
ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version)
Tool run by Usuario on 22/07/2021 at 20:22:14,79.
Microsoft Windows 10 Pro 10.0.18363  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Usuario\Desktop\ZA-Scan.exe [Z-Analyse Scan]

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
C:\Program Files (x86)\scpbrad\scpbradserv.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\scpbrad\scpbradguard.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Usuario\AppData\Local\Temp\ZAScan.exe

==== Services(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AMD Crash Defender Service] - AMD Crash Defender Service - c:\windows\system32\amdfendrsr.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\driverstore\filerepository\u0359518.inf_amd64_ddc5c961c2795261\b359297\atiesrxx.exe
R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\dell wireless\bluetooth suite\adminservice.exe
R2 - [Bonjour Service] - Serviço do Bonjour - c:\program files\bonjour\mdnsresponder.exe
R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
R2 - [CorsairGamingAudioConfig] - Corsair Gaming Audio Configuration Service - c:\windows\system32\corsairgamingaudiocfgservice64.exe
R2 - [CorsairLLAService] - Corsair LLA Service - c:\program files (x86)\corsair\corsair icue software\cuellaccessservice.exe
R2 - [CorsairService] - Corsair Service - c:\program files (x86)\corsair\corsair icue software\corsair.service.exe
R2 - [CxUtilSvc] - CxUtilSvc - c:\program files\conexant\sa3\cxutilsvc.exe
R2 - [DDVCollectorSvcApi] - Dell Data Vault Service API - c:\program files\dell\delldatavault\ddvcollectorsvcapi.exe
R2 - [DDVDataCollector] - Dell Data Vault Collector - c:\program files\dell\delldatavault\ddvdatacollector.exe
R2 - [DDVRulesProcessor] - Dell Data Vault Processor - c:\program files\dell\delldatavault\ddvrulesprocessor.exe
R2 - [Dell Hardware Support] - Dell Hardware Support - c:\program files\dell\supportassistagent\pcd\supportassist\dsapi.exe
R2 - [DellClientManagementService] - Dell Client Management Service - c:\program files (x86)\dell\updateservice\serviceshell.exe
R2 - [Ds3Service] - SCP DS3 Service - c:\users\usuario\downloads\scpserver\bin\scpservice.exe
R2 - [ETDService] - Elan Service - c:\program files\elantech\etdservice.exe
R2 - [FlexNet Licensing Service 64] - FlexNet Licensing Service 64 - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
R2 - [HPPrintScanDoctorService] - HP Print Scan Doctor Service - c:\program files\hpprintscandoctor\hpprintscandoctorservice.exe
R2 - [igfxCUIService1.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe
R2 - [McAfee WebAdvisor] - McAfee WebAdvisor - c:\program files\mcafee\webadvisor\servicehost.exe
R2 - [McAPExe] - McAfee AP Service - c:\program files\common files\mcafee\vscore_21_4\mcapexe.exe
R2 - [mccspsvc] - McAfee CSP Service - c:\program files\common files\mcafee\csp\4.3.107.0\\mccspservicehost.exe
R2 - [Origin Web Helper Service] - Origin Web Helper Service - c:\program files (x86)\origin\originwebhelperservice.exe
R2 - [PEFService] - McAfee PEF Service - c:\program files\common files\mcafee\pef\core\pefservice.exe
R2 - [scpbradserv] - Componente de Segurança Bradesco - c:\program files (x86)\scpbrad\scpbradserv.exe
R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe
R2 - [SupportAssistAgent] - Dell SupportAssist - c:\program files\dell\supportassistagent\bin\supportassistagent.exe
R2 - [TeamViewer] - TeamViewer 14 - c:\program files (x86)\teamviewer\teamviewer_service.exe
R2 - [Warsaw Technology] - Warsaw Technology - c:\program files\diebold\warsaw\core.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe
S2 - [edgeupdate] - Serviço Microsoft Edge Update (edgeupdate) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [edgeupdatem] - Serviço Microsoft Edge Update (edgeupdatem) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S3 - [FACEITService] - FACEITService - c:\program files\faceit ac\faceitservice.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\91.0.4472.164\elevation_service.exe
S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [MicrosoftEdgeElevationService] - Microsoft Edge Elevation Service - c:\program files (x86)\microsoft\edge\application\91.0.864.71\elevation_service.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe
S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
S3 - [Rockstar Service] - Rockstar Game Library Service - c:\program files\rockstar games\launcher\rockstarservice.exe
S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
S3 - [Sense] - Serviço Proteção Avançada contra Ameaças do Windows Defender - c:\program files\windows defender advanced threat protection\mssense.exe
S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe
S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
S3 - [TurboBoost] - Intel(R) Turbo Boost Technology Monitor 2.6 - c:\program files\intel\turboboost\turboboost.exe
S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.1910.4-0\nissrv.exe
S3 - [WinDefend] - Serviço Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.1910.4-0\msmpeng.exe
S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S4 - [AppVClient] - Microsoft App-V Client - c:\windows\system32\appvclient.exe
S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe
S4 - [UevAgentService] - Serviço de User Experience Virtualization - c:\windows\system32\agentservice.exe
S4 - [uhssvc] - Microsoft Update Health Service - c:\program files\microsoft update health tools\uhssvc.exe

==== Drivers(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys
R0 - [amdkmpfd] - AMD PCI Root Bus Lower Filter - C:\Windows\system32\Drivers\amdkmpfd.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [disk] - Driver de disco - C:\Windows\system32\Drivers\disk.sys
R0 - [FACEIT] - FACEIT - C:\Windows\system32\Drivers\FACEIT.sys
R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys
R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\Windows\system32\Drivers\intelpep.sys
R0 - [iorate] - Driver do Filtro de Taxa de E/S de Disco - C:\Windows\system32\Drivers\iorate.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mfehidk] - McAfee Inc. mfehidk - C:\Windows\system32\Drivers\mfehidk.sys
R0 - [mfewfpk] - McAfee Inc. mfewfpk - C:\Windows\system32\Drivers\mfewfpk.sys
R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [MsSecFlt] - Minifiltro do Componente de Eventos de Segurança da Microsoft - C:\Windows\system32\Drivers\MsSecFlt.sys
R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Driver de partição - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\Windows\system32\Drivers\SgrmAgent.sys
R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\Windows\system32\Drivers\spaceport.sys
R0 - [storahci] - Driver AHCI SATA Padrão da Microsoft - C:\Windows\system32\Drivers\storahci.sys
R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Driver de Cópia de Sombra de Volume - C:\Windows\system32\Drivers\volsnap.sys
R0 - [volume] - Driver do volume - C:\Windows\system32\Drivers\volume.sys
R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\Windows\system32\Drivers\Wdf01000.sys
R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\Windows\system32\Drivers\WFPLWFS.sys
R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\Windows\system32\Drivers\WindowsTrustedRT.sys
R0 - [WindowsTrustedRTProxy] - Serviço de Proteção de Tempo de Execução Confiável do Microsoft Windows - C:\Windows\system32\Drivers\WindowsTrustedRTProxy.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys
S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
S0 - [mfeelamk] - McAfee Inc. mfeelamk - C:\Windows\system32\Drivers\mfeelamk.sys
S3 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys
S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\Windows\system32\Drivers\Tcpip6.sys [x]

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\MSN Messenger\msnmsgr.exe /background"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"vidnotifier.exe"="C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe"
"uTorrent"="C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Opera Browser Assistant"="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant\browser_assistant.exe"
"utweb"="C:\Users\Usuario\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"CORSAIR iCUE Software"="C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun"
"HDD Regenerator"="C:\Program Files (x86)\HDD Regenerator\Shell.exe /1"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\MSN Messenger\msnmsgr.exe /background"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"vidnotifier.exe"="C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe"
"uTorrent"="C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Opera Browser Assistant"="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant\browser_assistant.exe"
"utweb"="C:\Users\Usuario\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /s"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun"
"Wondershare Helper Compact.exe"="C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe "
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdAppMgrSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\Windows\explorer.exe [12/05/2021 15:16]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AMDInstallLauncher" [C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe]
"C:\Windows\SysNative\tasks\AMDLinkUpdate" [C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\Windows\SysNative\tasks\McAfeeLogon" [C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe]
"C:\Windows\SysNative\tasks\ModifyLinkUpdate" [C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe]
"C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-1164354365-3173896476-4078105206-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-2802420505-662629979-4225180187-1002" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-2802420505-662629979-4225180187-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\Windows\SysNative\tasks\Opera scheduled assistant Autoupdate 1576838203" [C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1573773820" [C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\StartCN" ["C:\Program Files\AMD\CNext\CNext\cncmd.exe"]
"C:\Windows\SysNative\tasks\StartCNBM" ["C:\Program Files\AMD\CNext\CNext\cncmd.exe"]
"C:\Windows\SysNative\tasks\StartDVR" ["C:\Program Files\AMD\CNext\CNext\RSServCmd.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{CB891A92-6BD6-4CD0-B15A-1343F7584976}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\McAfee\DAD.Execute.Updates" ["C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe"]
"C:\Windows\SysNative\tasks\McAfee\McAfee DAT Built in test" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe]
"C:\Windows\SysNative\tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" [C:\Program Files\Mozilla Firefox\default-browser-agent.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App
user_pref("browser.startup.homepage", "https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=");
user_pref("browser.newtab.url", "https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=");
user_pref("browser.search.defaultenginename", "My Bing Search");
user_pref("browser.search.selectedEngine", "My Bing Search");

ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\vgzm1g9q.default
user_pref("browser.startup.homepage", "https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=");
user_pref("browser.newtab.url", "https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=");

ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release
user_pref("browser.newtab.url", "https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName=");
user_pref("browser.search.defaultenginename", "My Bing Search");
user_pref("browser.search.selectedEngine", "My Bing Search");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release
- short_ BTTV - %ProfilePath%\extensions\firefox@betterttv.net.xpi
- __MSG_chrome_extension_name__ - %ProfilePath%\extensions\oinkandstuffdirectmessagedmforinstagram@gmail.com.xpi
- Bil\u00f4metro - %ProfilePath%\extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi
- GamersClub Booster - %ProfilePath%\extensions\{68a6744b-6d1e-4c85-83ad-637c9dc135b5}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App
AF0D2306ECF8D4341F86204B3043BD9C	- C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL -	Microsoft Office
E4AFD82B9ABEFFB14AD1D006FFCD3448	- C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll -	McAfee SecurityCenter

Profilepath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release
E4AFD82B9ABEFFB14AD1D006FFCD3448	- C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll -	McAfee SecurityCenter
AF0D2306ECF8D4341F86204B3043BD9C	- C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL -	Microsoft Office


==== Chromium Look ======================

Google Chrome Version: 91.0.4472.164

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
fheoggkfdfchfphceeifdbepaooicaho - No path found[]

Slides - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Docs - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Sheets - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
ArtCultureHeritage - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Google Docs Offline - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Rich Hints Agent - Usuario\Appdata\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.71\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll

==== EOF on 22/07/2021 at 20:31:54,40 ======================