OTL Extras logfile created on: 4/10/2010 7:44:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.97 Gb Total Physical Memory | 2.82 Gb Available Physical Memory | 71.13% Memory free 7.93 Gb Paging File | 6.71 Gb Available in Paging File | 84.61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.56 Gb Total Space | 82.70 Gb Free Space | 84.77% Space Free | Partition Type: NTFS Drive D: | 200.43 Gb Total Space | 200.34 Gb Free Space | 99.95% Space Free | Partition Type: NTFS Drive F: | 7.48 Gb Total Space | 7.47 Gb Free Space | 99.87% Space Free | Partition Type: FAT32 Computer Name: PC-PC | User Name: pc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12BD613E-D338-4BD1-84DC-37F66E7FE329}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{199E0CD7-1221-4F2A-8784-2557EC4E7E44}" = lport=445 | protocol=6 | dir=in | app=system | "{24B24981-278A-4A9D-A19C-AFC6D5208E08}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{24E8AAE1-E4BA-402B-8866-905B3DC762E9}" = rport=137 | protocol=17 | dir=out | app=system | "{34BC151C-A3C5-471E-B499-EABAC78FD898}" = lport=139 | protocol=6 | dir=in | app=system | "{92D8DA1B-B603-4BB1-8CD2-AB9917279679}" = lport=138 | protocol=17 | dir=in | app=system | "{9B9A7E1A-48DA-48E7-B13E-9980192F00B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{AD75E7FF-CD0A-47A1-8658-86139293E5C0}" = rport=138 | protocol=17 | dir=out | app=system | "{BF279530-44E7-40E9-8CC2-4960F1D62E1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D48346DC-1DE8-40A7-B9D5-DD805124CB37}" = rport=445 | protocol=6 | dir=out | app=system | "{E6356D16-0DF0-480E-9123-55B0FA83C1D6}" = rport=139 | protocol=6 | dir=out | app=system | "{E860D9DB-1D60-482F-A24E-2D252E8866F5}" = lport=137 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{5488CBB9-392F-4FC6-8A1E-AF79404D48F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5EA31BA3-9C68-4CC4-8BB6-2046411B0B87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{693F97E5-A180-4FC1-9133-0181C20A9DF9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{701EA3F0-0FF6-4F70-BFFD-310DDCF2DDF5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9F9A9C3F-05C7-41ED-B9E5-3A462A191559}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A121C936-15FF-4E96-8FA5-FE5004A173A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{BF09AEBF-F27F-45E4-AF9C-D40FC20373A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C2BF19D1-18CA-4ED5-8F29-4709E8002BF7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D8A3B871-07A6-4DD0-8C47-A4DB7BAB7AE6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F797CE82-FD8D-470A-98D3-1744CBB33DE8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3682484809-1181529483-2928081819-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PennyBee" = PennyBee [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 4/10/2010 10:23:15 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:35 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:35 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:35 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:36 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:59 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:59 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:59 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:59 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 4/10/2010 10:24:59 PM | Computer Name = pc-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . [ System Events ] Error - 4/10/2010 9:33:15 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. Error - 4/10/2010 9:33:15 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7000 Description = The Multimedia Class Scheduler service failed to start due to the following error: %%1053 Error - 4/10/2010 9:33:45 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service. Error - 4/10/2010 9:34:15 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error - 4/10/2010 9:34:45 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service. Error - 4/10/2010 9:34:45 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7000 Description = The Application Experience service failed to start due to the following error: %%1053 Error - 4/10/2010 9:35:15 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. Error - 4/10/2010 9:35:45 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error - 4/10/2010 9:35:45 PM | Computer Name = pc-PC | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR1. Error - 4/10/2010 10:14:37 PM | Computer Name = pc-PC | Source = Service Control Manager | ID = 7031 Description = The Update ClearThink service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. < End of report >