Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014 Ran by Cypisek at 2014-11-20 01:03:46 Run:3 Running from C:\Users\Cypisek\Downloads\FRST Loaded Profile: Cypisek (Available profiles: Cypisek) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: BHO: SoftCoup -> {8fde9d68-add0-4f07-b80e-84449d5c6065} -> C:\ProgramData\SoftCoup\6H5kTcsoXQ2fbG.x64.dll () BHO-x32: SoftCoup -> {8fde9d68-add0-4f07-b80e-84449d5c6065} -> C:\ProgramData\SoftCoup\6H5kTcsoXQ2fbG.dll () CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-1153665968-2999873662-4185214043-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1153665968-2999873662-4185214043-1000\...\Run: [Jotta] => "C:\Program Files\Jotta\jotta.exe" AlternateDataStreams: C:\ProgramData\Microsoft:eZcIVVfazFfNxOdD11Qlk2si AlternateDataStreams: C:\ProgramData\Microsoft:iomtxTUNeYqdXa7Pvr39u5xkJ AlternateDataStreams: C:\Users\Cypisek\AppData\Local\Temporary Internet Files:dih43SwfIX6bemIPe1pjhsq5 C:\ProgramData\374311380 C:\ProgramData\c5806f9710da70d3 C:\ProgramData\saveitkeep C:\ProgramData\Interenet Optimizer C:\ProgramData\SoftCoup C:\ProgramData\WildWestCoupon C:\Users\Cypisek\AppData\Local\Google C:\Users\Cypisek\AppData\Roaming\Google RemoveDirectory: C:\Users\Cypisek\Desktop\Stare dane programu Firefox Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete HKCU\Software\Google /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Cypisek\AppData\Local CMD: dir /a C:\Users\Cypisek\AppData\LocalLow CMD: dir /a C:\Users\Cypisek\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8fde9d68-add0-4f07-b80e-84449d5c6065}" => Key not found. "HKCR\CLSID\{8fde9d68-add0-4f07-b80e-84449d5c6065}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8fde9d68-add0-4f07-b80e-84449d5c6065}" => Key not found. "HKCR\Wow6432Node\CLSID\{8fde9d68-add0-4f07-b80e-84449d5c6065}" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\S-1-5-21-1153665968-2999873662-4185214043-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully. HKU\S-1-5-21-1153665968-2999873662-4185214043-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Jotta => value deleted successfully. C:\ProgramData\Microsoft => ":eZcIVVfazFfNxOdD11Qlk2si" ADS removed successfully. C:\ProgramData\Microsoft => ":iomtxTUNeYqdXa7Pvr39u5xkJ" ADS removed successfully. "C:\Users\Cypisek\AppData\Local\Temporary Internet Files" => ":dih43SwfIX6bemIPe1pjhsq5" ADS not found. C:\ProgramData\374311380 => Moved successfully. C:\ProgramData\c5806f9710da70d3 => Moved successfully. C:\ProgramData\saveitkeep => Moved successfully. "C:\ProgramData\Interenet Optimizer" => File/Directory not found. C:\ProgramData\SoftCoup => Moved successfully. C:\ProgramData\WildWestCoupon => Moved successfully. C:\Users\Cypisek\AppData\Local\Google => Moved successfully. C:\Users\Cypisek\AppData\Roaming\Google => Moved successfully. "C:\Users\Cypisek\Desktop\Stare dane programu Firefox" => Removed successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKCU\Software\Google /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f ========= The operation completed successfully. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\Program Files 2014-10-14 07:52 . 2014-10-14 07:52 .. 2014-11-17 11:12 Adobe 2014-07-17 08:57 Common Files 2009-07-14 05:54 174 desktop.ini 2014-06-25 14:58 DVD Maker 2014-08-01 10:13 Google 2014-11-17 11:36 Internet Explorer 2014-07-31 00:26 Jotta 2009-07-14 08:46 Microsoft Games 2014-10-14 07:52 Microsoft Silverlight 2014-07-06 11:55 MPC-HC.1.7.6.x64 2009-07-14 06:32 MSBuild 2014-09-23 00:16 NVIDIA Corporation 2014-06-24 08:35 Realtek 2009-07-14 06:32 Reference Assemblies 2014-08-24 17:57 TeamSpeak 3 Client 2009-07-14 06:09 Uninstall Information 2014-06-27 14:08 Windows Defender 2014-07-09 02:12 Windows Journal 2014-06-25 14:58 Windows Mail 2014-10-15 20:07 Windows Media Player 2009-07-14 06:32 Windows NT 2014-06-25 14:58 Windows Photo Viewer 2014-06-25 14:58 Windows Portable Devices 2014-06-25 14:58 Windows Sidebar 2014-06-24 08:12 WinRAR 1 File(s) 174 bytes 26 Dir(s) 43ÿ082ÿ809ÿ344 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\Program Files (x86) 2014-11-19 15:49 . 2014-11-19 15:49 .. 2014-10-26 18:59 4Videosoft Studio 2014-07-17 08:49 Adobe 2014-09-23 00:15 AGEIA Technologies 2014-11-17 11:35 Apple Software Update 2014-09-09 19:38 Battlelog Web Plugins 2014-11-17 11:35 Common Files 2014-06-30 23:35 DAEMON Tools Lite 2009-07-14 05:54 174 desktop.ini 2014-07-17 08:08 FileZilla FTP Client 2014-06-24 19:21 foobar2000 2014-08-01 10:13 Google 2014-10-11 12:36 GUM448E.tmp 2014-08-26 19:48 InstallShield Installation Information 2014-06-24 08:35 Intel 2014-11-12 21:49 Internet Explorer 2014-11-03 15:48 Java 2014-07-04 10:16 Last.fm 2014-09-11 17:22 LG Electronics 2014-07-01 01:26 Microsoft Games for Windows - LIVE 2014-10-14 07:52 Microsoft Silverlight 2014-06-24 08:42 Microsoft.NET 2014-11-19 15:49 Mozilla Firefox 2014-11-19 15:49 Mozilla Maintenance Service 2009-07-14 06:32 MSBuild 2014-08-01 02:00 MSXML 4.0 2014-07-01 16:20 NapiProjekt 2014-07-31 14:53 Nero 2014-11-19 01:26 NVIDIA Corporation 2014-06-25 13:32 OpenOffice 4 2014-09-09 19:36 Origin 2014-08-26 12:19 Origin Games 2014-11-17 11:36 QuickTime 2014-06-24 08:38 Realtek 2009-07-14 06:32 Reference Assemblies 2014-06-24 08:39 Renesas Electronics 2014-06-26 21:30 revoSleep 2014-06-30 23:45 Rockstar Games 2014-06-27 13:38 Sony 2014-06-27 13:40 Sony Mobile 2014-10-14 22:03 Steam 2014-06-24 21:15 Switch Off 2014-06-24 08:36 Temp 2014-07-16 20:56 Tlen.pl 2009-07-14 05:57 Uninstall Information 2014-07-01 16:22 VideoLAN 2014-06-27 14:08 Windows Defender 2014-06-25 14:58 Windows Mail 2014-10-15 20:07 Windows Media Player 2009-07-14 06:32 Windows NT 2014-06-25 14:58 Windows Photo Viewer 2014-06-25 14:58 Windows Portable Devices 2014-06-25 14:58 Windows Sidebar 1 File(s) 174 bytes 53 Dir(s) 43ÿ082ÿ805ÿ248 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\ProgramData 2014-11-20 01:03 . 2014-11-20 01:03 .. 2014-11-17 11:11 Adobe 2014-06-25 15:08 APN 2014-11-17 11:35 Apple 2014-11-17 11:36 Apple Computer 2009-07-14 06:08 Application Data [C:\ProgramData] 2014-10-29 11:40 BlueStacksSetup 2014-09-10 22:43 Bohemia Interactive 2014-09-12 18:58 Common Files 2014-06-30 23:39 DAEMON Tools Lite 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2014-06-24 08:39 Downloaded Installations 2014-06-25 13:31 EA Core 2014-06-25 23:15 EA Logs 2014-06-25 13:31 Electronic Arts 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2014-10-11 17:25 Google 2014-07-04 10:18 Last.fm 2014-09-13 07:42 MFAData 2014-11-17 23:27 Microsoft 2014-06-24 08:08 Mozilla 2014-07-31 14:53 Nero 2014-11-19 23:45 NVIDIA 2014-07-30 09:04 NVIDIA Corporation 2014-09-09 19:36 Origin 2014-07-17 08:57 PACE Anti-Piracy 2014-10-11 17:26 Package Cache 2014-06-25 13:31 PopCap Games 2014-11-17 11:15 regid.1986-12.com.adobe 2014-06-27 13:38 Sony 2014-06-27 13:40 Sony Mobile 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-07-15 16:13 Sun 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-07-16 20:56 Tlen.pl 0 File(s) 0 bytes 37 Dir(s) 43ÿ082ÿ805ÿ248 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Cypisek\AppData\Local ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\Users\Cypisek\AppData\Local 2014-11-20 01:03 . 2014-11-20 01:03 .. 2014-11-19 02:00 Adobe 2014-11-14 16:59 1ÿ456 Adobe Save for Web 13.0 Prefs 2014-11-17 11:35 Apple 2014-11-17 13:30 Apple Computer 2014-06-24 08:04 Application Data [C:\Users\Cypisek\AppData\Local] 2014-10-14 17:55 Arma 3 2014-09-10 22:40 Arma 3 Launcher 2014-07-29 21:40 Aspyr 2014-09-10 22:39 Bohemia_Interactive 2014-09-14 00:48 ElevatedDiagnostics 2014-11-19 15:48 EmieBrowserModeList 2014-11-07 11:59 EmieSiteList 2014-11-07 11:59 EmieUserList 2014-07-18 19:59 ESN 2014-11-19 15:37 64ÿ024 GDIPFONTCACHEV1.DAT 2014-06-24 08:04 History [C:\Users\Cypisek\AppData\Local\Microsoft\Windows\History] 2014-11-19 23:44 5ÿ876ÿ112 IconCache.db 2014-11-19 03:03 Last.fm 2014-06-24 09:14 Macromedia 2014-09-12 18:58 MFAData 2014-07-02 07:52 Microsoft 2014-06-24 08:08 Mozilla 2014-08-16 08:58 NikLicenseFiles 2014-07-30 08:59 NVIDIA 2014-07-30 09:04 NVIDIA Corporation 2014-06-24 19:57 Origin 2014-07-17 08:57 PACE Anti-Piracy 2014-07-01 16:16 Programs 2014-07-18 20:53 PunkBuster 2014-07-01 18:23 Rockstar Games 2014-08-16 08:58 Software 2014-11-20 01:03 Temp 2014-06-24 08:04 Temporary Internet Files [C:\Users\Cypisek\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2014-08-26 20:08 The Witcher 2 2014-06-24 08:05 VirtualStore 3 File(s) 5ÿ941ÿ592 bytes 34 Dir(s) 43ÿ082ÿ801ÿ152 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Cypisek\AppData\LocalLow ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\Users\Cypisek\AppData\LocalLow 2014-11-17 11:35 . 2014-11-17 11:35 .. 2014-07-09 16:29 Adobe 2014-11-17 11:35 Apple Computer 2014-10-14 07:52 Microsoft 2014-07-15 16:12 Sun 0 File(s) 0 bytes 6 Dir(s) 43ÿ082ÿ801ÿ152 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Cypisek\AppData\Roaming ========= Volume in drive C is SYSTEM Volume Serial Number is B2F2-00D5 Directory of C:\Users\Cypisek\AppData\Roaming 2014-11-20 01:03 . 2014-11-20 01:03 .. 2014-11-17 14:20 Adobe 2014-11-18 10:13 Apple Computer 2014-08-26 17:23 DAEMON Tools Lite 2014-10-26 18:56 Digiarty 2014-10-10 23:01 dvdcss 2014-07-17 08:37 FileZilla 2014-11-19 03:04 foobar2000 2014-06-24 08:05 Identities 2014-06-24 08:35 InstallShield 2014-06-24 09:14 Macromedia 2009-07-14 08:45 Media Center Programs 2014-10-29 11:16 Microsoft 2014-06-24 08:08 Mozilla 2014-06-26 21:21 MPC-HC 2014-07-01 16:20 NapiProjekt 2014-07-31 15:04 Nero 2014-07-03 10:59 NVIDIA 2014-06-25 13:40 OpenOffice 2014-08-01 08:01 Oracle 2014-06-25 13:27 Origin 2014-07-17 08:57 PACE Anti-Piracy 2014-07-29 06:30 RenPy 2014-08-24 22:28 StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-08-20 21:18 Tlen.pl 2014-10-17 20:35 TS3Client 2014-09-12 19:01 TuneUp Software 2014-11-18 22:53 uTorrent 2014-11-19 02:17 vlc 2014-06-24 08:32 WinRAR 0 File(s) 0 bytes 31 Dir(s) 43ÿ082ÿ801ÿ152 bytes free ========= End of CMD: ========= EmptyTemp: => Removed 293.5 MB temporary data. The system needed a reboot. ==== End of Fixlog ====