
ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version)
Tool run by ddjan on 29/06/2021 at 14:45:54,91.
Microsoft Windows 10 Home 10.0.19043  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ddjan\Desktop\ZA-Scan.exe [Z-Analyse Scan]

==== Running Processes ======================

C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
C:\Windows\SysWOW64\atashost.exe
E:\Programas\Corsair SSD Toolbox\CSSDTService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\LightingService\LightingService.exe
C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe
C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
E:\Programas\Corsair Link\CorsairLink4.exe
E:\Programas\Corsair Link\CorsairLink4.Service.exe
C:\Users\ddjan\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_isolation.exe
C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server-v2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\transport_proxy.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Users\ddjan\AppData\Local\Temp\ZAScan.exe

==== Services(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\4.00.38\atkexcomsvc.exe
R2 - [atashost] - WebEx Service Host for Support Center - c:\windows\syswow64\atashost.exe
R2 - [AVP21.3] - Serviço do Kaspersky Anti-Virus 21.3 - c:\program files (x86)\kaspersky lab\kaspersky total security 21.3\avp.exe
R2 - [Backupper Service] - AOMEI Backupper Scheduler Service - c:\program files (x86)\aomei\aomei backupper\6.5.0\abservice.exe
R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
R2 - [CorsairGamingAudioConfig] - Corsair Gaming Audio Configuration Service - c:\windows\system32\corsairgamingaudiocfgservice64.exe
R2 - [CorsairLLAService] - Corsair LLA Service - c:\program files\corsair\corsair icue 4 software\cuellaccessservice.exe
R2 - [CorsairMsiPluginService] - Corsair MSI Plugin Service - c:\program files\corsair\corsair icue 4 software\corsairmsipluginservice.exe
R2 - [CorsairService] - Corsair Service - c:\program files\corsair\corsair icue 4 software\corsair.service.exe
R2 - [CorsairSSDToolBox] - CorsairSSDTool - e:\programas\corsair ssd toolbox\cssdtservice.exe
R2 - [ibtsiva] - Intel Bluetooth Service - c:\windows\system32\ibtsiva
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\windows\system32\driverstore\filerepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
R2 - [kpm_launch_service] - Kaspersky Password Manager Service - c:\program files (x86)\kaspersky lab\kaspersky password manager 9.0.2\kpm_service.exe
R2 - [LGHUBUpdaterService] - LGHUB Updater Service - c:\program files\lghub\lghub_updater.exe
R2 - [LightingService] - LightingService - c:\program files (x86)\lightingservice\lightingservice.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe
R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_4a746d937e6a7240\display.nvcontainer\nvdisplay.container.exe
R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [CLink4Service] - Corsair LINK 4 - e:\programas\corsair link\corsairlink4.service.exe
R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe
S2 - [AsusUpdateCheck] - AsusUpdateCheck - c:\windows\system32\asusupdatecheck.exe
S2 - [edgeupdate] - Serviço Microsoft Edge Update (edgeupdate) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [Intel(R) TPM Provisioning Service] - Intel(R) TPM Provisioning Service - c:\windows\system32\driverstore\filerepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\tpmprovisioningservice.exe
S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
S3 - [BEService] - BattlEye Service - c:\program files (x86)\common files\battleye\beservice.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [EasyAntiCheat] - EasyAntiCheat - c:\program files (x86)\easyanticheat\easyanticheat.exe
S3 - [edgeupdatem] - Serviço Microsoft Edge Update (edgeupdatem) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FileSyncHelper] - FileSyncHelper - c:\program files (x86)\microsoft onedrive\21.109.0530.0001\filesynchelper.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [FvSvc] - NVIDIA FrameView SDK service - c:\program files\nvidia corporation\frameviewsdk\nvfvsdksvc_x64.exe
S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\91.0.4472.124\elevation_service.exe
S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\windows\system32\driverstore\filerepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\socketheciserver.exe
S3 - [klvssbridge64_21.3] - Kaspersky Volume Shadow Copy Service Bridge 21.3 - c:\program files (x86)\kaspersky lab\kaspersky total security 21.3\x64\vssbridge64.exe
S3 - [KSDE4.0] - Serviço do Kaspersky Secure Connection 4.0 - c:\program files (x86)\kaspersky lab\kaspersky secure connection 4.0\ksde.exe
S3 - [MicrosoftEdgeElevationService] - Microsoft Edge Elevation Service - c:\program files (x86)\microsoft\edge\application\91.0.864.59\elevation_service.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [OneDrive Updater Service] - OneDrive Updater Service - c:\program files (x86)\microsoft onedrive\21.109.0530.0001\onedriveupdaterservice.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe
S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe
S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2102.3-0\nissrv.exe
S3 - [WinDefend] - Serviço Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2102.3-0\msmpeng.exe
S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe
S4 - [uhssvc] - Microsoft Update Health Service - c:\program files\microsoft update health tools\uhssvc.exe

==== Drivers(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\WINDOWS\system32\Drivers\ACPI.sys
R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
R0 - [ambakdrv] - ambakdrv - C:\WINDOWS\system32\Drivers\ambakdrv.sys [x]
R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
R0 - [cm_km] - AO Kaspersky Lab Cryptographic Module x64 (56 bit) - C:\WINDOWS\system32\Drivers\cm_km.sys
R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
R0 - [disk] - Driver de disco - C:\WINDOWS\system32\Drivers\disk.sys
R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys
R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\WINDOWS\system32\Drivers\intelpep.sys
R0 - [iorate] - Driver do Filtro de Taxa de E/S de Disco - C:\WINDOWS\system32\Drivers\iorate.sys
R0 - [klupd_klif_arkmon] - klupd_klif_arkmon - C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
R0 - [klupd_klif_klbg] - klupd_klif_klbg - C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\WINDOWS\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
R0 - [NDIS] - Driver do Sistema NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys
R0 - [partmgr] - Driver de partição - C:\WINDOWS\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\WINDOWS\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\WINDOWS\system32\Drivers\SgrmAgent.sys
R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\WINDOWS\system32\Drivers\spaceport.sys
R0 - [storahci] - Driver AHCI SATA Padrão da Microsoft - C:\WINDOWS\system32\Drivers\storahci.sys
R0 - [stornvme] - Driver Microsoft Padrão NVM Express - C:\WINDOWS\system32\Drivers\stornvme.sys
R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys
R0 - [Telemetry] - Serviço de Telemetria Intel(R) - C:\WINDOWS\system32\Drivers\Telemetry.sys [x]
R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\WINDOWS\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\WINDOWS\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Driver de Cópia de Sombra de Volume - C:\WINDOWS\system32\Drivers\volsnap.sys
R0 - [volume] - Driver do volume - C:\WINDOWS\system32\Drivers\volume.sys
R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\WINDOWS\system32\Drivers\Wdf01000.sys
R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
R0 - [WindowsTrustedRTProxy] - Serviço de Proteção de Tempo de Execução Confiável do Microsoft Windows - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\WINDOWS\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
S0 - [klelam] - klelam - C:\WINDOWS\system32\Drivers\klelam.sys
S3 - [atapi] - Canal de IDE - C:\WINDOWS\system32\Drivers\atapi.sys
S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x]

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2281905598-4139048501-1899555197-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe autoStart"
"OneDrive"="C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background"
"LGHUB"="C:\Program Files\LGHUB\lghub.exe --background"
"CorsairLink4"="E:\Programas\Corsair Link\CorsairLink4.exe -startup"
"Amazon Music Helper"="C:\Users\ddjan\AppData\Local\Amazon Music\Amazon Music Helper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"Redirector"="C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe autoStart"
"OneDrive"="C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background"
"LGHUB"="C:\Program Files\LGHUB\lghub.exe --background"
"CorsairLink4"="E:\Programas\Corsair Link\CorsairLink4.exe -startup"
"Amazon Music Helper"="C:\Users\ddjan\AppData\Local\Amazon Music\Amazon Music Helper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CORSAIR iCUE 4 Software"="C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe --autorun"
"SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe "

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [eReporter-AppX.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe]
"C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe]
"C:\WINDOWS\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"]
"C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe]
"C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe]
"C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Per-Machine Standalone Update Task" [C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Opera GX scheduled Autoupdate 1624483028" [C:\Users\ddjan\AppData\Local\Programs\Opera GX\launcher.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{E9FDCE86-BED2-40A4-993A-CDC02FD45495}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" [C:\Program Files\Mozilla Firefox\default-browser-agent.exe]
"C:\WINDOWS\SysNative\tasks\S-1-5-21-2281905598-4139048501-1899555197-1001\DataSenseLiveTileTask" [%SystemRoot%\System32\DataUsageLiveTileTask.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\ddjan\AppData\Roaming\Mozilla\Firefox\Profiles\lsvrbihw.default-release-1601035761893
- Undetermined - %ProfilePath%\extensions\staged
- short_ __MSG_short_name__ - %ProfilePath%\extensions\adblockultimate@adblockultimate.net.xpi
- short_ JSJBridge - %ProfilePath%\extensions\jsjbridge@advancedcontrols.com.au.xpi
- __MSG_extension_name__ - %ProfilePath%\extensions\kpm_win_add_on_9.0@kaspersky.xpi
- __MSG_ExtensionName__ - %ProfilePath%\extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\ddjan\AppData\Roaming\Mozilla\Firefox\Profiles\lsvrbihw.default-release-1601035761893
472CB62C5FFFCF68E543B1B527B4E41F	- C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL -	Microsoft Office
18E586A6A2D6A8C1B17AE85FEF8FEB2F	- C:\Users\ddjan\AppData\Roaming\Mozilla\plugins\npatgpc.dll -	ActiveTouch General Plugin Container


==== Chromium Look ======================

Google Chrome Version: 91.0.4472.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aegnopegbbhjeeiganiajffnalhlkkjb - No path found[]
ahkjpbeeocnddjkakilopmfdlnjdpcdm - https://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm[]

Slides - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Safe Torrent Scanner - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb
Kaspersky Protection - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm
Docs - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Kaspersky - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa
Sheets - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Simet - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnokjffnngdgfplfmimjioknefmkjfgc
Gmail - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - ddjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Slides - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Docs - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Kaspersky Protection 20.0 - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elhpdacimkjpccooodognopfhbdgnpbk
Sheets - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - ddjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Kaspersky Protection - ddjan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.59\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{43c47207-49b3-44e0-82ac-33df3d30cd7b}: NameServer = 8.8.8.8,8.8.4.4

==== EOF on 29/06/2021 at 14:47:40,50 ======================