OTL Extras logfile created on: 2/27/2015 3:58:22 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\New folder Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.59 Gb Available Physical Memory | 79.65% Memory free 6.50 Gb Paging File | 5.92 Gb Available in Paging File | 91.16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 146.39 Gb Total Space | 126.10 Gb Free Space | 86.14% Space Free | Partition Type: NTFS Drive D: | 319.27 Gb Total Space | 318.78 Gb Free Space | 99.84% Space Free | Partition Type: NTFS Drive F: | 1.86 Gb Total Space | 1.42 Gb Free Space | 76.49% Space Free | Partition Type: FAT Computer Name: JARED-PC | User Name: Jared | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = ComFile] -- "%1" %* .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\Windows\System32\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-289597471-917399791-413522533-1000\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{642CF0E7-0D5C-4324-8A05-F399826044CF}" = rport=5060 | protocol=6 | dir=out | app=c:\users\jared\appdata\roaming\mjusbsp\magicjack.exe | "{7EBD4A66-8B95-4747-ACDE-16688C22C3EB}" = rport=5060 | protocol=6 | dir=in | app=c:\users\jared\appdata\roaming\mjusbsp\magicjack.exe | "{9C46D219-FE0C-4F43-A533-EA24213054C0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "{AD9979A0-0AAA-4DBA-BD04-FB7EB73AD5C6}" = rport=5060 | protocol=17 | dir=out | app=c:\users\jared\appdata\roaming\mjusbsp\magicjack.exe | "{F6EAA552-E68C-4B10-B052-748B2EF8EC69}" = rport=5060 | protocol=17 | dir=in | app=c:\users\jared\appdata\roaming\mjusbsp\magicjack.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3F55B0FC-0E91-476F-B9A9-0B81B1887BAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{107F27B7-8EE4-4B3A-9CE5-497B120369DC}" = Microsoft Security Client "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1 "{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "Microsoft Security Client" = Microsoft Security Essentials "PokerStars" = PokerStars "Tweaking.com - Hardware Identify" = Tweaking.com - Hardware Identify [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-289597471-917399791-413522533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "magicJack" = magicJack [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2/26/2015 4:21:50 PM | Computer Name = Jared-PC | Source = WinMgmt | ID = 10 Description = Error - 2/26/2015 4:24:25 PM | Computer Name = Jared-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 2/26/2015 4:24:25 PM | Computer Name = Jared-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 2/26/2015 4:30:45 PM | Computer Name = Jared-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "F:\ccsetup503\CCleaner64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 2/26/2015 4:31:46 PM | Computer Name = Jared-PC | Source = Application Error | ID = 1000 Description = Faulting application name: CCleaner.exe, version: 5.3.0.5128, time stamp: 0x54dd2007 Faulting module name: CCleaner.exe, version: 5.3.0.5128, time stamp: 0x54dd2007 Exception code: 0xc0000005 Fault offset: 0x00251b9e Faulting process id: 0xe20 Faulting application start time: 0x01d052033c750d60 Faulting application path: F:\ccsetup503\CCleaner.exe Faulting module path: F:\ccsetup503\CCleaner.exe Report Id: 7b30f500-bdf6-11e4-a183-14dae96cdb61 Error - 2/26/2015 4:32:57 PM | Computer Name = Jared-PC | Source = Application Error | ID = 1000 Description = Faulting application name: CCleaner.exe, version: 5.3.0.5128, time stamp: 0x54dd2007 Faulting module name: CCleaner.exe, version: 5.3.0.5128, time stamp: 0x54dd2007 Exception code: 0xc0000005 Fault offset: 0x00251b9e Faulting process id: 0xe74 Faulting application start time: 0x01d052036746c880 Faulting application path: F:\ccsetup503\CCleaner.exe Faulting module path: F:\ccsetup503\CCleaner.exe Report Id: a554ebc0-bdf6-11e4-a183-14dae96cdb61 Error - 2/26/2015 10:16:23 PM | Computer Name = Jared-PC | Source = WinMgmt | ID = 10 Description = Error - 2/26/2015 10:20:31 PM | Computer Name = Jared-PC | Source = WinMgmt | ID = 10 Description = Error - 2/26/2015 10:24:20 PM | Computer Name = Jared-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code. Error - 2/26/2015 10:24:20 PM | Computer Name = Jared-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006 Description = Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code. [ System Events ] Error - 2/27/2015 1:45:59 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7023 Description = The Server service terminated with the following error: %%2 Error - 2/27/2015 1:46:13 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Workstation service which failed to start because of the following error: %%2 Error - 2/27/2015 1:46:13 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7023 Description = The Workstation service terminated with the following error: %%2 Error - 2/27/2015 1:46:13 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Workstation service which failed to start because of the following error: %%2 Error - 2/27/2015 1:46:13 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7023 Description = The Workstation service terminated with the following error: %%2 Error - 2/27/2015 1:46:13 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7023 Description = The Server service terminated with the following error: %%2 Error - 2/27/2015 2:20:33 AM | Computer Name = Jared-PC | Source = Microsoft Antimalware | ID = 3002 Description = %%860 Real-Time Protection feature has encountered an error and failed. Feature: %%834 Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: %%858 Error - 2/27/2015 2:20:32 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7031 Description = The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error - 2/27/2015 3:20:40 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: %%1068 Error - 2/27/2015 3:43:31 AM | Computer Name = Jared-PC | Source = Service Control Manager | ID = 7030 Description = The R service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. < End of report >