CloseProcesses:
CreateRestorePoint:
EmptyTemp:
cmd: type C:\Users\dawid\_readme.txt
File: C:\Users\dawid\kfjbrcec.exe
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\Run: [fjmygdby] => "C:\Users\dawid\kfjbrcec.exe"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {C997B6CD-85E3-42D8-AA8D-5D8F7B24DB9E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Tcpip\..\Interfaces\{1b42b148-ab99-4ded-b599-a050f5f5e428}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{2d66b4ba-3083-43dd-b6ce-3e10a26ac447}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{407c89ad-b752-497e-9b29-05dc2e7c4a14}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{566af078-be37-42cf-bd1f-ccfe204caa4d}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{566af078-be37-42cf-bd1f-ccfe204caa4d}: [DhcpNameServer] 192.168.1.1
U1 avgbdisk; Brak ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
2020-09-21 08:59 - 2020-09-21 21:10 - 000000000 ____D C:\Users\dawid\AppData\Roaming\1xpqij3v140
2020-09-21 08:54 - 2020-09-21 21:10 - 000000000 ____D C:\Users\dawid\AppData\Roaming\3t3f3tn1kuo
2020-09-21 08:46 - 2020-09-21 08:46 - 000001111 _____ C:\Users\dawid\_readme.txt
2020-09-21 08:45 - 2020-09-21 21:10 - 000000000 ____D C:\Users\dawid\AppData\Roaming\feti2hzjhkx
2020-09-21 08:42 - 2020-09-21 08:42 - 000000561 _____ C:\Users\dawid\AppData\Local\bowsakkdestx.txt
2020-09-21 08:42 - 2020-09-21 08:42 - 000000000 ____D C:\SystemID
2020-09-21 08:42 - 2020-09-21 08:42 - 000000000 ____D C:\ProgramData\r4q9v7t7r9q9v7t7r9
2020-09-21 08:41 - 2020-09-21 21:10 - 000000000 ____D C:\Users\dawid\AppData\Roaming\vplz4diki15
2020-09-21 08:41 - 2020-09-21 08:41 - 000032768 _____ C:\WINDOWS\SysWOW64\d
C:\Users\dawid\kfjbrcec.exe
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Brak pliku
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Brak pliku
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Brak pliku
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Brak pliku
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Brak pliku
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Brak pliku
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Brak pliku
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Brak pliku
AlternateDataStreams: C:\Users\dawid:.repos [616616]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [754]
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE trusted site: HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\localhost -> localhost
HKLM\...\StartupApproved\Run32: => "kissq"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\StartupApproved\Run: => "FB2D9UHG1KT66RM"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\StartupApproved\Run: => "PZJEX81DRSF148Z"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\StartupApproved\Run: => "LRHYBB2FAR25IBP"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\StartupApproved\Run: => "99MULU44V8C1RWQ"
HKU\S-1-5-21-4016905503-1915356772-76512361-1001\...\StartupApproved\Run: => "fjmygdby"
FirewallRules: [UDP Query User{D468F17A-479F-4A67-A890-E1808612B8E2}D:\gry\counter-strike 1.6 v23\hl.exe] => (Allow) D:\gry\counter-strike 1.6 v23\hl.exe => Brak pliku
FirewallRules: [TCP Query User{238597CB-2E0D-40B6-AEC2-82F81CD26BBD}D:\gry\counter-strike 1.6 v23\hl.exe] => (Allow) D:\gry\counter-strike 1.6 v23\hl.exe => Brak pliku
FirewallRules: [{D55B1A4D-DB00-486D-B0B9-2CC482828BA4}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Brak pliku
FirewallRules: [{5B62395D-D9CF-4F63-9447-09524F7E0081}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => Brak pliku
FirewallRules: [UDP Query User{F169BDDB-2F41-404F-B3BF-6BE350F102B4}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{1EC4E740-03D1-4354-9E65-7830B0FA0380}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{274564C4-CB54-4228-9C77-F20465F6E6ED}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Brak pliku
FirewallRules: [{420B8994-E36C-4221-91FF-720D01EEB13B}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Brak pliku
FirewallRules: [{796E0E1D-9E2E-40F7-85BE-3A6786D40F5B}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe => Brak pliku
FirewallRules: [{84FE7DE3-B871-488F-9D97-D654F7E4A919}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe => Brak pliku
FirewallRules: [UDP Query User{1668887F-EB0A-45C6-A2D0-5F7CA5799418}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{8B40F19A-0986-45F0-840D-8560EBD54FE6}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{1EF0FEA2-D6F0-4E28-94C2-E39436B44E1F}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [{43C82A46-2F67-454A-BAA9-23DD562BA853}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe => Brak pliku
FirewallRules: [UDP Query User{012E7453-915D-4BC2-9040-063B07390582}D:\need for speed world\nfsw.exe] => (Allow) D:\need for speed world\nfsw.exe => Brak pliku
FirewallRules: [TCP Query User{6F72053C-F657-458D-88AE-5D863052B1DC}D:\need for speed world\nfsw.exe] => (Allow) D:\need for speed world\nfsw.exe => Brak pliku
FirewallRules: [{682E1ACE-D84F-4EA3-9039-A1794840632F}] => (Allow) C:\Users\dawid\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [{58A6A7D4-FB68-4ED1-8030-1BAEB7D60DDB}] => (Allow) C:\Users\dawid\AppData\Roaming\uTorrent\uTorrent.exe => Brak pliku
FirewallRules: [TCP Query User{718E4200-869F-4DF7-B948-A3C1A62DCCAB}D:\gry\counter-strike source classic\hl2.exe] => (Allow) D:\gry\counter-strike source classic\hl2.exe => Brak pliku
FirewallRules: [UDP Query User{C118AB7F-529F-4FAC-A271-7943AAEAFDC0}D:\gry\counter-strike source classic\hl2.exe] => (Allow) D:\gry\counter-strike source classic\hl2.exe => Brak pliku
FirewallRules: [{9D50F4B1-3629-40EE-BB3F-C365000FB6DC}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Brak pliku
FirewallRules: [{E8F4DF1F-55C6-47A7-9EEC-DC4C87DF4DDC}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Brak pliku
FirewallRules: [{11C23589-4657-49E0-B924-08BD0781EAF6}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Brak pliku
FirewallRules: [{F105DA6F-42D0-49CA-88AE-EED0C4658DBC}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Brak pliku
FirewallRules: [TCP Query User{09C46D62-E981-4ACE-A5EA-331BAC8136A3}D:\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe => Brak pliku
FirewallRules: [UDP Query User{1FCFC847-268F-4D01-A465-77E1E474157B}D:\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\steamlibrary\steamapps\common\rocketleague\binaries\win64\rocketleague.exe => Brak pliku
FirewallRules: [TCP Query User{AB99A382-A96D-479A-AA04-8B0DEBC4EAB2}C:\program files (x86)\common files\oracle\java\javapath_target_2885031\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_2885031\java.exe
FirewallRules: [UDP Query User{23814820-479E-4405-8AE4-775C2639040E}C:\program files (x86)\common files\oracle\java\javapath_target_2885031\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_2885031\java.exe
Hosts:
RemoveProxy:

StartBatch:
cd C:\WINDOWS\system32\config\systemprofile\AppData\Local
mkdir TileDataLayer
cd TileDataLayer
mkdir Database
EndBatch: