SystemLook 30.07.11 by jpshortstuff Log created at 22:02 on 29/12/2016 by IZA Administrator - Elevation successful ========== reg ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend] "DisplayName"="Windows Defender" "ErrorControl"= 0x0000000001 (1) "ImagePath"="%SystemRoot%\System32\svchost.exe -k secsvcs" "Start"= 0x0000000002 (2) "Type"= 0x0000000020 (32) "Description"="@%ProgramFiles%\Windows Defender\MsMpRes.dll,-1176" "DependOnService"="RpcSs" "ObjectName"="LocalSystem" "ServiceSidType"= 0x0000000001 (1) "RequiredPrivileges"="SeImpersonatePrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeChangeNotifyPrivilege SeSecurityPrivilege SeShutdownPrivilege SeIncreaseQuotaPrivilege SeAssignPrimaryTokenPrivilege" "DelayedAutoStart"= 0x0000000000 (0) "FailureActions"=80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 00 00 00 00 00 00 00 00 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Parameters] "ServiceDllUnloadOnStop"= 0x0000000001 (1) "ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Security] "Security"=01 00 14 80 dc 00 00 00 e8 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 ac 00 06 00 00 00 00 00 28 00 ff 01 0f 00 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 0b 28 00 00 00 00 10 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\TriggerInfo] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\TriggerInfo\0] "Type"= 0x0000000005 (5) "Action"= 0x0000000001 (1) "GUID"=e6 ca 9f 65 db 5b a9 4d b1 ff ca 2a 17 8d 46 e0 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\Enum] "0"="Root\LEGACY_WINDEFEND\0000" "Count"= 0x0000000001 (1) "NextInstance"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\Parameters] "ServiceDllUnloadOnStop"= 0x0000000001 (1) "ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\Security] "Security"=01 00 14 80 dc 00 00 00 e8 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 ac 00 06 00 00 00 00 00 28 00 ff 01 0f 00 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 0b 28 00 00 00 00 10 01 06 00 00 00 00 00 05 50 00 00 00 b5 89 fb 38 19 84 c2 cb 5c 6c 23 6d 57 00 77 6e c0 02 64 87 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 9d 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\TriggerInfo] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\TriggerInfo\0] "Type"= 0x0000000005 (5) "Action"= 0x0000000001 (1) "GUID"=e6 ca 9f 65 db 5b a9 4d b1 ff ca 2a 17 8d 46 e0 (REG_BINARY) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\TriggerInfo\0] "Type"= 0x0000000005 (5) "Action"= 0x0000000001 (1) "GUID"=e6 ca 9f 65 db 5b a9 4d b1 ff ca 2a 17 8d 46 e0 (REG_BINARY) -= EOF =-