SystemLook 30.07.11 by jpshortstuff Log created at 14:24 on 13/03/2013 by tosza Administrator - Elevation successful ========== dir ========== C:\$Recycle.Bin - Parameters: "/s" ---Files--- None found. C:\$Recycle.Bin\S-1-5-18 d--hs-- [09:59 28/08/2012] C:\$Recycle.Bin\S-1-5-21-1637725515-1014344416-800002236-1000 d--hs-- [07:26 08/05/2010] desktop.ini --ahs-- 129 bytes [07:26 08/05/2010] [07:26 08/05/2010] C:\$Recycle.Bin\S-1-5-21-3320205830-648564507-3015274131-500 d--hs-- [20:07 26/11/2009] desktop.ini --ahs-- 129 bytes [20:07 26/11/2009] [20:07 26/11/2009] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1000 d--hs-- [09:15 29/08/2010] desktop.ini --ahs-- 129 bytes [09:15 29/08/2010] [09:15 29/08/2010] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1001 d--hs-- [17:53 27/08/2010] $I7MKJEI.60 --a---- 544 bytes [15:18 12/03/2013] [15:18 12/03/2013] $INEQ834 --a---- 544 bytes [15:18 12/03/2013] [15:18 12/03/2013] desktop.ini --ahs-- 129 bytes [17:53 27/08/2010] [17:53 27/08/2010] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1001\$fa5b36d5d62b78c23c0afea4eaee3c3b d--hs-- [09:59 28/08/2012] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1001\$R7MKJEI.60 d------ [12:03 12/03/2013] settings.dvset --a---- 303104 bytes [12:09 12/03/2013] [15:11 12/03/2013] settings.ldb --a---- 192 bytes [15:03 12/03/2013] [15:14 12/03/2013] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1001\$RNEQ834 d------ [15:10 12/03/2013] WorkbenchLog_2013.03.12_16.10.22.zip --a---- 15514 bytes [15:10 12/03/2013] [15:10 12/03/2013] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1006 d--hs-- [12:25 01/12/2010] desktop.ini --ahs-- 129 bytes [12:25 01/12/2010] [12:25 01/12/2010] C:\$Recycle.Bin\S-1-5-21-3753379803-1400587885-533003548-1007 d--hs-- [08:23 04/01/2012] $I0LDUXT.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $I30MKI5.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $I3UU17M.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $I4SY6A7.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $I5X0I3C.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $IBEJJZW.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $IG3U3YW.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $IIZ78HG.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $ILVKM7Q.lnk --a---- 544 bytes [09:55 20/03/2012] [09:55 20/03/2012] $IO88ARN.lnk --a---- 544 bytes [22:20 08/02/2013] [22:20 08/02/2013] $R0LDUXT.lnk --a---- 1890 bytes [15:14 14/02/2012] [15:14 14/02/2012] $R30MKI5.lnk --a---- 637 bytes [13:06 17/10/2011] [13:06 17/10/2011] $R3UU17M.lnk --a---- 615 bytes [17:50 13/04/2011] [13:16 04/11/2011] $R4SY6A7.lnk --a---- 1027 bytes [17:27 01/11/2011] [17:27 01/11/2011] $R5X0I3C.lnk --a---- 646 bytes [12:03 11/05/2011] [15:02 13/11/2011] $RBEJJZW.lnk --a---- 995 bytes [17:10 26/10/2011] [07:46 01/02/2012] $RG3U3YW.lnk --a---- 998 bytes [15:14 14/02/2012] [15:14 14/02/2012] $RIZ78HG.lnk --a---- 1624 bytes [09:45 24/06/2011] [09:45 24/06/2011] $RLVKM7Q.lnk --a---- 2149 bytes [06:20 19/05/2011] [07:50 19/05/2011] $RO88ARN.lnk --a---- 1834 bytes [21:22 10/01/2013] [21:22 10/01/2013] desktop.ini --ahs-- 129 bytes [08:23 04/01/2012] [08:23 04/01/2012] C:\$Recycle.Bin\S-1-5-21-566845959-2334523361-2549471661-500 d--hs-- [17:53 17/12/2009] desktop.ini --ahs-- 129 bytes [17:53 17/12/2009] [17:53 17/12/2009] ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB ========== reg ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects] (No values found) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{003e0278-eca8-4bb8-a256-3689ca1c2600}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{3BF043EF-A974-49B3-8322-B853CF1E5EC5}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{566296fe-e0e8-475f-ba9c-a31ad31620b1}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{68ddbb56-9d1d-4fd9-89c5-c0da2a625392}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{6FDEDD65-AC51-43CA-B2D0-9EB5D1155D03}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7007ACCF-3202-11D1-AAD2-00805FC1270E}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{7849596a-48ea-486e-8937-a2a3009f31a9}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5}] (No values found) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{A1607060-5D4C-467a-B711-2B59A6F25957}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{C2796011-81BA-4148-8FCA-C6643245113F}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{DA67B8AD-E81B-4c70-9B91-B417B5E33527}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{EF4D1E1A-1C87-4AA8-8934-E68E4367468D}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F08C5AC2-E722-4116-ADB7-CE41B527994B}] @="Bluetooth Authentication Agent SSO" "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F20487CC-FC04-4B1E-863F-D9801796130B}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{fbeb8a05-beee-4442-804e-409d6c4515e9}] "AutoStart"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{ff363bfe-4941-4179-a81c-f3f1ca72d820}] @="HomeGroup SSO" "AutoStart"="" -= EOF =-