SystemLook 30.07.11 by jpshortstuff Log created at 22:01 on 03/09/2012 by User Administrator - Elevation successful ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB ========== dir ========== C:\Windows\assembly\GAC_32 - Parameters: "(none)" ---Files--- None found. ---Folders--- AuditPolicyGPManagedStubs.Interop d------ [18:09 14/07/2009] BDATunePIA d------ [18:09 14/07/2009] CustomMarshalers d------ [03:20 14/07/2009] ehexthost32 d------ [18:09 14/07/2009] ISymWrapper d------ [03:20 14/07/2009] mcstoredb d------ [18:09 14/07/2009] Microsoft.GroupPolicy.AdmTmplEditor d------ [18:09 14/07/2009] Microsoft.GroupPolicy.AdmTmplEditor.Resources d------ [18:09 14/07/2009] Microsoft.GroupPolicy.Interop d------ [18:09 14/07/2009] Microsoft.Ink d------ [05:32 14/07/2009] Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop d------ [18:09 14/07/2009] Microsoft.Transactions.Bridge.Dtc d------ [05:32 14/07/2009] Microsoft.Windows.Diagnosis.SDEngine d------ [05:32 14/07/2009] MSBuild d------ [05:32 14/07/2009] mscorlib d------ [03:20 14/07/2009] napcrypt d------ [03:20 14/07/2009] naphlpr d------ [03:20 14/07/2009] Policy.1.0.Microsoft.Ink d------ [05:32 14/07/2009] Policy.1.0.Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Policy.1.2.Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Policy.1.7.Microsoft.Ink d------ [05:32 14/07/2009] Policy.6.0.Microsoft.Ink d------ [05:32 14/07/2009] PresentationCore d------ [05:32 14/07/2009] System.Data d------ [03:20 14/07/2009] System.Data.OracleClient d------ [03:20 14/07/2009] System.EnterpriseServices d------ [03:20 14/07/2009] System.Printing d------ [05:32 14/07/2009] System.Transactions d------ [03:20 14/07/2009] System.Web d------ [03:20 14/07/2009] C:\Windows\assembly\GAC_64 - Parameters: "(none)" ---Files--- Desktop.ini --ahs-- 6144 bytes [20:28 02/09/2012] [19:29 03/09/2012] ---Folders--- AuditPolicyGPManagedStubs.Interop d------ [18:09 14/07/2009] BDATunePIA d------ [18:09 14/07/2009] CustomMarshalers d------ [03:20 14/07/2009] ISymWrapper d------ [03:20 14/07/2009] mcstoredb d------ [18:09 14/07/2009] mcupdate d------ [18:09 14/07/2009] Mcx2Dvcs d------ [18:09 14/07/2009] Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop d------ [05:32 14/07/2009] Microsoft.GroupPolicy.AdmTmplEditor d------ [18:09 14/07/2009] Microsoft.GroupPolicy.AdmTmplEditor.Resources d------ [18:09 14/07/2009] Microsoft.GroupPolicy.Interop d------ [18:09 14/07/2009] Microsoft.Ink d------ [05:32 14/07/2009] Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Microsoft.MediaCenter.Interop d------ [18:09 14/07/2009] Microsoft.MediaCenter.iTV.Media d------ [18:09 14/07/2009] Microsoft.MediaCenter.Mheg d------ [18:09 14/07/2009] Microsoft.MediaCenter.Playback d------ [18:09 14/07/2009] Microsoft.MediaCenter.TV.Tuners.Interop d------ [18:09 14/07/2009] Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop d------ [18:09 14/07/2009] Microsoft.Transactions.Bridge.Dtc d------ [05:32 14/07/2009] Microsoft.Windows.Diagnosis.SDEngine d------ [05:32 14/07/2009] MSBuild d------ [05:32 14/07/2009] mscorlib d------ [03:20 14/07/2009] napcrypt d------ [03:20 14/07/2009] naphlpr d------ [03:20 14/07/2009] Policy.1.0.Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Policy.1.2.Microsoft.Interop.Security.AzRoles d------ [03:20 14/07/2009] Policy.6.0.Microsoft.Ink d------ [05:32 14/07/2009] PresentationCore d------ [05:32 14/07/2009] System.Data d------ [03:20 14/07/2009] System.Data.OracleClient d------ [03:20 14/07/2009] System.EnterpriseServices d------ [03:20 14/07/2009] System.Printing d------ [05:32 14/07/2009] System.Transactions d------ [03:20 14/07/2009] System.Web d------ [03:20 14/07/2009] C:\Windows\winsxs\Temp\PendingDeletes - Parameters: "(none)" ---Files--- $$DeleteMe.services.exe.01cd8a0be91986d0.0000 --a---- 329216 bytes [23:19 13/07/2009] [01:39 14/07/2009] $$DeleteMe.sqmapi.dll.01cd25083e1b50a0.002a --a---- 235008 bytes [23:40 13/07/2009] [01:41 14/07/2009] ---Folders--- None found. -= EOF =-