Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2013
Ran by abc at 2013-10-31 17:23:07 Run:1
Running from C:\Users\abc\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
(GreenMind Association ffff) C:\Users\abc\AppData\Local\Temp\avgua32.exe
() C:\Users\abc\AppData\Roaming\SettingsWin\getxempl2.exe
HKCU\...\Run: [Svchost] - C:\Users\abc\AppData\Roaming\Microsoft\svchost.exe [44968 2012-07-08] (Microsoft Corporation)
HKCU\...\Run: [getxempl2] - C:\Users\abc\AppData\Roaming\SettingsWin\getxempl2.exe [1065202 2013-09-18] ()
KLM-x32\...\Run: [] - [x]
AppInit_DLLs-x32: c:\progra~2\sshelp~1\psupport.dll [857600 2013-10-06] ()
Startup: C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RegSvcs.exe (Microsoft Corporation)
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {16DB9702-A8C8-443D-8688-7CD2C31293F7} URL = http://search.yahoo....p={searchTerms}
BHO: Downnlload. kEueper - {1346016A-BF03-F13E-92D5-6723B8631923} - C:\Program Files (x86)\Downnlload. kEueper\MX3xnnX4t.x64.dll ()
BHO-x32: Downnlload. kEueper - {1346016A-BF03-F13E-92D5-6723B8631923} - C:\Program Files (x86)\Downnlload. kEueper\MX3xnnX4t.dll ()
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Extension: Downnlload. kEueper - C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\z71ad889.default\Extensions\iqizm_1z@ouypool-o.net
S3 cpuz130; \??\C:\Users\abc\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x]
2013-10-30 16:32 - 2013-10-30 16:32 - 00000000 ____D C:\ProgramData\Downnlload. kEueper
2013-10-30 16:32 - 2013-10-30 16:32 - 00000000 ____D C:\ProgramData\23413a397414c394
2013-10-30 16:32 - 2013-10-30 16:32 - 00000000 ____D C:\Program Files (x86)\ss helper
2013-10-30 16:32 - 2013-10-30 16:32 - 00000000 ____D C:\Program Files (x86)\Downnlload. kEueper
2013-10-30 16:31 - 2013-10-30 16:31 - 00000000 ____D C:\ProgramData\InstallMate
C:\Users\abc\AppData\Local\Temp\appshat-distribution.exe
C:\Users\abc\AppData\Local\Temp\avgua32.exe
C:\Users\abc\AppData\Local\Temp\down.5768.web_assistant_v2.exe
C:\Users\abc\AppData\Local\Temp\ose00000.exe
C:\Users\abc\AppData\Local\Temp\smt_ar_dosearches.exe
C:\Users\abc\AppData\Local\Temp\SRLDetectionLibrary5781857955678186537.dll
C:\Users\abc\AppData\Local\Temp\TsuD673F8DE.dll
C:\Users\abc\AppData\Local\Temp\UpdateCheckerSetup.exe
*****************

C:\Users\abc\AppData\Local\Temp\avgua32.exe => No running process found
[1720] C:\Users\abc\AppData\Roaming\SettingsWin\getxempl2.exe => Process closed successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Svchost => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\getxempl2 => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
C:\Users\abc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RegSvcs.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16DB9702-A8C8-443D-8688-7CD2C31293F7} => Key deleted successfully.
HKCR\CLSID\{16DB9702-A8C8-443D-8688-7CD2C31293F7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1346016A-BF03-F13E-92D5-6723B8631923} => Key deleted successfully.
HKCR\CLSID\{1346016A-BF03-F13E-92D5-6723B8631923} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1346016A-BF03-F13E-92D5-6723B8631923} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1346016A-BF03-F13E-92D5-6723B8631923} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk => Key deleted successfully.
C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll not found.
C:\Users\abc\AppData\Roaming\Mozilla\Firefox\Profiles\z71ad889.default\Extensions\iqizm_1z@ouypool-o.net not found.
cpuz130 => Service deleted successfully.
FairplayKD => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
C:\ProgramData\Downnlload. kEueper => Moved successfully.
C:\ProgramData\23413a397414c394 => Moved successfully.
C:\Program Files (x86)\ss helper => Moved successfully.
C:\Program Files (x86)\Downnlload. kEueper => Moved successfully.
C:\ProgramData\InstallMate => Moved successfully.
C:\Users\abc\AppData\Local\Temp\appshat-distribution.exe => Moved successfully.
C:\Users\abc\AppData\Local\Temp\avgua32.exe => Moved successfully.
C:\Users\abc\AppData\Local\Temp\down.5768.web_assistant_v2.exe => Moved successfully.
C:\Users\abc\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\abc\AppData\Local\Temp\smt_ar_dosearches.exe => Moved successfully.
C:\Users\abc\AppData\Local\Temp\SRLDetectionLibrary5781857955678186537.dll => Moved successfully.
C:\Users\abc\AppData\Local\Temp\TsuD673F8DE.dll => Moved successfully.
C:\Users\abc\AppData\Local\Temp\UpdateCheckerSetup.exe => Moved successfully.

==== End of Fixlog ====