Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.

2024 01
Ran by Pushpak (administrator) on LAPTOP-O20NK0TV (HP HP Pavilion Gaming Laptop 15-
ec1xxx) (29-02-2024 18:55:30)
Running from E:\Downloads_1\FRST64.exe
Loaded Profiles: Pushpak & MariaDB
Platform: Microsoft Windows 11 Home Single Language Version 23H2 22631.3155 (X64)
Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will
not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\

Acrobat\AdobeCollabSync.exe <2>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\
Update\1.3.361.147\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\
Update\1.3.361.147\BraveCrashHandler64.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA
Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\
nvrla.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA
Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\
PresentMon_x64.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft
Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA
Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA
GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA
Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\
nvsphelper64.exe
(C:\Program Files\WindowsApps\
AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\
HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP
Inc.) C:\Program Files\WindowsApps\
AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\
HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\
Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe <6>
(DriverStore\FileRepository\u0373661.inf_amd64_84f5580aaa963785\B373112\
atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
DriverStore\FileRepository\u0373661.inf_amd64_84f5580aaa963785\B373112\atieclxx.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\
AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\
HPSystemEventUtilityBackground.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics
Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\
Application\chrome.exe <18>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
cmd.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
WindowsPowerShell\v1.0\powershell.exe
(explorer.exe ->) (The Apache Software Foundation -> Apache Software Foundation)
C:\Program Files\Apache Software Foundation\Tomcat 10.1\bin\Tomcat10w.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\
PubPlatform.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\
UninstallMonitor.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\
NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\oraclexe\app\oracle\product\10.2.0\
server\BIN\TNSLSNR.EXE
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\
Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\
DriverStore\FileRepository\u0373661.inf_amd64_84f5580aaa963785\B373112\atiesrxx.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files
(x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics
Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (ETH Zurich) [File not signed] C:\Program Files (x86)\
SecureExamBrowser\SebWindowsServiceWCF.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\
HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\
HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\
TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\
FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\
OmenCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program
Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Motorola) C:\Program Files\Lenovo\Ready For Assistant\
ReadyForService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program
Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\
Microsoft PC Manager\MSPCManagerService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced
Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\
NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\
DriverStore\FileRepository\nvhmi.inf_amd64_674cea650fa52c0d\Display.NvContainer\
NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA
Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(services.exe ->) (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\
product\10.2.0\server\BIN\oracle.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program
Files (x86)\AnyDesk\AnyDesk.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\
Windows\System32\DriverStore\FileRepository\
realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe <2>
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\
Program Files\RAVAntivirus\x64\rsSyncSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\
Program Files\ReasonLabs\EPP\rsClientSvc.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\
System32\SECOMN64.exe
(services.exe ->) (The Apache Software Foundation -> Apache Software Foundation)
C:\Program Files\Apache Software Foundation\Tomcat 10.1\bin\Tomcat10.exe
(services.exe ->) (Unistal Systems Pvt. Ltd. -> ) C:\Program Files (x86)\Protegent
AV Cloud\pgxsrv.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\
Integration\WildTangentHelperService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\
ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\
HPAudioSwitch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\
OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\
SystemOptimizer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\
Microsoft.WindowsTerminal_1.19.10573.0_x64__8wekyb3d8bbwe\OpenConsole.exe <2>
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\
Microsoft.WindowsTerminal_1.19.10573.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\
MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\
WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\
wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to
default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\

realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269656 2021-07-28]
(Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SS Notify] => C:\SpeedPro Starter\SSNotify.exe [265024 2019-10-23]
(Angel Broking Pvt. Ltd. -> Angel)
HKLM\...\Run: [WindowsMasterUI] => C:\Program Files\Microsoft PC Manager\
MSPCManager.exe [952352 2023-11-27] (Microsoft Corporation -> MSPCManager)
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-
Browser\Application\122.1.63.165\BraveVpnWireguardService\
brave_vpn_wireguard_service.exe [10880024 2024-02-28] (Brave Software, Inc. ->
Brave Software, Inc.)
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-
service.exe [1576464 2024-01-25] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM\...\Run: [Nearby Share] => C:\Program Files\Google\NearbyShare\
nearby_share_launcher.exe [1410336 2024-01-18] (Google LLC -> Google)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [36352
2008-04-02] () [File not signed]
HKLM-x32\...\Run: [TurboVPN] => E:\New folder\TurboVPN\TurboVPNLauncher.exe (No
File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\
Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle
Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction
<==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\
86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\
86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [HPSEU_Host_Launcher]
=> C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [538160 2024-01-24] (HP Inc. ->
HP Inc.)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [OneDrive] => C:\
Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-25] (Microsoft
Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Steam] => "D:\steam\
steam.exe" -silent (No File)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Feem] => C:\Program
Files (x86)\Feem 2018\Feem.exe [7542272 2018-10-14] () [File not signed]
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [GoogleDriveFS] => C:\
Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-
02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [CiscoMeetingDaemon] =>
C:\Users\Pushpak\AppData\Local\WebEx\WebexHost.exe [6989648 2022-01-26] (Cisco
WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Discord] => C:\Users\
Pushpak\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. ->
GitHub)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run:
[MicrosoftEdgeAutoLaunch_7A97E9BF3D5B23BA377030783D14FEC6] => "C:\Program Files
(x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-
start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [InstMP_Service] => C:\
Users\Pushpak\AppData\Local\InstallShield\InstMP.exe [10240 2019-08-01] () [File
not signed]
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run:
[com.squirrel.Teams.Teams] => C:\Users\Pushpak\AppData\Local\Microsoft\Teams\
Update.exe [2587432 2023-03-12] (Microsoft 3rd Party Application Component ->
Microsoft Corporation)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run:
[ApacheTomcatMonitor10.1_Tomcat10] => C:\Program Files\Apache Software Foundation\
Tomcat 10.1\bin\Tomcat10w.exe [129040 2023-04-15] (The Apache Software Foundation -
> Apache Software Foundation)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Grammarly] => C:\
Users\Pushpak\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
[800352 2023-11-27] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Opera Stable] => C:\
Users\Pushpak\AppData\Local\Programs\Opera\launcher.exe [2358688 2024-02-22] (Opera
Norway AS -> Opera Software)
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Run: [Pushpak] =>
explorer.exe hxxp://dinoraptzor.org (No File) <==== ATTENTION
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\system:
[NoDispScrSavPage] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\system:
[NoDispBackgroundPage] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\system:
[NoThemesTab] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\system:
[NoDispSettingsPage] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\system:
[NoDispAppearence] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer:
[NoRecentDocsMenu] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer: [NoFind]
0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer:
[NoViewContextMenu] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer:
[NoChangeStartMenu] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer:
[NoLogOff] 0
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\...\Policies\Explorer:
[NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\Control Panel\Desktop\\
SCRNSAVE.EXE -> C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.ScreenSaver.scr
HKU\S-1-5-80-3070791953-3247979545-275873789-2352004973-969172767\...\Run:
[HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [538160
2024-01-24] (HP Inc. -> HP Inc.)
HKU\S-1-5-80-3070791953-3247979545-275873789-2352004973-969172767\...\Run:
[GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\
GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\
86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-
AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.185\
Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-
AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\
122.1.63.165\Installer\chrmstp.exe [2024-02-29] (Brave Software, Inc. -> Brave
Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-
0586ADD46B35}] ->
Startup: C:\Users\Pushpak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\
Startup\Send to OneNote.lnk [2021-07-21]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\
Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma
Loader.lnk [2021-01-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\
Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk
[2022-10-09]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> AnyDesk Software GmbH)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

Task: {3518F428-F7A9-43AC-9EB0-BAC10AB2AF61} - System32\Tasks\Adobe Acrobat Update

Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208
2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {BCA25CF5-3C16-486E-9F6C-E2747C7A798C} - System32\Tasks\Adobe Flash Player
PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\
FlashUtil32_32_0_0_330_pepper.exe [1453624 2021-10-10] (Adobe Inc. -> Adobe)
Task: {43B65E25-9FA7-49BF-A235-F00A30110634} - System32\Tasks\Adobe Flash Player
Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416
2021-10-10] (Adobe Inc. -> Adobe)
Task: {8CD8FBEA-A8DD-432E-BE5E-7CAB708324C3} - System32\Tasks\
BraveSoftwareUpdateTaskMachineCore{D1CA54D0-4BB6-444D-B242-174B80D69EB6} => C:\
Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-08-24] (Brave
Software, Inc. -> BraveSoftware Inc.)
Task: {E75A47F7-C59F-47EE-91DF-019EFAF53C86} - System32\Tasks\
BraveSoftwareUpdateTaskMachineUA{6BD210E5-9B7D-4E75-BA16-D3A43E945078} => C:\
Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-08-24] (Brave
Software, Inc. -> BraveSoftware Inc.)
Task: {F0D077CA-9358-4C8F-A1DE-E9B7DB0AB326} - System32\Tasks\CleanGenius => "D:\
Ubuntu\EaseUS CleanGenius\bin\CleanGenius.exe" auto (No File)
Task: {91F42557-6D70-4A64-88C5-F46A01A72C85} - System32\Tasks\G2MUpdateTask-S-1-5-
21-2048706772-2546835122-4286667131-1001 => C:\Users\Pushpak\AppData\Local\
GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1FF491A7-F99D-41D6-B1BE-2D3E320052F8} - System32\Tasks\G2MUploadTask-S-1-5-
21-2048706772-2546835122-4286667131-1001 => C:\Users\Pushpak\AppData\Local\
GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {43BFCC9B-4403-4DA5-876A-A466EEC5F8EC} - System32\Tasks\Google\Quick Share
Relaunch => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1410336
2024-01-18] (Google LLC -> Google)
Task: {F02EE385-D822-4CCB-BF85-D8A4DB00F352} - System32\Tasks\GoogleSystem\
GoogleUpdater\GoogleUpdaterTaskSystem124.0.6315.0{2B085BE2-46D2-4CD4-A8EE-
AE0B472E450B} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\
updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION
Task: {9A58A624-33C9-4596-AADF-B598423DDF3C} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {D54AFA25-F69F-4B32-B722-8C56F5844CEF} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-11-02]
(Microsoft Windows -> Microsoft Corporation) -> /c start
hpdiags://BatteryStatusError
Task: {98117B71-4DEB-4157-BBBC-2FC682F5869B} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2023-11-02]
(Microsoft Windows -> Microsoft Corporation) -> /c start
hpdiags://BatteryStatusTest
Task: {07D96D6D-FEB4-4870-BECD-D193AA2E0153} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {2CCD75D6-1D7F-4928-9C18-BC4B47A821B2} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {75FF16A3-7002-4616-960D-D846C2295623} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {CED16BFD-0E20-4972-97A5-316A66A5FD31} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {F5CB9F90-9C2A-4205-8E4B-B9225576FFD9} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-11-02] (Microsoft
Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {6B9C202C-3140-443F-9F95-E61E520B0FE7} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-11-02]
(Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {85B308A1-46E0-4FDE-99B7-571FA2B2360A} - System32\Tasks\Hewlett-Packard\HP
Diagnostics\SmartCheckTest => C:\windows\system32\cmd.exe [323584 2023-11-02]
(Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest
Task: {65193FBD-F68D-4A36-B5A0-E4DC3D67B7BF} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\
HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-08-25] (HP Inc.
-> HP Inc.)
Task: {6514E19F-4FB0-4B00-928E-AECDA8FF0D9F} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\
HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-08-25] (HP Inc. -> HP
Inc.)
Task: {1B5AA4CB-24CF-4041-807E-ED2BC7D71F3A} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support
Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-08-25] (HP
Inc. -> HP Inc.)
Task: {739042C7-FB02-4F91-92C3-D2E7079B21E4} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support
Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145904 2023-08-25] (HP
Inc. -> HP Inc.)
Task: {010418B4-DEF0-4D9C-88A4-A823E173504D} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP
Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145904 2023-08-
25] (HP Inc. -> HP Inc.)
Task: {F00A540D-FB8D-4E6A-9142-E235A9752829} - System32\Tasks\HP\Consent Manager
Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows ->
Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {760F4629-B2E0-4533-87F4-CD0753C22508} - System32\Tasks\HP\HP Print Scan
Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\
HPPrinterHealthMonitor.exe [57808 2023-07-27] (HP Inc. -> HP Inc.)
Task: {7CE23A66-30C4-4613-8633-17C6BA57374F} - System32\Tasks\HP\HP Print Scan
Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\
HPPrinterHealthMonitor.exe [57808 2023-07-27] (HP Inc. -> HP Inc.)
Task: {8DCBC7B2-CD3A-43DC-BB63-41DC2C5E08FA} - System32\Tasks\HPAudioSwitch => C:\
Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP
Inc. -> HP Inc.)
Task: {6FAD1E64-DBCA-4708-8AC8-59328E5A018F} - System32\Tasks\HPOneAgentRepairTask
=> C:\ProgramData\Package Cache\{e08f5975-1059-4836-a2ea-4e67c397a686}\
HPOneAgent.exe [791744 2024-02-08] (HP Inc. -> HP Inc.)
Task: {0E557C00-69E7-4214-A388-EB50FBB3B770} - System32\Tasks\Microsoft\Office\
Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\
ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation ->
Microsoft Corporation)
Task: {A4092D69-9D59-4AF3-A5A0-5822864A2726} - System32\Tasks\Microsoft\Office\
Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft
Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation
-> Microsoft Corporation)
Task: {C7900D08-CFC4-490D-995F-60D1C67D0882} - System32\Tasks\Microsoft\Office\
Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\
sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F54F0CB-14EE-44EE-B2EB-11C65B0B796F} - System32\Tasks\Microsoft\Office\
Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\
sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E0B25C0-DB2B-43F9-ADC6-33CF908C697B} - System32\Tasks\Microsoft\Office\
Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\
ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-08]
(Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\
Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\
MbaeParserTask.exe (No File)
Task: {1BFA388F-6875-4CB2-B91A-86F89D3426CA} - System32\Tasks\Microsoft\Windows\
NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\
mscorsvw.exe [1883460 2018-04-07] (Microsoft Corporation) [File not signed] <====
ATTENTION
Task: {326B95E8-BEDF-4628-A1CB-606E52233D58} - System32\Tasks\Microsoft\Windows\
UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\
MusNotification.exe LogonUpdateResults (No File)
Task: {A17519B1-3F4B-4D3B-A423-6FFF86C8942D} - System32\Tasks\Microsoft\Windows\
UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\
MusNotification.exe Display (No File)
Task: {7018DA8D-8995-4267-B68D-B3E213D6289B} - System32\Tasks\Microsoft\Windows\
UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC
ReadyToReboot (No File)
Task: {162FCD78-003C-4F77-AC7B-580F0AC25BB7} - System32\Tasks\Microsoft\Windows\
UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe
/RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\
UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No
File)
Task: {9714938B-265F-4AD4-A5F6-1C51C45A4872} - System32\Tasks\Mozilla\Firefox
Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\
default-browser-agent.exe [733088 2023-08-24] (Mozilla Corporation -> Mozilla
Foundation)
Task: {01F8451C-3F86-4E1E-9E73-6B6E3DC782AA} - System32\Tasks\
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program
Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\
NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C1DC57B4-FDC4-4192-9DD0-E95ED2C13719} - System32\Tasks\NVIDIA GeForce
Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448
2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D90507FE-3F37-4B47-9B57-86F2C2598008} - System32\Tasks\
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\
NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {174FDDF4-4B12-423A-A517-03FF3C8D6F61} - System32\Tasks\
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {9AE6C142-05EC-4FB5-8447-A02E981C0289} - System32\Tasks\
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA
Corporation -> NVIDIA Corporation)
Task: {F6263D45-EA49-4010-988E-A8F87DA3FBEB} - System32\Tasks\
NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {601FD1F9-8610-4030-9BB2-EE044EDFE22D} - System32\Tasks\
NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {E717AB4A-F7E6-4AA0-BCF2-CD9965EF9508} - System32\Tasks\
NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {D399666C-95B5-46D9-83CA-C8B3112A0681} - System32\Tasks\
NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\
NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -
> NVIDIA Corporation)
Task: {D408925A-76D9-4BC2-A946-AB3EFDAB8C26} - System32\Tasks\OmenInstallMonitor =>
C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [64472 2024-02-02]
(HP Inc. -> HP Inc.)
Task: {16748541-070D-43A0-A146-60B5E32B2809} - System32\Tasks\
OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\
OmenInstallMonitor.exe [64472 2024-02-02] (HP Inc. -> HP Inc.)
Task: {BFEDF7BC-308E-4749-946C-34100495FB04} - System32\Tasks\OmenOverlay => C:\
Program Files\HP\Overlay\OverlayHelper.exe [67536 2024-02-02] (HP Inc. -> HP Inc.)
Task: {BF5E4ECD-411B-42C6-A3C2-1171B981BF3C} - System32\Tasks\
OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67536
2024-02-02] (HP Inc. -> HP Inc.)
Task: {31E0974F-22F6-49DA-AD74-789293D2321C} - System32\Tasks\OneDrive Per-Machine
Standalone Update Task => C:\Program Files\Microsoft OneDrive\
OneDriveStandaloneUpdater.exe [4130320 2024-02-25] (Microsoft Corporation ->
Microsoft Corporation)
Task: {FA5151EE-EBC4-4DF6-AF35-CA80AD6A6CF6} - System32\Tasks\OneDrive Reporting
Task-S-1-5-21-2048706772-2546835122-4286667131-1001 => C:\Program Files\Microsoft
OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-25] (Microsoft Corporation
-> Microsoft Corporation)
Task: {A3357EF3-ADE4-4019-BE16-078AE33F7CD7} - System32\Tasks\Opera scheduled
Autoupdate 1706008490 => C:\Users\Pushpak\AppData\Local\Programs\Opera\launcher.exe
[2358688 2024-02-22] (Opera Norway AS -> Opera Software)
Task: {EF244446-3A91-4868-A23F-BD12555E685C} - System32\Tasks\Pushpak => C:\
windows\system32\cmd.exe [323584 2023-11-02] (Microsoft Windows -> Microsoft
Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Run /f /v Pushpak /t REG_SZ /d "explorer.exe hxxp://dinoraptzor.org"
<==== ATTENTION
Task: {73F1BBDC-C7BD-4740-A81A-66CE1B633527} - System32\Tasks\SpeedPro Starter
Scheduler => C:\SpeedPro Starter\SS Autoupdater.exe [497320 2020-03-31] (Angel
Broking Limited -> Angel) -> C:\SpeedPro Starter\SpeedPro Starter.exe
Task: {D836E726-FC56-445E-AA0C-2E7333C76580} - System32\Tasks\SystemOptimizer =>
C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [149976 2024-02-02] (HP
Inc. -> HP Inc.)
Task: {9A37ED6F-ED2A-4F55-8568-053E723E0C0D} - System32\Tasks\
SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\
SystemOptimizer.exe [149976 2024-02-02] (HP Inc. -> HP Inc.)
Task: {F74B4058-BE90-48AE-B165-99BCF073D504} - System32\Tasks\
Uninstaller_SkipUac_Pushpak => C:\Program Files (x86)\IObit\IObit Uninstaller\
IObitUninstaler.exe [9385480 2023-06-08] (IObit CO., LTD -> IObit)
Task: {AFCEDC11-8D84-49EE-B80C-B5568F7B1209} - System32\Tasks\Window Update => C:\
Users\Pushpak\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [File not signed]
Task: {F736DDF6-3077-42D7-981C-0DCF2E4B8604} - System32\Tasks\Windows Service Task
=> C:\Users\Pushpak\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11]
() [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2048706772-2546835122-4286667131-
1001.job => C:\Users\Pushpak\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2048706772-2546835122-4286667131-
1001.job => C:\Users\Pushpak\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed

or restored to default.)

ProxyServer: [S-1-5-21-2048706772-2546835122-4286667131-1001] => 127.0.0.1:8892

Tcpip\Parameters: [DhcpNameServer] 192.168.111.199
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}: [DhcpNameServer]
192.168.111.199
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
02F4E65605C6573702E4F62746: [DhcpNameServer] 192.168.62.102
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\05F434F4028523:
[DhcpNameServer] 192.168.149.106
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F523432323: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F543238303: [DhcpNameServer] 192.168.161.156
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F543530373: [DhcpNameServer] 192.168.25.238
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F543535353: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F553532383: [DhcpNameServer] 192.168.141.170
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F553732373: [DhcpNameServer] 192.168.187.78
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F593835333: [DhcpNameServer] 192.168.161.156
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
14E64627F696463586162756F593839343: [DhcpNameServer] 192.168.79.244
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
255646D69602E4F6475602130335: [DhcpNameServer] 192.168.70.86
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\
255646D69602E4F64756027337: [DhcpNameServer] 192.168.43.10
Tcpip\..\Interfaces\{4c9f2f30-4e83-4703-b107-b613ea977d64}\D204D245D225D242D204D2:
[DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{a19d1c67-082c-424a-a61f-ca5434aab7a9}: [DhcpNameServer]
192.168.43.253
Tcpip\..\Interfaces\{a2b61265-2da0-4b1d-9605-d9e6adac26a4}: [DhcpNameServer]
8.8.8.8 4.2.2.2
Tcpip\..\Interfaces\{abd977e3-fa94-4ffb-8c8b-d5706fe5f821}: [DhcpNameServer]
192.168.0.1
Tcpip\..\Interfaces\{f141c314-08d3-4102-a184-75bf997da33b}: [DhcpNameServer]
8.8.8.8 8.8.4.4

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pushpak\AppData\Local\Microsoft\Edge\User Data\Default
[2024-02-28]
Edge DownloadDir: Default -> D:\Ubuntu
Edge Extension: (Flipshope: Price Tracker and much more) - C:\Users\Pushpak\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
dgejbgnnbfnaleggmgdmmdkklpgfkcdp [2023-12-13]
Edge Extension: (Keepa - Amazon Price Tracker) - C:\Users\Pushpak\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\ejefaeioamebhekmfaclajddbpnnobje [2023-
04-23]
Edge Extension: (AutoBuy Flash Sales, Deals, and Coupons) - C:\Users\Pushpak\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
gbnahglfafmhaehbdmjedfhdmimjcbed [2023-06-22]
Edge Extension: (Price History, Tracker, Auto Coupon: Buyhatke) - C:\Users\Pushpak\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
gdgnlfdenkmjcfgjpnookbglpndleahm [2024-01-25]
Edge Extension: (Google Docs Offline) - C:\Users\Pushpak\AppData\Local\Microsoft\
Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Price Tracker - Auto Buy, Price History) - C:\Users\Pushpak\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
hegbjcdehgihjohghnmdpebepnoalode [2023-04-23]
Edge Extension: (Sound Booster that Works!) - C:\Users\Pushpak\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\iedjaablcnjibjneboiikigpnjhaimdc [2023-
04-23]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Pushpak\
AppData\Local\Microsoft\Edge\User Data\Default\Extensions\
ighhnpmaabelnfcbbkijikgghajbiaml [2023-04-23]
Edge Extension: (Cisco Webex Extension) - C:\Users\Pushpak\AppData\Local\Microsoft\
Edge\User Data\Default\Extensions\ikdddppdhmjcdfgilpnbkdeggoiicjgo [2023-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\Pushpak\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-
01-25]
Edge Extension: (Quick Heal Anti-Tracker) - C:\Users\Pushpak\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\jmopofhkmbgdgakogbjcgfkblkdpglnj [2023-
04-23]
Edge Extension: (ZenMate Free VPN – Best VPN for Edge) - C:\Users\Pushpak\AppData\
Local\Microsoft\Edge\User Data\Default\Extensions\kepdippgcikacmcdaijnponnfgljfbea
[2023-06-22]
Edge Extension: (Quick Heal Anti-Tracker) - C:\Users\Pushpak\AppData\Local\
Microsoft\Edge\User Data\Default\Extensions\kjcnhhogddoglhpcplcfppllbblegedn [2022-
10-13]
Edge Extension: (FlashSale AutoBuy) - C:\Users\Pushpak\AppData\Local\Microsoft\
Edge\User Data\Default\Extensions\mnhfpaiinbmknpannekekjbfllfihleg [2023-12-13]
Edge Extension: (Flash Kart - Amazon Price Tracker) - C:\Users\Pushpak\AppData\
Local\Microsoft\Edge\User Data\Default\Extensions\mnkjlpcdfdkekiojedblbhfobachjoof
[2023-12-13]
Edge Extension: (Quick reader) - C:\Users\Pushpak\AppData\Local\Microsoft\Edge\User
Data\Default\Extensions\plglmhpihlogcbolpbojkbnbnbmihjdb [2021-09-17]

FireFox:
========
FF DefaultProfile: 9b26wbql.default
FF ProfilePath: C:\Users\Pushpak\AppData\Roaming\Mozilla\Firefox\Profiles\
9b26wbql.default [2023-09-03]
FF DownloadDir: E:\Browser Downloads
FF Extension: (Graffiti – Bold) - C:\Users\Pushpak\AppData\Roaming\Mozilla\Firefox\
Profiles\9b26wbql.default\Extensions\[email protected] [2023-
07-06]
FF Extension: (Quick Heal Anti-Tracker) - C:\Users\Pushpak\AppData\Roaming\Mozilla\
Firefox\Profiles\9b26wbql.default\Extensions\{45e8d41e-2a13-4cb6-bd29-
f1dafd9c5b9b}.xpi [2022-11-18]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\
jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\
jre1.8.0_311\bin\plugin2\npjp2.dll [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\Office16\NPSPWRAP.DLL [2024-02-08] (Microsoft Corporation -> Microsoft
Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\
npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\
npvlc.dll [2022-11-09] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\
nppdf32.dll [2024-02-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\
Google\Picasa3\npPicasa3.dll [2010-12-02] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\
jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2024-02-28] (Oracle America, Inc. ->
Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\
Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2024-02-28] (Oracle America, Inc. ->
Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft
Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-08]
(Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pushpak\AppData\Local\Google\Chrome\User Data\Default [2024-
02-29]
CHR DownloadDir: E:\Downloads_1
CHR Extension: (Flipshope: Price Tracker and much more) - C:\Users\Pushpak\AppData\
Local\Google\Chrome\User Data\Default\Extensions\adikhbfjdbjkhelbdnffogkobkekkkej
[2023-12-26]
CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Pushpak\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
bihmplhobchoageeokmgbdihknkjbknd [2023-10-06]
CHR Extension: (Free VPN ZenMate-Best VPN for Chrome) - C:\Users\Pushpak\AppData\
Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme
[2023-05-19]
CHR Extension: (AutoBuy Flash Sales, Deals, and Coupons) - C:\Users\Pushpak\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
gbnahglfafmhaehbdmjedfhdmimjcbed [2023-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Pushpak\AppData\Local\Google\
Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Aston Martin DBC Concept - Full HD - Axlg) - C:\Users\Pushpak\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
gipjmkadfmnholahnobfgeboogdneacm [2024-02-08]
CHR Extension: (Price Tracker - Auto Buy, Price History) - C:\Users\Pushpak\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
hegbjcdehgihjohghnmdpebepnoalode [2023-04-12]
CHR Extension: (Sound Booster that Works!) - C:\Users\Pushpak\AppData\Local\Google\
Chrome\User Data\Default\Extensions\iedjaablcnjibjneboiikigpnjhaimdc [2023-04-08]
CHR Extension: (Volume Master) - C:\Users\Pushpak\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-11-29]
CHR Extension: (Cisco Webex Extension) - C:\Users\Pushpak\AppData\Local\Google\
Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-27]
CHR Extension: (Quick Heal Anti-Tracker) - C:\Users\Pushpak\AppData\Local\Google\
Chrome\User Data\Default\Extensions\jmopofhkmbgdgakogbjcgfkblkdpglnj [2022-10-13]
CHR Extension: (0) - C:\Users\Pushpak\AppData\Local\Google\Chrome\User Data\
Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-08-15]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\Pushpak\AppData\
Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno
[2024-02-16]
CHR Extension: (FlashSale AutoBuy) - C:\Users\Pushpak\AppData\Local\Google\Chrome\
User Data\Default\Extensions\mnhfpaiinbmknpannekekjbfllfihleg [2023-11-29]
CHR Extension: (Flash Kart - Amazon Price Tracker) - C:\Users\Pushpak\AppData\
Local\Google\Chrome\User Data\Default\Extensions\mnkjlpcdfdkekiojedblbhfobachjoof
[2023-11-09]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Pushpak\AppData\Local\
Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2024-
02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pushpak\AppData\Local\Google\
Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-12]
CHR Extension: (Price History, Tracker, Auto Coupon: Buyhatke) - C:\Users\Pushpak\
AppData\Local\Google\Chrome\User Data\Default\Extensions\
ojplmecpdpgccookcobabopnaifgidhf [2024-02-25]
CHR Profile: C:\Users\Pushpak\AppData\Local\Google\Chrome\User Data\Guest Profile
[2023-05-25]
CHR Profile: C:\Users\Pushpak\AppData\Local\Google\Chrome\User Data\System Profile
[2024-01-23]
CHR HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\SOFTWARE\Google\Chrome\
Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2048706772-2546835122-4286667131-1001\SOFTWARE\Google\Chrome\
Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR DefaultProfile: Default

Brave:
=======
BRA Profile: C:\Users\Pushpak\AppData\Local\BraveSoftware\Brave-Browser\User Data\
Default [2023-12-18]
BRA Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Pushpak\
AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\
bihmplhobchoageeokmgbdihknkjbknd [2023-10-14]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Pushpak\
AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\
efaidnbmnnnibpcajpcglclefindmkaj [2023-12-18]
BRA Extension: (Volume Master) - C:\Users\Pushpak\AppData\Local\BraveSoftware\
Brave-Browser\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-
12-18]
BRA Extension: (Cisco Webex Extension) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\Default\Extensions\
jlhmfgmfgeifomenelglieieghnjghma [2023-08-24]
BRA Extension: (Quick Heal Anti-Tracker) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\Default\Extensions\
jmopofhkmbgdgakogbjcgfkblkdpglnj [2023-08-24]
BRA Extension: (Application Launcher For Drive (by Google)) - C:\Users\Pushpak\
AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\
lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-24]
BRA Extension: (Keepa - Amazon Price Tracker) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\Default\Extensions\
neebplgakaahbhdphmkckjjcegoiijjo [2023-12-18]
BRA Extension: (Price History, Tracker, Auto Coupon: Buyhatke) - C:\Users\Pushpak\
AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\
ojplmecpdpgccookcobabopnaifgidhf [2023-12-18]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters
(plaintext))) - C:\Users\Pushpak\AppData\Local\BraveSoftware\Brave-Browser\User
Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-12-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-12-18]
BRA Extension: (Brave NTP background images) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-10-13]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext)))
- C:\Users\Pushpak\AppData\Local\BraveSoftware\Brave-Browser\User Data\
bfpgedeaaibpoidldhjcknekahbikncb [2023-12-18]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-12-18]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\
Pushpak\AppData\Local\BraveSoftware\Brave-Browser\User Data\
cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-12-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\ckcgdbohephpcbegllbicpadgbifppfo [2023-12-18]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Pushpak\
AppData\Local\BraveSoftware\Brave-Browser\User Data\
gkboaolpopklhgplhaaiboijnklogmbc [2023-12-18]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Pushpak\AppData\
Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-
08-24]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\
Users\Pushpak\AppData\Local\BraveSoftware\Brave-Browser\User Data\
iodkpdagapdfkphljnddpjlldadblomo [2023-12-18]
BRA Extension: (Brave Ads Resources) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\kdkakecfnmlfifkhlekmfkmmkpgeckcl [2023-12-18]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Pushpak\AppData\
Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-
12-18]
BRA Extension: (Brave Ads Resources) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2023-12-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Pushpak\AppData\Local\
BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-12-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\

Service\Adobelmsvc.exe [68096 2021-01-09] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
[172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\
FlashPlayerUpdateService.exe [335416 2021-10-10] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5525576 2023-11-09]
(philandro Software GmbH -> AnyDesk Software GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6212880
2018-06-26] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-
08-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424
2023-08-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\
122.1.63.165\brave_vpn_helper.exe [2730008 2024-02-28] (Brave Software, Inc. ->
Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\
Application\122.1.63.165\BraveVpnWireguardService\brave_vpn_wireguard_service.exe
[10880024 2024-02-28] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\
OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft
Corporation)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448
2023-02-06] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496
2022-07-01] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\
service\EpicOnlineServicesHost.exe [16029456 2022-07-02] (Epic Games Inc. -> Epic
Games, Inc.)
R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{BFF2F0A8-5479-
4915-87BF-5212CC54A320} [46416 2022-05-07] (Microsoft Windows -> Microsoft
Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\
FileSyncHelper.exe [3515936 2024-02-25] (Microsoft Corporation -> Microsoft
Corporation)
S2 GoogleUpdaterInternalService124.0.6315.0; C:\Program Files (x86)\Google\
GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google
LLC) <==== ATTENTION
S2 GoogleUpdaterService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\
124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <====
ATTENTION
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080
2020-03-18] (HP Inc. -> HP Inc.)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
[1576464 2024-01-25] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\
hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\AppHelperCap.exe [895016 2024-02-03]
(HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\
hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\DiagsCap.exe [893888 2024-02-03] (HP
Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\
hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\NetworkCap.exe [890408 2024-02-03]
(HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\
hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152
2023-10-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\
HPPrintScanDoctorService.exe [230352 2023-07-27] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07]
(HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\
hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\SysInfoCap.exe [893992 2024-02-03]
(HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\
hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe
[493296 2023-11-20] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\
IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432
2022-10-20] (IObit CO., LTD -> IObit)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\
nvhmi.inf_amd64_674cea650fa52c0d\Display.NvContainer\NVDisplay.Container.exe
[1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\
OneDriveUpdaterService.exe [3853856 2024-02-25] (Microsoft Corporation -> Microsoft
Corporation)
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\
extjob.exe [102400 2006-02-02] () [File not signed]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\
omtsreco.exe [57616 2006-02-02] (Oracle Corporation) [File not signed]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
[59064320 2006-02-02] (Oracle Corporation) [File not signed]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\
OraClrAgnt.exe [45056 2006-02-02] () [File not signed]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\
tnslsnr.exe [204800 2006-02-02] () [File not signed]
R2 PCManager Service; C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe
[188336 2023-11-27] (Microsoft Corporation -> MSPCManagerService)
R2 pgxsrv; C:\Program Files (x86)\Protegent AV Cloud\pgxsrv.exe [4972848 2020-12-
27] (Unistal Systems Pvt. Ltd. -> )
R2 ReadyFor; C:\Program Files\Lenovo\Ready For Assistant\ReadyForService.exe
[297792 2023-02-24] (Lenovo -> Motorola)
R2 rsClientSvc; C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe [672400 2024-01-18]
(Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 SebWindowsServiceWCF; C:\Program Files (x86)\SecureExamBrowser\
SebWindowsServiceWCF.exe [167424 2021-09-06] (ETH Zurich) [File not signed]
R2 Tomcat10; C:\Program Files\Apache Software Foundation\Tomcat 10.1\bin\
Tomcat10.exe [145424 2023-04-15] (The Apache Software Foundation -> Apache Software
Foundation)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\
SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit
Technologies Co.Ltd)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\
WildTangentHelperService.exe [1685312 2023-02-10] (WildTangent, Inc. -> )
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\
Application\122.1.63.165\elevation_service.exe" [X]
S2 MariaDB; "E:\bin\mysqld.exe" "--defaults-file=E:\data\my.ini" "MariaDB"
R2 rsSyncSvc; C:\Program Files\RAVAntivirus\x64\rsSyncSvc.exe -rpn:ravantivirus -
lpn:rav_antivirus -url:hxxps://update.reasonsecurity.com/v1/live
S2 TurboVPNService; "E:\New folder\TurboVPN\turbo_vpn-service.exe" [X]
S4 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\Platform\4.18.24010.12-0\
NisSrv.exe" [X]
S4 WinDefend; "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\
MsMpEng.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

R1 Ahflt; C:\WINDOWS\System32\drivers\ahflt.sys [49704 2023-11-27] (Microsoft

Corporation -> Microsoft Corporation)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\
u0373661.inf_amd64_84f5580aaa963785\B373112\amdkmdag.sys [83114376 2022-01-11]
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [134784 2020-02-08] (Alcorlink
Corp. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-
27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-
06-27] (Apple Inc. -> Apple Inc.)
U5 cmn_enumroot; C:\Windows\System32\Drivers\cmn_enumroot.sys [20992 2015-01-26]
(Wirelss Device) [File not signed]
S3 ecmntdrv; C:\WINDOWS\system32\ecmntdrv.sys [36280 2023-02-17] (CHENGDU YIWO Tech
Development Co., Ltd. -> )
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows
Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU
YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft
Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\System32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft
Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\
googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-
11-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\
hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-
09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\
hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys
[23896 2022-01-24] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [53368 2023-12-07]
(HP Inc. -> Windows (R) Win 7 DDK provider)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\
win10_amd64\IUFileFilter.sys [43896 2023-01-13] (IObit Information Technology ->
IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\
win10_amd64\IUProcessFilter.sys [37112 2023-01-13] (IObit Information Technology ->
IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\
win10_amd64\IURegistryFilter.sys [51128 2023-01-13] (IObit Information Technology -
> IObit)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft
Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\
nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14]
(Nvidia Corporation -> NVIDIA Corporation)
S1 pgsecdl; C:\WINDOWS\System32\DRIVERS\pgsecdl.sys [34856 2021-01-20] (Unistal
Systems Pvt. Ltd. -> Windows (R) Win 7 DDK provider)
S1 pgsecdl; C:\Windows\SysWOW64\DRIVERS\pgsecdl.sys [34856 2021-01-20] (Unistal
Systems Pvt. Ltd. -> Windows (R) Win 7 DDK provider)
R2 RFDriveFs2; C:\Program Files\Lenovo\Ready For Assistant\drivers\FileSystem\
RFDriveFs2.sys [405216 2023-02-24] (Lenovo -> Motorola)
R1 rsCamFilter020502; C:\WINDOWS\system32\drivers\rsCamFilter020502.sys [48944
2024-01-18] (Reason CyberSecurity Inc. -> Reason Software Company)
S0 rsElam; C:\WINDOWS\System32\drivers\rsElam.sys [19944 2024-01-18] (Microsoft
Windows Early Launch Anti-malware Publisher -> Reason CyberSecurity Inc.)
R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [49456 2024-01-
18] (Reason CyberSecurity Inc. -> Windows (R) Win 7 DDK provider)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\
rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft
Windows -> Realtek)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62352 2022-01-24] (Realtek
Semiconductor Corp. -> Realtek)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys
[2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-30] (SOKNO S.R.L. ->
Almico Software)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-03-19] (Microsoft
Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [8209904 2022-06-03]
(Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [6166504 2022-09-02] (Tencent
Technology(Shenzhen) Company Limited -> TENCENT)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [81920 2022-10-05] (Microsoft
Corporation) [File not signed]
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\
vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. ->
Benjamin Hoeglinger-Stelzer)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
[40200 2023-11-17] (HP Inc. -> HP)
R1 WNPPORT64; C:\WINDOWS\System32\drivers\WNPPORT64.sys [55568 2019-03-16] (Biz
Secure Labs Pvt. Ltd. -> Windows (R) Win 7 DDK provider) [File not signed]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 MpKsl36302ba8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\
{E8E63D6C-7D57-4DF4-B675-C577D4D59624}\MpKslDrv.sys [X]
U4 MsSecFlt; no ImagePath
U4 Sense; no ImagePath
U4 SgrmAgent; no ImagePath
U4 SgrmBroker; no ImagePath
S4 WdBoot; system32\drivers\wd\WdBoot.sys [X]
S4 WdFilter; system32\drivers\wd\WdFilter.sys [X]
S4 WdNisDrv; system32\drivers\wd\WdNisDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-29 18:50 - 2024-02-29 18:55 - 000000000 ____D C:\FRST

2024-02-29 18:24 - 2024-02-29 18:24 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Microsoft_Corporation
2024-02-29 18:08 - 2024-02-29 18:08 - 000004226 _____ C:\WINDOWS\system32\Tasks\
Opera scheduled Autoupdate 1706008490
2024-02-29 18:08 - 2024-02-29 18:08 - 000001422 _____ C:\Users\Pushpak\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2024-02-29 18:07 - 2024-02-29 18:07 - 000000000 ____D C:\WINDOWS\system32\cache
2024-02-29 10:48 - 2024-02-29 10:48 - 000000000 ____D C:\Users\Pushpak\OneDrive\
Documents\NFSTR
2024-02-29 10:38 - 2024-02-29 10:38 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\by Decepticon
2024-02-29 00:55 - 2024-02-29 00:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\
Adobe Acrobat Update Task
2024-02-28 23:17 - 2024-02-29 18:34 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Updates
2024-02-28 23:17 - 2024-02-28 23:17 - 000014544 _____ (OpenLibSys.org) C:\WINDOWS\
system32\WinRing0x64.sys
2024-02-28 23:17 - 2024-02-28 23:17 - 000003296 _____ C:\WINDOWS\system32\Tasks\
Windows Service Task
2024-02-28 23:17 - 2024-02-28 23:17 - 000003260 _____ C:\WINDOWS\system32\Tasks\
Window Update
2024-02-28 23:17 - 2024-02-28 23:17 - 000000000 ____D C:\Program Files (x86)\
OceanofGames.ccom
2024-02-28 23:15 - 2024-02-28 23:15 - 000000224 _____ C:\AiOLog.txt
2024-02-28 23:14 - 2024-02-28 23:14 - 000114344 _____ (Oracle Corporation) C:\
WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2024-02-28 23:14 - 2024-02-28 23:14 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Java
2024-02-28 23:14 - 2024-02-28 23:14 - 000000000 ____D C:\Program Files (x86)\Java
2024-02-28 23:14 - 2023-04-17 23:40 - 000072848 _____ (Oracle Corporation) C:\
WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2024-02-28 23:13 - 2023-04-17 23:40 - 000072848 _____ (Oracle Corporation) C:\
WINDOWS\system32\WindowsAccessBridge-64.dll
2024-02-28 14:42 - 2024-02-28 14:46 - 000083316 _____ C:\Users\Pushpak\OneDrive\
Desktop\battery-report.html
2024-02-28 14:41 - 2024-02-28 14:41 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Wintoys
2024-02-28 14:26 - 2024-02-28 14:26 - 000000000 ____D C:\WINDOWS\pss
2024-02-25 19:40 - 2024-02-17 17:08 - 002031464 _____ C:\WINDOWS\system32\
vulkaninfo-1-999-0-0-0.exe
2024-02-25 19:40 - 2024-02-17 17:08 - 002031464 _____ C:\WINDOWS\system32\
vulkaninfo.exe
2024-02-25 19:40 - 2024-02-17 17:08 - 001578752 _____ C:\WINDOWS\SysWOW64\
vulkaninfo-1-999-0-0-0.exe
2024-02-25 19:40 - 2024-02-17 17:08 - 001578752 _____ C:\WINDOWS\SysWOW64\
vulkaninfo.exe
2024-02-25 19:40 - 2024-02-17 17:08 - 001487904 _____ (Khronos Group) C:\WINDOWS\
system32\OpenCL.dll
2024-02-25 19:40 - 2024-02-17 17:08 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-
999-0-0-0.dll
2024-02-25 19:40 - 2024-02-17 17:08 - 001445224 _____ C:\WINDOWS\system32\vulkan-
1.dll
2024-02-25 19:40 - 2024-02-17 17:08 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-
999-0-0-0.dll
2024-02-25 19:40 - 2024-02-17 17:08 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-
1.dll
2024-02-25 19:40 - 2024-02-17 17:08 - 001227296 _____ (Khronos Group) C:\WINDOWS\
SysWOW64\OpenCL.dll
2024-02-25 19:40 - 2024-02-17 17:05 - 001046152 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvml.dll
2024-02-25 19:40 - 2024-02-17 17:05 - 000669816 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvofapi64.dll
2024-02-25 19:40 - 2024-02-17 17:05 - 000505456 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvofapi.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 059965448 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\Drivers\nvlddmkm.sys
2024-02-25 19:40 - 2024-02-17 17:04 - 002173448 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\NvFBC64.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 001625096 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\NvFBC.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 001541640 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\NvIFR64.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 001199112 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\NvIFR.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 001024032 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvEncodeAPI64.dll
2024-02-25 19:40 - 2024-02-17 17:04 - 000842272 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvidia-smi.exe
2024-02-25 19:40 - 2024-02-17 17:04 - 000786952 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 016033824 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvcuvid.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 012928032 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcuvid.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 006780528 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvcuda.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 005773448 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcudadebugger.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 003721760 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcuda.dll
2024-02-25 19:40 - 2024-02-17 17:03 - 000459272 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvdebugdump.exe
2024-02-25 19:40 - 2024-02-17 17:02 - 005912712 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvcpl.dll
2024-02-25 19:40 - 2024-02-17 17:02 - 000853000 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\MCU.exe
2024-02-25 19:40 - 2024-02-17 17:01 - 006943344 _____ (NVIDIA Corporation) C:\
WINDOWS\system32\nvapi64.dll
2024-02-25 19:40 - 2024-02-17 17:01 - 006030584 _____ (NVIDIA Corporation) C:\
WINDOWS\SysWOW64\nvapi.dll
2024-02-25 19:40 - 2024-02-15 22:12 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-25 19:35 - 2024-02-25 19:35 - 000000729 _____ C:\Users\Pushpak\OneDrive\
Desktop\Visual Studio Code.lnk
2024-02-25 19:33 - 2024-02-25 19:33 - 000002082 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-25 19:32 - 2024-02-25 19:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\
OneDrive Per-Machine Standalone Update Task
2024-02-25 19:32 - 2024-02-25 19:32 - 000002139 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\OneDrive.lnk
2024-02-20 16:19 - 2024-02-20 16:19 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Windows Master
2024-02-20 16:18 - 2024-02-20 16:18 - 000002687 _____ C:\Users\Pushpak\OneDrive\
Desktop\IDLE (Python 3.9 64-bit).lnk
2024-02-18 16:56 - 2024-02-18 16:56 - 000001360 _____ C:\Users\Pushpak\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Quick Share from Google.lnk
2024-02-16 15:24 - 2024-02-16 15:24 - 000000000 ____D C:\Program Files\Common
Files\DESIGNER
2024-02-14 16:34 - 2024-02-14 16:36 - 000000000 ___HD C:\$WinREAgent
2024-02-12 16:31 - 2024-02-12 16:31 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.9
2024-02-12 16:31 - 2024-02-12 16:31 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Package Cache
2024-02-07 14:53 - 2024-02-07 14:53 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Playtime_Chapter3
2024-02-06 15:33 - 2024-02-25 19:31 - 000003676 _____ C:\WINDOWS\SysWOW64\
pubfreeware.ini
2024-02-06 15:00 - 2024-02-06 15:00 - 000003582 _____ C:\WINDOWS\system32\Tasks\
Pushpak
2024-02-02 23:02 - 2024-02-08 16:39 - 000004020 _____ C:\WINDOWS\system32\Tasks\
HPOneAgentRepairTask
2024-02-02 22:55 - 2024-02-02 22:55 - 000004108 _____ C:\WINDOWS\system32\Tasks\
OmenOverlayCustomEvent
2024-02-02 22:55 - 2024-02-02 22:55 - 000003706 _____ C:\WINDOWS\system32\Tasks\
OmenOverlay
2024-02-02 22:54 - 2024-02-02 22:54 - 000004168 _____ C:\WINDOWS\system32\Tasks\
OmenInstallMonitorCustomEvent
2024-02-02 22:54 - 2024-02-02 22:54 - 000004144 _____ C:\WINDOWS\system32\Tasks\
SystemOptimizerCustomEvent
2024-02-02 22:54 - 2024-02-02 22:54 - 000003766 _____ C:\WINDOWS\system32\Tasks\
OmenInstallMonitor
2024-02-02 22:54 - 2024-02-02 22:54 - 000003742 _____ C:\WINDOWS\system32\Tasks\
SystemOptimizer
2024-02-02 22:48 - 2024-02-02 22:48 - 000000000 ____D C:\WINDOWS\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-29 18:54 - 2022-10-05 18:57 - 000004172 _____ C:\WINDOWS\system32\Tasks\

User_Feed_Synchronization-{CCFEB15E-9906-4F5E-9BF8-76C2C1C8BA92}
2024-02-29 18:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-29 18:53 - 2021-01-09 01:24 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\Packages
2024-02-29 18:50 - 2023-08-24 13:57 - 000002381 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Brave.lnk
2024-02-29 18:50 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\Registration
2024-02-29 18:49 - 2022-05-07 10:54 - 000000000 ____D C:\ProgramData\regid.1991-
06.com.microsoft
2024-02-29 18:39 - 2022-01-09 12:27 - 000000000 ____D C:\ProgramData\ProductData
2024-02-29 18:35 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-29 18:35 - 2020-12-14 06:36 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-29 18:34 - 2023-03-24 21:52 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-29 18:34 - 2022-10-05 18:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-29 18:34 - 2022-10-05 18:51 - 000000000 ____D C:\WINDOWS\system32\
SleepStudy
2024-02-29 18:34 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files\Windows
Defender
2024-02-29 18:34 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files (x86)\
Windows Defender
2024-02-29 18:34 - 2022-03-28 11:17 - 000000126 _____ C:\ProgramData\PGHAV.xml
2024-02-29 18:34 - 2021-01-20 12:38 - 000000000 ____D C:\Program Files (x86)\
Protegent AV Cloud
2024-02-29 18:34 - 2020-12-14 06:36 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-29 18:28 - 2022-10-05 18:27 - 000000000 ____D C:\WINDOWS\Firmware
2024-02-29 18:28 - 2022-05-07 10:52 - 000000000 ____D C:\WINDOWS\INF
2024-02-29 18:28 - 2022-05-07 10:47 - 001048576 _____ C:\WINDOWS\system32\config\
BBI
2024-02-29 18:19 - 2021-03-27 19:09 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\ElevatedDiagnostics
2024-02-29 18:14 - 2022-05-07 10:54 - 000000000 ___RD C:\WINDOWS\
ImmersiveControlPanel
2024-02-29 18:07 - 2022-05-07 10:54 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-29 18:07 - 2021-01-09 01:37 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\PlaceholderTileLogoFolder
2024-02-29 18:07 - 2020-12-14 06:34 - 000000000 ____D C:\ProgramData\Packages
2024-02-29 09:31 - 2022-05-07 10:47 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-29 09:25 - 2021-12-29 22:42 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\OGH
2024-02-28 22:29 - 2021-01-09 01:44 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\vlc
2024-02-28 15:23 - 2021-05-06 10:54 - 000000579 _____ C:\WINDOWS\system32\Drivers\
etc\hosts.ics
2024-02-28 14:55 - 2021-03-19 15:43 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Code
2024-02-28 13:54 - 2021-03-19 18:37 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\PowerPoint
2024-02-28 13:37 - 2021-01-18 14:00 - 000000000 ____D C:\Users\Pushpak\Downloads\
Telegram Desktop
2024-02-27 15:17 - 2021-01-09 01:45 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Office
2024-02-26 14:47 - 2021-01-09 01:24 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\D3DSCache
2024-02-26 14:30 - 2022-10-05 18:51 - 000944980 _____ C:\WINDOWS\system32\
PerfStringBackup.INI
2024-02-25 20:00 - 2022-10-05 18:51 - 000001607 _____ C:\WINDOWS\system32\config\
VSMIDK
2024-02-25 20:00 - 2021-12-31 16:19 - 000000000 ____D C:\Program Files\Microsoft
OneDrive
2024-02-25 19:45 - 2021-02-28 11:47 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\NVIDIA
2024-02-25 19:38 - 2020-06-28 16:05 - 000002445 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-25 19:35 - 2021-03-19 15:08 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-02-25 19:32 - 2022-10-05 18:57 - 000003596 _____ C:\WINDOWS\system32\Tasks\
OneDrive Reporting Task-S-1-5-21-2048706772-2546835122-4286667131-1001
2024-02-25 19:32 - 2022-10-05 18:57 - 000003536 _____ C:\WINDOWS\system32\Tasks\
MicrosoftEdgeUpdateTaskMachineUA
2024-02-25 19:32 - 2022-10-05 18:57 - 000003412 _____ C:\WINDOWS\system32\Tasks\
MicrosoftEdgeUpdateTaskMachineCore
2024-02-22 17:50 - 2021-02-27 10:46 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Excel
2024-02-22 17:50 - 2021-01-09 01:45 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Word
2024-02-22 17:23 - 2022-03-28 11:53 - 000000000 ____D C:\Program Files (x86)\
SpeedFan
2024-02-22 11:30 - 2022-10-05 18:28 - 000000000 ____D C:\Users\Pushpak
2024-02-21 22:04 - 2021-07-19 18:38 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\HTML Help
2024-02-20 16:19 - 2023-12-20 15:07 - 000000000 ____D C:\Program Files\Microsoft PC
Manager
2024-02-20 16:19 - 2022-11-08 17:01 - 000000000 ____D C:\ProgramData\Windows Master
2024-02-20 16:19 - 2021-01-09 01:31 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\CrashDumps
2024-02-16 16:57 - 2022-10-20 17:24 - 000095848 _____ (Microsoft Corporation) C:\
WINDOWS\system32\xgamehelper.exe
2024-02-16 16:57 - 2022-10-20 17:24 - 000075256 _____ (Microsoft Corporation) C:\
WINDOWS\system32\xgamecontrol.exe
2024-02-16 16:57 - 2021-11-20 08:37 - 000202344 _____ (Microsoft Corporation) C:\
WINDOWS\system32\gamelaunchhelper.dll
2024-02-16 16:57 - 2021-01-09 01:20 - 002713080 _____ (Microsoft Corporation) C:\
WINDOWS\system32\xgameruntime.dll
2024-02-16 16:57 - 2021-01-09 01:20 - 000218728 _____ (Microsoft Corporation) C:\
WINDOWS\system32\gameconfighelper.dll
2024-02-16 16:57 - 2021-01-08 17:56 - 000144888 _____ (Microsoft Corporation) C:\
WINDOWS\system32\gamingtcuihelpers.dll
2024-02-16 15:31 - 2021-01-09 01:43 - 000002254 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-16 15:23 - 2022-08-08 13:30 - 000000000 ____D C:\Program Files\Microsoft
Office
2024-02-15 15:58 - 2022-10-09 17:23 - 000000000 ____D C:\Program Files (x86)\
AnyDesk
2024-02-15 15:34 - 2022-05-07 10:47 - 000032768 _____ C:\WINDOWS\system32\config\
ELAM
2024-02-14 23:21 - 2023-10-03 17:28 - 000000000 ____D C:\WINDOWS\system32\
Microsoft-Edge-WebView
2024-02-14 23:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 23:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 23:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 23:20 - 2021-01-18 20:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 23:17 - 2021-01-18 20:04 - 191155960 ____C (Microsoft Corporation) C:\
WINDOWS\system32\MRT.exe
2024-02-14 21:50 - 2022-10-05 18:52 - 003212800 _____ (Microsoft Corporation) C:\
WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 15:30 - 2023-04-08 15:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\
Google
2024-02-14 15:30 - 2021-01-09 01:43 - 000000000 ____D C:\Program Files\Google
2024-02-13 15:57 - 2021-01-09 08:43 - 000000000 ____D C:\Users\Pushpak\.idlerc
2024-02-13 15:13 - 2021-08-15 08:12 - 000002177 _____ C:\ProgramData\Microsoft\
Windows\Start Menu\Programs\Google Drive.lnk
2024-02-13 15:13 - 2021-08-15 08:12 - 000002097 _____ C:\Users\Pushpak\OneDrive\
Desktop\Google Slides.lnk
2024-02-13 15:13 - 2021-08-15 08:12 - 000002097 _____ C:\Users\Pushpak\OneDrive\
Desktop\Google Sheets.lnk
2024-02-13 15:13 - 2021-08-15 08:12 - 000002085 _____ C:\Users\Pushpak\OneDrive\
Desktop\Google Docs.lnk
2024-02-13 15:13 - 2021-08-15 08:12 - 000002061 _____ C:\Users\Pushpak\OneDrive\
Desktop\Google Drive.lnk
2024-02-12 18:22 - 2022-02-12 14:18 - 000000000 ____D C:\Users\Pushpak\OneDrive\
Documents\NFS Most Wanted
2024-02-12 15:29 - 2021-10-18 15:24 - 000000000 ____D C:\Users\Pushpak\AppData\
Roaming\Microsoft\Teams
2024-02-08 16:39 - 2020-06-28 16:05 - 000000000 ____D C:\ProgramData\HP
2024-02-07 15:46 - 2022-05-10 18:45 - 000000000 ____D C:\Program Files\RAVAntivirus
2024-02-07 14:53 - 2021-01-09 13:14 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\UnrealEngine
2024-02-06 14:53 - 2022-09-07 16:08 - 000000000 ____D C:\ProgramData\Microsoft\
Windows\Start Menu\Games
2024-02-04 12:48 - 2022-02-26 12:30 - 000000000 ____D C:\Users\Pushpak\AppData\
Local\ForzaHorizon5
2024-02-02 23:02 - 2020-06-28 16:05 - 000000000 ____D C:\Program Files\HP

==================== Files in the root of some directories ========

2001-05-08 14:18 - 2001-05-08 14:18 - 000000000 ____H () C:\ProgramData\sdpsenv.dat

2021-03-28 19:57 - 2013-06-07 16:45 - 000000436 _____ () C:\Users\Pushpak\
apache_start.bat
2021-03-28 19:57 - 2021-03-28 20:04 - 000000176 _____ () C:\Users\Pushpak\
apache_stop.bat
2021-01-08 18:20 - 2011-09-20 01:55 - 000049152 _____ (Biz Secure Labs Pvt Ltd.)
C:\Users\Pushpak\NPProt.exe
2022-05-21 16:39 - 2022-05-21 16:39 - 000000068 _____ () C:\Users\Pushpak\AppData\
Roaming\changzhi_leidian.data
2022-05-21 16:39 - 2022-05-21 16:39 - 000000128 _____ () C:\Users\Pushpak\AppData\
Roaming\changzhi_leidianmac.data
2022-07-11 16:07 - 2022-07-11 16:07 - 000000203 _____ () C:\Users\Pushpak\AppData\
Roaming\da77c513-b2b9-4a65-b601-f7d9d6a62f39.tmp
2021-08-16 19:44 - 2021-08-16 19:44 - 000000128 ____H () C:\Users\Pushpak\AppData\
Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2023-12-06 09:08 - 2023-12-06 09:08 - 000000058 _____ () C:\Users\Pushpak\AppData\
Roaming\epm_user.ini
2021-08-16 19:48 - 2021-08-16 19:48 - 000000016 _____ () C:\Users\Pushpak\AppData\
Roaming\obs-virtualcam.txt
2021-04-05 11:04 - 2023-03-29 13:15 - 000007597 _____ () C:\Users\Pushpak\AppData\
Local\resmon.resmoncfg
2021-08-10 14:21 - 2021-08-10 14:21 - 000017408 _____ () C:\Users\Pushpak\AppData\
Local\WebpageIcons.db

==================== FLock ==============================

2024-01-24 10:52 C:\WINDOWS\system32\smartscreen.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================