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.91 - NVIDIA Corporation) Hidden
Driver Easy 5.6.9 (HKLM\...\DriverEasy_is1) (Version: 5.6.9 - Easeware)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Geeks3D FurMark 1.20.0.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.20 - PandoraTV)
Microsoft OneDrive (HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{FAB43061-FEFB-46E8-A159-96710395DB5E}) (Version: 3.2.9505 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version:  - PokerStars.cz)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SD Card Recovery (HKLM-x32\...\{09907A60-5843-4E83-A471-3102A42231B8}_is1) (Version:  - LC Technology International, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.15 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.15 - General Workings, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Sims 4 v.1.40.61.1020 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
Twitch (HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.4.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => D:\Programy\RevoUninstaler Pro 3.1.9\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0826FD61-D534-4B40-8F02-10CCF89FE28A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {11DEFF87-DE15-4F7E-8F0C-06318185A036} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D5A33F9-EF67-4AD0-9F9C-0C1C3F499701} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3347873D-004E-4811-B1FD-7B8332197A4D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37735B57-5511-4F77-861A-C46F9232430F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {383C223F-AF8C-4268-8C8F-1C063E255316} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {3A870DFE-6D9B-4201-A6B0-9AE5E2DF5B69} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {54F0C8B4-E906-4344-B64C-2BFA9D149908} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A2BF228-8D9E-472B-BC2A-925E765C1C15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6A77B8B4-911E-43A7-A94B-AF1D28A05EED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77DC9278-6233-488C-9934-A541FB75C827} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7B8DF961-5609-429D-93E2-2C05668C8271} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D6F7795-957D-483D-8BFE-67FE5568D1B3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {802B2433-E3B3-44BA-9583-36AB488840FA} - System32\Tasks\DriverDoc automatic scan and new device notifications => C:\Program Files (x86)\DriverDoc\DOCTray.exe
Task: {91C2586C-CFB4-4DF1-98B6-6934919B39A0} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
Task: {9E7DF9F1-45D1-4172-852F-3E1A6A4F3FE5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {AB3BE03F-26C6-489E-B696-1745191CD4F7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2EBFD6E-57A0-4857-ACCB-998F9DB8583F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CCE26AAC-E8D3-4C39-A92A-19B7730FDEC7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D85BE31F-9628-4415-B1C4-D76A95A6C879} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8346937-E9F7-48D4-8B27-C1C6BCC5F855} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-01 11:00 - 2015-02-22 22:30 - 000416168 _____ (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-02-28 12:26 - 2019-04-03 14:38 - 000000950 ____R C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1         app.drivereasy.com
149.202.196.40         dow0.drivereasy.com
149.202.196.40         dow1.drivereasy.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\artsfon.com-70424.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{423B6151-600D-4DE4-BE97-90EF6BB0E9E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A79D3CB-B772-4BED-A4DA-89718ACF547E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23D62AD2-A8BD-4139-9FF9-B10410E45687}] => (Allow) D:\Hry\GTA V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{4CA8B9AB-2EF4-4CA7-B970-E52C64DA8C48}] => (Allow) D:\Hry\GTA V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{97E0D723-D1B4-409C-B312-387D2D203194}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{A92BF7BF-C9E5-4BE4-9B43-E4060F891A17}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CC56BFAD-CB9A-43BB-86CB-B3AA64D0FB71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{46F23AEF-A775-4619-99B8-C54A96D09A59}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AE924D6B-E43E-4B88-A27E-8753BCBDE85C}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{5FFD50B5-3F72-4737-9A54-04503449C8EF}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{842F68FB-6878-45D5-9186-3FE5798D06DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{596105DB-BBB5-48C5-9975-431E6AA6FD2F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EE0CCDD2-BFE9-4EE8-AFA2-4D8786572BBC}] => (Allow) D:\Hry\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8843713A-BCDB-4DC9-83A7-F597796D476A}] => (Allow) D:\Hry\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F30BD745-6A82-41FD-97A3-C1E0A362A616}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D525F9E3-B21D-4B02-A237-69A5E1832189}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CA5B208D-580D-43B9-93D4-933DA5E14F06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0613B29E-B660-4DBC-8275-C3889A7B3775}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB6D28AE-32FD-43F1-842B-F4B15069D697}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{63D90ECF-8CC2-4353-B598-53A5286E1A48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D4E9A5FB-9E1F-458E-8420-EF15F66F33AA}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{F6083289-04EA-4B57-B697-6D839BFC55DA}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{637146C4-B88A-4634-A4D2-E69A4C4D718F}C:\users\dbube\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\dbube\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{3D5D2EAA-5983-4696-BADF-DEC60978C99B}C:\users\dbube\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\dbube\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{81D6E027-7F4C-4304-9B0D-DE722F67071E}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{E2D4AECA-4327-4F23-91B4-925D44A2611C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D67496C5-4AD3-498E-8DCF-3070EEBAD3D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2FC65FBC-0462-4393-876F-F3F84C34DAAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D3492954-D135-48DD-94C4-79A906FBB7AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41E602FE-A657-4B11-8677-8BB07FDE263F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B93C425-84B8-4649-A2E5-8455FFE42ED6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0C6D5B84-BC8B-45B3-BE9A-1FE5A89F5084}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{091D9CDD-C1A9-4F94-AE23-B4B93CFA3018}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F680D05-00A9-45E8-8087-86FE674CCB21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2019 09:51:43 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 07:04:08 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 06:58:16 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 04:16:20 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 04:12:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 02:31:36 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/10/2019 01:08:24 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-TA659B5)
Description: httphttp-2147467263

Error: (04/09/2019 04:40:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FiveM.exe, verze: 1.0.0.0, časové razítko: 0x5c96202e
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.17134.619, časové razítko: 0xf74cf274
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006e14e
ID chybujícího procesu: 0x1aa0
Čas spuštění chybující aplikace: 0x01d4eee2147fc524
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\FiveM\FiveM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: f5381926-66cd-40fb-b9fc-86c11c21b972
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/11/2019 09:53:59 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/11/2019 09:51:43 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/11/2019 09:51:32 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/11/2019 09:51:32 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/11/2019 09:51:31 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/10/2019 07:04:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscDataProtection
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/10/2019 07:04:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscBrokerManager
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/10/2019 07:04:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-04-03 14:37:48.483
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\dbube\Desktop\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.291.1065.0, AS: 1.291.1065.0, NIS: 1.291.1065.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-04-03 14:37:41.411
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\dbube\Desktop\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.291.1065.0, AS: 1.291.1065.0, NIS: 1.291.1065.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-04-03 14:37:26.151
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\dbube\Desktop\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.291.1065.0, AS: 1.291.1065.0, NIS: 1.291.1065.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-04-03 14:37:20.091
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\dbube\Desktop\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-TA659B5\dbube
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze podpisu: AV: 1.291.1065.0, AS: 1.291.1065.0, NIS: 1.291.1065.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-03-07 11:10:09.324
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F2F05C04-22D6-464F-8E76-0B8B780267D8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-18 11:27:56.099
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.287.189.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě. 

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 20%
Total physical RAM: 16326.65 MB
Available physical RAM: 12956.88 MB
Total Virtual: 18758.65 MB
Available Virtual: 13340.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.15 GB) (Free:31.97 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1017.64 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-60d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B2B6CE97)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================