UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
GroupPolicy-x32: Ograniczenia ? <==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
CustomCLSID: HKU\S-1-5-21-261250403-3542735005-1783484933-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-261250403-3542735005-1783484933-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-261250403-3542735005-1783484933-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Brak pliku
FirewallRules: [{DA4C3FCD-DEAF-4038-9436-1CEA66648478}] => (Allow) C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{7BAE9F3F-FCC8-4438-8E1A-2D123B70719E}] => (Allow) C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [TCP Query User{962DABD7-2C94-4E48-9D30-05940D18E0BB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Brak pliku
FirewallRules: [UDP Query User{00D3BDF4-754A-4957-A1E9-E50685346CC0}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Brak pliku
FirewallRules: [TCP Query User{F42CB0A3-AA8B-42B9-8B82-D2F5F58AEF3C}D:\riot games\league of legends\game\league of legends.exe] => (Allow) D:\riot games\league of legends\game\league of legends.exe => Brak pliku
FirewallRules: [UDP Query User{4F5E576F-29C5-4CBF-ADB3-900856D157B3}D:\riot games\league of legends\game\league of legends.exe] => (Allow) D:\riot games\league of legends\game\league of legends.exe => Brak pliku
FirewallRules: [TCP Query User{D9A6DAAC-6226-4488-B9EF-670A00B9AA34}D:\call of duty warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty warzone\call of duty modern warfare\modernwarfare.exe => Brak pliku
FirewallRules: [UDP Query User{5F723655-7275-4CDC-B5C7-E927DA5FB540}D:\call of duty warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty warzone\call of duty modern warfare\modernwarfare.exe => Brak pliku
FirewallRules: [TCP Query User{E69D28ED-9F13-40C4-9852-99034DB1346D}C:\programy\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) C:\programy\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe => Brak pliku
FirewallRules: [UDP Query User{45126DAF-0E7B-414E-AC83-ECAE3CB4759C}C:\programy\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) C:\programy\gog galaxy\games\divinity - original sin 2\defed\bin\eocapp.exe => Brak pliku
FirewallRules: [TCP Query User{EEA74CFE-2B5A-4B89-A9BE-F6AAA2BF57EB}D:\epic games\gtav\gta5.exe] => (Allow) D:\epic games\gtav\gta5.exe => Brak pliku
FirewallRules: [UDP Query User{4F03E62D-B131-48EE-AE8E-A403F749D71D}D:\epic games\gtav\gta5.exe] => (Allow) D:\epic games\gtav\gta5.exe => Brak pliku
FirewallRules: [{C697DFBE-9432-4688-A51A-69E148826AEC}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
FirewallRules: [{D4EF863C-0EC8-4BA1-9B43-6EE37AEF21B3}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku
FirewallRules: [TCP Query User{B4B5CA80-C34F-4B70-BEA6-D58B98D24A1B}D:\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe => Brak pliku
FirewallRules: [UDP Query User{8F3E91AE-2D8A-41B7-B50B-6B3E7F82155E}D:\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe => Brak pliku
FirewallRules: [TCP Query User{4D41AE54-20F2-4DE0-9CAA-556D42400EFC}D:\heroes of the storm\versions\base82624\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base82624\heroesofthestorm_x64.exe => Brak pliku
FirewallRules: [UDP Query User{3C5841DD-3C8E-41AB-8944-6AB37B7A2AC8}D:\heroes of the storm\versions\base82624\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base82624\heroesofthestorm_x64.exe => Brak pliku
FirewallRules: [TCP Query User{80A6F97B-DF0E-4FBA-9673-77B58EF77C04}C:\programy\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\programy\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku
FirewallRules: [UDP Query User{D59546E7-3C0A-48B7-B768-E3816525EB30}C:\programy\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\programy\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku
FirewallRules: [{1C4EE555-25F4-42A8-84CB-4190E6218771}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => Brak pliku
EmptyTemp:
Windows Defender:
===================================
Date: 2019-12-23 13:56:39.806
Description:
Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nazwa: HackTool:Win32/AutoKMS
Identyfikator: 2147685180
Ważność: Wysoki
Kategoria: Narzędzie
Ścieżka: file:_E:\KMSAuto Net.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DESKTOP-UCRVDKL\PC
Nazwa procesu: C:\Users\PC\Desktop\TotalCommanderPortable\TotalCommander\TOTALCMD.EXE
Wersja analizy zabezpieczeń: AV: 1.307.1002.0, AS: 1.307.1002.0, NIS: 1.307.1002.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2019-12-23 13:56:19.308
Description:
Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nazwa: HackTool:Win32/AutoKMS
Identyfikator: 2147685180
Ważność: Wysoki
Kategoria: Narzędzie
Ścieżka: file:_E:\KMSAuto Net.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DESKTOP-UCRVDKL\PC
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.307.1002.0, AS: 1.307.1002.0, NIS: 1.307.1002.0
Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
UA: Mozilla/5.0 (Linux; Android 9; 5053K_EEA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.93 Mobile Safari/537.36
"ESProtectionDriver" => serwis nie został odblokowany. <==== UWAGA
2021-01-31 10:55 - 2019-12-23 18:54 - 000000000 ____D C:\ProgramData\KMSAutoS
EmptuTemp:
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36
UA: Mozilla/5.0 (Linux; Android 9; 5053K_EEA) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.93 Mobile Safari/537.36
Zarejestrowani użytkownicy: Bing [Bot]