Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04 Ran by Tomek at 2015-04-18 00:11:34 Running from C:\Users\Tomek\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Ashampoo Burning Studio 8.04 (HKLM-x32\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.4 - ashampoo GmbH & Co. KG) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies) AVG 2015 (Version: 15.0.4328 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Dzielenie i łączenie plików v1.2.2 (HKLM-x32\...\Dzielenie i łączenie plików_is1) (Version: - Michał Bąbik) EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Easy File Locker 1.5 (HKLM-x32\...\Easy File Locker) (Version: 1.5 - XOSLAB.COM) EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) Huawei E3372 (HKLM-x32\...\Huawei E3372) (Version: 22.001.22.03.1202 - Huawei Technologies Co.,Ltd) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 37.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {07611DF6-FA30-45B0-A987-6E274CDEE787} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {0B8C2993-3695-4695-B903-40EB19D48106} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {201CF5A9-209E-4AD5-8FC0-EB0F6D3FCADB} - System32\Tasks\{F5541B6B-5842-4A8C-B2F7-24912C72A43F} => pcalua.exe -a "J:\Program Files\FIFA 14\__Installer\vc\vc2010sp1\redist\vcredist_x86.exe" -d "J:\Program Files\FIFA 14\__Installer\vc\vc2010sp1\redist" Task: {34C85192-9A1D-4E75-BA30-870E1818A350} - System32\Tasks\{5F7730DA-A7F3-4F08-B95D-ECF817C58644} => pcalua.exe -a "J:\Program Files\FIFA 14\__Installer\dotnet\dotnet35sp1\redist\dotnetfx35.exe" -d "J:\Program Files\FIFA 14\__Installer\dotnet\dotnet35sp1\redist" Task: {367068CF-787A-4AFE-9269-62CC93FB2179} - System32\Tasks\{F7A8569C-2EC7-4B6F-BAEB-4F4ABF9FF8C6} => pcalua.exe -a "C:\Program Files (x86)\SalePlus\0c9QbvsY7GF31y.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" "" Task: {57265F27-E203-4B2C-819A-379904AF8D09} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {6D1D6E9F-95DC-4B3D-912A-78C0EFD911BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated) Task: {75D6E7F3-23CB-4CDA-A683-A230774C5DD6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {9C7A1883-C45A-4EFC-8AEC-F40607297F31} - System32\Tasks\bmicpen => C:\Users\Tomek\AppData\Local\Temp\wnqieun.exe [2015-04-16] () <==== ATTENTION Task: {C777653B-1170-4A35-B3F3-59049B783B5D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {CF59B6B2-F195-414C-A36E-2D176DE7B1EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {D38044B5-53BA-408A-9371-D0D73C490DB4} - System32\Tasks\{C57F00E5-E9C7-4388-B6C1-203692462626} => pcalua.exe -a "C:\Program Files (x86)\Bookolio\Bookolio.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" "" Task: {D5657B1D-741B-4089-AE94-E642C5A817D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F4EEDB70-3C49-4DA0-A555-208357E38A01} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {FDC12AFA-3AA2-4ABE-8608-93F019700244} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2014-04-10 23:19 - 2014-04-10 23:19 - 00464896 _____ () C:\ProgramData\{5967b0a1-0bde-d483-5967-7b0a10bdc284}\FIFA 14 Ultimate Edition Key Generator.exe 2015-04-17 01:06 - 2015-03-20 05:44 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-04-17 01:06 - 2013-12-02 04:52 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2015-04-17 01:06 - 2013-12-11 15:12 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2015-04-17 01:06 - 2015-03-20 05:44 - 00185672 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57702459.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57702459.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1910233873-1700316264-2321489004-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomek\Documents\!Decrypt-All-Files-aoayoqa.bmp DNS Servers: 192.168.8.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AVGIDSAgent => 2 MSCONFIG\Services: avgwd => 2 MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ==================== Accounts: ============================= Administrator (S-1-5-21-1910233873-1700316264-2321489004-500 - Administrator - Disabled) Gość (S-1-5-21-1910233873-1700316264-2321489004-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1910233873-1700316264-2321489004-1002 - Limited - Enabled) Tomek (S-1-5-21-1910233873-1700316264-2321489004-1001 - Administrator - Enabled) => C:\Users\Tomek ==================== Faulty Device Manager Devices ============= Name: O:\ Description: TF CARD Storage Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: HUAWEI Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: N:\ Description: USB MS Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: INTENSO Description: Twister Line Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Intenso Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: K:\ Description: USB SD Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: M:\ Description: USB SM Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (04/17/2015 11:11:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 11:10:15 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: System Windows nie może uzyskać dostępu do pliku z jednej z następujących przyczyn: problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku. System Windows zamknął program wnqieun.exe z powodu tego błędu. Program: wnqieun.exe Plik: Wartość błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie. Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu komputerowego, aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: 00000000 Typ dysku: 0 Error: (04/17/2015 11:10:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wnqieun.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x553022d0 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000096 Przesunięcie błędu: 0x020b2590 Identyfikator procesu powodującego błąd: 0x7d8 Godzina uruchomienia aplikacji powodującej błąd: 0xwnqieun.exe0 Ścieżka aplikacji powodującej błąd: wnqieun.exe1 Ścieżka modułu powodującego błąd: wnqieun.exe2 Identyfikator raportu: wnqieun.exe3 Error: (04/17/2015 10:54:53 PM) (Source: Adobe Reader) (EventID: 16) (User: ) Description: Error: (04/17/2015 10:52:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 10:51:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wnqieun.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x553022d0 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x02424057 Identyfikator procesu powodującego błąd: 0x884 Godzina uruchomienia aplikacji powodującej błąd: 0xwnqieun.exe0 Ścieżka aplikacji powodującej błąd: wnqieun.exe1 Ścieżka modułu powodującego błąd: wnqieun.exe2 Identyfikator raportu: wnqieun.exe3 Error: (04/17/2015 10:51:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000004e920f Identyfikator procesu powodującego błąd: 0x9e4 Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0 Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1 Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2 Identyfikator raportu: NvStreamNetworkService.exe3 Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] System errors: ============= Error: (04/17/2015 11:54:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Disc Soft Lite Bus Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/17/2015 11:54:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft .NET Framework NGEN v4.0.30319_X86 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/17/2015 11:54:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft .NET Framework NGEN v4.0.30319_X64 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/17/2015 11:54:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Huawei E3372 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA GeForce Experience Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/17/2015 11:54:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office Sessions: ========================= Error: (04/17/2015 11:11:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 11:10:15 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: wnqieun.exe000000000 Error: (04/17/2015 11:10:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wnqieun.exe0.0.0.0553022d0unknown0.0.0.000000000c0000096020b25907d801d07952d5f0e07fC:\Users\Tomek\AppData\Local\Temp\wnqieun.exeunknown24092983-e546-11e4-be8f-0c5b8f279a64 Error: (04/17/2015 10:54:53 PM) (Source: Adobe Reader) (EventID: 16) (User: ) Description: Error: (04/17/2015 10:52:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2015 10:51:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wnqieun.exe0.0.0.0553022d0unknown0.0.0.000000000c00000050242405788401d079502f12d70dC:\Users\Tomek\AppData\Local\Temp\wnqieun.exeunknown798ac766-e543-11e4-be28-0c5b8f279a64 Error: (04/17/2015 10:51:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9e401d0795031d5cfbeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe78dd02f2-e543-11e4-be28-0c5b8f279a64 Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (04/17/2015 10:50:53 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] CodeIntegrity Errors: =================================== Date: 2015-04-03 23:07:24.081 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:07:24.050 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:07:23.925 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\Rar$EXa0.102\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:07:23.894 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\Rar$EXa0.102\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:03:15.908 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:03:15.876 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:03:15.746 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 23:03:15.714 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 14:51:23.507 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-03 14:51:23.476 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Tomek\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Percentage of memory in use: 27% Total physical RAM: 8190.49 MB Available physical RAM: 5945.5 MB Total Pagefile: 16379.18 MB Available Pagefile: 13927.43 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:80.28 GB) (Free:26.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Programy) (Fixed) (Total:50.29 GB) (Free:50.19 GB) NTFS Drive e: (gry i programy) (Fixed) (Total:42.03 GB) (Free:28.04 GB) NTFS Drive i: () (Fixed) (Total:100.23 GB) (Free:21.42 GB) NTFS Drive j: () (Fixed) (Total:265.16 GB) (Free:257.93 GB) NTFS Drive p: () (Fixed) (Total:100.12 GB) (Free:41.74 GB) NTFS Drive q: (INTENSO) (Removable) (Total:7.26 GB) (Free:1.69 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EF4CEF4C) Partition 1: (Active) - (Size=80.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=152.6 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 2780D18C) Partition 1: (Active) - (Size=251 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=100.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=265.2 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 7.3 GB) (Disk ID: 443881BA) Partition 1: (Not Active) - (Size=7.3 GB) - (Type=0B) ==================== End Of Log ============================