Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:09-12-2015
Uruchomiony przez Windyy (2015-12-09 16:39:17) Run:1
Uruchomiony z K:\Download 2
Załadowane profile: Windyy (Dostępne profile: Windyy)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
R2 WdMan; C:\ProgramData\QWdMQ\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-09] ()
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
ShortcutWithArgument: C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\Users\Windyy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\Users\Windyy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192 <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192&q={searchTerms}
SearchScopes: HKU\S-1-5-21-67032335-2401925526-3629021281-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-67032335-2401925526-3629021281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1449648957&z=abebfbd0331a156ee7a100cg9zbzdt7q4z4bdt6wet&from=ient07021&uid=ADATAXSP900_7D3520010192
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - D:\Program Files\AVAST Software\Avast\SafePrice\FF
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSetup
C:\Program Files (x86)\Temp
C:\ProgramData\8WdM8
C:\ProgramData\QWdMQ
C:\Windows\system32\Drivers\EsgScanner.sys
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
WdMan => serwis pomyślnie usunięto
EsgScanner => serwis pomyślnie usunięto
NVHDA => serwis pomyślnie usunięto
C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Windyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono
C:\Users\Windyy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Windyy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-67032335-2401925526-3629021281-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
HKU\S-1-5-21-67032335-2401925526-3629021281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość nie znaleziono.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMSetup => klucz pomyślnie usunięto
C:\Program Files (x86)\Temp => pomyślnie przeniesiono
C:\ProgramData\8WdM8 => pomyślnie przeniesiono
C:\ProgramData\QWdMQ => pomyślnie przeniesiono
C:\Windows\system32\Drivers\EsgScanner.sys => pomyślnie przeniesiono
EmptyTemp: => 227.8 MB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 16:39:36 ====