Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:09-12-2015
Uruchomiony przez Lord Lemur (2015-12-12 10:26:34) Run:2
Uruchomiony z C:\Users\Lord Lemur\Documents\oprogramowanie\frst64
Załadowane profile: Lord Lemur (Dostępne profile: Lord Lemur)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
CreateRestorePoint:
R2 WdMan; C:\ProgramData\8WdM8\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
ShortcutWithArgument: C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT <==== UWAGA
ShortcutWithArgument: C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT <==== UWAGA
ShortcutWithArgument: C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT <==== UWAGA
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT&q={searchTerms}
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT&q={searchTerms}
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3012261713-3946105542-649937570-1002 -> {D1946AB6-3DF2-42A1-ACE9-F9C50D2B3454} URL =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1449832635&z=8cef1005e2e027024929ee6g8z0z9tdb0cbo7q0c6c&from=ient07021&uid=TOSHIBAXMQ01ABD075_Z3DMPKMZTXXZ3DMPKMZT
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\...\MountPoints2: {b0cb83f0-d614-11e4-826a-0c54a5f2ac84} - "G:\setup.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
DeleteKey: HKCU\Software\dobreprogramy
DeleteKey: HKLM\SOFTWARE\Wow6432Node\yoursites123Software
DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes
DeleteKey: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes
RemoveDirectory: C:\AdwCleaner
RemoveDirectory: C:\ProgramData\8WdM8
RemoveDirectory: C:\Users\Lord Lemur\Desktop\Stare dane programu Firefox
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Procesy zostały pomyślnie zamknięte.
Punkt przywracania został pomyślnie utworzony.
WdMan => serwis nie znaleziono.
C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Lord Lemur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1946AB6-3DF2-42A1-ACE9-F9C50D2B3454} => klucz nie znaleziono. 
HKCR\CLSID\{D1946AB6-3DF2-42A1-ACE9-F9C50D2B3454} => klucz nie znaleziono. 
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wartość nie znaleziono.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Wartość nie znaleziono.
HKU\S-1-5-21-3012261713-3946105542-649937570-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0cb83f0-d614-11e4-826a-0c54a5f2ac84} => klucz nie znaleziono. 
HKCR\CLSID\{b0cb83f0-d614-11e4-826a-0c54a5f2ac84} => klucz nie znaleziono. 
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => klucz nie znaleziono. 
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => klucz nie znaleziono. 
HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => klucz nie znaleziono. 
HKCU\Software\dobreprogramy => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\yoursites123Software => klucz nie znaleziono. 
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. 
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes => klucz nie znaleziono. 
"C:\AdwCleaner" => nie znaleziono.
"C:\ProgramData\8WdM8" => nie znaleziono.
"C:\Users\Lord Lemur\Desktop\Stare dane programu Firefox" => nie znaleziono.

=========  netsh advfirewall reset =========

Ok.


========= Koniec  CMD: =========

EmptyTemp: => 186 MB danych tymczasowych Usunięto.


System wymagał restartu.

==== Koniec  Fixlog 10:28:31 ====