Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Adrian at 2015-01-22 14:56:25 Run:1
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64; C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys [48792 2015-01-19] (StdLib)
R1 {ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64; C:\Windows\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys [48792 2015-01-13] (StdLib)
R1 {ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64; C:\Windows\System32\drivers\{ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64.sys [48792 2015-01-16] (StdLib)
R1 {f81878fa-25e9-442d-8ada-79658b6520f2}Gw64; C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys [48792 2015-01-10] (StdLib)
R2 Update Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [529656 2015-01-19] ()
R2 Util Dynamo Combo; C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [529656 2015-01-19] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-10] (Fuyu LIMITED) [File not signed]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1420916513&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338383573-761613370-1584193850-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338383573-761613370-1584193850-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420916576&from=cor&uid=KINGSTONXSV300S37A120G_50026B774907F523&q={searchTerms}
BHO-x32: Dynamo Combo 1.0.0.6 -> {986c37a1-7b65-476f-80dc-54f80bd4b0d6} -> C:\Program Files (x86)\Dynamo Combo\DynamoCombobho.dll (Dynamo Combo)
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
C:\Program Files (x86)\Dynamo Combo
C:\Program Files (x86)\XTab
C:\ProgramData\IHProtectUpDate
C:\ProgramData\Norton
C:\ProgramData\WindowsMangerProtect
C:\Users\Adrian\AppData\Roaming\omiga-plus
C:\Users\Adrian\Downloads\*(*)-dp*.exe
C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys
C:\Windows\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys
C:\Windows\System32\drivers\{ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64.sys
C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64 => Service stopped successfully.
{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64 => Service deleted successfully.
{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64 => Service stopped successfully.
{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64 => Service deleted successfully.
{ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64 => Service stopped successfully.
{ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64 => Service deleted successfully.
{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64 => Service stopped successfully.
{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64 => Service deleted successfully.
Update Dynamo Combo => Service deleted successfully.
Util Dynamo Combo => Service deleted successfully.
WindowsMangerProtect => Service deleted successfully.
EagleX64 => Service deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKU\S-1-5-21-2338383573-761613370-1584193850-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2338383573-761613370-1584193850-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{986c37a1-7b65-476f-80dc-54f80bd4b0d6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{986c37a1-7b65-476f-80dc-54f80bd4b0d6}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key not found. 
C:\Program Files (x86)\Dynamo Combo => Moved successfully.
C:\Program Files (x86)\XTab => Moved successfully.
C:\ProgramData\IHProtectUpDate => Moved successfully.
C:\ProgramData\Norton => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\Users\Adrian\AppData\Roaming\omiga-plus => Moved successfully.
C:\Users\Adrian\Downloads\*(*)-dp*.exe => Moved successfully.
C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{ecd6aae4-019c-44b2-a0e5-570904275d66}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys => Moved successfully.
EmptyTemp: => Removed 465 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 14:56:53 ====