Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014 Ran by user at 2014-09-15 15:55:19 Running from C:\Users\user\Desktop\Logi\FRST Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Advanced Disk Recovery (HKLM-x32\...\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1) (Version: 2.5.500.15827 - Systweak Software) AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{1D860FF8-2DA9-816C-514D-8D8EA693B0BB}) (Version: 3.0.820.0 - ATI Technologies, Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.84.7-110328a-122721C-Lenovo - ATI Technologies, Inc.) Catalyst Control Center (x32 Version: 2011.0328.1145.19234 - Nazwa firmy) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0328.1145.19234 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0328.1145.19234 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2011.0328.1145.19234 - ATI) Hidden Catalyst Control Center Profiles Mobile (x32 Version: 2011.0328.1145.19234 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Czech (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Danish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Dutch (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help English (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Finnish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help French (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help German (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Greek (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Hungarian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Italian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Japanese (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Korean (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Norwegian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Polish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Portuguese (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Russian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Spanish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Swedish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Thai (x32 Version: 2011.0328.1144.19234 - ATI) Hidden CCC Help Turkish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden ccc-utility64 (Version: 2011.0328.1145.19234 - ATI) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden ESET NOD32 Antivirus (HKLM\...\{0D0F73C4-2DCE-4873-BC56-34E71BDAFEFA}) (Version: 7.0.317.4 - ESET, spol s r. o.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - ) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PC Cleaner (HKLM-x32\...\{25780A42-8553-4a2e-AA54-F413C5D8DA19}_is1) (Version: 2.1.1000.510 - Systweak Software) Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.) Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Systweak Support Dock (HKLM-x32\...\{266DBE1C-B640-46ee-9A6D-86F0A1E483B9}_is1) (Version: 1.1.100.15826 - Systweak Software) Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2998465589-3353643995-20242465-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2998465589-3353643995-20242465-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2998465589-3353643995-20242465-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2998465589-3353643995-20242465-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2998465589-3353643995-20242465-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 06-09-2014 10:37:10 Installed Java 7 Update 67 07-09-2014 23:17:03 PC Cleaner - Punkt przywracania przed czyszczeniem 08-09-2014 16:56:17 Windows Update 11-09-2014 01:00:26 Windows Update 11-09-2014 11:15:49 PC Cleaner - Punkt przywracania przed czyszczeniem 12-09-2014 12:12:30 Zainstalowano ESET NOD32 Antivirus 15-09-2014 10:41:45 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-09-12 18:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {930AFDDD-2A58-496A-BFBF-7DB73A6556B6} - System32\Tasks\{C9AE1344-E873-4C5A-BF68-5F7024D75FEC} => C:\Program Files (x86)\Microsoft Office\Office12\PPTVIEW.EXE [2011-10-05] (Microsoft Corporation) Task: {B088F711-E918-439D-BF66-BC7684E594C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12] (Google Inc.) Task: {CF143C78-EB63-4833-A296-6224B0F797AF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {DC8ED9C8-F26F-40B8-B24F-3CF2A28C41BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-15 15:37 - 2014-09-15 15:32 - 00380416 _____ () C:\Users\user\Desktop\Logi\GMER\gsch7ey0.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/15/2014 00:34:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 03:47:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 01:57:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 01:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 11:44:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 11:40:42 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program IEXPLORE.EXE w wersji 11.0.9600.17280 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: c04 Godzina rozpoczęcia: 01cfce6c60dd6fa6 Godzina zakończenia: 4171 Ścieżka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Identyfikator raportu: Error: (09/12/2014 11:30:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 00:55:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2014 11:23:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: IEXPLORE.EXE, wersja: 11.0.9600.17280, sygnatura czasowa: 0x53f262ac Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x35356c36 Identyfikator procesu powodującego błąd: 0x9a0 Godzina uruchomienia aplikacji powodującej błąd: 0xIEXPLORE.EXE0 Ścieżka aplikacji powodującej błąd: IEXPLORE.EXE1 Ścieżka modułu powodującego błąd: IEXPLORE.EXE2 Identyfikator raportu: IEXPLORE.EXE3 Error: (09/11/2014 04:41:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (09/15/2014 00:29:58 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (09/15/2014 00:22:51 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (09/12/2014 06:08:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (09/12/2014 04:00:58 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (09/12/2014 03:57:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (09/12/2014 03:46:20 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000050 (0xfffff880b9cd9360, 0x0000000000000000, 0xfffff88005789a18, 0x0000000000000005)C:\Windows\MEMORY.DMP091214-55115-01 Error: (09/12/2014 03:46:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:44:50 na ‎2014-‎09-‎12 było nieoczekiwane. Error: (09/12/2014 02:17:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa ESET Service jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (09/12/2014 01:57:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%2 Error: (09/12/2014 01:55:36 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000050 (0xfffff880b9f0ab60, 0x0000000000000000, 0xfffff8800576da18, 0x0000000000000005)C:\Windows\MEMORY.DMP091214-17643-01 Microsoft Office Sessions: ========================= Error: (09/15/2014 00:34:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 03:47:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 01:57:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 01:46:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 11:44:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 11:40:42 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17280c0401cfce6c60dd6fa64171C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Error: (09/12/2014 11:30:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/12/2014 00:55:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/11/2014 11:23:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: IEXPLORE.EXE11.0.9600.1728053f262acunknown0.0.0.000000000c000000535356c369a001cfce02430fbdc1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknowndb6398b2-39f9-11e4-9a3e-60d819e3d858 Error: (09/11/2014 04:41:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-09-12 16:00:58.286 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-12 16:00:58.161 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz Percentage of memory in use: 73% Total physical RAM: 1991.86 MB Available physical RAM: 521.55 MB Total Pagefile: 3983.72 MB Available Pagefile: 2280.7 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:421.81 GB) (Free:369.87 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:20.07 GB) NTFS Drive e: (HBCD-15.1) (CDROM) (Total:2.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0F8E2364) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End Of Log ============================