In Progress How do i Delete SEGURAZO?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Samueltochhawng

Thread Starter
Joined
Aug 26, 2019
Messages
3
There's a malware virus called Segurazo and it disguise as an antivirus. This virus just installed itself in my pc and it eats my ram memories like crazy. Because of this i had to fresh reboot my computer, so i did. And today, this thing just installed itself again! I can't remove or delete this application, can't even rename it. So please help me.
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
983
Hi Samueltochhawng, welcome to the Tech Support Guy malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you have questions at any time during the cleanup, feel free to ask.
---------------------------------------------------
Farbar Recovery Scan Tool (FRST)

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.
  • Right-click FRST.exe/FRST64.exe then click "Run as administrator"
  • When the tool opens, click Yes to the disclaimer.
  • Press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste the logs in your next reply.
---------------------------------------------------

In your next reply, please include:
  • FRST.txt
  • Addition.txt
 

Samueltochhawng

Thread Starter
Joined
Aug 26, 2019
Messages
3
FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by Samderp (administrator) on DESKTOP-VHSUTFO (26-08-2019 20:47:08)
Running from C:\Users\Samderp\Desktop
Loaded Profiles: Samderp (Available Profiles: Samderp)
Platform: Windows 10 Pro Version 1903 18362.239 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoClient.exe
(Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoIC.exe
(Digital Communications Inc. -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Samderp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18111.17311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Samderp\AppData\Local\WhatsApp\app-0.3.4375\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Samderp\AppData\Local\WhatsApp\app-0.3.4375\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Samderp\AppData\Local\WhatsApp\app-0.3.4375\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Samderp\AppData\Local\WhatsApp\app-0.3.4375\WhatsApp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1571696 2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\...\Run: [Discord] => C:\Users\Samderp\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\...\Run: [Chromium] => c:\users\samderp\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\...\RunOnce: [Application Restart #3] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [370688 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-09-12] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-09-12] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-25] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20E227A0-62A2-4A64-909F-246174792F32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2974CDBD-C981-4E45-98AB-872A1A30789A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-25] (Google Inc -> Google LLC)
Task: {6CC3EEAC-A841-49D6-ACDB-4253C56AB73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-25] (Google Inc -> Google LLC)
Task: {8021038E-BA36-4629-9C68-5A43AAC4FB88} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {817A73DE-8FA1-45C4-8CE8-9DCE31FBC350} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-VHSUTFO-Samderp => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9E58E3D2-E415-4AA3-A904-B0E01270A1F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C0CAF930-F061-4E2C-BDDA-6F788BCA956B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F996915E-FB11-4B57-8677-4EB46FAEE829} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d2d3973-cb70-4a02-bba5-6dd60a0c2f21}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ba6bf7a7-7af9-4219-beff-356ec672e5cd}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f20cf9b6-eae8-4187-a0fc-f5e792e29799}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise
HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_rfhuixn_19_10_ssg363d&param1=1&param2=f%3D1%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DyDzzyEtN0D0Tzu0StByCtBtAtN1L2XzuyEtFyEyDtFtDtFyDtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBzytCtBtCtA0FtBtGtC0E0FyDtGtAyCyB0FtGyCzyzyzztGyCtC0B0CtCzzyEyByD0C0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDtC1R1S1Q1Q1TtG1RtB1O1RtGyEyE1OtDtGzz1Q1OyBtGtD1R1TyEyCyDzyyE1RyD1O1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyDtBtDtAtCtCzztC%26cr%3D1772677370%26a%3Dwbf_rfhuixn_19_10_ssg363d%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3075933780-3193734538-1635283899-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3075933780-3193734538-1635283899-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}

FireFox:
========
FF ProfilePath: C:\Users\Samderp\AppData\Roaming\Mozilla\Firefox\Profiles\7sfzgwcl.default [2019-08-26]
FF Homepage: Mozilla\Firefox\Profiles\7sfzgwcl.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190825
FF NewTab: Mozilla\Firefox\Profiles\7sfzgwcl.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190825
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-25] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-08-25] (Google Inc -> Google LLC)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-3075933780-3193734538-1635283899-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\jxfruiecgt1.js [2019-08-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\jxfruiecgt1.cfg [2019-08-25] <==== ATTENTION

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (Slides) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-25]
CHR Extension: (Docs) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-25]
CHR Extension: (Google Drive) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-25]
CHR Extension: (Search Manager) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2019-08-25]
CHR Extension: (YouTube) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-25]
CHR Extension: (Hola Video Accelerator) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgpmaaockmdehmidghebcjafhihlgha [2019-08-26]
CHR Extension: (AdBlock on YouTube™) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\emngkmlligggbbiioginlkphcmffbncb [2019-08-26]
CHR Extension: (Sheets) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-25]
CHR Extension: (Ad-Blocker Pro) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fenfpfipldcdebkpiboonlpnoklcnepg [2019-08-26]
CHR Extension: (Google Docs Offline) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-26]
CHR Extension: (AdBlock) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-26]
CHR Extension: (StopAll Ads) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikbpaigdncgooaokibbmbmginfbgjaa [2019-08-26]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-08-26]
CHR Extension: (Adblock for Facebook™) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2019-08-26]
CHR Extension: (Black red shards) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2019-08-26]
CHR Extension: (Ad-Blocker) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kacljcbejojnapnmiifgckbafkojcncf [2019-08-26]
CHR Extension: (AdBlocker for YouTube™) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\naihbfkjlampnpbnohcehoedklmejhmh [2019-08-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-08-25]
CHR Extension: (Gmail) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Samderp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-25]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"SegurazoIC" => service was unlocked. <==== ATTENTION

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4473448 2019-08-09] (Digital Communications Inc. -> Digital Communications Inc)
R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [250472 2019-08-09] (Digital Communications Inc. -> Digital Communications Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5773384 2019-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-08-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-08-25] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 hidkmdf; C:\Windows\System32\drivers\hidkmdf.sys [14136 2013-11-12] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84256 2019-08-01] (Digital Communications Inc. -> Digital Communications Inc)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2019-07-14] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [344288 2019-08-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-26] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2019-08-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 20:47 - 2019-08-26 20:47 - 000028840 _____ C:\Users\Samderp\Desktop\FRST.txt
2019-08-26 20:46 - 2019-08-26 20:47 - 000000000 ____D C:\FRST
2019-08-26 20:41 - 2019-08-26 20:42 - 001613312 _____ (Farbar) C:\Users\Samderp\Desktop\FRST64.exe
2019-08-26 19:41 - 2019-08-26 19:41 - 000000000 ___HD C:\OneDriveTemp
2019-08-26 16:29 - 2019-08-26 16:29 - 000000000 ____D C:\Users\Samderp\AppData\Local\UnrealEngine
2019-08-26 16:29 - 2019-08-26 16:29 - 000000000 ____D C:\Users\Samderp\AppData\Local\ShadowTrackerExtra
2019-08-26 16:23 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-08-26 16:23 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-08-26 16:23 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-08-26 16:23 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-08-26 16:23 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-08-26 16:23 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-08-26 16:23 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-08-26 16:23 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-08-26 16:23 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-08-26 16:23 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-08-26 16:23 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-08-26 16:23 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-08-26 16:23 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-08-26 16:23 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-08-26 16:23 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-08-26 16:23 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-08-26 16:23 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-08-26 16:23 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-08-26 16:23 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-08-26 16:23 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-08-26 16:23 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-08-26 16:23 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-08-26 16:23 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-08-26 16:23 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-08-26 16:23 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-08-26 16:23 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-08-26 16:23 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-08-26 16:23 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-08-26 16:23 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-08-26 16:23 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-08-26 16:23 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-08-26 16:23 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-08-26 16:23 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-08-26 16:23 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-08-26 16:23 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-08-26 16:23 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-08-26 16:23 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-08-26 16:23 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-08-26 16:22 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-08-26 16:22 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-08-26 16:22 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-08-26 16:22 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-08-26 16:22 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-08-26 16:22 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-08-26 16:22 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-08-26 16:22 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-08-26 16:22 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-08-26 16:22 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-08-26 16:22 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-08-26 16:22 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-08-26 16:22 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-08-26 16:22 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-08-26 16:22 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-08-26 16:22 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-08-26 16:22 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-08-26 16:22 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-08-26 16:22 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-08-26 16:22 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-08-26 16:22 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-08-26 16:22 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-08-26 16:22 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-08-26 16:22 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-08-26 16:22 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-08-26 16:22 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-08-26 16:22 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-08-26 16:22 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-08-26 16:22 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-08-26 16:22 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-08-26 16:22 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-08-26 16:22 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-08-26 16:22 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-08-26 16:22 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-08-26 16:22 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-08-26 16:22 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-08-26 16:22 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-08-26 16:22 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-08-26 16:22 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-08-26 16:22 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-08-26 16:22 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-08-26 16:22 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-08-26 16:22 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-08-26 16:22 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-08-26 16:22 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-08-26 16:22 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-08-26 16:22 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-08-26 16:22 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-08-26 16:22 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-08-26 16:22 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-08-26 16:22 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-08-26 16:22 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-08-26 16:22 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-08-26 16:22 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-08-26 16:22 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-08-26 16:22 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-08-26 16:22 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-08-26 16:22 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-08-26 16:22 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-08-26 16:22 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-08-26 16:22 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-08-26 16:22 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-08-26 16:22 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-08-26 16:22 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-08-26 16:22 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-08-26 16:22 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-08-26 16:22 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-08-26 16:22 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-08-26 16:22 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-08-26 16:22 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-08-26 16:22 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-08-26 16:22 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-08-26 16:22 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-08-26 16:22 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-08-26 16:22 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-08-26 16:22 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-08-26 16:22 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-08-26 16:22 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-08-26 16:22 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-08-26 16:22 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-08-26 16:17 - 2019-08-26 18:06 - 000000000 ____D C:\Users\Samderp\AppData\Local\chromium
2019-08-26 16:16 - 2019-08-26 16:21 - 000000000 ____D C:\Users\Samderp\AppData\Local\{8E7BB827-AAD3-D49F-C74B-F177E3230DEF}
2019-08-26 16:16 - 2019-08-26 16:16 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\segurazoclient
2019-08-26 16:16 - 2019-08-26 16:16 - 000000000 ____D C:\ProgramData\{885BB467-A073-CC1F-F82B-E43710C33CEF}
2019-08-26 16:15 - 2019-08-26 20:46 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-08-26 16:15 - 2019-08-26 16:23 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-08-26 16:15 - 2019-08-26 16:21 - 000000000 ____D C:\ProgramData\qgdij
2019-08-26 16:15 - 2019-08-26 16:16 - 000000000 ____D C:\ProgramData\Segurazo
2019-08-26 16:15 - 2019-08-26 16:15 - 000292184 _____ (Microsoft Corporation) C:\Users\Samderp\Downloads\dxwebsetup.exe
2019-08-26 16:15 - 2019-08-26 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
2019-08-26 16:12 - 2019-08-26 16:12 - 002316008 _____ ( ) C:\Users\Samderp\Downloads\dxwebsetup_2479703636.exe
2019-08-26 16:02 - 2019-08-26 16:29 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2019-08-26 16:02 - 2019-08-26 16:02 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2019-08-26 16:01 - 2019-08-26 16:01 - 000000000 ____D C:\ProgramData\PUBG
2019-08-26 15:59 - 2019-08-26 15:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-08-26 13:10 - 2019-08-26 13:10 - 000003688 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-VHSUTFO-Samderp
2019-08-26 13:00 - 2019-08-26 13:00 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\WTablet
2019-08-26 12:56 - 2019-08-26 12:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2019-08-26 12:56 - 2019-08-26 12:56 - 000000000 ____D C:\Program Files\TabletPlugins
2019-08-26 12:56 - 2019-08-26 12:56 - 000000000 ____D C:\Program Files\Tablet
2019-08-26 12:56 - 2019-08-26 12:56 - 000000000 ____D C:\Program Files (x86)\TabletPlugins
2019-08-26 12:56 - 2013-12-04 22:05 - 001945880 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001938712 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001808152 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001805080 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001604376 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001596696 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001483032 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2019-08-26 12:56 - 2013-12-04 22:05 - 001479960 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2019-08-26 12:56 - 2013-11-12 05:46 - 000090424 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2019-08-26 12:56 - 2013-11-12 05:46 - 000015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2019-08-26 12:56 - 2013-11-12 05:46 - 000014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2019-08-26 12:56 - 2012-12-12 03:42 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2019-08-26 12:56 - 2012-12-12 03:42 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2019-08-26 11:58 - 2019-08-26 11:58 - 000000000 ____D C:\Users\Samderp\AppData\Local\WhatsApp
2019-08-26 11:55 - 2019-08-26 11:58 - 126674352 _____ (WhatsApp) C:\Users\Samderp\Downloads\WhatsAppSetup.exe
2019-08-26 11:51 - 2019-08-26 19:42 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\WhatsApp
2019-08-26 11:51 - 2019-08-26 11:58 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-08-26 10:42 - 2019-08-26 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2019-08-26 10:41 - 2019-08-26 10:41 - 000000000 ____D C:\Program Files\Pixologic
2019-08-26 10:25 - 2019-08-26 20:44 - 000000000 ____D C:\Users\Samderp\AppData\LocalLow\uTorrent
2019-08-26 07:05 - 2019-08-26 11:13 - 000000000 ____D C:\Windows\Panther
2019-08-26 07:01 - 2019-08-26 07:01 - 000000000 ____D C:\Windows.old
2019-08-26 06:08 - 2019-08-26 06:08 - 000000000 _SHDL C:\Documents and Settings
2019-08-26 06:07 - 2019-08-26 19:41 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-26 06:07 - 2019-08-26 10:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-08-26 06:07 - 2019-08-26 06:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-08-26 06:07 - 2019-08-26 06:07 - 000000000 ____D C:\ProgramData\USOShared
2019-08-26 06:06 - 2019-08-26 19:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-26 06:06 - 2019-08-26 13:00 - 000995320 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-26 06:06 - 2019-08-26 06:06 - 000000000 ____D C:\Windows\ServiceProfiles
2019-08-25 21:45 - 2019-08-25 21:45 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Google
2019-08-25 21:27 - 2019-08-25 21:27 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-25 20:29 - 2019-08-25 20:29 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\NVIDIA
2019-08-25 20:25 - 2019-08-25 20:25 - 000000000 ____D C:\Users\Samderp\AppData\LocalLow\Adobe
2019-08-25 20:25 - 2019-08-25 20:25 - 000000000 ____D C:\Users\Samderp\AppData\Local\CEF
2019-08-25 20:22 - 2019-08-25 20:22 - 000000000 ____D C:\Users\Samderp\Documents\Adobe
2019-08-25 20:20 - 2019-08-26 20:40 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-08-25 20:20 - 2019-08-25 21:18 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-25 20:17 - 2019-08-26 20:38 - 000000000 ____D C:\ProgramData\Adobe
2019-08-25 20:17 - 2019-08-26 10:25 - 000000000 ____D C:\Users\Samderp\AppData\Local\Adobe
2019-08-25 20:17 - 2019-08-25 20:02 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-08-25 20:14 - 2019-08-25 20:14 - 000000000 ____D C:\Users\Samderp\AppData\Local\OneDrive
2019-08-25 20:06 - 2019-08-26 20:29 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Discord
2019-08-25 20:06 - 2019-08-26 11:58 - 000000000 ____D C:\Users\Samderp\AppData\Local\SquirrelTemp
2019-08-25 20:06 - 2019-08-25 20:06 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-08-25 20:06 - 2019-08-25 20:06 - 000000000 ____D C:\Users\Samderp\AppData\Local\Discord
2019-08-25 20:01 - 2019-08-25 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2019-08-25 19:57 - 2019-08-25 19:57 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-25 19:57 - 2019-08-25 19:57 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-25 19:54 - 2019-08-26 20:38 - 000000000 ____D C:\Users\Samderp\AppData\Local\BitTorrentHelper
2019-08-25 19:54 - 2019-08-25 20:15 - 000000400 __RSH C:\ProgramData\ntuser.pol
2019-08-25 19:52 - 2019-08-25 19:52 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Media Player Classic
2019-08-25 19:31 - 2019-08-26 10:34 - 000000000 ____D C:\Users\Samderp\AppData\Local\Google
2019-08-25 19:31 - 2019-08-25 21:27 - 000000000 ____D C:\Program Files (x86)\Google
2019-08-25 19:31 - 2019-08-25 19:31 - 001151544 _____ (Google LLC) C:\Users\Samderp\Downloads\ChromeSetup.exe
2019-08-25 19:14 - 2016-07-30 13:37 - 000000000 ____D C:\Users\Samderp\Downloads\Disk Drill 1.0.187
2019-08-25 18:47 - 2019-08-25 19:14 - 015415849 _____ C:\Users\Samderp\Downloads\Disk Drill 1.0.187.rar
2019-08-25 18:44 - 2019-08-25 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Lavasoft
2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Users\Samderp\AppData\Local\PeerDistRepub
2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Users\Samderp\AppData\Local\Lavasoft
2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-08-25 18:41 - 2019-08-26 10:28 - 000000000 ____D C:\Users\Samderp\AppData\Local\PlaceholderTileLogoFolder
2019-08-25 18:41 - 2019-08-25 19:38 - 000000000 ____D C:\Users\Samderp\AppData\Local\DiskDrill
2019-08-25 18:41 - 2019-08-25 18:41 - 000000000 ____D C:\Users\Samderp\AppData\Local\CrashRpt
2019-08-25 18:41 - 2019-08-25 18:41 - 000000000 ____D C:\Program Files (x86)\CleverFiles
2019-08-25 18:39 - 2019-08-26 18:06 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-25 18:38 - 2019-08-25 18:38 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-08-25 18:37 - 2019-08-25 18:37 - 000000000 ____D C:\ProgramData\Lavasoft
2019-08-25 18:36 - 2019-08-26 20:41 - 000000000 ____D C:\Program Files\WinRAR
2019-08-25 18:36 - 2019-08-25 19:14 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\WinRAR
2019-08-25 18:35 - 2019-08-25 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-08-25 18:35 - 2019-08-25 18:35 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-08-25 18:35 - 2013-09-12 23:30 - 000127488 _____ C:\Windows\system32\ff_vfw.dll
2019-08-25 18:35 - 2013-09-12 23:30 - 000112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2019-08-25 18:35 - 2013-08-22 22:39 - 000256088 _____ C:\Windows\system32\unrar64.dll
2019-08-25 18:35 - 2013-08-22 22:39 - 000217176 _____ C:\Windows\SysWOW64\unrar.dll
2019-08-25 18:35 - 2013-03-17 22:52 - 003554304 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2019-08-25 18:35 - 2013-03-17 21:51 - 003649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2019-08-25 18:35 - 2012-07-21 16:25 - 000180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2019-08-25 18:35 - 2012-07-21 16:24 - 000122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2019-08-25 18:35 - 2011-12-07 23:07 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll
2019-08-25 18:35 - 2011-12-07 23:02 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2019-08-25 18:35 - 2011-06-24 20:15 - 000258560 _____ C:\Windows\system32\xvidvfw.dll
2019-08-25 18:35 - 2011-06-24 20:14 - 000243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2019-08-25 18:35 - 2011-06-24 20:01 - 000703488 _____ C:\Windows\system32\xvidcore.dll
2019-08-25 18:35 - 2011-06-24 19:58 - 000650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2019-08-25 18:30 - 2019-08-26 19:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-25 18:30 - 2019-08-25 18:31 - 000000000 ____D C:\Users\Samderp\AppData\Local\NVIDIA
2019-08-25 18:30 - 2019-08-25 18:30 - 000000000 ____D C:\Users\Samderp\AppData\Local\NVIDIA Corporation
2019-08-25 18:30 - 2019-08-25 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-08-25 18:30 - 2019-08-25 18:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-25 18:30 - 2015-06-17 14:52 - 001756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2019-08-25 18:30 - 2015-06-17 14:52 - 001571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-08-25 18:30 - 2015-06-17 14:52 - 001320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-08-25 18:30 - 2015-06-17 14:52 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2019-08-25 18:30 - 2015-06-17 14:52 - 000112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-08-25 18:30 - 2015-06-17 12:00 - 006873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-08-25 18:30 - 2015-06-17 12:00 - 003492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-08-25 18:30 - 2015-06-17 12:00 - 002558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-08-25 18:30 - 2015-06-17 12:00 - 000937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2019-08-25 18:30 - 2015-06-17 12:00 - 000385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-08-25 18:30 - 2015-06-17 12:00 - 000062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-08-25 18:30 - 2015-06-17 11:29 - 000571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2019-08-25 18:30 - 2015-06-14 09:48 - 004421614 _____ C:\Windows\system32\nvcoproc.bin
2019-08-25 18:30 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-08-25 18:30 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-08-25 18:30 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-08-25 18:30 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-08-25 18:30 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-08-25 18:30 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-08-25 18:29 - 2019-08-25 18:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-25 18:29 - 2019-08-25 18:29 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-25 18:29 - 2019-08-25 18:29 - 000000000 ____D C:\NVIDIA
2019-08-25 18:29 - 2015-06-17 14:52 - 042729104 _____ C:\Windows\system32\nvcompiler.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 037748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 030511248 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 022969672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 018448696 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 016153760 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 015980256 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 015825280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 014505928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 013270248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 012946888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 011838752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 011095696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2019-08-25 18:29 - 2015-06-17 14:52 - 003328864 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 002942448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 002360464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 002162320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001162608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 001050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000988544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000891688 _____ C:\Windows\system32\nvmcumd.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000792528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000636784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000384464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000374600 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000340624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000314936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2019-08-25 18:29 - 2015-06-17 14:52 - 000177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000155464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2019-08-25 18:29 - 2015-06-17 14:52 - 000040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-08-25 18:29 - 2015-06-17 14:52 - 000031976 _____ C:\Windows\system32\nvinfo.pb
2019-08-25 18:26 - 2019-08-25 18:26 - 000000000 ___HD C:\Users\Samderp\MicrosoftEdgeBackups
2019-08-25 18:05 - 2019-08-25 18:05 - 000000000 ____D C:\Users\Samderp\AppData\Local\Comms
2019-08-25 18:05 - 2019-08-25 18:05 - 000000000 ____D C:\ProgramData\Packages
2019-08-25 18:01 - 2019-08-25 20:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-25 18:01 - 2019-08-25 18:01 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Mozilla
2019-08-25 18:01 - 2019-08-25 18:01 - 000000000 ____D C:\Users\Samderp\AppData\Local\Mozilla
2019-08-25 18:01 - 2019-08-25 18:01 - 000000000 ____D C:\ProgramData\Mozilla
2019-08-25 17:59 - 2019-08-25 17:59 - 000000000 ____D C:\Users\Samderp\AppData\Local\D3DSCache
2019-08-25 17:52 - 2019-08-25 18:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-25 17:51 - 2019-08-26 19:41 - 000000000 ___RD C:\Users\Samderp\OneDrive
2019-08-25 17:51 - 2019-08-26 10:27 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3075933780-3193734538-1635283899-1001
2019-08-25 17:50 - 2019-08-25 18:26 - 000000000 ____D C:\Users\Samderp\AppData\Local\MicrosoftEdge
2019-08-25 17:50 - 2019-08-25 17:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-25 17:49 - 2019-08-26 20:39 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Adobe
2019-08-25 17:49 - 2019-08-26 18:06 - 000000000 ____D C:\Users\Samderp\AppData\Local\ConnectedDevicesPlatform
2019-08-25 17:49 - 2019-08-26 10:28 - 000000000 ____D C:\Users\Samderp\AppData\Local\Packages
2019-08-25 17:49 - 2019-08-25 17:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-25 17:49 - 2019-08-25 17:49 - 000000000 ___RD C:\Users\Samderp\3D Objects
2019-08-25 17:49 - 2019-08-25 17:49 - 000000000 ____D C:\Users\Samderp\AppData\Local\VirtualStore
2019-08-25 17:49 - 2019-08-25 17:49 - 000000000 ____D C:\Users\Samderp\AppData\Local\Publishers
2019-08-25 17:48 - 2019-08-26 10:27 - 000002376 _____ C:\Users\Samderp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-25 17:48 - 2019-08-25 18:26 - 000000000 ____D C:\Users\Samderp
2019-08-25 17:48 - 2019-08-25 17:48 - 000000020 ___SH C:\Users\Samderp\ntuser.ini
2019-08-25 17:42 - 2019-08-26 19:47 - 000840848 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-25 17:40 - 2019-08-25 17:40 - 000000000 ____D C:\Windows\CSC
2019-08-25 17:40 - 2019-07-14 09:28 - 002874368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-08-25 17:39 - 2019-08-25 17:39 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-25 17:39 - 2019-08-25 17:39 - 000000000 ____D C:\Program Files\MSBuild
2019-08-25 17:39 - 2019-08-25 17:39 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-08-25 17:39 - 2019-03-02 06:01 - 001166488 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2019-08-25 17:39 - 2019-03-02 06:01 - 000124568 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-25 17:39 - 2019-03-02 06:01 - 000035592 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2019-08-25 17:39 - 2019-02-06 07:11 - 000778912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2019-08-25 17:39 - 2019-02-06 07:11 - 000103072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-08-25 17:39 - 2019-02-06 07:11 - 000035592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-26 20:41 - 2019-03-19 10:22 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-26 19:47 - 2019-03-19 10:20 - 000000000 ____D C:\Windows\INF
2019-08-26 19:41 - 2019-03-19 10:07 - 000524288 _____ C:\Windows\system32\config\BBI
2019-08-26 16:19 - 2019-03-19 10:22 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-08-26 10:37 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\AppReadiness
2019-08-26 10:28 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\appcompat
2019-08-26 10:26 - 2019-03-19 10:22 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-26 10:26 - 2019-03-19 10:22 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-26 07:05 - 2019-03-19 10:19 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-08-26 06:07 - 2019-03-19 10:22 - 000000000 ___RD C:\Windows\PrintDialog
2019-08-26 06:07 - 2019-03-19 10:22 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-08-26 06:07 - 2019-03-19 10:22 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-26 06:07 - 2019-03-19 10:07 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-08-25 20:20 - 2019-03-19 10:22 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-25 19:54 - 2019-03-19 10:22 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-08-25 19:54 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-08-25 18:30 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\LiveKernelReports
2019-08-25 18:30 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\Help
2019-08-25 18:05 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\ServiceState
2019-08-25 17:48 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-08-25 17:48 - 2019-03-19 10:07 - 000000000 ____D C:\Windows\CbsTemp
2019-08-25 17:41 - 2019-03-19 10:26 - 000000000 ____D C:\Windows\Setup
2019-08-25 17:40 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\system32\spool
2019-08-25 17:40 - 2019-03-19 10:22 - 000000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories ================

2019-08-26 13:10 - 2019-08-26 13:10 - 000000000 _____ () C:\Users\Samderp\AppData\Local\oobelibMkey.log

==================== FLock ================

2019-08-25 17:40 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
983
Hi Samueltochhawng,

Do you recognize this Chrome extension?

Hola Free VPN Proxy Unblocker
---------------------------------------------------
Uninstall a Program

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program(s) on the list:
    Segurazo Realtime Protection Lite
    Web Companion
  • Select the above program(s) and click Uninstall.
  • Restart the computer if prompted.

---------------------------------------------------
Uninstall Chrome Extension(s)

  • Open Google Chrome. Type chrome://extensions in the address bar and press Enter.
  • Click the trash can icon next to the following extension(s):
    Search Manager
  • A confirmation dialog will appear. Click Remove.

---------------------------------------------------
Farbar Recovery Scan Tool - Fix

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Code:
    Start::
    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:
    HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\...\Run: [Chromium] => c:\users\samderp\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [File not signed]
    HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\...\Run: [Chromium] => c:\users\samderp\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [File not signed]
    GroupPolicy: Restriction ? <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise
    HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_rfhuixn_19_10_ssg363d&param1=1&param2=f%3D1%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DyDzzyEtN0D0Tzu0StByCtBtAtN1L2XzuyEtFyEyDtFtDtFyDtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBzytCtBtCtA0FtBtGtC0E0FyDtGtAyCyB0FtGyCzyzyzztGyCtC0B0CtCzzyEyByD0C0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDtC1R1S1Q1Q1TtG1RtB1O1RtGyEyE1OtDtGzz1Q1OyBtGtD1R1TyEyCyDzyyE1RyD1O1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyDtBtDtAtCtCzztC%26cr%3D1772677370%26a%3Dwbf_rfhuixn_19_10_ssg363d%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3075933780-3193734538-1635283899-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_fjnhltxzm_19_35_ssg00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Din%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAzz0DyDyEyBtCtBtA0B0DtD0DtD0DtCtN0D0Tzu0StByBzyyEtN1L2XzuyEtFyDyDtFtDtFzzyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCyEzztA0F0CyCtDtGyDyD0AtBtG0C0BzytAtGyBtAyB0CtGtByC0D0ByD0CyDyCtAtByE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1S1O1Q1O1S1RzzyBtG1T1OtAzztGyE1Tzz1PtG1TyDyDyBtGyE1TyD1TyB1R1SyB1QtAyCyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCyCzztCyCtAyDyE%26cr%3D162735565%26a%3Dwsg_fjnhltxzm_19_35_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3075933780-3193734538-1635283899-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
    FF Homepage: Mozilla\Firefox\Profiles\7sfzgwcl.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190825
    FF NewTab: Mozilla\Firefox\Profiles\7sfzgwcl.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190825
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\jxfruiecgt1.js [2019-08-25] <==== ATTENTION (Points to *.cfg file)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\jxfruiecgt1.cfg [2019-08-25] <==== ATTENTION
    CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
    CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
    CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3075933780-3193734538-1635283899-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
    R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4473448 2019-08-09] (Digital Communications Inc. -> Digital Communications Inc)
    R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [250472 2019-08-09] (Digital Communications Inc. -> Digital Communications Inc)
    R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-08-25] (LAVASOFT SOFTWARE CANADA INC -> )
    R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84256 2019-08-01] (Digital Communications Inc. -> Digital Communications Inc)
    2019-08-26 16:17 - 2019-08-26 18:06 - 000000000 ____D C:\Users\Samderp\AppData\Local\chromium
    2019-08-26 16:16 - 2019-08-26 16:21 - 000000000 ____D C:\Users\Samderp\AppData\Local\{8E7BB827-AAD3-D49F-C74B-F177E3230DEF}
    2019-08-26 16:16 - 2019-08-26 16:16 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\segurazoclient
    2019-08-26 16:16 - 2019-08-26 16:16 - 000000000 ____D C:\ProgramData\{885BB467-A073-CC1F-F82B-E43710C33CEF}
    2019-08-26 16:15 - 2019-08-26 20:46 - 000000000 ____D C:\Program Files (x86)\Segurazo
    2019-08-26 16:15 - 2019-08-26 16:21 - 000000000 ____D C:\ProgramData\qgdij
    2019-08-26 16:15 - 2019-08-26 16:16 - 000000000 ____D C:\ProgramData\Segurazo
    2019-08-26 16:15 - 2019-08-26 16:15 - 000292184 _____ (Microsoft Corporation) C:\Users\Samderp\Downloads\dxwebsetup.exe
    2019-08-26 16:15 - 2019-08-26 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
    2019-08-26 16:12 - 2019-08-26 16:12 - 002316008 _____ ( ) C:\Users\Samderp\Downloads\dxwebsetup_2479703636.exe
    2019-08-25 18:44 - 2019-08-25 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Users\Samderp\AppData\Roaming\Lavasoft
    2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Users\Samderp\AppData\Local\Lavasoft
    2019-08-25 18:42 - 2019-08-25 18:42 - 000000000 ____D C:\Program Files (x86)\Lavasoft
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    AlternateDataStreams: C:\Users\Samderp\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
    AlternateDataStreams: C:\Users\Samderp\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
    FirewallRules: [TCP Query User{990BACAB-6D27-4C29-AAC9-B9A348A721A2}C:\users\samderp\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Allow) C:\users\samderp\appdata\roaming\utorrent\updates\3.5.5_45311.exe No File
    FirewallRules: [UDP Query User{FDF6C2BA-BA91-40D6-851B-8945602C9706}C:\users\samderp\appdata\roaming\utorrent\updates\3.5.5_45311.exe] => (Allow) C:\users\samderp\appdata\roaming\utorrent\updates\3.5.5_45311.exe No File
    VirusTotal: C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
    CMD: Bitsadmin /Reset /Allusers
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

---------------------------------------------------
AdwCleaner

Download AdwCleaner and save it to your desktop.
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now ...
    • When the scan has finished a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

---------------------------------------------------

In your next reply, please include:
  • Fixlog.txt
  • AdwCleaner[S0*].txt
  • Let me know how the computer is doing.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top