Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:09-12-2015 Uruchomiony przez Waldek (2015-12-10 20:42:08) Run:2 Uruchomiony z C:\Users\Waldek\Desktop\Nowy folder (2) Załadowane profile: Waldek (Dostępne profile: Waldek) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A <==== UWAGA CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1444495560&z=0b8558a768e27b8caaf4c43g9z1z9zfzft3w3c4w3c&from=cor&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449740949&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=SamsungXSSDX850XEVOX250GB_S21PNXAG690052A&q={searchTerms} SearchScopes: HKU\S-1-5-21-516307512-3792544153-365543194-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-516307512-3792544153-365543194-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE C:\Program Files\Enigma Software Group C:\Program Files (x86)\GUT935A.tmp C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\ProgramData\iWdMi C:\ProgramData\nWdMn C:\Users\Waldek\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 C:\Users\Waldek\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Waldek\AppData\Local\Google\Chrome\User Data\Default\Web Data C:\Users\Waldek\AppData\Roaming\TSv C:\Users\Waldek\Downloads\SpyHunter-Installer.exe Reg: reg delete HKLM\SOFTWARE\Mozilla /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\yoursites123Software /f EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Skrót - argument pomyślnie przywrócono C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Waldek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk => Skrót - argument pomyślnie usunięto. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. C:\Users\Public\Desktop\Google Chrome.lnk => Skrót - argument pomyślnie usunięto. Chrome HomePage => pomyślnie usunięto HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKU\S-1-5-21-516307512-3792544153-365543194-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto "HKU\S-1-5-21-516307512-3792544153-365543194-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Wartość pomyślnie przywrócono HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdReg => Wartość pomyślnie usunięto C:\Program Files\Enigma Software Group => pomyślnie przeniesiono C:\Program Files (x86)\GUT935A.tmp => pomyślnie przeniesiono C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono C:\ProgramData\iWdMi => pomyślnie przeniesiono C:\ProgramData\nWdMn => pomyślnie przeniesiono C:\Users\Waldek\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 => pomyślnie przeniesiono C:\Users\Waldek\AppData\Local\Google\Chrome\User Data\Default\Preferences => pomyślnie przeniesiono C:\Users\Waldek\AppData\Local\Google\Chrome\User Data\Default\Web Data => pomyślnie przeniesiono C:\Users\Waldek\AppData\Roaming\TSv => pomyślnie przeniesiono C:\Users\Waldek\Downloads\SpyHunter-Installer.exe => pomyślnie przeniesiono ========= reg delete HKLM\SOFTWARE\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\yoursites123Software /f ========= Operacja ukoäczona pomy˜lnie. ========= Koniec Reg: ========= EmptyTemp: => 371.6 MB danych tymczasowych Usunięto. System wymagał restartu. ==== Koniec Fixlog 20:42:14 ====