1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

High ram usage and cpu.

Discussion in 'Virus & Other Malware Removal' started by piped21, Feb 7, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    NEED HELP. I HAVE A LOT OF FREE SPACE BUT STILL GOT HIGH CPU AND RAM USAGE. AND MY MICROSOFT WON'T WORK.

    OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz, Intel64 Family 6 Model 37 Stepping 5
    Processor Count: 4
    RAM: 3892 Mb
    Graphics Card: Intel(R) HD Graphics, 1722 Mb
     
  2. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Hi piped21,

    Lets deal with the high memory usage/slowness now, and address other issues afterwards.
    Please do the following.

    [​IMG] Farbar Recovery Scan Tool (FRST) Scan
    • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
    • Right-Click FRST64.exe and select [​IMG] Run as administrator to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
     
  3. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
    Ran by user (administrator) on USER-PC on 08-02-2015 23:13:34
    Running from C:\Users\user\Desktop\WILFRED'S FOLDER\1HINDI ITO MOVIES APLLICATIONS 2\HIGH CPU USAGE\2
    Loaded Profiles: user (Available profiles: user)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    (Desura Net Pty Ltd) C:\Program Files (x86)\Desura\desura.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}\E206E.exe
    () C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}\Rurouni Kenshin_ The Legend Ends English Subtitles.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    (Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
    (XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
    (SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
    (XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
    (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
    (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
    () C:\Program Files (x86)\Reverse Page\updateReversePage.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Desura Net Pty Ltd) C:\Program Files (x86)\Common Files\Desura\desura_service.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13286472 2013-02-19] (Realtek Semiconductor)
    HKLM-x32\...\Run: [GrooveMonitor] => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [3493720 2011-07-04] (AVAST Software)
    HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1938840 2015-01-15] (APN)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9974576 2014-10-24] ()
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [SPDriver] => .\JSDriver\1.36.1.172\jsdrv.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-07] (Google Inc.)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2679392 2015-02-07] (Desura Net Pty Ltd)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1734992 2015-01-30] (BitTorrent Inc.)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\CurrentVersion\Windows: [Load] C:\Users\user\LOCALS~1\Temp\ccqyiveav.pif <===== ATTENTION
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: G - G:\AutoRun.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: {5857ff80-c44b-11e3-ad8f-f04da25bb0a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: {5857ff8e-c44b-11e3-ad8f-f04da25bb0a2} - G:\AutoRun.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: {6dfd117f-c4ab-11e3-94c9-f04da25bb0a2} - F:\AutoRun.exe
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\MountPoints2: {ac9b4095-329f-11e4-89b3-f04da25bb0a2} - G:\HTC_Sync_Manager_PC.exe
    IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO\softinfo.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\E206E.lnk
    ShortcutTarget: E206E.lnk -> C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}\E206E.exe ()
    Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
    Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rurouni Kenshin_ The Legend Ends English Subtitles.lnk
    ShortcutTarget: Rurouni Kenshin_ The Legend Ends English Subtitles.lnk -> C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}\Rurouni Kenshin_ The Legend Ends English Subtitles.exe ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:56508;https=127.0.0.1:56508
    ProxyServer: [S-1-5-21-3376662306-939230167-2911087751-1000] => http=127.0.0.1:56508;https=127.0.0.1:56508
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type...ld&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type...ld&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type...ld&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420642054&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0&ocid=iehp
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type...ld&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420642054&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    SearchScopes: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    SearchScopes: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> 446AA38E1FFC4AE99A0CBDEE511494A2 URL = http://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=1523565605625643814&crg=&ppd=search,46968492601,skype+download,e,,c,Skype,,,www.fileparade.com&st=23&i=48&did=10844
    SearchScopes: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420642054&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchtheglobe.info/?l=1&q={searchTerms}&pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    BHO: iWebar -> {11111111-1111-1111-1111-110311551110} -> C:\Program Files (x86)\iWebar\iWebar-bho64.dll No File
    BHO: uNisAaleus -> {159c7a36-1d4d-49f6-8df2-128a7a10a7ff} -> C:\Program Files (x86)\uNisAaleus\UfpV1DgPRvK3WE.x64.dll ()
    BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Ask Toolbar -> {5347542D-5637-006A-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-V7\Passport_x64.dll" No File
    BHO: No Name -> {56444A2D-5637-006A-76A7-7A786E7484D7} -> No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: saafeweb -> {B858C2C3-C588-9BC5-E2CF-7D7FCB8A4B60} -> C:\Program Files (x86)\saafeweb\_IQH9gPZ.x64.dll No File
    BHO-x32: uNisAaleus -> {159c7a36-1d4d-49f6-8df2-128a7a10a7ff} -> C:\Program Files (x86)\uNisAaleus\UfpV1DgPRvK3WE.dll ()
    BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
    BHO-x32: No Name -> {5347542D-5637-006A-76A7-7A786E7484D7} -> No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Reverse Page 1.0.0.6 -> {83dc36e5-db3f-461a-8fbc-245e44000b1f} -> C:\Program Files (x86)\Reverse Page\ReversePagebho.dll (Reverse Page)
    BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Ask Toolbar - {5347542D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-V7\Passport_x64.dll" No File
    Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    Toolbar: HKLM-x32 - No Name - {5347542D-5637-006A-76A7-7A786E7484D7} - No File
    Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    Toolbar: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> Ask Toolbar - {5347542D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SGT-V7\Passport_x64.dll" No File
    Toolbar: HKU\S-1-5-21-3376662306-939230167-2911087751-1000 -> No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll No File
    ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll No File [ ]
    Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type...ld&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB

    FireFox:
    ========
    FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default
    FF NewTab: hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    FF Homepage: hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH
    FF SearchEngineOrder.1: WebSearch
    FF DefaultSearchEngine: WebSearch
    FF SelectedSearchEngine: WebSearch
    FF SearchEngineOrder.1,S: WebSearch
    FF DefaultSearchEngine,S: WebSearch
    FF SelectedSearchEngine,S: WebSearch
    FF Keyword.URL: hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH&l=1&q=
    FF DefaultSearchUrl: hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH&l=1&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-3376662306-939230167-2911087751-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-3376662306-939230167-2911087751-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\user.js
    FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\searchplugins\WebSearch.xml
    FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\Extensions\[email protected] [2014-09-26]
    FF Extension: Fast Start - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\Extensions\[email protected] [2015-01-07]
    FF Extension: {{EXT_NAME}} - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\Extensions\{12b6fdcd-4423-4276-82a3-73fdbff5f7e4} [2014-10-03]
    FF Extension: Reverse Page 1.0.1 - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\Extensions\{d0ca36b1-bd62-4977-87ba-dea2e8d612b2}.xpi [2015-01-07]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-29]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\extensions\[email protected]
    FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\extensions\[email protected]2d1973314.com [Not Found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1396871762&from=amt&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB
    CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1396871762&from=amt&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB", "hxxp://www.search.ask.com/?tpid=SGT-V7&o=APN11004&pf=V7&trgb=CR&p2=%5EB3Q%5EYYYYYY%5EYY%5EPH&gct=hp&apn_ptnrs=%5EB3Q&apn_dtid=%5EYYYYYY%5EYY%5EPH&apn_dbr=ie_8.0.7601.17514&apn_uid=DC98714B-9F42-4FC8-8E39-A9F00684B9C9&itbv=12.10.6.5030&doi=2014-04-16&psv=", "hxxp://mysearch.sweetpacks.com/?barid=1523565605625643814&src=10&&st=23&i=48&did=10844", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1420641920&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB", "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420642054&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB"
    CHR DefaultSearchKeyword: Default -> mysearch.sweetpacks.com
    CHR DefaultSuggestURL: Default ->
    CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Ask Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp [2014-04-16]
    CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
    CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
    CHR Extension: (FilmFanatic) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blgkblimeaijgefaoiedchmmemmikpdg [2014-09-07]
    CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
    CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
    CHR Extension: (Elite Unzip) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea [2014-10-25]
    CHR Extension: (avast! WebRep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2015-01-30]
    CHR Extension: (safewweeb) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkgadipkgbabgfgaaifkcligmadkenmm [2014-04-07]
    CHR Extension: (Undeaddies) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kelpionihcglhjecfkpllhkjidamjcni [2014-11-25]
    CHR Extension: (Flash Player) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbefghbdbnbbmkpoeigjealdphmdkbhh [2014-05-01]
    CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07]
    CHR Extension: (Pink My Facebook) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\okcdpfndmnjdijikpehblfeancekjcgo [2015-02-06]
    CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
    CHR Extension: (League of Legends) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnebjcbjacbfiiohelmhennfcajmpala [2014-09-13]
    CHR HKLM\...\Chrome\Extension: [aaaailpifkkekipiachodfkfmgmiapmp] - C:\ProgramData\AskPartnerNetwork\Toolbar\SGT-V7\CRX\ToolbarCR.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [aaaailpifkkekipiachodfkfmgmiapmp] - C:\ProgramData\AskPartnerNetwork\Toolbar\SGT-V7\CRX\ToolbarCR.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [emifpdknblofhkmfakapfbpmopnmcdmo] - C:\Program Files (x86)\SuddenlyMusic_93 Chrome Extension\bar\[email protected] [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-29]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 47d6400d; c:\Program Files (x86)\LighterEdit\LighterEdit.dll [1538560 2015-02-06] () [File not signed]
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-09-04] () [File not signed]
    R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-15] (APN LLC.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-07-04] (AVAST Software)
    R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-26] (Just Develop It) <==== ATTENTION
    R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2014-12-29] (XTab system)
    S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-21] (INCA Internet Co., Ltd.)
    R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
    R2 Update Reverse Page; C:\Program Files (x86)\Reverse Page\updateReversePage.exe [529144 2015-01-07] ()
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
    S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
    S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
    S3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [X]
    S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
    S3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [22360 2011-07-04] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [64856 2011-07-04] (AVAST Software)
    R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [31064 2011-07-04] (AVAST Software)
    R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [600920 2011-07-04] (AVAST Software)
    R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [288088 2011-07-04] (AVAST Software)
    R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [45400 2011-07-04] (AVAST Software)
    S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
    R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
    R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
    R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
    S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-07] (Realtek Semiconductor Corporation )
    S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
    S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
    S2 SPDRIVER_1.36.1.172; .\JSDriver\1.36.1.172\jsdrv.sys [X]
    S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-07 21:44 - 2015-02-07 21:44 - 00001264 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
    2015-02-07 21:44 - 2015-02-07 21:44 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
    2015-02-06 14:22 - 2015-02-06 14:23 - 00000000 ____D () C:\Users\user\Downloads\Sonic Journeys - Rock Doc Collection
    2015-02-06 14:17 - 2015-02-06 14:17 - 00000000 ____D () C:\Users\user\AppData\Roaming\EZDownloader
    2015-02-06 14:07 - 2015-02-06 14:07 - 00000000 ____D () C:\Windows\SysWOW64\X86
    2015-02-06 14:07 - 2015-02-06 14:07 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
    2015-02-06 14:07 - 2015-02-06 14:07 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    2015-02-06 14:07 - 2015-02-06 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
    2015-02-06 14:06 - 2015-02-07 14:59 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
    2015-02-06 14:06 - 2015-02-06 14:06 - 00000000 ____D () C:\Program Files (x86)\LighterEdit
    2015-02-06 14:04 - 2015-02-06 14:04 - 00000000 ____D () C:\Program Files (x86)\uNisAaleus
    2015-02-06 14:04 - 2015-02-06 14:04 - 00000000 ____D () C:\Program Files (x86)\Pink My Facebook
    2015-02-06 14:03 - 2015-02-06 14:21 - 00000000 ____D () C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}
    2015-02-06 14:03 - 2015-02-06 14:03 - 00000000 ____D () C:\ProgramData\odgpinfbhdmpmcldjpdlmcabapdebing
    2015-02-06 13:58 - 2015-02-06 13:58 - 00000000 ____D () C:\ProgramData\niiagodioaabbflblagdiieffnnjplon
    2015-02-06 13:58 - 2015-02-06 13:58 - 00000000 ____D () C:\ProgramData\14794052843789341492
    2015-02-06 13:58 - 2015-02-06 13:58 - 00000000 ____D () C:\Program Files (x86)\Uniusalees
    2015-02-06 13:57 - 2015-02-06 14:21 - 00000000 ____D () C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}
    2015-01-30 22:51 - 2015-02-08 22:53 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
    2015-01-30 22:51 - 2015-01-30 22:51 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
    2015-01-30 22:51 - 2015-01-30 22:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2015-01-30 22:51 - 2015-01-30 22:51 - 00000000 ____D () C:\Users\user\AppData\Local\Skype
    2015-01-30 22:51 - 2015-01-30 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2015-01-30 22:50 - 2015-01-30 22:50 - 00000000 ____D () C:\ProgramData\Skype
    2015-01-30 22:43 - 2015-01-30 22:43 - 00000000 ____D () C:\Users\user\AppData\Local\AskPartnerNetwork
    2015-01-30 22:43 - 2015-01-30 22:43 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
    2015-01-30 22:41 - 2015-02-08 23:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent
    2015-01-30 22:41 - 2015-01-30 22:41 - 00000792 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-01-30 22:41 - 2015-01-30 22:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\OpenCandy
    2015-01-30 22:41 - 2015-01-30 22:41 - 00000000 ____D () C:\ProgramData\APN
    2015-01-29 18:57 - 2015-01-29 18:57 - 00001801 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2015-01-29 18:57 - 2015-01-29 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
    2015-01-29 18:57 - 2011-07-04 19:36 - 00600920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2015-01-29 18:57 - 2011-07-04 19:36 - 00288088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2015-01-29 18:57 - 2011-07-04 19:35 - 00045400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
    2015-01-29 18:57 - 2011-07-04 19:32 - 00064856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2015-01-29 18:57 - 2011-07-04 19:32 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
    2015-01-29 18:57 - 2011-07-04 19:32 - 00022360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
    2015-01-29 18:56 - 2011-07-04 19:43 - 00199304 _____ (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
    2015-01-29 18:56 - 2011-07-04 19:43 - 00040112 _____ (AVAST Software) C:\Windows\avastSS.scr
    2015-01-29 18:53 - 2015-01-29 18:58 - 00003148 _____ () C:\Windows\System32\Tasks\SidebarExecute
    2015-01-28 08:37 - 2015-01-28 08:37 - 00000000 ____D () C:\ATI
    2015-01-18 23:51 - 2015-01-18 23:51 - 00010456 _____ () C:\Users\user\Downloads\GARCIA-DARREN-ESTHER-O._PRELIM-IN-COMPUTER.xlsx
    2015-01-18 14:20 - 2015-01-18 14:20 - 00032796 _____ () C:\Users\user\Downloads\cejApOEZ.jpeg
    2015-01-15 20:03 - 2015-01-15 22:15 - 00000000 ____D () C:\Program Files (x86)\microvolts
    2015-01-15 19:38 - 2015-02-07 15:58 - 00000000 ____D () C:\Program Files (x86)\SD EnterNET
    2015-01-15 17:14 - 2015-01-15 19:26 - 1135046016 _____ (Acresso Software Inc. ) C:\Users\user\Downloads\navyfield2.exe
    2015-01-14 21:19 - 2014-12-19 11:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-14 21:19 - 2014-12-19 09:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-14 21:19 - 2014-12-12 13:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-01-14 21:19 - 2014-12-12 13:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-01-14 21:19 - 2014-12-12 13:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-01-14 21:19 - 2014-12-12 13:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-01-14 21:19 - 2014-12-12 13:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-01-14 21:19 - 2014-12-12 13:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-01-14 21:19 - 2014-12-12 13:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-01-14 21:19 - 2014-12-12 01:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-14 21:19 - 2014-12-06 12:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-14 21:19 - 2014-12-06 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2015-01-14 21:19 - 2014-12-06 11:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-08 23:13 - 2014-09-26 09:23 - 00000000 ____D () C:\FRST
    2015-02-08 23:09 - 2014-04-07 18:29 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA.job
    2015-02-08 22:53 - 2009-07-14 12:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-08 22:53 - 2009-07-14 12:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-08 22:50 - 2014-04-07 12:46 - 01401792 _____ () C:\Windows\WindowsUpdate.log
    2015-02-08 22:48 - 2014-04-07 12:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-08 22:47 - 2014-10-06 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
    2015-02-08 22:47 - 2009-07-14 13:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-02-08 22:45 - 2014-04-07 22:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-08 22:45 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-08 22:45 - 2009-07-14 12:51 - 00104795 _____ () C:\Windows\setupact.log
    2015-02-08 17:18 - 2014-04-07 22:13 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-07 22:09 - 2014-04-07 18:29 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core.job
    2015-02-07 16:19 - 2014-04-07 12:58 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-07 15:50 - 2014-10-06 13:24 - 00000000 ____D () C:\Program Files (x86)\Desura
    2015-02-06 12:17 - 2014-04-07 21:30 - 00000000 ____D () C:\Users\user\Desktop\WILFRED'S FOLDER
    2015-02-06 10:52 - 2014-09-11 22:13 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
    2015-02-06 10:27 - 2009-07-14 13:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-06 10:11 - 2014-04-07 12:54 - 00002531 _____ () C:\Users\user\Desktop\Google Chrome.lnk
    2015-02-05 22:12 - 2014-04-07 22:13 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-05 22:12 - 2014-04-07 22:13 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-05 22:04 - 2014-04-07 18:29 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA
    2015-02-05 22:04 - 2014-04-07 18:29 - 00003476 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core
    2015-01-31 10:41 - 2010-11-21 11:47 - 00049272 _____ () C:\Windows\PFRO.log
    2015-01-29 18:57 - 2014-04-07 22:13 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
    2015-01-29 18:56 - 2014-04-07 22:13 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-01-28 20:55 - 2014-06-10 21:35 - 00000000 ____D () C:\Users\user\Desktop\giselle
    2015-01-22 19:55 - 2014-05-12 14:16 - 00000000 ____D () C:\Users\user\Desktop\MEME
    2015-01-17 20:18 - 2014-04-07 18:08 - 00000000 ____D () C:\Windows\System32\Tasks\Games
    2015-01-17 15:19 - 2014-12-01 21:06 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
    2015-01-17 13:59 - 2009-07-14 13:08 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-16 23:04 - 2014-12-16 00:54 - 00000000 ____D () C:\Users\user\Desktop\newsongs
    2015-01-15 19:44 - 2014-05-04 19:21 - 00044884 _____ () C:\Windows\DirectX.log
    2015-01-14 21:49 - 2014-05-16 10:54 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-14 21:44 - 2014-05-16 10:54 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2014-07-26 04:29 - 2014-12-19 00:50 - 0045270 _____ () C:\Users\user\AppData\Roaming\room_v3.dat
    2014-05-02 12:17 - 2014-10-25 20:35 - 0027136 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-04-18 11:50 - 2014-08-17 00:31 - 0007595 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
    2014-10-05 23:42 - 2014-10-06 00:09 - 0877747 ____N () C:\Users\user\AppData\Local\Tempmusic.ogg

    Some content of TEMP:
    ====================
    C:\Users\user\AppData\Local\Temp\679648f7.exe
    C:\Users\user\AppData\Local\Temp\amt_webssearches.exe
    C:\Users\user\AppData\Local\Temp\BackupSetup.exe
    C:\Users\user\AppData\Local\Temp\bs.exe
    C:\Users\user\AppData\Local\Temp\burnsetup.exe
    C:\Users\user\AppData\Local\Temp\DataCard_Setup64.exe
    C:\Users\user\AppData\Local\Temp\down.1728.ytab_setup.exe
    C:\Users\user\AppData\Local\Temp\E206E.exe
    C:\Users\user\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\user\AppData\Local\Temp\GUR7ABA.exe
    C:\Users\user\AppData\Local\Temp\hdfgjd2.exe
    C:\Users\user\AppData\Local\Temp\installer.exe
    C:\Users\user\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
    C:\Users\user\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\user\AppData\Local\Temp\mgsqlite3.dll
    C:\Users\user\AppData\Local\Temp\NeffySetup.exe
    C:\Users\user\AppData\Local\Temp\OnlineBackup.exe
    C:\Users\user\AppData\Local\Temp\patch_3050403.exe
    C:\Users\user\AppData\Local\Temp\patch_3050501.exe
    C:\Users\user\AppData\Local\Temp\PH_140805to140819.exe
    C:\Users\user\AppData\Local\Temp\PH_140819to140903.exe
    C:\Users\user\AppData\Local\Temp\PH_140903to140916.exe
    C:\Users\user\AppData\Local\Temp\PH_140916to140930.exe
    C:\Users\user\AppData\Local\Temp\PH_140930to141003.exe
    C:\Users\user\AppData\Local\Temp\PH_141003to141014.exe
    C:\Users\user\AppData\Local\Temp\PH_141014to141021.exe
    C:\Users\user\AppData\Local\Temp\PH_141021to141111.exe
    C:\Users\user\AppData\Local\Temp\PH_141111to141118.exe
    C:\Users\user\AppData\Local\Temp\PH_141118to141119.exe
    C:\Users\user\AppData\Local\Temp\PH_141119to141125.exe
    C:\Users\user\AppData\Local\Temp\PH_141125to141215.exe
    C:\Users\user\AppData\Local\Temp\Quarantine.exe
    C:\Users\user\AppData\Local\Temp\ResetDevice.exe
    C:\Users\user\AppData\Local\Temp\Runner2.exe
    C:\Users\user\AppData\Local\Temp\Runner4.exe
    C:\Users\user\AppData\Local\Temp\ShopperProJSFull.exe
    C:\Users\user\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
    C:\Users\user\AppData\Local\Temp\smarter.exe
    C:\Users\user\AppData\Local\Temp\swt-win32-3740.dll
    C:\Users\user\AppData\Local\Temp\Tsu6BF0F28F.dll
    C:\Users\user\AppData\Local\Temp\update_2_198.exe
    C:\Users\user\AppData\Local\Temp\update_2_199.exe
    C:\Users\user\AppData\Local\Temp\update_2_200.exe
    C:\Users\user\AppData\Local\Temp\uttB2A4.tmp.exe
    C:\Users\user\AppData\Local\Temp\uttCBC1.tmp.exe
    C:\Users\user\AppData\Local\Temp\vcredist_x64.exe
    C:\Users\user\AppData\Local\Temp\wpsetup.exe
    C:\Users\user\AppData\Local\Temp\WSSetup.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-06 22:03

    ==================== End Of Log ============================
     
  4. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
    Ran by user at 2015-02-08 23:15:24
    Running from C:\Users\user\Desktop\WILFRED'S FOLDER\1HINDI ITO MOVIES APLLICATIONS 2\HIGH CPU USAGE\2
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\uTorrent) (Version: 3.4.2.38424 - BitTorrent Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
    Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.126 - Adobe Systems Incorporated)
    Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
    Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
    ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.355 - ArcSoft)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
    ATI Catalyst Install Manager (HKLM\...\{80CCF307-91AB-A249-E820-18E09DD3681D}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
    avast! Free Antivirus (HKLM-x32\...\avast) (Version: 6.0.1203.0 - AVAST Software)
    Desura (HKLM-x32\...\Desura) (Version: 100.63 - Desura)
    Desura: Baby Blues - Toddler Horror Game (HKLM-x32\...\Desura_87836376170528) (Version: Full - Kumi)
    Desura: ERIE (HKLM-x32\...\Desura_81776177315872) (Version: Full - UGF)
    Desura: ILLUSION - Ghost Killer (HKLM-x32\...\Desura_92002494447648) (Version: Full - Incrible Games)
    Desura: VANISH (HKLM-x32\...\Desura_102409200205856) (Version: Beta - 3DrunkMen)
    Erie (HKLM\...\UDK-2ea87fe7-b315-4532-9176-bf5e1f35183a) (Version: - Epic Games, Inc.)
    EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ATTENTION
    Five Nights at Freddy's DEMO (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Five Nights at Freddy's DEMO) (Version: - )
    Garena - League of Legends (HKLM-x32\...\LoLPH) (Version: - Garena Online Pte Ltd.)
    Garena+ (HKLM-x32\...\im) (Version: - Garena Online Pte Ltd.)
    Google Chrome (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    GovernorMirror (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{47d6400d}) (Version: - GovernorMirror) <==== ATTENTION
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
    ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    microvolts 1,0,0,0 (HKLM-x32\...\microvolts) (Version: 1,0,0,0 - CDNetworks)
    MixPad (HKLM-x32\...\MixPad) (Version: 3.56 - NCH Software)
    NVIDIA PhysX (HKLM-x32\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
    Pink My Facebook (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6844 - Realtek Semiconductor Corp.)
    Reverse Page (HKLM\...\Reverse Page) (Version: 2015.01.07.132250 - Reverse Page) <==== ATTENTION
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Skype&#8482; 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 11.300.05.03.256 - Huawei Technologies Co.,Ltd)
    TuneUp Utilities 2014 (en-GB) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    uNisAaleus (HKLM-x32\...\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}) (Version: - ) <==== ATTENTION
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    20-01-2015 23:02:42 Windows Update
    24-01-2015 18:28:00 Windows Update
    27-01-2015 21:25:37 Windows Update
    29-01-2015 18:45:30 avast! Free Antivirus Setup
    29-01-2015 18:49:15 avast! Free Antivirus Setup
    29-01-2015 18:52:51 avast! Free Antivirus Setup
    29-01-2015 18:56:08 avast! Free Antivirus Setup
    31-01-2015 10:49:06 Windows Update
    03-02-2015 23:54:42 Windows Update
    07-02-2015 15:07:29 Windows Update
    07-02-2015 21:45:49 Revo Uninstaller's restore point - O2Jam (e-Games) v.3.50
    07-02-2015 21:48:09 Revo Uninstaller's restore point - Virtual DJ Toolbar

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0B1B2A32-AF92-4D05-80CD-D2E51FFEA71D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
    Task: {0ECDCBA4-BAE2-47BD-B097-79E09E6FF85A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {1F65A377-6FD8-4447-AF78-61533B521EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {1FED595E-528A-4812-B07E-35EC875566B3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {8DB6138A-022C-430C-A7BC-937A257487C0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3376662306-939230167-2911087751-1000
    Task: {910FEA15-D6EC-46BA-8CEE-B6321EB64E78} - System32\Tasks\{3FE479D7-4C16-4F84-AF5F-19BEE805E733} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {9AD39C66-BB29-485C-B0D8-03A12E5D7DCE} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
    Task: {A11295BA-7DE1-45DA-9DB3-080860BF0DAF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {B6275BA7-9564-4D0D-8F0E-8DEF60AA9500} - System32\Tasks\{2E5B78AA-38BF-4778-9AFA-807719EEE1AC} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {BD3B9BD4-4CAA-449D-9E4C-7E1D3AA92640} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-20] (Adobe Systems Incorporated)
    Task: {C9EB0541-F535-4199-9C3C-7C2A6622C644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {CAE7B97A-4251-4A65-A375-CCFFD54D874E} - System32\Tasks\{90DAC5D2-CAF4-4F25-BCCE-02CB99B25323} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Task: {CFD6D81F-1416-4A87-9442-D1D846E398BE} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
    Task: {D81AB359-166E-4BFF-BC2D-628705D95F13} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-07-23] (Informer Technologies, Inc.)
    Task: {E350AA9F-3633-49E2-9637-B546C83F6167} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {E55B75AC-4DA5-481B-BEBB-8FECC0B20453} - System32\Tasks\gg_uac_daemon_user => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-07-29] ()
    Task: {F5BF9C02-3588-43A2-B3FD-7D4FF5149B8A} - System32\Tasks\{1A1D8D95-2E33-49FE-BAEA-C9464A3B2687} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {F7A491B7-56A6-4CB1-BF6A-CF90F8271909} - System32\Tasks\{8634AC55-6D38-4BE1-AE5F-4576F6A01709} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.14.0.104&amp;LastError=12002
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2014-07-29 12:40 - 2014-07-29 12:40 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-02-06 14:03 - 2014-02-06 14:03 - 01162752 _____ () C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}\E206E.exe
    2014-02-06 13:57 - 2014-02-06 13:57 - 01162752 _____ () C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}\Rurouni Kenshin_ The Legend Ends English Subtitles.exe
    2015-02-06 14:07 - 2014-11-26 03:29 - 00299008 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
    2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
    2015-01-07 21:30 - 2015-01-07 21:30 - 00529144 _____ () C:\Program Files (x86)\Reverse Page\updateReversePage.exe
    2015-01-29 18:56 - 2011-07-05 02:17 - 01268224 _____ () C:\Program Files\AVAST Software\Avast\defs\11070401\algo.dll
    2014-07-29 12:40 - 2014-07-29 12:40 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 01117512 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 00211272 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 06333024 _____ () C:\Program Files (x86)\Desura\bin\uicore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01735776 _____ () C:\Program Files (x86)\Desura\bin\mcfcore.dll
    2014-10-06 13:39 - 2015-01-24 18:22 - 00535040 _____ () C:\Program Files (x86)\Desura\bin\gmock.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 05749344 _____ () C:\Program Files (x86)\Desura\bin\usercore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01616992 _____ () C:\Program Files (x86)\Desura\bin\webcore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 02921472 _____ () C:\Program Files (x86)\Desura\bin\unittest.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01962080 _____ () C:\Program Files (x86)\Desura\bin\servicecore.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 18300416 _____ () C:\Program Files (x86)\Desura\bin\cef_desura.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 01577761 _____ () C:\Program Files (x86)\Desura\bin\avcodec-53.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 00134035 _____ () C:\Program Files (x86)\Desura\bin\avutil-51.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 00213022 _____ () C:\Program Files (x86)\Desura\bin\avformat-53.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 00794720 _____ () C:\Program Files (x86)\Desura\bin\scriptcore.dll
    2014-10-06 13:39 - 2015-01-24 18:22 - 03444224 _____ () C:\Program Files (x86)\Desura\bin\v8.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 09170760 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 14965064 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Registry Areas =====================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3376662306-939230167-2911087751-500 - Administrator - Disabled)
    Guest (S-1-5-21-3376662306-939230167-2911087751-501 - Limited - Disabled)
    user (S-1-5-21-3376662306-939230167-2911087751-1000 - Administrator - Enabled) => C:\Users\user

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: WiMAX Bus Eumerator
    Description: WiMAX Bus Eumerator
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Unknown Device
    Description: Unknown Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service:
    Problem: : Windows has stopped this device because it has reported problems. (Code 43)
    Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

    Name: TuneUpUtilitiesDrv
    Description: TuneUpUtilitiesDrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: TuneUpUtilitiesDrv
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/08/2015 10:46:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/08/2015 04:57:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/07/2015 07:27:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/07/2015 04:19:51 PM) (Source: MsiInstaller) (EventID: 11706) (User: user-PC)
    Description: Product: Microsoft Office Enterprise 2007 -- Error 1706.Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see SETUP.CHM.

    Error: (02/07/2015 04:10:38 PM) (Source: MsiInstaller) (EventID: 11706) (User: user-PC)
    Description: Product: Microsoft Office Enterprise 2007 -- Error 1706.Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see SETUP.CHM.

    Error: (02/07/2015 04:00:43 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:42 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome


    System errors:
    =============
    Error: (02/08/2015 10:46:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TuneUpUtilitiesDrv service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3

    Error: (02/08/2015 10:46:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SPDRIVER_1.36.1.172 service failed to start due to the following error:
    %%3

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Updater Service service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Log Rotator Service service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Hypervisor service failed to start due to the following error:
    %%3

    Error: (02/08/2015 10:45:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the LighterEdit service to connect.

    Error: (02/08/2015 05:49:20 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (02/08/2015 04:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TuneUpUtilitiesDrv service failed to start due to the following error:
    %%2

    Error: (02/08/2015 04:56:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    Percentage of memory in use: 80%
    Total physical RAM: 3892.52 MB
    Available physical RAM: 768.42 MB
    Total Pagefile: 7783.23 MB
    Available Pagefile: 3389.38 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:232.78 GB) (Free:55.49 GB) NTFS
    Drive d: () (Fixed) (Total:232.88 GB) (Free:232.24 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5C6C666C)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  5. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
    Ran by user at 2015-02-08 23:15:24
    Running from C:\Users\user\Desktop\WILFRED'S FOLDER\1HINDI ITO MOVIES APLLICATIONS 2\HIGH CPU USAGE\2
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\uTorrent) (Version: 3.4.2.38424 - BitTorrent Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
    Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.126 - Adobe Systems Incorporated)
    Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
    Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
    ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.355 - ArcSoft)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
    ATI Catalyst Install Manager (HKLM\...\{80CCF307-91AB-A249-E820-18E09DD3681D}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
    avast! Free Antivirus (HKLM-x32\...\avast) (Version: 6.0.1203.0 - AVAST Software)
    Desura (HKLM-x32\...\Desura) (Version: 100.63 - Desura)
    Desura: Baby Blues - Toddler Horror Game (HKLM-x32\...\Desura_87836376170528) (Version: Full - Kumi)
    Desura: ERIE (HKLM-x32\...\Desura_81776177315872) (Version: Full - UGF)
    Desura: ILLUSION - Ghost Killer (HKLM-x32\...\Desura_92002494447648) (Version: Full - Incrible Games)
    Desura: VANISH (HKLM-x32\...\Desura_102409200205856) (Version: Beta - 3DrunkMen)
    Erie (HKLM\...\UDK-2ea87fe7-b315-4532-9176-bf5e1f35183a) (Version: - Epic Games, Inc.)
    EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader) <==== ATTENTION
    Five Nights at Freddy's DEMO (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Five Nights at Freddy's DEMO) (Version: - )
    Garena - League of Legends (HKLM-x32\...\LoLPH) (Version: - Garena Online Pte Ltd.)
    Garena+ (HKLM-x32\...\im) (Version: - Garena Online Pte Ltd.)
    Google Chrome (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    GovernorMirror (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{47d6400d}) (Version: - GovernorMirror) <==== ATTENTION
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
    ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    microvolts 1,0,0,0 (HKLM-x32\...\microvolts) (Version: 1,0,0,0 - CDNetworks)
    MixPad (HKLM-x32\...\MixPad) (Version: 3.56 - NCH Software)
    NVIDIA PhysX (HKLM-x32\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
    Pink My Facebook (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6844 - Realtek Semiconductor Corp.)
    Reverse Page (HKLM\...\Reverse Page) (Version: 2015.01.07.132250 - Reverse Page) <==== ATTENTION
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 11.300.05.03.256 - Huawei Technologies Co.,Ltd)
    TuneUp Utilities 2014 (en-GB) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    uNisAaleus (HKLM-x32\...\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}) (Version: - ) <==== ATTENTION
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    20-01-2015 23:02:42 Windows Update
    24-01-2015 18:28:00 Windows Update
    27-01-2015 21:25:37 Windows Update
    29-01-2015 18:45:30 avast! Free Antivirus Setup
    29-01-2015 18:49:15 avast! Free Antivirus Setup
    29-01-2015 18:52:51 avast! Free Antivirus Setup
    29-01-2015 18:56:08 avast! Free Antivirus Setup
    31-01-2015 10:49:06 Windows Update
    03-02-2015 23:54:42 Windows Update
    07-02-2015 15:07:29 Windows Update
    07-02-2015 21:45:49 Revo Uninstaller's restore point - O2Jam (e-Games) v.3.50
    07-02-2015 21:48:09 Revo Uninstaller's restore point - Virtual DJ Toolbar

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0B1B2A32-AF92-4D05-80CD-D2E51FFEA71D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
    Task: {0ECDCBA4-BAE2-47BD-B097-79E09E6FF85A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {1F65A377-6FD8-4447-AF78-61533B521EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {1FED595E-528A-4812-B07E-35EC875566B3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {8DB6138A-022C-430C-A7BC-937A257487C0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3376662306-939230167-2911087751-1000
    Task: {910FEA15-D6EC-46BA-8CEE-B6321EB64E78} - System32\Tasks\{3FE479D7-4C16-4F84-AF5F-19BEE805E733} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {9AD39C66-BB29-485C-B0D8-03A12E5D7DCE} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
    Task: {A11295BA-7DE1-45DA-9DB3-080860BF0DAF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {B6275BA7-9564-4D0D-8F0E-8DEF60AA9500} - System32\Tasks\{2E5B78AA-38BF-4778-9AFA-807719EEE1AC} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {BD3B9BD4-4CAA-449D-9E4C-7E1D3AA92640} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-20] (Adobe Systems Incorporated)
    Task: {C9EB0541-F535-4199-9C3C-7C2A6622C644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {CAE7B97A-4251-4A65-A375-CCFFD54D874E} - System32\Tasks\{90DAC5D2-CAF4-4F25-BCCE-02CB99B25323} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Task: {CFD6D81F-1416-4A87-9442-D1D846E398BE} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
    Task: {D81AB359-166E-4BFF-BC2D-628705D95F13} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-07-23] (Informer Technologies, Inc.)
    Task: {E350AA9F-3633-49E2-9637-B546C83F6167} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {E55B75AC-4DA5-481B-BEBB-8FECC0B20453} - System32\Tasks\gg_uac_daemon_user => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-07-29] ()
    Task: {F5BF9C02-3588-43A2-B3FD-7D4FF5149B8A} - System32\Tasks\{1A1D8D95-2E33-49FE-BAEA-C9464A3B2687} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {F7A491B7-56A6-4CB1-BF6A-CF90F8271909} - System32\Tasks\{8634AC55-6D38-4BE1-AE5F-4576F6A01709} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.14.0.104&amp;LastError=12002
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2014-07-29 12:40 - 2014-07-29 12:40 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-02-06 14:03 - 2014-02-06 14:03 - 01162752 _____ () C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}\E206E.exe
    2014-02-06 13:57 - 2014-02-06 13:57 - 01162752 _____ () C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}\Rurouni Kenshin_ The Legend Ends English Subtitles.exe
    2015-02-06 14:07 - 2014-11-26 03:29 - 00299008 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
    2014-03-20 14:44 - 2014-03-20 14:44 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
    2015-01-07 21:30 - 2015-01-07 21:30 - 00529144 _____ () C:\Program Files (x86)\Reverse Page\updateReversePage.exe
    2015-01-29 18:56 - 2011-07-05 02:17 - 01268224 _____ () C:\Program Files\AVAST Software\Avast\defs\11070401\algo.dll
    2014-07-29 12:40 - 2014-07-29 12:40 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 01117512 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 00211272 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 06333024 _____ () C:\Program Files (x86)\Desura\bin\uicore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01735776 _____ () C:\Program Files (x86)\Desura\bin\mcfcore.dll
    2014-10-06 13:39 - 2015-01-24 18:22 - 00535040 _____ () C:\Program Files (x86)\Desura\bin\gmock.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 05749344 _____ () C:\Program Files (x86)\Desura\bin\usercore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01616992 _____ () C:\Program Files (x86)\Desura\bin\webcore.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 02921472 _____ () C:\Program Files (x86)\Desura\bin\unittest.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 01962080 _____ () C:\Program Files (x86)\Desura\bin\servicecore.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 18300416 _____ () C:\Program Files (x86)\Desura\bin\cef_desura.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 01577761 _____ () C:\Program Files (x86)\Desura\bin\avcodec-53.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 00134035 _____ () C:\Program Files (x86)\Desura\bin\avutil-51.dll
    2014-10-06 13:39 - 2014-10-06 13:39 - 00213022 _____ () C:\Program Files (x86)\Desura\bin\avformat-53.dll
    2014-10-06 13:39 - 2015-02-07 15:50 - 00794720 _____ () C:\Program Files (x86)\Desura\bin\scriptcore.dll
    2014-10-06 13:39 - 2015-01-24 18:22 - 03444224 _____ () C:\Program Files (x86)\Desura\bin\v8.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 09170760 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 14965064 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Registry Areas =====================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3376662306-939230167-2911087751-500 - Administrator - Disabled)
    Guest (S-1-5-21-3376662306-939230167-2911087751-501 - Limited - Disabled)
    user (S-1-5-21-3376662306-939230167-2911087751-1000 - Administrator - Enabled) => C:\Users\user

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: WiMAX Bus Eumerator
    Description: WiMAX Bus Eumerator
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Unknown Device
    Description: Unknown Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service:
    Problem: : Windows has stopped this device because it has reported problems. (Code 43)
    Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

    Name: TuneUpUtilitiesDrv
    Description: TuneUpUtilitiesDrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: TuneUpUtilitiesDrv
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/08/2015 10:46:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/08/2015 04:57:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/07/2015 07:27:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/07/2015 04:19:51 PM) (Source: MsiInstaller) (EventID: 11706) (User: user-PC)
    Description: Product: Microsoft Office Enterprise 2007 -- Error 1706.Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see SETUP.CHM.

    Error: (02/07/2015 04:10:38 PM) (Source: MsiInstaller) (EventID: 11706) (User: user-PC)
    Description: Product: Microsoft Office Enterprise 2007 -- Error 1706.Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see SETUP.CHM.

    Error: (02/07/2015 04:00:43 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:42 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome

    Error: (02/07/2015 04:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: user-PC)
    Description: Product: Search App by Ask -- Error 25001. The following applications must be closed before continuing the uninstall:

    Google Chrome


    System errors:
    =============
    Error: (02/08/2015 10:46:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TuneUpUtilitiesDrv service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3

    Error: (02/08/2015 10:46:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SPDRIVER_1.36.1.172 service failed to start due to the following error:
    %%3

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Updater Service service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Log Rotator Service service failed to start due to the following error:
    %%2

    Error: (02/08/2015 10:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Hypervisor service failed to start due to the following error:
    %%3

    Error: (02/08/2015 10:45:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the LighterEdit service to connect.

    Error: (02/08/2015 05:49:20 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (02/08/2015 04:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The TuneUpUtilitiesDrv service failed to start due to the following error:
    %%2

    Error: (02/08/2015 04:56:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    Percentage of memory in use: 80%
    Total physical RAM: 3892.52 MB
    Available physical RAM: 768.42 MB
    Total Pagefile: 7783.23 MB
    Available Pagefile: 3389.38 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:232.78 GB) (Free:55.49 GB) NTFS
    Drive d: () (Fixed) (Total:232.88 GB) (Free:232.24 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5C6C666C)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  6. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Hello,


    STEP 1
    [​IMG] CKScanner
    • Please download CKScanner and save the file to your Desktop.
    • Right-Click CKScanner.exe and select [​IMG] Run as administrator to run the programme.
    • Click Search For Files.
    • When the cursor hourglass disappears, click Save List To File.
    • A message box will verify the file saved.
    • Please run this programme only once.
    • A log (CKFiles.txt) will be created on your desktop. Copy the contents of the log and paste in your next reply.

    STEP 2
    [​IMG] MGADiag
    • Please download MGADiag and save the file to your Desktop.
    • Right-click MGADiag and select [​IMG] Run as administrator to run the programme.
    • Click [​IMG].
    • Click [​IMG].
    • Press the Windows Key [​IMG] + r on your keyboard at the same time. Type Notepad and click OK.
    • Click Edit followed by Paste in Notepad.
    • Copy the contents of the log and paste in your next reply.

    ======================================================

    STEP 3
    [​IMG] Logs
    In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
    • CKFiles.txt
    • MGADiag log
     
  7. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
    c:\frst\quarantine\c\program files (x86)\garena plus\apps\blackshot\blackshot\data\_sg\script\weapon\weapon_firecracker.bsv
    c:\users\user\desktop\giselle\portable photoshop\photoshop\presets\brushes\demolished_cracks__2__by_env1ro folder\1.abr
    c:\users\user\documents\image-line\data\drumaxx\drum patches\sound fx\crack.dmpatch
    scanner sequence 3.AB.11.JJNAGZ
    ----- EOF -----
     
  8. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
    Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
    Windows Product ID: 00426-OEM-8992662-00400
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {85369FBA-B963-44A1-B49F-CD1669E1E1BB}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.141211-1742
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 103 Blocked VLK
    Microsoft Office Enterprise 2007 - 103 Blocked VLK
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{85369FBA-B963-44A1-B49F-CD1669E1E1BB}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-3376662306-939230167-2911087751</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron N4010</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A10</Version><SMBIOSVersion major="2" minor="6"/><Date>20101020000000.000000+000</Date></BIOS><HWID>AF9B3107018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>China Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>103</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>103</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>ACD7202654E586</Val><Hash>fFic3JgCreGGRxyF8uMWB4R4Jcg=</Hash><Pid>89388-707-1528066-65538</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="103"/><App Id="16" Version="12" Result="103"/><App Id="18" Version="12" Result="103"/><App Id="19" Version="12" Result="103"/><App Id="1A" Version="12" Result="103"/><App Id="1B" Version="12" Result="103"/><App Id="44" Version="12" Result="103"/><App Id="A1" Version="12" Result="103"/><App Id="BA" Version="12" Result="103"/></Applications></Office></Software></GenuineResults>

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00178-926-600400-02-1033-7601.0000-0972014
    Installation ID: 004796843764902923796831025462290240257913747701467276
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: P4K27
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 2/10/2015 8:54:57 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 11:22:2014 14:26
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: MAAAAAEAAQABAAEAAAACAAAAAwABAAEA6GFSdsit7J4k9HiFRIrSTgK9xLFmKVxd

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC PTLTD APIC
    FACP INTEL CRESTLNE
    HPET INTEL CRESTLNE
    BOOT PTLTD $SBFTBL$
    MCFG INTEL CRESTLNE
    SPCR PTLTD $UCRTBL$
    SLIC DELL QA09
    OSFR DELL DELL
    ASF! CETP CETP
    SSDT PmRef CpuPm
     
  9. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    OK, this is what we're dealing with - your Microsoft Office is cracked/pirated. It is not legitimate.
    You must remove Microsoft Office from your computer. Please read about the dangers of cracked software below.

    After you've removed Microsoft Office, you can download and install OpenOffice as a free, open source alternative for the time being. OpenOffice will essentially do the same job as Microsoft Office.

    Then move onto the following:

    STEP 1
    [​IMG] Revo Uninstaller
    • Please download and install Revo Uninstaller Free.
    • Double-click Revo Uninstaller to run the programme.
    • From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.

      • EZDownloader
      • GovernorMirror
      • Pink My Facebook
      • Reverse Page
      • uNisAaleus

    • Double-click the programme.
    • When prompted if you want to uninstall click Yes.
    • Ensure the Moderate option is selected and click Next.
    • The programme will run. If prompted again click Yes.
    • Once the built-in uninstaller is finished click Next.
    • Once the programme has searched for leftovers click Next.
    • Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
    • When prompted click Yes, followed by Next.
    • Click Select all, followed by Delete.
    • When prompted click Yes, followed by Next.
    • Once done click Finish.

    STEP 2
    [​IMG] Junkware Removal Tool (JRT)
    • Please download Junkware Removal Tool and save the file to your Desktop.
    • Create a System Restore Point. For instructions, please refer to the following link (W8).
    • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
    • Right-Click JRT.exe and select [​IMG] Run as administrator to run the programme.
    • Follow the prompts and allow the scan to run uninterrupted.
    • Upon completion, a log (JRT.txt) will open on your desktop.
    • Re-enable your anti-virus software.
    • Copy the contents of JRT.txt and paste in your next reply.

    STEP 3
    [​IMG] AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-Click AdwCleaner.exe and select [​IMG] Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.
    -- File and folder backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.


    ======================================================

    STEP 4
    [​IMG] Logs
    In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
    • Did the programmes uninstall OK?
    • JRT.txt
    • AdwCleaner[S0].txt
     
  10. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    can I ask.. i only need to uninstall the microsoft.?
     
  11. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.2 (02.02.2015:1)
    OS: Windows 7 Ultimate x64
    Ran by user on Thu 02/12/2015 at 21:19:04.23
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully stopped: [Service] backupstack
    Successfully deleted: [Service] backupstack
    Failed to stop: [Service] APNMCP



    ~~~ Registry Values

    Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
    Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\apntbmon
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3376662306-939230167-2911087751-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}



    ~~~ Files

    Successfully deleted: [File] "C:\Users\user\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\user\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage-journal"
    Successfully deleted: [File] "C:\Users\user\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsmode.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\user\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsmode.com_0.localstorage-journal"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\apn"
    Successfully deleted: [Folder] "C:\ProgramData\windowsmangerprotect"
    Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\opencandy"
    Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\pc speed maximizer"
    Successfully deleted: [Folder] "C:\Users\user\appdata\local\cool_mirage"
    Successfully deleted: [Folder] "C:\Program Files (x86)\1clickmoviedownloader.com"
    Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
    Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
    Successfully deleted: [Folder] "C:\Program Files (x86)\youtubeadblocker"
    Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 02/12/2015 at 21:24:42.16
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  12. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    # AdwCleaner v4.110 - Logfile created 12/02/2015 at 21:30:28
    # Updated 05/02/2015 by Xplode
    # Database : 2015-02-05.2 [Local]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : user - USER-PC
    # Running from : C:\Users\user\Desktop\WILFRED'S FOLDER\1HINDI ITO MOVIES APLLICATIONS 2\HIGH CPU USAGE\2\AdwCleaner.exe
    # Option : Cleaning

    ***** [ Services ] *****

    [#] Service Deleted : APNMCP
    [#] Service Deleted : IHProtect Service

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\IHProtectUpDate
    Folder Deleted : C:\ProgramData\Yellow AdBlocker
    Folder Deleted : C:\ProgramData\14794052843789341492
    Folder Deleted : C:\ProgramData\cd4f08adde6bd334
    Folder Deleted : C:\ProgramData\da897ad60000211c
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller
    Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
    Folder Deleted : C:\Program Files (x86)\XTab
    Folder Deleted : C:\Program Files (x86)\Uniusalees
    Folder Deleted : C:\Users\user\AppData\Local\Temp\apn
    Folder Deleted : C:\users\user\AppData\Local\AskPartnerNetwork
    Folder Deleted : C:\users\user\AppData\Local\CrashRpt
    Folder Deleted : C:\users\user\AppData\Roaming\EZDownloader
    Folder Deleted : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
    Folder Deleted : C:\users\user\Documents\PC Speed Maximizer
    Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\Extensions\[email protected]
    Folder Deleted : C:\ProgramData\niiagodioaabbflblagdiieffnnjplon
    Folder Deleted : C:\ProgramData\odgpinfbhdmpmcldjpdlmcabapdebing
    Folder Deleted : C:\Users\user\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
    Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
    File Deleted : C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    File Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\searchplugins\WebSearch.xml
    File Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f9pwscyp.default\user.js
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage-journal
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

    ***** [ Scheduled tasks ] *****

    Task Deleted : PC Speed Maximizer Schedule
    Task Deleted : YTDownloaderUpd

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\Users\user\Desktop\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaailpifkkekipiachodfkfmgmiapmp
    Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaailpifkkekipiachodfkfmgmiapmp
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
    Key Deleted : HKCU\Software\Mozilla\Extends
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SPDriver]
    Key Deleted : HKLM\SOFTWARE\Classes\Pdd85157c_d5e5_45b9_856d_23765cb9c8d4_.Pdd85157c_d5e5_45b9_856d_23765cb9c8d4_
    Key Deleted : HKLM\SOFTWARE\Classes\Pdd85157c_d5e5_45b9_856d_23765cb9c8d4_.Pdd85157c_d5e5_45b9_856d_23765cb9c8d4_.9
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{dd85157c-d5e5-45b9-856d-23765cb9c8d4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5347542D-5637-006A-76A7-7A786E7484D7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5347542D-5637-006A-76A7-7A786E7484D7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{dd85157c-d5e5-45b9-856d-23765cb9c8d4}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5347542D-5637-006A-76A7-7A786E7484D7}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{5347542D-5637-006A-76A7-7A786E7484D7}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5347542D-5637-006A-76A7-7A786E7484D7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{dd85157c-d5e5-45b9-856d-23765cb9c8d4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5347542D-5637-006A-76A7-7A786E7484D7}]
    Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\446AA38E1FFC4AE99A0CBDEE511494A2
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\pc speed maximizer
    Key Deleted : HKCU\Software\YTDownloader
    Key Deleted : HKCU\Software\Condut
    Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
    Key Deleted : HKLM\SOFTWARE\SupDp
    Key Deleted : HKLM\SOFTWARE\SupTab
    Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
    Key Deleted : HKLM\SOFTWARE\YTDownloader
    Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Key Deleted : HKLM\SOFTWARE\IHProtect
    Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
    Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istart.webssearches.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:56508;hxxps=127.0.0.1:56508

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17631

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

    -\\ Mozilla Firefox v31.0 (x86 en-US)

    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1420642009&from=ild&uid=ST500LT012-9WS142_W0V57ENBXXXXW0V57ENB");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH&l=1&q=");
    [f9pwscyp.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchtheglobe.info/?pid=724&r=2015/02/06&hid=8980212782050047366&lg=EN&cc=PH&l=1&q=");

    -\\ Google Chrome v


    -\\ Comodo Dragon v


    -\\ Chrome Canary v


    *************************

    AdwCleaner[R0].txt - [67250 bytes] - [30/09/2014 17:27:49]
    AdwCleaner[R1].txt - [34875 bytes] - [30/09/2014 20:29:02]
    AdwCleaner[S0].txt - [45072 bytes] - [30/09/2014 17:34:42]
    AdwCleaner[S1].txt - [12050 bytes] - [12/02/2015 21:30:28]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12110 bytes] ##########
     
  13. LiquidTension

    LiquidTension Malware Specialist

    Joined:
    May 28, 2014
    Messages:
    553
    Hello,

    Yes, Microsoft Office needs to be uninstalled as the programme is cracked/pirated, and not legitimate.
    You may wish to consider looking into OpenOffice as I mentioned in my previous post. This is a free, open-source alternative to Microsoft Office, and will essentially do the same job. The main difference is appearance - but ultimately, functionality wise, the programme is very similar.

    ----------

    [​IMG] Farbar Recovery Scan Tool (FRST) Scan
    • Right-Click FRST64.exe and select [​IMG] Run as administrator to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
     
  14. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    there's no disclaimer for me to check only the addition.txt
     
  15. piped21

    piped21 Thread Starter

    Joined:
    Sep 21, 2014
    Messages:
    71
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
    Ran by user at 2015-02-13 09:04:52
    Running from C:\Users\user\Desktop\WILFRED'S FOLDER\1HINDI ITO MOVIES APLLICATIONS 2\HIGH CPU USAGE\2
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\uTorrent) (Version: 3.4.2.38424 - BitTorrent Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
    Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.126 - Adobe Systems Incorporated)
    Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
    Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
    ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.355 - ArcSoft)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
    ATI Catalyst Install Manager (HKLM\...\{80CCF307-91AB-A249-E820-18E09DD3681D}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
    avast! Free Antivirus (HKLM-x32\...\avast) (Version: 6.0.1203.0 - AVAST Software)
    Erie (HKLM\...\UDK-2ea87fe7-b315-4532-9176-bf5e1f35183a) (Version: - Epic Games, Inc.)
    Five Nights at Freddy's DEMO (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Five Nights at Freddy's DEMO) (Version: - )
    Garena - League of Legends (HKLM-x32\...\LoLPH) (Version: - Garena Online Pte Ltd.)
    Google Chrome (HKU\S-1-5-21-3376662306-939230167-2911087751-1000\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - )
    ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    microvolts 1,0,0,0 (HKLM-x32\...\microvolts) (Version: 1,0,0,0 - CDNetworks)
    MixPad (HKLM-x32\...\MixPad) (Version: 3.56 - NCH Software)
    NVIDIA PhysX (HKLM-x32\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6844 - Realtek Semiconductor Corp.)
    Reverse Page (HKLM\...\Reverse Page) (Version: 2015.01.07.132250 - Reverse Page) <==== ATTENTION
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
    Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 11.300.05.03.256 - Huawei Technologies Co.,Ltd)
    TuneUp Utilities 2014 (en-GB) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    TuneUp Utilities 2014 (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
    Virtual DJ Toolbar (HKLM-x32\...\{56444A2D-5637-006A-76A7-A758B70C0F00}) (Version: 12.15.0.169 - APN, LLC)
    VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll No File
    CustomCLSID: HKU\S-1-5-21-3376662306-939230167-2911087751-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    07-02-2015 15:07:29 Windows Update
    07-02-2015 21:45:49 Revo Uninstaller's restore point - O2Jam (e-Games) v.3.50
    07-02-2015 21:48:09 Revo Uninstaller's restore point - Virtual DJ Toolbar
    10-02-2015 18:09:13 Windows Update
    10-02-2015 18:34:55 Restore Operation
    10-02-2015 18:53:42 Windows Update
    10-02-2015 20:45:02 Windows Modules Installer
    10-02-2015 21:03:10 Revo Uninstaller's restore point - NavyField2
    10-02-2015 21:08:26 Revo Uninstaller's restore point - Desura: ERIE
    10-02-2015 21:10:42 Revo Uninstaller's restore point - Desura: ILLUSION - Ghost Killer
    10-02-2015 21:13:04 Revo Uninstaller's restore point - Desura
    10-02-2015 21:14:26 Revo Uninstaller's restore point - Desura: Baby Blues - Toddler Horror Game
    10-02-2015 21:15:36 Revo Uninstaller's restore point - Desura: VANISH
    10-02-2015 21:16:58 Revo Uninstaller's restore point - EZDownloader
    10-02-2015 21:22:04 Revo Uninstaller's restore point - Microsoft OneDrive
    10-02-2015 21:24:00 Revo Uninstaller's restore point - YTD Video Downloader 4.8.1
    10-02-2015 21:25:19 Revo Uninstaller's restore point - Search App by Ask
    11-02-2015 22:15:14 Windows Update
    12-02-2015 19:48:26 Revo Uninstaller's restore point - Microsoft Office Enterprise 2007
    12-02-2015 21:01:15 Revo Uninstaller's restore point - Microsoft Visual C++ 2005 Redistributable
    12-02-2015 21:01:32 Removed Microsoft Visual C++ 2005 Redistributable
    12-02-2015 21:04:28 Revo Uninstaller's restore point - uNisAaleus
    12-02-2015 21:06:13 Revo Uninstaller's restore point - Pink My Facebook
    12-02-2015 21:08:32 Revo Uninstaller's restore point - GovernorMirror
    12-02-2015 21:10:00 Revo Uninstaller's restore point - O2Jam (e-Games) v.3.50
    12-02-2015 21:15:39 Installed OpenOffice 4.1.1
    13-02-2015 00:15:11 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0B1B2A32-AF92-4D05-80CD-D2E51FFEA71D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
    Task: {0ECDCBA4-BAE2-47BD-B097-79E09E6FF85A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    Task: {1F65A377-6FD8-4447-AF78-61533B521EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {1FED595E-528A-4812-B07E-35EC875566B3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {8DB6138A-022C-430C-A7BC-937A257487C0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3376662306-939230167-2911087751-1000
    Task: {910FEA15-D6EC-46BA-8CEE-B6321EB64E78} - System32\Tasks\{3FE479D7-4C16-4F84-AF5F-19BEE805E733} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {A11295BA-7DE1-45DA-9DB3-080860BF0DAF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-07] (Google Inc.)
    Task: {B6275BA7-9564-4D0D-8F0E-8DEF60AA9500} - System32\Tasks\{2E5B78AA-38BF-4778-9AFA-807719EEE1AC} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {BD3B9BD4-4CAA-449D-9E4C-7E1D3AA92640} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-20] (Adobe Systems Incorporated)
    Task: {C9EB0541-F535-4199-9C3C-7C2A6622C644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {CAE7B97A-4251-4A65-A375-CCFFD54D874E} - System32\Tasks\{90DAC5D2-CAF4-4F25-BCCE-02CB99B25323} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Task: {D81AB359-166E-4BFF-BC2D-628705D95F13} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-07-23] (Informer Technologies, Inc.)
    Task: {E350AA9F-3633-49E2-9637-B546C83F6167} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {F5BF9C02-3588-43A2-B3FD-7D4FF5149B8A} - System32\Tasks\{1A1D8D95-2E33-49FE-BAEA-C9464A3B2687} => Iexplore.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
    Task: {F7A491B7-56A6-4CB1-BF6A-CF90F8271909} - System32\Tasks\{8634AC55-6D38-4BE1-AE5F-4576F6A01709} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.14.0.104&amp;LastError=12002
    Task: {FBF461CF-50EB-4178-8B8B-6013F3DA069A} - System32\Tasks\gg_uac_daemon_user => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-07-29] ()
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3376662306-939230167-2911087751-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-02-06 14:03 - 2014-02-06 14:03 - 01162752 _____ () C:\ProgramData\{fde390e2-0b63-4adf-fde3-390e20b64388}\E206E.exe
    2014-02-06 13:57 - 2014-02-06 13:57 - 01162752 _____ () C:\ProgramData\{f801907e-2449-590d-f801-1907e24441f8}\Rurouni Kenshin_ The Legend Ends English Subtitles.exe
    2014-07-29 12:40 - 2014-07-29 12:40 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    2015-01-29 18:56 - 2011-07-05 02:17 - 01268224 _____ () C:\Program Files\AVAST Software\Avast\defs\11070401\algo.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 01117512 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 00211272 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2014-07-29 12:40 - 2014-07-29 12:40 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 09170760 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll
    2015-02-06 10:11 - 2015-02-04 17:02 - 14965064 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3376662306-939230167-2911087751-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.254.254

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: ACDaemon => 3
    MSCONFIG\Services: Adobe LM Service => 3
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AERTFilters => 2
    MSCONFIG\Services: APNMCP => 2
    MSCONFIG\Services: BackupStack => 2
    MSCONFIG\Services: Desura Install Service => 3
    MSCONFIG\Services: IHProtect Service => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
    MSCONFIG\Services: Update Reverse Page => 2

    ==================== Accounts: =============================

    Administrator (S-1-5-21-3376662306-939230167-2911087751-500 - Administrator - Disabled)
    Guest (S-1-5-21-3376662306-939230167-2911087751-501 - Limited - Disabled)
    user (S-1-5-21-3376662306-939230167-2911087751-1000 - Administrator - Enabled) => C:\Users\user

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: WiMAX Bus Eumerator
    Description: WiMAX Bus Eumerator
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/13/2015 08:19:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/12/2015 09:33:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (02/13/2015 08:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3

    Error: (02/13/2015 08:18:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SPDRIVER_1.36.1.172 service failed to start due to the following error:
    %%3

    Error: (02/13/2015 08:18:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Updater Service service failed to start due to the following error:
    %%2

    Error: (02/13/2015 08:18:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Log Rotator Service service failed to start due to the following error:
    %%2

    Error: (02/13/2015 08:18:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Hypervisor service failed to start due to the following error:
    %%3

    Error: (02/13/2015 00:15:19 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

    Error: (02/12/2015 09:32:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The BlueStacks Android Service service depends on the BlueStacks Hypervisor service which failed to start because of the following error:
    %%3

    Error: (02/12/2015 09:32:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SPDRIVER_1.36.1.172 service failed to start due to the following error:
    %%3

    Error: (02/12/2015 09:32:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Updater Service service failed to start due to the following error:
    %%2

    Error: (02/12/2015 09:32:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BlueStacks Log Rotator Service service failed to start due to the following error:
    %%2


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3892.52 MB
    Available physical RAM: 2283.52 MB
    Total Pagefile: 9728.71 MB
    Available Pagefile: 7601.88 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:232.78 GB) (Free:58.29 GB) NTFS
    Drive d: () (Fixed) (Total:232.88 GB) (Free:232.24 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5C6C666C)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1142629

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice