SystemLook 30.07.11 by jpshortstuff
Log created at 18:34 on 17/05/2013 by Dorota
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC]
"DisplayName"="@comres.dll,-2797"
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
"Description"="@comres.dll,-2798"
"ObjectName"="NT AUTHORITY\NetworkService"
"ErrorControl"= 0x0000000001 (1)
"Start"= 0x0000000003 (3)
"Type"= 0x0000000010 (16)
"DependOnService"="RPCSS SamSS"
"ServiceSidType"= 0x0000000001 (1)
"RequiredPrivileges"="SeChangeNotifyPrivilege SeCreateGlobalPrivilege"
"FailureActions"=80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 e8 03 00 00 01 00 00 00 f8 2a 00 00 00 00 00 00 00 00 00 00  (REG_BINARY)
"DelayedAutostart"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC\Performance]
"Library"="msdtcuiu.DLL"
"Open"="DtcPerfOpen"
"Collect"="DtcPerfCollect"
"Close"="DtcPerfClose"
"InstallType"= 0x0000000001 (1)
"PerfIniFile"="msdtcprf.ini"
"First Counter"= 0x0000000e74 (3700)
"Last Counter"= 0x0000000e8e (3726)
"First Help"= 0x0000000e75 (3701)
"Last Help"= 0x0000000e8f (3727)
"Object List"="3700"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC\Security]
"Security"=01 00 14 80 dc 00 00 00 e8 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 ac 00 07 00 00 00 00 00 14 00 9d 00 02 00 01 01 00 00 00 00 00 02 00 00 00 00 00 00 14 00 ff 00 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 00 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 9d 00 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8d 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 14 00 9d 00 02 00 01 01 00 00 00 00 00 05 06 00 00 00 00 00 28 00 8d 00 02 00 01 06 00 00 00 00 00 05 50 00 00 00 e5 32 0f ec 28 be a2 92 2c 29 35 f1 63 42 dc 6b 5a 0a 25 86 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00  (REG_BINARY)


========== filefind ==========

Searching for "msdtc.exe"
C:\Windows\System32\msdtc.exe	--a---- 134144 bytes	[23:44 13/07/2009]	[01:14 14/07/2009] E1BCE74A3BD9902B72599C0192A07E27
C:\Windows\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.1.7600.16385_none_19295908c15690f3\msdtc.exe	--a---- 134144 bytes	[23:44 13/07/2009]	[01:14 14/07/2009] E1BCE74A3BD9902B72599C0192A07E27

Searching for "msdtcuiu.DLL"
C:\Windows\System32\msdtcuiu.dll	--a---- 237568 bytes	[23:44 13/07/2009]	[01:15 14/07/2009] E991956ACE9E57BFB9F8BB077D11B34E
C:\Windows\winsxs\x86_microsoft-windows-com-dtc-management_31bf3856ad364e35_6.1.7600.16385_none_49a47881c52ef4d2\msdtcuiu.dll	--a---- 237568 bytes	[23:44 13/07/2009]	[01:15 14/07/2009] E991956ACE9E57BFB9F8BB077D11B34E

-= EOF =-