
Zoek.exe Version 4.0.0.4 Updated 18-July-2013
Tool run by Johan on do 18-07-2013 at 18:34:00,11.
Microsoft Windows 7 Ultimate  6.1.7600  x86
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results16-07-2013-1141.log	16026 bytes

==== Creating Sample_18-07-2013_1836.zip ======================
 
Process iexplore.exe killed
Process rundll32.exe killed

C:\Users\Public\Desktop\sample_18-07-2013_1836.zip created successfully

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-07-17 14:50:36	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
2013-07-17 14:50:35	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2013-07-17 14:50:35	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2013-07-17 14:50:35	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2013-07-17 14:50:35	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
====== C:\Users\Johan\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-07-18 10:02:10	5614386D4CFDF9E56F355C45BEEBC976	12872	----a-w-	C:\Windows\System32\bootdelete.exe
2013-07-16 10:03:33	F557E36B291BE2B28FCA4D4A68AE2219	114176	----a-w-	C:\Windows\System32\PCWizard.cpl
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-07-18 08:19:47	--------	d-----w-	C:\Program Files\HitmanPro
2013-07-11 19:02:27	--------	d-----w-	C:\Program Files\DIFX
======= C: =====
====== C:\Users\Johan\AppData\Roaming ======
2013-07-17 15:07:14	--------	d-----w-	C:\users\Public\AppData\Local\temp
2013-07-17 15:07:14	--------	d-----w-	C:\users\Johan\AppData\Local\temp
2013-07-17 15:07:14	--------	d-----w-	C:\users\freenastester\AppData\Local\temp
2013-07-17 15:07:14	--------	d-----w-	C:\users\Default\AppData\Local\temp
2013-07-17 15:07:14	--------	d-----w-	C:\users\Default User\AppData\Local\temp
2013-07-17 12:29:16	--------	d-----w-	C:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sapphire TRIXX
2013-07-15 17:45:30	--------	d-----w-	C:\users\Johan\AppData\Local\Programs
2013-07-11 19:03:28	--------	d-----w-	C:\users\Johan\AppData\Local\Garmin
2013-07-11 19:03:15	--------	d-----w-	C:\users\Johan\AppData\Local\GARMIN_Corp
====== C:\Users\Johan ======
2013-07-18 11:12:20	4AD2864BBD10F0F4B6E2064CBB349F10	859652	----a-w-	C:\Users\Johan\Documents\thumbscl.exe
2013-07-18 08:19:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2013-07-18 08:19:11	--------	d-----w-	C:\ProgramData\HitmanPro
2013-07-18 08:18:50	0011AC7B83C557D3273A1E093BD46F8E	9171472	----a-w-	C:\Users\Johan\Downloads\HitmanPro.exe
2013-07-17 15:07:14	--------	d-----w-	C:\Users\Public\AppData
2013-07-17 12:28:21	96FE5F928C0016C3108AE8A18607B25F	3627808	----a-w-	C:\Users\Johan\Downloads\TRIXX_installer_634959254654310003.exe
2013-07-16 14:30:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2013-07-16 14:29:11	8AEB5D7CF5182094977760A765FA5B01	5126104	----a-w-	C:\Users\Johan\Downloads\spsetup122.exe
2013-07-16 10:02:25	A01E6A2CD9CACDA449CB5113B5BF40F2	5324650	----a-w-	C:\Users\Johan\Downloads\pc-wizard_2012.2.11-setup.exe
2013-07-15 17:46:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2013-07-12 14:02:41	501E26080BFF03563B4A691C3B39A007	1344480	----a-w-	C:\Users\Johan\Downloads\GPU-Z.0.7.2.exe
2013-07-11 19:03:28	--------	d-----w-	C:\ProgramData\Garmin
2013-07-11 19:02:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2013-07-10 17:36:53	BCAF983AB27437913E76776F79B850C5	100864	----a-w-	C:\Users\Johan\Documents\zlib1.dll
2013-07-10 17:36:53	6F15C32334D2310ABF30187D6294EAF5	245795	----a-w-	C:\Users\Johan\Documents\libcurl.dll

====== C: exe-files ==
2013-07-18 11:12:20	F048BA0712E524C5BA12B876F988ACC8	757248	----a-w-	C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHN6TZJG\ltc231[1].exe
2013-07-18 11:12:20	4AD2864BBD10F0F4B6E2064CBB349F10	859652	----a-w-	C:\Users\Johan\Documents\thumbscl.exe
2013-07-18 10:02:10	5614386D4CFDF9E56F355C45BEEBC976	12872	----a-w-	C:\Windows\System32\bootdelete.exe
2013-07-18 08:19:47	0011AC7B83C557D3273A1E093BD46F8E	9171472	----a-w-	C:\Program Files\HitmanPro\HitmanPro.exe
2013-07-18 08:18:50	0011AC7B83C557D3273A1E093BD46F8E	9171472	----a-w-	C:\Users\Johan\Downloads\HitmanPro.exe
2013-07-17 14:50:36	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
2013-07-17 14:50:35	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2013-07-17 14:50:35	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2013-07-17 14:50:35	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2013-07-17 14:50:35	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
2013-07-17 12:28:21	96FE5F928C0016C3108AE8A18607B25F	3627808	----a-w-	C:\Users\Johan\Downloads\TRIXX_installer_634959254654310003.exe
2013-07-16 14:29:11	8AEB5D7CF5182094977760A765FA5B01	5126104	----a-w-	C:\Users\Johan\Downloads\spsetup122.exe
2013-07-16 10:02:25	A01E6A2CD9CACDA449CB5113B5BF40F2	5324650	----a-w-	C:\Users\Johan\Downloads\pc-wizard_2012.2.11-setup.exe
2013-07-15 18:16:24	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
2013-07-15 18:16:24	6466C051022547489D3409205128881B	59784	----atw-	C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
2013-07-15 18:16:24	1CA3976D1B1FE826ADF339F90AC25C60	59784	----atw-	C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
2013-07-15 18:16:17	D9A08472D8D0218A0AE2C9D9F63EA531	290696	----atw-	C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
2013-07-15 18:16:17	8726802EA4FBFFA3FD54FD2449BF51D4	217992	----atw-	C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
2013-07-15 18:16:16	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Program Files\Google\Update\1.3.21.153\GoogleUpdate.exe
2013-07-15 18:16:15	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
2013-07-14 15:45:29	735D60EFA430ADFC184CB419E666D1D5	2026848	----a-w-	C:\Users\Johan\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.72\28.0.1500.72_28.0.1500.71_chrome_updater.exe
2013-07-12 14:34:51	528A5C2570F468155A1B3CF0A2FF5EBD	117144	----a-w-	C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2013-07-12 14:02:41	501E26080BFF03563B4A691C3B39A007	1344480	----a-w-	C:\Users\Johan\Downloads\GPU-Z.0.7.2.exe
2013-07-12 11:40:21	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 11:40:21	6466C051022547489D3409205128881B	59784	----atw-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
2013-07-12 11:40:21	1CA3976D1B1FE826ADF339F90AC25C60	59784	----atw-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
2013-07-12 11:40:16	D9A08472D8D0218A0AE2C9D9F63EA531	290696	----atw-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
2013-07-12 11:40:15	8726802EA4FBFFA3FD54FD2449BF51D4	217992	----atw-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
2013-07-12 11:40:15	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\GoogleUpdate.exe
2013-07-12 11:40:14	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Users\Johan\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
=== C: other files ==
2013-07-18 16:36:14	E8D4353C3F24ECC9EC217A11110FC24B	499	----a-w-	C:\Users\Public\Desktop\sample_18-07-2013_1836.zip
2013-07-16 13:39:50	D7986163F33E8E08A69D65613987ED67	66632	----a-w-	C:\Users\Johan\Downloads\bluescreenview.zip
2013-07-16 10:00:37	43F01338B0A4AC36FD8A7FAB5C943723	4380826	----a-w-	C:\Users\Johan\Downloads\pc-wizard_2012.2.11.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\utils\Nieuwe map\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="D:\Programma's\Kantoorprogramma's\MICROSOFT OFFICE 2010\Office14\MSOSYNC.EXE"
"SandboxieControl"="D:\utils\sandboxie\SbieCtrl.exe"
"idle32"="C:\Users\Johan\Documents\wincmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="D:\Programma's\Kantoorprogramma's\MICROSOFT OFFICE 2010\Office14\BCSSync.exe /DelayServices"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin"
"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml"
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="D:\Programma's\teken en videobewerking\quick time\QTTask.exe -atboottime"
"iTunesHelper"="F:\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\utils\Nieuwe map\DAEMON Tools Lite\DTLite.exe -autorun"
"OfficeSyncProcess"="D:\Programma's\Kantoorprogramma's\MICROSOFT OFFICE 2010\Office14\MSOSYNC.EXE"
"SandboxieControl"="D:\utils\sandboxie\SbieCtrl.exe"
"idle32"="C:\Users\Johan\Documents\wincmd.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Acrobat Assistant 8.0"
"hkey"="HKLM"
"command"="\"D:\\Programma's\\Kantoorprogramma's\\adobe acrobat 9\\Acrobat\\Acrotray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Acrobat Speed Launcher"
"hkey"="HKLM"
"command"="\"D:\\Programma's\\Kantoorprogramma's\\adobe acrobat 9\\Acrobat\\Acrobat_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVMUSBFernanschluss]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVMUSBFernanschluss"
"hkey"="HKCU"
"command"="\"C:\\Users\\Johan\\AppData\\Local\\Apps\\2.0\\Z5Y5QAEO.529\\9CGHDZAO.9JR\\frit..tion_8488884cfbcefd60_0002.0002_3f5bffebd87508a8\\AVMAutoStart.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Digiarty_Software_AirPlayit]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Digiarty_Software_AirPlayit"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Air_Playit\\airplayit.exe\" -min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Johan\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Johan\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"F:\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PrnStatusMX]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrnStatusMX"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hewlett-Packard\\PrnStatusMX\\PrnStatusMX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"D:\\Programma's\\teken en videobewerking\\quick time\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Reader Application Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Reader Application Helper"
"hkey"="HKLM"
"command"="C:\\Program Files\\Sony\\ReaderDesktop\\appHelper\\ReaderAppHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UVS11 Preload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UVS11 Preload"
"hkey"="HKLM"
"command"="D:\\Programma's\\teken en videobewerking\\ulead video studio 11\\uvPL.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vmware-tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="vmware-tray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VMware\\VMware Workstation\\vmware-tray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Mobile Device Center"
"hkey"="HKLM"
"command"="%windir%\\WindowsMobile\\wmdc.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\MCAFEE~1\\307523~1.318\\SSSCHE~1.EXE "
"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Johan\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Johan\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]
"path"="C:\\Users\\Johan\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2010 Schermopname en Snel starten.lnk"
"backup"="C:\\Windows\\pss\\OneNote 2010 Schermopname en Snel starten.lnk.Startup"
"backupExtension"=".Startup"
"command"="D:\\PROGRA~1\\KANTOO~1\\MICROS~1\\Office14\\ONENOTEM.EXE /tsr"
"item"="OneNote 2010 Schermopname en Snel starten"


==== Startup Folders ======================

2013-06-15 12:57:27	1048	----a-w-	C:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-05-03 17:07:56	1237	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15-06-2013 15:34]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4213133900-1296267052-3364196582-1001Core.job --a------ C:\Users\Johan\AppData\Local\Facebook\Update\FacebookUpdate.exe [18-08-2012 16:05]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4213133900-1296267052-3364196582-1001UA.job --a------ C:\Users\Johan\AppData\Local\Facebook\Update\FacebookUpdate.exe [18-08-2012 16:05]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-10-2011 18:34]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4213133900-1296267052-3364196582-1001Core.job --a------ C:\Users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe [18-09-2011 17:05]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4213133900-1296267052-3364196582-1001UA.job --a------ C:\Users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe [18-09-2011 17:05]
C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17-01-2013 23:16]

==== EOF on do 18-07-2013 at 18:39:14,89 ======================