SystemLook 30.07.11 by jpshortstuff Log created at 10:30 on 19/08/2012 by Snajper Administrator - Elevation successful ========== reg ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend] "DisplayName"="@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" "ErrorControl"= 0x0000000001 (1) "ImagePath"="%SystemRoot%\System32\svchost.exe -k secsvcs" "Start"= 0x0000000004 (4) "Type"= 0x0000000020 (32) "Description"="@%ProgramFiles%\Windows Defender\MsMpRes.dll,-1176" "DependOnService"="RpcSs" "ObjectName"="LocalSystem" "ServiceSidType"= 0x0000000001 (1) "RequiredPrivileges"="SeImpersonatePrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeChangeNotifyPrivilege SeSecurityPrivilege SeShutdownPrivilege SeIncreaseQuotaPrivilege SeAssignPrimaryTokenPrivilege" "DelayedAutoStart"= 0x0000000001 (1) "FailureActions"=80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 00 00 00 00 00 00 00 00 (REG_BINARY) "AutorunsDisabled"= 0x0000000003 (3) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Parameters] "ServiceDllUnloadOnStop"= 0x0000000001 (1) "ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Security] "Security"=01 00 14 80 dc 00 00 00 e8 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 ac 00 06 00 00 00 00 00 28 00 ff 01 0f 00 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 0b 28 00 00 00 00 10 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\TriggerInfo] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\TriggerInfo\0] "Type"= 0x0000000005 (5) "Action"= 0x0000000001 (1) "GUID"=e6 ca 9f 65 db 5b a9 4d b1 ff ca 2a 17 8d 46 e0 (REG_BINARY) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}] @="Windows Defender" [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}] @="Windows Defender" "System.Software.TasksFileUrl"="Internal" "InfoTip"="@%ProgramFiles%\Windows Defender\MsMpRes.dll,-1176" "LocalizedString"="@%ProgramFiles%\Windows Defender\MsMpRes.dll,-104" "System.ApplicationName"="Microsoft.WindowsDefender" "System.ControlPanel.Category"="0" [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}\DefaultIcon] @="%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}\Shell] (No values found) [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}\Shell\Open] (No values found) [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}\Shell\Open\Command] @="%ProgramFiles%\Windows Defender\MSASCui.exe" [HKEY_CLASSES_ROOT\CLSID\{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}\ShellFolder] "Attributes"= 0x0000000000 (0) ========== dir ========== C:\Program Files\Windows Defender - Unable to find folder. C:\Program Files (x86)\Windows Defender - Parameters: "/s" ---Files--- MpAsDesc.dll --a---- 9216 bytes [23:37 13/07/2009] [01:15 14/07/2009] MpClient.dll --a---- 392704 bytes [23:37 13/07/2009] [01:15 14/07/2009] MpOAV.dll --a---- 54784 bytes [23:37 13/07/2009] [01:15 14/07/2009] MsMpLics.dll --a---- 4608 bytes [23:37 13/07/2009] [01:07 14/07/2009] C:\Program Files (x86)\Windows Defender\en-US d------ [05:37 14/07/2009] MpAsDesc.dll.mui --a---- 35328 bytes [05:35 14/07/2009] [02:09 14/07/2009] MpEvMsg.dll.mui --a---- 15360 bytes [05:35 14/07/2009] [02:08 14/07/2009] C:\Program Files (x86)\Windows Defender\pl-PL d------ [11:01 22/04/2011] MpAsDesc.dll.mui --a---- 41472 bytes [11:00 22/04/2011] [11:00 22/04/2011] MpEvMsg.dll.mui --a---- 17920 bytes [11:00 22/04/2011] [11:00 22/04/2011] -= EOF =-