OTL Extras logfile created on: 2011-02-11 21:25:55 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\prac\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 015,00 Mb Total Physical Memory | 671,00 Mb Available Physical Memory | 66,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149,05 Gb Total Space | 138,26 Gb Free Space | 92,76% Space Free | Partition Type: NTFS Drive G: | 37,26 Gb Total Space | 26,89 Gb Free Space | 72,17% Space Free | Partition Type: NTFS Computer Name: KASA1 | User Name: prac | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "2630:TCP" = 2630:TCP:*:Enabled:zmdomoch "5903:TCP" = 5903:TCP:*:Enabled:vnc [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\RealVNC\VNC4\winvnc4.exe" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:winvnc4.exe -- (RealVNC Ltd.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{6039C740-40B3-456C-8DDC-D63D29F634C8}" = Poczta systemu Windows Live "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{901C0415-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "HDMI" = Intel(R) Graphics Media Accelerator Driver "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "MosChip Technology" = MosChip Multi-IO Controller "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "RealVNC_is1" = VNC Free Edition 4.1.3 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "Żółte Karteczki_is1" = Żółte Karteczki [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-02-11 14:27:47 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:47 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:47 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:48 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:48 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:48 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:49 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:49 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:49 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 Error - 2011-02-11 14:27:49 | Computer Name = KASA1 | Source = WinVNC4 | ID = 1 Description = DeviceFrameBuffer: BitBlt failed:997 [ System Events ] Error - 2011-02-11 09:43:15 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7023 Description = Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-02-11 09:47:22 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi VNC Server z powodu następującego błędu: %%2 Error - 2011-02-11 09:47:22 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7023 Description = Usługa Server Driver zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2011-02-11 10:08:56 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi VNC Server z powodu następującego błędu: %%2 Error - 2011-02-11 10:08:56 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7023 Description = Usługa Server Driver zakończyła działanie; wystąpił następujący błąd: %%5 Error - 2011-02-11 10:26:46 | Computer Name = KASA1 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi wuauserv z argumentami „” w celu uruchomienia serwera: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error - 2011-02-11 10:31:23 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi VNC Server z powodu następującego błędu: %%2 Error - 2011-02-11 10:31:23 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7023 Description = Usługa Server Driver zakończyła działanie; wystąpił następujący błąd: %%1114 Error - 2011-02-11 10:38:34 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi VNC Server z powodu następującego błędu: %%2 Error - 2011-02-11 10:38:34 | Computer Name = KASA1 | Source = Service Control Manager | ID = 7023 Description = Usługa Server Driver zakończyła działanie; wystąpił następujący błąd: %%1114 < End of report >