REKLAMA

FRST.txt

Asus stacjonarny, infekcje mimo skanowania AdwCleaner i Malwarebytes

logi w załączeniu.


Pobierz plik - link do postu

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-06-2020
Uruchomiony przez User (administrator) DESKTOP-S4TKNTA (PRIMINFO UNLOCK INSTALL) (29-06-2020 02:30:51)
Uruchomiony z C:\Users\User\Downloads
Załadowane profile: User
Platform: Windows 10 Pro Wersja 1909 18363.900 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(BitTorrent Inc - & gt; BitTorrent Inc.) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc - & gt; BitTorrent Inc.) C:\Users\User\AppData\Roaming\BitTorrent\updates\7.10.5_45665\bittorrentie.exe & lt; 2 & gt;
(BitTorrent Inc - & gt; BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc - & gt; BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.5_45704\utorrentie.exe & lt; 2 & gt;
(BitTorrent Inc - & gt; BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 31 & gt;
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett Packard - & gt; Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc - & gt; HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc - & gt; HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe
(Malwarebytes Corporation - & gt; Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation - & gt; Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation - & gt; Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.0.5(1).exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\Teams\current\Teams.exe & lt; 8 & gt;
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PLARIUM GLOBAL LTD. - & gt; ) C:\Users\User\AppData\Local\Plarium\PlariumPlay\6.1.0-0.0.1\PlariumPlayClientService.exe
(PLARIUM GLOBAL LTD. - & gt; ) C:\Users\User\AppData\Local\Plarium\PlariumPlay\6.1.0-0.0.1\TrayPP.exe
(PLARIUM GLOBAL LTD. - & gt; Plarium) C:\Users\User\AppData\Local\Plarium\PlariumPlay\6.1.0-0.0.1\PlariumPlay.exe & lt; 4 & gt;
(Sony Mobile Communications AB - & gt; Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Sony) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(VIA Technologies, Inc - & gt; VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM-x32\...\Run: [MPlayerForWindows_UpdateReminder] = & gt; C:\Program Files (x86)\MPlayer for Windows\AutoUpdate.exe [235005 2010-10-17] () [Brak podpisu cyfrowego] [Plik w użyciu]
HKLM-x32\...\Run: [HP Software Update] = & gt; C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company - & gt; Hewlett-Packard)
HKLM-x32\...\Run: [TeamsMachineInstaller] = & gt; C:\Program Files (x86)\Teams Installer\Teams.exe [97127680 2019-12-08] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. - & gt; Oracle Corporation)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [OneDrive] = & gt; C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1591160 2020-06-18] (Microsoft Corporation - & gt; Microsoft Corporation)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [HP Officejet Pro 8610 (NET)] = & gt; C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard - & gt; Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [uTorrent] = & gt; C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2078952 2020-06-21] (BitTorrent Inc - & gt; BitTorrent Inc.)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [Chromium] = & gt; " c:\users\user\appdata\local\chromium\application\chrome.exe " --auto-launch-at-startup --profile-directory= " Default " --restore-last-session
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [com.squirrel.Teams.Teams] = & gt; C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-05-29] (Microsoft 3rd Party Application Component - & gt; Microsoft Corporation)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [XperiaCompanionAgent] = & gt; C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-10-22] (Sony Mobile Communications AB - & gt; Sony)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [BitTorrent] = & gt; C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1896184 2020-06-11] (BitTorrent Inc - & gt; BitTorrent Inc.)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [HP ENVY 5000 (NET)] = & gt; C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc - & gt; HP Inc.)
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\...\Run: [PlariumPlay] = & gt; C:\Users\User\AppData\Local\Plarium\PlariumPlay\PlariumPlay --args -run-with-os
HKU\S-1-5-21-2362631602-3406235986-567690777-1001\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\WINDOWS\SIMAQU~1.SCR [2815201 2005-02-09] (Digital Illusions Software - ss3d.com) [Brak podpisu cyfrowego] [Plik w użyciu]
HKLM\...\Print\Monitors\HP 7112 Status Monitor: C:\WINDOWS\system32\hpinksts7112LM.dll [328704 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher - & gt; Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8610): C:\WINDOWS\system32\HPDiscoPM7112.dll [763912 2014-07-21] (Hewlett Packard - & gt; Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-23] (Google LLC - & gt; Google LLC)

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {06CB4F13-375D-4A15-AFF8-CC80F4A9FE3A} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-07] (Google LLC - & gt; Google LLC)
Task: {0CDAD991-6469-4794-A18D-57C4B40DA347} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {186A2B05-90DE-423A-B0D9-292622B0623B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {18A43FBD-01FB-4D7F-B084-17B172FD85C6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-17] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {195CEAFE-59B2-4305-89B9-E16142514035} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-17] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {1D7AE171-ED75-4F10-8FF1-5F9BAF67FDC3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {359F4236-8C6F-4CEA-8159-1EC675011AB7} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-07] (Google LLC - & gt; Google LLC)
Task: {5784A2DF-4BFC-4FC4-9508-D2A6DA95B9C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {58C3A791-08AB-4712-AF77-B43C488B5561} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {74ACEEF4-5C19-40A4-A41C-EE42C3C5C323} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance = & gt; C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1861528 2020-06-17] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {7BC33EA3-A9E8-4CED-A040-7F5AADC56FE7} - System32\Tasks\HPCustParticipation HP ENVY 5000 series = & gt; C:\Program Files\HP\HP ENVY 5000 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc - & gt; HP Inc.)
Task: {8F88902D-38B8-4387-9992-01306A689AA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {A320CBE8-266B-4EB2-B70B-7F62484250DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C428B0CB-E090-491E-A95D-2CC98AB5181C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task = & gt; C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2742136 2020-06-18] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C759D566-46F4-4569-9E77-6AF52962E026} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {D9A71C11-DD94-4EC5-B177-F3B901DF407B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 = & gt; C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard - & gt; Hewlett-Packard Development Company, LP)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{25bc8ac8-35cb-45b5-b4d5-a13976e891f2}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-22] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-24] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-24] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO: DVDVideoSoft IE Extension - & gt; {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - & gt; C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-10-30] (DVDVideoSoft Ltd. - & gt; DVDVideoSoft Ltd.) [Brak podpisu cyfrowego] [Plik w użyciu]
BHO-x32: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-22] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: DVDVideoSoft IE Extension - & gt; {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - & gt; C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-10-30] (DVDVideoSoft Ltd. - & gt; DVDVideoSoft Ltd.) [Brak podpisu cyfrowego] [Plik w użyciu]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation - & gt; Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-28]
Edge HomePage: Default - & gt; hxxp://www.google.com/
Edge NewTab: Default - & gt; Active: " chrome-extension://ocggccaacacpienfcgmgcihoombokbbj/pages/newtab/newtab.html "
Edge Extension: (Tłumacz Google) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-23]
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-05-23]
Edge Extension: (Emoji Keyboard - Emojis For Chrome) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbcgkphadgmbalmlklhbdagcicajenei [2020-05-23]
Edge Extension: (Paint Editor - Marker for Chrome) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghjhkcjbojpgiebboplfidlbapdpgihn [2020-05-23]
Edge Extension: (Volume Master - kontroler głośności) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2020-05-23]
Edge Extension: (Nowa karta Microsoft News) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lklfbkdigihjaaeamncibechhgalldgl [2020-05-23]
Edge Extension: (Live Start Page - Living Wallpapers) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoombokbbj [2020-05-23]

FireFox:
========
FF DefaultProfile: 0xt3160i.default
FF ProfilePath: C:\Users\User\AppData\Roaming\BitTube\BitTubeBrowser\Profiles\0xt3160i.default [2020-06-17]
FF ProfilePath: C:\Users\User\AppData\Roaming\BitTube\BitTubeBrowser\Profiles\1o2ydqeu.default-default [2020-06-17]
FF Extension: (BitTube-AirTime, Donations, Adblocker, Wallet) - C:\Users\User\AppData\Roaming\BitTube\BitTubeBrowser\Profiles\1o2ydqeu.default-default\Extensions\{b2e8325b-bdb9-4734-9823-fb89ebbf3da3}.xpi [2020-06-17]
FF Plugin: @java.com/DTPlugin,version=11.251.2 - & gt; C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-24] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 - & gt; C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-24] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-22] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-22] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-22] (Microsoft Corporation - & gt; Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-06-29]
CHR HomePage: Default - & gt; hxxp://www.google.com/
CHR NewTab: Default - & gt; Not-active: " chrome-extension://ocggccaacacpienfcgmgcihoombokbbj/pages/newtab/newtab.html " , Not-active: " chrome-extension://lklfbkdigihjaaeamncibechhgalldgl/iframe_msn.html "
CHR DefaultSearchURL: Default - & gt; hxxps://u.alicdn.com/mobile/img/common/favicons/android-chrome-36x36.png
CHR Extension: (Tłumacz Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentacje) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-07]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-07]
CHR Extension: (Dysk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-07]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-07]
CHR Extension: (Honey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-06-13]
CHR Extension: (Delshad ios Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgdjjebddaafnmhpekjcfloclgoiikkm [2020-06-11]
CHR Extension: (Alibaba.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmiijanckpamlbclbkmdlcbiidgnioi [2020-06-27]
CHR Extension: (Emoji Keyboard - Emojis For Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcgkphadgmbalmlklhbdagcicajenei [2020-03-14]
CHR Extension: (Arkusze) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Paint Editor - Marker for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjhkcjbojpgiebboplfidlbapdpgihn [2020-03-23]
CHR Extension: (Volume Master - kontroler głośności) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2020-03-13]
CHR Extension: (Grammarly for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-06-17]
CHR Extension: (Nowa karta Microsoft News) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lklfbkdigihjaaeamncibechhgalldgl [2020-04-27]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-07]
CHR Extension: (Live Start Page - Living Wallpapers) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoombokbbj [2020-06-17]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-27]
CHR HKU\S-1-5-21-2362631602-3406235986-567690777-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2020-03-18]