OTL Extras logfile created on: 2010-09-14 23:32:55 - Run 1 OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\abc\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 125,22 Gb Total Space | 34,30 Gb Free Space | 27,39% Space Free | Partition Type: NTFS Drive D: | 8,14 Gb Total Space | 1,52 Gb Free Space | 18,67% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 99,52 Gb Total Space | 8,06 Gb Free Space | 8,10% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ABC-PC Current User Name: abc Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07B7A18F-029E-4482-8016-FBEF6F5F525E}" = lport=10243 | protocol=6 | dir=in | app=system | "{31FBDBEA-B79A-4767-9DF7-53CDDB3B8764}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{333EB7A2-04D5-46BF-BAFC-90F71F0FBF75}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{342F42AF-A61A-47C3-BE9B-897548A340F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3645B1D4-9A3F-4F1A-96F0-0FF840960BD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{48521C47-E3DB-429B-BC62-B8AC58586609}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{53606834-CED4-4CD5-BF06-F5746EFBAFEF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{820B48CD-0D9A-4204-BB10-9ED3B79F28E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{88406C3E-2325-469A-B85A-4BA19C1C8517}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{88B8B565-27C9-4D4C-A6F4-D5D35929A0E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9AE44E98-55D8-4622-A3A7-F56A57428732}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9CEE8B60-E5BC-4801-AB29-3AA4107DD951}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A5A9D5F8-F121-4132-827C-62A738F3C71A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B488EA46-E57B-4774-96B9-87618F2E4D18}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3D53FB6-35FE-42A4-B4A8-2041387BD6C3}" = rport=10243 | protocol=6 | dir=out | app=system | "{DF34C399-81D7-4857-990E-F4475C797E87}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E0EECF49-9983-495C-A8F1-2D7D859CA254}" = lport=2869 | protocol=6 | dir=in | app=system | "{EEEECD99-6E9A-402C-8F77-5FA23A094D80}" = lport=2869 | protocol=6 | dir=in | app=system | "{FB0A0673-D973-4C14-B9CB-58997A6AB66C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CAB5B5A-D14C-4410-9764-02342A197619}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1AE10F9D-D6B2-4F42-BC86-299FB5F1E9C7}" = protocol=17 | dir=in | app=c:\gry\rockstar games\rockstar games social club\rgsclauncher.exe | "{356322D7-0647-4323-BA21-B9B957805475}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{3752F7C6-F794-4B71-8A35-0EBB6B7CCC05}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{441CA3E3-C7E7-486A-A967-CEFB9BA4EA58}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{45B9835C-977C-4590-B16E-C02F14EDE640}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5A614C24-399F-48B0-B8A0-CBBF7D637147}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{5DDED622-6762-4A6F-AD21-5B6408880937}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6AB0C949-2D3F-40F7-8026-ECAE5D0CD2AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74CF081E-9CCB-42E6-AA68-D598F4927D6C}" = protocol=6 | dir=in | app=c:\gry\rockstar games\rockstar games social club\rgsclauncher.exe | "{81359EF7-EA71-4236-B252-5E00933C87B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{86CB3CFD-3B3C-4C0A-ACD1-8213C27E63BF}" = protocol=6 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{8EB5B8B1-9E4C-414D-A165-38027DF802EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9E21B9B4-1C10-430C-A210-577956828AD3}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{B27771E7-10B2-409E-965D-C4189EA634EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B4F0A128-F29A-40A9-BB77-9545F13677EF}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{B5FF01D5-4195-4CC1-ABA9-ABA94300FC8B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C4A2D404-0545-47F0-B5B8-C84305B4F116}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{C77E0E2E-0301-4E6C-A1D2-D2134543AC2C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C96BF45D-6D47-42F6-BA09-8910764935CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D04DA443-5684-430C-8021-7516EFF50B24}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D2EDBAB1-2F92-474D-BEA1-9BA2DBF85E31}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{DC2561AF-B0F9-4E67-9EE0-F4FBEBEF2E94}" = protocol=17 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{ED2C0B6E-80C9-4332-B6E0-2C1BF9557D33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F82FFD5D-87DC-4BB8-8286-CEBA36974ABD}" = protocol=6 | dir=out | app=system | "TCP Query User{042EF1C6-7220-41AF-9E4B-673B4AB68F30}C:\users\abc\downloads\gry\pegasus\unoficiall nester 3.0pl\unoficiall nester 3.0pl\nester.exe" = protocol=6 | dir=in | app=c:\users\abc\downloads\gry\pegasus\unoficiall nester 3.0pl\unoficiall nester 3.0pl\nester.exe | "TCP Query User{07F1556D-7A6D-46AB-BF7B-BF59E3AF8E96}C:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe | "TCP Query User{09163452-595D-4112-9452-312B7EF6D081}C:\gry\emire eatrh 2\ee2.exe" = protocol=6 | dir=in | app=c:\gry\emire eatrh 2\ee2.exe | "TCP Query User{0F94AC1D-5992-421B-ACCC-74BE3C5ED5DE}C:\gry\mount&blade warband\mb_warband.exe" = protocol=6 | dir=in | app=c:\gry\mount&blade warband\mb_warband.exe | "TCP Query User{11B2A988-3BAB-462B-9CA5-1238B5C663FC}C:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe | "TCP Query User{171C2B00-3102-4A68-BF5A-3482B3348EF9}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{1E06B119-5864-44B4-9C47-E021AB5C8FAB}C:\gry\mount&blade warband\mb_warband.exe" = protocol=6 | dir=in | app=c:\gry\mount&blade warband\mb_warband.exe | "TCP Query User{1EE6E520-5D57-4AC5-95A8-AFF0179DCA2D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{2FEBE203-E047-46FC-8935-4D4FDE76C4B4}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe | "TCP Query User{5A6C03F4-FCD0-4979-A43F-6920BEECD10B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{6A58EC58-58E3-4798-88E8-031EA7E8351F}C:\gry\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\gry\activision\call of duty 2\cod2mp_s.exe | "TCP Query User{6FB235D1-EE69-411C-88BB-2FFD5E8E6CB6}C:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{7B2DDBA7-AB76-4E53-B938-475227EE1677}C:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe" = protocol=6 | dir=in | app=c:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe | "TCP Query User{8A0F6DF3-F9DA-4CC5-861E-801726EEF530}C:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe" = protocol=6 | dir=in | app=c:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe | "TCP Query User{8BB3864C-B10C-4706-92F3-A4AF073D02D0}C:\users\abc\downloads\miranda im big\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\abc\downloads\miranda im big\miranda im\miranda32.exe | "TCP Query User{8DD86D86-2B86-4BD2-B875-07CF47872F20}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe | "TCP Query User{90E1A70D-3C5A-445C-BE3E-C14D44BD92BF}C:\gry\sierra\empire earth ii\ee2.exe" = protocol=6 | dir=in | app=c:\gry\sierra\empire earth ii\ee2.exe | "TCP Query User{95B8DFA6-2F12-40FF-87FF-BD9565DC9444}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe | "TCP Query User{A2858583-4443-40B9-A06C-40893A54D791}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{A8727763-B457-4597-BD4C-74C21A1D050B}C:\users\abc\downloads\miranda im big\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\abc\downloads\miranda im big\miranda im\miranda32.exe | "TCP Query User{AD256D1B-146F-4A82-93EE-A9A1CAAEB5E5}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe | "TCP Query User{B5C5CA8F-EAD1-4150-88F3-6C2B4BCFF641}C:\program files\graphisoft\archicad 12\archicad.exe" = protocol=6 | dir=in | app=c:\program files\graphisoft\archicad 12\archicad.exe | "TCP Query User{B802713B-0097-49A0-804F-FF5BF6359FC4}C:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{C610FBD3-7B0C-4F5F-AC3F-8C67BEFB7DF9}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{D9643AE7-3793-46A6-B588-A0A51ED1088A}C:\gry\konami\pro evolution soccer 2009\pes2009.exe" = protocol=6 | dir=in | app=c:\gry\konami\pro evolution soccer 2009\pes2009.exe | "TCP Query User{E18DF60B-5FFC-4863-A6A2-0F0E8A9C7C03}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{F22AB266-8385-4E88-B0E4-CE55CC80BE17}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{006E7A37-6365-4FDE-96F4-B496817B9FA9}C:\users\abc\downloads\miranda im big\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\abc\downloads\miranda im big\miranda im\miranda32.exe | "UDP Query User{03D5B60B-75D6-455C-A721-F183862DA58B}C:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe" = protocol=17 | dir=in | app=c:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe | "UDP Query User{082646BB-9AE5-40CE-A1EC-FC7B5F266210}C:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe | "UDP Query User{2920D6EB-F387-4C3B-B5AF-60AC56286E55}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe | "UDP Query User{47CBA98E-A601-4592-B869-7080CFB01EFA}C:\users\abc\downloads\miranda im big\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\abc\downloads\miranda im big\miranda im\miranda32.exe | "UDP Query User{487C6FE4-A9B9-4673-9229-CC7437E3FB1A}C:\gry\sierra\empire earth ii\ee2.exe" = protocol=17 | dir=in | app=c:\gry\sierra\empire earth ii\ee2.exe | "UDP Query User{5F56D4C3-9AEF-47EB-9B49-B5AC00EB80EB}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe | "UDP Query User{6699F427-A47A-4053-8FA8-333A5667B407}C:\gry\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\gry\activision\call of duty 2\cod2mp_s.exe | "UDP Query User{6A8983E8-9407-439A-849D-61A646F02146}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{724CC555-22A7-4FD6-B67B-AAB61E2D7B88}C:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{7E277164-2BBC-4CC8-B483-5043FA03865A}C:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{8B26AF97-804E-4DC7-9DE9-E0429294FF36}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{8C60EC45-AF55-431A-8CA1-A4A15C9BF2F2}C:\gry\mount&blade warband\mb_warband.exe" = protocol=17 | dir=in | app=c:\gry\mount&blade warband\mb_warband.exe | "UDP Query User{9D635BBC-2B18-41F9-B418-D2F652EABB49}C:\gry\emire eatrh 2\ee2.exe" = protocol=17 | dir=in | app=c:\gry\emire eatrh 2\ee2.exe | "UDP Query User{A072A914-D3E2-4A70-8886-B42890F17D7E}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{AC16149B-EC32-49F5-83BA-BBD329B8111F}C:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe" = protocol=17 | dir=in | app=c:\users\abc\downloads\gry\pegasus\rocknesx www.pegasus-gry.com\rocknesx\rocknesx.exe | "UDP Query User{B405E19A-A5C4-42C2-B7AC-0E12A724A4BE}C:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\gry\left 4 dead 2\left 4 dead 2\left4dead2.exe | "UDP Query User{B6DC7EED-A575-4B7B-B58A-D041F56DC1E2}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{BD665D5D-4F7F-4277-B9D3-DBFA3D79997F}C:\users\abc\downloads\gry\pegasus\unoficiall nester 3.0pl\unoficiall nester 3.0pl\nester.exe" = protocol=17 | dir=in | app=c:\users\abc\downloads\gry\pegasus\unoficiall nester 3.0pl\unoficiall nester 3.0pl\nester.exe | "UDP Query User{C09F2261-D2EB-446C-B126-7E2EB7BF7FCD}C:\gry\mount&blade warband\mb_warband.exe" = protocol=17 | dir=in | app=c:\gry\mount&blade warband\mb_warband.exe | "UDP Query User{CF6DCCAC-48C8-4FA5-8184-4BA73ABDD62B}C:\program files\graphisoft\archicad 12\archicad.exe" = protocol=17 | dir=in | app=c:\program files\graphisoft\archicad 12\archicad.exe | "UDP Query User{DBDFEFB9-99BA-4D4C-A476-3A934CBD531F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{DBEFE138-7FFE-4C52-8D60-CDB97D5AA9E2}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{DD28214E-FCC2-4650-9D17-18BC1EA55544}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{ECC0C243-316B-4AF8-9A8F-C50E0954340B}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe | "UDP Query User{F838F49A-FF57-4F67-B501-DE09CD06D07E}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe | "UDP Query User{FFE9A9B5-9F83-4757-ADFC-704C80980C21}C:\gry\konami\pro evolution soccer 2009\pes2009.exe" = protocol=17 | dir=in | app=c:\gry\konami\pro evolution soccer 2009\pes2009.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove) "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{024D1716-9F42-0039-06E5-F4279D6C4382}" = CCC Help Russian "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200 "{04556846-E511-3FE9-E824-3588075C8036}" = Catalyst Control Center Graphics Full Existing "{05CD72BE-7783-AAB9-0C05-2D8DBD2DD444}" = Catalyst Control Center Localization Dutch "{0612E132-33FF-4488-9C31-F8D485D6866D}" = Catalyst Control Center Graphics Light "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0B3DB1B2-404C-AAA8-B32E-E65520EDE74D}" = CCC Help Polish "{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1 "{10504622-2818-C312-55CC-A72D36A31DBC}" = CCC Help Swedish "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help "{223818EB-2BB5-4AAD-9F38-BA9668A4E3F3}" = Windows Live Messenger "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21 "{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support "{2A34320A-56F9-9C4F-D325-77AC8A54C8B6}" = Catalyst Control Center Localization Japanese "{2C9FF444-79C0-C0C4-7B21-0E77C872AF53}" = CCC Help Danish "{2CA3E0A5-9281-6E67-1843-A6CC0B00BD74}" = Catalyst Control Center Localization French "{306B39C9-3AB1-4161-8567-9C7E50B41AE3}" = Microsoft Works "{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2 "{31775690-0E29-2AB1-75DE-C406152CBD1D}" = Catalyst Control Center Localization Chinese Standard "{31800004-6386-4999-A519-518F2D78D8F0}" = Python 2.5.1 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3466C4D1-508A-0E36-EB05-2E53766F27E0}" = CCC Help Italian "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3 "{38DCD6F5-C4DC-25E5-C113-0A909558FC2C}" = CCC Help Norwegian "{3FA160E2-066B-8D77-FCF4-F001F236E8E7}" = CCC Help Spanish "{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}" = Catalyst Control Center - Branding "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{431CED44-A6D3-4E4A-2B76-04D1A861FCCE}" = Catalyst Control Center Localization Swedish "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7 "{475144D0-A4D6-C553-42B5-7BB60FCEF9EC}" = Catalyst Control Center Localization German "{49BA6327-744C-3D20-16DB-6E98BF66D0FD}" = Catalyst Control Center Localization Danish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B4D411D-E363-7E6B-68C3-C8E2EF02B7C6}" = CCC Help Chinese Traditional "{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard "{50DB0F17-4180-31F7-F26B-B40CBA8BA6E0}" = CCC Help German "{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend "{5396C246-53B5-4BBA-62DC-8308C7357EFE}" = Catalyst Control Center Localization Polish "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{54CAEF60-0258-2D8E-F01F-24BC689EA8A9}" = Catalyst Control Center Localization Portuguese "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{560BB29B-41C5-88E4-4847-B4B1DDB47B9B}" = Catalyst Control Center Localization Czech "{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2 "{59748B12-406B-7EA4-355D-3BBD62E97C69}" = Catalyst Control Center Localization Turkish "{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime "{5B4E5823-7265-9A19-A871-36E75824F7BE}" = CCC Help French "{5EBC76DA-573E-7D96-A6F8-F4B9DE97A15F}" = Catalyst Control Center Localization Greek "{623AD94E-1621-5AA1-BD6D-0EF08C9D7851}" = Catalyst Control Center Core Implementation "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DBCFFF6-2A7B-4AE4-8FC8-1216442E2814}" = CCC Help Korean "{6FCBD7F7-6A29-089F-E5DB-E33EFCF306CD}" = Catalyst Control Center Localization Spanish "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{762D9F20-593B-436E-CAC3-B3D9F4DA7A90}" = Catalyst Control Center Localization Chinese Traditional "{80C2AD19-97A2-C829-38DE-5FD5B47F122B}" = ATI Catalyst Install Manager "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{8436F8D7-AA62-83DA-3BC5-E04871BF5F61}" = CCC Help Portuguese "{84F40C39-1E61-B3A7-833A-3A376AB53394}" = CCC Help Japanese "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{931FB38C-D5D4-4DBD-3723-50140A67F276}" = CCC Help Turkish "{96A959C9-51E1-C920-A9FA-269BB462A940}" = CCC Help Czech "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A102E7E3-2A4E-F509-3EF6-019F45C83196}" = CCC Help Dutch "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A57222BD-51E3-7765-A008-9B6428402A59}" = CCC Help Hungarian "{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant "{A8ACD338-255C-B53D-7F19-ED7293B291E8}" = Catalyst Control Center Localization Norwegian "{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009 "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.4 - Polish "{AE72E414-0935-4AC8-B7D6-12E3039BEC13}" = DigitalPersona Personal 3.0.1 "{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements "{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update "{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX "{BD41A0CF-79B4-98D8-B9B9-3DE8BEC8A861}" = Catalyst Control Center Localization Finnish "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4B2636B-D76D-7C23-3010-99E96693F0B5}" = Catalyst Control Center Graphics Previews Vista "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C73A1EF0-9AC3-466C-918B-6684E594B039}_is1" = Embarcadero Delphi 2010 "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{C9E9386A-7E81-796A-3465-8471A239A8A0}" = CCC Help Chinese Standard "{CA4498C8-5146-E527-27A7-1B4F81C9BF05}" = CCC Help Thai "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DD876490-252F-4EEF-B205-2E8F5A6E523B}" = ProtectSmart Hard Drive Protection "{DEC3A80C-49D3-2885-2A03-3FBA61A5D40F}" = Catalyst Control Center Localization Italian "{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II "{E0B276B1-97D7-7AD2-548F-248A7745A1ED}" = CCC Help Greek "{E2ADC6FA-4233-54E6-29EC-E60EAD096A50}" = Catalyst Control Center Localization Hungarian "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3EA025D-29A0-530C-9CA7-DBB5C49BB6DB}" = Skins "{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14 "{E96FFA19-E94B-D32B-E103-E78A0877245A}" = Catalyst Control Center Localization Thai "{EAE4AD65-89F2-3DE8-DF46-CCB34393CAA0}" = Catalyst Control Center Localization Russian "{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center "{EE3D717C-D93F-2A2B-F641-F59F48E11895}" = ccc-utility "{F447BD4C-65C3-A6D9-8A5F-5E822E32E1BC}" = Catalyst Control Center Localization Korean "{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102 "{F48FEA7A-2B87-8270-927C-20A0E7E5EBC2}" = CCC Help English "{FCC92CBC-F520-A906-C002-9A6236308916}" = Catalyst Control Center Graphics Full New "{FEC99680-66C4-C8C7-084B-2FB1B257777C}" = CCC Help Finnish "{FEEDAB32-F937-8319-D3F1-FFFC98C2111E}" = ccc-core-static "001FFFFFFF12FF00FF1801F02F02F000-R1" = ArchiCAD 12 POL "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIDA32_is1" = AIDA32 v3.93 "AOL Toolbar" = Pasek narzędzi AOL 5.0 "AutoCAD 2008 - English" = AutoCAD 2008 - English "AvantBrowser" = Avant Browser (remove only) "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Expressivo" = Expressivo "foobar2000" = foobar2000 v0.9.5.6 "GameDesire-Poker" = GameDesire-Poker "HotspotShield" = Hotspot Shield 1.44 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full) "L4D2SP" = Left 4 Dead 2 Standalone Patch™ "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mount&Blade Warband" = Mount&Blade Warband "Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9) "numpy-py2.5" = Python 2.5 numpy-1.0.3 "Odinstaluj SOLDIS_is1" = SOLDIS "PRO100 Demo_is1" = PRO100 Demo wersja 4.61 "pywin32-py2.5" = Python 2.5 pywin32-212 "RealAlt_is1" = Real Alternative 1.8.4 "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6 "SopCast" = SopCast 3.2.8 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "WinRAR archiver" = Archiwizator WinRAR "wxPython2.8-unicode-py25_is1" = wxPython 2.8.4.0 (unicode) for Python 2.5 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "fc09-AT_GAMETWIST_MAIN" = Football Challenge 2009 (GameTwist) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-09-02 17:15:22 | Computer Name = abc-PC | Source = EventSystem | ID = 4621 Description = Error - 2010-09-03 06:15:32 | Computer Name = abc-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-09-03 06:16:32 | Computer Name = abc-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-09-03 17:29:04 | Computer Name = abc-PC | Source = EventSystem | ID = 4621 Description = Error - 2010-09-04 08:18:54 | Computer Name = abc-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-09-04 08:20:01 | Computer Name = abc-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-09-04 14:41:04 | Computer Name = abc-PC | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd BLService.exe, wersja 1.0.0.2, sygnatura czasowa 0x47c2fde7, moduł powodujący błąd BLService.exe, wersja 1.0.0.2, sygnatura czasowa 0x47c2fde7, kod wyjątku 0x40000015, przesunięcie błędu 0x00027fa2, identyfikator procesu 0xe34, godzina rozpoczęcia aplikacji 0x01cb4c2b501420ff. Error - 2010-09-07 11:18:07 | Computer Name = abc-PC | Source = WinMgmt | ID = 10 Description = Error - 2010-09-07 11:20:12 | Computer Name = abc-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 2010-09-09 13:42:02 | Computer Name = abc-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2010-09-14 15:26:19 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7030 Description = Error - 2010-09-14 15:28:17 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7022 Description = Error - 2010-09-14 15:35:54 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7030 Description = Error - 2010-09-14 15:36:04 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7030 Description = Error - 2010-09-14 15:37:34 | Computer Name = abc-PC | Source = HTTP | ID = 15016 Description = Error - 2010-09-14 15:38:23 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-09-14 15:41:35 | Computer Name = abc-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-09-14 15:51:55 | Computer Name = abc-PC | Source = HTTP | ID = 15016 Description = Error - 2010-09-14 15:52:22 | Computer Name = abc-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-09-14 15:52:38 | Computer Name = abc-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = < End of report >