CloseProcesses:
CreateRestorePoint:
EmptyTemp:
(@ByELDI -> @ByELDI) [Brak podpisu cyfrowego] C:\Program Files\KMSpico\Service_KMS.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1622003101-2412608323-405720128-1001\...\Run: [tomek] => explorer.exe hxxp://exinariuminix.info <==== UWAGA
HKU\S-1-5-21-1622003101-2412608323-405720128-1001\...\MountPoints2: {2ee89dc9-aad2-11ea-b65a-98fa9b7bd7d1} - "H:\setup.exe" 
HKU\S-1-5-21-1622003101-2412608323-405720128-1001\...\MountPoints2: {2ee89dd0-aad2-11ea-b65a-98fa9b7bd7d1} - "I:\setup.exe" 
Task: {371EE13A-F17F-46BD-A2AD-959549E9FD2A} - System32\Tasks\tomek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v tomek /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== UWAGA
Task: {959DA974-8D11-40BA-85BE-DF6448E60311} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego]
Tcpip\..\Interfaces\{0b5e5c03-289f-4767-8296-767a7e627d51}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1cd4c2d3-1365-476d-bd4f-f2bda366106d}: [DhcpNameServer] 192.168.0.1
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego]
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X]
U3 avgbdisk; Brak ImagePath
2021-03-01 22:38 - 2021-03-15 17:17 - 000000000 ____D C:\Program Files\KMSpico
2021-03-01 22:38 - 2021-03-01 22:38 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2021-03-01 22:38 - 2021-03-01 22:38 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2021-03-01 22:38 - 2021-03-01 22:38 - 000003476 _____ C:\Windows\system32\Tasks\AutoPico Daily Restart
2021-03-01 22:38 - 2021-03-01 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Programy\WinRAR\rarext.dll -> Brak pliku
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Programy\WinRAR\rarext32.dll -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Brak pliku
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Brak pliku
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Programy\WinRAR\rarext.dll -> Brak pliku
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Programy\WinRAR\rarext32.dll -> Brak pliku
IE trusted site: HKU\S-1-5-21-1622003101-2412608323-405720128-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1622003101-2412608323-405720128-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [TCP Query User{422BCD22-446A-46C9-B8C6-D8CE87CE6A4A}E:\gry\thelongdark\tld.exe] => (Allow) E:\gry\thelongdark\tld.exe => Brak pliku
FirewallRules: [UDP Query User{9E85AF84-7D88-4D76-89B5-53D5A8F47BBC}E:\gry\thelongdark\tld.exe] => (Allow) E:\gry\thelongdark\tld.exe => Brak pliku
FirewallRules: [TCP Query User{608B7765-F46B-4809-A431-33DD67B6FF3D}F:\gry\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) F:\gry\age of empires ii definitive edition\aoe2de_s.exe => Brak pliku
FirewallRules: [UDP Query User{916BC97B-FDF6-4119-9578-08CD745C8698}F:\gry\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) F:\gry\age of empires ii definitive edition\aoe2de_s.exe => Brak pliku
FirewallRules: [TCP Query User{ED3023E8-8083-401C-BE69-111E5257028B}F:\gry\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) F:\gry\age of empires ii definitive edition\battleserver\battleserver.exe => Brak pliku
FirewallRules: [UDP Query User{E0075A2C-EA2E-425F-A0E1-4D0273075E19}F:\gry\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) F:\gry\age of empires ii definitive edition\battleserver\battleserver.exe => Brak pliku
FirewallRules: [TCP Query User{2AE6CDDE-4002-44BA-9116-25F7C20A622E}C:\users\tomek\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\tomek\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku
FirewallRules: [UDP Query User{B520C4D9-814B-4099-8277-588287B20EF7}C:\users\tomek\appdata\local\programs\opera\67.0.3575.79\opera.exe] => (Block) C:\users\tomek\appdata\local\programs\opera\67.0.3575.79\opera.exe => Brak pliku
FirewallRules: [{43294243-9251-4245-9F97-6E37F77C35DB}] => (Allow) D:\Gry\Anno 1701\Anno1701.exe => Brak pliku
FirewallRules: [{28A98217-284A-4FD1-9D62-90E3EB42AFE1}] => (Allow) D:\Gry\Anno 1701\Anno1701.exe => Brak pliku
FirewallRules: [TCP Query User{AC2E9672-842B-44CF-9370-C8BCBC2803DC}C:\users\tomek\downloads\the-long-dark-repack-games.com\the long dark fearless navigator\tld.exe] => (Allow) C:\users\tomek\downloads\the-long-dark-repack-games.com\the long dark fearless navigator\tld.exe => Brak pliku
FirewallRules: [UDP Query User{A386AB1F-ED28-4E86-8683-2F938AEC4479}C:\users\tomek\downloads\the-long-dark-repack-games.com\the long dark fearless navigator\tld.exe] => (Allow) C:\users\tomek\downloads\the-long-dark-repack-games.com\the long dark fearless navigator\tld.exe => Brak pliku
FirewallRules: [TCP Query User{5BD2B19D-4B0C-4A79-A05F-379BA3962FF3}E:\games\war for the overworld\wftogame.exe] => (Block) E:\games\war for the overworld\wftogame.exe => Brak pliku
FirewallRules: [UDP Query User{6CFD2CB0-6479-4638-91C4-E31542D0F183}E:\games\war for the overworld\wftogame.exe] => (Block) E:\games\war for the overworld\wftogame.exe => Brak pliku
FirewallRules: [{0BF5168A-EA2A-405E-9699-4271BE779E37}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Brak pliku
FirewallRules: [{5DA33247-39B8-47D7-B190-D40CDBDEDCBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Brak pliku
FirewallRules: [{5712CECB-AA48-497D-80D5-11DB504C5BBC}] => (Allow) C:\Users\tomek\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
FirewallRules: [{17C8AF4E-D3ED-4A79-B884-F2B69CEB4606}] => (Allow) C:\Users\tomek\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
RemoveProxy:
Hosts: