Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2014 01
Ran by User at 2014-04-12 18:26:28 Run:1
Running from C:\Users\User\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-18] (StdLib)
C:\Windows\System32\drivers\wStLib64.sys
U2 ehdrv;
S3 zlportio; \??\D:\Programs\ultra star deluxe\UltraStar Deluxe\zlportio.sys [X]
HKLM-x32\...\Run: [tuto4pc_pl_13] - [X]
HKU\S-1-5-21-2222448136-738814564-1578169591-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-2222448136-738814564-1578169591-1001\...\Run: [AdobeUpdate] - wscript "C:\Users\User\AppData\Roaming\PTSGPU\invis.vbs" "C:\Users\User\AppData\Roaming\PTSGPU\bat.bat"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [fjkndgpgkiomekpgdaclpoecngmjonhe] - C:\Users\User\AppData\Local\CouponDropDown\Chrome\CouponDropDown.crx [2013-12-02]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO-x32: No Name - {A7C77E32-D1D5-AB43-A75A-7E1B4687769B} - No File
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-12-23] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-12-23] (BonanzaDeals)
Task: {1FBF0F36-9C99-4A1A-BD9A-F6051A6BC08E} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {38754E4A-914C-457B-AD3F-7A0F4E8D7505} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-30] () <==== ATTENTION
Task: {58FD89B8-1409-4AAE-A6F2-DC0777FF5399} - \DealPly No Task File
Task: {6096E8B8-CA41-4796-84FA-CA72D7336DE2} - \RegClean Pro_DEFAULT No Task File
Task: {6FD4BCD8-2EBD-40E0-BED2-415F1286E92D} - \DealPlyUpdate No Task File
Task: {A6B84D97-4342-4671-8E7D-076DDE4EE794} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-23] (BonanzaDeals) <==== ATTENTION
Task: {ADF3A962-BF47-42EF-9872-4D8FF5CB506F} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-12-23] (BonanzaDeals) <==== ATTENTION
Task: {C55A02D0-7117-4C5F-B6B9-05D17F9634B6} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {C8CD0361-A125-4BCE-838F-FC8E21C8EC86} - System32\Tasks\bench-Updater removing
Task: {EF9A02D1-FEBA-4C0D-AEBC-7744193AA902} - System32\Tasks\{7D53263F-CA02-4375-B72A-C0AE700C4D7F} => Chrome.exe http://ui.skype.com/ui/0/6.9.59.106/pl/abandoninstall?page=tsProgressBar
Task: {F8D1BA96-F79E-47E2-9552-A1D32193D95D} - \RegClean Pro_UPDATES No Task File
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:51F4828AF3F1ABAD
AlternateDataStreams: C:\Users\All Users:51F4828AF3F1ABAD
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:LNfz0GhVZlLjzEK4n8T9E
AlternateDataStreams: C:\ProgramData\Application Data:51F4828AF3F1ABAD
AlternateDataStreams: C:\ProgramData\Microsoft:lSruynI64wN2h8uwfmNOJJICn
AlternateDataStreams: C:\ProgramData\Microsoft:yoNCysbek3O9N9fwZTg
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\User\Downloads\EIE11_PL-PL_WOL_WIN764.EXE:BDU
AlternateDataStreams: C:\Users\User\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\Metallica_Multitracks,_Stems,_Alternate_Versions (1).exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\Metallica_Multitracks,_Stems,_Alternate_Versions.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\MicrosoftInstaller.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\word2007-kb974631-fullfile-x86-glb.exe:BDU
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:2exxCVyc2o5KQwkmnPT18kG
AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:Xz6w18bxU93SNndePmCzePY
C:\Program Files (x86)\Bench
C:\Users\User\AppData\Local\CrashDumps
C:\Users\User\AppData\Local\CouponDropDown
C:\Users\User\AppData\Roaming\PTSGPU
C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions
C:\Users\User\Downloads\Ned Beattys NETWORK speech-by Paddy Chayefsky.mp4.crdownload
C:\Windows\SysWOW64\sho*.tmp
Reg: reg delete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Search" /f
Reboot:
*****************

wStLib64 => Service stopped successfully.
wStLib64 => Service deleted successfully.
C:\Windows\System32\drivers\wStLib64.sys => Moved successfully.
ehdrv => Service deleted successfully.
zlportio => Service deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pl_13 => Value deleted successfully.
HKU\S-1-5-21-2222448136-738814564-1578169591-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKU\S-1-5-21-2222448136-738814564-1578169591-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeUpdate => Value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjkndgpgkiomekpgdaclpoecngmjonhe => Key deleted successfully.
"C:\Users\User\AppData\Local\CouponDropDown\Chrome\CouponDropDown.crx" => File/Directory not found.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7C77E32-D1D5-AB43-A75A-7E1B4687769B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A7C77E32-D1D5-AB43-A75A-7E1B4687769B} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => Key deleted successfully.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@Bitdefender.com/PasswordManager;version=17.8 => Key deleted successfully.
C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3 => Key deleted successfully.
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9 => Key deleted successfully.
C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
bonanzadealslive => Service deleted successfully.
bonanzadealslivem => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FBF0F36-9C99-4A1A-BD9A-F6051A6BC08E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FBF0F36-9C99-4A1A-BD9A-F6051A6BC08E} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38754E4A-914C-457B-AD3F-7A0F4E8D7505} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38754E4A-914C-457B-AD3F-7A0F4E8D7505} => Key deleted successfully.
C:\Windows\System32\Tasks\bench-sys => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58FD89B8-1409-4AAE-A6F2-DC0777FF5399} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58FD89B8-1409-4AAE-A6F2-DC0777FF5399} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6096E8B8-CA41-4796-84FA-CA72D7336DE2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6096E8B8-CA41-4796-84FA-CA72D7336DE2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FD4BCD8-2EBD-40E0-BED2-415F1286E92D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FD4BCD8-2EBD-40E0-BED2-415F1286E92D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6B84D97-4342-4671-8E7D-076DDE4EE794} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B84D97-4342-4671-8E7D-076DDE4EE794} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADF3A962-BF47-42EF-9872-4D8FF5CB506F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADF3A962-BF47-42EF-9872-4D8FF5CB506F} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C55A02D0-7117-4C5F-B6B9-05D17F9634B6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C55A02D0-7117-4C5F-B6B9-05D17F9634B6} => Key deleted successfully.
C:\Windows\System32\Tasks\GoforFilesUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8CD0361-A125-4BCE-838F-FC8E21C8EC86} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8CD0361-A125-4BCE-838F-FC8E21C8EC86} => Key deleted successfully.
C:\Windows\System32\Tasks\bench-Updater removing => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-Updater removing => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF9A02D1-FEBA-4C0D-AEBC-7744193AA902} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF9A02D1-FEBA-4C0D-AEBC-7744193AA902} => Key deleted successfully.
C:\Windows\System32\Tasks\{7D53263F-CA02-4375-B72A-C0AE700C4D7F} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7D53263F-CA02-4375-B72A-C0AE700C4D7F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8D1BA96-F79E-47E2-9552-A1D32193D95D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D1BA96-F79E-47E2-9552-A1D32193D95D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => Key deleted successfully.
C:\Windows\Tasks\bench-sys.job => Moved successfully.
C:\Windows\Tasks\bench-Updater removing.job => Moved successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData => ":51F4828AF3F1ABAD" ADS removed successfully.
"C:\Users\All Users" => ":51F4828AF3F1ABAD" ADS not found.
C:\Program Files\Common Files\Microsoft Shared => ":LNfz0GhVZlLjzEK4n8T9E" ADS removed successfully.
"C:\ProgramData\Application Data" => ":51F4828AF3F1ABAD" ADS not found.
C:\ProgramData\Microsoft => ":lSruynI64wN2h8uwfmNOJJICn" ADS removed successfully.
C:\ProgramData\Microsoft => ":yoNCysbek3O9N9fwZTg" ADS removed successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\Users\User\Downloads\EIE11_PL-PL_WOL_WIN764.EXE => ":BDU" ADS removed successfully.
"C:\Users\User\Downloads\FRST64.exe" => ":BDU" ADS not found.
C:\Users\User\Downloads\Metallica_Multitracks,_Stems,_Alternate_Versions (1).exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\Metallica_Multitracks,_Stems,_Alternate_Versions.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\MicrosoftInstaller.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\OTL.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\SkypeSetup.exe => ":BDU" ADS removed successfully.
C:\Users\User\Downloads\word2007-kb974631-fullfile-x86-glb.exe => ":BDU" ADS removed successfully.
C:\Users\User\AppData\Local\Temp => ":2exxCVyc2o5KQwkmnPT18kG" ADS removed successfully.
"C:\Users\User\AppData\Local\Temporary Internet Files" => ":Xz6w18bxU93SNndePmCzePY" ADS not found.
C:\Program Files (x86)\Bench => Moved successfully.
C:\Users\User\AppData\Local\CrashDumps => Moved successfully.
"C:\Users\User\AppData\Local\CouponDropDown" => File/Directory not found.
C:\Users\User\AppData\Roaming\PTSGPU => Moved successfully.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\extensions => Moved successfully.
C:\Users\User\Downloads\Ned Beattys NETWORK speech-by Paddy Chayefsky.mp4.crdownload => Moved successfully.
C:\Windows\SysWOW64\sho*.tmp => Moved successfully.

========= reg delete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Search" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog ====