CreateRestorePoint:
CloseProcesses:
EmptyTemp:
File: C:\Program Files\KMSpico\Service_KMS.exe
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] True
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\...\MountPoints2: {100e2404-bc74-11eb-9e6b-001a7dda7113} - "E:\LGAutoRun.exe" 
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\...\MountPoints2: {b429d623-9db1-11ea-9b09-04d9f5d5749d} - "E:\iStudio.exe" 
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\...\MountPoints2: {b7d56483-c15c-11eb-9e73-001a7dda7113} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\...\MountPoints2: {bd32edcd-ab34-11eb-9e30-001a7dda7113} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2189424308-2120336341-826723754-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] True
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {53620F93-8E55-4AA0-B586-87E287F0F5D2} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-12] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego]
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Tcpip\..\Interfaces\{9bae79a6-d25d-431c-bba8-7fc7f3d10b6b}: [DhcpNameServer] 192.168.5.1
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego]
2021-05-23 14:09 - 2021-07-01 12:51 - 000002548 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart
2020-04-20 15:52 - 2020-04-20 15:52 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2020-04-20 15:52 - 2020-04-20 15:52 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
C:\Program Files\KMSpicoContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} =>  -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} =>  -> Brak pliku
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mhqnqunq.sys:changelist [2286]
AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [109]
HKU\S-1-5-21-2189424308-2120336341-826723754-1001\Software\Classes\regfile: regedit.exe "%1" <==== UWAGA
BHO: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2013-05-31] (IVONA Software Sp. z o.o. -> IVONA Software Sp. z o.o.)
BHO-x32: IVONA Reader -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2013-05-31] (IVONA Software Sp. z o.o. -> IVONA Software Sp. z o.o.)
Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll [2013-05-31] (IVONA Software Sp. z o.o. -> IVONA Software Sp. z o.o.)
Toolbar: HKLM-x32 - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll [2013-05-31] (IVONA Software Sp. z o.o. -> IVONA Software Sp. z o.o.)
HKLM\...\StartupApproved\StartupFolder: => "ViPER4Windows.lnk"
C:\Program Files\KMSpico
RemoveProxy:
Hosts: