
Zoek.exe v5.0.0.0 Updated 03-September-2014
Tool run by Acer on do 04/09/2014 at  9:13:29,49.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-09-04-051013.log	71786 bytes

==== Empty Folders Check ======================

C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\eSobi deleted successfully
C:\Program Files\Hewlett-Packard deleted successfully
C:\Program Files\JLC's Software deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\MyHeritage deleted successfully
C:\Program Files\SlySoft deleted successfully
C:\Program Files\W3i, LLC deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\Users\Acer\AppData\Roaming\.# deleted successfully
C:\Users\Acer\AppData\Roaming\CameraWindowDC deleted successfully
C:\Users\Acer\AppData\Roaming\HpUpdate deleted successfully
C:\Users\Acer\AppData\Roaming\Lite deleted successfully
C:\Users\Acer\AppData\Roaming\Validity deleted successfully
C:\Users\Acer\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Acer\AppData\Local\Sparta deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} deleted successfully
HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe
C:\Users\Acer\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d8d9acc-f6d7-4362-8876-a275ca929591}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 
"ApnUpdater"=- 
""=- 
"ApnTBMon"=- 
"MapsGalaxy EPM Support"=- 
"MapsGalaxy Home Page Guard 32 bit"=- 
"MapsGalaxy Search Scope Monitor"=- 
"MapsGalaxy_39 Browser Plugin Loader"=- 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\decryption.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\edstbmngr.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\framework.launcher.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsx.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\imfrmwrk.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lwemon.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mydriveconnect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shell.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall mydriveconnect.exe] 

==== Deleting Files \ Folders ======================

C:\Program Files\MapsGalaxy_39 not found
C:\Program Files\BittorrentBar_NL not found
C:\Program Files\SupTab not found
C:\Program Files\AskPartnerNetwork not found
C:\Program Files\Allin1Convert_8h not found
C:\Program Files\Ask.com not found
C:\ProgramData\IePluginServices not found
C:\ProgramData\WindowsMangerProtect not found
C:\Program Files\SupTab not found
C:\Users\Acer\AppData\Roaming\sweet-page not found
"C:\Program Files\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll" not found
C:\Users\Acer\AppData\Roaming\GoldenGate deleted
C:\Users\Acer\AppData\Roaming\Gameo deleted
C:\Users\Acer\AppData\Roaming\sparta111 deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3069 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU     P7350  @ 2.00GHz
CPU Speed: 664,8 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output (Realtek | 
Display Adapters: NVIDIA GeForce 9600M GT           | NVIDIA GeForce 9600M GT           | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel(R) WiFi Link 5100 AGN | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
CD / DVD Drives: 1x (F: | ) F: SlimtypeBD  E  DS4E1S
Ports: COM3 LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  134,0GB | D:  298,1GB | E:  130,5GB
Hard Disks - Free: C:  65,0GB | D:  297,5GB | E:  130,2GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 03/16/10 | ACRSYS - 1
Time Zone: Romance (standaardtijd)
Motherboard *: Acer Aspire 8930
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG Internet Security 2013 On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG Internet Security 2013 disabled (Outdated)
Firewall: AVG Internet Security 2013 disabled
Default Browser: Google Chrome	37.0.2062.103
Internet Explorer Version: 11.0.9600.17239 
Google Chrome version: 37.0.2062.103
Adobe Reader version: 11.0.8.4
Flash Player version: 14.0.0.145
Shockwave Player version: 11.5.8r612

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Acer\AppData\Local\Temp ====
2014-09-04 05:10:20	B2994EC6452DBD04E57828EEFEDFB93C	204800	----a-w-	C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2014-09-02 13:14:19	FA546225A5A1D7B06EA0639C03D96ED3	19456	----a-w-	C:\Windows\System32\nvhdap32.dll
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	----a-w-	C:\Windows\System32\nvuhda.exe
2014-09-02 13:14:19	CC85401C90662E04004620EC0F5482EB	57344	----a-w-	C:\Windows\System32\nvapo32v.dll
2014-09-02 13:14:19	4E2DED1F6BC665534EFF8E68386CAB27	1407	----a-w-	C:\Windows\System32\nvhda.nvu
2014-09-02 13:14:16	B3C3DC96AB8830FEE17F8858DF19B183	143360	----a-w-	C:\Windows\System32\nvcohda.dll
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	----a-w-	C:\Windows\System32\nvudisp.exe
2014-09-02 13:12:33	D8C62428C4D9EE744468ADD6662E1E61	10155	----a-w-	C:\Windows\System32\nvdisp.nvu
2014-08-28 03:59:20	DBF9369D554A229DB0D554BB95A4B0AA	305152	----a-w-	C:\Windows\System32\gdi32.dll
2014-08-28 03:59:20	7DA17C38F8B8F2E89F52C1A08FD447EB	2352640	----a-w-	C:\Windows\System32\win32k.sys
2014-08-23 15:09:18	EC6E2DB67695966DF22CF5EBEFC1D305	2425856	----a-w-	C:\Windows\System32\wucltux.dll
2014-08-23 15:09:18	D9B0134913E5EF007AF82A418C503322	1973728	----a-w-	C:\Windows\System32\wuaueng.dll
2014-08-23 15:09:18	459E257F8915D44B23ACB46211FD45D0	45536	----a-w-	C:\Windows\System32\wups2.dll
2014-08-23 15:09:18	072678E0D68E9C3A7960328671134C7B	54240	----a-w-	C:\Windows\System32\wuauclt.exe
2014-08-23 15:09:07	867148EBF47E7E7E7B21C07B4A981929	581600	----a-w-	C:\Windows\System32\wuapi.dll
2014-08-23 15:09:07	372218B80DEF827063049EBEE76B7501	92672	----a-w-	C:\Windows\System32\wudriver.dll
2014-08-23 15:09:07	255F0417EC31C71585824269522EC8E9	36320	----a-w-	C:\Windows\System32\wups.dll
2014-08-23 15:08:59	F419D738BD2AE58D9DF2F9FEB5F43842	33792	----a-w-	C:\Windows\System32\wuapp.exe
2014-08-23 15:08:59	5AA2CAD923E9E647276A61387E83DDD0	179656	----a-w-	C:\Windows\System32\wuwebv.dll
====== C:\Windows\system32\drivers =====
2014-09-02 14:01:47	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\drivers\btwl2cap.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	----a-w-	C:\Windows\System32\drivers\fssfltr.sys
2014-08-14 07:22:38	3583A5A8CC2E682BFFBD4630D0FEC08B	730048	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-14 07:22:38	0EC652D17AB4607745FB4E6958E8FAB6	219072	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
====== C:\Windows\Tasks ======
2014-09-02 10:12:35	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{9AFF7D45-DE93-4674-ACEF-7255D4F714F7}
2014-09-02 10:06:16	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{83B1FC0A-13EA-4B7F-842E-94B1BEEE37B3}
2014-09-02 10:05:54	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{517AEA55-1E3C-47DF-8D4F-81F47C065FDD}
2014-09-02 10:03:39	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{1456FB5E-1FD4-4503-8AA8-30FDDA3FF036}
2014-09-02 09:54:30	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{6B13E6BD-E48F-4D5F-B111-B1108C4C545F}
2014-09-02 09:54:01	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{D9B3C760-9C76-4ECA-B7A3-2769AFFE0A39}
2014-09-02 08:48:39	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{A06AAA4A-D298-4F3E-8D0B-4B72B313A273}
2014-09-02 08:40:47	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{5D14B10B-4D29-4483-B427-991B02470FD6}
2014-09-02 08:33:52	21EDC6599F53A6312084FF28CB60ECFC	3074	----a-w-	C:\Windows\system32\Tasks\{16EC68E9-E1A9-4A02-B1CE-749E9B23B1E1}
2014-09-02 07:02:08	E9C48914C35643F2174A063B28E935EB	3266	----a-w-	C:\Windows\system32\Tasks\{21B65D70-515C-49BE-8B2D-C45609DD355E}
2014-09-02 06:31:38	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{2A1687F7-5ADC-4A54-B736-CDC04B2D1324}
2014-09-02 05:53:50	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{D7E003CA-DE42-4B3A-9D48-DFAA0E8E7978}
2014-09-02 05:47:37	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{4FAF2FBD-B43D-48D5-A82E-6C3D36069265}
2014-09-02 05:47:32	673C752759CE0D9ABCDAC73A71490833	2960	----a-w-	C:\Windows\system32\Tasks\{F2E6B8F8-4D25-4E46-BA6B-9C10EAE68D26}
2014-08-28 04:37:10	--------	d-----w-	C:\Windows\system32\Tasks\Apple
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-03 06:46:50	--------	d-----w-	C:\Program Files\Common Files\Intel
2014-09-03 06:46:50	--------	d-----w-	C:\Program Files\Cisco
2014-09-02 12:15:47	--------	d-----w-	C:\Program Files\trend micro
2014-09-02 08:25:56	--------	d-----w-	C:\Program Files\Microsoft OneDrive
2014-09-02 07:44:58	--------	d-----w-	C:\Program Files\Common Files\Skype
2014-09-02 07:44:58	--------	d-----r-	C:\Program Files\Skype
2014-08-28 04:37:20	--------	d-----w-	C:\Program Files\Common Files\Apple
2014-08-28 04:37:08	--------	d-----w-	C:\Program Files\Apple Software Update
2014-08-28 04:34:39	--------	d-----w-	C:\Program Files\QuickTime
======= C: =====
====== C:\Users\Acer\AppData\Roaming ======
2014-09-04 05:07:15	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-09-04 05:07:15	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2014-09-04 05:07:15	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2014-09-04 05:07:15	--------	d-----w-	C:\Users\Acer\AppData\Local\Temp
2014-09-02 13:09:42	--------	dc----w-	C:\Users\Acer\AppData\Local\MigWiz
2014-09-02 08:08:51	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan
2014-09-02 08:08:51	--------	d-----w-	C:\Users\Acer\AppData\Roaming\QuickScan
2014-09-02 07:45:10	--------	d-----w-	C:\Users\Acer\AppData\Local\Skype
2014-09-02 04:37:54	--------	d-----w-	C:\Users\Acer\AppData\Local\Gameo
2014-08-28 10:20:46	--------	d-----w-	C:\Users\Acer\AppData\Roaming\Apple Computer
2014-08-28 04:37:10	--------	d-----w-	C:\Users\Acer\AppData\Local\Apple
2014-08-28 04:36:45	--------	d-----w-	C:\Users\Acer\AppData\Locallow\Apple Computer
2014-08-14 07:32:06	--------	d-----w-	C:\Users\Acer\AppData\Local\Adobe
====== C:\Users\Acer ======
2014-09-03 06:47:01	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-09-03 06:46:50	--------	d-----w-	C:\ProgramData\Intel
2014-09-02 13:19:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2014-09-02 08:28:38	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-02 08:25:55	--------	d-----r-	C:\Users\Acer\OneDrive
2014-09-02 08:25:35	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2014-09-02 07:44:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-28 04:38:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-28 04:38:06	--------	d-----w-	C:\ProgramData\Apple Computer
2014-08-28 04:37:08	--------	d-----w-	C:\ProgramData\Apple

====== C: exe-files ==
2014-09-04 05:10:20	B2994EC6452DBD04E57828EEFEDFB93C	204800	----a-w-	C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
2014-09-04 04:05:43	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Program Files\Google\Update\Install\{F04195E9-B35F-43FD-91ED-7DAA77B46B43}\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-04 04:05:43	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-03 06:06:57	2A1ACE54BF2F24B142D8A5A054DD9856	3929488	----a-w-	C:\Users\Acer\AppData\Local\NVIDIA\NvBackend\Packages\00006156\DAO.18829147.exe
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	----a-w-	C:\Windows\System32\nvuhda.exe
2014-09-02 13:14:19	DF9193618DB05C9E352846065B3BFD09	457248	------w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_5bc7b13e5adc40ba\nvuhda.exe
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	----a-w-	C:\Windows\System32\nvudisp.exe
2014-09-02 13:12:34	2F3A1F6B1EEA1D97D2434EDEF9EECCB4	485920	------w-	C:\Windows\System32\DriverStore\FileRepository\nvac.inf_x86_neutral_c39ac30d1282369e\nvudisp.exe
2014-09-02 13:12:34	1229F167A73E4D6540E24748FF32C0D3	38199949	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvac.inf_x86_neutral_c39ac30d1282369e\NvCplSetupInt.exe
2014-09-02 12:15:47	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Acer.exe
2014-09-02 08:25:56	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files\Microsoft OneDrive\OneDriveSetup.exe
2014-09-02 08:25:56	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5e954bc51cfc68704\onedrivesetup.exe
2014-09-02 08:25:54	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\OneDriveSetup.exe
2014-09-02 08:25:54	1553313A94B927B65FCD27635BF49866	257224	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
2014-09-02 08:25:39	9E419F97E88011FB18B26FAEE9E44FD8	78536	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveConfig.exe
2014-09-02 08:24:52	F5443547CAAC20AA334A88817579270F	525656	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5cd1a29c1cfc68703\DXSETUP.exe
2014-09-02 08:24:48	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\5b3297d91cfc68702\DXSETUP.exe
2014-09-02 08:24:46	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files\Common Files\Windows Live\.cache\59e0c2681cfc68701\DXSETUP.exe
=== C: other files ==
2014-09-02 13:19:24	D483687EACE0C065EE772481A96E05F5	330264	----a-w-	C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\DriverStore\FileRepository\btwl2cap.inf_x86_neutral_7c4fc8d21d4e5455\btwl2cap.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Windows\System32\drivers\btwl2cap.sys
2014-09-02 13:15:28	AAFD7CB76BA61FBB08E302DA208C974A	29472	----a-w-	C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwl2cap.sys
2014-09-02 13:15:28	07E4C74FD0125163263712F55D35FEDB	91176	----a-w-	C:\Windows\System32\DriverStore\FileRepository\btwsecfl.inf_x86_neutral_828e932bfdaba2ac\btwsecfl.sys
2014-09-02 13:15:28	07E4C74FD0125163263712F55D35FEDB	91176	----a-w-	C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwsecfl.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-09-02 13:14:19	603B0C9BB86F7B3EFB88A482C6663EC4	64032	------w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_5bc7b13e5adc40ba\nvhda32v.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	-c--a-w-	C:\Windows\System32\DRVSTORE\fssfltr_53B1A1E03F7FFD1D0FE056B8522FE410DEDAC734\fssfltr.sys
2014-09-02 08:28:42	2262614848962DDB38FFB7C883E6FB55	49856	----a-w-	C:\Windows\System32\drivers\fssfltr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4052097714-756531333-1263334913-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe                                                                                                                                                                                                                      "
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"LManager"="C:\Program Files\Launch Manager\LManager.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe                                                                                                                                                                                                         "
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe                                                                                                                                                                                                                      "
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcadeDeluxeAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BkupTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BkupTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CLMLServer"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eAudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eAudio"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer\\Empowering Technology\\eAudio\\eAudio.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eDataSecurity Loader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="eDataSecurity Loader"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSloader.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ePower_DMC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ePower_DMC"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Empowering Technology\\ePower\\ePower_DMC.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpqSRMon"
"hkey"="HKLM"
"command"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IAAnotif"
"hkey"="HKLM"
"command"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kernel and Hardware Abstraction Layer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Kernel and Hardware Abstraction Layer"
"hkey"="HKLM"
"command"="KHALMNPR.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCplDaemon"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PlayMovie"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PLFSetI"
"hkey"="HKLM"
"command"="C:\\Windows\\PLFSetI.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="RtHDVCpl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skytel"
"hkey"="HKLM"
"command"="Skytel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Start WingMan Profiler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Start WingMan Profiler"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\Gaming Software\\LWEMon.exe /noui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WarReg_PopUp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WarReg_PopUp"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\WR_PopUp\\WarReg_PopUp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZPdtWzdVitaKey MC3000]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ZPdtWzdVitaKey MC3000"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Acer\\Acer Bio Protection\\PdtWzd.exe\" show"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk"
"backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe "
"item"="BTTray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Hp\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech SetPoint.lnk"
"backup"="C:\\Windows\\pss\\Logitech SetPoint.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Logitech\\SetPoint\\SetPoint.exe "
"item"="Logitech SetPoint"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Acer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
"path"="C:\\Users\\Acer\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech . Productregistratie.lnk"
"backup"="C:\\Windows\\pss\\Logitech . Productregistratie.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Logishrd\\eReg\\Common\\eReg.exe /remind /language=NLB /_WFM=\".\""
"item"="Logitech . Productregistratie"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"NvBackend"="\"C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"vProt"="\"C:\\Program Files\\AVG Secure Search\\vprot.exe\""
"ApnUpdater"="\"C:\\Program Files\\Ask.com\\Updater\\Updater.exe\"                                                                                                                                                                                                                           "
"ApnTBMon"="\"C:\\Program Files\\AskPartnerNetwork\\Toolbar\\Updater\\TBNotifier.exe\"                                                                                                                                                                                                      "
"MapsGalaxy EPM Support"="\"C:\\PROGRA~1\\MAPSGA~2\\bar\\1.bin\\39medint.exe\" T8EPMSUP.DLL,S"
"MapsGalaxy Home Page Guard 32 bit"="\"C:\\PROGRA~1\\MAPSGA~2\\bar\\1.bin\\AppIntegrator.exe\""
"MapsGalaxy Search Scope Monitor"="\"C:\\PROGRA~1\\MAPSGA~2\\bar\\1.bin\\39srchmn.exe\" /m=2 /w /h"
"MapsGalaxy_39 Browser Plugin Loader"="C:\\PROGRA~1\\MAPSGA~2\\bar\\1.bin\\39brmon.exe"


==== Startup Folders ======================

2014-04-30 11:33:20	1230	----a-w-	C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2014-09-02 13:15:14	834	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2014-05-02 10:19:26	2033	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/08/2014 09:24]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2010 14:52]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2010 14:52]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{1BB12666-B7D0-4961-838D-72165F840DAA}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{12740C8E-7D67-444F-9559-DE034C749C30}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{1456FB5E-1FD4-4503-8AA8-30FDDA3FF036}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{16EC68E9-E1A9-4A02-B1CE-749E9B23B1E1}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM]
"C:\Windows\system32\tasks\{18048041-5AC3-49D8-8BBD-ECEE5EED764D}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{1F7E15A0-7386-4EA6-99EF-57E3E6A86511}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{23D80A22-E86A-459D-9C9D-1920920F2118}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{28958087-2005-484E-83BA-121E2D87F2D6}" ["c:\program files\internet explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=12029]
"C:\Windows\system32\tasks\{2A1687F7-5ADC-4A54-B736-CDC04B2D1324}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{2B1112AA-655F-4ABF-BDB0-4F1643AEE5D4}" [C:\Program Files\AVAST Software\Avast\AvastUI.exe]
"C:\Windows\system32\tasks\{343FC627-4F14-42CA-820C-A285CB1800A2}" [C:\Users\Acer\Downloads\setup_av_free.exe]
"C:\Windows\system32\tasks\{36F79ADC-1C33-41C5-B8DA-68B925006982}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{3B62CBEA-5115-470F-BC5C-E392FA50C981}" ["c:\program files\internet explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.113&amp;LastError=12029]
"C:\Windows\system32\tasks\{4536A1C7-A22E-4A11-BEA2-70EB9626BE5F}" [C:\Program Files\Common Files\Logishrd\eReg\Common\eReg.exe]
"C:\Windows\system32\tasks\{4FAF2FBD-B43D-48D5-A82E-6C3D36069265}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{5115CBA8-71F9-48BA-B2BB-82D3F57354D1}" [C:\Users\Acer\Downloads\setup_av_free.exe]
"C:\Windows\system32\tasks\{517AEA55-1E3C-47DF-8D4F-81F47C065FDD}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{5D14B10B-4D29-4483-B427-991B02470FD6}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{66562133-F089-407D-9E3D-8CAFA1968170}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{6B13E6BD-E48F-4D5F-B111-B1108C4C545F}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{73F94CF3-2DA0-48A3-9F83-4DF4F7FAB7BF}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{765558D4-C397-4E40-BE1A-6F32CB52A8CF}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{80C55725-358D-4003-9329-157BDD3A6A10}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{80D9BFF9-E775-42CF-A657-92592B93E1D1}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{83B1FC0A-13EA-4B7F-842E-94B1BEEE37B3}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{86516E4C-F78F-482E-9720-58B1E0D0AABC}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{99066AFA-CA77-4935-842F-76000CC7AD11}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{9AFF7D45-DE93-4674-ACEF-7255D4F714F7}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{A06AAA4A-D298-4F3E-8D0B-4B72B313A273}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{B1547638-71AC-40D1-B358-50F297D4BBFF}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{B32DB912-7011-4B24-B05B-636D14F2DD79}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{B3697921-B60C-4F70-9095-4B149AAABFEB}" [C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe]
"C:\Windows\system32\tasks\{D7E003CA-DE42-4B3A-9D48-DFAA0E8E7978}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{D9AFCFD1-3CBE-4A41-94E9-5A61C8DF755B}" [C:\Program Files\Logitech\Profiler\LWEmon.exe]
"C:\Windows\system32\tasks\{D9B3C760-9C76-4ECA-B7A3-2769AFFE0A39}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F2E6B8F8-4D25-4E46-BA6B-9C10EAE68D26}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F5E4B8A3-7967-4CB8-90BC-638CA535BC65}" [C:\Program Files\Windows Live\Mail\wlmail.exe]
"C:\Windows\system32\tasks\{F9702297-3971-44E2-8FC7-15E9F3C5BEA6}" [C:\Program Files\Hp\Digital Imaging\bin\hpqpse.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/05/2014 12:22]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/05/2014 12:22]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/03/2012 02:12]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22]

Google Docs - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF",
"startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1409632681&from=cor&uid=ST9320421AS_5TJ05XVFXXXX5TJ05XVF" ],

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"browser":{"window_placement":{"bottom":1070,"left":10,"maximized":false,"right":955,"top":10,"work_area_bottom":1080,"work_area_left":0,"work_area_right":1920,"work_area_top":0}},"countryid_at_install":16965,"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"UTF-8","icon_url":"http://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}&ion=1{searchTerms}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":false,"system_level":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["http://tools.google.com/",["http://fonts.googleapis.com/",2.60370040,"http://themes.googleusercontent.com/",2.60370040,"http://tools.google.com/",3.924981199999999,"http://www.google-analytics.com/",2.27338020,"http://www.google.com/",3.264340799999999]],["http://www.avast.com/",["http://an.avast.com/",2.60370040,"http://dnn506yrbagrg.cloudfront.net/",2.27338020,"http://static.avast.com/",3.264340799999999,"http://www.google-analytics.com/",2.60370040]],["https://plusone.google.com/",["https://apis.google.com/",2.27338020,"https://plusone.google.com/",2.60370040]],["https://s.ytimg.com/",["https://i1.ytimg.com/",2.60370040,"https://s.ytimg.com/",2.27338020]],["https://support.google.com/",["https://apis.google.com/",2.27338020,"https://fonts.googleapis.com/",2.60370040,"https://plusone.google.com/",2.93402060,"https://ssl.google-analytics.com/",2.93402060,"https://ssl.gstatic.com/",2.27338020,"https://support.google.com/",4.585621599999999,"https://themes.googleusercontent.com/",2.60370040,"https://www.google.com/",8.879784199999998,"https://www.youtube.com/",2.60370040]],["https://www.youtube.com/",["https://s.ytimg.com/",3.594660999999999]]],"startup_list":[1,"http://an.avast.com/","http://dnn506yrbagrg.cloudfront.net/","http://fonts.googleapis.com/","http://static.avast.com/","http://themes.googleusercontent.com/","http://tools.google.com/","http://www.avast.com/","http://www.google-analytics.com/","http://www.google.com/","https://program.avast.com/"]},"download":{"extensions_to_open":""},"extensions":{"settings":{"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"app_launcher_index":0,"from_bookmark":true,"from_webstore":false,"install_time":"12975955846874828","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"http://www.youtube.com/"},"web_content":{"enabled":true,"origin":"http://www.youtube.com"}},"description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","update_url":"http://clients2.google.com/service/update2/crx","version":"4.2"},"page_index":0,"path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2_0","state":1},"coobgpohoikkiipiblmjeljniedjpjpf":{"app_launcher_index":2,"from_bookmark":true,"from_webstore":false,"install_time":"12975955851043904","location":2,"manifest":{"app":{"launch":{"web_url":"http://www.google.com/?source=search_app"},"urls":["*://www.google.com/?source=search_app","*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"nl","default_locale":"en","description":"De snelste manier om op internet te zoeken.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Zoeken","update_url":"http://clients2.google.com/service/update2/crx","version":"0.0.0.14"},"page_index":0,"path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.14_0","state":1},"pjkljhegncpnkpknbcohdijeoejaedia":{"active_permissions":{"api":["notifications"]},"app_launcher_index":1,"from_bookmark":true,"from_webstore":false,"install_time":"12975955850632904","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png","24":"24.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"6.1.3"},"page_index":0,"path":"pjkljhegncpnkpknbcohdijeoejaedia\\6.1.3_0","state":1}}},"homepage":"http://www.google.com","homepage_is_newtabpage":false,"net":{"http_server_properties":{"fonts.googleapis.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"plusone.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"ssl.google-analytics.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"ssl.gstatic.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"support.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"themes.googleusercontent.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"www.google.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true},"www.youtube.com:443":{"settings":[{"id":4,"value":100}],"supports_spdy":true}}},"ntp":{"promo_build":0,"promo_closed":false,"promo_end":1323071940.0,"promo_feature_mask":0,"promo_group":8,"promo_group_max":0,"promo_group_timeslice":0,"promo_is_logged_in_to_plus":false,"promo_line":"<a href=\"http://www.google.nl/chromebook/index.html#utm_campaign=nl&utm_source=nl-ntp-holidays-nl-bkws&utm_medium=ntp-holidays\">Ontdek Chromebooks</a> â€“ de computer met Chrome.","promo_platform":0,"promo_resource_cache_update":"1331482250.648904","promo_start":1321862280.0,"promo_views":0,"promo_views_max":0,"sign_in_promo":{"group_max":100}},"profile":{"exited_cleanly":true},"session":{"restore_on_startup":null,"urls_to_restore_on_startup":null}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.zita.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.zita.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GUEA_nlBE572"

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe                                                                                                                                                                                                         
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe                                                                                                                                                                                                                      
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://qtinstall.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2503 folders=475 546566631 bytes)

==== Empty Temp Folders ======================

C:\Users\Acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot