Insufficient Priviledges

TheOverWhelming · Aug 18, 2010

I have come to the belief there is something wrong with my ProgramData folder under C:. However, I am not completely positive it is my Vista 64bit Home Edition so this may all be a useless post in the end, whichcase I apologize in advance.
Anyways, to the issue.
With many programs, whenever I try to install them they complain about insufficient privileges and say "[Log onto admin!]" (always, whenever it states the directory the issue comes from, has been ProgramData\). The issue being, I am Admin, and in all of these cases I have logged onto the "Super Admin" account and tried and I have also created a new administrator account and tried, just in case. The errors from all them have been the same.
Please note I have DEP turned off.
I also have turned off UAC. I have Spybot S&D and Smart Defrag.
I also right click and do Run as Administrator
Here are some programs I've had some trouble with.
-Microsoft Expression Encoder 3 and 4 (Free versions)
-Updating iTunes
-A 3D modeling software, the name of which I cannot remember (I used the 64bit edition and it said it was compatible with Vista)
-Updating Adobe
-Updating Quicktime
[Windows Update]
-Security Update for Microsoft Office Access 2003 (KB981716), which was published 7/13/2010
-Security Update for Microsoft Office Excel 2003 (KB2264403), Published 8/10/2010
-Update for Microsoft Search Enhancement Pack, published 6/10/2010.
-Update for Microsoft Silverlight (KB982926), Published 6/3/2010
-Games for Windows - LIVE V3.3
[/Windows Update]

Yet, the reason I doubt is that I haven't had the issue with these:
-Game Booster
-Pidgin
-Microsoft .NET Framework 4 (Web Installer)
Those are all that come to mind.

Here is my laptop's specifications (copy and pasted from a review)
Intel Core 2 Duo Processor P8400 (2.26GHz, 1066MHz FSB, 3MB L2 cache)
NVIDIA GeForce 9800M GS with 512MB of GDDR3 discrete video memory
15.6” WXGA Glossy LCD (1366x768)
Genuine Microsoft Windows Vista Home Premium (64-bit) SP1
4GB (4096MB) DDR2 Memory (2 x 2048MB modules)
320GB 7200RPM Seagate HD
8x Multi-Format Dual Layer DVDRW with LightScribeTechnology
Integrated 1.3 Megapixel Web Cam
6-Cell 11.1v 4800mAh battery, 120w power supply

Again, I apologize if this ends up being some sort of silly issue.
Cheerio

Flavius · Aug 18, 2010

I have Spybot S&D

Is that only one 3p security software what you have or more? Uninstall all 3p security software what you have and iTunes -I heard this soft can cause issue with WU too.

if nothing help please download & run OTL http://oldtimer.geekstogo.com/OTL.exe ,it will do two logs MAIN and EXTRAS,please both them attache to post.

TheOverWhelming · Aug 19, 2010

I have done so and auto-update, for one, did not work.

This is what I've done.. There was no MAIN, there was a OTL text document, however.
I have separated the two with a --------------- in red.

Code:

OTL logfile created on: 8/19/2010 12:15:21 AM - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Ethan\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 33.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.37 Gb Total Space | 31.17 Gb Free Space | 10.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ETHAN-PC
Current User Name: Ethan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[COLOR=#e56717]========== Processes (SafeList) ==========[/COLOR]
 
PRC - [2010/08/18 22:18:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ethan\Downloads\OTL.exe
PRC - [2010/08/10 06:57:24 | 000,049,321 | ---- | M] (The Pidgin developer community) -- C:\Program Files (x86)\Pidgin\pidgin.exe
PRC - [2010/08/05 19:54:16 | 020,120,576 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Program Files (x86)\StarCraft II\Support\SC2Editor.exe
PRC - [2010/07/26 06:54:37 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/26 06:54:35 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/07/09 18:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2010/06/02 17:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/20 08:19:06 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2010/02/26 13:41:08 | 000,471,040 | ---- | M] (Blizzard Entertainment) -- c:\Program Files (x86)\Warcraft III\war3.exe
PRC - [2009/12/30 20:08:41 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/10/25 12:54:39 | 002,923,192 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2009/09/16 09:20:24 | 000,666,360 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2009/08/07 18:15:06 | 000,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 18:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/10 23:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/04/10 23:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2009/04/08 13:51:34 | 002,814,976 | ---- | M] (WhatPulse.org) -- C:\Program Files (x86)\WhatPulse\WhatPulse.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/09/19 04:10:59 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/09/02 17:11:04 | 008,105,984 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2008/08/29 15:06:16 | 000,223,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2008/08/20 16:26:08 | 002,705,976 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
PRC - [2008/08/13 21:00:16 | 000,158,264 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 20:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/08/13 20:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/13 16:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/07/18 19:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/06/17 22:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/06/06 11:42:10 | 000,324,096 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2008/06/06 11:40:00 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008/06/04 17:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2008/05/02 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2008/03/31 23:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/03/24 21:39:18 | 000,322,104 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007/02/09 12:17:30 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
PRC - [2007/02/09 12:17:26 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2006/11/02 08:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
[COLOR=#e56717]========== Modules (SafeList) ==========[/COLOR]
 
MOD - [2010/08/18 22:18:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ethan\Downloads\OTL.exe
MOD - [2009/10/16 23:30:05 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2009/04/10 23:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2008/05/02 04:00:00 | 000,038,912 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\x86\lgscroll.dll
MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008/01/20 19:49:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2007/02/09 12:16:08 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Winphook.dll
MOD - [2006/11/02 02:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2006/11/02 02:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
 
 
[COLOR=#e56717]========== Win32 Services (SafeList) ==========[/COLOR]
 
SRV:[B]64bit:[/B] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:[B]64bit:[/B] - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:[B]64bit:[/B] - [2008/05/02 02:49:54 | 000,160,272 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:[B]64bit:[/B] - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV:[B]64bit:[/B] - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[B]64bit:[/B] - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:[B]64bit:[/B] - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2010/07/04 09:30:31 | 002,561,624 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3725.dll -- (Akamai)
SRV - [2010/04/03 20:42:39 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 07:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 07:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/30 20:08:41 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/09/16 09:20:24 | 000,666,360 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2009/08/07 18:15:06 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/02/06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/12/23 08:35:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/08/13 20:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/06/06 11:40:00 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008/06/04 17:59:34 | 000,090,112 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[COLOR=#e56717]========== Driver Services (SafeList) ==========[/COLOR]
 
DRV:[B]64bit:[/B] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:[B]64bit:[/B] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:[B]64bit:[/B] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:[B]64bit:[/B] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hexmagic.sys -- (hexmagic)
DRV:[B]64bit:[/B] - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:[B]64bit:[/B] - [2010/03/06 14:58:46 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:[B]64bit:[/B] - [2010/03/06 14:58:41 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:[B]64bit:[/B] - [2010/03/04 13:50:18 | 000,321,568 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:[B]64bit:[/B] - [2010/01/28 07:25:02 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[B]64bit:[/B] - [2009/11/06 14:27:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:[B]64bit:[/B] - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[B]64bit:[/B] - [2009/09/23 10:42:58 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:[B]64bit:[/B] - [2009/09/16 09:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:[B]64bit:[/B] - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[B]64bit:[/B] - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[B]64bit:[/B] - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:[B]64bit:[/B] - [2009/02/06 18:42:12 | 000,061,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:[B]64bit:[/B] - [2008/12/23 08:35:42 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:[B]64bit:[/B] - [2008/09/11 22:48:25 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:[B]64bit:[/B] - [2008/08/28 08:57:23 | 004,745,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:[B]64bit:[/B] - [2008/06/24 13:50:00 | 000,065,024 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:[B]64bit:[/B] - [2008/06/04 17:59:44 | 000,020,520 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV:[B]64bit:[/B] - [2008/06/02 23:41:49 | 000,017,464 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\kbfiltr.sys -- (kbfiltr)
DRV:[B]64bit:[/B] - [2008/05/29 10:21:00 | 000,016,440 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\lullaby.sys -- (lullaby)
DRV:[B]64bit:[/B] - [2008/04/01 02:59:19 | 001,878,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[B]64bit:[/B] - [2008/02/29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:[B]64bit:[/B] - [2008/02/29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:[B]64bit:[/B] - [2007/12/06 03:12:55 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:[B]64bit:[/B] - [2007/08/02 21:26:47 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:[B]64bit:[/B] - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:[B]64bit:[/B] - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:[B]64bit:[/B] - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:[B]64bit:[/B] - [2006/10/27 06:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor)
DRV:[B]64bit:[/B] - [2006/10/03 18:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:[B]64bit:[/B] - [2006/09/18 14:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2008/11/14 03:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2007/06/02 16:00:10 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Users\Ethan\Documents\Command & Conquer 3 Tiberium Wars\Replays\New Folder\PG2\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2005/05/25 02:39:14 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RMClock\RTCore64.sys -- (RTCore64)
 
 
[COLOR=#e56717]========== Standard Registry (SafeList) ==========[/COLOR]
 
 
[COLOR=#e56717]========== Internet Explorer ==========[/COLOR]
 
IE:[B]64bit:[/B] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS"]iGoogle[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS"]iGoogle[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS"]iGoogle[/URL]
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS"]iGoogle[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [URL="http://www.google.com"]Google[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://www.google.com/"]Google[/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[COLOR=#e56717]========== FireFox ==========[/COLOR]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:0.3.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.8
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:2.0.6
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:3.7.8
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:4.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.5.8.6
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:1.1.2.0185
FF - prefs.js..extensions.enabledItems: [EMAIL="[email protected]"][email protected][/EMAIL]:1.0
FF - prefs.js..extensions.enabledItems: {89736E8E-4B14-4042-8C75-AD00B6BD3900}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/01/29 13:49:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/18 22:58:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/30 15:55:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/26 18:05:29 | 000,000,000 | ---D | M]
 
[2010/01/28 14:32:01 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Extensions
[2009/08/06 23:26:21 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/08/18 05:20:46 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions
[2010/01/28 14:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010/04/30 17:50:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/20 05:46:12 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/06/29 04:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{89736E8E-4B14-4042-8C75-AD00B6BD3900}
[2010/01/28 14:43:16 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/05/12 06:50:18 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/07 15:54:03 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/08/07 17:54:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/04/16 16:46:30 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/07/14 12:56:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/20 05:46:12 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/06/01 15:50:21 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/01/28 14:43:16 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/07/20 05:46:21 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2010/07/20 05:46:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2010/01/28 14:43:22 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/04/17 20:30:57 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/07/14 12:56:00 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/04/06 18:08:01 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/05/11 15:06:23 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/07/14 12:55:58 | 000,000,000 | ---D | M] -- C:\Users\Ethan\AppData\Roaming\Mozilla\Firefox\Profiles\8v0u4vrf.default\extensions\[email protected]
[2010/08/18 05:20:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/27 14:24:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 14:23:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/25 12:54:38 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/10/07 21:08:34 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPTURNMED.dll
 
O1 HOSTS File: ([2010/01/27 17:03:31 | 000,000,875 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:[B]64bit:[/B] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:[B]64bit:[/B] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:[B]64bit:[/B] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[B]64bit:[/B] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:[B]64bit:[/B] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[B]64bit:[/B] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:[B]64bit:[/B] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3:[B]64bit:[/B] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:[B]64bit:[/B] - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:[B]64bit:[/B] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:[B]64bit:[/B] - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:[B]64bit:[/B] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [PeerGuardian] C:\Users\Ethan\Documents\Command & Conquer 3 Tiberium Wars\Replays\New Folder\PG2\PeerGuardian2\pg2.exe (Phoenix Labs)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O8:[B]64bit:[/B] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab[/URL] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab[/URL] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab[/URL] (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O18:[B]64bit:[/B] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\msdaipp - No CLSID value found
O18:[B]64bit:[/B] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:[B]64bit:[/B] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18:[B]64bit:[/B] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:[B]64bit:[/B] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Program Files (x86)\Internet Explorer\MUI\0409\ \Stuff\Wallpapers\1262242887411.jpg
O24 - Desktop BackupWallPaper: C:\Program Files (x86)\Internet Explorer\MUI\0409\ \Stuff\Wallpapers\1262242887411.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/24 21:56:52 | 000,000,046 | -H-- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3f7d2a1f-221c-11df-a40c-83e809895933}\Shell - "" = AutoRun
O33 - MountPoints2\{3f7d2a1f-221c-11df-a40c-83e809895933}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b234e8a1-752c-11df-93be-00248c75e13f}\Shell - "" = AutoRun
O33 - MountPoints2\{b234e8a1-752c-11df-93be-00248c75e13f}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{f59cb47c-1877-11de-bc32-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f59cb47c-1877-11de-bc32-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Installer.exe -- [2010/05/24 21:56:52 | 002,505,256 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[B]64bit:[/B] - HKLM\..comfile [open] -- "%1" %*
O35:[B]64bit:[/B] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[B]64bit:[/B] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[B]64bit:[/B] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[COLOR=#e56717]========== Files/Folders - Created Within 30 Days ==========[/COLOR]
 
[2010/08/18 22:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/08/18 22:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/08/18 22:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/08/18 04:22:13 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/08/18 04:21:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2010/08/18 04:21:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2010/08/18 04:18:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2010/08/18 04:18:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll
[2010/08/18 04:18:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2010/08/18 04:18:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll
[2010/08/18 04:18:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2010/08/18 04:18:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2010/08/18 04:18:19 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2010/08/18 04:18:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2010/08/18 04:18:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe
[2010/08/18 04:18:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe
[2010/08/18 04:18:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2010/08/18 04:18:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll
[2010/08/18 04:18:14 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2010/08/18 04:18:14 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2010/08/18 04:18:14 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2010/08/18 04:18:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2010/08/18 04:18:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2010/08/18 04:18:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2010/08/18 04:18:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2010/08/18 04:18:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2010/08/18 04:18:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2010/08/18 04:18:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2010/08/18 04:18:10 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2010/08/18 04:18:10 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2010/08/18 04:18:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2010/08/18 04:18:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2010/08/18 04:18:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2010/08/18 04:18:10 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2010/08/18 04:18:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2010/08/18 04:18:09 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll
[2010/08/18 04:18:09 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2010/08/18 04:18:09 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2010/08/18 03:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Expression
[2010/08/15 22:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Starcraft
[2010/08/10 17:07:41 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/10 17:07:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/10 17:06:36 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/10 17:06:34 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/10 17:06:18 | 002,335,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/08/10 17:06:13 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/08/10 17:06:13 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/08/10 17:06:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/08/10 17:06:13 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/10 17:06:13 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/08/10 17:06:13 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/10 17:06:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/08/10 17:06:13 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/08/10 17:06:12 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/08/10 17:06:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/08/10 17:06:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/10 17:06:11 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/10 17:06:11 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/08/10 17:06:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/08/10 17:06:11 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/08/10 17:06:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/08/10 17:06:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/08/10 17:06:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/08/10 17:06:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/08/10 17:06:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/08/10 17:06:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/10 17:06:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/09 09:31:23 | 000,044,544 | ---- | C] (Absolute Software Corp.) -- C:\Windows\SysWow64\agremove.exe
[2010/08/03 14:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/08/03 14:23:36 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/08/03 14:23:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/08/03 14:23:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/07/30 16:38:15 | 000,000,000 | ---D | C] -- C:\Users\Ethan\AppData\Roaming\DisplayTune
[2010/07/30 01:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Displays
[2010/07/30 01:43:48 | 000,020,520 | ---- | C] (Portrait Displays, Inc.) -- C:\Windows\SysNative\drivers\PdiPorts.sys
[2010/07/30 01:43:19 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\gdiplus.dll
[2010/07/30 01:43:18 | 001,392,671 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvbvm60.dll
[2010/07/30 01:43:18 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc70.dll
[2010/07/30 01:43:18 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcp70.dll
[2010/07/30 01:43:18 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcr70.dll
[2010/07/30 01:43:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfcm80.dll
[2010/07/30 01:43:18 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfcm80u.dll
[2010/07/30 01:43:17 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc80.dll
[2010/07/30 01:43:17 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\mfc80u.dll
[2010/07/30 01:43:17 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcr80.dll
[2010/07/30 01:43:17 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcp80.dll
[2010/07/30 01:43:17 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcm80.dll
[2010/07/30 01:43:17 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Windows\ijl15.dll
[2010/07/30 01:43:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\atl80.dll
[2010/07/30 01:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Portrait Displays
[2010/07/30 01:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Display
[2010/07/29 15:47:20 | 000,000,000 | ---D | C] -- C:\Users\Ethan\Documents\StarCraft II
[2010/07/29 15:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010/07/26 17:43:46 | 000,000,000 | ---D | C] -- C:\Users\Ethan\AppData\Local\SIT35121.tmp
[2010/07/23 07:02:26 | 000,000,000 | ---D | C] -- C:\Users\Ethan\AppData\Roaming\Hellogramming
[2010/07/23 07:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Hellogramming
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Ethan\AppData\Local\*.tmp files -> C:\Users\Ethan\AppData\Local\*.tmp -> ]
 
[COLOR=#e56717]========== Files - Modified Within 30 Days ==========[/COLOR]
 
[2010/08/19 00:21:42 | 007,602,176 | -HS- | M] () -- C:\Users\Ethan\NTUSER.DAT
[2010/08/19 00:06:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/18 23:47:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1430094352-350121528-1836166521-1000UA.job
[2010/08/18 23:15:08 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/18 23:15:08 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/18 21:47:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1430094352-350121528-1836166521-1000Core.job
[2010/08/18 21:06:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/18 17:32:19 | 000,476,870 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/18 17:32:19 | 000,476,870 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/18 12:11:50 | 000,016,969 | ---- | M] () -- C:\Users\Ethan\.recently-used.xbel
[2010/08/18 12:00:00 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\PerfectOptimizer_home.job
[2010/08/18 08:02:37 | 000,142,848 | ---- | M] () -- C:\Users\Ethan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/18 04:25:48 | 000,772,638 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/18 04:25:48 | 000,651,814 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/18 04:25:48 | 000,123,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/18 03:55:37 | 000,768,076 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/18 03:15:34 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2010/08/18 03:15:20 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2010/08/18 03:15:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/18 03:15:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/18 03:15:03 | 4294,168,576 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/18 03:13:32 | 000,524,288 | -HS- | M] () -- C:\Users\Ethan\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/08/18 03:13:32 | 000,065,536 | -HS- | M] () -- C:\Users\Ethan\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/08/18 03:13:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2010/08/18 03:12:40 | 003,226,157 | -H-- | M] () -- C:\Users\Ethan\AppData\Local\IconCache.db
[2010/08/18 03:11:31 | 000,000,938 | ---- | M] () -- C:\Users\Ethan\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/08/18 03:11:30 | 000,000,922 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010/08/18 03:11:30 | 000,000,914 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010/08/16 18:04:16 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\agremove.exe
[2010/08/16 17:46:53 | 670,816,606 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/16 17:46:52 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/08/15 22:56:08 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010/08/15 22:56:08 | 000,051,836 | ---- | M] () -- C:\Windows\scunin.dat
[2010/08/15 22:56:08 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2010/08/15 22:00:03 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010/08/14 04:59:39 | 000,004,506 | ---- | M] () -- C:\Windows\fred2.INI
[2010/08/14 04:54:57 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\FreeSpace 2.lnk
[2010/08/12 03:28:20 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag.lnk
[2010/08/11 16:48:24 | 000,344,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/10 20:30:41 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010/08/10 19:47:41 | 000,002,049 | ---- | M] () -- C:\Users\Ethan\Desktop\Google Chrome.lnk
[2010/08/10 19:47:41 | 000,002,011 | ---- | M] () -- C:\Users\Ethan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/02 20:03:36 | 000,000,856 | ---- | M] () -- C:\Users\Ethan\Desktop\GE.lnk
[2010/07/30 01:45:52 | 000,001,883 | ---- | M] () -- C:\Users\Public\Desktop\Acer eDisplay Management.lnk
[2010/07/29 16:07:36 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/07/28 14:08:45 | 000,001,560 | ---- | M] () -- C:\Users\Ethan\AppData\Roaming\MPQEditor.ini
[2010/07/25 11:12:40 | 000,000,680 | ---- | M] () -- C:\Users\Ethan\AppData\Local\d3d9caps.dat
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Ethan\AppData\Local\*.tmp files -> C:\Users\Ethan\AppData\Local\*.tmp -> ]
 
[COLOR=#e56717]========== Files Created - No Company Name ==========[/COLOR]
 
[2010/08/18 12:11:50 | 000,016,969 | ---- | C] () -- C:\Users\Ethan\.recently-used.xbel
[2010/08/18 04:18:11 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010/08/18 04:18:11 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010/08/18 04:18:11 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010/08/18 04:18:11 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010/08/18 04:18:11 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010/08/18 04:18:11 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010/08/16 17:46:53 | 670,816,606 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/14 04:54:57 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\FreeSpace 2.lnk
[2010/08/12 03:28:45 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\SmartDefrag.job
[2010/08/12 03:28:20 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag.lnk
[2010/08/02 20:03:36 | 000,000,856 | ---- | C] () -- C:\Users\Ethan\Desktop\GE.lnk
[2010/07/30 01:45:52 | 000,001,883 | ---- | C] () -- C:\Users\Public\Desktop\Acer eDisplay Management.lnk
[2010/07/30 01:45:26 | 000,002,304 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2010/07/30 01:43:48 | 000,007,163 | ---- | C] () -- C:\pdiports.cat
[2010/07/30 01:43:48 | 000,002,853 | ---- | C] () -- C:\pdiports64.inf
[2010/07/30 01:43:17 | 000,002,371 | ---- | C] () -- C:\Windows\Microsoft.VC80.MFC.manifest
[2010/07/30 01:43:17 | 000,001,869 | ---- | C] () -- C:\Windows\Microsoft.VC80.CRT.manifest
[2010/07/30 01:43:17 | 000,000,456 | ---- | C] () -- C:\Windows\Microsoft.VC80.ATL.manifest
[2010/07/29 15:47:20 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/06/29 00:06:11 | 000,432,346 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI7B15.txt
[2010/06/29 00:06:10 | 000,012,232 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI7B15.txt
[2010/04/19 16:24:44 | 000,000,700 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\myMPQ.ini
[2010/03/26 23:04:41 | 000,073,216 | ---- | C] () -- C:\Windows\dl.dll
[2010/03/24 15:37:37 | 000,000,145 | ---- | C] () -- C:\Windows\Mp3 Ripper.INI
[2010/02/24 19:07:28 | 002,392,064 | ---- | C] () -- C:\Windows\SysWow64\videotrans.dll
[2010/02/24 19:07:28 | 000,215,040 | ---- | C] () -- C:\Windows\SysWow64\videoformat.dll
[2010/02/24 19:07:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\imgscaler.dll
[2010/02/24 19:07:28 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\img_utils.dll
[2010/02/24 19:07:28 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\videocore.dll
[2010/02/19 23:22:18 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/02/11 07:48:32 | 000,013,700 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI3E9D.txt
[2010/01/21 18:11:07 | 000,194,840 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_depcheckdotnetfx30.txt
[2010/01/21 18:10:53 | 000,179,752 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_dotnetfx3install.txt
[2010/01/21 18:10:53 | 000,010,460 | ---- | C] () -- C:\Users\Ethan\AppData\Local\uxeventlog.txt
[2010/01/21 18:10:53 | 000,002,394 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_dotnetfx3error.txt
[2010/01/16 23:26:17 | 000,004,506 | ---- | C] () -- C:\Windows\fred2.INI
[2009/12/20 01:43:03 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2009/12/20 01:42:50 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/12/20 01:42:50 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/11/22 10:30:16 | 000,000,140 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\7d20c2c4.dat
[2009/11/10 17:56:05 | 000,359,050 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI2D3F.txt
[2009/11/10 17:56:05 | 000,013,950 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI2D3F.txt
[2009/11/10 17:54:43 | 000,359,434 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI2C33.txt
[2009/11/10 17:54:43 | 000,013,966 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI2C33.txt
[2009/11/10 17:53:25 | 000,357,894 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI2B31.txt
[2009/11/10 17:53:24 | 000,013,902 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI2B31.txt
[2009/11/10 17:37:22 | 000,357,596 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI1EEC.txt
[2009/11/10 17:37:22 | 000,011,142 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI1EEC.txt
[2009/11/10 17:36:00 | 000,359,900 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI1DE0.txt
[2009/11/10 17:36:00 | 000,011,238 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI1DE0.txt
[2009/11/10 17:34:34 | 000,357,980 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI1CC4.txt
[2009/11/10 17:34:33 | 000,011,158 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI1CC4.txt
[2009/11/10 17:32:03 | 000,359,516 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI1ADA.txt
[2009/11/10 17:32:03 | 000,011,222 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI1ADA.txt
[2009/11/10 17:19:08 | 000,357,978 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI10F7.txt
[2009/11/10 17:19:08 | 000,011,158 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI10F7.txt
[2009/11/10 17:05:59 | 000,358,364 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI06E3.txt
[2009/11/10 17:05:58 | 000,011,174 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI06E3.txt
[2009/11/10 16:56:53 | 000,358,364 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI7FEF.txt
[2009/11/10 16:56:53 | 000,011,174 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI7FEF.txt
[2009/11/10 16:47:50 | 000,435,068 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI7902.txt
[2009/11/10 16:47:50 | 000,011,478 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI7902.txt
[2009/11/08 14:49:29 | 000,000,093 | ---- | C] () -- C:\Users\Ethan\AppData\Local\fusioncache.dat
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/09/25 13:38:28 | 000,000,135 | ---- | C] () -- C:\Windows\w32demo8.ini
[2009/09/25 13:37:50 | 000,000,135 | ---- | C] () -- C:\Windows\w32dasm8.ini
[2009/09/25 12:18:06 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2009/09/12 13:38:57 | 000,768,076 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/10 17:42:02 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/13 13:20:03 | 000,582,810 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistMSI301E.txt
[2009/08/13 13:20:01 | 000,014,306 | ---- | C] () -- C:\Users\Ethan\AppData\Local\dd_vcredistUI301E.txt
[2009/08/07 06:42:59 | 000,339,968 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2009/08/07 06:42:59 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2009/08/04 01:46:11 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/08/03 13:35:58 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009/08/03 13:35:58 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009/08/03 13:35:58 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009/07/26 12:21:28 | 000,000,760 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\setup_ldm.iss
[2009/07/19 18:17:40 | 000,001,560 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\MPQEditor.ini
[2009/07/08 19:33:17 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/06/18 23:25:26 | 000,000,732 | ---- | C] () -- C:\Users\Ethan\AppData\Local\d3d9caps64.dat
[2009/06/16 20:13:31 | 000,000,552 | ---- | C] () -- C:\Users\Ethan\AppData\Local\d3d8caps.dat
[2009/06/06 16:20:35 | 000,000,680 | ---- | C] () -- C:\Users\Ethan\AppData\Local\d3d9caps.dat
[2009/05/31 17:47:39 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/05/31 17:46:34 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/31 13:24:52 | 000,003,395 | ---- | C] () -- C:\Users\Ethan\AppData\Local\springsettings.cfg
[2009/05/31 02:03:28 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/05/30 23:58:47 | 000,000,084 | -H-- | C] () -- C:\ProgramData\aspg.dat
[2009/05/30 23:58:20 | 000,000,846 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\wklnhst.dat
[2009/05/30 22:42:34 | 000,142,848 | ---- | C] () -- C:\Users\Ethan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 22:19:34 | 000,002,039 | ---- | C] () -- C:\Users\Ethan\AppData\Roaming\install.dat
[2009/05/30 22:17:12 | 000,476,870 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/03/24 06:47:17 | 000,476,870 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/23 08:33:18 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2008/09/19 04:41:00 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008/07/01 19:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 09:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/06/12 10:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
[COLOR=#e56717]========== Alternate Data Streams ==========[/COLOR]
 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:90EE3BE1
< End of report >


[COLOR=Red]
-----------------------------------------------------------------------------[/COLOR]


OTL Extras logfile created on: 8/19/2010 12:15:21 AM - Run 1
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Ethan\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 33.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.37 Gb Total Space | 31.17 Gb Free Space | 10.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ETHAN-PC
Current User Name: Ethan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[COLOR=#e56717]========== Extra Registry (SafeList) ==========[/COLOR]
 
 
[COLOR=#e56717]========== File Associations ==========[/COLOR]
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp[@ = hlpfile] -- C:\Windows\SysWow64\winhlp32.exe File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\SysWow64\winhlp32.exe File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[COLOR=#e56717]========== Shell Spawning ==========[/COLOR]
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\SysWow64\winhlp32.exe %1 File not found
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\SysWow64\winhlp32.exe %1 File not found
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[COLOR=#e56717]========== Security Center Settings ==========[/COLOR]
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = 6A 10 B7 DA 6C E2 C9 01  [binary data]
 
[B]64bit:[/B] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[COLOR=#e56717]========== Authorized Applications List ==========[/COLOR]
 
 
[COLOR=#e56717]========== Vista Active Open Ports Exception List ==========[/COLOR]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13961A30-6674-4BBE-9616-2D6F2BB72108}" = rport=138 | protocol=17 | dir=out | app=system | 
"{13E8E5B3-3567-4528-873E-85B01CEAADCA}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{15F2B841-9C6F-41A8-8BC2-F94EBB7242B5}" = lport=6119 | protocol=6 | dir=in | name=6119 | 
"{1B2B5717-546A-451A-8290-554C5EFD55EE}" = lport=6113 | protocol=17 | dir=in | name=wc3 port | 
"{27E0C93F-8E9D-4029-BA44-DD89A6CC8A14}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{28A6D5B1-C7F9-48BF-A354-EA9B5D1415E8}" = lport=8452 | protocol=6 | dir=in | name=spring1 | 
"{349A0D0E-2D12-40CE-847E-F69C592555AE}" = lport=6113 | protocol=6 | dir=in | name=wc3 port2 | 
"{37A6C851-2562-4CA3-9A22-E456D2080A13}" = rport=139 | protocol=6 | dir=out | app=system | 
"{54280590-C058-4934-95F1-30CB42A1EC2E}" = lport=65000 | protocol=17 | dir=in | name=test | 
"{558C0C9A-A361-4449-997F-18AFC5ACD13D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5CC41F07-BA01-47DB-8061-FB45E018A53F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{63BDCE71-986E-46F5-B110-D73B66576AA8}" = lport=6112 | protocol=17 | dir=in | name=wc3 port | 
"{7DE39797-ED07-4A88-AC75-ECEB2901469D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8C848C48-560D-4103-BC68-BA924B7DC9CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{957A210A-78E3-44F6-8AD6-37709D10A539}" = lport=6119 | protocol=17 | dir=in | name=6119 | 
"{95E8AFC2-3B56-40F1-99AB-563AF362E050}" = lport=8452 | protocol=17 | dir=in | name=port2 | 
"{9A913C19-3A2D-4A4B-875A-857C0903DFFF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A7547D0A-4376-482E-9AA1-ADDE3F36DB52}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AB5F8321-2485-49B2-86E3-F45693BA5D64}" = lport=6112 | protocol=6 | dir=in | name=wc3 | 
"{BA7B4D48-537D-460C-B9C7-CB1325804167}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CF2827D0-15E2-450C-A2B1-6C62ADC61AD4}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{D1783F9F-DC68-4A6C-A3B0-145929AE5969}" = lport=65000 | protocol=6 | dir=in | name=test | 
"{F3D7BADD-B433-403E-B393-316560B07F49}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FB34A9E4-7806-45B1-AE14-B52B95C931E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{FB3DCF73-EDD1-4C42-9963-15309D447907}" = lport=49157 | protocol=6 | dir=in | name=akamai netsession interface | 
 
[COLOR=#e56717]========== Vista Active Application Exception List ==========[/COLOR]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B4E7C4-545E-4900-9DA7-F3B6BFDD03E2}" = protocol=1 | dir=in | [email protected],-28543 | 
"{01FD375F-D726-4456-AF1F-F5D320B62954}" = protocol=17 | dir=in | app=g:\ethan's files\games\itunes\itunes.exe | 
"{063EF198-FDDF-44E0-BABF-0A88D78D5F23}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe | 
"{07B01E8C-1397-44DB-8944-A4029678E7D5}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe | 
"{0840D9E2-A2F4-47A3-8A22-3BABDAAC6A07}" = protocol=6 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault\uawea.exe | 
"{08E0537E-B497-46B3-8622-48E3FE91205D}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{110CA4D0-0F65-4580-9865-1A04F009BB30}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{14FBB92E-1B78-40F0-AF86-F13B3DF5A524}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\warcraft iii.exe | 
"{1976ACF3-B13E-4DA4-A6B3-A7FC8035EF08}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - spd\dow2.exe | 
"{1A573BC6-56F0-4746-A789-1E13BE369432}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | 
"{1C51692E-CBD6-449A-AA04-E72C330D5A35}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{1E9F9389-686E-4540-A0F8-E1BD2A3E3A77}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{1EB79328-EA81-4D31-B027-795F4241A211}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | 
"{2415D3BF-A4B0-43B0-85D1-7F9CD19C8D58}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{258234DD-528D-48B6-A129-2276A52EA98F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{2867AB16-B451-4B1C-9103-326942E891D2}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{28D244AF-87DE-4EDA-9408-3679B7F6A89F}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe | 
"{2A8C5234-C947-4EDA-B1E8-7D50970B94DF}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe | 
"{2DABBACA-FFE6-4F2B-95B2-7CB448AB4857}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{2E0B2014-6833-4452-B0B1-CF683A1639DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe | 
"{3158098B-01E7-44A0-A94A-EA46D65E4CA9}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{32B2BC69-EEC8-4D1A-A360-C6B3CF2C03EF}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | 
"{33E72E7C-B074-4FE6-9985-E567E8F54F0B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\sdklauncher.exe | 
"{34F71FF7-78EF-404B-B8BB-F16113DD31DB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of legends\legends.exe | 
"{366667B0-71FE-410F-B10C-D4D591AFF62F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of legends\legends.exe | 
"{39E9204E-F736-4F46-B13C-6757FCCC24C7}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3A1D4DD5-CCF4-44EC-A788-86664FCB1E55}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\daoriginslauncher.exe | 
"{3AFBF2B4-E519-4463-BD05-EC263D78E01F}" = protocol=17 | dir=in | app=c:\program files (x86)\aliens vs predator\avp.exe | 
"{3B233271-E3DA-4FCC-A4FD-E808FCFF5634}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{3B351480-E117-4D2C-B439-51F97CF1AA2C}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | 
"{3F374BAC-FA7E-48B9-9058-586BD7A5F574}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe | 
"{40F7847F-CA39-48C9-9FEE-E84D86C046FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daupdatersvc.service.exe | 
"{4272955E-BA3B-4622-9643-F12BA8005802}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{48EAF1A5-2116-416B-918B-665AB1BE9244}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{4A55CB41-8B78-4A4A-AC92-F05A66293429}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | 
"{4B872A00-9306-403C-969F-EFA9DD530065}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\world editor.exe | 
"{5253BAC4-3701-4619-B413-58449480ABAF}" = protocol=17 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault\uawea.exe | 
"{525651AF-C512-4728-A9CE-2C9CE97DA2A0}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{587B81FB-CD03-4E68-BA90-50F6959040B5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | 
"{5B57244E-5BD6-454E-BA8D-1D5F4B86F678}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe | 
"{5F734EA2-9335-4A60-85C4-EDCD95661412}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | 
"{64891118-BB0E-4A09-94D3-B4E573A97821}" = protocol=6 | dir=in | app=c:\program files (x86)\aliens vs predator\avp.exe | 
"{64BFE9B0-440A-4940-96AE-7C7ECC4C0E4E}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | 
"{6A709678-A8C6-49A4-ACA6-01A88DF757F9}" = protocol=6 | dir=in | app=c:\games\dragon age origins character creator\daoriginslauncher.exe | 
"{6CE8BD7B-7480-41B1-9A89-6129F8AA5E33}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\daoriginslauncher.exe | 
"{6D2EB1CE-C412-4CA5-97E4-C984E5ADFD4E}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.0\cnc3ep1.dat | 
"{72200178-9CB6-42A6-8957-18B326959419}" = protocol=58 | dir=in | [email protected],-28545 | 
"{73058C00-6504-4522-8B5C-A6558B244C78}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\zerogear.bat | 
"{737EF353-E057-4AE6-9E06-AF1004ACF9BF}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | 
"{76C0A261-BA71-41F0-A07E-414D05B3EA75}" = protocol=17 | dir=in | app=c:\games\dragon age origins character creator\daoriginslauncher.exe | 
"{78C9FC06-995A-45EC-A967-98956CEF0FC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{7A4430AA-CD5D-4258-BCFB-0D047DC70EAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - spd\dow2.exe | 
"{7B2CB803-5517-43B0-92B7-6B99FF61EFA5}" = protocol=1 | dir=out | [email protected],-28544 | 
"{7E78C0B7-570B-4E0D-A23A-924E67A4653A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\zerogear.bat | 
"{7FE1645A-B7C0-4E7A-8FB9-51B9467B30BE}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | 
"{83460890-5D0C-4B05-901C-779F63FB5EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{835902BE-EAE4-434D-B9EE-B571C95F32E1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of legends\legends.exe | 
"{84499FA5-AAFE-41A1-9590-DA6959FE8089}" = protocol=17 | dir=in | app=c:\users\ethan\downloads\systemcheck_enus.exe | 
"{8A4EA8F7-1A52-4349-BBBF-BA84B5AE2766}" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\daoriginslauncher.exe | 
"{8BB7A91E-912B-4DB5-A758-E8B203FEB420}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat | 
"{9031E138-1548-40C4-994E-D4299CDEAA6F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\sdklauncher.exe | 
"{9037BC3E-13B4-4957-A7AB-2DC26DCF6885}" = protocol=17 | dir=in | app=c:\games\dragon age origins character creator\bin_ship\daocharactercreator.exe | 
"{919761C6-8EBB-4EC9-B622-BA40BACDCBAC}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe | 
"{9337E45E-F2B8-4F38-8E67-D663CBCE34F2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{9F258390-B109-4775-AED2-F4DB34C17DF9}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\world editor.exe | 
"{9F317EA9-030D-4DEE-9D4B-74BF7B601BBA}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe | 
"{A3DA186F-25D0-40BA-BF95-F0F0D4D828CC}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | 
"{A42BB13D-791D-4174-BF3D-D48BC2652A52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes sp demo\reliccoh.exe | 
"{AC0F0249-AA82-4A48-B9FD-0D604EEECBCB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of legends\legends.exe | 
"{AD82D228-D85F-41C6-95C7-EAE266534F8A}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\daoriginslauncher.exe | 
"{ADC9FC4D-368A-4E1F-81AA-F7B87A0B72FB}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\frozen throne.exe | 
"{B02B7B5C-6A47-4EA2-96E5-30228E1DF59B}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{B4EFD31F-6C4A-4697-936B-C25DAC62D8A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{BC02FA0A-BB28-4C97-BC29-1F62F77BCC4C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{BC2A10C9-3EA3-442B-BE7A-E1790BF07EA4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes sp demo\reliccoh.exe | 
"{BD9ED6E7-678B-4DFB-BA97-E7545B271483}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe | 
"{C23E157B-969E-46DE-BEC0-83B38DB2390C}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{C6434BDF-D030-4A61-A1E6-C5C497DA75C3}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{C8CBFE82-EAAB-4E37-A63F-1BADC5C892E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{CC25524F-0287-4509-9F87-913AC52BDA40}" = protocol=58 | dir=out | [email protected],-28546 | 
"{CFC06D90-970D-49F0-A487-89A7DB53A316}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{CFD5A9D5-A64D-4B0D-979B-DFBCE205A210}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{CFEF3411-6C8C-49E8-A7D5-BE137CE53AFB}" = protocol=6 | dir=in | app=c:\users\ethan\downloads\systemcheck_enus.exe | 
"{D19D4160-A1D9-4F9B-9929-C35A6FE67C32}" = protocol=6 | dir=in | app=g:\ethan's files\games\itunes\itunes.exe | 
"{D1FC7814-339A-4053-A05C-AFC01B742823}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"{D2253F26-4D4D-458F-A65F-16B94B48E1A0}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe | 
"{D2F058C3-46D9-4831-A698-0716055AA5A6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{D4C6228E-DA65-4E8D-9039-E52BAC205FDA}" = protocol=1 | dir=in | [email protected],-26140 | 
"{D7993774-2648-4969-A546-BB52AB53E34E}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{DA8FBE69-7C7A-4849-8E1B-14E49A11FB27}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E57D2705-2109-4C89-9E22-2E8E4E19DA2A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe | 
"{E94E4733-67BD-468D-B4A5-FEB15B5F7A13}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{EB407D3E-C105-4C3C-A84C-EA04DFCF3AF8}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{EF597E4C-1996-46E6-AB87-6CBF3FA2D128}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\support\blizzarddownloader.exe | 
"{F366E014-8BD1-4870-B15E-4F63E6CCB180}" = protocol=58 | dir=in | [email protected],-26142 | 
"{F6275162-4026-4B76-9769-EDB7D210DD62}" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daupdatersvc.service.exe | 
"{F70C1E53-C408-4586-B729-5D67B17234B7}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\frozen throne.exe | 
"{F8651B5A-1482-43C5-949C-BFC548CEC7A2}" = protocol=6 | dir=in | app=c:\games\dragon age origins character creator\bin_ship\daocharactercreator.exe | 
"{F8E52C78-86E2-47B2-9E0B-0F0C46F3DA55}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe | 
"{F95B2143-31A2-4938-A837-0B3C491D8AA1}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\warcraft iii.exe | 
"{FC72A58C-45C6-42F5-A1F0-0B0E8675E546}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"TCP Query User{052B23B1-B9CE-48CA-A6BB-1BB273268BE5}C:\program files (x86)\spring\springlobby.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\springlobby.exe | 
"TCP Query User{08123351-4F8A-4C7E-A10E-7C70A3617B66}C:\program files (x86)\burning sand\img\new folder\dow2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\burning sand\img\new folder\dow2.exe | 
"TCP Query User{09514BDA-BD25-4477-869E-9B2DB6F689CF}C:\program files (x86)\starcraft ii beta\launchergui.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\launchergui.exe | 
"TCP Query User{14BBF645-4E23-40FD-A635-58BC930E256F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{261F8B5F-B2D9-4EBD-A7D5-757897004396}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{2DA09702-301C-4C11-8A8A-15253A0D7FBD}C:\program files (x86)\warcraft iii\ghost\ghost.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\ghost\ghost.exe | 
"TCP Query User{2F451C42-22EC-4BBF-9E68-459C716928B3}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | 
"TCP Query User{3799DFDB-E567-4D97-82D6-4FB0CA899115}C:\program files (x86)\steam\steamapps\common\lost planet dx9 trial\lostplanetdx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lost planet dx9 trial\lostplanetdx9.exe | 
"TCP Query User{388DE1A1-7ACC-4A2A-A3A1-A8884789FFBE}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | 
"TCP Query User{3B5B96BB-5B6D-4104-ABEA-DA6BFB3F723F}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | 
"TCP Query User{3D0496A2-765A-4C7E-8704-A9A35B36708A}C:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat | 
"TCP Query User{41CB6DB0-21DC-4528-B6F1-8E84CD57796F}C:\westwood\sun\game.exe" = protocol=6 | dir=in | app=c:\westwood\sun\game.exe | 
"TCP Query User{42664135-71A2-4D8C-BE31-A37E3D3555EA}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"TCP Query User{44EE2586-39B6-41D9-92BC-ECEB16672F3C}G:\ethan's files\games\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=g:\ethan's files\games\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"TCP Query User{45C6E000-B310-4A7D-A30B-77644429FA13}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe | 
"TCP Query User{4795087E-D540-4670-8FD2-75479D08527A}C:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe | 
"TCP Query User{487CA2AF-BBB0-4EA6-90A7-11281A7DBC24}C:\program files (x86)\warcraft iii\ghostone\ghostone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\ghostone\ghostone.exe | 
"TCP Query User{5212EB8B-B9BC-41CE-8423-1A22579DD840}C:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe | 
"TCP Query User{61AC899D-6A53-4BF2-A01E-079247B9669E}C:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe | 
"TCP Query User{688FA6A9-771E-425F-83D4-C3E69068DAE7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{6A65E6A8-4441-4A12-8A12-F219ED33DCF3}C:\users\ethan\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\ethan\appdata\local\temp\electronicarts_patcher_000.exe | 
"TCP Query User{6FEBAA14-F589-4FA2-AA2D-9ED5933A079B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"TCP Query User{7074F6EF-91F1-4D86-BEAD-CFBFBC76BA21}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"TCP Query User{7C29147D-D3D2-4CE8-A260-699576E27FC7}C:\games\freespace2\fs2.exe" = protocol=6 | dir=in | app=c:\games\freespace2\fs2.exe | 
"TCP Query User{7E98ABCD-5C6D-4BF8-BC87-A240C53D254D}C:\program files (x86)\spring\springdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\springdownloader.exe | 
"TCP Query User{80C5763E-2CEE-44F6-ADF2-99572EA43092}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\completed downloads\red.faction.guerrilla.[pcdvd9].[[URL="http://www.tensiontorrent.com]%5Cred"]www.tensiontorrent.com]\red[/URL] faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\completed downloads\red.faction.guerrilla.[pcdvd9].[[URL="http://www.tensiontorrent.com]%5Cred"]www.tensiontorrent.com]\red[/URL] faction guerrilla\rfg.exe | 
"TCP Query User{82534F32-6C3B-41CD-8D92-F1905635DE79}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe | 
"TCP Query User{845E8C49-2292-472B-998D-0AB34EAB86FD}C:\program files (x86)\burning sand\img\new folder\dow2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\burning sand\img\new folder\dow2.exe | 
"TCP Query User{868F9A68-35FF-41E8-8978-173DD2649F49}C:\program files (x86)\starcraft ii beta\versions\base15250\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base15250\sc2.exe | 
"TCP Query User{878301FF-F6A7-4D72-B9E2-6B03A7228FA0}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | 
"TCP Query User{8E3BF269-A474-4F28-8EC7-58FCB34D5B62}C:\program files (x86)\steam\steamapps\casabian121\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\garrysmod\hl2.exe | 
"TCP Query User{8FEE4DCB-E523-42E3-BA26-B1A6B65E2285}C:\program files (x86)\warcraft iii\ghost\ghost.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\ghost\ghost.exe | 
"TCP Query User{9D17985D-DF35-498A-89FD-B8AE198CA71D}C:\program files (x86)\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe | 
"TCP Query User{9EB26D6E-411B-442F-A5C7-30499A0AAEB9}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"TCP Query User{A4A14013-6BD1-4F7D-8F00-7BB2D816DDA9}C:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe | 
"TCP Query User{A4E7C390-1B6E-4767-905F-DE3169C4C2FA}C:\program files (x86)\spring\spring.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\spring.exe | 
"TCP Query User{A53BD606-4D38-423B-8E7E-9BD1B99E91F9}C:\users\ethan\downloads\springdownloader.exe" = protocol=6 | dir=in | app=c:\users\ethan\downloads\springdownloader.exe | 
"TCP Query User{A8CD45C8-C1BD-465A-9456-F55F23A4441A}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"TCP Query User{A95AC814-B861-4B89-985E-F54E061F3513}C:\games\freespace2\fs2.exe" = protocol=6 | dir=in | app=c:\games\freespace2\fs2.exe | 
"TCP Query User{AE842AFD-93D7-40B2-8968-3B7B3BB77A8D}C:\program files (x86)\burning sand\burningsand2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\burning sand\burningsand2.exe | 
"TCP Query User{B1E737DB-CF8E-4C83-AEF0-99EE8E8F1A95}C:\program files (x86)\spring\spring.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\spring.exe | 
"TCP Query User{B6599A75-7CCE-4A18-A257-835121B48C5E}C:\program files (x86)\spring\springlobby.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\springlobby.exe | 
"TCP Query User{B7440DF6-55F6-4273-B432-E35A3A775DEC}C:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe | 
"TCP Query User{B80E962A-A06B-46F0-8DD8-90978A92019D}C:\program files (x86)\burning sand\burningsand2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\burning sand\burningsand2.exe | 
"TCP Query User{BBE1602C-4FDF-4F87-9633-DE1CB15489B0}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe | 
"TCP Query User{C0B6D52F-BD05-4E12-B914-E870A512D7C7}C:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\completed downloads\wh40k dow soulstorm\warhammer dawn of war soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\completed downloads\wh40k dow soulstorm\warhammer dawn of war soulstorm\soulstorm.exe | 
"TCP Query User{C0B8DD62-135B-4424-A53B-86D474C8D957}C:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\utorrent.exe | 
"TCP Query User{C47B8140-09E6-4029-B59B-5A68302FFE0D}C:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe | 
"TCP Query User{C7087B07-A324-4CA4-BD00-D03B2DA5CF12}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{C87DC626-C26E-4E4B-890F-E86E709D0482}C:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe | 
"TCP Query User{CF9B7F53-9D79-44AF-B8AA-46B6D48ADE7C}C:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe | 
"TCP Query User{D09F8390-9582-4CE1-8BD1-E67D8545E216}C:\program files (x86)\spring\springdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spring\springdownloader.exe | 
"TCP Query User{D7518596-09F0-4C9B-8DC3-65B188F4783B}C:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat | 
"TCP Query User{D7A45ED5-48E7-4666-A6A4-E7C21B93340C}C:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe | 
"TCP Query User{DFE95E34-A531-4EBD-9CFF-3A9B3004B9CD}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe | 
"TCP Query User{E238DF48-D7AF-4034-B02C-A4E9AE3EEF37}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"TCP Query User{E32569F5-1B5B-4C26-88C6-A5C69AC63359}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | 
"TCP Query User{E6228DD1-91BA-4714-91EF-4945530BEE54}C:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe | 
"TCP Query User{E7EAA344-FB9E-4134-A301-C5D72706E90F}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe | 
"TCP Query User{ECC3CA1A-85D7-4E94-919F-DAE9FE142E0A}C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_game.exe | 
"TCP Query User{F4097C98-E680-428F-B53B-6B28D19D6E1B}C:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game | 
"TCP Query User{F4BFB11C-DE25-4730-922F-412B28F0AE67}C:\program files (x86)\starcraft ii beta\versions\base15449\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base15449\sc2.exe | 
"TCP Query User{FA004305-638F-4781-A90C-688FC13FE6EE}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"TCP Query User{FEF4AB37-5A53-41AD-9121-F3E03BD8ADC5}C:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game | 
"UDP Query User{004E19D9-9CBB-4B58-9C85-8ED407011281}C:\program files (x86)\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\starcraft ii.exe | 
"UDP Query User{040D855C-9848-4D15-8D68-C720FB96BB0E}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{048AE895-CC7C-4BB5-8E9D-718AEAC745D2}C:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\dragon age\bin_ship\daorigins.exe | 
"UDP Query User{120979B4-471A-4DDD-AF9C-BB56466CC53E}C:\program files (x86)\spring\springlobby.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\springlobby.exe | 
"UDP Query User{13B488AA-2823-4E31-A240-F06BBA7A0DC3}C:\games\freespace2\fs2.exe" = protocol=17 | dir=in | app=c:\games\freespace2\fs2.exe | 
"UDP Query User{14F34375-4226-4F5E-A5F4-6FCEDC9ED274}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"UDP Query User{152816D5-A602-4EDF-8306-889BD8881DE2}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe | 
"UDP Query User{1BB4B17D-7072-44B5-A6E0-4E52336E71B1}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"UDP Query User{2064C741-9D0C-4C7A-A47B-C1D969DB71FA}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\completed downloads\red.faction.guerrilla.[pcdvd9].[[URL="http://www.tensiontorrent.com]%5Cred"]www.tensiontorrent.com]\red[/URL] faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\completed downloads\red.faction.guerrilla.[pcdvd9].[[URL="http://www.tensiontorrent.com]%5Cred"]www.tensiontorrent.com]\red[/URL] faction guerrilla\rfg.exe | 
"UDP Query User{21FCC9F7-CF10-4745-BCB9-43E939F65E20}C:\games\freespace2\fs2.exe" = protocol=17 | dir=in | app=c:\games\freespace2\fs2.exe | 
"UDP Query User{249DB6D8-AC93-4912-BAFE-547EB6D12DFF}C:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe | 
"UDP Query User{36344986-46BE-4938-A4C7-105CD0A1CDDF}C:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe | 
"UDP Query User{3E2477B4-CE73-46F3-944A-009C3DD59372}C:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\completed downloads\wh40k dow soulstorm\warhammer dawn of war soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\completed downloads\wh40k dow soulstorm\warhammer dawn of war soulstorm\soulstorm.exe | 
"UDP Query User{476088CF-096A-4103-A244-4A795AF7724F}C:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe | 
"UDP Query User{4AA4DF49-91F1-4A8B-A4B3-4A5468B264FA}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | 
"UDP Query User{4ADC42AA-38E5-4E0E-B4EB-3EA82299362F}C:\program files (x86)\warcraft iii\ghost\ghost.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\ghost\ghost.exe | 
"UDP Query User{4D162BE4-708E-444F-A525-221778811679}C:\users\ethan\downloads\springdownloader.exe" = protocol=17 | dir=in | app=c:\users\ethan\downloads\springdownloader.exe | 
"UDP Query User{4EC436C5-808D-414E-ABFE-B68624D85BDC}C:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe | 
"UDP Query User{4F7AE402-878B-4097-B238-975E990DC4B9}C:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat | 
"UDP Query User{51AF2158-F971-4FC9-B55E-8867C98A2064}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"UDP Query User{5B8DF893-CD37-4783-8FFE-26541F5BD13A}C:\users\ethan\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\ethan\appdata\local\temp\electronicarts_patcher_000.exe | 
"UDP Query User{5CDB995B-CCAC-4BAB-98EA-51BA2AABC9AC}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"UDP Query User{64B26544-FD33-4CBF-858D-C8323D01614E}C:\program files (x86)\starcraft ii beta\versions\base15250\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base15250\sc2.exe | 
"UDP Query User{66C9CEDF-33EB-4A3E-A012-5F4128439177}C:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe | 
"UDP Query User{6C3CE67E-E4BF-43DE-BDAD-1BC9F5E59691}C:\program files (x86)\spring\springdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\springdownloader.exe | 
"UDP Query User{6D20FC63-9B73-4A90-B690-58668FB142F0}C:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game | 
"UDP Query User{6F680CFA-3682-4694-A78E-9CF8C7B51616}C:\program files (x86)\warcraft iii\ghostone\ghostone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\ghostone\ghostone.exe | 
"UDP Query User{763F30FD-A8C6-4920-9401-C83D33BC12D5}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder (2)\dragon age\bin_ship\daorigins.exe | 
"UDP Query User{76B60F09-3C09-4A55-9D11-569C3DC8637B}C:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\lc\pickup.listchecker.exe | 
"UDP Query User{7B7992AC-AF4E-4035-8473-FA7F5902A63D}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe | 
"UDP Query User{7BE87D77-3F43-49FF-908E-D829BF17928D}C:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\condition zero deleted scenes\hl.exe | 
"UDP Query User{818DEDA9-2A1A-4732-BCDE-04883EC07174}C:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\infogrames interactive\master of orion 3\moo3.exe | 
"UDP Query User{8CF02286-FE8A-4E41-8830-381A8BFA41B5}C:\westwood\sun\game.exe" = protocol=17 | dir=in | app=c:\westwood\sun\game.exe | 
"UDP Query User{93AE42D3-A050-49AA-B6BE-3699DF11F948}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | 
"UDP Query User{98F1A4CB-4932-4D17-8D0E-050F127DF1BD}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"UDP Query User{9CC437AC-AEA4-4011-9F9B-7254652BF4E6}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | 
"UDP Query User{9DD957C0-E9FA-484E-8D1A-7882219E5BE6}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe | 
"UDP Query User{9F3CEA35-6FEA-47DE-B004-1071D7C75C6F}C:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game | 
"UDP Query User{A0B0DAA4-8DFA-4E08-81B9-09FEF34C6B7E}C:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.2\cnc3ep1.dat | 
"UDP Query User{A3D0A10B-39FB-4A39-A34E-EAD5110EE9CD}C:\program files (x86)\burning sand\img\new folder\dow2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\burning sand\img\new folder\dow2.exe | 
"UDP Query User{A49F63B4-DFDB-4D4B-925C-BC3950E484A5}C:\program files (x86)\spring\springdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\springdownloader.exe | 
"UDP Query User{A7AD5B77-683B-452B-A182-B6EC75DFAC35}C:\program files (x86)\spring\springlobby.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\springlobby.exe | 
"UDP Query User{A94573C8-10E2-4357-A6E6-0F97B93BA18C}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{ABC604C4-35C6-4DAD-9811-5B56B58A3183}C:\program files (x86)\steam\steamapps\common\lost planet dx9 trial\lostplanetdx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lost planet dx9 trial\lostplanetdx9.exe | 
"UDP Query User{ADF4F161-9753-4C32-9147-6A5445AFBA8C}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | 
"UDP Query User{AF47C5AB-5DCF-436D-B56A-93B940E016A9}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe | 
"UDP Query User{B1BC57E8-08C2-4AD0-A5D1-939E601F4FEA}C:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rainbow six vegas\binaries\r6vegas_game.exe | 
"UDP Query User{B25BE781-0440-4CF0-B6A0-F229CFF23D26}C:\program files (x86)\steam\steamapps\casabian121\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\casabian121\garrysmod\hl2.exe | 
"UDP Query User{C02C4261-26D1-439C-96EB-118FC9305B30}C:\program files (x86)\burning sand\img\new folder\dow2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\burning sand\img\new folder\dow2.exe | 
"UDP Query User{C238A8C5-9348-4E1B-A79E-0B0808C249E6}C:\program files (x86)\warcraft iii\ghost\ghost.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\ghost\ghost.exe | 
"UDP Query User{C673C7EA-89D7-4192-B1D0-353DF8F635CA}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe | 
"UDP Query User{C7E9248E-64DB-4FDE-AAC0-BF49D8305EB5}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | 
"UDP Query User{C9948A89-CCD5-4778-87AA-D01FE8169A24}C:\program files (x86)\starcraft ii beta\launchergui.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\launchergui.exe | 
"UDP Query User{CA92975F-4612-4E7B-9C9C-142A001A79B4}C:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\oblivion\obmm\uninstall\new folder\new folder\utorrent.exe | 
"UDP Query User{CFC4E93E-72F9-49E2-9734-0ECA4B598D33}C:\program files (x86)\burning sand\burningsand2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\burning sand\burningsand2.exe | 
"UDP Query User{D8A54C86-3518-4CD6-9417-2B9612F1A67D}C:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wings3d_1.1.2\bin\vuze backup\azureus.exe | 
"UDP Query User{D8F8E634-C0FC-43EF-9615-C40BFA1342B7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{DCF02399-88E3-4730-9DFB-1D4BB7186B47}C:\program files (x86)\burning sand\burningsand2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\burning sand\burningsand2.exe | 
"UDP Query User{E30494EC-80BF-4566-AE17-89D572EECD25}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"UDP Query User{E8DB7939-7101-4B4B-AA5C-825D7BB6496C}C:\program files (x86)\starcraft ii beta\versions\base15449\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii beta\versions\base15449\sc2.exe | 
"UDP Query User{F3931489-811B-450D-9282-5714ABA0E95B}C:\program files (x86)\spring\spring.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\spring.exe | 
"UDP Query User{F95020B7-39DF-4547-9EC1-B2DC19ED881E}G:\ethan's files\games\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=g:\ethan's files\games\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"UDP Query User{FE58E4EF-3928-4E00-A80E-E8659A408F82}C:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\ethan\documents\command & conquer 3 tiberium wars\replays\new folder\utorrent\utorrent.exe | 
"UDP Query User{FF82E8D7-ACF7-47F8-9CE3-0AF69C65B965}C:\program files (x86)\spring\spring.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spring\spring.exe | 
 
[COLOR=#e56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/COLOR]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear eXtreme
"{3ad61ee5-81d2-4d7e-adef-da1dd37277d2}" = Python 3.1 (64-bit)
"{54E4B319-0CE0-448D-B299-EE05BC30E4D1}" = Windows Live Family Safety
"{64BBFDCB-D3C8-48c5-8FEB-73CC3502633B}" = Pantech Modem Link Software
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83CCCBDC-3A56-4F3B-89DF-69386C3B7D62}" = UltraMon
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B812FCC0-6192-4BFA-A9C6-1E8578F255DA}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"QuickSFV" = QuickSFV (Remove only)
"ReadyDriver Plus_is1" = ReadyDriver Plus 1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = WinRAR archiver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}" = Microsoft Research Mesh Virtual WIFI
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{52F25D7D-DEE1-42E7-AB48-D0F014E1F795}_is1" = Command & Conquer Tiberian Sun
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D37C28B-D1A5-41C0-9E5E-80D01355FEBC}" = Command & Conquer™ 3: Kane's Wrath
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam 0.3.3
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90AE0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Organization Chart 2.0
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.04.28
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D8B5B7C3-47B1-40FA-8251-59C74A543880}" = Dragon Age: Origins Character Creator
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E616A5EE-B7F4-4807-800B-79EB4EB2182B}" = Direct Console 2.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EC576D43-4498-47AE-AC6E-C4D36912693E}" = Red Alert 2 Retail
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F204E2B3-225D-419D-A5DE-3F97E8ADDD1B}" = Geek Squad 24 Hour Computer Support
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Alarm_is1" = Alarm 2.0.4
"Any Video Converter_is1" = Any Video Converter 3.0.4
"Ask Toolbar_is1" = Ask Toolbar
"Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2
"Audacity_is1" = Audacity 1.2.6
"Audio Sound Recorder" = Audio Sound Recorder
"AVCStudio_Wrapper" = aVinci Studio (remove only)
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"CamStudio" = CamStudio
"CF3D08FD-D5EC-46E8-83BF-AFDB653933AB_is1" = Mp3 Ripper 6.0.2
"CinemaDrape" = CinemaDrape
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"comtypes-py2.5" = Python 2.5 comtypes-0.5.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DreamMaker" = DreamMaker
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EA Download Manager" = EA Download Manager
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.10.2
"FLV Player" = FLV Player 2.0 (build 25)
"Francesco's leveled creatures-items mod_is1" = Francesco's leveled creatures-items mod 4.5b
"Francesco's optional new items/creatures_is1" = Francesco's optional new items/creatures 4.5
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free WMV to AVI MPEG Converter_is1" = Free WMV to AVI MPEG Converter v1.2
"FreeSpace2" = FreeSpace 2
"Game Booster_is1" = Game Booster
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"HD Tune Pro_is1" = HD Tune Pro 4.50
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Impulse" = Impulse
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Master of Orion 3" = Master of Orion 3
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06 Bugfix
"Notepad++" = Notepad++
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"OpenAL" = OpenAL
"Picasa2" = Picasa 2
"Pidgin" = Pidgin
"pidgin-otr" = pidgin-otr 3.2.0-1
"PIL-py2.5" = Python 2.5 PIL-1.1.6
"PowerISO" = PowerISO
"psyco-py2.5" = Python 2.5 psyco-1.6
"PunkBusterSvc" = PunkBuster Services
"pywin32-py2.5" = Python 2.5 pywin32-212
"Real Desktop Standard_is1" = Real Desktop 1.55 Standard
"Real Desktop_is1" = Real Desktop 1.19
"Smart Defrag_is1" = Smart Defrag
"Spring" = Spring 0.80.4
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 18820" = Zero Gear
"Steam App 41610" = Descent: FreeSpace - The Great War
"SystemRequirementsLab" = System Requirements Lab
"Tactical Fleet Simulator v2.6_is1" = TFS v2.6.0 (Beta1)
"Total Video Converter 3.50_is1" = Total Video Converter 3.50
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Universe Sandbox" = Universe Sandbox
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.0.2
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"VZAccess Manager" = VZAccess Manager
"Warcraft III" = Warcraft III
"WE Unlimited_is1" = WE Unlimited 1.20
"WhatPulse" = WhatPulse 1.6.2.1
"WinGimp-2.0_is1" = GIMP 2.6.6
"Wings 3D 1.1.2" = Wings 3D 1.1.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1 beta5
"WinRAR archiver" = WinRAR archiver
"WMV to AVI DIVX MP4 MPEG RMVB Converter_is1" = WMV to AVI DIVX MP4 MPEG RMVB Converter 1.7.9
"Wubi" = Ubuntu
"wxPython2.8-ansi-py25_is1" = wxPython 2.8.7.1 (ansi) for Python 2.5
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter
 
[COLOR=#e56717]========== HKEY_CURRENT_USER Uninstall List ==========[/COLOR]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dragon Age Awakening Redesigned" = Dragon Age Awakening Redesigned
"Dragon Age Awakening Velanna Redesigned©" = Dragon Age Awakening Velanna Redesigned©
"Dragon Age Redesigned © Morrigan" = Dragon Age Redesigned © Morrigan
"Dragon Age Redesigned©" = Dragon Age Redesigned©
"Dragon Age Redesigned© Leliana" = Dragon Age Redesigned© Leliana
"Dragon Age Redesigned© Wynne" = Dragon Age Redesigned© Wynne
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
"WinBubble" = WinBubble
 
[COLOR=#e56717]========== Last 10 Event Log Errors ==========[/COLOR]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Should also note that when I uninstalled iTunes it said something about unable to access a security thing in ProgramData.
I, as a test, wanted to try to install iTunes. I have started it, at first it complained about no G:\, I changed my Disk Drive to G and it worked. However, upon installing it it says "The installer has insufficient privileges to access this directory: C:\ProgramData\Apple\Installer Cache. The installation cnanot continue. Log on as administrator or contact your system administrator."
As I've said before, I AM the Administrator.

Flavius · Aug 19, 2010

Nothing special in your log:

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

Can you open event viewer?

Start>>Search>>eventvwr.msc

[2010/08/16 17:46:53 | 670,816,606 | ---- | C] () -- C:\Windows\MEMORY.DMP

Pack this file to *.rar format and upload on rapidshare.com

However, upon installing it it says "The installer has insufficient privileges to access this directory: C:\ProgramData\Apple\Installer Cache.

Folder C:\ProgramData\Apple belongs to Apple it is not any system folder,so try remove it and check results.If it doesn't resolve problem,download & run Process Monitor Process Monitor
run PM,try to do anything with you believe you have any problem,when it return error save log in Process Monitor as *.PML file,pack it to *.rar and also upload on rapidshare.com

TheOverWhelming · Aug 19, 2010

Flavius said:
Nothing special in your log:

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

Click to expand...

Can you open event viewer?

Start>>Search>>eventvwr.msc

[2010/08/16 17:46:53 | 670,816,606 | ---- | C] () -- C:\Windows\MEMORY.DMP

Click to expand...

Pack this file to *.rar format and upload on rapidshare.com

However, upon installing it it says "The installer has insufficient privileges to access this directory: C:\ProgramData\Apple\Installer Cache.

Click to expand...

Folder C:\ProgramData\Apple belongs to Apple it is not any system folder,so try remove it and check results.If it doesn't resolve problem,download & run Process Monitor Process Monitor
run PM,try to do anything with you believe you have any problem,when it return error save log in Process Monitor as *.PML file,pack it to *.rar and also upload on rapidshare.com

I can open event viewer. Is there something you want me to do with it or just to open it?

The MEMORY filed compressed pretty well, 639 to 109 MBs O_o Here is the link: RapidShare: 1-CLICK Web hosting - Easy Filehosting

Deleting the Apple and Apple Computer folders inside of ProgramData allowed the installation of Quicktime to go farther then it was originally able to. However, now it says "The installer has insufficient privileges to access this directory: C:\ProgramData\Microsoft\Start Menu\Programs\Quicktime. The installation cannot continue. Log on as an administrator or contact your system administrator." As I have said before, I am the administrator. Also, the "Quicktime" subfolder is Programs does not exist.
Should I do that Process Monitor instruction with this new issue?

Tnuh555, I have already done that.
My first post:
"...The issue being, I am Admin, and in all of these cases I have logged onto the "Super Admin" account and tried and I have also created a new administrator account and tried, just in case. The errors from all them have been the same...."

Tnuh555 · Aug 19, 2010

Oh, sorry, must have missed that. This seems really odd... Did you try scanning your PC with something other than Spy Bot s&d? It might be a virus that your program isn't picking up. I am unsure if that was Flavius was suggesting. If you have already done that, you might want to try to use the "super admin" to set the permissions of folders you are having trouble with. So basically mark your Normal account as the owner using the Super Admin Account.

Sorry I wasn't able to provide useful information. I'm sure you would fix it eventually though.

Flavius · Aug 19, 2010

TheOverWhelming said:
Should I do that Process Monitor instruction with this new issue?

Yes,you have no any choice in my opinion

EDIT

I analyzed your MEMORY.DMP -there are only errors relate to power options View attachment Dumpcheck.txt ,you have to contact with MS Support to get special hotfix Stop error message when you put a Windows Vista-based computer in hibernation: "STOP: 0x000000A0 (0x00000009, 0xc0000001, 0x00000001, 0x00000000) INTERNAL_POWER_ERROR (a0)"

TheOverWhelming · Aug 20, 2010

Here it is RapidShare: 1-CLICK Web hosting - Easy Filehosting
I did it with Quicktime.
I can do others, if you request, like Windows Update.

Also, recently I tried editting ProgramData's permissions manually, everyone except Guests has had permission and I tried to allow Guests control of it, still doesn't work.

Flavius · Aug 20, 2010

I also now believe is something wrong with permissions for C:\ProgramData :confused:

1.Download SetACL tool Download SetACL: Windows ACL management from SourceForge.net
extract setacl.exe file and place it in C:\Windows\System32

2.Download my special prepared file to reset permissions for ProgramData folder View attachment PDreset.txt and place it directly on root C:\

3.Run cmd.exe with elevated previliges (if you have now enabled UAC you have to right click on cmd.exe and choose "run as administrator) and type:

setacl -on "C:\ProgramData" -ot file -actn restore -bckp "C:\PDreset.txt"

if due to any reson this command return any error message please let me know...

TheOverWhelming · Aug 20, 2010

Ran it, here's what it said.

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

Code:

C:\Users\Ethan>setacl -on "C:\ProgramData" -ot file -actn restore -bckp "C:\PDre
set.txt"
INFO: Input file for restore operation: <C:\PDreset.txt> detected as Unicode.
INFO: Restoring ACL of: <\\?\C:\ProgramData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0\en-U
S>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\Keys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM\Server>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\eHome>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications
and Services Logs>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications and
 Services Logs> failed with: The system cannot find the file specified.

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications
and Services Logs\Microsoft>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications and
 Services Logs\Microsoft> failed with: The system cannot find the path specified
.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.


C:\Users\Ethan>

I ran Quicktime's installation (with Run as Admin) and it came with a new error (oh joy)
"An error occurred while attempting to create the directory C:\ProgramData\Microsoft\Windows\Start Menu"

Flavius · Aug 21, 2010

The question is do you have these folders:

C:\ProgramData\Microsoft\Event Viewer\Applications and Services Logs
C:\ProgramData\Microsoft\Event Viewer\Applications and Services Logs\Microsoft
C:\ProgramData\Microsoft\Event Viewer\Applications and Services Logs\Microsoft\Windows
C:\ProgramData\Microsoft\Event Viewer\Views
C:\ProgramData\Microsoft\Event Viewer\Views\ApplicationViewsRootNode
C:\ProgramData\Microsoft\Event Viewer\Windows Logs

Each system must have these folders

if you don't have them create these folders manually and repeat command with restoring permissions from previous post.

TheOverWhelming · Aug 21, 2010

I did not have most of those, I only had the Event Viewer folder the ApplicationsViewsRootNode folder. Because of this and following your suggestion, I created each folder and "checked them twice".
I ran the command again and this is what it said.

Code:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Ethan>setacl -on "C:\ProgramData" -ot file -actn restore -bckp "C:\PDre
set.txt"
INFO: Input file for restore operation: <C:\PDreset.txt> detected as Unicode.
INFO: Restoring ACL of: <\\?\C:\ProgramData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0\en-U
S>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\Keys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM\Server>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\eHome>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications
and Services Logs>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications
and Services Logs\Microsoft>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Applications
and Services Logs\Microsoft\Windows>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Views>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Views\Applica
tionViewsRootNode>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer\Windows Logs>

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\IdentityCRL>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Media Index>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Media Player>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\MF>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Connections>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Connections\Pbk>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Downloader>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC\PublishedData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC\StateData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\W
indows>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\W
indows\Config>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\Wind
ows\Config> failed with: The system cannot find the file specified.

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\W
indows\GatherLogs>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\Wind
ows\GatherLogs> failed with: The system cannot find the file specified.

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\W
indows\GatherLogs\SystemIndex>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Search\Data\Applications\Wind
ows\GatherLogs\SystemIndex> failed with: The system cannot find the path specifi
ed.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.


C:\Users\Ethan>

I ran the quicktime installation with Run as Admin, a key difference it seems is that this time it told me it was going to close all quicktime using things (which it did after I hit Okay) however the same error came up.

"An error occurred while attempting to create the directory "C:\ProgramData\Microsoft\Windows\Start Menu"
Please note that this directory already exists.

Flavius · Aug 21, 2010

"An error occurred while attempting to create the directory "C:\ProgramData\Microsoft\Windows\Start Menu"
Please note that this directory already exists.

Because setacl tool did not restore permissions for this folder yet.It restore permissions by alphabetical order +level of folder.Still you have missing folders

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Config
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex
C:\ProgramData\Microsoft\Search\Data\Temp

Create these folders manually and repeat setacl command again

TheOverWhelming · Aug 21, 2010

It is not letting me make folders in that directory. It pretty much deletes it, or something.

I go to the directory (C:\ProgramData\Microsoft\Search\Data\Applications\Windows\)
I see that I have a folder in there, Projects\SystemIndex\ then 3 folders in there, 1 with a subfolder.
Anyways, as I said, I go to said directory, right click, new folder, then type the name in. It however, remains "New Folder" and disappears a second later. I can see invisible folders and files, hence why I can get into ProgramData but it still just vanishes, without a trace. I right clicked the "New Folder" (even though I renamed it) and as it disappeared the Dropdown menu appeared. I headed over to properties and it says it's in that directory (C:\ProgramData\Microsoft\Search\Data\Applications\Windows) but it's pretty much deleted. When I scroll over to Security it says, with a big red X on the left "The requested security information is either unavailable or can't be displayed." Under Sharing, there is no icon to the left of "New Folder" This is why I think it was deleted.
However, upon experimenting I simply created a new folder without renaming it, selected somewhere off the folder itself so it wont be "Renaming". It does not disappear, and in attempt to change the name the same issue above occurs.

Also, when I tried naming it Projects, the folder already in there, it asks if I want to merge "Projects" and "New Folder". I decline, since there's no point.

In another attempt, I created a "Config" one on my desktop and dragged it into the folder. It simply vanishes.

I have tried to create each folder you have said to. I believe this is a security thing of Windows.

Also, when I tried it with Super Admin it seems I cna not create folders and the likes on it. I rename a New Folder and it say "This file does not exist".

Flavius · Aug 21, 2010

Strange

Let's leave this strange Search subfolders for the moment.I have prepared another file to reset permission which omits problematic subfolders download it from here View attachment PDreset2.txt ,and place it also directly on C:\
The command is almost the same as before:

setacl -on "C:\ProgramData" -ot file -actn restore -bckp "C:\PDreset2.txt"

TheOverWhelming · Aug 21, 2010

Code:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Ethan>setacl -on "C:\ProgramData" -ot file -actn restore -bckp "C:\PDre
set2.txt"
INFO: Input file for restore operation: <C:\PDreset2.txt> detected as Unicode.
INFO: Restoring ACL of: <\\?\C:\ProgramData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Assistance\Client\1.0\en-U
S>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\DSS\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\Keys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\DRM\Server>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\eHome>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Event Viewer>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\IdentityCRL>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Media Index>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Media Player>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\MF>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Connections>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Connections\Pbk>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Network\Downloader>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC\PublishedData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\RAC\StateData>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Applications>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Search\Data\Temp>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\User Account Pictures>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\User Account Pictures\Defa
ult Pictures>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\DRM>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\DRM\Cache>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\GameExplorer>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\Start Menu>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\Start Menu\Program
s>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\Templates>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\WER>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive>

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows\WER\ReportQueue>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Definitio
n Updates>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Quarantin
e>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Scans>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Scans\His
tory>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Scans\His
tory\Results>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Scans\His
tory\Results\Resource>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Scans\His
tory\Store>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows Defender\Support>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Windows NT> failed with: The
system cannot find the file specified.

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax> failed with
: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.


C:\Users\Ethan>^X
'↑' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\Ethan>
C:\Users\Ethan>

When I started Quicktime w/ Admin, this time it showed me a little more then a simple box of Yes or No, giving me the option of closing or wishing for me to restart at a later period. I closed all of the things required. However, Firefox was not one of them.
Quicktime installed
iTunes is being stupid and says "Ethan's Files" has an invalid character, which I'm assuming is the '
Expression Encoder 3 installed
Adobe update failed, Error 1635 which I will check on at a later time.
Spybot SnD installed correctly.
I guess the issue is fixed, many thanks
I'll repost here if another issue arises involving the ProgramData folder.

Flavius · Aug 21, 2010

INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT>
ERROR: Writing SD to <\\?\C:\ProgramData\Microsoft\Windows NT> failed with: The
system cannot find the file specified.

Folder C:\ProgramData\Microsoft\Windows NT and it's subfolders are very important and you cannot ignore this error,many applications require this folder to work & install properly :eek:.Even if you have already this folder only with strange errors with permissions you have to remove it and replace with my copy attached to post,if unable to do that on allive system you have to do in WinRE

1.Unpack attached files on your desktop
2.Copy Windows NT folder to C:\ProgramData\Microsoft

as I said if unable to do that on allive system you can use any linux i.e Ubuntu

When you restore C:\programData\Microsoft\Windows NT then restore permissions for this folder -download this file View attachment WNTreset.txt and place it also on root C:\

command to restore permissions for this folder is

setacl -on "C:\ProgramData\Microsoft\Windows NT" -ot file -actn restore -bckp "C:\WNTreset.txt"

if it doesn't solve problem with remains applications i.e Adobe (my commands may not fully affect on folders belongs to 3p programs) just delete folder which belongs to 3p application i.e Adobe you have to delete C:\ProgramData\Adobe ,all non-native folder which belongs to 3p applications you can safely delete

TheOverWhelming · Aug 22, 2010

Code:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Ethan>setacl -on "C:\ProgramData\Microsoft\Windows NT" -ot file -actn r
estore -bckp "C:\WNTreset.txt"
INFO: Input file for restore operation: <C:\WNTreset.txt> detected as ANSI.
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\ActivityL
og>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\Common Co
verpages>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\Common Co
verpages\en-US>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\Inbox>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\Queue>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\SentItems
>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSFax\VirtualIn
box>
INFO: Restoring ACL of: <\\?\C:\ProgramData\Microsoft\Windows NT\MSScan>

SetACL finished successfully.

C:\Users\Ethan>

Seems like it worked, since that folder didn't disappear randomly.
4 Windows Updates failed quite quickly, as well.
However, after fixing a registry "Install" in my computer I've managed to get iTunes installed (it being a separate issue from this one).
Will try to update Adobe after restart.

In the meantime what could have caused this issue to happen? I rather not experience this problem again.
Edit: It seems I (maybe) caused an issue with iTunes in the process, with getting this error message.
"Error getting file security:
C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}\ GetLastError: 5"
Since it involves the ProgramData I'm asking here.

Flavius · Aug 23, 2010

4 Windows Updates failed quite quickly, as well.

Run cmd.exe with elevated previlliges and type

sfc /scannow

Next download & run SF Diagnostic tool SF Diagnostic Tool - Using for Troubleshooting - Windows 7 Forums

by using this tool create logs from Even Logs and System Information

next run Readiness Tool Description of the System Update Readiness Tool for Windows Vista, for Windows Server 2008, for Windows 7, and for Windows Server 2008 R2 ,when it finish
find CBS.log and CheckSur.log in C:\Windows\Logs\CBS -attache them to post,if files will be too big to attache upload them on rapidshare.com

In the meantime what could have caused this issue to happen? I rather not experience this problem again.

I don't know

Edit: It seems I (maybe) caused an issue with iTunes in the process, with getting this error message.
"Error getting file security:
C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}\ GetLastError: 5"
Since it involves the ProgramData I'm asking here.

You have remove iTunes.Error no. 5 also relate to issue with permissions,but folder
{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} is not native folder,probably also belongs to iTunes

The best way would be if you prepare your list of subfolders in ProgramData

Run cmd.exe and type

cd /d C:\ProgramData

press ENTER

dir /s /b >%userprofile%\Desktop\PDlog.txt

on your desktop appear PDlog.txt -attache this file to post too.

TheOverWhelming · Aug 23, 2010

Attached needed things.

Also, I ran the SFC while doing the SFD tool and the Readiness tool.

Code:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Ethan>sfx /scannow
'sfx' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\Ethan>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of th
em.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log

C:\Users\Ethan>

Apologies, I meant I was trying to install it (to see if I could, then uninstall it).

After doing what you suggested at the end of your post this came up:

Code:

Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Application Data\Te
mp\{40BF1E83-20EB-11D8-97C5-0009C5020658} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Application Data\{0
DD0EEEE-2A7C-411C-9243-1AE62F445FC3}\x64 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Blizzard Entertainm
ent\StarCraft II\Maps\Cache\04c0787d032a4967cca2d59c9388e2bf0d432e12f7e606e97385
1bc80fae734a.s2ma is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Documents\Thief - D
eadly Shadows\SaveGames\5F568666-D2F29F33-6392C564-A0D70C67-A6FC29E8 is too long
.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Electronic Arts\EA
Core\cache\{ [email protected] } is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Logitech\SetPoint\D
evices\PointingDevice\ROEM_SantaFeFamily is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Event Vie
wer\Applications and Services Logs\Microsoft is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Expressio
n\Licenses\Encoder.V3\Encoder.Web3Suite is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Search\Da
ta\Applications\Windows\Projects\SystemIndex is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Windows\G
ameExplorer\{00D8862B-6453-4957-A821-3D98D74C76BE} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Windows\S
tart Menu\Programs\Accessories\Accessibility is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Windows\S
tart Menu\Programs\Acer eDisplay Management is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Windows D
efender\Definition Updates\{702F45A0-7EF6-40BB-B200-07B10A950E48} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Microsoft\Wlansvc\P
rofiles\Interfaces\{F88FBD19-929D-4BB4-8A35-BB706CF927E5} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\NexusDB3\Default\C%
3A%5CProgram%20Files%20(x86)%5COblivion%5CAdded%5C is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\Accessories\System Tools\PeerGuardian 2 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\ASUS Utility\ASUS Data Security Manager is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\Microsoft Games\Age of Empires III\Diagnostics is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\Microsoft Office\Microsoft Office Tools is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\TimeGate Studios\Kohan II Kings of War is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Application Data\Start Menu\Programs
\Zealot Software\WMV to AVI DIVX MP4 MPEG RMVB Converter is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Blizzard Entertainment\StarCraft II\
Maps\Cache\04c0787d032a4967cca2d59c9388e2bf0d432e12f7e606e973851bc80fae734a.s2ma
 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Documents\Thief - Deadly Shadows\Sav
eGames\5F568666-D2F29F33-6392C564-A0D70C67-A6FC29E8 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Electronic Arts\EA Core\cache\{ theo
[email protected] }\cnc3_ep1\Autorun is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Search\Data\Applications\W
indows\Projects\SystemIndex\Indexer\CiFiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{00D8
862B-6453-4957-A821-3D98D74C76BE}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{08ED
4626-565E-4F3F-B677-D8E8E519AF29}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{170F
BD8A-C63A-4C28-AE59-4EE1D8FB0332}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{2052
86E5-F5F2-4306-BDB1-864245E33227}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{3D70
8BFC-67AA-43C0-8F5E-509B7CB0D11C}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{48DE
2B25-A3A2-4121-808D-5DD991D9FEBB}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{6182
8B75-B990-4022-ADE8-ACD3BBCC2B9B}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{676B
C5A3-9650-4962-8585-6DAC4FC2C9A7}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{6C81
5596-821F-40b3-8A84-643B73A8EB16}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{7586
F650-5D7F-471A-941E-FEF33E580524}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{84B5
E5C0-99DD-4EE6-807D-C5D86CEAE0D0}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{8728
EC2A-6715-4B34-BFFF-C0FB1D176A16}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{873F
3F6A-4043-4CC1-BAFA-83ABCFD0124B}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{91CA
4D38-EA2B-4f3c-94DE-36C1386182FC}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{980D
2BA1-AE95-46EC-B1CE-8E6F121A072F}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{AF69
8A5B-24D6-4f78-AE95-204B09EDC7B6}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{AFA7
FF39-1DDF-4f70-A2D5-23FCFFF02E5F}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{B127
84B5-A22D-4735-8A54-5773FAA95181}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{B4F9
274F-3695-4D47-AB2D-C6D4C0B3DD0C}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{B59C
917A-431C-433F-BAA9-4862E9087951}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{B7FA
E167-0D7E-4EAA-B751-649DEAA3F22C}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{C929
52B9-4A7C-49D9-8E71-D53C6183BA78}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{CFCB
F34F-5F5E-4186-98C5-C2506B084589}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{D1A7
F7E0-D4E9-49e8-BF2C-CEAA01D2E670}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{E915
79C0-4EA9-4a2a-A9B2-04BEF1D6DC29}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{EDD0
2205-736F-47AE-B3AC-46C07BF5A105}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{F1AB
869D-89BC-4FC9-B966-FE7B566543D0}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\Accessories\System Tools\PeerGuardian 2 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\ASUS Utility\ASUS Data Security Manager is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\Microsoft Games\Age of Empires III\Diagnostics is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\Microsoft Office\Microsoft Office Tools is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\TimeGate Studios\Kohan II Kings of War is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
s\Zealot Software\WMV to AVI DIVX MP4 MPEG RMVB Converter is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Windows Defender\Definitio
n Updates\{702F45A0-7EF6-40BB-B200-07B10A950E48} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Microsoft\Wlansvc\Profiles\Interface
s\{F88FBD19-929D-4BB4-8A35-BB706CF927E5} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Start Menu\Programs\Microsoft Games\
Age of Empires III\History Channel Trailers is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Application Data\Start Menu\Programs\Zealot Software\
WMV to AVI DIVX MP4 MPEG RMVB Converter is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Blizzard Entertainment\StarCraft II\Maps\Cache\04c078
7d032a4967cca2d59c9388e2bf0d432e12f7e606e973851bc80fae734a.s2ma is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Electronic Arts\EA Core\cache\{ theoverwhelming@gmail
.com }\cnc3_ep1\program files\Electronic Arts is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Electronic Arts\EA Core\cache\{ theoverwhelming@gmail
.com }\cnc3_ep1\Support\EA Help\Controller is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Electronic Arts\EA Core\cache\{ theoverwhelming@gmail
.com }\cnc3_ep1\Windows\winsxs\53t3z6j5.7ag is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Microsoft\Windows\Start Menu\Programs\Microsoft Games
\Age of Empires III\History Channel Trailers is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Application Data\Microsoft\Windows\Start Menu\Programs\Zealot Software
\WMV to AVI DIVX MP4 MPEG RMVB Converter is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Blizzard Entertainment\StarCraft II\Maps\Cache\04c0787d032a4967cca2d59
c9388e2bf0d432e12f7e606e973851bc80fae734a.s2ma is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Electronic Arts\EA Core\cache\{ [email protected] }\cnc3_ep1\p
rogram files\Electronic Arts\Command & Conquer 3 Kanes Wrath is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Electronic Arts\EA Core\cache\{ [email protected] }\cnc3_ep1\S
upport\EA Help\en-us\Getting_More_Help_Online is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Applica
tion Data\Electronic Arts\EA Core\cache\{ [email protected] }\cnc3_ep1\S
upport\EA Help\Getting_More_Help_Online is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Electro
nic Arts\EA Core\cache\{ [email protected] }\cnc3_ep1\program files\Elec
tronic Arts\Command & Conquer 3 Kanes Wrath is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application
Data\Application Data\Application Data\Application Data\Application Data\Electro
nic Arts\EA Core\cache\{ [email protected] }\cnc3_ep1\Support\EA Help\en
-us\Online_Connectivity_and_Performance is too long.

C:\ProgramData>

PS: Microsoft Silverlight was able to be installed, just never checked it in the list of updates since we began doing things.

RapidShare: 1-CLICK Web hosting - Easy Filehosting

Insufficient Priviledges

My Computer

Expelled

My Computer

My Computer

Expelled

My Computer

My Computer

Just another lunatic

My Computer

Expelled

My Computer

My Computer

Expelled

My Computer

My Computer

Expelled

My Computer

My Computer

Expelled

My Computer

My Computer

Expelled

My Computer

My Computer

Expelled

Attachments

My Computer

My Computer

Expelled

My Computer

My Computer