Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016 Ran by Mario (administrator) on MARIO-PC (19-02-2016 13:37:39) Running from C:\Users\Mario\Downloads Loaded Profiles: Mario (Available Profiles: Mario) Platform: Microsoft Windows 7 Édition Intégrale (X86) Language: Anglais (États-Unis) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137152 2016-02-19] (AVAST Software) HKU\S-1-5-21-2531867340-1831226124-3850839779-1000\...\Run: [santa_svc] => C:\Users\Mario\AppData\Roaming\pwukracroic.exe HKU\S-1-5-21-2531867340-1831226124-3850839779-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\Mario\AppData\Local\Extption\wmiTraceCtr.dll ATTENTION AppInit_DLLs: c:/progra~2/{86116~1/193~1.1/cedi.dll => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-19] (AVAST Software) Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+idw.html [2015-12-20] () Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+idw.txt [2015-12-20] () Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+jor.html [2015-12-23] () Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+jor.txt [2015-12-23] () Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ooi.html [2015-12-21] () Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+ooi.txt [2015-12-21] () GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION CHR HKU\S-1-5-21-2531867340-1831226124-3850839779-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8F909E24-3258-4B9B-9F92-37337CC6687D}: [NameServer] 199.203.131.152,82.163.143.182 Tcpip\..\Interfaces\{8F909E24-3258-4B9B-9F92-37337CC6687D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchy.easylifeapp.com/ HKU\S-1-5-21-2531867340-1831226124-3850839779-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchy.easylifeapp.com/ SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKU\S-1-5-21-2531867340-1831226124-3850839779-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutDtDtCzy0DtC0EtD0DtD0F0B0DtCtC0FtN0D0Tzu0StCtCyDzytN1L2XzutAtFzztFyEtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0AtDzzzzzzyByEtG0EtDyDyEtG0AzzyEtAtGyBtAtA0DtGyBtCtCyCyBzz0Bzy0C0BtDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByE0EyEzy0Czy0CtGtA0AyBtBtGyE0E0DtDtGzz0FtCzytGzytByC0CtDyEtByDtCyC0C0C2QtN1B2Z1V1T1S1NzuyDyByE&cr=1581402873&ir= SearchScopes: HKU\S-1-5-21-2531867340-1831226124-3850839779-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutDtDtCzy0DtC0EtD0DtD0F0B0DtCtC0FtN0D0Tzu0StCtCyDzytN1L2XzutAtFzztFyEtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0AtDzzzzzzyByEtG0EtDyDyEtG0AzzyEtAtGyBtAtA0DtGyBtCtCyCyBzz0Bzy0C0BtDzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByE0EyEzy0Czy0CtGtA0AyBtBtGyE0E0DtDtGzz0FtCzytGzytByC0CtDyEtByDtCyC0C0C2QtN1B2Z1V1T1S1NzuyDyByE&cr=1581402873&ir= SearchScopes: HKU\S-1-5-21-2531867340-1831226124-3850839779-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFC136ECD-1951-4734-ADA7-0D89FCF88F33&SearchSource=58&CUI=&UM=5&UP=SP83E42316-DD7B-46E4-A4A1-6FFB3C695F8B&q={searchTerms}&SSPV= StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-20] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-20] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR StartupUrls: Default -> "hxxp://searchy.easylifeapp.com/" CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (Recherche Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (Google Sheets) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (AdBlock) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-22] [UpdateUrl: hxxps://mynamedomain.koko//0service/update2/crx] <==== ATTENTION CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-22] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-19] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-02-19] (AVAST Software) S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-19] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-02-19] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-02-19] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [294816 2016-02-19] (AVAST Software) S1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [355616 2016-02-19] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-19] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812720 2016-02-19] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-19] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-19] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-19] (AVAST Software) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-19 13:37 - 2016-02-19 13:38 - 00010504 _____ C:\Users\Mario\Downloads\FRST.txt 2016-02-19 13:37 - 2016-02-19 13:37 - 01722368 _____ (Farbar) C:\Users\Mario\Downloads\FRST.exe 2016-02-19 13:37 - 2016-02-19 13:37 - 00000000 ____D C:\FRST 2016-02-19 13:26 - 2016-02-19 13:24 - 00355616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys 2016-02-19 13:25 - 2016-02-19 13:25 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-02-19 13:25 - 2016-02-19 13:25 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-02-19 13:24 - 2016-02-19 13:24 - 00294816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2016-02-14 21:50 - 2016-02-14 21:56 - 00000000 ____D C:\Users\Mario\Downloads\The Last Witch Hunter 2015 FRENCH BDRip x264-HD Workshop 2016-02-14 21:49 - 2016-02-14 21:49 - 00077189 _____ C:\Users\Mario\Downloads\le-dernier-chasseur-de-sorcieres-french-dvdrip-x264-2015.torrent 2016-02-10 16:29 - 2016-02-10 16:31 - 00000000 ____D C:\Users\Mario\AppData\Local\Divinity 2 2016-02-10 16:20 - 2016-02-10 16:20 - 00000000 ____D C:\ProgramData\Divinity 2 2016-02-10 15:58 - 2016-02-19 13:10 - 00000000 ____D C:\Program Files\Divinity II - Ego Draconis 2016-02-09 12:05 - 2016-02-09 12:05 - 00175104 _____ C:\Users\Mario\Downloads\02082016 - All Stores.xls 2016-02-08 22:41 - 2016-02-08 22:53 - 363451992 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E06.FRENCH.LD.WEB-DL.XviD-ZT.avi 2016-02-08 22:41 - 2016-02-08 22:53 - 343618812 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E05.FRENCH.HDTV.XviD-ZT.avi 2016-02-08 22:40 - 2016-02-08 22:52 - 345651534 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E04.FRENCH.LD.WEB-DL.XviD-ZT.avi 2016-02-08 22:39 - 2016-02-08 22:52 - 368240310 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E03.FRENCH.LD.WEB-DL.XviD-ZT.avi 2016-02-08 22:33 - 2016-02-08 22:40 - 341846644 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E02.FRENCH.LD.WEB-DL.XviD-ZT.avi 2016-02-08 22:33 - 2016-02-08 22:33 - 00030337 _____ C:\Users\Mario\Downloads\z-nation-s02e06-french-hdtv.torrent 2016-02-08 22:32 - 2016-02-08 22:32 - 00028977 _____ C:\Users\Mario\Downloads\z-nation-s02e04-french-hdtv.torrent 2016-02-08 22:32 - 2016-02-08 22:32 - 00028812 _____ C:\Users\Mario\Downloads\z-nation-s02e05-french-hdtv.torrent 2016-02-08 22:31 - 2016-02-08 22:31 - 00030697 _____ C:\Users\Mario\Downloads\z-nation-s02e03-french-hdtv.torrent 2016-02-08 22:31 - 2016-02-08 22:31 - 00028697 _____ C:\Users\Mario\Downloads\z-nation-s02e02-french-hdtv.torrent 2016-02-08 22:30 - 2016-02-08 22:39 - 465166688 _____ C:\Users\Mario\Downloads\[ www.CpasBien.io ] Z.Nation.S02E01.FRENCH.LD.WEB-DL.XviD-ZT.avi 2016-02-08 22:30 - 2016-02-08 22:30 - 00038097 _____ C:\Users\Mario\Downloads\z-nation-s02e01-french-hdtv.torrent 2016-02-08 13:40 - 2016-02-08 13:40 - 00175104 _____ C:\Users\Mario\Downloads\02072016 - All Stores.xls 2016-02-08 13:40 - 2016-02-08 13:40 - 00175104 _____ C:\Users\Mario\Downloads\02072016 - All Stores (1).xls 2016-01-23 21:52 - 2016-01-23 21:52 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E12.FRENCH.HDTV.XviD-RNT 2016-01-23 21:44 - 2016-01-23 21:44 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E11.FRENCH.LD.HDTV.XViD-RNT 2016-01-23 21:34 - 2016-01-23 21:34 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E10.FRENCH.LD.HDTV.XViD-RNT 2016-01-23 21:19 - 2016-01-23 21:19 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E09.FRENCH.HDTV.XviD-RNT 2016-01-23 21:19 - 2016-01-23 21:19 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E08.FRENCH.LD.HDTV.XviD-RNT 2016-01-23 21:08 - 2016-01-23 21:08 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E07.FRENCH.HDTV.XviD-RNT 2016-01-23 20:47 - 2016-01-23 20:47 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E06.FRENCH.LD.HDTV.XviD-RNT 2016-01-23 20:43 - 2016-01-23 20:43 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E05.FRENCH.HDTV.XviD-RNT 2016-01-23 20:43 - 2016-01-23 20:43 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E04.FRENCH.LD.HDTV.XViD-RNT 2016-01-23 20:40 - 2016-01-23 20:40 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E03.FRENCH.HDTV.x264-BAWLS 2016-01-23 20:37 - 2016-01-23 20:37 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E02.FRENCH.LD.HDTV.x264-AUTHORiTY 2016-01-23 20:28 - 2016-01-23 20:28 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.pe] Hart.Of.Dixie.S03E01.FRENCH.LD.HDTV.x264-AUTHORiTY 2016-01-23 20:19 - 2016-01-23 22:31 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.me] Spartacus.War.Of.The.Damned.S03E09.FRENCH.LD.BDRip.XviD-MiND 2016-01-23 20:19 - 2016-01-23 20:19 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.me] Spartacus.War.Of.The.Damned.S03E10.FiNAL.FRENCH.LD.BDRip.XviD-MiND 2016-01-23 20:10 - 2016-01-23 20:10 - 00030746 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e13-french-hdtv (2).torrent 2016-01-23 20:10 - 2016-01-23 20:10 - 00030746 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e13-french-hdtv (1).torrent 2016-01-23 20:09 - 2016-01-23 20:10 - 00030746 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e13-french-hdtv.torrent 2016-01-23 20:09 - 2016-01-23 20:09 - 00030786 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e12-french-hdtv.torrent 2016-01-23 20:09 - 2016-01-23 20:09 - 00030632 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e11-french-hdtv.torrent 2016-01-23 20:08 - 2016-01-23 20:08 - 00031392 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e10-french-hdtv.torrent 2016-01-23 20:08 - 2016-01-23 20:08 - 00030766 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e09-french-hdtv.torrent 2016-01-23 20:08 - 2016-01-23 20:08 - 00030572 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e08-french-hdtv.torrent 2016-01-23 20:07 - 2016-01-23 20:07 - 00030766 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e07-french-hdtv.torrent 2016-01-23 20:07 - 2016-01-23 20:07 - 00030612 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e06-french-hdtv.torrent 2016-01-23 20:06 - 2016-01-23 20:06 - 00031192 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e04-french-hdtv.torrent 2016-01-23 20:06 - 2016-01-23 20:06 - 00030766 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e05-french-hdtv.torrent 2016-01-23 20:06 - 2016-01-23 20:06 - 00030227 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e03-french-hdtv.torrent 2016-01-23 20:05 - 2016-01-23 20:05 - 00036284 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e01-french-hdtv.torrent 2016-01-23 20:05 - 2016-01-23 20:05 - 00032704 _____ C:\Users\Mario\Downloads\hart-of-dixie-s03e02-french-hdtv.torrent 2016-01-23 19:51 - 2016-01-23 19:51 - 00046712 _____ C:\Users\Mario\Downloads\spartacus-s03e10-final-french-hdtv.torrent 2016-01-23 19:50 - 2016-01-23 19:50 - 00046980 _____ C:\Users\Mario\Downloads\spartacus-s03e08-french-hdtv.torrent 2016-01-23 19:50 - 2016-01-23 19:50 - 00046760 _____ C:\Users\Mario\Downloads\spartacus-s03e09-french-hdtv.torrent 2016-01-23 19:49 - 2016-01-23 19:49 - 00047020 _____ C:\Users\Mario\Downloads\spartacus-s03e07-french-hdtv.torrent 2016-01-23 19:48 - 2016-01-23 19:48 - 00046960 _____ C:\Users\Mario\Downloads\spartacus-s03e06-french-hdtv.torrent 2016-01-23 19:48 - 2016-01-23 19:48 - 00046960 _____ C:\Users\Mario\Downloads\spartacus-s03e05-french-hdtv.torrent 2016-01-23 19:38 - 2016-01-23 19:38 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.me] Spartacus.War.Of.The.Damned.S3E02.FRENCH.LD.BDRip.XviD-MiND 2016-01-23 19:31 - 2016-01-23 19:31 - 00046780 _____ C:\Users\Mario\Downloads\spartacus-s03e04-french-hdtv.torrent 2016-01-23 19:31 - 2016-01-23 19:31 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.me] Spartacus.War.Of.The.Damned.S3E01.FRENCH.LD.BDRip.XviD-MiND 2016-01-23 19:15 - 2016-01-23 19:15 - 00046858 _____ C:\Users\Mario\Downloads\spartacus-s03e02-french-hdtv.torrent 2016-01-23 19:15 - 2016-01-23 19:15 - 00046680 _____ C:\Users\Mario\Downloads\spartacus-s03e03-french-hdtv.torrent 2016-01-23 19:14 - 2016-01-23 19:14 - 00046958 _____ C:\Users\Mario\Downloads\spartacus-s03e01-french-hdtv.torrent 2016-01-23 19:14 - 2016-01-23 19:14 - 00046755 _____ C:\Users\Mario\Downloads\spartacus-s02e10-final-french-hdtv.torrent 2016-01-23 19:14 - 2016-01-23 19:14 - 00046503 _____ C:\Users\Mario\Downloads\spartacus-s02e09-french-hdtv.torrent 2016-01-23 19:13 - 2016-01-23 19:13 - 00046963 _____ C:\Users\Mario\Downloads\spartacus-s02e08-french-hdtv.torrent 2016-01-23 19:13 - 2016-01-23 19:13 - 00044743 _____ C:\Users\Mario\Downloads\spartacus-s02e07-french-hdtv.torrent 2016-01-23 19:12 - 2016-01-23 19:12 - 00046643 _____ C:\Users\Mario\Downloads\spartacus-s02e06-french-hdtv.torrent 2016-01-23 19:11 - 2016-01-23 19:11 - 00000000 ____D C:\Users\Mario\Downloads\[www.Cpasbien.me] Spartacus.S03E01.FASTSUB.VOSTFR.HDTV.XviD-MiND 2016-01-23 19:10 - 2016-01-23 19:10 - 00046652 _____ C:\Users\Mario\Downloads\spartacus-s03e01-vostfr-hdtv.torrent 2016-01-23 18:48 - 2016-01-23 18:48 - 00001118 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-01-23 18:48 - 2016-01-23 18:48 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-01-23 18:08 - 2016-02-19 13:16 - 00002003 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk 2016-01-23 18:08 - 2016-02-19 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-01-23 18:01 - 2016-02-19 13:25 - 00127432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2016-01-23 18:00 - 2016-02-19 13:25 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-19 13:36 - 2009-07-13 23:34 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-19 13:36 - 2009-07-13 23:34 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-19 13:31 - 2015-02-04 17:31 - 00000000 ____D C:\Program Files\TeamViewer 2016-02-19 13:31 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\inf 2016-02-19 13:30 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-19 13:25 - 2015-08-23 11:53 - 00812720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2016-02-19 13:25 - 2015-08-23 11:53 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2016-02-19 13:25 - 2015-08-23 11:53 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2016-02-19 13:25 - 2015-08-23 11:53 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2016-02-19 13:25 - 2015-08-23 11:53 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2016-02-19 13:25 - 2015-08-23 11:53 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2016-02-19 13:11 - 2014-05-02 11:37 - 00000000 ____D C:\Users\Mario 2016-02-19 13:10 - 2015-11-26 17:24 - 00000000 ____D C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4} 2016-02-19 13:10 - 2015-08-28 07:15 - 00000000 ____D C:\Program Files\DNS Unlocker 2016-02-19 13:10 - 2014-11-16 13:54 - 00000000 ____D C:\Program Files\Steam 2016-02-19 13:10 - 2014-05-02 13:18 - 00000000 ____D C:\Users\Mario\AppData\Roaming\BitTorrent 2016-02-19 13:10 - 2009-07-13 23:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-02-19 13:10 - 2009-07-13 23:52 - 00000000 ____D C:\Program Files\Microsoft Games 2016-02-19 13:10 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\NDF 2016-02-19 13:08 - 2009-07-14 02:48 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-02-19 13:08 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\registration 2016-02-19 12:51 - 2015-03-08 16:13 - 00000000 ____D C:\Users\Mario\AppData\Local\CrashDumps 2016-02-08 18:46 - 2015-08-02 20:43 - 00000000 ____D C:\Users\Mario\AppData\Local\ElevatedDiagnostics 2016-02-06 23:06 - 2015-12-19 15:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-23 22:19 - 2014-05-02 11:53 - 00742688 _____ C:\Windows\system32\perfh00C.dat 2016-01-23 22:19 - 2014-05-02 11:53 - 00147606 _____ C:\Windows\system32\perfc00C.dat 2016-01-23 22:19 - 2014-05-02 11:41 - 01660386 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-23 17:58 - 2015-08-23 11:51 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-23 17:51 - 2015-08-23 11:52 - 00000000 ____D C:\Program Files\AVAST Software ==================== Files in the root of some directories ======= 2015-08-09 16:13 - 2015-08-09 16:13 - 0000020 _____ () C:\Users\Mario\AppData\Roaming\appdataFr2.bin 2015-06-05 21:33 - 2015-09-21 18:50 - 0000024 _____ () C:\Users\Mario\AppData\Roaming\appdataFr25.bin 2015-12-20 14:40 - 2015-12-20 17:09 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\how_recover+idw.html 2015-12-20 14:40 - 2015-12-20 17:09 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\how_recover+idw.txt 2015-12-23 04:42 - 2015-12-23 05:49 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\how_recover+jor.html 2015-12-23 04:42 - 2015-12-23 05:49 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\how_recover+jor.txt 2015-12-21 20:31 - 2015-12-21 22:23 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\how_recover+ooi.html 2015-12-21 20:31 - 2015-12-21 22:23 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\how_recover+ooi.txt 2015-03-05 17:07 - 2015-03-06 16:22 - 0000061 _____ () C:\Users\Mario\AppData\Roaming\WB.CFG 2015-12-20 14:40 - 2015-12-20 17:08 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+idw.html 2015-12-20 14:40 - 2015-12-20 17:08 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+idw.txt 2015-12-23 04:42 - 2015-12-23 05:49 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+jor.html 2015-12-23 04:42 - 2015-12-23 05:49 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+jor.txt 2015-12-21 20:31 - 2015-12-21 22:23 - 0010608 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+ooi.html 2015-12-21 20:31 - 2015-12-21 22:23 - 0002385 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\how_recover+ooi.txt 2015-12-20 13:42 - 2015-12-20 17:06 - 0010608 _____ () C:\Users\Mario\AppData\Local\how_recover+idw.html 2015-12-20 13:42 - 2015-12-20 17:06 - 0002385 _____ () C:\Users\Mario\AppData\Local\how_recover+idw.txt 2015-12-22 23:09 - 2015-12-23 05:47 - 0010608 _____ () C:\Users\Mario\AppData\Local\how_recover+jor.html 2015-12-22 23:09 - 2015-12-23 05:47 - 0002385 _____ () C:\Users\Mario\AppData\Local\how_recover+jor.txt 2015-12-21 19:54 - 2015-12-21 22:18 - 0010608 _____ () C:\Users\Mario\AppData\Local\how_recover+ooi.html 2015-12-21 19:54 - 2015-12-21 22:18 - 0002385 _____ () C:\Users\Mario\AppData\Local\how_recover+ooi.txt 2015-04-14 18:55 - 2015-04-14 18:55 - 0000000 _____ () C:\Users\Mario\AppData\Local\{0889CA6D-234C-4A0F-8B52-DE6375397054} 2015-12-20 13:42 - 2015-12-20 13:42 - 0010608 _____ () C:\ProgramData\how_recover+idw.html 2015-12-20 13:42 - 2015-12-20 13:42 - 0002385 _____ () C:\ProgramData\how_recover+idw.txt 2015-12-22 23:08 - 2015-12-22 23:09 - 0010608 _____ () C:\ProgramData\how_recover+jor.html 2015-12-22 23:08 - 2015-12-22 23:09 - 0002385 _____ () C:\ProgramData\how_recover+jor.txt 2015-12-21 19:53 - 2015-12-21 19:54 - 0010608 _____ () C:\ProgramData\how_recover+ooi.html 2015-12-21 19:53 - 2015-12-21 19:54 - 0002385 _____ () C:\ProgramData\how_recover+ooi.txt Files to move or delete: ==================== C:\Users\Mario\rwvypdhi.exe Some files in TEMP: ==================== C:\Users\Mario\AppData\Local\Temp\199D.tmp.exe C:\Users\Mario\AppData\Local\Temp\2FAB.tmp.exe C:\Users\Mario\AppData\Local\Temp\3A3D.tmp.exe C:\Users\Mario\AppData\Local\Temp\5372.tmp.exe C:\Users\Mario\AppData\Local\Temp\5B17.tmp.exe C:\Users\Mario\AppData\Local\Temp\7388.tmp.exe C:\Users\Mario\AppData\Local\Temp\A9A7.tmp.exe C:\Users\Mario\AppData\Local\Temp\CAEC.tmp.exe C:\Users\Mario\AppData\Local\Temp\D433.tmp.exe C:\Users\Mario\AppData\Local\Temp\drm_dyndata_7380006.dll C:\Users\Mario\AppData\Local\Temp\drm_dyndata_7390005.dll C:\Users\Mario\AppData\Local\Temp\E6B.tmp.exe C:\Users\Mario\AppData\Local\Temp\install_flash_player_19_active_x.exe C:\Users\Mario\AppData\Local\Temp\ntwdblib.dll C:\Users\Mario\AppData\Local\Temp\ymtgrdfh.exe C:\Users\Mario\AppData\Local\Temp\_is1127.exe C:\Users\Mario\AppData\Local\Temp\_is1B63.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-11 22:03 ==================== End of FRST.txt ============================