Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by Marcel at 2015-04-14 15:42:22 Run:1
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available profiles: Marcel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\...\Run: [minerd] => "C:\Users\Marcel\AppData\Roaming\minerd\nircmd.exe" exec hide "C:\Users\Marcel\AppData\Roaming\minerd\start.bat"
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\...\Run: [Cabrate] => C:\Users\Marcel\AppData\Roaming\Shupdate\htmlsh.exe [90112 2015-03-23] ()
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
AlternateDataStreams: C:\Users\Marcel\AppData\Local\Temporary Internet Files:0k2DkVxeKYjRagSejTpTO20UuMZr8
C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36
C:\ProgramData\.ST160
C:\ProgramData\Windows
C:\Users\Marcel\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56
C:\Users\Marcel\AppData\Local\vu1xnNgDcHeXEzvvBuxT1OYCmvta+do0xgSnltS6nEs=.xtbl
C:\Users\Marcel\AppData\Local\wC7H+mKgko5stZtOWYyxgUYqgPsYf5kGvCe1HJUkJXGTlMY-NQ6OSSAMNuKo2-3i.xtbl
C:\Users\Marcel\AppData\Local\Google
C:\Users\Marcel\AppData\Roaming\A3C85375A3C85375.bmp
C:\Users\Marcel\AppData\Roaming\data13.dat
C:\Users\Marcel\AppData\Roaming\lit1.22.exe
C:\Users\Marcel\AppData\Roaming\Shupdate
Folder: C:\Users\Marcel\AppData\Roaming\x11
Folder: C:\Users\Marcel\AppData\Roaming\x13
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Hosts:
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\Software\Microsoft\Windows\CurrentVersion\Run\\minerd => value deleted successfully.
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core => value deleted successfully.
HKU\S-1-5-21-4079469416-385390291-1880624462-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Cabrate => value deleted successfully.
sptd => Service deleted successfully.
"C:\Users\Marcel\AppData\Local\Temporary Internet Files" => ":0k2DkVxeKYjRagSejTpTO20UuMZr8" ADS not found.
C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36 => Moved successfully.
C:\ProgramData\.ST160 => Moved successfully.
C:\ProgramData\Windows => Moved successfully.
C:\Users\Marcel\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56 => Moved successfully.
C:\Users\Marcel\AppData\Local\vu1xnNgDcHeXEzvvBuxT1OYCmvta+do0xgSnltS6nEs=.xtbl => Moved successfully.
C:\Users\Marcel\AppData\Local\wC7H+mKgko5stZtOWYyxgUYqgPsYf5kGvCe1HJUkJXGTlMY-NQ6OSSAMNuKo2-3i.xtbl => Moved successfully.
C:\Users\Marcel\AppData\Local\Google => Moved successfully.
C:\Users\Marcel\AppData\Roaming\A3C85375A3C85375.bmp => Moved successfully.
C:\Users\Marcel\AppData\Roaming\data13.dat => Moved successfully.
C:\Users\Marcel\AppData\Roaming\lit1.22.exe => Moved successfully.
C:\Users\Marcel\AppData\Roaming\Shupdate => Moved successfully.

========================= Folder: C:\Users\Marcel\AppData\Roaming\x11 ========================

2014-11-23 19:49 - 2014-11-23 19:49 - 0249120 _____ (NVIDIA Corporation) C:\Users\Marcel\AppData\Roaming\x11\cudart32_55.dll
2014-11-23 19:49 - 2014-11-23 19:49 - 0055808 _____ (Open Source Software community LGPL) C:\Users\Marcel\AppData\Roaming\x11\pthreadVC2.dll
2014-11-23 19:49 - 2014-11-23 19:49 - 7916048 _____ () C:\Users\Marcel\AppData\Roaming\x11\uninstall.dat

====== End of Folder: ======


========================= Folder: C:\Users\Marcel\AppData\Roaming\x13 ========================

2014-12-12 19:29 - 2014-12-12 19:29 - 0249120 _____ (NVIDIA Corporation) C:\Users\Marcel\AppData\Roaming\x13\cudart32_55.dll
2014-12-12 19:29 - 2014-12-12 19:29 - 0055808 _____ (Open Source Software community LGPL) C:\Users\Marcel\AppData\Roaming\x13\pthreadVC2.dll
2014-12-12 19:29 - 2014-12-15 14:05 - 7916048 _____ () C:\Users\Marcel\AppData\Roaming\x13\uninstall.dat

====== End of Folder: ======


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 15:44:30 ====