Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-01-2014 01
Ran by Łukasz at 2014-01-29 13:39:58 Run:2
Running from C:\Users\Łukasz\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/?a=6OzpsPZ4OY&loc=skw
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?affID=119535&tt=gc_&babsrc=HP_ss&mntrId=0CC9D43D7E9D0227
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&affID=119535&tt=gc_&babsrc=SP_ss&mntrId=0CC9D43D7E9D0227
SearchScopes: HKCU - {215F393D-9483-42E9-B3D6-9095D08939AD} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=2A0EEE9F-F596-4663-99CE-02DCF5AB329F&apn_sauid=09986461-E315-4EFE-8AB4-E744A0D36088
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6OzpsPZ4OY&loc=skw&search={searchTerms}
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (Radiocom CJSC)
BHO-x32: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{3DF4B26D-DB19-45DF-962A-6719D071245B}] - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF Extension: Rich Media Player extension - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B} [2013-07-03]
FF Extension: FTdownloader V3.0 - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: GoPhotoIt - C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Łukasz\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Łukasz\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [doagiokpgboiomffjfhaiimafndmmpni] - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fkcdbkhjcaljlfolhllfneigeepmjfim] - C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx [2013-02-28]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2013-02-28]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-25]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sweet-page.com/?type=sc&ts=1390649772&from=cor&uid=WDCXWD15EARS-00MVWB0_WD-WCAZA523159631596
Task: {0F24D01B-6DAD-49CB-8885-F95D352EE282} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {47782FAA-9813-4BEB-BEC2-D5F051BEE8F9} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-30] ()
Task: {75E9513B-0903-4AD0-A16D-CCB77A2C2583} - System32\Tasks\bench-Updater removing
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
S2 Update RightSurf; "C:\Program Files (x86)\RightSurf\updateRightSurf.exe" [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\E:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
C:\ProgramData\WPM
C:\ProgramData\IePluginService
C:\Program Files (x86)\Bench
C:\Program Files (x86)\FTDownloader.com
C:\Program Files (x86)\Gophoto.it
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\TornTV.com
C:\Users\Łukasz\AppData\Local\CRE
C:\Users\Łukasz\AppData\Local\WMTools Downloaded Files
C:\Users\Łukasz\AppData\Roaming\systweak
C:\Windows\System32\Tasks\{B2D95881-8FDB-41FB-9A51-23B46A8C08BF}
CMD: netsh advfirewall reset
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{215F393D-9483-42E9-B3D6-9095D08939AD} => Key not found.
HKCR\CLSID\{215F393D-9483-42E9-B3D6-9095D08939AD} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully.
HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FEB703F7-E7B2-4AB0-9566-87658AC70095} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{3DF4B26D-DB19-45DF-962A-6719D071245B} => Value deleted successfully.
C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B} => Moved successfully.
C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader3@ftdownloader.com.xpi => Moved successfully.
C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
C:\Users\Łukasz\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn => Key deleted successfully.
"C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
"C:\Users\Łukasz\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\doagiokpgboiomffjfhaiimafndmmpni => Key deleted successfully.
C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim => Key deleted successfully.
C:\Users\Łukasz\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key deleted successfully.
"C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk => Key deleted successfully.
C:\Program Files (x86)\Gophoto.it\gophotoit14.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn => Key deleted successfully.
C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F24D01B-6DAD-49CB-8885-F95D352EE282} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F24D01B-6DAD-49CB-8885-F95D352EE282} => Key deleted successfully.
C:\Windows\System32\Tasks\BitGuard => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47782FAA-9813-4BEB-BEC2-D5F051BEE8F9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47782FAA-9813-4BEB-BEC2-D5F051BEE8F9} => Key deleted successfully.
C:\Windows\System32\Tasks\bench-sys => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75E9513B-0903-4AD0-A16D-CCB77A2C2583} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75E9513B-0903-4AD0-A16D-CCB77A2C2583} => Key deleted successfully.
C:\Windows\System32\Tasks\bench-Updater removing => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-Updater removing => Key deleted successfully.
C:\Windows\Tasks\bench-sys.job => Moved successfully.
C:\Windows\Tasks\bench-Updater removing.job => Moved successfully.
Update RightSurf => Service deleted successfully.
EagleX64 => Service deleted successfully.
MSICDSetup => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
xhunter1 => Service deleted successfully.
C:\ProgramData\WPM => Moved successfully.
C:\ProgramData\IePluginService => Moved successfully.
C:\Program Files (x86)\Bench => Moved successfully.
"C:\Program Files (x86)\FTDownloader.com" => File/Directory not found.
C:\Program Files (x86)\Gophoto.it => Moved successfully.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
C:\Program Files (x86)\TornTV.com => Moved successfully.
C:\Users\Łukasz\AppData\Local\CRE => Moved successfully.
C:\Users\Łukasz\AppData\Local\WMTools Downloaded Files => Moved successfully.
C:\Users\Łukasz\AppData\Roaming\systweak => Moved successfully.
C:\Windows\System32\Tasks\{B2D95881-8FDB-41FB-9A51-23B46A8C08BF} => Moved successfully.

=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


==== End of Fixlog ====