Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014 Ran by Gabulek (administrator) on VAIO on 02-12-2014 18:29:11 Running from C:\Users\Gabulek\Downloads Loaded Profiles: UpdatusUser & Gabulek (Available profiles: UpdatusUser & Gabulek) Platform: Windows 8 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\ShowTip.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (OldTimer Tools) C:\Users\Gabulek\Desktop\adw\OTL.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor) HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation) HKLM-x32\...\Run: [CheckNDISPortF0acD2] => C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe [459008 2013-07-26] () HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe [446208 2013-07-26] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-3181054386-3415552120-296653804-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-3181054386-3415552120-296653804-1001\...\MountPoints2: E - "E:\AutoRun.exe" HKU\S-1-5-21-3181054386-3415552120-296653804-1001\...\MountPoints2: {d45a9f47-98c6-11e3-be75-3423877bb2e2} - "E:\AutoRun.exe" HKU\S-1-5-21-3181054386-3415552120-296653804-1002\...\MountPoints2: E - "E:\AutoRun.exe" HKU\S-1-5-21-3181054386-3415552120-296653804-1002\...\MountPoints2: F - "F:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-3181054386-3415552120-296653804-1002\...\MountPoints2: {61640533-270e-11e4-be91-3423877bb2e2} - "G:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-3181054386-3415552120-296653804-1002\...\MountPoints2: {d45a9f47-98c6-11e3-be75-3423877bb2e2} - "E:\AutoRun.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-03] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-03] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Gabulek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=21.6.0.32 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=21.6.0.32 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=21.6.0.32 HKU\S-1-5-21-3181054386-3415552120-296653804-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=21.6.0.32 HKU\S-1-5-21-3181054386-3415552120-296653804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com HKU\S-1-5-21-3181054386-3415552120-296653804-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu HKU\S-1-5-21-3181054386-3415552120-296653804-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu HKU\S-1-5-21-3181054386-3415552120-296653804-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=n360&pvid=21.6.0.32 HKU\S-1-5-21-3181054386-3415552120-296653804-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu HKU\S-1-5-21-3181054386-3415552120-296653804-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=21.6.0.32 SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKLM-x32 -> DefaultScope value is missing. BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-3181054386-3415552120-296653804-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Gabulek\AppData\Roaming\Mozilla\Firefox\Profiles\g7f94oy6.default-1398880142485 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3181054386-3415552120-296653804-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel) FF Plugin HKU\S-1-5-21-3181054386-3415552120-296653804-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml FF Extension: Addictive Typing Lessons - C:\Users\Gabulek\AppData\Roaming\Mozilla\Firefox\Profiles\g7f94oy6.default-1398880142485\Extensions\addictive_typing_lessons@tomkennedy.net.xpi [2014-11-04] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Gabulek\AppData\Roaming\Mozilla\Firefox\Profiles\g7f94oy6.default-1398880142485\Extensions\elemhidehelper@adblockplus.org.xpi [2014-11-04] FF Extension: SunriseBrowse 1.0.1 - C:\Users\Gabulek\AppData\Roaming\Mozilla\Firefox\Profiles\g7f94oy6.default-1398880142485\Extensions\{3f7fa6e7-633b-4753-a8aa-90403860bfc7}.xpi [2014-11-30] FF Extension: Adblock Plus - C:\Users\Gabulek\AppData\Roaming\Mozilla\Firefox\Profiles\g7f94oy6.default-1398880142485\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-01] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2014-12-02] FF Extension: No Name - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} [Not Found] Chrome: ======= CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-31] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation) R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-08-01] (Microsoft) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation) S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20141201.003\IDSvia64.sys [637656 2014-11-18] (Symantec Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20141201.033\ENG64.SYS [129752 2014-11-22] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20141201.033\EX64.SYS [2137304 2014-11-22] (Symantec Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated) R3 SRTSP; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2014-08-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-31] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\system32\drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation) S3 EraserUtilDrv11410; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11410.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-02 18:29 - 2014-12-02 18:29 - 00025308 _____ () C:\Users\Gabulek\Downloads\FRST.txt 2014-12-02 18:28 - 2014-12-02 18:29 - 00000000 ____D () C:\FRST 2014-12-02 18:28 - 2014-12-02 18:28 - 02117120 _____ (Farbar) C:\Users\Gabulek\Downloads\FRST64.exe 2014-12-02 16:39 - 2014-12-02 16:39 - 00125172 _____ () C:\Users\Gabulek\Desktop\OTL.Txt 2014-12-02 16:21 - 2014-12-02 16:21 - 00000000 ____D () C:\_OTL 2014-12-02 16:08 - 2014-12-02 16:08 - 00000841 _____ () C:\Users\Gabulek\Desktop\AdwCleaner[S0].txt 2014-12-02 15:57 - 2014-12-02 16:04 - 00000000 ____D () C:\AdwCleaner 2014-12-02 15:12 - 2014-12-02 16:18 - 00029696 ___SH () C:\Users\Gabulek\Desktop\Thumbs.db 2014-12-02 14:43 - 2014-12-02 17:57 - 00000000 ____D () C:\Users\Gabulek\Desktop\adw 2014-12-02 14:40 - 2014-12-02 14:41 - 00380416 _____ () C:\Users\Gabulek\Downloads\ljxe2g0u.exe 2014-12-02 10:33 - 2014-12-02 10:33 - 00001837 _____ () C:\Users\Gabulek\Desktop\JRT.txt 2014-12-02 10:29 - 2014-12-02 10:29 - 00000000 ____D () C:\Windows\ERUNT 2014-12-02 10:27 - 2014-12-02 10:27 - 01707646 _____ (Thisisu) C:\Users\Gabulek\Downloads\JRT.exe 2014-12-01 23:19 - 2014-12-01 23:19 - 00109323 _____ () C:\Users\Gabulek\Desktop\Prezentacja seminarium1.pptx 2014-11-26 12:58 - 2014-11-26 12:58 - 00000000 ____D () C:\Users\Gabulek\AppData\Local\HP 2014-11-26 09:03 - 2014-11-26 09:03 - 00114291 _____ () C:\Users\Gabulek\Desktop\Prezentacja seminarium.pptx 2014-11-25 21:45 - 2014-11-26 12:58 - 00000000 ____D () C:\Users\Gabulek\AppData\Roaming\HP 2014-11-25 21:45 - 2014-11-25 21:45 - 00000000 ____D () C:\ProgramData\WEBREG 2014-11-25 21:42 - 2014-11-25 21:42 - 00001048 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk 2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\Users\Gabulek\AppData\Roaming\HpUpdate 2014-11-25 21:41 - 2014-11-25 21:41 - 00001383 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Centrum obsługi HP.lnk 2014-11-25 21:41 - 2014-11-25 21:41 - 00001377 _____ () C:\Users\Public\Desktop\Centrum obsługi HP.lnk 2014-11-25 21:41 - 2014-11-25 21:41 - 00000000 ____D () C:\ProgramData\HP Product Assistant 2014-11-25 21:40 - 2014-11-25 21:40 - 00001225 _____ () C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych HP.lnk 2014-11-25 21:39 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-11-25 21:37 - 2014-11-25 21:42 - 00000000 ____D () C:\Program Files (x86)\HP 2014-11-25 21:35 - 2014-11-25 21:45 - 00193783 _____ () C:\Windows\hpoins13.dat 2014-11-25 21:35 - 2014-11-25 21:45 - 00000838 _____ () C:\ProgramData\hpzinstall.log 2014-11-25 21:35 - 2014-11-25 21:45 - 00000000 ____D () C:\ProgramData\HP 2014-11-25 21:35 - 2012-09-26 14:18 - 00000462 ____N () C:\Windows\hpomdl13.dat 2014-11-25 21:35 - 2009-07-08 11:51 - 01295360 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotiop4.dll 2014-11-25 21:35 - 2009-07-08 11:51 - 00859136 _____ (Hewlett-Packard) C:\Windows\system32\hpowiax4.dll 2014-11-25 21:35 - 2009-07-08 11:51 - 00540672 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2014-11-25 21:35 - 2009-07-08 11:51 - 00488960 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst11.dll 2014-11-25 20:23 - 2014-11-25 20:56 - 187970272 _____ () C:\Users\Gabulek\Downloads\PS_AIO_C4200_NonNet_Full_Win_WW_140_404-4.exe 2014-11-25 20:21 - 2014-11-25 20:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-11-24 08:28 - 2014-11-24 08:28 - 00000000 ____D () C:\Users\Gabulek\Desktop\DOK 2014-11-20 18:15 - 2014-11-24 18:05 - 00000000 ____D () C:\Users\Gabulek\Downloads\[ www.SceneTime.com ] - The.Wolf.of.Wall.Street.2013.DVDRip.480p.x264.AC3-LoRD 2014-11-10 21:14 - 2014-11-10 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-03 10:15 - 2014-12-02 11:37 - 00000000 ____D () C:\Users\Gabulek\AppData\Local\CrashDumps ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-02 18:21 - 2014-02-18 19:43 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-02 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru 2014-12-02 16:27 - 2013-12-02 20:57 - 01512997 _____ () C:\Windows\WindowsUpdate.log 2014-12-02 16:24 - 2014-08-22 21:08 - 00000000 ____D () C:\Users\Gabulek\AppData\Local\HTC MediaHub 2014-12-02 16:23 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-02 16:22 - 2012-07-26 06:26 - 00786432 ___SH () C:\Windows\system32\config\BBI 2014-12-02 16:05 - 2012-08-03 22:06 - 00042928 _____ () C:\Windows\PFRO.log 2014-12-02 14:05 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-12-02 14:03 - 2014-03-01 09:51 - 00364144 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-02 10:52 - 2012-08-03 23:19 - 00794946 _____ () C:\Windows\system32\perfh015.dat 2014-12-02 10:52 - 2012-08-03 23:19 - 00159530 _____ () C:\Windows\system32\perfc015.dat 2014-12-02 10:52 - 2012-07-26 08:28 - 01793398 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-02 07:14 - 2012-07-26 06:26 - 00000359 _____ () C:\Windows\win.ini 2014-12-01 15:16 - 2014-10-23 11:10 - 00000000 ____D () C:\Users\Gabulek\AppData\Local\Battle.net 2014-11-25 20:22 - 2014-02-18 19:43 - 00003818 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-25 20:19 - 2012-07-26 08:21 - 00037806 _____ () C:\Windows\setupact.log 2014-11-24 18:26 - 2014-06-09 12:27 - 00000000 ____D () C:\Users\Gabulek\AppData\Roaming\vlc 2014-11-24 08:29 - 2014-06-03 19:56 - 00000000 ____D () C:\Users\Gabulek\Desktop\CV 2014-11-24 08:27 - 2014-03-01 20:02 - 00000000 ____D () C:\Users\Gabulek\Desktop\foto 2014-11-20 19:08 - 2014-05-01 16:41 - 00000000 ____D () C:\Users\Gabulek\AppData\Roaming\uTorrent 2014-11-20 10:29 - 2014-10-23 11:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-11-18 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-11-15 18:48 - 2014-03-20 06:47 - 00000000 ____D () C:\Users\Gabulek\AppData\Roaming\Skype 2014-11-11 18:06 - 2014-02-18 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-24 08:09 ==================== End Of Log ============================