Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Damian at 2014-04-05 01:14:55 Run:2
Running from C:\Users\Damian\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3542818027-3627737236-3176664530-1000\...\Run: [Scrypt] - "C:\Users\Damian\AppData\Roaming\Scrypt\nircmd.exe" exec hide "C:\Users\Damian\AppData\Roaming\Scrypt\start.bat"
Task: {3995EF85-DCFD-47AD-B916-54FC57D56CB8} - \BackgroundContainer Startup Task No Task File
URLSearchHook: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
URLSearchHook: HKCU - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
Toolbar: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RkHit; \??\C:\Windows\system32\drivers\RKHit.sys [X]
C:\Program Files (x86)\BitTorrentControl_v12
C:\Program Files (x86)\Enigma Software Group
C:\Program Files\Enigma Software Group
C:\Users\Damian\AppData\Roaming\eCyber
C:\Users\Damian\AppData\Roaming\Scrypt
C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
C:\Windows\system32\log
C:\sh4_service.log
Reboot:
*****************

HKU\S-1-5-21-3542818027-3627737236-3176664530-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Scrypt => Value not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3995EF85-DCFD-47AD-B916-54FC57D56CB8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3995EF85-DCFD-47AD-B916-54FC57D56CB8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key not found.
esgiguard => Service deleted successfully.
RkHit => Service deleted successfully.
C:\Program Files (x86)\BitTorrentControl_v12 => Moved successfully.
C:\Program Files (x86)\Enigma Software Group => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Damian\AppData\Roaming\eCyber => Moved successfully.
C:\Users\Damian\AppData\Roaming\Scrypt => Moved successfully.
C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP => Moved successfully.
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully.
C:\Windows\System32\log => Moved successfully.
C:\sh4_service.log => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====