CloseProcesses: CreateRestorePoint: EmptyTemp: Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamerHash.lnk [2018-07-22] ShortcutTarget: GamerHash.lnk -> C:\Users\ACER\AppData\Local\GamerHash\GamerHashLauncher.exe (Brak pliku) SearchScopes: HKU\S-1-5-21-3496770298-4158820376-4249610668-1001 -> DefaultScope {37662645-B856-493F-BA39-D93B5BAB0504} URL = SearchScopes: HKU\S-1-5-21-3496770298-4158820376-4249610668-1001 -> {37662645-B856-493F-BA39-D93B5BAB0504} URL = FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-06-28] [Przestarzałe] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-12-07] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11072272 2018-08-16] (LLC Mail.Ru) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10288768 2018-08-16] (LLC Mail.Ru) S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X] ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku Task: {05E2A11F-2FEC-4ACC-B2D8-E225E90BC58D} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {1CA60ACF-D501-4327-92F0-A4889DF90F24} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-24] (Google Inc.) Task: {D6799B47-EA53-4664-B166-3251220C84F0} - System32\Tasks\Opera scheduled Autoupdate 1520633944 => C:\Users\ACER\AppData\Local\Programs\Opera\launcher.exe Task: {FAB5BA91-1601-4913-9883-02E705B90632} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-24] (Google Inc.) AlternateDataStreams: C:\Users\Public\AppData:CSM [484] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480] FirewallRules: [TCP Query User{C39FC1A1-5A77-4FD3-9C60-9787DF567851}C:\users\acer\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh] => (Allow) C:\users\acer\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh FirewallRules: [UDP Query User{7BE3DC4C-0595-481F-AE6D-4F5253FBB7C2}C:\users\acer\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh] => (Allow) C:\users\acer\appdata\local\gamerhash\miners\claymore_dual_v2\ethdcrminer64.gh FirewallRules: [TCP Query User{14F920E6-EEA4-4785-86F5-D5FEBE195872}C:\users\acer\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Block) C:\users\acer\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh FirewallRules: [UDP Query User{93BB4ECB-92D8-41CE-A83C-A1D01AA0C45B}C:\users\acer\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Block) C:\users\acer\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh C:\users\acer\appdata\local\gamerhash C:\Users\ACER\Desktop\ \Epic Games Launcher.lnk C:\Users\ACER\Desktop\ \World_of_Warships_Eu.lnk C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\Odinstaluj World_of_Warships_Eu.lnk C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships_Eu\World_of_Warships_Eu.lnk C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamerHash.lnk C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\San Andreas Multiplayer.lnk C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Portal.lnk C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} CMD: ipconfig /flushdns RemoveProxy: