ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version) Tool run by Denise on 28/04/2021 at 13:08:18,07. Microsoft Windows 10 Home Single Language 10.0.19041 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Denise\Desktop\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe C:\Users\Denise\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\FileCoAuth.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Denise\AppData\Local\Temp\NirCmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeUpdateService] - AdobeUpdateService - c:\program files (x86)\common files\adobe\adobe desktop common\elevationmanager\adobeupdateservice.exe R2 - [AGMService] - Adobe Genuine Monitor Service - c:\program files (x86)\common files\adobe\adobegcclient\agmservice.exe R2 - [AGSService] - Adobe Genuine Software Integrity Service - c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [cplspcon] - Intel(R) Content Protection HDCP Service - c:\windows\system32\driverstore\filerepository\igdlh64.inf_amd64_6d34ac0763025a06\intelcphdcpsvc.exe R2 - [Dolby DAX2 API Service] - Dolby DAX2 API Service - c:\program files\dolby\dolby dax2\dax2_api\dolbydax2api.exe R2 - [ibtsiva] - Intel Bluetooth Service - c:\windows\system32\ibtsiva R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\driverstore\filerepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxcuiservice.exe R2 - [ImControllerService] - System Interface Foundation Service - c:\windows\lenovo\imcontroller\service\lenovo.modern.imcontroller.exe R2 - [McAfee WebAdvisor] - McAfee WebAdvisor - c:\program files\mcafee\webadvisor\servicehost.exe R2 - [McAPExe] - McAfee AP Service - c:\program files\common files\mcafee\vscore_20_12\mcapexe.exe R2 - [mccspsvc] - McAfee CSP Service - c:\program files\common files\mcafee\csp\4.1.106.0\\mccspservicehost.exe R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe R2 - [NvTelemetryContainer] - NVIDIA Telemetry Container - c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe R2 - [PEFService] - McAfee PEF Service - c:\program files\common files\mcafee\pef\core\pefservice.exe R2 - [RtkAudioService] - Realtek Audio Service - c:\program files\realtek\audio\hda\rtkaudioservice64.exe R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe R2 - [SynTPEnhService] - SynTPEnh Caller Service - c:\program files\synaptics\syntp\syntpenhservice.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\system32\driverstore\filerepository\igdlh64.inf_amd64_6d34ac0763025a06\intelcphecisvc.exe R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe S2 - [edgeupdate] - Serviço Microsoft Edge Update (edgeupdate) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe S3 - [ClientAnalyticsService] - ClientAnalyticsService - c:\program files\common files\mcafee\clientanalytics\legacy\mcclientanalytics.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [edgeupdatem] - Serviço Microsoft Edge Update (edgeupdatem) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\90.0.4430.93\elevation_service.exe S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [iaStorAfsService] - Intel(R) Optane(TM) Memory Service - c:\windows\iastorafsservice\iastorafsservice.exe S3 - [McAWFwk] - McAfee Activation Service - c:\program files\common files\mcafee\actwiz\mcawfwk.exe S3 - [McSecDashboardService] - McSecDashboardService - c:\program files\mcafeedashboard\mcsecdashboardservice.exe S3 - [MicrosoftEdgeElevationService] - Microsoft Edge Elevation Service - c:\program files (x86)\microsoft\edge\application\90.0.818.49\elevation_service.exe S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe S3 - [NvContainerNetworkService] - NVIDIA NetworkService Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2008.9-0\nissrv.exe S3 - [WinDefend] - Serviço Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2008.9-0\msmpeng.exe S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe S4 - [uhssvc] - Microsoft Update Health Service - c:\program files\microsoft update health tools\uhssvc.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3559305573-110923630-2143800218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-21-3559305573-110923630-2143800218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe --aamHelperPipeName={F0BB82D6-F969-440F-96FB-F2C741BEE4B6} --acccUpdated=true --appletVersion=1.0 --helperBridgeName={F0BB82D6-F969-440F-96FB-F2C741BEE4B6} --lbsInstallerWorkflowID={D3124E3F-2014-4A8F-9D60-2A6DD5032DC3} --lbsWorkflowID={4D5424AC-F130-4533-A34D-6557333D19DC} --mode=LBS --outGuidPath=C:\Users\Denise\AppData\Local\Temp\{EC8DFBB2-05F6-422C-8E8A-7760CFA551B6}\CCLBS\PDIM --selfDelete=C:\Users\Denise\AppData\Local\Temp\F14F3523-433D-4E0E-A5DF-0C0AFD3377665\CreativeCloudSet-Up.exe --shouldLaunchACC=false --showwindow=false --userGuid=DBE05D2A578CB83A7F000101@AdobeID --workflowId={4D5424AC-F130-4533-A34D-6557333D19DC} --waitForRegistration=true /RestartByRestartManager:129BF12B-52EF-49ea-9265-F16CFF23E3F3" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Creative Cloud"="C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "Adobe CCXProcess"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe --aamHelperPipeName={F0BB82D6-F969-440F-96FB-F2C741BEE4B6} --acccUpdated=true --appletVersion=1.0 --helperBridgeName={F0BB82D6-F969-440F-96FB-F2C741BEE4B6} --lbsInstallerWorkflowID={D3124E3F-2014-4A8F-9D60-2A6DD5032DC3} --lbsWorkflowID={4D5424AC-F130-4533-A34D-6557333D19DC} --mode=LBS --outGuidPath=C:\Users\Denise\AppData\Local\Temp\{EC8DFBB2-05F6-422C-8E8A-7760CFA551B6}\CCLBS\PDIM --selfDelete=C:\Users\Denise\AppData\Local\Temp\F14F3523-433D-4E0E-A5DF-0C0AFD3377665\CreativeCloudSet-Up.exe --shouldLaunchACC=false --showwindow=false --userGuid=DBE05D2A578CB83A7F000101@AdobeID --workflowId={4D5424AC-F130-4533-A34D-6557333D19DC} --waitForRegistration=true /RestartByRestartManager:129BF12B-52EF-49ea-9265-F16CFF23E3F3" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeGCInvoker-1.0"="C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" "DAX2_APP"="C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe -Hide" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe " ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AdobeGCInvoker-1.0" [C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\Explorer.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\LenovoUtility Task" [C:\Windows\explorer.exe] "C:\WINDOWS\SysNative\tasks\McAfeeLogon" [C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe] "C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"] "C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\WINDOWS\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-3559305573-110923630-2143800218-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\RtHDVBg_Dolby" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\RtHDVBg_LENOVO_DOLBYDRAGON" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance" ["%ProgramData%\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\Lenovo iM Controller Monitor" ["%windir%\system32\ImController.InfInstaller.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" ["%windir%\system32\sc.exe" START ImControllerService] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" [%windir%\System32\reg.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\TimeBasedEvents\2b916853-efc3-47c4-9604-d4aa07069b3c" ["C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\TimeBasedEvents\c72abf25-ea18-436f-925e-2a1e2eedaf7b" ["C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\TimeBasedEvents\c8f0e568-887f-4ddf-9699-fb9509afe0c8" ["C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\ImController\TimeBasedEvents\cdfb9e9f-e08e-4977-9f66-87a29cab2b57" ["C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance" [%systemroot%\system32\sc.exe start LenovoVantageService] "C:\WINDOWS\SysNative\tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" [C:\Program Files (x86)\Lenovo\VantageService\3.3.332.0\ScheduleEventAction.exe] "C:\WINDOWS\SysNative\tasks\McAfee\DAD.Execute.Updates" ["C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe"] "C:\WINDOWS\SysNative\tasks\McAfee\McAfee DAT Built in test" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi" [15/04/2021 16:32] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi" [15/04/2021 16:32] ==== Firefox XPI-files found: ====================== - __MSG_res_PRODUCT_NAME_TRADEMARKED__ - C:\Program Files\mcafee\WebAdvisor\e10ssaffplg.xpi - __MSG_PRODUCT_NAME__ - C:\Program Files\mcafee\WebAdvisor\e10ssbffplg.xpi - __MSG_ext_FullName__ - C:\Program Files\mcafee\WebAdvisor\e10swbffplg.xpi ==== Chromium Look ====================== Google Chrome Version: 90.0.4430.93 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] Slides - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf ColorZilla - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp YouTube - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Visual Inspector - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaejpgmekdkcngpbghnpcmbpbngoclc Sheets - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap ArtCultureHeritage - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Docs Offline - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Dark - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Vigia de Preço - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\hilpchhlogijamlemmggobblmfcdkomg Zoom Scheduler - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle Chrome Web Store Payments - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Player do NOW NET Claro - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\npflpmeannakjekldamofnldpiefjmmi Gmail - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ArtCultureHeritage - Denise\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd GoFullPage - Full Page Screen Capture - Denise\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hfaciehifhdcgoolaejkoncjciicbemc Font Finder - Denise\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hhojcpbmilabimndlmnbegcknapalgph Color Picker - Denise\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlefpjinggjhccheobegboicdcacepfg Dark - Denise\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{4144D0E0-3A2B-46B7-A574-F45E04380224}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{4144D0E0-3A2B-46B7-A574-F45E04380224}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{4144D0E0-3A2B-46B7-A574-F45E04380224} - http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE HKLM\Wow6432Node\SearchScopes "DefaultScope"="{4144D0E0-3A2B-46B7-A574-F45E04380224}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{4144D0E0-3A2B-46B7-A574-F45E04380224} - http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE HKCU\SearchScopes "DefaultScope"="{4144D0E0-3A2B-46B7-A574-F45E04380224}" HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{4144D0E0-3A2B-46B7-A574-F45E04380224} - No_Url_Value ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit= O1 - Hosts: ::1 teste.local #Local Site O1 - Hosts: ::1 www.teste.local #Local Site O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.49\BHO\ie_to_edge_bho.dll O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll ==== EOF on 28/04/2021 at 13:22:21,86 ======================