Extras.Txt

Themida debugger Windows

Prosze. Sorki ale dzisiaj malo kontaktuje bo mnie glowa boli.


OTL Extras logfile created on: 2010-04-10 06:52:28 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Net\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 663,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 36,90 Gb Free Space | 53,98% Space Free | Partition Type: NTFS
Drive D: | 40,04 Gb Total Space | 28,91 Gb Free Space | 72,21% Space Free | Partition Type: NTFS
Drive E: | 40,64 Gb Total Space | 38,78 Gb Free Space | 95,42% Space Free | Partition Type: NTFS
Drive F: | 494,24 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHANE
Current User Name: Net
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; extension & gt; ]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.6 Beta 4\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\ & lt; extension & gt; ]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.6 Beta 4\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; key & gt; \shell\[command]\command]
batfile [open] -- " %1 " %*
cmdfile [open] -- " %1 " %*
comfile [open] -- " %1 " %*
exefile [open] -- " %1 " %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- " C:\Program Files\Mozilla Firefox\firefox.exe " -requestPending -osint -url " %1 " (Mozilla Corporation)
https [open] -- " C:\Program Files\Mozilla Firefox\firefox.exe " -requestPending -osint -url " %1 " (Mozilla Corporation)
piffile [open] -- " %1 " %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- " %1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- " %1 " /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- " C:\Program Files\Winamp\Winamp.exe " /BOOKMARK " %1 " (Nullsoft)
Directory [Winamp.Enqueue] -- " C:\Program Files\Winamp\Winamp.exe " /ADD " %1 " (Nullsoft)
Directory [Winamp.Play] -- " C:\Program Files\Winamp\Winamp.exe " " %1 " (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
" FirstRunDisabled " = 1
" AntiVirusDisableNotify " = 0
" UpdatesDisableNotify " = 0
" AntiVirusOverride " = 0
" FirewallOverride " = 0
" FirewallDisableNotify " = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
" DisableMonitoring " = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
" EnableFirewall " = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
" 139:TCP " = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
" 445:TCP " = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
" 137:UDP " = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
" 138:UDP " = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
" EnableFirewall " = 1
" DisableNotifications " = 0
" DoNotAllowExceptions " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
" 139:TCP " = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
" 445:TCP " = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
" 137:UDP " = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
" 138:UDP " = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
" 1900:UDP " = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
" 2869:TCP " = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
" C:\Program Files\uTorrent\uTorrent.exe " = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent -- (BitTorrent, Inc.)
" C:\Program Files\Gadu-Gadu\gg.exe " = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.)
" C:\Program Files\mIRC\mirc.exe " = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
" C:\Program Files\Steam\steamapps\lyserckq\counter-strike\hl.exe " = C:\Program Files\Steam\steamapps\lyserckq\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
" C:\Program Files\Soulseek\slskPLbyFoxconn.exe " = C:\Program Files\Soulseek\slskPLbyFoxconn.exe:*:Enabled:Soulseek PL by Foxconn -- ()
" C:\Program Files\HLSW\hlsw.exe " = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)
" C:\Program Files\Counter-Strike\hl.exe " = C:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life SpittStyle Edition -- (Valve)
" C:\Program Files\Java\jre6\bin\java.exe " = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
" C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe " = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
" C:\Program Files\NetMeeting\conf.exe " = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows(R) NetMeeting(R) -- (Microsoft Corporation)
" C:\Documents and Settings\Net\Pulpit\Programy\utorrent.exe " = C:\Documents and Settings\Net\Pulpit\Programy\utorrent.exe:*:Enabled:uTorrent -- (BitTorrent, Inc.)
" C:\WINDOWS\system32\dpvsetup.exe " = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
" C:\Program Files\Gadu-Gadu 10\gg.exe " = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
" E:\Program Files\35\GermanServer2.exe " = E:\Program Files\35\GermanServer2.exe:*:Enabled:GermanServer2 -- ()
" C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\NGM.exe " = C:\Documents and Settings\All Users\Dane aplikacji\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" {00000415-78E1-11D2-B60F-006097C998E7} " = Microsoft Office 2000 Premium
" {036FD544-AED6-3F33-856D-A2292D0CF471} " = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
" {048298C9-A4D3-490B-9FF9-AB023A9238F3} " = Steam
" {067EC517-9731-43FD-B4D5-296EE0027BBB} " = LogMeIn Hamachi
" {1EECBA68-8BE4-4076-94DF-E9ED206B1D21} " = Star Wars Jedi Knight Jedi Academy
" {212748BB-0DA5-46DE-82A1-403736DC9F27} " = MSVC80_x86
" {26A24AE4-039D-4CA4-87B4-2F83216013FF} " = Java(TM) 6 Update 13
" {2BA00471-0328-3743-93BD-FA813353A783} " = Microsoft .NET Framework 3.0 Service Pack 1
" {2FC099BD-AC9B-33EB-809C-D332E1B27C40} " = Microsoft .NET Framework 3.5
" {350C9415-3D7C-4EE8-BAA9-00BCB3D54227} " = WebFldrs XP
" {3F290582-3F4E-4B96-009C-E0BABAA40C42} " = Bitwa o Śródziemie(TM)
" {576E71DA-3000-48F6-9B21-B9A70D47DFCF} " = Star Wars JK II Jedi Outcast
" {5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD} " = Serious Sam: The Second Encounter
" {6F89200D-9C19-42F7-A056-640C9D4C158C} " = English Translator XT
" {7197F874-B0E0-4A73-A880-7E712F4D0EB7}}_is1 " = Uninstall KnightOnline
" {789289CA-F73A-4A16-A331-54D498CE069F} " = Ventrilo
" {7C77393F-8237-3825-A88A-AFAF3C69C072} " = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
" {837b34e3-7c30-493c-8f6a-2b0f04e2912c} " = Microsoft Visual C++ 2005 Redistributable
" {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} " = Microsoft Silverlight
" {8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} " = Battlefield Heroes
" {90120000-0020-0415-0000-0000000FF1CE} " = Pakiet zgodności dla systemu Office 2007
" {9A25302D-30C0-39D9-BD6F-21E6EC160475} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
" {9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9} " = Counter-Strike 1.6
" {AC76BA86-7AD7-1045-7B44-A91000000001} " = Adobe Reader 9.1 - Polish
" {ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B} " = VIMICRO USB PC Camera (ZC0301PLH)
" {B508B3F1-A24A-32C0-B310-85786919EF28} " = Microsoft .NET Framework 2.0 Service Pack 1
" {B9F499B8-D1F0-42FC-84BE-CC552123CCCB} " = BlueSoleil
" {C9A87D86-FDFD-418B-BF96-EF09320973B3} " = PC Inspector smart recovery
" {CA567AD5-33A4-403D-86D1-EE2D38251951}_is1 " = VDownloader 1.12
" {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} " = Microsoft .NET Framework 1.1
" {CE3B8E96-B0AF-4871-9178-1519B58E3A93} " = USB PC Camera (Vimicro301 Neptune)
" {D103C4BA-F905-437A-8049-DB24763BBE36} " = Skype(TM) 4.1
" {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} " = GTA San Andreas
" {D41FAAA9-8048-4906-86B2-9AADEA1FA0B7} " = SpeedTouch USB Software
" {E2BA588C-AF22-4C59-96A8-A6C6E782CB9C}_is1 " = Pionek 1.4
" {F31E509D-3597-324E-83CF-0C160B2320F0} " = Microsoft .NET Framework 3.5 Language Pack - plk
" {FB08F381-6533-4108-B7DD-039E11FBC27E} " = Realtek AC'97 Audio
" {FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4} " = Stunt GP
" Adobe Flash Player ActiveX " = Adobe Flash Player 10 ActiveX
" Adobe Flash Player Plugin " = Adobe Flash Player 10 Plugin
" Adobe Shockwave Player " = Adobe Shockwave Player 11.5
" Advanced SystemCare 3_is1 " = Advanced SystemCare 3
" Audacity_is1 " = Audacity 1.2.6
" AV Voice Changer Software 3.0 " = AV Voice Changer Software 3.0
" dBpoweramp Music Converter " = dBpoweramp Music Converter
" Diablo II " = Diablo II
" DriverAgent.exe " = DriverAgent by eSupport.com
" eBay Icon " = eBay Icon
" Europe MapleStory_is1 " = Europe MapleStory
" ffdshow_is1 " = ffdshow [rev 3008] [2009-06-18]
" Gadu-Gadu " = Gadu-Gadu 7.7
" Gadu-Gadu 10 " = Gadu-Gadu 10
" Game Booster_is1 " = Game Booster
" GameDesire-Pool & Snooker " = GameDesire-Pool & Snooker
" GMailFS " = GMail Drive Shell Extension
" HijackThis " = HijackThis 1.99.1
" HLSW_is1 " = HLSW v1.3.1
" InstallShield_{6F89200D-9C19-42F7-A056-640C9D4C158C} " = English Translator XT
" IObit Security 360_is1 " = IObit Security 360
" ipla " = ipla 2.1.2
" IrfanView " = IrfanView (remove only)
" LogMeIn Hamachi " = LogMeIn Hamachi
" Malwarebytes' Anti-Malware_is1 " = Malwarebytes' Anti-Malware
" Microsoft .NET Framework 1.1 (1033) " = Microsoft .NET Framework 1.1
" Microsoft .NET Framework 3.5 " = Microsoft .NET Framework 3.5
" Microsoft .NET Framework 3.5 Language Pack - plk " = Pakiet językowy programu Microsoft .NET Framework 3.5 -- PLK
" mIRC " = mIRC
" Mount & Blade " = Mount & Blade
" Mozilla Firefox (3.5.5) " = Mozilla Firefox (3.5.5)
" Mozilla Firefox (3.6b5) " = Mozilla Firefox (3.6b5)
" MTA:SA " = MTA:SA v1.0.3
" NVIDIA Drivers " = NVIDIA Drivers
" NVIDIAnForce " = Sterowniki NVIDIA nForce dla Windows 2000/XP
" PunkBusterSvc " = PunkBuster Services
" RSDemon 2 " = RSDemon 2
" Smart Defrag_is1 " = Smart Defrag
" Soulseek " = SoulSeek Client 156c
" SpeedFan " = SpeedFan (remove only)
" Steam App 10 " = Counter-Strike
" Tasker_is1 " = Tasker version 3.13
" Teamspeak 2 RC2_is1 " = TeamSpeak 2 RC2
" TweakNow RegCleaner Standard_is1 " = TweakNow RegCleaner Standard
" uTorrent " = uTorrent
" Wdf01007 " = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
" WebExcellenceAdviceTool " = FFWebExcellenceAdviceTool
" Winamp " = Winamp
" WinRAR archiver " = Archiwizator WinRAR
" Wisdom-soft ScreenHunter 5.1 Free " = Wisdom-soft ScreenHunter 5.1 Free
" Wisdom-soft Set up ScreenHunter 5.1 Free " = Wisdom-soft Set up ScreenHunter 5.1 Free
" Wudf01005 " = Microsoft User-Mode Driver Framework Feature Pack 1.5
" XpsEPSC " = XML Paper Specification Shared Components Pack 1.0
" XPSEPSCLP " = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" SwiftKit " = SwiftKit
" uTorrent " = uTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-02-26 13:26:16 | Computer Name = SHANE | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.1433 - Krytyczny błąd aparatu wykonawczego
(79FFEE24) (80131506)

Error - 2010-04-10 00:50:12 | Computer Name = SHANE | Source = MsiInstaller | ID = 11001
Description =

[ System Events ]
Error - 2010-04-04 06:20:08 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-04 06:20:08 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-04 06:20:08 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-04 06:20:08 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-04 06:20:09 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-04 06:20:09 | Computer Name = SHANE | Source = nv | ID = 11141134
Description = Unknown error on

Error - 2010-04-06 03:04:52 | Computer Name = SHANE | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.102 dla karty sieciowej o adresie 00301B359781
został zabroniony przez serwer DHCP 192.168.1.100 (Serwer DHCP wysłał komunikat
DHCPNACK).

Error - 2010-04-08 07:03:43 | Computer Name = SHANE | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.102 dla karty sieciowej o adresie 00301B359781
został zabroniony przez serwer DHCP 192.168.1.100 (Serwer DHCP wysłał komunikat
DHCPNACK).

Error - 2010-04-09 16:31:42 | Computer Name = SHANE | Source = Dhcp | ID = 1002
Description = Adres IP połączenia 192.168.1.102 dla karty sieciowej o adresie 00301B359781
został zabroniony przez serwer DHCP 192.168.1.100 (Serwer DHCP wysłał komunikat
DHCPNACK).

Error - 2010-04-09 23:56:08 | Computer Name = SHANE | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001'
podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało
zatrzymane monitorowanie woluminu.


& lt; End of report & gt;


Download file - link to post