Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-05-2014
Ran by SOPHIE at 2014-05-31 10:39:31 Run:1
Running from C:\Users\SOPHIE\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1401219240&from=nsbfr&uid=TOSHIBAXMK7559GSXP_11E8F2RDSXX11E8F2RDS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1401219240&from=nsbfr&uid=TOSHIBAXMK7559GSXP_11E8F2RDSXX11E8F2RDS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1401219240&from=nsbfr&uid=TOSHIBAXMK7559GSXP_11E8F2RDSXX11E8F2RDS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1401219240&from=nsbfr&uid=TOSHIBAXMK7559GSXP_11E8F2RDSXX11E8F2RDS&q={searchTerms}
SearchScopes: HKCU - DefaultScope {681B8B4E-F3CE-4AC5-AED9-47FA8F20656C} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103aw&cd=2XzuyEtN2Y1L1QzuzytDtDtDyE0EtA0F0A0A0CtD0ByC0D0FtN0D0Tzu0SyBtDzztN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1979940205&ir=
SearchScopes: HKCU - {057FD7A9-E612-496E-A377-38F38E9E8AE6} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=5217335D-5FEB-4A60-A85E-A672418105E1&apn_sauid=A7CB1423-8FC8-4712-8BCB-58BE80880BBC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {681B8B4E-F3CE-4AC5-AED9-47FA8F20656C} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103aw&cd=2XzuyEtN2Y1L1QzuzytDtDtDyE0EtA0F0A0A0CtD0ByC0D0FtN0D0Tzu0SyBtDzztN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1979940205&ir=
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: qone8
CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx [2014-04-12]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] ()
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [573344 2014-05-27] (Fuyu LIMITED)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2014-05-27 21:37 - 2014-05-27 21:38 - 00001656 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-05-27 21:35 - 2014-05-28 19:18 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 ____D () C:\Users\SOPHIE\AppData\Roaming\SupTab
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 ____D () C:\Users\SOPHIE\AppData\Local\globalUpdate
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-05-27 21:32 - 2014-05-27 21:32 - 01271376 _____ (BitTorrent Inc.) C:\Users\SOPHIE\Downloads\uTorrent.exe
2014-05-27 19:21 - 2014-05-27 21:38 - 00000000 ____D () C:\Users\SOPHIE\AppData\Roaming\Nosibay
2014-05-27 19:21 - 2014-05-27 19:23 - 00012281 _____ () C:\Users\SOPHIE\AppData\Roaming\Bubble Dock.installation.log
2014-05-27 19:20 - 2014-05-27 19:20 - 00000000 ____D () C:\Program Files\003
2014-05-27 19:19 - 2014-05-30 22:29 - 00001086 _____ () C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
2014-05-27 19:19 - 2014-05-27 19:24 - 00004082 _____ () C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA
2014-05-27 19:19 - 2014-05-27 19:19 - 00000000 ____D () C:\Users\SOPHIE\AppData\Local\Software
2014-05-27 19:19 - 2014-05-27 19:19 - 00000000 ____D () C:\Program Files (x86)\Software
C:\Program Files (x86)\GoforFiles
Task: {50BBC8DA-A471-4A13-BF5D-C734EA72A0FD} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: {862001A3-5F71-412D-A96D-288A2640A426} - \BackgroundContainer Startup Task No Task File
Task: {C90464BE-2597-45E7-B780-165B01917E5C} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1A60DE96
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
C:\Users\SOPHIE\AppData\Local\Temp\Boxore.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsd4149.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsd458E.exe
C:\Users\SOPHIE\AppData\Local\Temp\nshBCDF.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsjBCD7.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsy49B4.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsyB2D6.exe
C:\Users\SOPHIE\AppData\Local\Temp\nsyB769.exe
C:\Users\SOPHIE\AppData\Local\Temp\utt4222.tmp.exe
C:\Users\SOPHIE\AppData\Local\Temp\uttDC11.tmp.exe
end

*****************

[1216] C:\ProgramData\WindowsProtectManger\wprotectmanager.exe => Process closed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DatamngrCoordinator.exe => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{057FD7A9-E612-496E-A377-38F38E9E8AE6} => Key deleted successfully.
HKCR\CLSID\{057FD7A9-E612-496E-A377-38F38E9E8AE6} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{681B8B4E-F3CE-4AC5-AED9-47FA8F20656C} => Key deleted successfully.
HKCR\CLSID\{681B8B4E-F3CE-4AC5-AED9-47FA8F20656C} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ippenodjaoidmkkfdlmdhofiebnpjddb => Key deleted successfully.
"C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx" => File/Directory not found.
IePluginServices => Service deleted successfully.
WindowsProtectManger => Service deleted successfully.
EpfwLWF => Service stopped successfully.
EpfwLWF => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\Windows\SysWOW64\${LOGFILE} => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Users\SOPHIE\AppData\Roaming\SupTab => Moved successfully.
C:\Users\SOPHIE\AppData\Local\globalUpdate => Moved successfully.
C:\ProgramData\WindowsProtectManger => Moved successfully.
C:\ProgramData\IePluginServices => Moved successfully.
C:\Users\SOPHIE\Downloads\uTorrent.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Roaming\Nosibay => Moved successfully.
C:\Users\SOPHIE\AppData\Roaming\Bubble Dock.installation.log => Moved successfully.
C:\Program Files\003 => Moved successfully.
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Software => Moved successfully.
C:\Program Files (x86)\Software => Moved successfully.
"C:\Program Files (x86)\GoforFiles" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50BBC8DA-A471-4A13-BF5D-C734EA72A0FD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50BBC8DA-A471-4A13-BF5D-C734EA72A0FD} => Key deleted successfully.
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoftwareUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{862001A3-5F71-412D-A96D-288A2640A426} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{862001A3-5F71-412D-A96D-288A2640A426} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C90464BE-2597-45E7-B780-165B01917E5C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C90464BE-2597-45E7-B780-165B01917E5C} => Key deleted successfully.
C:\Windows\System32\Tasks\Go for FilesUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go for FilesUpdate => Key deleted successfully.
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job not found.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1A60DE96" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":93EB7685" ADS removed successfully.
C:\ProgramData\Temp => ":CDFF58FE" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.
C:\Users\SOPHIE\AppData\Local\Temp\Boxore.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsd4149.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsd458E.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nshBCDF.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsjBCD7.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsy49B4.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsyB2D6.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\nsyB769.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\utt4222.tmp.exe => Moved successfully.
C:\Users\SOPHIE\AppData\Local\Temp\uttDC11.tmp.exe => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====