SystemLook 30.07.11 by jpshortstuff Log created at 14:46 on 23/05/2013 by Bartek Administrator - Elevation successful ========== dir ========== C:\$Recycle.Bin - Parameters: "/s" ---Files--- None found. C:\$Recycle.Bin\S-1-5-18 d--hs-- [08:06 07/05/2013] C:\$Recycle.Bin\S-1-5-21-368490323-1643295968-3035913019-1004 d--hs-- [10:39 15/10/2011] $I2N7WMM.htaccess --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $I2Y9B77.pdf --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $I7MRRMW.exe --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $I8QZ7DU.lnk --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $IDT8PS0.htaccess --a---- 544 bytes [15:40 22/05/2013] [15:40 22/05/2013] $IF8WMYU --a---- 544 bytes [15:49 22/05/2013] [15:49 22/05/2013] $IOK20XU --a---- 544 bytes [08:51 23/05/2013] [08:51 23/05/2013] $IT0R0VD.php --a---- 544 bytes [15:49 22/05/2013] [15:49 22/05/2013] $ITGUJLN.exe --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $ITNWQ0V.pdf --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $IUIZ6R8.lnk --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $IV0FJ9V --a---- 544 bytes [15:49 22/05/2013] [15:49 22/05/2013] $IVFRVP7.rar --a---- 544 bytes [15:56 22/05/2013] [15:56 22/05/2013] $IW6YHHJ.htaccess --a---- 544 bytes [13:46 22/05/2013] [13:46 22/05/2013] $IXUXFQ3.php --a---- 544 bytes [11:46 22/05/2013] [11:46 22/05/2013] $R2N7WMM.htaccess --a---- 6141 bytes [08:38 18/05/2013] [08:38 18/05/2013] $R2Y9B77.pdf --a---- 195393 bytes [11:42 22/05/2013] [11:42 22/05/2013] $R7MRRMW.exe --a---- 10285040 bytes [12:43 21/05/2013] [12:44 21/05/2013] $R8QZ7DU.lnk --a---- 1958 bytes [14:00 21/05/2013] [14:00 21/05/2013] $RDT8PS0.htaccess --a---- 8909 bytes [08:38 18/05/2013] [08:38 18/05/2013] $RT0R0VD.php --a---- 4828 bytes [08:38 18/05/2013] [08:38 18/05/2013] $RTGUJLN.exe --a---- 55454464 bytes [12:45 21/05/2013] [12:53 21/05/2013] $RTNWQ0V.pdf --a---- 183561 bytes [11:42 22/05/2013] [11:42 22/05/2013] $RUIZ6R8.lnk --a---- 906 bytes [15:20 21/05/2013] [15:20 21/05/2013] $RVFRVP7.rar --a---- 72415031 bytes [13:09 22/05/2013] [13:22 22/05/2013] $RW6YHHJ.htaccess --a---- 0 bytes [13:45 22/05/2013] [13:45 22/05/2013] $RXUXFQ3.php --a---- 4828 bytes [08:38 18/05/2013] [08:38 18/05/2013] desktop.ini --ahs-- 129 bytes [10:39 15/10/2011] [10:39 15/10/2011] C:\$Recycle.Bin\S-1-5-21-368490323-1643295968-3035913019-1004\$ae15d8ac48ca9c942e95b8e6ae3ad33f d--hs-- [07:07 07/05/2013] C:\$Recycle.Bin\S-1-5-21-368490323-1643295968-3035913019-1004\$RF8WMYU d------ [11:58 15/05/2013] .htaccess --a---- 4582 bytes [08:38 18/05/2013] [15:42 22/05/2013] Sendit-LP-000128257-000000083.pdf --a---- 194266 bytes [11:58 15/05/2013] [11:58 15/05/2013] Sendit-LP-000128257-000000084.pdf --a---- 195138 bytes [11:59 15/05/2013] [11:59 15/05/2013] Sendit-LP-000128257-000000085.pdf --a---- 194364 bytes [11:59 15/05/2013] [11:59 15/05/2013] Sendit-LP-000128257-000000086.pdf --a---- 195401 bytes [11:59 15/05/2013] [11:59 15/05/2013] Sendit-Protokol-15-05-2013.pdf --a---- 184899 bytes [12:00 15/05/2013] [12:00 15/05/2013] C:\$Recycle.Bin\S-1-5-21-368490323-1643295968-3035913019-1004\$ROK20XU d------ [22:59 30/11/2010] C:\$Recycle.Bin\S-1-5-21-368490323-1643295968-3035913019-1004\$RV0FJ9V d------ [13:45 22/05/2013] .htaccess --a---- 1644 bytes [08:38 18/05/2013] [08:38 18/05/2013] index_backup.php --a---- 4828 bytes [08:38 18/05/2013] [08:38 18/05/2013] ========== reg ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects] (No values found) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{3BF043EF-A974-49B3-8322-B853CF1E5EC5}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{68ddbb56-9d1d-4fd9-89c5-c0da2a625392}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7007ACCF-3202-11D1-AAD2-00805FC1270E}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7849596a-48ea-486e-8937-a2a3009f31a9}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{A1607060-5D4C-467a-B711-2B59A6F25957}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{DA67B8AD-E81B-4c70-9B91-B417B5E33527}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{EF4D1E1A-1C87-4AA8-8934-E68E4367468D}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F20487CC-FC04-4B1E-863F-D9801796130B}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{fbeb8a05-beee-4442-804e-409d6c4515e9}] "AutoStart"="" -= EOF =-