
Zoek.exe v5.0.0.0 Updated 03-September-2014
Tool run by Acer on do 04/09/2014 at  6:34:55,49.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer\Desktop\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

4/09/2014 6:42:08 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Allin1Convert_8hService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Allin1Convert_8hService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MapsGalaxy_39Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.0 deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~2\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\Program Files\Allin1Convert_8h deleted
C:\Program Files\BittorrentBar_NL deleted
C:\Users\Acer\appdata\locallow\BittorrentBar_NL deleted
C:\Program Files\Java deleted
C:\Users\Acer\appdata\locallow\Allin1Convert_8h deleted
C:\Users\Acer\AppData\Local\MapsGalaxy_39 deleted
C:\Users\Acer\appdata\locallow\MapsGalaxy_39 deleted
C:\PROGRA~2\eSellerate deleted
C:\Program Files\GUM74B2.tmp deleted
C:\Program Files\GUMD75A.tmp deleted
C:\Program Files\Convesoft deleted
C:\Program Files\FunWebProducts deleted
C:\Program Files\MyWebSearch deleted
C:\Program Files\Ask.com deleted
C:\Program Files\AskPartnerNetwork deleted
C:\extensions deleted
C:\Users\Acer\AppData\Roaming\Uniblue deleted
C:\Users\Acer\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\Acer\AppData\Roaming\sweet-page deleted
C:\Users\Acer\AppData\Roaming\Sammsoft deleted
C:\Users\Acer\AppData\Roaming\Systweak deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\AskPartnerNetwork deleted
C:\PROGRA~2\APN deleted
C:\PROGRA~2\IePluginServices deleted
C:\PROGRA~2\WinMaximizer deleted
C:\PROGRA~2\AVG Secure Search deleted
C:\PROGRA~2\WindowsMangerProtect deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Acer\AppData\Local\APN deleted
C:\Users\Acer\AppData\Local\AVG Secure Search deleted
C:\Users\Acer\AppData\Local\IAC deleted
C:\Users\Acer\AppData\Local\PackageAware deleted
C:\Users\Acer\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Acer\AppData\LocalLow\IAC deleted
C:\Users\Acer\AppData\LocalLow\MyWebSearch deleted
C:\Users\Acer\AppData\LocalLow\AskToolbar deleted
C:\Users\Acer\AppData\LocalLow\PriceGong deleted
C:\Users\Acer\AppData\LocalLow\Conduit deleted
C:\Users\Acer\AppData\LocalLow\FunWebProducts deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\roboot.exe deleted
C:\Windows\System32\SearchProtect deleted
C:\Users\Acer\Documents\Optimizer Pro deleted
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
"C:\Windows\Installer\3d6be4.msi" deleted
"C:\Users\Acer\AppData\Local\{C9D661AE-F147-4947-85A6-17CC7968C5BA}" deleted
"C:\ProgramData\o4368LaHiEmA4053" deleted
"C:\Program Files\SupTab\Loader32.exe" deleted
"C:\Program Files\SupTab\msvcp110.dll" deleted
"C:\Program Files\SupTab\msvcr110.dll" not deleted
"C:\Program Files\SupTab\WindowsSupportDll32.dll" deleted
"C:\Program Files\AVG Secure Search\vprot.exe" deleted
"C:\Program Files\AVG Secure Search\vprot.exe" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\APPINTEGRATOR.EXE" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\APPINTEGRATORSTUB.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\ASSISTMONITOR.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\APPINTEGRATOR.EXE" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\APPINTEGRATORSTUB.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\ASSISTMONITOR.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL" deleted
"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\18.0.0\avgdttbx.dll" deleted
"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\SiteSafety.dll" deleted
"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll" deleted
"C:\Users\Acer\AppData\Roaming\LiveKit" deleted
"C:\Users\Acer\AppData\Roaming\Samsung" deleted
"C:\Program Files\MapsGalaxy_39" not deleted
"C:\Program Files\MapsGalaxy_39" not deleted
"C:\Program Files\SupTab" not deleted
"C:\Program Files\AVG Secure Search" deleted
"C:\Program Files\AVG Secure Search" deleted
"C:\Program Files\Common Files\AVG Secure Search" deleted
"C:\Program Files\MapsGalaxy_39\bar" not deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin" not deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists\ie_default_search_provider" deleted
"C:\Program Files\MapsGalaxy_39\bar" not deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin" not deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists" deleted
"C:\Program Files\MapsGalaxy_39\bar\1.bin\assists\ie_default_search_provider" deleted
"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" deleted
"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" deleted
"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\18.0.0" deleted
"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0" deleted
"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Acer\AppData\Local\Temp ====
2014-09-02 13:19:16	A06ED9FCD8F114E270AA64C46063D8C3	552214	----a-r-	C:\Users\Acer\AppData\Local\Temp\{3BFF12DF-66F2-4566-96CF-E6E75C830519}\ISSetup.dll
2014-09-02 13:12:03	45AB10ACEB68BD32D107CDC1BC615A01	313856	----a-w-	C:\Users\Acer\AppData\Local\Temp\{9569E30D-A603-4874-A096-8B43F2F19DF3}\{40580068-9B10-40B5-9548-536CE88AB23C}\difxapi.dll
2014-09-02 13:12:00	ABA37CD7FE50EE3D51BBA1884AB32011	492032	----a-r-	C:\Users\Acer\AppData\Local\Temp\{BEB59CF5-1CEA-4F71-9E0C-017567CA75C1}\ISSetup.dll
2014-09-02 08:32:36	C9E569480875089A7814C8784144A3AF	20406840	----a-w-	C:\Users\Acer\AppData\Local\Temp\Messenger_20.0.0001_0\SkypeSetupFull(6.3.73.105)(Trackable457)trackable.exe
2014-09-02 08:15:53	57677B56DBD1D07BE20109ED5C2CD577	1850368	----a-w-	C:\Users\Acer\AppData\Local\Temp\09021015-00001e60-6yenb02wwk\dw20shared.msi
2014-09-02 08:15:49	1C26A77F50BFCA590760BDAC24E84E03	4680704	----a-w-	C:\Users\Acer\AppData\Local\Temp\09021015-00001e60-1ci3zfsp4u\crt90.msi
2014-09-02 08:15:47	B6874AF023443AD4BFF84DDD4A219AA7	659456	----a-w-	C:\Users\Acer\AppData\Local\Temp\09021015-00001e60-k5f9kdmj0b\crt110.msi
2014-09-02 08:15:42	9F91BD1204ABAD23916CEA89E0A6502B	8466432	----a-w-	C:\Users\Acer\AppData\Local\Temp\09021015-00001e60-olsxbec394\WLXSuite.msi
2014-09-02 08:05:40	848C92FE4CA42367B63875FF6789A858	5624256	----a-w-	C:\Users\Acer\AppData\Local\Temp\pcspeedup.exe
2014-09-02 07:45:03	B6F30625972B2B23418D478E6E2B7688	10432512	----a-w-	C:\Users\Acer\AppData\Local\Temp\SkypeToolbars.msi
2014-09-02 07:44:20	F56C9E0A0944C9C0AA17BB23530EBD32	26509312	----a-w-	C:\Users\Acer\AppData\Local\Temp\Skype.msi
2014-09-02 05:45:08	B2994EC6452DBD04E57828EEFEDFB93C	204800	----a-w-	C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
2014-09-02 04:37:59	E073F2C0217B84223CD5CD2790AA93D3	16340144	----a-w-	C:\Users\Acer\AppData\Local\Temp\nw3712_27234\plugins\NPSWF32_13_0_0_168.dll
2014-09-02 04:37:57	DE3DD2C419C7B383E6FD7997A782D5D1	95232	----a-w-	C:\Users\Acer\AppData\Local\Temp\nw3712_27234\node_modules\gameo_utils\build\Release\gameo_utils.dll
2014-09-02 04:37:57	7A84009415827C6FC764B00F501654E8	402432	----a-w-	C:\Users\Acer\AppData\Local\Temp\nw3712_27234\node_modules\goldengate\build\Release\goldengate.dll
====== Java Cache =====
2014-08-23 16:17:02	F12B4ACE189A256C81D635EB760C5406	16438	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\4bdf1a01-6e6a8f12
2014-08-23 16:17:02	16B71E0B431E01F0B120F44A3122DC16	71787	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\67aa949d-5dc72d17
2014-08-23 16:16:59	58BAD61E68E333FD8F562F5ED8E068AE	38	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\30b3f0f1-bea1710eb6fb0cb57f15692817fddb5a34503d735f91559e197c83c03929955e-6.0.lap
====== C:\Windows\system32 =====
2014-09-02 13:14:19	FA546225A5A1D7B06EA0639C03D96ED3	19456	----a-w-	C:\Windows\System32\nvhdap32.dll
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	----a-w-	C:\Windows\System32\nvuhda.exe
2014-09-02 13:14:19	CC85401C90662E04004620EC0F5482EB	57344	----a-w-	C:\Windows\System32\nvapo32v.dll
2014-09-02 13:14:19	4E2DED1F6BC665534EFF8E68386CAB27	1407	----a-w-	C:\Windows\System32\nvhda.nvu
2014-09-02 13:14:16	B3C3DC96AB8830FEE17F8858DF19B183	143360	----a-w-	C:\Windows\System32\nvcohda.dll
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	----a-w-	C:\Windows\System32\nvudisp.exe
2014-09-02 13:12:33	D8C62428C4D9EE744468ADD6662E1E61	10155	----a-w-	C:\Windows\System32\nvdisp.nvu
2014-08-28 03:59:20	DBF9369D554A229DB0D554BB95A4B0AA	305152	----a-w-	C:\Windows\System32\gdi32.dll
2014-08-28 03:59:20	7DA17C38F8B8F2E89F52C1A08FD447EB	2352640	----a-w-	C:\Windows\System32\win32k.sys
2014-08-23 15:09:18	EC6E2DB67695966DF22CF5EBEFC1D305	2425856	----a-w-	C:\Windows\System32\wucltux.dll
2014-08-23 15:09:18	D9B0134913E5EF007AF82A418C503322	1973728	----a-w-	C:\Windows\System32\wuaueng.dll
2014-08-23 15:09:18	459E257F8915D44B23ACB46211FD45D0	45536	----a-w-	C:\Windows\System32\wups2.dll
2014-08-23 15:09:18	072678E0D68E9C3A7960328671134C7B	54240	----a-w-	C:\Windows\System32\wuauclt.exe
2014-08-23 15:09:07	867148EBF47E7E7E7B21C07B4A981929	581600	----a-w-	C:\Windows\System32\wuapi.dll
2014-08-23 15:09:07	372218B80DEF827063049EBEE76B7501	92672	----a-w-	C:\Windows\System32\wudriver.dll
2014-08-23 15:09:07	255F0417EC31C71585824269522EC8E9	36320	----a-w-	C:\Windows\System32\wups.dll
2014-08-23 15:08:59	F419D738BD2AE58D9DF2F9FEB5F43842	33792	----a-w-	C:\Windows\System32\wuapp.exe
2014-08-23 15:08:59	5AA2CAD923E9E647276A61387E83DDD0	179656	----a-w-	C:\Windows\System32\wuwebv.dll
====== C:\Windows\system32\drivers =====
2014-09-02 14:01:47	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\drivers\btwl2cap.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	----a-w-	C:\Windows\System32\drivers\fssfltr.sys
2014-08-14 07:22:38	3583A5A8CC2E682BFFBD4630D0FEC08B	730048	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-14 07:22:38	0EC652D17AB4607745FB4E6958E8FAB6	219072	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
====== C:\Windows\Tasks ======
2014-09-02 10:12:35	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{9AFF7D45-DE93-4674-ACEF-7255D4F714F7}
2014-09-02 10:06:16	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{83B1FC0A-13EA-4B7F-842E-94B1BEEE37B3}
2014-09-02 10:05:54	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{517AEA55-1E3C-47DF-8D4F-81F47C065FDD}
2014-09-02 10:03:39	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{1456FB5E-1FD4-4503-8AA8-30FDDA3FF036}
2014-09-02 09:54:30	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{6B13E6BD-E48F-4D5F-B111-B1108C4C545F}
2014-09-02 09:54:01	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{D9B3C760-9C76-4ECA-B7A3-2769AFFE0A39}
2014-09-02 08:48:39	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{A06AAA4A-D298-4F3E-8D0B-4B72B313A273}
2014-09-02 08:40:47	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{5D14B10B-4D29-4483-B427-991B02470FD6}
2014-09-02 08:33:52	21EDC6599F53A6312084FF28CB60ECFC	3074	----a-w-	C:\Windows\system32\Tasks\{16EC68E9-E1A9-4A02-B1CE-749E9B23B1E1}
2014-09-02 07:02:08	E9C48914C35643F2174A063B28E935EB	3266	----a-w-	C:\Windows\system32\Tasks\{21B65D70-515C-49BE-8B2D-C45609DD355E}
2014-09-02 06:31:38	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{2A1687F7-5ADC-4A54-B736-CDC04B2D1324}
2014-09-02 05:53:50	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{D7E003CA-DE42-4B3A-9D48-DFAA0E8E7978}
2014-09-02 05:47:37	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{4FAF2FBD-B43D-48D5-A82E-6C3D36069265}
2014-09-02 05:47:32	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{F2E6B8F8-4D25-4E46-BA6B-9C10EAE68D26}
2014-08-28 04:37:10	--------	d-----w-	C:\Windows\system32\Tasks\Apple
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-03 06:46:50	--------	d-----w-	C:\Program Files\Common Files\Intel
2014-09-03 06:46:50	--------	d-----w-	C:\Program Files\Cisco
2014-09-02 12:15:47	--------	d-----w-	C:\Program Files\trend micro
2014-09-02 08:25:56	--------	d-----w-	C:\Program Files\Microsoft OneDrive
2014-09-02 07:44:58	--------	d-----w-	C:\Program Files\Common Files\Skype
2014-09-02 07:44:58	--------	d-----r-	C:\Program Files\Skype
2014-09-02 04:38:27	--------	d-----w-	C:\Program Files\SupTab
2014-08-28 04:37:20	--------	d-----w-	C:\Program Files\Common Files\Apple
2014-08-28 04:37:08	--------	d-----w-	C:\Program Files\Apple Software Update
2014-08-28 04:34:39	--------	d-----w-	C:\Program Files\QuickTime
======= C: =====
====== C:\Users\Acer\AppData\Roaming ======
2014-09-02 13:09:42	--------	dc----w-	C:\Users\Acer\AppData\Local\MigWiz
2014-09-02 08:08:51	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan
2014-09-02 08:08:51	--------	d-----w-	C:\Users\Acer\AppData\Roaming\QuickScan
2014-09-02 07:45:10	--------	d-----w-	C:\Users\Acer\AppData\Local\Skype
2014-09-02 04:38:37	--------	d--h--w-	C:\Users\Acer\AppData\Roaming\GoldenGate
2014-09-02 04:37:54	--------	d-----w-	C:\Users\Acer\AppData\Local\Gameo
2014-09-02 04:37:48	--------	d-----w-	C:\Users\Acer\AppData\Roaming\Gameo
2014-09-02 04:37:45	--------	d-----w-	C:\Users\Acer\AppData\Roaming\sparta111
2014-09-02 04:37:38	--------	d-----w-	C:\Users\Acer\AppData\Local\Sparta
2014-08-28 10:20:46	--------	d-----w-	C:\Users\Acer\AppData\Roaming\Apple Computer
2014-08-28 04:37:10	--------	d-----w-	C:\Users\Acer\AppData\Local\Apple
2014-08-28 04:36:45	--------	d-----w-	C:\Users\Acer\AppData\Locallow\Apple Computer
2014-08-14 07:32:06	--------	d-----w-	C:\Users\Acer\AppData\Local\Adobe
====== C:\Users\Acer ======
2014-09-03 06:47:01	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-09-03 06:46:50	--------	d-----w-	C:\ProgramData\Intel
2014-09-02 13:19:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel� Matrix Storage Manager
2014-09-02 08:28:38	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-02 08:25:55	--------	d-----r-	C:\Users\Acer\OneDrive
2014-09-02 08:25:35	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2014-09-02 07:44:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 04:38:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-28 04:38:06	--------	d-----w-	C:\ProgramData\Apple Computer
2014-08-28 04:37:08	--------	d-----w-	C:\ProgramData\Apple

====== C: exe-files ==
2014-09-04 04:05:43	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Program Files\Google\Update\Install\{F04195E9-B35F-43FD-91ED-7DAA77B46B43}\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-04 04:05:43	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-03 06:06:57	2A1ACE54BF2F24B142D8A5A054DD9856	3929488	----a-w-	C:\Users\Acer\AppData\Local\NVIDIA\NvBackend\Packages\00006156\DAO.18829147.exe
2014-09-02 13:24:01	1C7B907A65D1D901C6EC884D9D559041	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4052097714-756531333-1263334913-1000\$I8ZC02U.exe
2014-09-02 13:23:57	FF8C5A3FE6254C2FFAC0D76CC0DC4535	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4052097714-756531333-1263334913-1000\$IA5ZNWL.exe
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	----a-w-	C:\Windows\System32\nvuhda.exe
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	------w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_5bc7b13e5adc40ba\nvuhda.exe
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	----a-w-	C:\Windows\System32\nvudisp.exe
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	------w-	C:\Windows\System32\DriverStore\FileRepository\nvac.inf_x86_neutral_c39ac30d1282369e\nvudisp.exe
2014-09-02 13:12:34	1229F167A73E4D6540E24748FF32C0D3	38199949	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvac.inf_x86_neutral_c39ac30d1282369e\NvCplSetupInt.exe
2014-09-02 12:15:47	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Acer.exe
2014-09-02 12:15:12	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4052097714-756531333-1263334913-1000\$RA5ZNWL.exe
2014-09-02 08:32:36	C9E569480875089A7814C8784144A3AF	20406840	----a-w-	C:\Users\Acer\AppData\Local\Temp\Messenger_20.0.0001_0\SkypeSetupFull(6.3.73.105)(Trackable457)trackable.exe
2014-09-02 08:25:56	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files\Microsoft OneDrive\OneDriveSetup.exe
2014-09-02 08:25:56	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5e954bc51cfc68704\onedrivesetup.exe
2014-09-02 08:25:54	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\OneDriveSetup.exe
2014-09-02 08:25:54	1553313A94B927B65FCD27635BF49866	257224	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
2014-09-02 08:25:39	9E419F97E88011FB18B26FAEE9E44FD8	78536	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveConfig.exe
2014-09-02 08:24:52	F5443547CAAC20AA334A88817579270F	525656	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5cd1a29c1cfc68703\DXSETUP.exe
2014-09-02 08:24:48	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5b3297d91cfc68702\DXSETUP.exe
2014-09-02 08:24:46	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\59e0c2681cfc68701\DXSETUP.exe
2014-09-02 08:05:40	EAAC9C55FE94EB3B4DBE74DC13409275	1243328	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4052097714-756531333-1263334913-1000\$R8ZC02U.exe
2014-09-02 08:05:40	848C92FE4CA42367B63875FF6789A858	5624256	----a-w-	C:\Users\Acer\AppData\Local\Temp\pcspeedup.exe
2014-09-02 07:43:56	82901D6179D63704B923B2CE1E8887C7	1677928	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6Z8SN2C\SkypeSetup.exe
2014-09-02 07:00:55	D1FD677582820AB3A60528EAC18FE31C	1243328	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6Z8SN2C\wlsetup-web.exe
2014-09-02 05:45:08	B2994EC6452DBD04E57828EEFEDFB93C	204800	----a-w-	C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
2014-09-02 05:11:27	D2323D5C570A20DDD09B845A5EDAC046	367448	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8B3NQSM\SoftonicDownloader_for_limewire-music (1).exe
2014-09-02 04:37:49	A92D5736DBAC456B4D4AE5FF3375D17D	41402880	----a-w-	C:\Users\Acer\AppData\Roaming\Gameo\gameo.exe
2014-09-02 04:30:58	D2323D5C570A20DDD09B845A5EDAC046	367448	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8B3NQSM\SoftonicDownloader_for_limewire-music.exe
2014-09-02 04:30:53	D2323D5C570A20DDD09B845A5EDAC046	367448	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F6X542PH\SoftonicDownloader_for_limewire-music[1].exe
=== C: other files ==
2014-09-02 13:19:24	D483687EACE0C065EE772481A96E05F5	330264	----a-w-	C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\DriverStore\FileRepository\btwl2cap.inf_x86_neutral_7c4fc8d21d4e5455\btwl2cap.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\drivers\btwl2cap.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwl2cap.sys
2014-09-02 13:15:28	07E4C74FD0125163263712F55D35FEDB	91176	----a-w-	C:\Windows\System32\DriverStore\FileRepository\btwsecfl.inf_x86_neutral_828e932bfdaba2ac\btwsecfl.sys
2014-09-02 13:15:28	07E4C74FD0125163263712F55D35FEDB	91176	----a-w-	C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwsecfl.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	------w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_5bc7b13e5adc40ba\nvhda32v.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	-c--a-w-	C:\Windows\System32\DRVSTORE\fssfltr_53B1A1E03F7FFD1D0FE056B8522FE410DEDAC734\fssfltr.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	----a-w-	C:\Windows\System32\drivers\fssfltr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe                                                                                                                                                                                                                      "
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"vProt"="C:\Program Files\AVG Secure Search\vprot.exe"
"ApnUpdater"="C:\Program Files\Ask.com\Updater\Updater.exe                                                                                                                                                                                                                           "
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
"ApnTBMon"="C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe                                                                                                                                                                                                      "
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
"MapsGalaxy EPM Support"="C:\PROGRA~1\MAPSGA~2\bar\1.bin\39medint.exe T8EPMSUP.DLL,S"
"MapsGalaxy Home Page Guard 32 bit"="C:\PROGRA~1\MAPSGA~2\bar\1.bin\AppIntegrator.exe"
"MapsGalaxy Search Scope Monitor"="C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe /m=2 /w /h"
"MapsGalaxy_39 Browser Plugin Loader"="C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"LManager"="C:\Program Files\Launch Manager\LManager.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe                                                                                                                                                                                                         "
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe                                                                                                                                                                                                                      "
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcadeDeluxeAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BkupTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BkupTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CLMLServer"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eAudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eAudio"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer\\Empowering Technology\\eAudio\\eAudio.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eDataSecurity Loader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eDataSecurity Loader"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSloader.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ePower_DMC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ePower_DMC"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Empowering Technology\\ePower\\ePower_DMC.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Desktop Search"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpqSRMon"
"hkey"="HKLM"
"command"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IAAnotif"
"hkey"="HKLM"
"command"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kernel and Hardware Abstraction Layer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Kernel and Hardware Abstraction Layer"
"hkey"="HKLM"
"command"="KHALMNPR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mcui_exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcui_exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe\" /runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCplDaemon"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PlayMovie"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PLFSetI"
"hkey"="HKLM"
"command"="C:\\Windows\\PLFSetI.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RegistryBooster]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RegistryBooster"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Uniblue\\RegistryBooster\\launcher.exe\" delay 20000 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="RtHDVCpl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skytel"
"hkey"="HKLM"
"command"="Skytel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Start WingMan Profiler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Start WingMan Profiler"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\Gaming Software\\LWEMon.exe /noui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WarReg_PopUp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WarReg_PopUp"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\WR_PopUp\\WarReg_PopUp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZPdtWzdVitaKey MC3000]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ZPdtWzdVitaKey MC3000"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer\\Acer Bio Protection\\PdtWzd.exe\" show"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk"
"backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe "
"item"="BTTray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Hp\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech SetPoint.lnk"
"backup"="C:\\Windows\\pss\\Logitech SetPoint.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Logitech\\SetPoint\\SetPoint.exe "
"item"="Logitech SetPoint"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Acer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
"path"="C:\\Users\\Acer\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech . Productregistratie.lnk"
"backup"="C:\\Windows\\pss\\Logitech . Productregistratie.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Logishrd\\eReg\\Common\\eReg.exe /remind /language=NLB /_WFM=\".\""
"item"="Logitech . Productregistratie"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Allin1Convert Search Scope Monitor"="\"C:\\PROGRA~1\\ALLIN1~2\\bar\\1.bin\\8hsrchmn.exe\" /m=2 /w /h"
"NvBackend"="\"C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""
"Allin1Convert EPM Support"="\"C:\\PROGRA~1\\ALLIN1~2\\bar\\1.bin\\8hmedint.exe\" T8EPMSUP.DLL,S"
"Allin1Convert_8h Browser Plugin Loader"="C:\\Program Files\\Allin1Convert_8h\\bar\\1.bin\\8hbrmon.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"


==== Startup Folders ======================

2014-04-30 11:33:20	1230	----a-w-	C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2014-09-02 13:15:14	834	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2014-05-02 10:19:26	2033	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/08/2014 09:24]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2010 14:52]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2010 14:52]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{1BB12666-B7D0-4961-838D-72165F840DAA}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{12740C8E-7D67-444F-9559-DE034C749C30}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{1456FB5E-1FD4-4503-8AA8-30FDDA3FF036}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{16EC68E9-E1A9-4A02-B1CE-749E9B23B1E1}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM]
"C:\Windows\system32\tasks\{18048041-5AC3-49D8-8BBD-ECEE5EED764D}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{1F7E15A0-7386-4EA6-99EF-57E3E6A86511}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{23D80A22-E86A-459D-9C9D-1920920F2118}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{28958087-2005-484E-83BA-121E2D87F2D6}" ["c:\program files\internet explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=12029]
"C:\Windows\system32\tasks\{2A1687F7-5ADC-4A54-B736-CDC04B2D1324}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{2B1112AA-655F-4ABF-BDB0-4F1643AEE5D4}" [C:\Program Files\AVAST Software\Avast\AvastUI.exe]
"C:\Windows\system32\tasks\{343FC627-4F14-42CA-820C-A285CB1800A2}" [C:\Users\Acer\Downloads\setup_av_free.exe]
"C:\Windows\system32\tasks\{36F79ADC-1C33-41C5-B8DA-68B925006982}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{3B62CBEA-5115-470F-BC5C-E392FA50C981}" ["c:\program files\internet explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=12029]
"C:\Windows\system32\tasks\{4536A1C7-A22E-4A11-BEA2-70EB9626BE5F}" [C:\Program Files\Common Files\Logishrd\eReg\Common\eReg.exe]
"C:\Windows\system32\tasks\{4FAF2FBD-B43D-48D5-A82E-6C3D36069265}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{5115CBA8-71F9-48BA-B2BB-82D3F57354D1}" [C:\Users\Acer\Downloads\setup_av_free.exe]
"C:\Windows\system32\tasks\{517AEA55-1E3C-47DF-8D4F-81F47C065FDD}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{5D14B10B-4D29-4483-B427-991B02470FD6}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{66562133-F089-407D-9E3D-8CAFA1968170}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{6B13E6BD-E48F-4D5F-B111-B1108C4C545F}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{73F94CF3-2DA0-48A3-9F83-4DF4F7FAB7BF}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{765558D4-C397-4E40-BE1A-6F32CB52A8CF}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{80C55725-358D-4003-9329-157BDD3A6A10}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{80D9BFF9-E775-42CF-A657-92592B93E1D1}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{83B1FC0A-13EA-4B7F-842E-94B1BEEE37B3}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{86516E4C-F78F-482E-9720-58B1E0D0AABC}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{99066AFA-CA77-4935-842F-76000CC7AD11}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{9AFF7D45-DE93-4674-ACEF-7255D4F714F7}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{A06AAA4A-D298-4F3E-8D0B-4B72B313A273}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{B1547638-71AC-40D1-B358-50F297D4BBFF}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{B32DB912-7011-4B24-B05B-636D14F2DD79}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{B3697921-B60C-4F70-9095-4B149AAABFEB}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{D7E003CA-DE42-4B3A-9D48-DFAA0E8E7978}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{D9AFCFD1-3CBE-4A41-94E9-5A61C8DF755B}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{D9B3C760-9C76-4ECA-B7A3-2769AFFE0A39}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F2E6B8F8-4D25-4E46-BA6B-9C10EAE68D26}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F5E4B8A3-7967-4CB8-90BC-638CA535BC65}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F9702297-3971-44E2-8FC7-15E9F3C5BEA6}" [C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/05/2014 12:22]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/05/2014 12:22]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/03/2012 02:12]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx[]

Google Docs - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF",
"startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF" ],

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"browser":{"window_placement":{"bottom":1070,"left":10,"maximized":false,"right":955,"top":10,"work_area_bottom":1080,"work_area_left":0,"work_area_right":1920,"work_area_top":0}},"countryid_at_install":16965,"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"UTF-8","icon_url":"http://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}&ion=1{searchTerms}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":false,"system_level":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["http://tools.google.com/",["http://fonts.googleapis.com/",2.60370040,"http://themes.googleusercontent.com/",2.60370040,"http://tools.google.com/",3.924981199999999,"http://www.google-analytics.com/",2.27338020,"http://www.google.com/",3.264340799999999]],["http://www.avast.com/",["http://an.avast.com/",2.60370040,"http://dnn506yrbagrg.cloudfront.net/",2.27338020,"http://static.avast.com/",3.264340799999999,"http://www.google-analytics.com/",2.60370040]],["https://plusone.google.com/",["https://apis.google.com/",2.27338020,"https://plusone.google.com/",2.60370040]],["https://s.ytimg.com/",["https://i1.ytimg.com/",2.60370040,"https://s.ytimg.com/",2.27338020]],["https://support.google.com/",["https://apis.google.com/",2.27338020,"https://fonts.googleapis.com/",2.60370040,"https://plusone.google.com/",2.93402060,"https://ssl.google-analytics.com/",2.93402060,"https://ssl.gstatic.com/",2.27338020,"https://support.google.com/",4.585621599999999,"https://themes.googleusercontent.com/",2.60370040,"https://www.google.com/",8.879784199999998,"https://www.youtube.com/",2.60370040]],["https://www.youtube.com/",["https://s.ytimg.com/",3.594660999999999]]],"startup_list":[1,"http://an.avast.com/","http://dnn506yrbagrg.cloudfront.net/","http://fonts.googleapis.com/","http://static.avast.com/","http://themes.googleusercontent.com/","http://tools.google.com/","http://www.avast.com/","http://www.google-analytics.com/","http://www.google.com/","https://program.avast.com/"]},"download":{"extensions_to_open":""},"extensions":{"settings":{"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"app_launcher_index":0,"from_bookmark":true,"from_webstore":false,"install_time":"12975955846874828","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"http://www.youtube.com/"},"web_content":{"enabled":true,"origin":"http://www.youtube.com"}},"description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","update_url":"http://clients2.google.com/service/update2/crx","version":"4.2"},"page_index":0,"path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2_0","state":1},"coobgpohoikkiipiblmjeljniedjpjpf":{"app_launcher_index":2,"from_bookmark":true,"from_webstore":false,"install_time":"12975955851043904","location":2,"manifest":{"app":{"launch":{"web_url":"http://www.google.com/?source=search_app"},"urls":["*://www.google.com/?source=search_app","*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"nl","default_locale":"en","description":"De snelste manier om op internet te zoeken.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Zoeken","update_url":"http://clients2.google.com/service/update2/crx","version":"0.0.0.14"},"page_index":0,"path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.14_0","state":1},"pjkljhegncpnkpknbcohdijeoejaedia":{"active_permissions":{"api":["notifications"]},"app_launcher_index":1,"from_bookmark":true,"from_webstore":false,"install_time":"12975955850632904","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png","24":"24.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"6.1.3"},"page_index":0,"path":"pjkljhegncpnkpknbcohdijeoejaedia\\6.1.3_0","state":1}}},"homepage":"http://www.google.com","homepage_is_newtabpage":false,"net":{"http_server_properties":{"fonts.googleapis.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"plusone.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"ssl.google-analytics.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"ssl.gstatic.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"support.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"themes.googleusercontent.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"www.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"www.youtube.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true}}},"ntp":{"promo_build":0,"promo_closed":false,"promo_end":1323071940.0,"promo_feature_mask":0,"promo_group":8,"promo_group_max":0,"promo_group_timeslice":0,"promo_is_logged_in_to_plus":false,"promo_line":"<a href=\"http://www.google.nl/chromebook/index.html#utm_campaign=nl&utm_source=nl-ntp-holidays-nl-bkws&utm_medium=ntp-holidays\">Ontdek Chromebooks</a> – de computer met Chrome.","promo_platform":0,"promo_resource_cache_update":"1331482250.648904","promo_start":1321862280.0,"promo_views":0,"promo_views_max":0,"sign_in_promo":{"group_max":100}},"profile":{"exited_cleanly":true},"session":{"restore_on_startup":null,"urls_to_restore_on_startup":null}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.zita.be/"
"Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF&q={searchTerms}"
"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF&q={searchTerms}"
"Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF"
"Start Page"="http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.zita.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GUEA_nlBE572"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ECE53735164E0DF47B24323A2534D6A3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\decryption.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\edstbmngr.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\framework.launcher.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsx.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lwemon.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mydriveconnect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shell.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall mydriveconnect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{53735ECE-E461-4FD0-B742-23A352436D3A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90024193-9F13-4877-89D5-A1CDF0CBBF28} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Internet Explorer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BittorrentBar_NL Toolbar deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ECE53735164E0DF47B24323A2534D6A3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\587E5A317915DAE4E83E6D0672E194CB deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\3914200931F97784985D1ADC0FBCFB82 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster deleted successfully

==== Empty IE Cache ======================

C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2492 folders=469 489226468 bytes)

==== Empty Temp Folders ======================

C:\Users\Acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\SupTab\msvcr110.dll"  not found
"C:\Program Files\MapsGalaxy_39"  not found
"C:\Program Files\MapsGalaxy_39"  not found
"C:\Program Files\SupTab"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on do 04/09/2014 at  7:10:13,54 ======================