﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-02-2016
Ran by Admin (2016-02-28 17:01:44)
Running from C:\Users\Admin\Desktop
Windows 10 Pro (X64) (2016-02-27 04:02:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-224741044-4063502500-3562541365-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-224741044-4063502500-3562541365-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-224741044-4063502500-3562541365-503 - Limited - Disabled)
Guest (S-1-5-21-224741044-4063502500-3562541365-501 - Limited - Disabled)
panpi (S-1-5-21-224741044-4063502500-3562541365-1002 - Administrator - Enabled) => C:\Users\panpi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Catalyst Control Center Next Localization BR (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0223.1031.18888 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CPU Thermometer (HKLM-x32\...\{06EA836D-C7AD-42A0-9C17-47BCDE7E015B}_is1) (Version:  - cputhermometer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-224741044-4063502500-3562541365-1003_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2EBC24DC-5F2A-45BF-9DDF-7D38B566A9AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-26] (Microsoft Corporation)
Task: {30EF6A07-30F7-4B07-B414-9655A8030657} - System32\Tasks\{129A8AD3-3612-4767-A1E8-2C73C5CEC891} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe" -d "C:\Program Files (x86)\Origin Games\Battlefield 3"
Task: {59F24B0A-E464-4D55-9FEF-FC33B0B9B60F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {70CCEEA9-40B2-4E36-AB66-818E71DA8D78} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {A51C58A7-AAD5-4E15-B84C-4F7B4B6DA9A3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-23] (Advanced Micro Devices, Inc.)
Task: {D3BC2ED5-4E42-4A9D-86FB-330201E2EBE8} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {DDCE27A4-CB1C-4BDF-92D9-84870ED6E1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-08-07 21:45 - 2015-08-07 21:45 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-08-26 12:37 - 2015-08-11 10:13 - 00413184 _____ () C:\Windows\System32\diagtrack_win.dll
2016-02-26 20:38 - 2016-02-26 21:21 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-10-07 15:01 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-07 15:01 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-07 15:00 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 14:27 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 14:27 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 14:27 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-07 15:00 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-02-28 16:59 - 2016-02-28 16:59 - 00029696 _____ () C:\Users\Admin\AppData\Local\MSGBOX.EXE
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-12-11 23:20 - 2015-12-11 23:20 - 02610944 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 23:57 - 2010-11-22 23:57 - 00024064 _____ () C:\Program Files (x86)\Raptr\win32pipe.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2016-02-27 05:10 - 2016-02-27 05:10 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2016-02-27 05:10 - 2016-02-27 05:09 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2016-02-27 05:10 - 2016-02-27 05:10 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2016-02-27 05:06 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-27 05:06 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-02-26 19:49 - 2016-02-27 17:11 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

 
127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-224741044-4063502500-3562541365-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\panpi\OneDrive\Pictures\Camera Roll\WP_20160119_001.jpg
HKU\S-1-5-21-224741044-4063502500-3562541365-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-224741044-4063502500-3562541365-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3F63CD51-8577-4ABA-B493-FC3865D9CDEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EAF4AECF-6E6D-449C-99EC-23F1D6CFB998}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B347A361-5D83-4BA0-B6B0-15BBA512607D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{77C88C4C-097B-48BF-80BE-457A331441ED}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{67CF637A-858D-4C43-9F09-6F7A313DBFF2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{42B3D17D-1CCA-4D98-B3EE-6FC3E2ACCE64}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4248E1F5-A4A6-4272-8508-888A72022333}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7DC95BD8-C920-4493-AE26-F0FDBF1E84C7}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{5B5D2A86-99DA-408C-BD97-715EEC04453F}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{4F6BC916-662E-41A1-9A6C-0D0DD1D1E482}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{6E533458-D50D-425B-89F5-0F9FAF1DEF3D}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{9E65AFFF-F095-4095-A921-F2674D0D11FA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{82FDF1A3-0980-451B-B240-B4B036754856}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F0B03629-00D9-475A-B233-3EBBA39FE1EC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ADB5B8C8-7196-4F9D-8B8C-103D58652267}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

==================== Restore Points =========================

27-02-2016 17:11:05 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2016 02:03:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-UDK52AP)
Description: Aplikaci Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App se nepovedlo aktivovat, protože došlo k chybě: -2147024770. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2016 02:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bf3.exe, verze: 1.6.0.0, časové razítko: 0x511c9356
Název chybujícího modulu: bf3.exe, verze: 1.6.0.0, časové razítko: 0x511c9356
Kód výjimky: 0xc0000005
Posun chyby: 0x0038e1a4
ID chybujícího procesu: 0x18e8
Čas spuštění chybující aplikace: 0xbf3.exe0
Cesta k chybující aplikaci: bf3.exe1
Cesta k chybujícímu modulu: bf3.exe2
ID zprávy: bf3.exe3
Úplný název chybujícího balíčku: bf3.exe4
ID aplikace související s chybujícím balíčkem: bf3.exe5

Error: (02/27/2016 11:14:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-UDK52AP)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/27/2016 08:20:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Origin.exe verze 9.11.6.18139 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 173c

Čas spuštění: 01d17189668a199c

Čas ukončení: 13

Cesta k aplikaci: C:\Program Files (x86)\Origin\Origin.exe

ID hlášení: cdf24c70-dd86-11e5-8a9e-50e54969364e

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (02/27/2016 05:11:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (02/27/2016 04:48:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OneDrive.exe, verze: 17.3.6301.127, časové razítko: 0x56a92ed1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.10240.16683, časové razítko: 0x56ad9410
Kód výjimky: 0x80000003
Posun chyby: 0x00132d82
ID chybujícího procesu: 0x148c
Čas spuštění chybující aplikace: 0xOneDrive.exe0
Cesta k chybující aplikaci: OneDrive.exe1
Cesta k chybujícímu modulu: OneDrive.exe2
ID zprávy: OneDrive.exe3
Úplný název chybujícího balíčku: OneDrive.exe4
ID aplikace související s chybujícím balíčkem: OneDrive.exe5

Error: (02/26/2016 08:17:04 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-UDK52AP)
Description: Aplikaci nebo službu AMD FUEL Service nelze restartovat.

Error: (02/27/2016 05:07:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WinStore.Mobile.exe, verze: 2015.7.1.1, časové razítko: 0x55949b98
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.10240.16384, časové razítko: 0x559f39fb
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000006684f
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0xWinStore.Mobile.exe0
Cesta k chybující aplikaci: WinStore.Mobile.exe1
Cesta k chybujícímu modulu: WinStore.Mobile.exe2
ID zprávy: WinStore.Mobile.exe3
Úplný název chybujícího balíčku: WinStore.Mobile.exe4
ID aplikace související s chybujícím balíčkem: WinStore.Mobile.exe5


System errors:
=============
Error: (02/28/2016 02:26:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/28/2016 02:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/28/2016 02:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/28/2016 02:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/28/2016 02:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/28/2016 02:25:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (02/28/2016 01:48:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (02/28/2016 01:48:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UDK52AP)
Description: {01171F65-249E-4EEB-81BD-03E1B0FA1873}

Error: (02/28/2016 01:48:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/28/2016 01:48:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 840 Processor
Percentage of memory in use: 54%
Total physical RAM: 3581.55 MB
Available physical RAM: 1639.77 MB
Total Virtual: 4925.55 MB
Available Virtual: 2326.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:51.54 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 65059862)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================