I performed the Service Repair, rebooted and rescanned using FRST. Here is the new FRST report:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by John (administrator) on JOHN-PC on 31-03-2014 16:35:19
Running from C:\Users\John\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(WildTangent, Inc.) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Google Inc.) C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Google) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Farbar) C:\Users\John\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [495104 2009-07-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-01] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Java\jre6\bin\jusched.exe [149280 2009-11-01] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [622592 2014-03-21] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-06-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Run: [Google Update] - C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-11] (Google Inc.)
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [602624 2014-03-22] (Google Inc.)
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Policies\Explorer: [HideSCAHealth] 1
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 173.244.132.86 173.244.132.254
Tcpip\..\Interfaces\{81F105C5-75F7-4B34-BD57-6B3F15F03039}: [NameServer]76.73.7.75,107.6.133.7
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]76.73.7.75,107.6.133.7
Tcpip\..\Interfaces\{F19EA1D7-803A-4B44-B142-1BA0BAACFDCE}: [NameServer]76.73.7.75,107.6.133.7
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\John\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\John\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\John\AppData\Local\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.150.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U15) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-12]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-12]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-19]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-08-02]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-12]
CHR HKLM-x32\...\Chrome\Extension: [ebplnjmfmakhhedomfffdiekifpdffnd] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7893\ch\MediaViewV1alpha7893.crx [2012-05-12]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [oobclncfihjeobfooihfhglbfloocnkg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta5635\ch\VideoPlayerV3beta5635.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\John\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5721600 2014-01-22] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [754688 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [811008 2014-02-04] ()
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-31 16:29 - 2014-03-31 16:30 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-03-31 16:28 - 2014-03-31 16:28 - 04009167 _____ () C:\Users\John\Desktop\ServicesRepair.exe
2014-03-28 06:19 - 2014-03-31 16:35 - 00009669 _____ () C:\Users\John\Desktop\FRST.txt
2014-03-28 06:19 - 2014-03-28 06:21 - 00000906 _____ () C:\Users\John\Desktop\Search.txt
2014-03-28 06:17 - 2014-03-28 06:17 - 02157056 _____ (Farbar) C:\Users\John\Desktop\FRST64 (1).exe
2014-03-27 06:10 - 2014-03-27 06:10 - 00005139 _____ () C:\Users\John\Desktop\FSS.txt
2014-03-27 06:09 - 2014-03-27 06:09 - 00409600 _____ (Farbar) C:\Users\John\Desktop\FSS.exe
2014-03-20 06:15 - 2014-03-20 06:15 - 00384084 _____ () C:\Users\John\Desktop\AIDA64 Report.txt
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Users\John\Documents\AIDA64 Reports
2014-03-20 06:13 - 2014-03-20 06:13 - 00001175 _____ () C:\Users\John\Desktop\AIDA64 Extreme.lnk
2014-03-20 06:13 - 2014-03-20 06:13 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-03-20 06:10 - 2014-03-20 06:11 - 15834968 _____ (FinalWire Ltd. ) C:\Users\John\Downloads\aida64extreme420.exe
2014-03-20 06:09 - 2014-03-20 06:09 - 00000000 ____D () C:\Users\John\Desktop\Regfix (1)
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Downloads\Regfix.zip
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Desktop\Regfix (1).zip
2014-03-20 06:05 - 2014-03-20 06:05 - 00000924 _____ () C:\Users\John\Desktop\NTREGOPT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000905 _____ () C:\Users\John\Desktop\ERUNT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 06:03 - 2014-03-20 06:03 - 00791393 _____ (Lars Hederer ) C:\Users\John\Downloads\erunt-setup.exe
2014-03-19 05:53 - 2014-03-19 05:53 - 00000142 _____ () C:\Users\John\Desktop\MUI.txt
2014-03-19 05:44 - 2014-03-19 05:46 - 00001602 _____ () C:\Users\John\Desktop\SystemLook.txt
2014-03-19 05:40 - 2014-03-19 05:40 - 00165376 _____ () C:\Users\John\Desktop\SystemLook_x64.exe
2014-03-17 11:07 - 2014-03-17 11:09 - 02157056 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-03-15 16:41 - 2014-03-15 16:42 - 00001599 _____ () C:\Users\John\Downloads\Search.txt
2014-03-12 06:02 - 2014-03-12 06:02 - 00068684 _____ () C:\Users\John\Downloads\Shortcut.txt
2014-03-12 06:01 - 2014-03-17 11:12 - 00034009 _____ () C:\Users\John\Downloads\Addition.txt
2014-03-12 06:01 - 2014-03-17 11:12 - 00026813 _____ () C:\Users\John\Downloads\FRST.txt
2014-03-12 06:00 - 2014-03-31 16:35 - 00000000 ____D () C:\FRST
2014-03-12 06:00 - 2014-03-12 06:00 - 00001392 _____ () C:\Users\John\Desktop\FRST64 - Shortcut.lnk
2014-03-12 05:59 - 2014-03-12 05:59 - 02157056 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-03-12 05:57 - 2014-03-12 05:57 - 01145856 _____ (Farbar) C:\Users\John\Downloads\FRST.exe
2014-03-11 21:49 - 2014-03-11 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\Malwarebytes
2014-03-11 21:48 - 2014-03-11 21:48 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 21:48 - 2014-03-11 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-11 21:48 - 2014-03-11 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 21:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-11 21:42 - 2014-03-11 21:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-10 21:10 - 2014-03-10 21:12 - 01949184 _____ () C:\Users\John\Downloads\AdwCleaner (1).exe
2014-03-10 20:45 - 2014-03-10 20:45 - 00000803 _____ () C:\Users\John\Desktop\JRT.txt
2014-03-10 20:37 - 2014-03-29 08:15 - 00000003 _____ () C:\ProgramData\2psvc31.nls
2014-03-10 20:33 - 2014-03-10 20:33 - 01037734 _____ (Thisisu) C:\Users\John\Downloads\JRT (1).exe
2014-03-10 19:50 - 2014-03-10 19:50 - 00000000 ____D () C:\_OTL
2014-03-10 19:47 - 2014-03-10 19:47 - 00602112 _____ (OldTimer Tools) C:\Users\John\Downloads\OTL (1).exe
2014-03-09 15:54 - 2014-03-10 22:29 - 00079660 _____ () C:\Users\John\Downloads\OTL.Txt
2014-03-09 15:54 - 2014-03-09 15:54 - 00054676 _____ () C:\Users\John\Downloads\Extras.Txt
2014-03-09 15:44 - 2014-03-09 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\John\Downloads\OTL.exe
2014-03-09 15:26 - 2014-03-09 22:21 - 00000003 _____ () C:\d31.nls
2014-03-09 14:59 - 2014-03-20 06:07 - 00000000 ____D () C:\Windows\erdnt
2014-03-09 14:59 - 2014-03-09 14:59 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-09 14:53 - 2014-03-09 14:53 - 05187267 ____R (Swearware) C:\Users\John\Desktop\ComboFix.exe
2014-03-09 14:00 - 2014-03-09 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 13:53 - 2014-03-09 13:53 - 01037734 _____ (Thisisu) C:\Users\John\Downloads\JRT.exe
2014-03-09 13:38 - 2014-03-10 22:13 - 00000000 ____D () C:\AdwCleaner
2014-03-09 13:37 - 2014-03-09 13:38 - 01244192 _____ () C:\Users\John\Downloads\AdwCleaner.exe
2014-03-09 13:27 - 2014-03-09 13:43 - 00000003 _____ () C:\ProgramData\ Office Diagnostics Service31.nls
2014-03-09 13:24 - 2014-03-09 13:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\John\Downloads\revosetup.exe
2014-03-09 13:24 - 2014-03-09 13:24 - 00001264 _____ () C:\Users\John\Desktop\Revo Uninstaller.lnk
2014-03-09 13:24 - 2014-03-09 13:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 13:17 - 2014-03-11 22:35 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
==================== One Month Modified Files and Folders =======
2014-03-31 16:35 - 2014-03-28 06:19 - 00009669 _____ () C:\Users\John\Desktop\FRST.txt
2014-03-31 16:35 - 2014-03-12 06:00 - 00000000 ____D () C:\FRST
2014-03-31 16:33 - 2012-05-11 02:08 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 16:31 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 16:31 - 2009-07-13 23:51 - 00209490 _____ () C:\Windows\setupact.log
2014-03-31 16:30 - 2014-03-31 16:29 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-03-31 16:30 - 2012-05-12 17:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000UA.job
2014-03-31 16:30 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 16:30 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 16:28 - 2014-03-31 16:28 - 04009167 _____ () C:\Users\John\Desktop\ServicesRepair.exe
2014-03-31 16:27 - 2012-05-11 18:19 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-03-29 08:15 - 2014-03-10 20:37 - 00000003 _____ () C:\ProgramData\2psvc31.nls
2014-03-29 08:14 - 2009-07-13 18:39 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-03-29 08:11 - 2009-07-14 00:13 - 00726142 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 06:21 - 2014-03-28 06:19 - 00000906 _____ () C:\Users\John\Desktop\Search.txt
2014-03-28 06:17 - 2014-03-28 06:17 - 02157056 _____ (Farbar) C:\Users\John\Desktop\FRST64 (1).exe
2014-03-27 16:36 - 2012-05-11 02:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 16:01 - 2012-05-11 02:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 14:30 - 2012-05-12 17:00 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000Core.job
2014-03-27 14:25 - 2012-05-12 17:00 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000UA
2014-03-27 14:25 - 2012-05-12 17:00 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000Core
2014-03-27 13:56 - 2009-07-13 20:05 - 04093952 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-27 06:10 - 2014-03-27 06:10 - 00005139 _____ () C:\Users\John\Desktop\FSS.txt
2014-03-27 06:09 - 2014-03-27 06:09 - 00409600 _____ (Farbar) C:\Users\John\Desktop\FSS.exe
2014-03-24 06:07 - 2010-01-09 10:25 - 01659771 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 17:45 - 2013-05-13 23:56 - 00000000 ____D () C:\Program Files (x86)\ConverterLite
2014-03-21 15:00 - 2012-05-12 01:19 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-21 14:26 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-20 06:15 - 2014-03-20 06:15 - 00384084 _____ () C:\Users\John\Desktop\AIDA64 Report.txt
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Users\John\Documents\AIDA64 Reports
2014-03-20 06:13 - 2014-03-20 06:13 - 00001175 _____ () C:\Users\John\Desktop\AIDA64 Extreme.lnk
2014-03-20 06:13 - 2014-03-20 06:13 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-03-20 06:11 - 2014-03-20 06:10 - 15834968 _____ (FinalWire Ltd. ) C:\Users\John\Downloads\aida64extreme420.exe
2014-03-20 06:09 - 2014-03-20 06:09 - 00000000 ____D () C:\Users\John\Desktop\Regfix (1)
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Downloads\Regfix.zip
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Desktop\Regfix (1).zip
2014-03-20 06:07 - 2014-03-09 14:59 - 00000000 ____D () C:\Windows\erdnt
2014-03-20 06:05 - 2014-03-20 06:05 - 00000924 _____ () C:\Users\John\Desktop\NTREGOPT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000905 _____ () C:\Users\John\Desktop\ERUNT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 06:03 - 2014-03-20 06:03 - 00791393 _____ (Lars Hederer ) C:\Users\John\Downloads\erunt-setup.exe
2014-03-19 05:53 - 2014-03-19 05:53 - 00000142 _____ () C:\Users\John\Desktop\MUI.txt
2014-03-19 05:46 - 2014-03-19 05:44 - 00001602 _____ () C:\Users\John\Desktop\SystemLook.txt
2014-03-19 05:45 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-03-19 05:42 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 05:40 - 2014-03-19 05:40 - 00165376 _____ () C:\Users\John\Desktop\SystemLook_x64.exe
2014-03-17 11:12 - 2014-03-12 06:01 - 00034009 _____ () C:\Users\John\Downloads\Addition.txt
2014-03-17 11:12 - 2014-03-12 06:01 - 00026813 _____ () C:\Users\John\Downloads\FRST.txt
2014-03-17 11:09 - 2014-03-17 11:07 - 02157056 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-03-15 16:42 - 2014-03-15 16:41 - 00001599 _____ () C:\Users\John\Downloads\Search.txt
2014-03-15 16:37 - 2013-09-29 15:43 - 00000008 __RSH () C:\Users\John\ntuser.pol
2014-03-15 16:37 - 2012-05-10 19:30 - 00000000 ____D () C:\Users\John
2014-03-15 16:28 - 2014-01-30 19:43 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-03-15 16:26 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-15 08:02 - 2012-05-12 17:01 - 00002321 _____ () C:\Users\John\Desktop\Google Chrome.lnk
2014-03-12 06:02 - 2014-03-12 06:02 - 00068684 _____ () C:\Users\John\Downloads\Shortcut.txt
2014-03-12 06:00 - 2014-03-12 06:00 - 00001392 _____ () C:\Users\John\Desktop\FRST64 - Shortcut.lnk
2014-03-12 05:59 - 2014-03-12 05:59 - 02157056 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-03-12 05:57 - 2014-03-12 05:57 - 01145856 _____ (Farbar) C:\Users\John\Downloads\FRST.exe
2014-03-11 22:38 - 2012-05-10 19:27 - 00415008 _____ () C:\Windows\PFRO.log
2014-03-11 22:35 - 2014-03-09 13:17 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-11 22:35 - 2012-07-31 12:41 - 00000000 ____D () C:\ProgramData\781287A80008C96702A76687E56C34C7
2014-03-11 22:35 - 2012-07-31 00:04 - 00000000 ____D () C:\ProgramData\781287A80008C96702A766874F147CE7
2014-03-11 22:35 - 2012-05-10 23:03 - 00000000 ____D () C:\Users\John\AppData\Roaming\Adobe
2014-03-11 22:35 - 2012-05-10 19:36 - 00000000 ___RD () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-11 21:49 - 2014-03-11 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\Malwarebytes
2014-03-11 21:48 - 2014-03-11 21:48 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 21:48 - 2014-03-11 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-11 21:48 - 2014-03-11 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 21:46 - 2014-03-11 21:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-10 22:29 - 2014-03-09 15:54 - 00079660 _____ () C:\Users\John\Downloads\OTL.Txt
2014-03-10 22:13 - 2014-03-09 13:38 - 00000000 ____D () C:\AdwCleaner
2014-03-10 21:12 - 2014-03-10 21:10 - 01949184 _____ () C:\Users\John\Downloads\AdwCleaner (1).exe
2014-03-10 20:45 - 2014-03-10 20:45 - 00000803 _____ () C:\Users\John\Desktop\JRT.txt
2014-03-10 20:33 - 2014-03-10 20:33 - 01037734 _____ (Thisisu) C:\Users\John\Downloads\JRT (1).exe
2014-03-10 20:22 - 2014-01-22 21:18 - 00000003 _____ () C:\ProgramData\31.nls
2014-03-10 19:50 - 2014-03-10 19:50 - 00000000 ____D () C:\_OTL
2014-03-10 19:47 - 2014-03-10 19:47 - 00602112 _____ (OldTimer Tools) C:\Users\John\Downloads\OTL (1).exe
2014-03-09 22:21 - 2014-03-09 15:26 - 00000003 _____ () C:\d31.nls
2014-03-09 21:51 - 2012-06-07 20:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-09 15:54 - 2014-03-09 15:54 - 00054676 _____ () C:\Users\John\Downloads\Extras.Txt
2014-03-09 15:44 - 2014-03-09 15:44 - 00602112 _____ (OldTimer Tools) C:\Users\John\Downloads\OTL.exe
2014-03-09 15:17 - 2009-11-01 00:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-09 14:59 - 2014-03-09 14:59 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-09 14:53 - 2014-03-09 14:53 - 05187267 ____R (Swearware) C:\Users\John\Desktop\ComboFix.exe
2014-03-09 14:00 - 2014-03-09 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 13:53 - 2014-03-09 13:53 - 01037734 _____ (Thisisu) C:\Users\John\Downloads\JRT.exe
2014-03-09 13:46 - 2012-05-11 05:37 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-03-09 13:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Registration
2014-03-09 13:43 - 2014-03-09 13:27 - 00000003 _____ () C:\ProgramData\ Office Diagnostics Service31.nls
2014-03-09 13:43 - 2012-08-18 00:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-09 13:38 - 2014-03-09 13:37 - 01244192 _____ () C:\Users\John\Downloads\AdwCleaner.exe
2014-03-09 13:31 - 2012-05-11 02:08 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-09 13:31 - 2012-05-11 02:08 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-09 13:24 - 2014-03-09 13:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\John\Downloads\revosetup.exe
2014-03-09 13:24 - 2014-03-09 13:24 - 00001264 _____ () C:\Users\John\Desktop\Revo Uninstaller.lnk
2014-03-09 13:24 - 2014-03-09 13:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 13:23 - 2013-10-01 20:59 - 00000000 ____D () C:\Users\John\AppData\Local\avgchrome
2014-03-09 13:18 - 2014-01-30 19:43 - 00000162 _____ () C:\extensions.ini
2014-03-09 13:17 - 2012-05-11 05:37 - 00995328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-03-09 13:15 - 2009-07-13 18:19 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe
[2009-07-13 18:19] - [2014-03-09 13:15] - 0589312 ____A (Microsoft Corporation) 8DDE1A539CBC01AB2D80D1CE61C05A98
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-20 20:07
==================== End Of Log ============================