  1. the first one is incorrect, sorry


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
    Ran by hugo (administrator) on DOGE on 02-06-2015 17:09:50
    Running from C:\Users\hugo\Desktop
    Loaded Profiles: hugo (Available Profiles: hugo)
    Platform: Windows 8 (X64) OS Language: English (United States)
    Internet Explorer Version 10 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
    () C:\Windows\KMS-QAD.exe
    (Dritek System INC.) C:\Windows\RfBtnSvc64.exe
    (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
    (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Spotify Ltd) C:\Users\hugo\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
    () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\\deploy\LoLPatcher.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
    () C:\Windows\QAD-Hook.exe
    (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
    HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-11] ()
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2015-05-26] (AVAST Software)
    HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\Run: [spotify Web Helper] => C:\Users\hugo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-25] (Spotify Ltd)
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\Run: [spotify] => C:\Users\hugo\AppData\Roaming\Spotify\Spotify.exe [7298616 2015-05-25] (Spotify Ltd)
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\Run: [AceUpdater] => C:\Users\hugo\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\Run: [AceWebExtensionUpdater] => C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [22824 2015-02-28] ()
    HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    IFEO\OSppSvc.exe: [Debugger] QAD-Hook.exe
    IFEO\SppExtComObj.exe: [Debugger] QAD-Hook.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-26] (AVAST Software)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nl-nl/?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2583284370-4071791723-3653827449-1001 -> {4CC4338D-BB15-48E3-9BC1-8246E85F24B7} URL =
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-26] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-26] (AVAST Software)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer]

    FF ProfilePath: C:\Users\hugo\AppData\Roaming\Mozilla\Firefox\Profiles\womepcs4.default
    FF Homepage: https://www.google.nl/?gws_rd=ssl
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-20] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2583284370-4071791723-3653827449-1001: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\hugo\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
    FF Extension: AS Magic Player - C:\Users\hugo\AppData\Roaming\Mozilla\Firefox\Profiles\womepcs4.default\Extensions\magicplayer@acestream.org [2015-05-27]
    FF Extension: Adblock Plus - C:\Users\hugo\AppData\Roaming\Mozilla\Firefox\Profiles\womepcs4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-17]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-26]

    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-26]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-26]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-11] (Qualcomm Atheros Commnucations) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-05-26] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-05-26] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-05-26] (Avast Software)
    S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
    R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
    R2 KMS-R@1n; C:\Windows\KMS-QAD.exe [22528 2015-05-18] () [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-13] (Dritek System INC.)
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-06-02] (Enigma Software Group USA, LLC.)
    R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
    R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-05-26] ()
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-05-26] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-05-26] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-05-26] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-05-26] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-05-26] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-05-26] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-05-26] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-05-26] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-05-26] ()
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-11] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
    S3 esgiguard; C:\Users\hugo\AppData\Local\Temp\RarSFX0\esgiguard.sys [16432 2015-04-17] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-06-02] ()
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-02] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-13] (Dritek System Inc.)
    U0 ufvqkt; C:\Windows\System32\drivers\yysxn.sys [79064 2015-06-02] (Malwarebytes Corporation)
    R3 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2015-05-26] (Avast Software)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-02 17:09 - 2015-06-02 17:10 - 00015157 _____ () C:\Users\hugo\Desktop\FRST.txt
    2015-06-02 17:09 - 2015-06-02 17:09 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\yysxn.sys
    2015-06-02 17:09 - 2015-06-02 17:09 - 00000000 ____D () C:\FRST
    2015-06-02 16:58 - 2015-06-02 16:58 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-06-02 16:57 - 2015-06-02 16:57 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-06-02 16:57 - 2015-06-02 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-06-02 16:57 - 2015-06-02 16:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-06-02 16:57 - 2015-06-02 16:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-06-02 16:57 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-06-02 16:57 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-06-02 16:57 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-06-02 16:52 - 2015-06-02 16:54 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\hugo\Desktop\mbam-setup-
    2015-06-02 16:52 - 2015-06-02 16:52 - 02108928 _____ (Farbar) C:\Users\hugo\Desktop\FRST64.exe
    2015-06-02 15:53 - 2015-06-02 15:53 - 04798416 _____ (McAfee, Inc.) C:\Users\hugo\Downloads\MCPR.exe
    2015-06-02 15:07 - 2015-06-02 15:07 - 46420165 ____R () C:\Users\hugo\Downloads\SpyHunter Portable.zip
    2015-06-02 14:55 - 2015-06-02 14:55 - 00003314 _____ () C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2015-06-02 14:55 - 2015-06-02 14:55 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2015-06-02 14:55 - 2015-06-02 14:55 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Enigma Software Group
    2015-06-02 14:55 - 2015-06-02 14:55 - 00000000 ____D () C:\sh4ldr
    2015-06-02 14:55 - 2015-06-02 14:55 - 00000000 _____ () C:\autoexec.bat
    2015-06-02 14:54 - 2015-06-02 14:54 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\hugo\Downloads\SpyHunter-Installer.exe
    2015-06-02 14:54 - 2015-06-02 14:54 - 00022704 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2015-06-02 14:54 - 2015-06-02 14:54 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2015-06-02 07:32 - 2015-06-02 07:32 - 02231296 _____ () C:\Users\hugo\Downloads\adwcleaner_4.206.exe
    2015-06-01 17:47 - 2015-06-01 17:47 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-06-01 17:46 - 2015-06-01 17:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-06-01 17:46 - 2015-06-01 17:46 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-06-01 17:45 - 2015-06-01 17:47 - 00000000 ____D () C:\ProgramData\Adobe
    2015-06-01 17:44 - 2015-06-01 17:44 - 00568767 _____ () C:\Users\hugo\Downloads\lemoulin.pdf.zip
    2015-05-26 16:28 - 2015-05-26 16:28 - 00000247 _____ () C:\WINDOWS\system32\2015-05-26-14-28-19.054-aswFe.exe-5212.log
    2015-05-26 16:28 - 2015-05-26 16:28 - 00000197 _____ () C:\WINDOWS\system32\2015-05-26-14-28-15.012-AvastVBoxSVC.exe-1956.log
    2015-05-26 15:42 - 2015-05-26 15:42 - 00755216 _____ () C:\Users\hugo\Downloads\loldrophackv16__7934_il309(1).exe
    2015-05-26 15:40 - 2015-05-26 15:40 - 00755216 _____ () C:\Users\hugo\Downloads\loldrophackv16__7934_il309.exe
    2015-05-26 15:38 - 2015-05-26 16:17 - 00000247 _____ () C:\WINDOWS\system32\2015-05-26-13-38-56.028-aswFe.exe-6100.log
    2015-05-26 15:38 - 2015-05-26 15:38 - 00000197 _____ () C:\WINDOWS\system32\2015-05-26-13-38-52.009-AvastVBoxSVC.exe-2384.log
    2015-05-26 15:36 - 2015-05-26 15:36 - 02097629 _____ () C:\Users\hugo\Downloads\leagueoflegendsmultihack.zip.part
    2015-05-26 15:29 - 2015-05-26 15:29 - 00001223 _____ () C:\WINDOWS\unins000.dat
    2015-05-26 15:29 - 2015-05-26 15:28 - 01180529 _____ () C:\WINDOWS\unins000.exe
    2015-05-26 15:25 - 2015-05-26 15:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
    2015-05-26 15:25 - 2015-05-26 15:26 - 00000000 ____D () C:\WINDOWS\system32\vbox
    2015-05-26 15:25 - 2015-05-26 15:25 - 01853762 _____ () C:\Users\hugo\Downloads\AA By Onhax.rar
    2015-05-26 15:24 - 2015-05-26 15:24 - 02053480 _____ () C:\Users\hugo\Downloads\Avast 2015 All Working Cracks Keys are Here ! [LATEST].exe
    2015-05-26 15:22 - 2015-05-26 15:22 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\AVAST Software
    2015-05-26 15:21 - 2015-05-26 15:21 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2015-05-26 15:21 - 2015-05-26 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-05-26 15:20 - 2015-05-26 15:21 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
    2015-05-26 15:20 - 2015-05-26 15:21 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2015-05-26 15:20 - 2015-05-26 15:20 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
    2015-05-26 15:20 - 2015-05-26 15:20 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
    2015-05-26 15:20 - 2015-05-26 15:20 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2015-05-26 15:19 - 2015-05-26 15:19 - 00449936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
    2015-05-26 15:18 - 2015-05-26 15:18 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-05-26 15:17 - 2015-05-26 15:18 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-05-26 15:03 - 2015-05-26 15:16 - 182803088 _____ (AVAST Software) C:\Users\hugo\Downloads\avast--Premier-Antivirus-2015-10.0.2206-Final Trial.exe
    2015-05-25 09:56 - 2015-05-25 09:57 - 02128667 _____ () C:\Users\hugo\Downloads\EaseUS Data Recovery Wizard 8.6 Keygen _5BOnhax_5D.rar
    2015-05-25 09:54 - 2015-05-25 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.8
    2015-05-25 09:52 - 2015-05-25 09:52 - 10758512 _____ (EaseUS ) C:\Users\hugo\Downloads\drw_trial.exe
    2015-05-24 19:33 - 2015-05-24 19:34 - 00000000 ____D () C:\Users\hugo\Downloads\THE BLACKLIST(2014) S02E22 H.264(WEB-DL)DD5.1 1080p NL Subs TBS
    2015-05-24 19:28 - 2015-05-24 19:28 - 00018205 _____ () C:\Users\hugo\Downloads\[kat.cr]the.blacklist.2014.s02e22.h.264.web.dl.dd5.1.1080p.nl.subs.tbs.torrent
    2015-05-24 19:26 - 2015-05-24 19:27 - 00000000 ____D () C:\Users\hugo\Downloads\The Blacklist S02 WEB-DL x264-FUM[ettv]
    2015-05-24 18:20 - 2015-05-24 19:32 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\.ACEStream
    2015-05-24 18:20 - 2015-05-24 19:14 - 00000000 ___HD () C:\_acestream_cache_
    2015-05-24 18:20 - 2015-05-24 18:20 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
    2015-05-24 18:19 - 2015-05-24 18:20 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\AceWebExtension
    2015-05-24 18:19 - 2015-05-24 18:20 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\ACEStream
    2015-05-24 18:18 - 2015-05-24 18:19 - 69574952 _____ () C:\Users\hugo\Downloads\Ace_Stream_Media_3.0.12.exe
    2015-05-24 18:18 - 2015-05-24 18:18 - 00028102 _____ () C:\Users\hugo\Downloads\[kat.cr]game.of.thrones.s05e06.hdtv.x264.asap.ettv.torrent
    2015-05-20 23:20 - 2015-05-21 08:48 - 00000020 _____ () C:\WINDOWS\capsys184523.log
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Mirillis
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\Users\hugo\AppData\Local\Mirillis
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\ProgramData\Mirillis
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\Program Files (x86)\Mirillis
    2015-05-20 23:20 - 2015-05-20 23:20 - 00000000 ____D () C:\Action!
    2015-05-20 23:17 - 2015-05-20 23:17 - 00000000 ____D () C:\Users\hugo\Downloads\Mirillis Action!
    2015-05-20 23:15 - 2015-05-20 23:15 - 00000000 ____D () C:\Users\hugo\Downloads\Mirillis.Action!.v1.21.0.0.Thx-Acersoft
    2015-05-20 23:11 - 2015-05-20 23:12 - 18829112 _____ (Mirillis Ltd.) C:\Users\hugo\Downloads\action_1_22_0_setup.exe
    2015-05-20 23:11 - 2015-05-20 23:11 - 01122816 _____ (ONHAX.NET) C:\Users\hugo\Downloads\Mirillis Action! v1.22 Patch.exe
    2015-05-20 07:32 - 2015-05-20 07:32 - 00000000 ____D () C:\Users\hugo\AppData\Local\Macromedia
    2015-05-20 07:28 - 2015-06-01 17:47 - 00000000 ____D () C:\Users\hugo\AppData\Local\Adobe
    2015-05-19 22:22 - 2015-05-19 22:22 - 00000000 ____D () C:\Users\hugo\AppData\Local\clear.fi
    2015-05-19 16:32 - 2015-06-02 07:34 - 00000000 ____D () C:\AdwCleaner
    2015-05-19 16:31 - 2015-05-19 16:32 - 02209792 _____ () C:\Users\hugo\Downloads\adwcleaner_4.204.exe
    2015-05-19 16:30 - 2015-05-19 16:30 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\GlarySoft
    2015-05-19 07:48 - 2015-06-02 15:59 - 00000000 ____D () C:\Users\hugo\AppData\Local\Spotify
    2015-05-19 07:48 - 2015-06-02 15:58 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Spotify
    2015-05-19 07:48 - 2015-05-19 07:48 - 00155296 _____ (Spotify Ltd) C:\Users\hugo\Downloads\SpotifySetup.exe
    2015-05-19 07:48 - 2015-05-19 07:48 - 00001766 _____ () C:\Users\hugo\Desktop\Spotify.lnk
    2015-05-19 07:48 - 2015-05-19 07:48 - 00001752 _____ () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2015-05-18 21:05 - 2015-05-18 21:05 - 00022474 _____ () C:\Users\hugo\Downloads\the.blacklist.karakurt.(2015).dut.1cd.(6173748).zip
    2015-05-18 20:59 - 2015-05-30 15:23 - 00000000 ____D () C:\Users\hugo\Downloads\PopcornTime
    2015-05-18 20:58 - 2015-05-18 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
    2015-05-18 20:57 - 2015-05-18 20:58 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
    2015-05-18 20:57 - 2015-05-18 20:57 - 50764339 _____ (Popcorn Time ) C:\Users\hugo\Downloads\PopcornTime-latest.exe
    2015-05-18 16:47 - 2015-05-18 16:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\R@1n-KMS
    2015-05-18 16:46 - 2015-05-18 16:46 - 00022528 _____ () C:\WINDOWS\KMS-QAD.exe
    2015-05-18 16:46 - 2015-05-18 16:46 - 00005120 _____ () C:\WINDOWS\QAD-Hook.exe
    2015-05-18 16:46 - 2015-05-18 16:46 - 00003584 _____ () C:\WINDOWS\QAD-Hook.dll
    2015-05-18 16:44 - 2015-05-18 16:44 - 00000000 _____ () C:\Users\hugo\AppData\Local\Temp.dat
    2015-05-18 16:40 - 2015-05-18 16:40 - 02052456 _____ () C:\Users\hugo\Downloads\Re-Loader 1.2 Final All  Windows And Office Activator Is Here![Latest].exe
    2015-05-18 15:55 - 2015-05-18 15:55 - 00889416 _____ (Microsoft Corporation) C:\Users\hugo\Downloads\dotNetFx40_Full_setup.exe
    2015-05-18 15:53 - 2015-05-18 15:53 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
    2015-05-18 15:48 - 2015-06-02 15:43 - 00000000 ____D () C:\Users\hugo\AppData\Local\Deployment
    2015-05-18 15:48 - 2015-05-18 15:48 - 00000000 ____D () C:\Users\hugo\AppData\Local\Apps\2.0
    2015-05-18 10:08 - 2015-05-18 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-05-18 10:06 - 2015-05-18 10:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
    2015-05-18 10:06 - 2015-05-18 10:06 - 00000000 ____D () C:\WINDOWS\PCHEALTH
    2015-05-18 10:05 - 2015-05-18 10:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-18 10:05 - 2015-05-18 10:05 - 00000000 ____D () C:\Users\hugo\AppData\Local\Microsoft Help
    2015-05-18 10:05 - 2015-05-18 10:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
    2015-05-18 10:04 - 2015-05-18 10:04 - 00000000 ____D () C:\Program Files\Microsoft Office
    2015-05-18 10:02 - 2015-06-02 17:09 - 00000000 ____D () C:\Program Files (x86)\SharePoint Fix
    2015-05-18 10:02 - 2015-05-18 16:41 - 00000000 ____D () C:\ProgramData\17676060002624468702
    2015-05-18 10:02 - 2015-05-18 10:02 - 00000000 __RHD () C:\MSOCache
    2015-05-18 10:01 - 2015-06-02 15:57 - 00000368 _____ () C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job
    2015-05-18 10:01 - 2015-05-18 10:01 - 00003254 _____ () C:\WINDOWS\System32\Tasks\Bidaily Synchronize Task[pr]
    2015-05-18 09:57 - 2015-05-18 09:59 - 00000000 ____D () C:\Users\hugo\Downloads\Microsoft Office 2013 Professional Plus activation crack
    2015-05-18 09:56 - 2015-06-02 15:11 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\uTorrent
    2015-05-18 09:56 - 2015-05-18 09:56 - 02051944 _____ () C:\Users\hugo\Downloads\Re-Loader_1.2_Final.rar
    2015-05-18 09:56 - 2015-05-18 09:56 - 00026057 _____ () C:\Users\hugo\Downloads\784_microsoft.offic.torrent
    2015-05-18 09:55 - 2015-05-18 09:55 - 01998432 _____ (BitTorrent Inc.) C:\Users\hugo\Downloads\uTorrent.exe
    2015-05-18 09:47 - 2015-05-22 07:40 - 00000000 ____D () C:\Users\hugo\Desktop\School
    2015-05-18 09:07 - 2015-05-18 09:10 - 00000000 ____D () C:\Users\hugo\Documents\Revocer
    2015-05-18 09:05 - 2015-05-18 09:05 - 02622696 _____ (Copyright © 2011 eSupport.com • All Rights Reserved ) C:\Users\hugo\Downloads\undeleteplus_setup.exe
    2015-05-18 08:30 - 2015-05-18 08:30 - 00234966 _____ () C:\Users\hugo\Downloads\REST2514.exe
    2015-05-18 08:30 - 2015-05-18 08:30 - 00000000 ____D () C:\Restoration
    2015-05-18 08:29 - 2015-05-18 08:29 - 00707144 _____ (Generic Installer ) C:\Users\hugo\Downloads\Installer_Restoration.exe
    2015-05-18 08:21 - 2015-05-18 08:21 - 04426120 _____ (Piriform Ltd) C:\Users\hugo\Downloads\rcsetup152.exe
    2015-05-17 22:59 - 2015-05-17 22:59 - 00646538 _____ () C:\Users\hugo\Downloads\ThrottleStop_500a.zip
    2015-05-17 22:59 - 2015-05-17 22:59 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\WinRAR
    2015-05-17 22:37 - 2015-05-25 15:02 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\vlc
    2015-05-17 22:37 - 2015-05-17 22:37 - 00001034 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2015-05-17 22:37 - 2015-05-17 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-05-17 22:37 - 2015-05-17 22:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2015-05-17 22:36 - 2015-05-17 22:36 - 28849904 _____ () C:\Users\hugo\Downloads\vlc-2.2.1-win32.exe
    2015-05-17 20:22 - 2015-05-17 20:22 - 131104768 _____ (Intel Corporation) C:\Users\hugo\Downloads\win64_152823.exe
    2015-05-17 19:46 - 2015-05-17 19:46 - 00231760 _____ () C:\Users\hugo\Downloads\CrucialEUScan.exe
    2015-05-17 19:03 - 2015-05-17 19:03 - 01941064 _____ () C:\Users\hugo\Downloads\winrar-x64-520.exe
    2015-05-17 19:03 - 2015-05-17 19:03 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-05-17 19:03 - 2015-05-17 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-05-17 19:03 - 2015-05-17 19:03 - 00000000 ____D () C:\Program Files\WinRAR
    2015-05-17 19:02 - 2015-05-17 19:02 - 02233009 _____ () C:\Users\hugo\Downloads\RL16.rar
    2015-05-17 18:57 - 2015-05-17 18:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2015-05-17 18:39 - 2015-06-01 19:02 - 00000000 ____D () C:\Users\hugo\Documents\Bluetooth Folder
    2015-05-17 18:39 - 2015-05-17 18:39 - 00000000 ____D () C:\Users\hugo\AppData\Local\BMExplorer
    2015-05-17 18:31 - 2015-06-01 21:26 - 00000000 ____D () C:\Users\hugo\AppData\Local\CrashDumps
    2015-05-17 18:16 - 2015-05-17 18:16 - 04737952 _____ () C:\Users\hugo\Downloads\ausetup.exe
    2015-05-17 18:16 - 2015-05-17 18:16 - 00001278 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
    2015-05-17 18:16 - 2015-05-17 18:16 - 00001266 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
    2015-05-17 18:16 - 2015-05-17 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
    2015-05-17 18:16 - 2015-05-17 18:16 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
    2015-05-17 18:11 - 2015-05-17 18:11 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\LolClient
    2015-05-17 17:35 - 2015-05-17 17:35 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Macromedia
    2015-05-17 17:32 - 2015-05-17 17:32 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\CyberLink
    2015-05-17 17:30 - 2015-05-17 17:30 - 00000000 ____D () C:\Users\Public\CyberLink
    2015-05-17 17:30 - 2015-05-17 17:30 - 00000000 ____D () C:\Users\hugo\AppData\Local\Cyberlink
    2015-05-17 17:27 - 2015-05-17 17:27 - 00000000 ____D () C:\ProgramData\Riot Games
    2015-05-17 17:27 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
    2015-05-17 17:27 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
    2015-05-17 17:27 - 2008-07-12 09:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
    2015-05-17 17:27 - 2008-07-12 09:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
    2015-05-17 17:27 - 2008-07-12 09:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
    2015-05-17 17:26 - 2015-05-17 17:26 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
    2015-05-17 17:26 - 2015-05-17 17:26 - 00000000 ____D () C:\Riot Games
    2015-05-17 17:26 - 2015-05-17 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
    2015-05-17 17:24 - 2015-05-17 17:27 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Riot Games
    2015-05-17 17:24 - 2015-05-17 17:24 - 30993712 _____ (Riot Games) C:\Users\hugo\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe
    2015-05-17 17:23 - 2015-06-02 16:02 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2583284370-4071791723-3653827449-1001
    2015-05-17 17:23 - 2015-05-17 17:23 - 00000000 ____D () C:\Users\hugo\AppData\Local\EgisTec IPS
    2015-05-17 17:22 - 2015-05-17 17:23 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Mozilla
    2015-05-17 17:22 - 2015-05-17 17:23 - 00000000 ____D () C:\Users\hugo\AppData\Local\Mozilla
    2015-05-17 17:21 - 2015-05-18 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-17 17:21 - 2015-05-17 17:21 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-05-17 17:21 - 2015-05-17 17:21 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-05-17 17:21 - 2015-05-17 17:21 - 00000000 ____D () C:\ProgramData\Mozilla
    2015-05-17 17:21 - 2015-05-17 17:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-05-17 17:17 - 2015-05-17 17:17 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Atheros
    2015-05-17 17:15 - 2015-06-01 18:43 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Adobe
    2015-05-17 17:15 - 2015-05-17 17:15 - 00001438 _____ () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-05-17 17:15 - 2015-05-17 17:15 - 00000000 ____D () C:\Program Files\Accessory Store
    2015-05-17 17:13 - 2015-06-01 17:46 - 00000000 ____D () C:\Users\hugo\AppData\Local\Packages
    2015-05-17 17:13 - 2015-05-18 20:58 - 00000000 ____D () C:\Users\hugo\AppData\Local\VirtualStore
    2015-05-17 17:12 - 2015-06-02 07:39 - 01422734 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-05-17 17:11 - 2015-05-17 17:15 - 00000000 ____D () C:\Users\hugo
    2015-05-17 17:11 - 2015-05-17 17:11 - 00000020 ___SH () C:\Users\hugo\ntuser.ini
    2015-05-17 17:11 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-05-17 17:11 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-05-17 17:11 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-05-17 17:11 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-02 17:09 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
    2015-06-02 17:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
    2015-06-02 16:04 - 2012-07-26 09:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-06-02 15:57 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-06-02 15:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2015-06-01 19:03 - 2012-10-24 06:06 - 00032778 _____ () C:\WINDOWS\PFRO.log
    2015-05-25 10:10 - 2012-07-26 09:21 - 00024747 _____ () C:\WINDOWS\setupact.log
    2015-05-19 16:57 - 2012-10-24 06:34 - 00422024 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2015-05-19 14:59 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
    2015-05-18 14:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
    2015-05-18 14:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
    2015-05-18 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2015-05-18 14:12 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-18 14:12 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
    2015-05-18 14:12 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
    2015-05-18 14:12 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
    2015-05-18 14:12 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
    2015-05-18 14:12 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2015-05-18 14:12 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
    2015-05-18 14:12 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
    2015-05-18 14:12 - 2012-07-26 07:37 - 00000000 ____D () C:\WINDOWS\servicing
    2015-05-18 14:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
    2015-05-18 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
    2015-05-18 14:11 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
    2015-05-18 14:11 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\slmgr
    2015-05-18 14:11 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
    2015-05-18 14:11 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
    2015-05-18 14:10 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
    2015-05-18 14:10 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\Com
    2015-05-18 14:10 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\WCN
    2015-05-18 14:10 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
    2015-05-18 14:10 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
    2015-05-18 14:06 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
    2015-05-18 10:07 - 2012-07-26 09:52 - 00000000 ____D () C:\WINDOWS\ShellNew
    2015-05-18 10:06 - 2012-11-13 20:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
    2015-05-18 10:05 - 2012-07-26 07:26 - 00000199 _____ () C:\WINDOWS\win.ini
    2015-05-18 10:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2015-05-17 20:25 - 2012-11-13 19:31 - 00015758 _____ () C:\WINDOWS\system32\results.xml
    2015-05-17 20:24 - 2012-11-13 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2015-05-17 20:24 - 2012-10-24 06:33 - 00000000 ____D () C:\Program Files (x86)\Intel
    2015-05-17 19:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
    2015-05-17 18:39 - 2012-11-13 20:03 - 00000000 ____D () C:\ProgramData\Atheros
    2015-05-17 18:35 - 2012-10-24 07:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-05-17 18:29 - 2012-11-13 20:17 - 00001024 ___RH () C:\Users\Public\Documents\NTIMMV9Acer.dll
    2015-05-17 18:29 - 2012-10-24 07:15 - 00000000 ____D () C:\Program Files (x86)\NTI
    2015-05-17 18:28 - 2012-10-24 07:13 - 00000000 ____D () C:\Program Files\Acer
    2015-05-17 18:28 - 2012-10-24 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
    2015-05-17 18:27 - 2012-10-24 07:12 - 00000000 ____D () C:\ProgramData\Acer
    2015-05-17 18:27 - 2012-10-24 07:11 - 00000000 ____D () C:\Program Files (x86)\Acer
    2015-05-17 18:22 - 2012-10-24 07:11 - 00000000 ____D () C:\WINDOWS\oem
    2015-05-17 18:19 - 2012-10-24 06:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-05-17 18:18 - 2012-10-24 06:35 - 00000000 ____D () C:\ProgramData\WildTangent
    2015-05-17 18:16 - 2012-10-24 07:15 - 00000000 ____D () C:\ProgramData\BackupManager
    2015-05-17 18:04 - 2012-07-26 10:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
    2015-05-17 17:25 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\restore
    2015-05-17 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2015-05-17 17:16 - 2012-10-24 06:58 - 00000000 ___HD () C:\OEM
    2015-05-17 17:15 - 2012-11-13 20:11 - 00000000 ____D () C:\ProgramData\OEM

    ==================== Files in the root of some directories =======

    2015-05-18 16:44 - 2015-05-18 16:44 - 0000000 _____ () C:\Users\hugo\AppData\Local\Temp.dat
    2012-11-13 19:50 - 2012-11-13 19:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-06-01 17:52

    ==================== End of log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
    Ran by hugo at 2015-06-02 17:10:53
    Running from C:\Users\hugo\Desktop
    Boot Mode: Normal

    ==================== Accounts: =============================

    Administrator (S-1-5-21-2583284370-4071791723-3653827449-500 - Administrator - Disabled)
    Guest (S-1-5-21-2583284370-4071791723-3653827449-501 - Limited - Disabled)
    hugo (S-1-5-21-2583284370-4071791723-3653827449-1001 - Administrator - Enabled) => C:\Users\hugo

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Absolute Uninstaller (HKLM-x32\...\Absolute Uninstaller) (Version: - Glarysoft Ltd)
    Ace Stream Media 3.0.12 (HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\AceStream) (Version: 3.0.12 - Ace Stream Media) <==== ATTENTION!
    Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
    Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated)
    Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: - Atheros Communications Inc.)
    Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
    Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
    EaseUS Data Recovery Wizard 8.8 (HKLM\...\EaseUS Data Recovery Wizard 8.8_is1) (Version:  - EaseUS)
    ETDWare PS/2-X64 (HKLM\...\Elantech) (Version: - ELAN Microelectronic Corp.)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: - Intel Corporation)
    Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
    League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
    Malwarebytes Anti-Malware version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes Corporation)
    Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 38.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 nl)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
    Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: - Qualcomm Atheros Communications)
    Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Spotify (HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\...\Spotify) (Version: - Spotify AB)
    Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
    Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
    Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== Restore Points =========================

    17-05-2015 17:25:05 Installed Microsoft Visual C++ 2005 Redistributable (x64)
    26-05-2015 15:18:12 avast! antivirus system restore point

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2012-07-26 07:26 - 2015-05-20 23:18 - 00001001 ____N C:\WINDOWS\system32\Drivers\etc\hosts thislineskipsanyemptylines mirillis.com www.mirillis.com serwer2.paka-service.com ns386119.ovh.net mirillis.pl

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {13BEDC52-5356-41E4-A102-0B44F7E38165} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
    Task: {16F58D1C-6B57-4750-B781-C836C9C5FE87} - System32\Tasks\R@1n-KMS\Office15x64ProP => wmic
    Task: {3C327C9E-7526-4E25-8ABD-9F7D6C93A8CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
    Task: {3F9F3ECB-D53D-4068-AF34-F3C39D1A83D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {895DA87E-805D-4C12-B1CB-FF34A015E750} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-06-02] (Enigma Software Group USA, LLC.)
    Task: {90BB94D8-B794-48CB-AA80-B6383E5B7B3D} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
    Task: {9AEF8C1E-5CF1-4067-A98F-8865B31CEA86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {A67A6EFB-2D9B-489D-B981-3429A2DEA768} - System32\Tasks\Bidaily Synchronize Task[pr] => c:\programdata\{10b7b995-cf23-ad39-10b7-7b995cf2e657}\re-loader_1.2_final.rar.exe <==== ATTENTION
    Task: {FD2CEA31-1CB8-4AD5-B9AC-273948F134FB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-26] (AVAST Software)
    Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job => c:\programdata\{10b7b995-cf23-ad39-10b7-7b995cf2e657}\re-loader_1.2_final.rar.exe <==== ATTENTION

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-18 16:46 - 2015-05-18 16:46 - 00022528 _____ () C:\Windows\KMS-QAD.exe
    2012-10-01 20:34 - 2012-10-01 20:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2015-05-26 15:20 - 2015-05-26 15:20 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2015-05-26 15:20 - 2015-05-26 15:20 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2012-07-26 09:58 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
    2012-10-29 06:16 - 2012-10-23 05:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2015-02-28 03:23 - 2015-02-28 03:23 - 00022824 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
    2012-08-11 04:28 - 2012-08-11 04:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
    2014-01-21 17:54 - 2015-05-17 17:27 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    2015-05-28 21:36 - 2015-05-28 21:36 - 02362872 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe
    2015-05-28 21:36 - 2015-05-28 21:36 - 03919864 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\\deploy\LoLPatcher.exe
    2015-05-17 17:36 - 2015-05-17 17:36 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exe
    2015-05-18 16:46 - 2015-05-18 16:46 - 00005120 _____ () C:\WINDOWS\QAD-Hook.exe
    2015-05-18 16:46 - 2015-05-18 16:46 - 00003584 _____ () C:\WINDOWS\QAD-Hook.dll
    2015-05-26 15:29 - 2014-03-14 08:00 - 00695808 _____ () C:\Program Files\AVAST Software\Avast\VERSION.dll
    2015-06-02 14:52 - 2015-06-02 14:52 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060200\algo.dll
    2015-05-26 15:20 - 2015-05-26 15:20 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2011-06-12 15:09 - 2011-06-12 15:09 - 00038400 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd
    2011-06-12 15:09 - 2011-06-12 15:09 - 00720896 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd
    2014-01-23 13:37 - 2014-01-23 13:37 - 00036352 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd
    2012-02-07 18:37 - 2012-02-07 18:37 - 00098816 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd
    2012-02-07 18:35 - 2012-02-07 18:35 - 00110080 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll
    2012-02-07 18:38 - 2012-02-07 18:38 - 00358912 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll
    2012-02-07 18:42 - 2012-02-07 18:42 - 00266240 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd
    2011-06-12 15:06 - 2011-06-12 15:06 - 00287232 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd
    2011-06-12 15:06 - 2011-06-12 15:06 - 00106496 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd
    2010-10-11 00:23 - 2010-10-11 00:23 - 00723968 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd
    2011-01-18 23:56 - 2011-01-18 23:56 - 00334336 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd
    2011-06-12 15:06 - 2011-06-12 15:06 - 00011776 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\select.pyd
    2011-06-12 15:06 - 2011-06-12 15:06 - 00152576 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd
    2011-06-12 15:06 - 2011-06-12 15:06 - 00688128 _____ () C:\Users\hugo\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd
    2015-05-26 15:20 - 2015-05-26 15:20 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2012-11-13 19:42 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
    2015-05-28 21:36 - 2015-05-28 21:36 - 01672696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\\deploy\RiotLauncher.dll
    2015-05-17 17:30 - 2015-05-17 17:30 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
    2012-10-01 20:33 - 2012-10-01 20:33 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\hugo\Downloads\loldrophackv16__7934_il309(1).exe:typelib

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hugo\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    HKU\S-1-5-21-2583284370-4071791723-3653827449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\hugo\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    DNS Servers:

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
    HKLM\...\StartupApproved\Run32: => "Dolby Home Theater v4"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{06C5B32C-DC99-4B0E-ABFE-EBD4EA11DCF4}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
    FirewallRules: [{A01F8104-FFB4-4B15-9ED5-7B9D29C34FC8}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    FirewallRules: [{6E2301DE-C363-4FE2-B806-C6D225852DAD}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
    FirewallRules: [{FD020762-B806-4363-82A1-777EC17152B5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
    FirewallRules: [{44B6D0AD-2FAD-4FCF-890F-A2BA9C491635}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
    FirewallRules: [{FCAA457F-271C-41D2-81D4-A6A8590ED400}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
    FirewallRules: [{2484B05B-84F8-4D44-9EA6-61A3BED4DDD4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
    FirewallRules: [{BF3E45D2-35E0-4649-A3E6-0D2F260B97BA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
    FirewallRules: [{68895981-5661-42F3-B8CB-DBDEBFA2057B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
    FirewallRules: [{F7A05CE6-D1D6-4E47-87C3-18D687D1159E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
    FirewallRules: [{8A63CCB9-E34D-4432-90C1-6B9A7A35CA4F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
    FirewallRules: [{685FDB32-84ED-47D6-9102-BDAE2BD3E388}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
    FirewallRules: [{99F01D37-5AA3-4655-9DF6-8C3597C4FC15}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
    FirewallRules: [{C8B527EE-1E09-4CD8-89AD-F4DF6AFC9315}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
    FirewallRules: [{18CE292C-0120-4EAB-8A95-359DE93E6A0D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
    FirewallRules: [{BA7CFF1F-DE81-4FA2-ADD5-7D137629D341}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{DC1B588F-359A-4924-8345-A1F4B26C3285}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{C77EDA70-43E8-411F-ACAF-E1C75E362DC9}] => (Allow) C:\Users\hugo\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{0B4C8F89-8DCF-4E89-A24A-83B3337DB3BE}] => (Allow) C:\Users\hugo\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{D507B54F-D727-4C4C-B4E0-FF2FC969924D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
    FirewallRules: [{278FAD10-26E7-466A-9E45-BEAA0DD9A637}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
    FirewallRules: [{6758D962-7D16-4A6B-A6E8-8B86B29F80D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{DB29A1EA-11B1-4464-B798-C08106DDE118}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{CF520C60-1181-45D5-8917-1E2CAEBF0DD0}] => (Allow) C:\Windows\KMS-QAD.exe
    FirewallRules: [{F5DAB228-0DA1-4295-A2CE-77802667B7AE}] => (Allow) C:\Windows\KMS-QAD.exe
    FirewallRules: [{2E917060-F584-461A-ACDD-08E4044BC280}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
    FirewallRules: [{BD0EB79D-F54F-472D-9F5A-D0896A794D32}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
    FirewallRules: [{1C382281-4126-4699-8C9C-593519C9D2D3}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
    FirewallRules: [{50B57F0B-5E63-4741-90EE-FA6DC0C726DD}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
    FirewallRules: [TCP Query User{DE79BC85-BB55-4F87-B51C-62D115F29524}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
    FirewallRules: [uDP Query User{16A5F075-94D4-47A8-AEB0-91FA22FC9424}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
    FirewallRules: [TCP Query User{4FAF1412-8EB5-41E3-BB85-66FD4BED92AA}C:\users\hugo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hugo\appdata\roaming\spotify\spotify.exe
    FirewallRules: [uDP Query User{ECB884FD-D15B-4F4D-84DF-A2AAE828E265}C:\users\hugo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hugo\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{E82421B4-6D07-457E-95F9-BA55014D258F}C:\users\hugo\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\hugo\appdata\roaming\acestream\engine\ace_engine.exe
    FirewallRules: [uDP Query User{030C0F4D-6E13-419F-8C99-92B4077F2B26}C:\users\hugo\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\hugo\appdata\roaming\acestream\engine\ace_engine.exe
    FirewallRules: [{7F1632F5-421E-4C5E-982C-786BCF25801E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{5FEB9081-A6DF-4FA4-88FE-83D238E48807}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================

    Application errors:
    Error: (06/02/2015 03:57:06 PM) (Source: ETDService) (EventID: 0) (User: )
    Description: ETDServiceCreateInteractiveProcess failed w/err 0x000003f0

    Error: (06/02/2015 03:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: League of Legends.exe, version:, time stamp: 0x555f6b59
    Faulting module name: League of Legends.exe, version:, time stamp: 0x555f6b59
    Exception code: 0xc0000409
    Fault offset: 0x00d12cd7
    Faulting process id: 0x1490
    Faulting application start time: 0xLeague of Legends.exe0
    Faulting application path: League of Legends.exe1
    Faulting module path: League of Legends.exe2
    Report Id: League of Legends.exe3
    Faulting package full name: League of Legends.exe4
    Faulting package-relative application ID: League of Legends.exe5

    Error: (06/01/2015 09:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: rads_user_kernel.exe, version:, time stamp: 0x4e65c1ac
    Faulting module name: rads_user_kernel.exe, version:, time stamp: 0x4e65c1ac
    Exception code: 0xc0000005
    Fault offset: 0x000b8554
    Faulting process id: 0x414
    Faulting application start time: 0xrads_user_kernel.exe0
    Faulting application path: rads_user_kernel.exe1
    Faulting module path: rads_user_kernel.exe2
    Report Id: rads_user_kernel.exe3
    Faulting package full name: rads_user_kernel.exe4
    Faulting package-relative application ID: rads_user_kernel.exe5

    Error: (06/01/2015 06:43:49 PM) (Source: Adobe Reader) (EventID: 16) (User: )

    Error: (05/29/2015 10:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: LolClient.exe, version:, time stamp: 0x515663e0
    Faulting module name: WebKit.dll, version: 6531.9.0.0, time stamp: 0x51566370
    Exception code: 0xc0000005
    Fault offset: 0x000a9965
    Faulting process id: 0x2490
    Faulting application start time: 0xLolClient.exe0
    Faulting application path: LolClient.exe1
    Faulting module path: LolClient.exe2
    Report Id: LolClient.exe3
    Faulting package full name: LolClient.exe4
    Faulting package-relative application ID: LolClient.exe5

    Error: (05/26/2015 03:33:42 PM) (Source: VSS) (EventID: 12294) (User: )
    Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
    Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000079C2E22F80).

       Get Shadow Copy Properties

       Execution Context: Coordinator

    Error: (05/26/2015 03:31:07 PM) (Source: ETDService) (EventID: 0) (User: )
    Description: ETDServiceCreateInteractiveProcess failed w/err 0x000003f0

    Error: (05/26/2015 03:27:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    Error: (05/26/2015 03:26:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    Error: (05/26/2015 03:18:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    System errors:
    Error: (06/02/2015 03:56:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0

    Error: (06/02/2015 03:56:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Software Protection service terminated with the following error:

    Error: (06/02/2015 03:09:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The esgiguard service failed to start due to the following error:

    Error: (06/02/2015 03:09:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\hugo\AppData\Local\Temp\RarSFX0\esgiguard.sys

    Error: (06/01/2015 07:04:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee SiteAdvisor Service service failed to start due to the following error:

    Error: (06/01/2015 07:03:37 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0

    Error: (06/01/2015 07:03:59 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 18:49:13 on ‎1-‎6-‎2015 was unexpected.

    Error: (05/26/2015 04:17:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (05/26/2015 03:31:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The McAfee SiteAdvisor Service service failed to start due to the following error:

    Error: (05/26/2015 03:30:32 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0

    Microsoft Office:
    Error: (06/02/2015 03:57:06 PM) (Source: ETDService) (EventID: 0) (User: )
    Description: ETDServiceCreateInteractiveProcess failed w/err 0x000003f0

    Error: (06/02/2015 03:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c000040900d12cd7149001d09d355c02be80C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\\deploy\League of Legends.exe9a561a78-092b-11e5-be77-20689dfa0e02

    Error: (06/01/2015 09:26:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b855441401d09ca0cc9162d4C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe147ce1e2-0894-11e5-be77-20689dfa0e02

    Error: (06/01/2015 06:43:49 PM) (Source: Adobe Reader) (EventID: 16) (User: )

    Error: (05/29/2015 10:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: LolClient.exe0.0.0.0515663e0WebKit.dll6531.9.0.051566370c0000005000a9965249001d09a1c5e12c6d2C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exeC:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll5933ce7a-0645-11e5-be76-20689dfa0e02

    Error: (05/26/2015 03:33:42 PM) (Source: VSS) (EventID: 12294) (User: )
    Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000079C2E22F80)

       Get Shadow Copy Properties

       Execution Context: Coordinator

    Error: (05/26/2015 03:31:07 PM) (Source: ETDService) (EventID: 0) (User: )
    Description: ETDServiceCreateInteractiveProcess failed w/err 0x000003f0

    Error: (05/26/2015 03:27:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    Error: (05/26/2015 03:26:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    Error: (05/26/2015 03:18:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    AddLegacyDriverFiles: Unable to back up image of binary khzatoac.

    System Error:
    The system cannot find the file specified.

    ==================== Memory info ===========================

    Processor: Intel® Core i3-2328M CPU @ 2.20GHz
    Percentage of memory in use: 59%
    Total physical RAM: 3912.27 MB
    Available physical RAM: 1601.07 MB
    Total Pagefile: 11912.27 MB
    Available Pagefile: 9234.22 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.78 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:443.61 GB) (Free:374.17 GB) NTFS

    ==================== MBR & Partition Table ==================

    Disk: 0 (Size: 465.8 GB) (Disk ID: 011599F4)

    Partition: GPT Partition Type.

    ==================== End of log ============================

  3. So here is my problem: When i plug in my internet cable or turn on my wifi when it wasn't in/on Avast starts popping up these messages, a total of 16 or 18. Saying there's a virus in SVCHost.exe and it's a URL:mal but i ran various adw cleaners and more but it's not working, please can someone help me?

