SystemLook 30.07.11 by jpshortstuff
Log created at 17:59 on 05/01/2013 by Bartek
Administrator - Elevation successful

========== filefind ==========

Searching for "startup.exe"
C:\Windows\System32\startup.exe	--a---- 52072 bytes	[12:42 14/01/2009]	[04:12 09/07/2008] 83D6E0DE6214BA248B3DDA1BDB243109
C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_1cfe16a4\startup.exe	------- 52072 bytes	[12:42 14/01/2009]	[04:12 09/07/2008] 83D6E0DE6214BA248B3DDA1BDB243109

========== regfind ==========

Searching for "WinSCard"
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-s..cardsubsystemclient_31bf3856ad364e35_none_6d1611ce4fecec19\f256!winscard.dll]
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-s..cardsubsystemclient_31bf3856ad364e35_none_10f7764a978f7ae3\f256!winscard.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinSCard"="C:\Users\Bartek\AppData\Local\Microsoft\Windows\2225\WinSCard.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-s..cardsubsystemclient_31bf3856ad364e35_none_6d1611ce4fecec19\f256!winscard.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-s..cardsubsystemclient_31bf3856ad364e35_none_10f7764a978f7ae3\f256!winscard.dll]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Installer32"="winscard.dll,ClassInstall32"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Installer32"="winscard.dll,ClassInstall32"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
"Installer32"="winscard.dll,ClassInstall32"

Searching for "WinSys2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"="C:\Windows\system32\startup.exe"

Searching for "wwancfg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"wwancfg"="C:\Users\oem\AppData\Local\Microsoft\Windows\607\wwancfg.exe"

-= EOF =-