Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 03-05-2020
Uruchomiony przez user (administrator)  TOSHIBA (TOSHIBA SATELLITE C855-1UE) (04-05-2020 10:35:10)
Uruchomiony z C:\Users\user\Desktop\FRST
Załadowane profile: user (Dostępne profile: user & Rafał)
Platform: Windows 10 Home Wersja 1607 14393.447 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Edge
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

() [Brak podpisu cyfrowego] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [Brak podpisu cyfrowego] C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18370560 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-19] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-22] (Pegatron Corporation) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-3729022659-4076590028-3572547655-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1579368 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3729022659-4076590028-3572547655-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1397248 2018-09-17] (Polar Electro Oy) [Brak podpisu cyfrowego]
HKU\S-1-5-21-3729022659-4076590028-3572547655-1001\...\MountPoints2: {00558127-180d-11e8-befa-24ec99fa5dd6} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3729022659-4076590028-3572547655-1001\...\MountPoints2: {53feac46-d3e4-11e9-bf03-7054d23e9946} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3729022659-4076590028-3572547655-1001\...\MountPoints2: {91bff7ed-8c9e-11ea-bf29-7054d23e9946} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-02] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplorer.lnk [2019-01-18]
ShortcutAndArgument: iexplorer.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe =>   -W Hidden -Exec -nop $t=Get-ItemProperty -Path 'HKCU:\Software\Classes\mssccfile' -Name t;IEX $t.t;
GroupPolicyUsers\S-1-5-21-3729022659-4076590028-3572547655-1002\User: Ograniczenia <==== UWAGA
GroupPolicyUsers\S-1-5-21-3729022659-4076590028-3572547655-1001\User: Ograniczenia <==== UWAGA
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {022C0340-CB85-4974-B264-C337BA882E3E} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496 2012-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {0A0E5DDF-637F-4325-A53F-DAA9EDFD2F19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {10E43FF1-4910-4821-B96E-593860CDA7BA} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {139C1D27-EA17-42C5-892E-52F44CDC12F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-19] (Adobe Inc. -> Adobe)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1A8FB8AE-B2AD-431A-A63D-BD692B204907} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3955368 2015-09-22] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {24582D54-9101-4D54-BE43-26855BEDBB09} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {44DB7CEF-C12D-4522-9FCF-BEFB6350EBC8} - System32\Tasks\{FE77194C-0D1D-4E5A-9B5D-6BDB42E51B3E} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\user\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\RobloxPlayerLauncher.exe -c -uninstall
Task: {49D755DF-F901-42C0-A2E8-CBDC1DD43EB0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-28] (Adobe Inc. -> Adobe)
Task: {517E7ABF-118E-4C97-A703-92F4B9E8BD14} - \WPD\SqmUpload_S-1-5-21-3729022659-4076590028-3572547655-1002 -> Brak pliku <==== UWAGA
Task: {5A984CA5-3036-4241-B107-E8D1AF1E6847} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-12-01] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {651C68A7-73B6-4AA8-A4D5-1AFF98C1A099} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {654FD694-7959-414D-944E-D851C8588D00} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {670FDB82-F3C4-4B29-AEC8-EC8662FD5275} - \WPD\SqmUpload_S-1-5-21-3729022659-4076590028-3572547655-1001 -> Brak pliku <==== UWAGA
Task: {6ABA3666-2BBE-4CC8-B33E-D116519B651E} - System32\Tasks\{BD7E1FE7-4645-4210-A185-7C4742D7D0FC} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\ipla\uninst.exe"
Task: {6B3F2082-4DE6-41B0-98B9-9706F57F31D2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2731368 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D2C338F-AAC3-4500-94BD-DDF3F33966BD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-28] (Adobe Inc. -> Adobe)
Task: {6DD6AD79-1833-4C1D-AC7C-DFC73278C92F} - \Microsoft\Windows\Setup\EOSNotify -> Brak pliku <==== UWAGA
Task: {716FCFDC-A159-4E28-9D8F-76C922512CFB} - System32\Tasks\{602D10A1-B75B-4A48-82D2-3E15652DB32E} => C:\windows\system32\pcalua.exe -a "C:\Users\user\Instrukcje VAG KKL\Sterownik\Sterownik_windows_xp_vista_7_8.exe" -d "C:\Users\user\Instrukcje VAG KKL\Sterownik"
Task: {73100EB9-400A-41C6-A9AA-44D650409842} - System32\Tasks\{EE1691D4-E88E-4246-AC80-1BDB99B8D0ED} => C:\windows\system32\pcalua.exe -a "C:\Users\user\Instrukcje VAG KKL\VAG\VAG-COM 3112 z laptopa\VagCom.exe" -d "C:\Users\user\Instrukcje VAG KKL\VAG\VAG-COM 3112 z laptopa"
Task: {7B7F1327-DC2B-4B13-8F38-ED9F4740FE8F} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9992AAD2-A5C1-423D-81E8-4663855AE873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E38EE20-BE79-44F5-B60F-FCB358474F27} - System32\Tasks\{A132B3F6-BB3A-42C7-9BB5-E7264182E0D0} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\VAG-COM\VagCom.exe" -d "C:\Program Files (x86)\VAG-COM"
Task: {AD9959D4-DC8E-4BB9-9834-BC24146978BE} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B0901CF3-5077-456E-B8DD-398D0EFFFF69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5A343F7-377F-4ACD-A8D2-B4D500535626} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B8074196-41D9-4723-9618-ABDD42B992BC} - System32\Tasks\{060908F4-E605-47F0-8AB3-58A46D2A38BD} => C:\windows\system32\pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=cor <==== UWAGA
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CA838D7D-291C-4665-A6EE-B4319107F726} - System32\Tasks\{765E170B-00BE-47E9-B174-5958B643586A} => C:\windows\system32\pcalua.exe -a "C:\Users\user\Instrukcje VAG KKL\Sterownik\Sterownik_windows_8.1.exe" -d "C:\Users\user\Instrukcje VAG KKL\Sterownik"
Task: {DA0C8DD1-DC3E-444B-823E-63AF363AAF12} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {DA36F9F2-29AB-41EE-B883-8D9108A48715} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCC1CD56-F361-400A-BB8F-147275F3A4A5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {EA2F0FB4-8043-4F6B-BEFA-1D8BB4BE0064} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3729022659-4076590028-3572547655-1001 -> Brak pliku <==== UWAGA
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F181030A-7695-4B9D-8D60-A0FCA41693F8} - System32\Tasks\{5181B206-BA33-4254-A4B8-18C63E9F0606} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.5.0.102/pl/abandoninstall?page=tsProgressBar
Task: {FCCEA86C-09D4-4498-B055-A9AEF178FE06} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Winsock: Catalog9-x64 01 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
Winsock: Catalog9-x64 02 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
Winsock: Catalog9-x64 03 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
Winsock: Catalog9-x64 04 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
Winsock: Catalog9-x64 05 C:\windows\system32\LavasoftTcpService64.dll [425744 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c5761aa3-53bc-4bc6-97fc-b9bd0c91a513}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-3729022659-4076590028-3572547655-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={ECC9726E-21BB-4DF5-AA00-97932FD1903B}&mid=69e5b3768caf47cd9dcff5a5df1eb425-259b902e776cdbd3cffed9d3bfcfb45e7cccfe4a&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-03-12 08:34:23&v=4.3.9.605&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3729022659-4076590028-3572547655-1001 -> {C0C086E7-4A26-4AB0-A07E-7A11BB25C393} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Brak nazwy -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Brak pliku
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3729022659-4076590028-3572547655-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3729022659-4076590028-3572547655-1001 -> Brak nazwy - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  Brak pliku

Edge: 
======
DownloadDir: C:\Users\user\Downloads

FireFox:
========
FF DefaultProfile: bitu6ha1.default-1558296925489
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\bitu6ha1.default-1558296925489 [2020-05-02]
FF Notifications: Mozilla\Firefox\Profiles\bitu6ha1.default-1558296925489 -> hxxps://autokult.pl
FF Extension: (Avast Online Security) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\bitu6ha1.default-1558296925489\Extensions\wrc@avast.com.xpi [2019-11-25]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8at0w2m4.default\extensions\faststartff@gmail.com => nie znaleziono
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-19] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-19] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Brak podpisu cyfrowego]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-10-23] (Nero AG -> Nero AG)
FF Plugin HKU\S-1-5-21-3729022659-4076590028-3572547655-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2142056 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [Brak podpisu cyfrowego]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-12-01] (Lavasoft Limited -> Lavasoft Limited) [Brak podpisu cyfrowego]
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2499944 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Brak podpisu cyfrowego]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-12-01] (Lavasoft Limited -> ) [Brak podpisu cyfrowego]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-09-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [129456 2017-08-24] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2014-10-21] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2000-01-01] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Semiconductor Corp -> Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-09-22] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-04-28] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-18] (Microsoft Windows -> Microsoft Corporation)
U1 netfilter2; Brak ImagePath

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) ===================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2020-05-03 22:21 - 2020-05-03 22:21 - 000000000 ____D C:\Users\user\Desktop\Backup
2020-05-03 22:13 - 2020-05-03 22:13 - 000000000 ___HD C:\$Windows.~WS
2020-05-03 22:12 - 2020-05-03 22:12 - 000000000 ___HD C:\$SysReset
2020-05-03 20:11 - 2020-05-03 20:11 - 000036106 _____ C:\Users\user\Downloads\Praca%20Informatyka
2020-05-03 20:10 - 2020-05-03 20:10 - 003067308 _____ C:\Users\user\Downloads\Praca%20Pingwin
2020-05-03 20:10 - 2020-05-03 20:10 - 000040382 _____ C:\Users\user\Downloads\KRZYŻÓWKA
2020-05-03 19:10 - 2020-05-03 19:53 - 000040382 _____ C:\Users\user\Desktop\KRZYŻÓWKA
2020-05-03 15:57 - 2020-05-03 15:57 - 000001009 _____ C:\Users\Public\Desktop\WinRAR.lnk
2020-05-03 15:57 - 2020-05-03 15:57 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-03 15:57 - 2020-05-03 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-03 15:57 - 2020-05-03 15:57 - 000000000 ____D C:\Program Files\WinRAR
2020-05-03 15:56 - 2020-05-03 15:56 - 003471520 _____ (Alexander Roshal) C:\Users\user\Downloads\winrar-5-90.exe
2020-05-03 15:56 - 2020-05-03 15:56 - 003237016 _____ (Dilamugomo ) C:\Users\user\Desktop\winrar-5-90-ks_2471000172.exe
2020-05-03 15:52 - 2019-04-15 02:47 - 000000000 ____D C:\Users\user\Desktop\Reset Windows Update Tool
2020-05-03 15:19 - 2020-05-03 20:02 - 003067308 _____ C:\Users\user\Desktop\Praca Pingwin
2020-05-03 14:40 - 2020-05-03 20:06 - 000036106 _____ C:\Users\user\Desktop\Praca Informatyka
2020-05-03 13:02 - 2020-05-03 22:11 - 000000000 ____D C:\ESD
2020-05-02 20:40 - 2020-05-02 20:40 - 000001601 _____ C:\Users\user\Desktop\Microsoft Edge.lnk
2020-05-02 15:19 - 2020-05-03 17:33 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-05-01 21:14 - 2020-05-01 21:14 - 000000000 ____D C:\WINDOWS\pss
2020-05-01 18:06 - 2020-05-04 10:36 - 000000000 ____D C:\FRST
2020-05-01 18:06 - 2020-05-04 10:35 - 000000000 ____D C:\Users\user\Desktop\FRST
2020-05-01 16:19 - 2020-05-01 16:19 - 000376528 _____ (Microsoft Corporation) C:\Users\Rafał\Desktop\RefreshWindowsTool.exe
2020-05-01 16:16 - 2020-05-01 16:17 - 000000000 ____D C:\Users\Rafał\AppData\Local\MicrosoftEdge
2020-05-01 16:09 - 2020-05-01 16:09 - 000000000 ____D C:\Users\Rafał\AppData\Local\Publishers
2020-05-01 16:09 - 2020-05-01 16:09 - 000000000 ____D C:\Users\Rafał\AppData\Local\Comms
2020-05-01 16:08 - 2020-05-01 16:08 - 000000616 __RSH C:\Users\Rafał\ntuser.pol
2020-05-01 16:08 - 2020-05-01 16:08 - 000000020 ___SH C:\Users\Rafał\ntuser.ini
2020-05-01 16:08 - 2020-05-01 16:08 - 000000000 ____D C:\Users\Rafał\AppData\Local\TileDataLayer
2020-05-01 16:08 - 2020-05-01 16:08 - 000000000 ____D C:\Users\Rafał\AppData\Local\Google
2020-05-01 13:45 - 2020-05-01 13:45 - 000376528 _____ (Microsoft Corporation) C:\Users\user\Desktop\RefreshWindowsTool.exe
2020-05-01 13:41 - 2020-05-01 14:22 - 000000000 ___HD C:\$GetCurrent
2020-05-01 13:39 - 2020-05-01 13:39 - 019255000 _____ (Microsoft Corporation) C:\Users\user\Downloads\MediaCreationTool1909.exe
2020-05-01 13:27 - 2020-05-01 13:40 - 006261368 _____ (Microsoft Corporation) C:\Users\user\Downloads\Windows10Upgrade9252.exe
2020-05-01 13:12 - 2020-05-01 13:12 - 000376528 _____ (Microsoft Corporation) C:\Users\user\Downloads\RefreshWindowsTool.exe
2020-05-01 11:25 - 2020-05-01 11:25 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-05-01 11:25 - 2020-05-01 11:25 - 000000000 ___RD C:\Users\Rafał\OneDrive
2020-05-01 11:25 - 2020-05-01 11:25 - 000000000 ___RD C:\Users\Default\OneDrive
2020-05-01 11:25 - 2020-05-01 11:25 - 000000000 ___RD C:\Users\Default User\OneDrive
2020-05-01 11:24 - 2020-05-02 11:59 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-05-01 11:24 - 2020-05-01 11:24 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-29 17:06 - 2020-04-29 18:55 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2020-04-29 16:30 - 2020-04-29 16:30 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2020-04-29 16:26 - 2012-03-26 05:00 - 000392192 _____ (CANON INC.) C:\WINDOWS\system32\CNMXLMB8.DLL
2020-04-29 16:26 - 2012-02-08 16:34 - 000320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B8L.dll
2020-04-29 16:26 - 2012-01-24 16:18 - 000077568 _____ C:\WINDOWS\SysWOW64\CNC1762D.TBL
2020-04-29 16:26 - 2012-01-16 14:21 - 000103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B8U.dll
2020-04-29 16:26 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2020-04-29 16:23 - 2020-04-29 16:23 - 000000000 ____D C:\Users\user\AppData\LocalLow\Canon Easy-WebPrint EX2
2020-04-29 16:23 - 2020-04-29 16:23 - 000000000 ____D C:\Users\user\AppData\LocalLow\Canon Easy-WebPrint EX
2020-04-29 16:23 - 2020-04-29 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja użytkownika drukarki Canon MG3200 series
2020-04-29 16:22 - 2020-04-29 16:22 - 000002109 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2020-04-29 16:16 - 2020-04-29 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-04-29 16:16 - 2020-04-29 16:22 - 000000000 ____D C:\Program Files\Canon
2020-04-29 16:15 - 2020-04-29 16:15 - 000002448 _____ C:\Users\Public\Desktop\Canon MG3200 series Podręcznik ekranowy.lnk
2020-04-29 16:15 - 2020-04-29 16:15 - 000000000 ___HD C:\ProgramData\CanonBJ
2020-04-29 16:15 - 2020-04-29 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3200 series Manual
2020-04-29 16:14 - 2020-04-29 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3200 series
2020-04-29 16:14 - 2020-04-29 16:14 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2020-04-29 16:14 - 2012-02-08 16:36 - 000363520 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B8L.dll
2020-04-29 16:14 - 2012-01-16 14:21 - 000287744 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B8C.dll
2020-04-29 16:14 - 2012-01-16 14:20 - 000106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B8I.dll
2020-04-29 16:13 - 2020-04-29 16:13 - 000000000 ___HD C:\Program Files\CanonBJ
2020-04-29 16:12 - 2020-04-29 19:16 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-04-29 15:47 - 2020-04-29 15:47 - 000000000 ____D C:\Users\user\AppData\Local\SlimWare Utilities Inc
2020-04-19 21:24 - 2020-04-19 21:25 - 000342704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-13 14:35 - 2020-04-19 19:06 - 000042386 _____ C:\Users\user\Desktop\Zaproszenie
2020-04-04 18:03 - 2020-04-04 18:03 - 000026971 _____ C:\Users\user\Desktop\Kartka Świąteczna

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2020-05-04 10:37 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-04 10:36 - 2017-01-27 18:49 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5468DCC9-2A3F-46DE-8504-498867907305}
2020-05-04 10:33 - 2016-10-19 20:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-04 10:32 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2020-05-04 10:23 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-04 10:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-03 22:16 - 2019-04-02 02:04 - 000000000 ___HD C:\$WINDOWS.~BT
2020-05-03 22:16 - 2016-10-19 20:49 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-03 22:14 - 2016-10-19 20:20 - 000004812 _____ C:\WINDOWS\diagwrn.xml
2020-05-03 22:14 - 2016-10-19 20:20 - 000003813 _____ C:\WINDOWS\diagerr.xml
2020-05-03 20:45 - 2016-10-19 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-03 20:01 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\registration
2020-05-03 19:37 - 2015-01-14 01:35 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2020-05-03 17:33 - 2015-01-14 20:00 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-05-03 16:15 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-05-03 12:48 - 2016-07-18 17:20 - 002924060 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 12:48 - 2016-07-17 00:05 - 001233792 _____ C:\WINDOWS\system32\perfh015.dat
2020-05-03 12:48 - 2016-07-17 00:05 - 000305200 _____ C:\WINDOWS\system32\perfc015.dat
2020-05-02 20:44 - 2015-01-10 17:31 - 000000000 ____D C:\ProgramData\Skype
2020-05-02 20:36 - 2019-11-30 17:43 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2020-05-02 19:14 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-02 16:13 - 2015-12-15 16:08 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-02 16:11 - 2016-10-19 19:57 - 000000000 ____D C:\Users\Rafał
2020-05-02 12:50 - 2017-01-18 22:43 - 000000000 ____D C:\WINDOWS\Minidump
2020-05-02 11:59 - 2016-10-19 20:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-05-01 18:17 - 2016-06-20 17:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Temp
2020-05-01 17:13 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2020-05-01 16:23 - 2015-09-01 23:25 - 000000000 ____D C:\Users\Rafał\AppData\Local\Packages
2020-05-01 16:09 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\WindowsApps
2020-05-01 16:08 - 2016-04-27 07:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-01 14:22 - 2016-07-18 15:12 - 000000036 _____ C:\WINDOWS\progress.ini
2020-05-01 13:04 - 2016-07-18 18:08 - 000000000 ___RD C:\Users\user\OneDrive
2020-05-01 13:02 - 2019-11-25 17:25 - 000000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2020-05-01 13:02 - 2019-11-25 16:42 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-01 13:02 - 2015-01-12 23:57 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-01 13:00 - 2015-01-11 17:17 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-30 19:17 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-04-29 17:05 - 2015-03-12 16:36 - 000000000 ___HD C:\ProgramData\CanonIJScan
2020-04-29 17:05 - 2015-01-11 20:08 - 000000000 ____D C:\Users\user\AppData\Roaming\Canon
2020-04-29 16:33 - 2019-11-25 21:23 - 000000000 ____D C:\Program Files\CUAssistant
2020-04-29 16:26 - 2016-07-16 13:47 - 000000000 __RSD C:\WINDOWS\Media
2020-04-29 16:26 - 2015-01-11 19:23 - 000000000 ____D C:\Program Files (x86)\Canon
2020-04-29 16:22 - 2015-01-11 19:36 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2020-04-29 15:47 - 2016-10-19 20:19 - 000002040 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2020-04-29 15:39 - 2019-12-12 20:01 - 000003822 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-29 15:39 - 2018-10-18 02:19 - 000003852 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-29 15:39 - 2016-12-29 20:53 - 000002358 _____ C:\WINDOWS\system32\Tasks\{FE77194C-0D1D-4E5A-9B5D-6BDB42E51B3E}
2020-04-29 15:39 - 2016-10-19 20:19 - 000003378 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-29 15:39 - 2016-10-19 20:19 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3729022659-4076590028-3572547655-500
2020-04-29 15:39 - 2016-10-19 20:19 - 000002364 _____ C:\WINDOWS\system32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
2020-04-29 15:39 - 2016-10-19 20:19 - 000002208 _____ C:\WINDOWS\system32\Tasks\{EE1691D4-E88E-4246-AC80-1BDB99B8D0ED}
2020-04-29 15:39 - 2016-10-19 20:19 - 000002188 _____ C:\WINDOWS\system32\Tasks\{602D10A1-B75B-4A48-82D2-3E15652DB32E}
2020-04-29 15:39 - 2016-10-19 20:19 - 000002170 _____ C:\WINDOWS\system32\Tasks\{765E170B-00BE-47E9-B174-5958B643586A}
2020-04-29 15:39 - 2016-10-19 20:19 - 000002092 _____ C:\WINDOWS\system32\Tasks\{A132B3F6-BB3A-42C7-9BB5-E7264182E0D0}
2020-04-29 15:39 - 2016-10-19 20:19 - 000002084 _____ C:\WINDOWS\system32\Tasks\{060908F4-E605-47F0-8AB3-58A46D2A38BD}
2020-04-29 15:39 - 2016-10-19 20:19 - 000002014 _____ C:\WINDOWS\system32\Tasks\{BD7E1FE7-4645-4210-A185-7C4742D7D0FC}
2020-04-29 15:39 - 2016-10-19 20:19 - 000001836 _____ C:\WINDOWS\system32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2020-04-28 21:28 - 2019-11-25 20:40 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2020-04-28 19:51 - 2015-01-08 14:09 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2020-04-28 08:59 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-28 08:59 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-19 18:49 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== Pliki w katalogu głównym wybranych folderów ========

2015-09-25 16:47 - 2015-09-25 16:47 - 000000000 _____ () C:\Users\user\AppData\Roaming\gdfw.log
2015-09-25 16:47 - 2015-09-25 16:47 - 000000779 _____ () C:\Users\user\AppData\Roaming\gdscan.log

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)


LastRegBack: 2020-05-03 15:23
==================== Koniec  FRST.txt ========================