myplaycity.com

[Olivis]

Zdravím,
dcery si hrály s počítačem a podařilo se jim instalace dětské hry, kdy společně nainstalovaly myplaycity.com, toto se mi zobrazuje jako domovská strana na používaném prohlížeči Mozilla a i na IE. Když změním domovskou stránku, opět po restartu prohlížeče se vrátí zpět domovská stránka myplaycity.com.
Počítač jsem projel AdwCleaner, ale pořád stejný problém, myplaycity.com jsem nodstranil. Prosím o Vaší pomoc.
Zde zasílám log z AdwCleaner:

# AdwCleaner v5.009 - Logfile created 03/10/2015 at 20:44:41
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Petr - PETR-PC
# Running from : D:\Stahování\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Petr\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Systweak

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Adobe Flash Player Updater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1103064640-731453555-573190360-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-1103064640-731453555-573190360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[-] Data Restored : HKU\S-1-5-21-1103064640-731453555-573190360-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "resource://myplaycitycom-at-gametab/myplaycity_gametab/data/newtab.html");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "MyPlayCity");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://gametab.myplaycity.com");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\prefs.js] [Preference] Deleted : user_pref("extensions.myplaycitycom@gametab.keepdefault", true);

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2460 bytes] ##########

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[Olivis]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-10-2015
Ran by Petr (administrator) on PETR-PC (03-10-2015 22:21:11)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr & UpdatusUser (Available Profiles: Petr & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(TC UP Team) C:\Program Files\TC UP\TC UP.exe
(Ghisler Software GmbH) C:\Program Files\TC UP\TOTALCMD.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2202704 2010-07-02] (ESET)
HKLM\...\Run: [NWEReboot] => [X]
HKU\S-1-5-21-1103064640-731453555-573190360-1001\...\Run: [] => [X]
HKU\S-1-5-21-1103064640-731453555-573190360-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0E458E4C-04D1-4241-A5CC-38E7CFB51185}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-1103064640-731453555-573190360-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-23] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default
FF NewTab: resource://myplaycitycom-at-gametab/myplaycity_gametab/data/newtab.html
FF SelectedSearchEngine: Heuréka
FF Homepage: hxxp://gametab.myplaycity.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-23] (Oracle Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\searchplugins\myplaycity.xml [2015-10-03]
FF Extension: MyPlayCity Gametab - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\Extensions\myplaycitycom@gametab.xpi [2015-10-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-29]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-03-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2010-07-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2010-07-02] (ESET)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
R2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-01-19] (Samsung Electronics Co., Ltd.)
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-01-19] (Samsung Electronics Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [136120 2010-06-24] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [114984 2010-04-28] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [96896 2010-04-28] (ESET)
R1 VD_FileDisk; C:\Windows\system32\Drivers\VD_FileDisk.sys [24680 2011-01-26] (CaptainFlint Software)
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-03 22:21 - 2015-10-03 22:21 - 00007909 _____ C:\Users\Petr\Desktop\FRST.txt
2015-10-03 22:20 - 2015-10-03 22:21 - 00000000 ____D C:\FRST
2015-10-03 22:20 - 2015-10-03 22:20 - 00015327 _____ C:\Users\Petr\Desktop\LM.bat
2015-10-03 22:19 - 2015-10-03 22:20 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-10-03 22:17 - 2015-10-03 22:13 - 01697280 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2015-10-03 20:46 - 2015-10-03 20:46 - 00002539 _____ C:\Users\Petr\Desktop\AdwCleaner[C1].txt
2015-10-03 16:07 - 2015-10-03 14:27 - 01670656 _____ C:\Users\Petr\Desktop\adwcleaner_5.009.exe
2015-10-03 14:31 - 2015-10-03 20:44 - 00000000 ____D C:\AdwCleaner
2015-10-03 13:29 - 2015-10-03 20:46 - 00000168 _____ C:\Windows\setupact.log
2015-10-03 13:29 - 2015-10-03 13:29 - 00000000 _____ C:\Windows\setuperr.log
2015-10-03 11:56 - 2015-10-03 21:51 - 00096201 _____ C:\Windows\WindowsUpdate.log
2015-10-03 11:41 - 2015-10-03 11:41 - 00000000 ____D C:\Users\Petr\AppData\Local\Mnyasha2_Engl
2015-10-03 11:38 - 2015-10-03 11:38 - 00000000 ____D C:\Program Files\MyPlayCity.com
2015-09-23 18:26 - 2015-09-23 18:26 - 00000000 ___HD C:\Windows\AxInstSV
2015-09-23 17:57 - 2015-09-23 17:57 - 00000000 ____D C:\Program Files\Common Files\Java
2015-09-23 17:56 - 2015-09-23 17:56 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Sun
2015-09-23 17:56 - 2015-09-23 17:56 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-09-23 17:49 - 2015-09-23 17:49 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\Oracle

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-03 22:06 - 2015-08-29 18:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-03 20:54 - 2009-07-14 06:34 - 00030336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-03 20:54 - 2009-07-14 06:34 - 00030336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-03 20:46 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-03 12:13 - 2014-03-26 19:34 - 00000000 ____D C:\Users\Petr
2015-10-03 11:56 - 2014-03-29 17:16 - 00000000 ____D C:\Users\Petr\Documents\záloha registrů
2015-10-03 11:55 - 2014-06-15 14:05 - 00000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2015-10-03 11:55 - 2014-03-26 23:34 - 00000000 ____D C:\Windows\Minidump
2015-09-24 15:58 - 2014-03-29 16:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-09-24 15:55 - 2010-11-20 23:01 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-23 18:52 - 2014-03-26 23:51 - 00780488 _____ C:\Windows\system32\FlashPlayerApp.exe
2015-09-23 18:52 - 2014-03-26 23:51 - 00142536 _____ C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-23 18:49 - 2014-03-29 09:29 - 00000000 ____D C:\Users\Petr\AppData\Local\Adobe
2015-09-23 18:12 - 2015-04-05 13:36 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieUserList
2015-09-23 18:12 - 2015-04-05 13:36 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieSiteList
2015-09-23 18:12 - 2015-04-05 13:36 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-09-23 18:01 - 2015-03-28 15:43 - 00000000 ____D C:\ProgramData\Oracle
2015-09-23 17:59 - 2015-03-28 15:43 - 00000000 ____D C:\Program Files\Java
2015-09-23 17:58 - 2015-03-28 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-23 17:51 - 2015-03-28 15:47 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-09-23 17:43 - 2014-03-29 17:07 - 00000971 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-23 17:43 - 2014-03-29 17:07 - 00000000 ____D C:\Program Files\CCleaner
2015-09-22 18:22 - 2014-05-01 19:22 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe

==================== Files in the root of some directories =======

2014-04-13 12:56 - 2014-04-13 12:56 - 0087608 _____ () C:\Users\Petr\AppData\Roaming\inst.exe
2014-04-13 12:56 - 2014-04-13 12:56 - 0007887 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.cat
2014-04-13 12:56 - 2014-04-13 12:56 - 0001144 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.inf
2014-04-13 12:56 - 2014-04-13 12:56 - 0000055 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.log
2014-04-13 12:56 - 2014-04-13 12:56 - 0047360 _____ (VSO Software) C:\Users\Petr\AppData\Roaming\pcouffin.sys
2014-09-21 14:31 - 2015-05-31 14:15 - 0000573 _____ () C:\Users\Petr\AppData\Local\MRDownloader.err
2014-07-27 16:43 - 2015-05-31 14:16 - 0001112 _____ () C:\Users\Petr\AppData\Local\MRDownloader.nast
2014-03-29 17:08 - 2014-03-29 17:08 - 0000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-02 21:14

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [NWEReboot] => [X]
HKU\S-1-5-21-1103064640-731453555-573190360-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF NewTab: resource://myplaycitycom-at-gametab/myp ... ewtab.html
FF Homepage: hxxp://gametab.myplaycity.com
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\searchplugins\myplaycity.xml [2015-10-03]
FF Extension: MyPlayCity Gametab - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\Extensions\myplaycitycom@gametab.xpi [2015-10-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-29]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\Users\Petr\AppData\Local\Mnyasha2_Engl
C:\Users\Petr\AppData\Local\Temp
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Olivis]

Fix result of Farbar Recovery Scan Tool (x86) Version:30-10-2015
Ran by Petr (2015-10-04 12:22:49) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr & UpdatusUser (Available Profiles: Petr & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [NWEReboot] => [X]
HKU\S-1-5-21-1103064640-731453555-573190360-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF NewTab: resource://myplaycitycom-at-gametab/myp ... ewtab.html
FF Homepage: hxxp://gametab.myplaycity.com
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\searchplugins\myplaycity.xml [2015-10-03]
FF Extension: MyPlayCity Gametab - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\Extensions\myplaycitycom@gametab.xpi [2015-10-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-29]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\Users\Petr\AppData\Local\Mnyasha2_Engl
C:\Users\Petr\AppData\Local\Temp
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot => value removed successfully.
HKU\S-1-5-21-1103064640-731453555-573190360-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully.
C:\Program Files\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully.
Firefox "newtab" removed successfully.
Firefox "homepage" removed successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\searchplugins\myplaycity.xml => moved successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\i8faarpp.default\Extensions\myplaycitycom@gametab.xpi => moved successfully
C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => moved successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully.
C:\Users\Petr\AppData\Local\Mnyasha2_Engl => moved successfully

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-04 12:25:57)

C:\Users\Petr\AppData\Local\Temp => moved successfully

==== End of Fixlog 12:25:58 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Olivis]

Ano, myplaycity.com je již nyní z prohlížeče pryč.

Moc děkuji

[Rudy]

Rádo se stalo!