OTL Extras logfile created on: 2014-12-07 16:46:08 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mariusz\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 48,80% Memory free 8,00 Gb Paging File | 5,77 Gb Available in Paging File | 72,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 443,62 Gb Free Space | 95,27% Space Free | Partition Type: NTFS Drive D: | 2,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MARIUSZ-ASUS | User Name: Mariusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-2376877967-2081922626-2068000606-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Nightly\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 0 "UacDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 0 "UacDisableNotify" = 0 "UpdatesDisableNotify" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03463A94-C054-4A86-BEFD-9806439FF84C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1B3E4F19-34C3-4307-AF3F-9DE2CDBB6531}" = rport=10243 | protocol=6 | dir=out | app=system | "{21B85BBE-AB6F-4CD5-8D11-58BFC82C6FD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{239F0290-C151-4CB5-85E5-05701530BB5C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2AC7251B-0CB2-4138-8B13-A2FBEF9A9E79}" = rport=137 | protocol=17 | dir=out | app=system | "{2BAC78FE-873D-4F46-B074-6632850E64A1}" = lport=139 | protocol=6 | dir=in | app=system | "{2BC6F3FF-9ABB-4EF0-BC66-4AFF37B915C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4148B702-1B1A-43E5-847F-DE73860D7809}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{418F3D5E-5957-4156-833A-3C09ABA82326}" = rport=138 | protocol=17 | dir=out | app=system | "{4D2F2851-B0DD-4527-84A5-8BF1B45C9A45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{57012FC9-CDD0-408D-8BB4-64214F790D90}" = lport=137 | protocol=17 | dir=in | app=system | "{5BF77990-55FB-472C-AB38-88FB51279EDF}" = rport=445 | protocol=6 | dir=out | app=system | "{6BF27BFC-E86E-48BD-A947-CA0F6357CCAE}" = lport=2869 | protocol=6 | dir=in | app=system | "{732FBD21-D356-4203-A6AD-68CDAEA1969D}" = rport=139 | protocol=6 | dir=out | app=system | "{8713A1F5-B236-4651-A7D4-734632D2B23A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{974A3153-96EE-4F3C-A115-7EAA2D61C031}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A0CD2981-1E45-4A09-9612-AC1527D1748F}" = lport=445 | protocol=6 | dir=in | app=system | "{ADF0DF0E-0A4D-45C9-A48D-BA061B75E6EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BA5FBA61-D955-49F5-AE04-06B3DA0E2F59}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EA245163-6AAD-4BCF-B5B0-A12F15C6434C}" = lport=138 | protocol=17 | dir=in | app=system | "{EBFCCB20-1A34-4943-A9A8-7CB13228F5F6}" = lport=10243 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01224CCC-6657-4642-A7C1-61A2C5CEEC8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{04898D1A-67D1-4BBE-8643-28AD7CAB68ED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0C4742E0-3973-4A86-8BD0-C1C3A57F68B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{11FDB99F-E48C-4BCA-9C2A-2B0DC566DF97}" = dir=out | svc=glasswire | app=c:\program files (x86)\glasswire\gwctlsrv.exe | "{19ED66F9-6F7D-420D-A58E-55211FC072E8}" = dir=out | app=c:\users\mariusz\downloads\install_flashplayer15x32_mssd_aaa_aih.exe | "{316C6E2F-B0C7-4C50-9DF9-A679BF46C3DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{49D21D4D-707A-4CF3-8350-181D7139C2DB}" = dir=in | app=c:\users\mariusz\downloads\install_flashplayer15x32_mssd_aaa_aih.exe | "{5242D342-A84A-4D19-B1ED-1B8ED7CCC085}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{538321C4-30C9-4087-A624-07E7FA35F9C3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5854B640-5354-4605-8511-36D129F1A10A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{589852FA-0B61-4929-8974-0006390BC56D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5FAF373A-EED5-44DC-9D1C-8884FC1C2C21}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6493903E-F4D0-4B92-96DE-60E2D301A7A9}" = dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe | "{868A8157-C9DF-46F7-A4F9-3EF5B1A45955}" = dir=in | svc=glasswire | app=c:\program files (x86)\glasswire\gwctlsrv.exe | "{8B6617C4-7572-49E9-BA3D-E8B922B4D0D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8DF2B9A1-92E4-4595-A7BF-826DADC6985D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{96880ABE-CCD6-4602-BC90-ABEC2BF6F594}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A10DA742-71DC-4378-9F86-AF62A53D1207}" = dir=in | app=c:\users\mariusz\downloads\install_flashplayer15x32_mssa_aaa_aih.exe | "{A3400A64-9856-4F1F-9A59-3618FF533CEF}" = protocol=17 | dir=in | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe | "{A5F798AA-22CA-470F-BCF9-1877180319BB}" = dir=out | app=c:\users\mariusz\downloads\install_flashplayer15x32_mssa_aaa_aih.exe | "{AECDDB6B-8585-49D3-93AC-FB4165983AA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AF9A0888-DBE7-4831-8C2D-80F5C2618FBF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BDB81352-9F46-4D36-B9D8-861684B16410}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C4A00160-3882-4E4F-B296-257393579162}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C6ED82D7-C347-428F-9A96-667202B7376F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C77C8300-224C-47AF-AA4A-F54BD7B38170}" = dir=in | app=c:\program files (x86)\windows media player\setup_wm.exe | "{CD172C95-EB41-4E1C-946B-567DF651AD83}" = protocol=6 | dir=out | app=system | "{D8A3BF2F-CBCB-47A1-8A75-A3BB44E8E86E}" = protocol=6 | dir=in | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe | "{EA274037-0748-4C14-BB83-E1B669AA777A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{F7EE786F-6C78-40E3-B627-C1159E36DF72}" = dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe | "{F834CB8F-379A-4F4B-AF94-82F7BB096F8B}" = dir=out | app=c:\program files (x86)\windows media player\setup_wm.exe | "TCP Query User{161D0D8D-FC50-4A86-B105-04422CC0A4B9}C:\program files\nightly\firefox.exe" = protocol=6 | dir=in | app=c:\program files\nightly\firefox.exe | "TCP Query User{9C608B27-6467-4AD2-BA4A-53598FC95FCD}C:\users\mariusz\appdata\local\temp\rar$exa0.415\netscan.exe" = protocol=6 | dir=in | app=c:\users\mariusz\appdata\local\temp\rar$exa0.415\netscan.exe | "TCP Query User{BAB78427-6132-490D-8328-2CB2A6CE94FA}C:\program files\nightly\firefox.exe" = protocol=6 | dir=in | app=c:\program files\nightly\firefox.exe | "UDP Query User{6FF9A4C1-2A51-4443-B33D-DA985D5E49F5}C:\program files\nightly\firefox.exe" = protocol=17 | dir=in | app=c:\program files\nightly\firefox.exe | "UDP Query User{80C5A6A2-BF2B-4CFF-90BB-C69DF2CF159E}C:\program files\nightly\firefox.exe" = protocol=17 | dir=in | app=c:\program files\nightly\firefox.exe | "UDP Query User{B02A2346-D8B8-4C8C-983D-65561B49F6FD}C:\users\mariusz\appdata\local\temp\rar$exa0.415\netscan.exe" = protocol=17 | dir=in | app=c:\users\mariusz\appdata\local\temp\rar$exa0.415\netscan.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 1.05.1.1015 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Nightly 37.0a1 (x64 en-US)" = Nightly 37.0a1 (x64 en-US) "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = WinRAR 5.20 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 "{A80DB23D-0618-405B-89D9-28F99814E287}_is1" = AntiLogger Free version 1.8.2.24 "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin "Adobe Flash Player PPAPI" = Adobe Flash Player 16 PPAPI "blueconnect" = blueconnect "GlassWire 1.0" = GlassWire 1.0 (remove only) "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025 "MozillaMaintenanceService" = Mozilla Maintenance Service "Opera 26.0.1656.32" = Opera Stable 26.0.1656.32 "SeaTools for Windows" = SeaTools for Windows "Secunia PSI" = Secunia PSI (3.0.0.10004) "Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2376877967-2081922626-2068000606-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent "WinDirStat" = WinDirStat 1.1.2 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-12-06 12:09:59 | Computer Name = Mariusz-Asus | Source = WinMgmt | ID = 10 Description = Error - 2014-12-06 12:14:59 | Computer Name = Mariusz-Asus | Source = WinMgmt | ID = 10 Description = Error - 2014-12-06 12:36:29 | Computer Name = Mariusz-Asus | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 2014-12-06 12:36:30 | Computer Name = Mariusz-Asus | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 2014-12-06 13:13:37 | Computer Name = Mariusz-Asus | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 2014-12-06 13:13:37 | Computer Name = Mariusz-Asus | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 2014-12-06 13:55:31 | Computer Name = Mariusz-Asus | Source = Application Hang | ID = 1002 Description = Program NOTEPAD.EXE w wersji 6.1.7600.16385 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: dec Godzina rozpoczęcia: 01d0117dc7c2d407 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Windows\system32\NOTEPAD.EXE Identyfikator raportu: 0f7f3df2-7d71-11e4-8e19-002243c190ce Error - 2014-12-07 04:00:35 | Computer Name = Mariusz-Asus | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Windows Surface Scanner.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x4c113abb Nazwa modułu powodującego błąd: msvcrt.dll, wersja: 7.0.7600.16385, sygnatura czasowa: 0x4a5bda6f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000d193 Identyfikator procesu powodującego błąd: 0xca0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d011f3cf84e1c4 Ścieżka aplikacji powodującej błąd: C:\Users\Mariusz\Desktop\WindowsSurfaceScanner\Windows Surface Scanner.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\msvcrt.dll Identyfikator raportu: 1f6d9198-7de7-11e4-860a-002243c190ce Error - 2014-12-07 04:54:55 | Computer Name = Mariusz-Asus | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: RootkitRevealer.exe, wersja: 1.71.0.0, sygnatura czasowa: 0x44e255aa Nazwa modułu powodującego błąd: RootkitRevealer.exe, wersja: 1.71.0.0, sygnatura czasowa: 0x44e255aa Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000040cd Identyfikator procesu powodującego błąd: 0x63c Godzina uruchomienia aplikacji powodującej błąd: 0x01d011fb779e2ffd Ścieżka aplikacji powodującej błąd: C:\Users\Mariusz\AppData\Local\Temp\HBCD\RootkitRevealer.exe Ścieżka modułu powodującego błąd: C:\Users\Mariusz\AppData\Local\Temp\HBCD\RootkitRevealer.exe Identyfikator raportu: b67446df-7dee-11e4-9e97-002243c190ce Error - 2014-12-07 05:02:14 | Computer Name = Mariusz-Asus | Source = Application Hang | ID = 1002 Description = Program windirstat.exe w wersji 1.1.2.80 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 304 Godzina rozpoczęcia: 01d011fc5c5a096f Godzina zakończenia: 16 Ścieżka aplikacji: C:\Program Files (x86)\WinDirStat\windirstat.exe Identyfikator raportu: ba294275-7def-11e4-9e97-002243c190ce [ System Events ] Error - 2014-12-07 06:02:25 | Computer Name = Mariusz-Asus | Source = DCOM | ID = 10005 Description = Error - 2014-12-07 06:02:29 | Computer Name = Mariusz-Asus | Source = DCOM | ID = 10005 Description = Error - 2014-12-07 06:02:29 | Computer Name = Mariusz-Asus | Source = DCOM | ID = 10005 Description = Error - 2014-12-07 06:05:58 | Computer Name = Mariusz-Asus | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:05:00 na ?2014-?12-?07 było nieoczekiwane. Error - 2014-12-07 06:37:50 | Computer Name = Mariusz-Asus | Source = Service Control Manager | ID = 7034 Description = Usługa MBAMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-12-07 06:50:08 | Computer Name = Mariusz-Asus | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-12-07 06:52:03 | Computer Name = Mariusz-Asus | Source = Application Popup | ID = 1060 Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error - 2014-12-07 06:53:09 | Computer Name = Mariusz-Asus | Source = Service Control Manager | ID = 7030 Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error - 2014-12-07 09:09:55 | Computer Name = Mariusz-Asus | Source = DCOM | ID = 10010 Description = Error - 2014-12-07 11:40:40 | Computer Name = Mariusz-Asus | Source = Service Control Manager | ID = 7034 Description = Usługa GlassWire Control Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >