Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 31-08-2016
Uruchomiony przez 1 (12-09-2016 14:31:07) Run:1
Uruchomiony z C:\Users\1\Desktop
Załadowane profile: 1 (Dostępne profile: 1)
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CreateRestorePoint:
CloseProcesses:
AppInit_DLLs: C:\ProgramData\Lightzap\DuoDonfax.dll => C:\ProgramData\Lightzap\DuoDonfax.dll [805376 2016-01-05] ()
AppInit_DLLs-x32: C:\ProgramData\Lightzap\TopZozwarm.dll => C:\ProgramData\Lightzap\TopZozwarm.dll [257536 2016-01-05] ()
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={ABB970FB-0D6D-487D-BCB1-F900A7E5E91A}&mid=672f9a641c5847cd8cf17d3bcfad0dc9-d8dfbdb7debba6bcfc647c2d7b5493eef472c350&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-23 11:23:03&v=4.2.4.155&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csDxmOrY-3j7rPIx_FJnxzQ2__vTUeTC5FwNpSEsspdR0gEAOsmAGO4aH1lJDolcNVDcmpI6NAqiY2Sh_jfl0Qeks2lvEhedKFEJB9lP6OzmlDAKNY5SnODN_X5lD5i_wD70LFoN-XA_M7zI&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csDxmOrY-3j7rPIx_FJnxzQ2__vTUeTC5FwNpSEsspdR0gEAOsmAGO4aH1lJDolcNVDcmpI6NAqiY2Sh_jfl0Qeks2lvEhedKFEJB9lP6OzmlDAKNY5SnODN_X5lD5i_wD70LFoN-XA_M7zI&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2463316202-891087949-1814409109-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={ABB970FB-0D6D-487D-BCB1-F900A7E5E91A}&mid=672f9a641c5847cd8cf17d3bcfad0dc9-d8dfbdb7debba6bcfc647c2d7b5493eef472c350&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-23 11:23:03&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2463316202-891087949-1814409109-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={ABB970FB-0D6D-487D-BCB1-F900A7E5E91A}&mid=672f9a641c5847cd8cf17d3bcfad0dc9-d8dfbdb7debba6bcfc647c2d7b5493eef472c350&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-23 11:23:03&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2463316202-891087949-1814409109-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csDxmOrY-3j7rPIx_FJnxzQ2__vTUeTC5FwNpSEsspdR0gEAOsmAGO4aH1lJDolcNVDcmpI6NAqiY2Sh_jfl0Qeks2lvEhedKFEJB9lP6OzmlDAKNY5SnODN_X5lD5i_wD70LFoN-XA_M7zI&q={searchTerms}
FF NewTab: C:\\ProgramData\\Lightzaps\\ff.NT
FF DefaultSearchEngine: findit
FF Homepage: C:\\ProgramData\\Lightzaps\\ff.HP
FF SearchPlugin: C:\Users\Daria\AppData\Roaming\Mozilla\Firefox\Profiles\zujnmv57.default\searchplugins\findit.xml [2016-01-05]
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
RemoveDirectory: C:\Users\Daria\Doctor Web
2016-01-05 21:41 - 2016-01-11 21:17 - 00000000 ____D C:\ProgramData\Lightzap
2016-01-05 21:41 - 2016-01-05 21:41 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2016-01-05 21:41 - 2016-01-05 21:41 - 00000000 ____D C:\ProgramData\Lightzaps
2016-01-05 21:40 - 2016-01-31 15:40 - 00000292 _____ C:\Windows\Tasks\Price Fountain.job
2016-01-05 21:40 - 2016-01-05 21:40 - 00000000 ____D C:\Users\Daria\AppData\Roaming\PriceFountain
2016-01-05 21:39 - 2016-01-05 21:40 - 00000000 ____D C:\Users\Daria\AppData\Local\ColorfulExpiatory
2016-01-05 21:39 - 2016-01-05 21:39 - 00003444 _____ C:\Windows\System32\Tasks\DariaColorfulExpiatoryV2
Task: {265F2731-0C8D-4366-92D8-A8B723696F34} - System32\Tasks\DariaColorfulExpiatoryV2 => Rundll32.exe MetazoaRedundant.dll,main 7 1 <==== UWAGA
Task: {2724DB94-95A2-4E8E-A644-EE9F3CBE8933} - System32\Tasks\{9C990993-3D79-478A-832B-BDC608F72B38} => pcalua.exe -a C:\Users\Daria\AppData\Roaming\WarThunder\Uninstaller.exe -d C:\Users\Daria\AppData\Roaming\WarThunder -c /Create /ePN:0W1T1C0T1M2Y1G1Q1P1C
Task: {5A3B3230-8137-43CE-ABEA-753DAB0F438B} - System32\Tasks\Price Fountain => C:\Users\Daria\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
Task: {A9BC03D7-DC09-4708-9420-B1D3FB68D5B2} - System32\Tasks\{4E2B47CC-D8A3-4BE0-875B-0C98353C197B} => pcalua.exe -a G:\start.exe -d G:\
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Daria\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
EmptyTemp:
*****************

Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
"C:\ProgramData\Lightzap\DuoDonfax.dll" => Dane wartości nie znaleziono.
"C:\ProgramData\Lightzap\TopZozwarm.dll" => Dane wartości nie znaleziono.
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Błąd przy ustawianiu wartości.
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość nie znaleziono.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => klucz nie znaleziono. 
HKCR\Wow6432Node\CLSID\ielnksrch => klucz nie znaleziono. 
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość nie znaleziono.
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => klucz nie znaleziono. 
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => klucz nie znaleziono. 
HKU\S-1-5-21-2463316202-891087949-1814409109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => klucz nie znaleziono. 
HKCR\CLSID\{ielnksrch} => klucz nie znaleziono. 
FF NewTab: C:\\ProgramData\\Lightzaps\\ff.NT => nie znaleziono
Firefox DefaultSearchEngine pomyślnie usunięto
Firefox "homepage" pomyślnie usunięto
"C:\Users\Daria\AppData\Roaming\Mozilla\Firefox\Profiles\zujnmv57.default\searchplugins\findit.xml" => nie znaleziono.
Chrome HomePage => nie znaleziono.
Chrome DefaultSearchURL => nie znaleziono.
Chrome DefaultSearchKeyword => nie znaleziono.
Chrome DefaultSuggestURL => nie znaleziono.
"C:\Users\Daria\Doctor Web" => nie znaleziono.
"C:\ProgramData\Lightzap" => nie znaleziono.
"C:\Windows\SysWOW64\findit.xml" => nie znaleziono.
"C:\ProgramData\Lightzaps" => nie znaleziono.
"C:\Windows\Tasks\Price Fountain.job" => nie znaleziono.
"C:\Users\Daria\AppData\Roaming\PriceFountain" => nie znaleziono.
"C:\Users\Daria\AppData\Local\ColorfulExpiatory" => nie znaleziono.
"C:\Windows\System32\Tasks\DariaColorfulExpiatoryV2" => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{265F2731-0C8D-4366-92D8-A8B723696F34} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\DariaColorfulExpiatoryV2 => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DariaColorfulExpiatoryV2 => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2724DB94-95A2-4E8E-A644-EE9F3CBE8933} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\{9C990993-3D79-478A-832B-BDC608F72B38} => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9C990993-3D79-478A-832B-BDC608F72B38} => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A3B3230-8137-43CE-ABEA-753DAB0F438B} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\Price Fountain => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Price Fountain => klucz nie znaleziono. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9BC03D7-DC09-4708-9420-B1D3FB68D5B2} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\{4E2B47CC-D8A3-4BE0-875B-0C98353C197B} => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4E2B47CC-D8A3-4BE0-875B-0C98353C197B} => klucz nie znaleziono. 
C:\Windows\Tasks\Price Fountain.job => nie znaleziono.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38235235 B
Java, Flash, Steam htmlcache => 313291702 B
Windows/system/drivers => 140932103 B
Edge => 0 B
Chrome => 444411122 B
Firefox => 379131160 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83592 B
systemprofile32 => 66228 B
LocalService => 111748371 B
NetworkService => 84812 B
1 => 686914170 B

RecycleBin => 951113282 B
EmptyTemp: => 2.9 GB danych tymczasowych Usunięto.

================================


System wymagał restartu.

==== Koniec  Fixlog 14:31:30 ====