objavy sa mi okno Generic Host Process for Win32 Services
potreboval by som skontrolovat logy
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:59:34, on 18. 6. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Rockwell\EventServer.exe
C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Rockwell\NmspHost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Rockwell\RdcyHost.exe
C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
C:\Program Files\Common Files\Rockwell\RsvcHost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ROCKWE~1\RSVIEW~1\DISPLA~2.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsSCM.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsDDM.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\AlmSrv.exe
C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsBTM.EXE
C:\WINDOWS\system32\rtdsk40.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SHDE.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\AlarmQB.exe
C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SAUserServ.exe
C:\Program Files\Rockwell Software\RSView Enterprise\CommandCliSrv.exe
C:\Program Files\Rockwell Software\RSView Enterprise\CommandErrorLogSrv.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdCli.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdRp.exe
C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe
C:\Program Files\Rockwell Software\RSView Enterprise\RSAOAServer.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SEGfxVBACli.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DisplayClientManager.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DisplayCCmdFrnt.exe
C:\Program Files\Rockwell Software\RSView Enterprise\AlmCliSrvWrap.exe
C:\PROGRA~1\ROCKWE~1\RSVIEW~1\DISPLA~2.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\SHDE.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\SAUserServ.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdRp.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SEGfxVBACli.exe
C:\Program Files\Rockwell Software\RSView Enterprise\GfxCommandHMIService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Rockwell\VStudio.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SEGfxVBACli.exe
C:\Program Files\Rockwell Software\RSView Enterprise\SAUserServ.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdRp.exe
C:\Program Files\Rockwell Software\RSView Enterprise\DIBServer.exe
C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
C:\Program Files\Rockwell Software\RSView Enterprise\Icedbe.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avg.com/ww.special-toolbar-first-run-tlbrc
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UsbCipHelper] C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Cemmac.HMI
O17 - HKLM\Software\..\Telephony: DomainName = Cemmac.HMI
O17 - HKLM\System\CCS\Services\Tcpip\..\{16055F86-A5CB-4B5A-B7C9-252A4E882D0C}: NameServer = 192.168.1.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Cemmac.HMI
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Cemmac.HMI
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: dnWhoDisp - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe
O23 - Service: Rockwell Event Multiplexer (EventClientMultiplexer) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
O23 - Service: Rockwell Event Server (EventServer) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\EventServer.exe
O23 - Service: Rockwell Alarm History Archiver (FTAE_Archiver) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
O23 - Service: Rockwell Alarm Historian (FTAE_HistServ) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
O23 - Service: Harmony - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
O23 - Service: LogReceiver - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe
O23 - Service: Rockwell Namespace Services (NmspHost) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\NmspHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: Rockwell Redundancy Services (RdcyHost) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RdcyHost.exe
O23 - Service: Rockwell Alarm Server (RnaAeServer) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
O23 - Service: Rockwell Alarm Multiplexer (RnaAlarmMux) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
O23 - Service: FactoryTalk Diagnostics Local Reader (RNADiagnosticsService) - Rockwell Automation Inc. - C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
O23 - Service: FactoryTalk Diagnostics CE Receiver (RNADiagReceiver) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe
O23 - Service: Rockwell Directory Server (RNADirectory) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
O23 - Service: Rockwell Directory Multiplexer (RNADirMultiplexor) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
O23 - Service: Rockwell HMI Activity Logger - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSView Enterprise\RsActivityLogServ.exe
O23 - Service: Rockwell HMI Alarm Logger - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
O23 - Service: Rockwell HMI Diagnostics - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
O23 - Service: Rockwell HMI Framework - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
O23 - Service: Rockwell Tag Server - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
O23 - Service: RSLinx Enterprise (RSLinxNG) - Rockwell Automation, Inc. - C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
O23 - Service: Rockwell Application Services (RsvcHost) - Rockwell Automation, Inc. - C:\Program Files\Common Files\Rockwell\RsvcHost.exe
--
End of file - 10569 bytes

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Generic Host Process for Win32 Services
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
- 1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Generic Host Process for Win32 Services
zdravím
stáhněte si OTL z tohoto odkazu http://ottools.noahdfear.net/OTL.exe
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte

stáhněte si OTL z tohoto odkazu http://ottools.noahdfear.net/OTL.exe
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte
Re: Generic Host Process for Win32 Services
OTL logfile created on: 21. 6. 2010 9:27:21 - Run 2
OTL by OldTimer - Version 3.2.6.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 284.07 Gb Free Space | 95.30% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 286.03 Gb Free Space | 95.95% Space Free | Partition Type: NTFS
Drive E: | 963.70 Mb Total Space | 174.67 Mb Free Space | 18.13% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REZERVA
Current User Name: REZERVA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.21 08:30:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2010.06.02 09:04:01 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.06.02 09:04:00 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.06.02 09:04:00 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.02 09:03:58 | 000,751,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgscanx.exe
PRC - [2010.06.02 09:03:58 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.06.02 09:03:57 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.02 09:03:57 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.06.02 09:03:56 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2008.07.02 11:03:08 | 000,192,512 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
PRC - [2008.06.25 13:17:06 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RsvcHost.exe
PRC - [2008.06.25 13:15:32 | 000,902,440 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
PRC - [2008.06.25 13:15:26 | 000,996,648 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
PRC - [2008.06.25 13:15:18 | 000,034,088 | ---- | M] (Rockwell Automation Inc.) -- C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
PRC - [2008.06.25 13:14:34 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RdcyHost.exe
PRC - [2008.06.25 13:14:14 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\NmspHost.exe
PRC - [2008.06.25 13:12:22 | 000,222,504 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\EventServer.exe
PRC - [2008.06.25 13:12:18 | 000,292,136 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
PRC - [2008.05.27 16:17:44 | 000,434,176 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
PRC - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.21 14:27:46 | 000,753,664 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
PRC - [2007.09.18 22:03:32 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdCli.exe
PRC - [2007.09.18 22:03:14 | 000,053,248 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdRp.exe
PRC - [2007.09.18 22:02:56 | 000,053,248 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdServ.exe
PRC - [2007.09.18 22:02:36 | 000,331,776 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DatalogServ.exe
PRC - [2007.09.18 21:58:04 | 000,069,632 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayCCmdFrnt.exe
PRC - [2007.09.18 21:55:54 | 002,842,624 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayClient.exe
PRC - [2007.09.18 21:55:06 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayClientManager.exe
PRC - [2007.09.18 21:48:56 | 000,368,640 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe
PRC - [2007.09.18 21:48:34 | 000,057,344 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmCliSrvWrap.exe
PRC - [2007.09.18 21:47:18 | 001,028,096 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlarmQB.exe
PRC - [2007.09.18 21:46:36 | 000,397,312 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmSrv.exe
PRC - [2007.09.18 21:43:42 | 000,086,016 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DerivedTags.exe
PRC - [2007.09.18 21:42:30 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\EventDetector.exe
PRC - [2007.09.18 21:40:12 | 000,167,936 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\CommandCliSrv.exe
PRC - [2007.09.18 21:38:32 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\CommandErrorLogSrv.exe
PRC - [2007.09.18 21:37:44 | 000,114,688 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\SAUserServ.exe
PRC - [2007.09.18 21:35:10 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
PRC - [2007.09.18 21:34:52 | 000,151,552 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlmLogExpServ.exe
PRC - [2007.09.18 21:26:38 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RSAOAServer.exe
PRC - [2007.09.18 20:44:04 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\SEGfxVBACli.exe
PRC - [2007.09.18 20:34:28 | 000,147,456 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
PRC - [2007.09.18 20:31:48 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsSCM.exe
PRC - [2007.09.18 20:30:50 | 000,094,208 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsDDM.exe
PRC - [2007.09.18 20:29:42 | 000,010,752 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsBTM.exe
PRC - [2007.09.18 20:26:24 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
PRC - [2007.09.18 20:21:34 | 000,491,520 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
PRC - [2007.09.18 20:17:44 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIServer.exe
PRC - [2007.09.18 20:15:38 | 000,005,120 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\shde.exe
PRC - [2007.09.17 23:32:00 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
PRC - [2007.09.17 23:29:44 | 000,061,440 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
PRC - [2007.09.17 23:29:28 | 000,143,360 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
PRC - [2005.02.02 06:51:00 | 000,826,916 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [1999.10.23 11:05:54 | 000,526,872 | ---- | M] () -- C:\WINDOWS\system32\rtdsk40.exe
========== Modules (SafeList) ==========
MOD - [2010.06.21 08:30:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2010.06.02 09:03:58 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.04.19 10:25:46 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008.07.25 09:39:26 | 001,971,768 | ---- | M] (Rockwell Automation, Inc.) [Disabled | Stopped] -- C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE -- (RSLinx)
SRV - [2008.07.02 11:03:08 | 000,192,512 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe -- (RSLinxNG)
SRV - [2008.07.02 11:01:28 | 000,086,016 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe -- (LogReceiver)
SRV - [2008.06.25 13:17:06 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RsvcHost.exe -- (RsvcHost)
SRV - [2008.06.25 13:15:32 | 000,902,440 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaDirServer.exe -- (RNADirectory)
SRV - [2008.06.25 13:15:26 | 000,996,648 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe -- (RNADirMultiplexor)
SRV - [2008.06.25 13:15:22 | 000,148,776 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe -- (RNADiagReceiver)
SRV - [2008.06.25 13:15:18 | 000,034,088 | ---- | M] (Rockwell Automation Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe -- (RNADiagnosticsService)
SRV - [2008.06.25 13:14:34 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RdcyHost.exe -- (RdcyHost)
SRV - [2008.06.25 13:14:14 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\NmspHost.exe -- (NmspHost)
SRV - [2008.06.25 13:12:22 | 000,222,504 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\EventServer.exe -- (EventServer)
SRV - [2008.06.25 13:12:18 | 000,292,136 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe -- (EventClientMultiplexer)
SRV - [2008.05.27 11:20:38 | 000,070,952 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe -- (dnWhoDisp)
SRV - [2008.05.24 09:25:12 | 000,202,024 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE -- (Harmony)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007.09.21 14:27:46 | 000,753,664 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe -- (RnaAlarmMux)
SRV - [2007.09.18 21:35:10 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe -- (Rockwell HMI Alarm Logger)
SRV - [2007.09.18 21:34:02 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSView Enterprise\RsActivityLogServ.exe -- (Rockwell HMI Activity Logger)
SRV - [2007.09.18 20:34:28 | 000,147,456 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe -- (Rockwell Tag Server)
SRV - [2007.09.18 20:26:24 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe -- (Rockwell HMI Diagnostics)
SRV - [2007.09.18 20:21:34 | 000,491,520 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe -- (Rockwell HMI Framework)
SRV - [2007.09.17 23:32:00 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaAeServer.exe -- (RnaAeServer)
SRV - [2007.09.17 23:29:44 | 000,061,440 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe -- (FTAE_Archiver)
SRV - [2007.09.17 23:29:28 | 000,143,360 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe -- (FTAE_HistServ)
SRV - [2005.11.25 09:11:02 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\WINDOWS\system32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2010.06.02 09:04:01 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.06.02 09:04:00 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.06.02 09:03:57 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.02 09:03:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.08.21 11:01:08 | 000,026,624 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2009.08.21 11:00:34 | 000,055,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Administrator\Local Settings\Temp\{102A1A4B-D995-4557-B32A-04653785AAF1}\fsgk.sys -- (F-Secure Standalone Minifilter)
DRV - [2009.04.09 10:18:17 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009.01.15 08:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.11.02 10:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.07 13:14:00 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.07.25 14:09:24 | 000,845,184 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.07.05 18:19:52 | 000,155,440 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\RSSERIAL.SYS -- (RSSerial)
DRV - [2008.07.05 18:19:50 | 000,039,067 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\RSIKT.SYS -- (RsiKtControl)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.04.04 21:20:36 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2005.04.04 12:36:52 | 000,009,887 | ---- | M] (Ken Kato) [Kernel | On_Demand | Stopped] -- c:\VirtualFloppyDisk\vfd.sys -- (VirtualFD)
DRV - [2004.08.13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.11.13 14:38:40 | 000,016,447 | ---- | M] (Rockwell Automation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RSI-PKTX-A.SYS -- (RSI-PKTX-A)
DRV - [2002.04.23 19:02:26 | 000,038,999 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RSIKTNG.SYS -- (RSLINXNGKtControl)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2003.03.31 16:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UsbCipHelper] C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe (Rockwell Automation, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Cemmac.HMI
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Save vizLRP.bmp
O24 - Desktop BackupWallPaper: C:\Save vizLRP.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.01 16:26:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 16:09:59 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 16:09:54 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.18 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.18 13:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pec_rezerva\Application Data\AntiHijackDAT
[2010.06.18 13:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Save Data
[2010.06.18 13:25:46 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2010.06.18 09:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pec_rezerva\Application Data\Malwarebytes
[2010.06.18 09:04:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.18 09:04:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.18 09:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.06.18 09:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.06.12 17:49:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pec_rezerva\Recent
[2010.06.02 09:04:00 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.06.02 07:22:12 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.06.02 06:47:40 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.06.02 06:47:40 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.06.02 06:47:37 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.06.02 06:47:36 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.06.02 06:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010.06.02 06:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010.06.02 06:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010.05.24 12:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\IntelliAdmin
[2010.05.23 11:56:15 | 000,000,000 | ---D | C] -- C:\VirtualFloppyDisk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.21 09:27:04 | 000,000,943 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.21 08:59:01 | 061,263,123 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.06.21 07:56:52 | 000,206,862 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.21 07:55:20 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Pec_rezerva\NTUSER.DAT
[2010.06.21 07:55:20 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Pec_rezerva\ntuser.ini
[2010.06.21 07:54:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.20 22:12:01 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.18 13:59:30 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\HijackThis.lnk
[2010.06.18 13:28:42 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\FactoryTalk View Studio.lnk
[2010.06.18 09:04:17 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.15 09:14:16 | 000,002,411 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\FactoryTalk View Site Edition Client.lnk
[2010.06.02 09:04:01 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.06.02 09:04:00 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.06.02 09:04:00 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.06.02 09:03:57 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.06.02 09:03:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.06.02 06:47:41 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010.06.02 06:47:36 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.05.23 11:59:30 | 000,000,032 | ---- | M] () -- C:\WINDOWS\EvMoveW.INI
[2010.05.23 11:58:52 | 000,000,260 | RHS- | M] () -- C:\386SWAP.PAR
[2010.05.23 11:58:52 | 000,000,172 | RHS- | M] () -- C:\EVRSI.SYS
[2010.05.23 11:56:16 | 000,088,898 | -H-- | M] () -- C:\treeinfo.wc
[2010.05.23 09:48:18 | 000,000,026 | ---- | M] () -- C:\WINDOWS\VSLevel2.INI
[2010.05.23 09:10:48 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\Event Viewer.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.18 13:59:30 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Pec_rezerva\Desktop\HijackThis.lnk
[2010.06.18 09:04:17 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.02 06:47:41 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010.06.02 06:47:36 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.06.02 06:47:35 | 061,263,123 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.05.23 11:58:04 | 000,282,832 | ---- | C] () -- C:\EVMOVE.EXE
[2010.05.23 11:58:04 | 000,275,168 | ---- | C] () -- C:\RESET.EXE
[2010.05.23 11:58:04 | 000,122,349 | ---- | C] () -- C:\COPYPROT.HLP
[2010.05.23 09:10:48 | 000,001,592 | ---- | C] () -- C:\Documents and Settings\Pec_rezerva\Desktop\Event Viewer.lnk
[2009.08.21 11:01:08 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009.04.20 11:34:44 | 000,001,318 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009.04.20 09:19:37 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\hppapr02.dll
[2009.04.20 09:17:40 | 000,000,943 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.16 18:31:50 | 000,001,778 | ---- | C] () -- C:\WINDOWS\EDS.ini
[2009.04.15 22:00:52 | 000,000,026 | ---- | C] () -- C:\WINDOWS\VSLevel2.INI
[2009.04.15 16:54:43 | 000,000,032 | ---- | C] () -- C:\WINDOWS\EvMoveW.INI
[2009.04.09 18:04:14 | 000,000,690 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.04.09 12:24:17 | 000,000,247 | ---- | C] () -- C:\WINDOWS\RLEIcons.ini
[2009.04.09 10:18:17 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2009.04.09 07:55:56 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009.04.09 07:55:56 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009.04.09 07:55:46 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009.04.09 07:55:46 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009.04.09 07:55:43 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009.04.06 14:13:28 | 000,000,129 | ---- | C] () -- C:\WINDOWS\rocksoft.ini
[2009.04.01 16:59:32 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.01 16:59:29 | 000,018,169 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.01 16:59:23 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.01 11:07:02 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.04.01 11:07:02 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.04.01 11:07:00 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.04.01 11:07:00 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.01.15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.07.25 10:08:34 | 000,036,408 | ---- | C] () -- C:\WINDOWS\System32\LINXVDD.DLL
[2007.09.28 11:30:54 | 000,198,680 | ---- | C] () -- C:\WINDOWS\System32\WL40ENT.DLL
[2007.09.28 11:30:54 | 000,023,064 | ---- | C] () -- C:\WINDOWS\System32\WTR40T.DLL
< End of report >
OTL by OldTimer - Version 3.2.6.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 39.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 284.07 Gb Free Space | 95.30% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 286.03 Gb Free Space | 95.95% Space Free | Partition Type: NTFS
Drive E: | 963.70 Mb Total Space | 174.67 Mb Free Space | 18.13% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REZERVA
Current User Name: REZERVA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.21 08:30:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2010.06.02 09:04:01 | 002,065,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.06.02 09:04:00 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.06.02 09:04:00 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.02 09:03:58 | 000,751,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgscanx.exe
PRC - [2010.06.02 09:03:58 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.06.02 09:03:57 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.02 09:03:57 | 000,722,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.06.02 09:03:56 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2008.07.02 11:03:08 | 000,192,512 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
PRC - [2008.06.25 13:17:06 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RsvcHost.exe
PRC - [2008.06.25 13:15:32 | 000,902,440 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
PRC - [2008.06.25 13:15:26 | 000,996,648 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
PRC - [2008.06.25 13:15:18 | 000,034,088 | ---- | M] (Rockwell Automation Inc.) -- C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
PRC - [2008.06.25 13:14:34 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RdcyHost.exe
PRC - [2008.06.25 13:14:14 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\NmspHost.exe
PRC - [2008.06.25 13:12:22 | 000,222,504 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\EventServer.exe
PRC - [2008.06.25 13:12:18 | 000,292,136 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
PRC - [2008.05.27 16:17:44 | 000,434,176 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
PRC - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.21 14:27:46 | 000,753,664 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
PRC - [2007.09.18 22:03:32 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdCli.exe
PRC - [2007.09.18 22:03:14 | 000,053,248 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdRp.exe
PRC - [2007.09.18 22:02:56 | 000,053,248 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DlgRdServ.exe
PRC - [2007.09.18 22:02:36 | 000,331,776 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DatalogServ.exe
PRC - [2007.09.18 21:58:04 | 000,069,632 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayCCmdFrnt.exe
PRC - [2007.09.18 21:55:54 | 002,842,624 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayClient.exe
PRC - [2007.09.18 21:55:06 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DisplayClientManager.exe
PRC - [2007.09.18 21:48:56 | 000,368,640 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe
PRC - [2007.09.18 21:48:34 | 000,057,344 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmCliSrvWrap.exe
PRC - [2007.09.18 21:47:18 | 001,028,096 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlarmQB.exe
PRC - [2007.09.18 21:46:36 | 000,397,312 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\AlmSrv.exe
PRC - [2007.09.18 21:43:42 | 000,086,016 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\DerivedTags.exe
PRC - [2007.09.18 21:42:30 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\EventDetector.exe
PRC - [2007.09.18 21:40:12 | 000,167,936 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\CommandCliSrv.exe
PRC - [2007.09.18 21:38:32 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\CommandErrorLogSrv.exe
PRC - [2007.09.18 21:37:44 | 000,114,688 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\SAUserServ.exe
PRC - [2007.09.18 21:35:10 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
PRC - [2007.09.18 21:34:52 | 000,151,552 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlmLogExpServ.exe
PRC - [2007.09.18 21:26:38 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\RSAOAServer.exe
PRC - [2007.09.18 20:44:04 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\SEGfxVBACli.exe
PRC - [2007.09.18 20:34:28 | 000,147,456 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
PRC - [2007.09.18 20:31:48 | 000,081,920 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsSCM.exe
PRC - [2007.09.18 20:30:50 | 000,094,208 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsDDM.exe
PRC - [2007.09.18 20:29:42 | 000,010,752 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMITagsBTM.exe
PRC - [2007.09.18 20:26:24 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
PRC - [2007.09.18 20:21:34 | 000,491,520 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
PRC - [2007.09.18 20:17:44 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIServer.exe
PRC - [2007.09.18 20:15:38 | 000,005,120 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Rockwell Software\RSView Enterprise\shde.exe
PRC - [2007.09.17 23:32:00 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
PRC - [2007.09.17 23:29:44 | 000,061,440 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
PRC - [2007.09.17 23:29:28 | 000,143,360 | ---- | M] (Rockwell Automation, Inc.) -- C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
PRC - [2005.02.02 06:51:00 | 000,826,916 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [1999.10.23 11:05:54 | 000,526,872 | ---- | M] () -- C:\WINDOWS\system32\rtdsk40.exe
========== Modules (SafeList) ==========
MOD - [2010.06.21 08:30:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2010.06.02 09:03:58 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.04.19 10:25:46 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008.07.25 09:39:26 | 001,971,768 | ---- | M] (Rockwell Automation, Inc.) [Disabled | Stopped] -- C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE -- (RSLinx)
SRV - [2008.07.02 11:03:08 | 000,192,512 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe -- (RSLinxNG)
SRV - [2008.07.02 11:01:28 | 000,086,016 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe -- (LogReceiver)
SRV - [2008.06.25 13:17:06 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RsvcHost.exe -- (RsvcHost)
SRV - [2008.06.25 13:15:32 | 000,902,440 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaDirServer.exe -- (RNADirectory)
SRV - [2008.06.25 13:15:26 | 000,996,648 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe -- (RNADirMultiplexor)
SRV - [2008.06.25 13:15:22 | 000,148,776 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe -- (RNADiagReceiver)
SRV - [2008.06.25 13:15:18 | 000,034,088 | ---- | M] (Rockwell Automation Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe -- (RNADiagnosticsService)
SRV - [2008.06.25 13:14:34 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RdcyHost.exe -- (RdcyHost)
SRV - [2008.06.25 13:14:14 | 000,218,408 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\NmspHost.exe -- (NmspHost)
SRV - [2008.06.25 13:12:22 | 000,222,504 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\EventServer.exe -- (EventServer)
SRV - [2008.06.25 13:12:18 | 000,292,136 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe -- (EventClientMultiplexer)
SRV - [2008.05.27 11:20:38 | 000,070,952 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe -- (dnWhoDisp)
SRV - [2008.05.24 09:25:12 | 000,202,024 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE -- (Harmony)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008.04.14 05:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007.09.21 14:27:46 | 000,753,664 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe -- (RnaAlarmMux)
SRV - [2007.09.18 21:35:10 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe -- (Rockwell HMI Alarm Logger)
SRV - [2007.09.18 21:34:02 | 000,098,304 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Stopped] -- C:\Program Files\Rockwell Software\RSView Enterprise\RsActivityLogServ.exe -- (Rockwell HMI Activity Logger)
SRV - [2007.09.18 20:34:28 | 000,147,456 | ---- | M] (Rockwell Automation, Inc.) [On_Demand | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe -- (Rockwell Tag Server)
SRV - [2007.09.18 20:26:24 | 000,077,824 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe -- (Rockwell HMI Diagnostics)
SRV - [2007.09.18 20:21:34 | 000,491,520 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe -- (Rockwell HMI Framework)
SRV - [2007.09.17 23:32:00 | 000,270,336 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\RnaAeServer.exe -- (RnaAeServer)
SRV - [2007.09.17 23:29:44 | 000,061,440 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe -- (FTAE_Archiver)
SRV - [2007.09.17 23:29:28 | 000,143,360 | ---- | M] (Rockwell Automation, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe -- (FTAE_HistServ)
SRV - [2005.11.25 09:11:02 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\WINDOWS\system32\OpcEnum.exe -- (OpcEnum)
========== Driver Services (SafeList) ==========
DRV - [2010.06.02 09:04:01 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.06.02 09:04:00 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.06.02 09:03:57 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.02 09:03:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.08.21 11:01:08 | 000,026,624 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2009.08.21 11:00:34 | 000,055,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Administrator\Local Settings\Temp\{102A1A4B-D995-4557-B32A-04653785AAF1}\fsgk.sys -- (F-Secure Standalone Minifilter)
DRV - [2009.04.09 10:18:17 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009.01.15 08:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.11.02 10:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.07 13:14:00 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.07.25 14:09:24 | 000,845,184 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.07.05 18:19:52 | 000,155,440 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\RSSERIAL.SYS -- (RSSerial)
DRV - [2008.07.05 18:19:50 | 000,039,067 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\RSIKT.SYS -- (RsiKtControl)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.04.04 21:20:36 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2005.04.04 12:36:52 | 000,009,887 | ---- | M] (Ken Kato) [Kernel | On_Demand | Stopped] -- c:\VirtualFloppyDisk\vfd.sys -- (VirtualFD)
DRV - [2004.08.13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.11.13 14:38:40 | 000,016,447 | ---- | M] (Rockwell Automation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RSI-PKTX-A.SYS -- (RSI-PKTX-A)
DRV - [2002.04.23 19:02:26 | 000,038,999 | ---- | M] (Rockwell Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RSIKTNG.SYS -- (RSLINXNGKtControl)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2003.03.31 16:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UsbCipHelper] C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe (Rockwell Automation, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Cemmac.HMI
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Save vizLRP.bmp
O24 - Desktop BackupWallPaper: C:\Save vizLRP.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.01 16:26:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 16:09:59 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 16:09:54 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.18 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.18 13:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pec_rezerva\Application Data\AntiHijackDAT
[2010.06.18 13:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Save Data
[2010.06.18 13:25:46 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2010.06.18 09:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pec_rezerva\Application Data\Malwarebytes
[2010.06.18 09:04:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.18 09:04:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.18 09:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.06.18 09:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.06.12 17:49:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pec_rezerva\Recent
[2010.06.02 09:04:00 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.06.02 07:22:12 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.06.02 06:47:40 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.06.02 06:47:40 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.06.02 06:47:37 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.06.02 06:47:36 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.06.02 06:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010.06.02 06:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010.06.02 06:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010.05.24 12:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\IntelliAdmin
[2010.05.23 11:56:15 | 000,000,000 | ---D | C] -- C:\VirtualFloppyDisk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.21 09:27:04 | 000,000,943 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.21 08:59:01 | 061,263,123 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.06.21 07:56:52 | 000,206,862 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.21 07:55:20 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Pec_rezerva\NTUSER.DAT
[2010.06.21 07:55:20 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Pec_rezerva\ntuser.ini
[2010.06.21 07:54:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.20 22:12:01 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.18 13:59:30 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\HijackThis.lnk
[2010.06.18 13:28:42 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\FactoryTalk View Studio.lnk
[2010.06.18 09:04:17 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.15 09:14:16 | 000,002,411 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\FactoryTalk View Site Edition Client.lnk
[2010.06.02 09:04:01 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.06.02 09:04:00 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.06.02 09:04:00 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.06.02 09:03:57 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.06.02 09:03:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.06.02 06:47:41 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010.06.02 06:47:36 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.05.23 11:59:30 | 000,000,032 | ---- | M] () -- C:\WINDOWS\EvMoveW.INI
[2010.05.23 11:58:52 | 000,000,260 | RHS- | M] () -- C:\386SWAP.PAR
[2010.05.23 11:58:52 | 000,000,172 | RHS- | M] () -- C:\EVRSI.SYS
[2010.05.23 11:56:16 | 000,088,898 | -H-- | M] () -- C:\treeinfo.wc
[2010.05.23 09:48:18 | 000,000,026 | ---- | M] () -- C:\WINDOWS\VSLevel2.INI
[2010.05.23 09:10:48 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Pec_rezerva\Desktop\Event Viewer.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.18 13:59:30 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Pec_rezerva\Desktop\HijackThis.lnk
[2010.06.18 09:04:17 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.02 06:47:41 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2010.06.02 06:47:36 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.06.02 06:47:35 | 061,263,123 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.05.23 11:58:04 | 000,282,832 | ---- | C] () -- C:\EVMOVE.EXE
[2010.05.23 11:58:04 | 000,275,168 | ---- | C] () -- C:\RESET.EXE
[2010.05.23 11:58:04 | 000,122,349 | ---- | C] () -- C:\COPYPROT.HLP
[2010.05.23 09:10:48 | 000,001,592 | ---- | C] () -- C:\Documents and Settings\Pec_rezerva\Desktop\Event Viewer.lnk
[2009.08.21 11:01:08 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009.04.20 11:34:44 | 000,001,318 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009.04.20 09:19:37 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\hppapr02.dll
[2009.04.20 09:17:40 | 000,000,943 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.16 18:31:50 | 000,001,778 | ---- | C] () -- C:\WINDOWS\EDS.ini
[2009.04.15 22:00:52 | 000,000,026 | ---- | C] () -- C:\WINDOWS\VSLevel2.INI
[2009.04.15 16:54:43 | 000,000,032 | ---- | C] () -- C:\WINDOWS\EvMoveW.INI
[2009.04.09 18:04:14 | 000,000,690 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.04.09 12:24:17 | 000,000,247 | ---- | C] () -- C:\WINDOWS\RLEIcons.ini
[2009.04.09 10:18:17 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2009.04.09 07:55:56 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009.04.09 07:55:56 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009.04.09 07:55:46 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009.04.09 07:55:46 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009.04.09 07:55:43 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009.04.06 14:13:28 | 000,000,129 | ---- | C] () -- C:\WINDOWS\rocksoft.ini
[2009.04.01 16:59:32 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.01 16:59:29 | 000,018,169 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.01 16:59:23 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.01 11:07:02 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.04.01 11:07:02 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.04.01 11:07:00 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.04.01 11:07:00 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.01.15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.07.25 10:08:34 | 000,036,408 | ---- | C] () -- C:\WINDOWS\System32\LINXVDD.DLL
[2007.09.28 11:30:54 | 000,198,680 | ---- | C] () -- C:\WINDOWS\System32\WL40ENT.DLL
[2007.09.28 11:30:54 | 000,023,064 | ---- | C] () -- C:\WINDOWS\System32\WTR40T.DLL
< End of report >
Re: Generic Host Process for Win32 Services
OTL Extras logfile created on: 21. 6. 2010 8:34:08 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 284.07 Gb Free Space | 95.30% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 286.03 Gb Free Space | 95.96% Space Free | Partition Type: NTFS
Drive E: | 963.70 Mb Total Space | 174.80 Mb Free Space | 18.14% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REZERVA
Current User Name: REZERVA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:Port 135 TCP
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:Port 135 TCP
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe" = C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe:*:Enabled:EventClientMultiplexer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RsvcHost.exe" = C:\Program Files\Common Files\Rockwell\RsvcHost.exe:*:Enabled:RsvcHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RdcyHost.exe" = C:\Program Files\Common Files\Rockwell\RdcyHost.exe:*:Enabled:RdcyHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\NmspHost.exe" = C:\Program Files\Common Files\Rockwell\NmspHost.exe:*:Enabled:NmspHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaDirServer.exe" = C:\Program Files\Common Files\Rockwell\RnaDirServer.exe:*:Enabled:RnaDirServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\EventServer.exe" = C:\Program Files\Common Files\Rockwell\EventServer.exe:*:Enabled:EventServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\DaClient.exe" = C:\Program Files\Common Files\Rockwell\DaClient.exe:*:Enabled:DaClient.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe" = C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe:*:Enabled:RnaDiagReceiver.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe" = C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe:*:Enabled:RnaDiagnosticsSrv.exe -- (Rockwell Automation Inc.)
"C:\Program Files\Common Files\Rockwell\VStudio.exe" = C:\Program Files\Common Files\Rockwell\VStudio.exe:*:Enabled:VStudio.exe -- (Rockwell Automation, Inc.)
"C:\WINDOWS\system32\OpcEnum.exe" = C:\WINDOWS\system32\OpcEnum.exe:*:Enabled:OPCEnum.exe -- (OPC Foundation)
"C:\Program Files\Common Files\Rockwell\RnaAeServer.exe" = C:\Program Files\Common Files\Rockwell\RnaAeServer.exe:*:Enabled:RnaAeServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe:*:Enabled:RnaAlarmMux.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe:*:Enabled:RnaAlarmDetector.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE" = C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE:*:Enabled:RSLinx.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe" = C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe:*:Enabled:OPCTest.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\countermonitor.exe" = C:\Program Files\Common Files\Rockwell\countermonitor.exe:*:Enabled:CounterMonitor.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe:*:Enabled:RSLinxNG.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe:*:Enabled:RSLinxShortcutAOA.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe" = C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe:*:Enabled:AlmProxyCli Module (D) -- (Rockwell Automation, Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe" = C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe:*:Enabled:EventClientMultiplexer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RsvcHost.exe" = C:\Program Files\Common Files\Rockwell\RsvcHost.exe:*:Enabled:RsvcHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RdcyHost.exe" = C:\Program Files\Common Files\Rockwell\RdcyHost.exe:*:Enabled:RdcyHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\NmspHost.exe" = C:\Program Files\Common Files\Rockwell\NmspHost.exe:*:Enabled:NmspHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaDirServer.exe" = C:\Program Files\Common Files\Rockwell\RnaDirServer.exe:*:Enabled:RnaDirServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\EventServer.exe" = C:\Program Files\Common Files\Rockwell\EventServer.exe:*:Enabled:EventServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\DaClient.exe" = C:\Program Files\Common Files\Rockwell\DaClient.exe:*:Enabled:DaClient.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe" = C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe:*:Enabled:RnaDiagReceiver.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe" = C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe:*:Enabled:RnaDiagnosticsSrv.exe -- (Rockwell Automation Inc.)
"C:\Program Files\Common Files\Rockwell\VStudio.exe" = C:\Program Files\Common Files\Rockwell\VStudio.exe:*:Enabled:VStudio.exe -- (Rockwell Automation, Inc.)
"C:\WINDOWS\system32\OpcEnum.exe" = C:\WINDOWS\system32\OpcEnum.exe:*:Enabled:OPCEnum.exe -- (OPC Foundation)
"C:\Program Files\Common Files\Rockwell\RnaAeServer.exe" = C:\Program Files\Common Files\Rockwell\RnaAeServer.exe:*:Enabled:RnaAeServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe:*:Enabled:RnaAlarmMux.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe:*:Enabled:RnaAlarmDetector.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe" = C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe:*:Enabled:AlmProxyCli Module (D) -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE" = C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE:*:Enabled:RSLinx.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe" = C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe:*:Enabled:OPCTest.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\countermonitor.exe" = C:\Program Files\Common Files\Rockwell\countermonitor.exe:*:Enabled:CounterMonitor.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe:*:Enabled:RSLinxNG.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe:*:Enabled:RSLinxShortcutAOA.exe -- (Rockwell Automation, Inc.)
"F:\driver\usb\–Ľ—Ś‘†Íš" = F:\driver\usb\–Ľ—Ś‘†Íš:*:Enabled:Microsoft Windows RPC Helper
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22BD07BC-E8DF-44F7-9B10-7E644ADCE981}" = RSLinx Enterprise 5.17.00 (CPR 9 SR 1)
"{32FF6F27-37C3-46E9-B39E-56CD420415D1}" = FactoryTalk® View Site Edition 5.00.00 (CPR 9)
"{34540622-805E-4CC7-98CF-65A43E99CF4D}" = RSLinx Classic 2.54.00 CPR 9 SR 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36A7B196-8D70-48A5-8FF3-7B836273FD4C}" = Rockwell Windows Firewall Configuration Utility 1.00.03
"{3DB7C2BB-A717-4093-BA3E-3495E899E2DB}" = FactoryTalk Services Platform 2.10 (CPR 9 SR 1)
"{4E8B84D4-778C-4DE6-8CBC-2586D438D295}" = Rockwell Automation USB CIP Driver Package
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{807C556A-63E3-4CB6-8B11-04AFC14BC8F9}" = FactoryTalk Activation Client v3.00.00 (CPR 9)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{93279896-AA2E-4BF3-9FAD-77FCE6E316A6}" = FactoryTalk Alarms and Events 2.10.00 (CPR 9)
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"AVG9Uninstall" = AVG 9.0
"HASP Device Drivers" = HASP Device Drivers
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"RSView Studio" = RSView Supervisory Edition 5.00.00.55 (CPR 9)
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR archivátor
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IntelliAdmin_NetworkAdministrator33" = IntelliAdmin Network Administrator - Remove
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3. 6. 2010 3:39:44 | Computer Name = REZERVA | Source = AutoEnrollment | ID = 15
Description = Automatickej registrácii certifikátu lokálny systém sa nepodarilo
spojiť so službou Active Directory (0x8007054b). Zadaná doména neexistuje, alebo
sa na ňu nedá pripojiť. Registrácia sa nevykoná.
Error - 3. 6. 2010 3:41:16 | Computer Name = REZERVA | Source = Userenv | ID = 1053
Description = Systém Windows nemôže zistiť názov používateľa alebo počítača. (Zadaná
doména neexistuje, alebo sa na ňu nedá pripojiť. ). Spracovanie politiky skupiny
bolo prerušené.
Error - 3. 6. 2010 4:03:58 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie , verzia 0.0.0.0, zlyhanie modulu unknown, verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 10. 6. 2010 7:47:41 | Computer Name = REZERVA | Source = Application Error | ID = 1004
Description = Zlyhanie aplikácie svchost.exe, verzia 0.0.0.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.
Error - 10. 6. 2010 10:14:09 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x6fe217c2.
Error - 16. 6. 2010 4:17:31 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie , verzia 0.0.0.0, zlyhanie modulu unknown, verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 16. 6. 2010 6:59:41 | Computer Name = REZERVA | Source = Application Error | ID = 1004
Description = Zlyhanie aplikácie svchost.exe, verzia 0.0.0.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.
Error - 16. 6. 2010 7:41:22 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
AcGenral.dll, verzia 5.1.2600.5512, adresa zlyhania 0x000116e2.
Error - 18. 6. 2010 4:27:59 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
AcGenral.dll, verzia 5.1.2600.5512, adresa zlyhania 0x000116e2.
Error - 20. 6. 2010 17:59:07 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x6fe217c2.
[ FTDiag Events ]
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7M\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7M\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7L\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7L\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7K\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7K\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7J\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7J\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:12:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:12:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Loss of service. The
server RNA://$Local/Zeriav_TAP_SE:Zeriav_TAP_SE on computer REZERVA is not loade
Error - 21. 6. 2010 2:12:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:12:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Out of service. The
server RNA://$Local/Zeriav_TAP_SE:Zeriav_TAP_SE is not currently available on any
compute
[ OSession Events ]
Error - 16. 4. 2009 10:59:55 | Computer Name = REZERVA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 806
seconds with 720 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20. 6. 2010 16:37:34 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:46:59 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7023
Description = Služba Windows Firewall/Internet Connection Sharing (ICS) bola ukončená
s nasledujúcou chybou: %%5
Error - 21. 6. 2010 1:54:53 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:56:49 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby A-B Virtual Backplane zlyhalo kvôli nasledujúcej
chybe: %%2
Error - 21. 6. 2010 1:56:49 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby A-B Virtual Backplane zlyhalo kvôli nasledujúcej
chybe: %%2
Error - 21. 6. 2010 1:57:38 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:57:38 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:58:25 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:58:25 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:59:13 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
< End of report >
OTL by OldTimer - Version 3.2.6.1 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 284.07 Gb Free Space | 95.30% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 286.03 Gb Free Space | 95.96% Space Free | Partition Type: NTFS
Drive E: | 963.70 Mb Total Space | 174.80 Mb Free Space | 18.14% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: REZERVA
Current User Name: REZERVA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:Port 135 TCP
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:Port 135 TCP
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe" = C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe:*:Enabled:EventClientMultiplexer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RsvcHost.exe" = C:\Program Files\Common Files\Rockwell\RsvcHost.exe:*:Enabled:RsvcHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RdcyHost.exe" = C:\Program Files\Common Files\Rockwell\RdcyHost.exe:*:Enabled:RdcyHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\NmspHost.exe" = C:\Program Files\Common Files\Rockwell\NmspHost.exe:*:Enabled:NmspHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaDirServer.exe" = C:\Program Files\Common Files\Rockwell\RnaDirServer.exe:*:Enabled:RnaDirServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\EventServer.exe" = C:\Program Files\Common Files\Rockwell\EventServer.exe:*:Enabled:EventServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\DaClient.exe" = C:\Program Files\Common Files\Rockwell\DaClient.exe:*:Enabled:DaClient.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe" = C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe:*:Enabled:RnaDiagReceiver.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe" = C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe:*:Enabled:RnaDiagnosticsSrv.exe -- (Rockwell Automation Inc.)
"C:\Program Files\Common Files\Rockwell\VStudio.exe" = C:\Program Files\Common Files\Rockwell\VStudio.exe:*:Enabled:VStudio.exe -- (Rockwell Automation, Inc.)
"C:\WINDOWS\system32\OpcEnum.exe" = C:\WINDOWS\system32\OpcEnum.exe:*:Enabled:OPCEnum.exe -- (OPC Foundation)
"C:\Program Files\Common Files\Rockwell\RnaAeServer.exe" = C:\Program Files\Common Files\Rockwell\RnaAeServer.exe:*:Enabled:RnaAeServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe:*:Enabled:RnaAlarmMux.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe:*:Enabled:RnaAlarmDetector.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE" = C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE:*:Enabled:RSLinx.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe" = C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe:*:Enabled:OPCTest.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\countermonitor.exe" = C:\Program Files\Common Files\Rockwell\countermonitor.exe:*:Enabled:CounterMonitor.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe:*:Enabled:RSLinxNG.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe:*:Enabled:RSLinxShortcutAOA.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe" = C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe:*:Enabled:AlmProxyCli Module (D) -- (Rockwell Automation, Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe" = C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe:*:Enabled:EventClientMultiplexer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RsvcHost.exe" = C:\Program Files\Common Files\Rockwell\RsvcHost.exe:*:Enabled:RsvcHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RdcyHost.exe" = C:\Program Files\Common Files\Rockwell\RdcyHost.exe:*:Enabled:RdcyHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\NmspHost.exe" = C:\Program Files\Common Files\Rockwell\NmspHost.exe:*:Enabled:NmspHost.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaDirServer.exe" = C:\Program Files\Common Files\Rockwell\RnaDirServer.exe:*:Enabled:RnaDirServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\EventServer.exe" = C:\Program Files\Common Files\Rockwell\EventServer.exe:*:Enabled:EventServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\DaClient.exe" = C:\Program Files\Common Files\Rockwell\DaClient.exe:*:Enabled:DaClient.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe" = C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe:*:Enabled:RnaDiagReceiver.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe" = C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe:*:Enabled:RnaDiagnosticsSrv.exe -- (Rockwell Automation Inc.)
"C:\Program Files\Common Files\Rockwell\VStudio.exe" = C:\Program Files\Common Files\Rockwell\VStudio.exe:*:Enabled:VStudio.exe -- (Rockwell Automation, Inc.)
"C:\WINDOWS\system32\OpcEnum.exe" = C:\WINDOWS\system32\OpcEnum.exe:*:Enabled:OPCEnum.exe -- (OPC Foundation)
"C:\Program Files\Common Files\Rockwell\RnaAeServer.exe" = C:\Program Files\Common Files\Rockwell\RnaAeServer.exe:*:Enabled:RnaAeServer.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe:*:Enabled:RnaAlarmMux.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe" = C:\Program Files\Common Files\Rockwell\RnaAlarmDetector.exe:*:Enabled:RnaAlarmDetector.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe" = C:\Program Files\Rockwell Software\RSView Enterprise\AlmMpx.exe:*:Enabled:AlmProxyCli Module (D) -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE" = C:\Program Files\Rockwell Software\RSLINX\RSLINX.EXE:*:Enabled:RSLinx.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe" = C:\Program Files\Rockwell Software\OPCTools\OPCTest\opctest.exe:*:Enabled:OPCTest.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Common Files\Rockwell\countermonitor.exe" = C:\Program Files\Common Files\Rockwell\countermonitor.exe:*:Enabled:CounterMonitor.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe:*:Enabled:RSLinxNG.exe -- (Rockwell Automation, Inc.)
"C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe" = C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe:*:Enabled:RSLinxShortcutAOA.exe -- (Rockwell Automation, Inc.)
"F:\driver\usb\–Ľ—Ś‘†Íš" = F:\driver\usb\–Ľ—Ś‘†Íš:*:Enabled:Microsoft Windows RPC Helper
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22BD07BC-E8DF-44F7-9B10-7E644ADCE981}" = RSLinx Enterprise 5.17.00 (CPR 9 SR 1)
"{32FF6F27-37C3-46E9-B39E-56CD420415D1}" = FactoryTalk® View Site Edition 5.00.00 (CPR 9)
"{34540622-805E-4CC7-98CF-65A43E99CF4D}" = RSLinx Classic 2.54.00 CPR 9 SR 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36A7B196-8D70-48A5-8FF3-7B836273FD4C}" = Rockwell Windows Firewall Configuration Utility 1.00.03
"{3DB7C2BB-A717-4093-BA3E-3495E899E2DB}" = FactoryTalk Services Platform 2.10 (CPR 9 SR 1)
"{4E8B84D4-778C-4DE6-8CBC-2586D438D295}" = Rockwell Automation USB CIP Driver Package
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{807C556A-63E3-4CB6-8B11-04AFC14BC8F9}" = FactoryTalk Activation Client v3.00.00 (CPR 9)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{93279896-AA2E-4BF3-9FAD-77FCE6E316A6}" = FactoryTalk Alarms and Events 2.10.00 (CPR 9)
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"AVG9Uninstall" = AVG 9.0
"HASP Device Drivers" = HASP Device Drivers
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"RSView Studio" = RSView Supervisory Edition 5.00.00.55 (CPR 9)
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR archivátor
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IntelliAdmin_NetworkAdministrator33" = IntelliAdmin Network Administrator - Remove
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3. 6. 2010 3:39:44 | Computer Name = REZERVA | Source = AutoEnrollment | ID = 15
Description = Automatickej registrácii certifikátu lokálny systém sa nepodarilo
spojiť so službou Active Directory (0x8007054b). Zadaná doména neexistuje, alebo
sa na ňu nedá pripojiť. Registrácia sa nevykoná.
Error - 3. 6. 2010 3:41:16 | Computer Name = REZERVA | Source = Userenv | ID = 1053
Description = Systém Windows nemôže zistiť názov používateľa alebo počítača. (Zadaná
doména neexistuje, alebo sa na ňu nedá pripojiť. ). Spracovanie politiky skupiny
bolo prerušené.
Error - 3. 6. 2010 4:03:58 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie , verzia 0.0.0.0, zlyhanie modulu unknown, verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 10. 6. 2010 7:47:41 | Computer Name = REZERVA | Source = Application Error | ID = 1004
Description = Zlyhanie aplikácie svchost.exe, verzia 0.0.0.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.
Error - 10. 6. 2010 10:14:09 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x6fe217c2.
Error - 16. 6. 2010 4:17:31 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie , verzia 0.0.0.0, zlyhanie modulu unknown, verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 16. 6. 2010 6:59:41 | Computer Name = REZERVA | Source = Application Error | ID = 1004
Description = Zlyhanie aplikácie svchost.exe, verzia 0.0.0.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.
Error - 16. 6. 2010 7:41:22 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
AcGenral.dll, verzia 5.1.2600.5512, adresa zlyhania 0x000116e2.
Error - 18. 6. 2010 4:27:59 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
AcGenral.dll, verzia 5.1.2600.5512, adresa zlyhania 0x000116e2.
Error - 20. 6. 2010 17:59:07 | Computer Name = REZERVA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x6fe217c2.
[ FTDiag Events ]
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7M\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7M\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7L\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7L\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7K\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7K\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7J\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:09:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:09:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Failed to resolve item's
ID 'PEC\40221SS7J\O_Eng' because it does not exist on any serv
Error - 21. 6. 2010 2:12:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:12:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Loss of service. The
server RNA://$Local/Zeriav_TAP_SE:Zeriav_TAP_SE on computer REZERVA is not loade
Error - 21. 6. 2010 2:12:57 | Computer Name = REZERVA | Source = FactoryTalk Service | ID = 33489897
Description = Logged Date: 06:12:57 Monday, June 21, 2010 Location: REZERVA Provider:
FactoryTalk Service Username: CEMMAC\REZERVA$ Verbosity: 0 Out of service. The
server RNA://$Local/Zeriav_TAP_SE:Zeriav_TAP_SE is not currently available on any
compute
[ OSession Events ]
Error - 16. 4. 2009 10:59:55 | Computer Name = REZERVA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 806
seconds with 720 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20. 6. 2010 16:37:34 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:46:59 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7023
Description = Služba Windows Firewall/Internet Connection Sharing (ICS) bola ukončená
s nasledujúcou chybou: %%5
Error - 21. 6. 2010 1:54:53 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:56:49 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby A-B Virtual Backplane zlyhalo kvôli nasledujúcej
chybe: %%2
Error - 21. 6. 2010 1:56:49 | Computer Name = REZERVA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby A-B Virtual Backplane zlyhalo kvôli nasledujúcej
chybe: %%2
Error - 21. 6. 2010 1:57:38 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:57:38 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:58:25 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:58:25 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
Error - 21. 6. 2010 1:59:13 | Computer Name = REZERVA | Source = DCOM | ID = 10020
Description = Popisovač zabezpečenia Predvolená Spustenie a aktivácia vzťahujúci
sa na počítač je neplatný. Obsahuje položky riadenia prístupu s povoleniami, ktoré
nie sú platné. Požadovaná akcia sa z tohto dôvodu nevykonala. Toto povolenie zabezpečenia
možno opraviť pomocou nástroja na správu Component Services.
< End of report >
- 1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Generic Host Process for Win32 Services
C:\WINDOWS\system32\rtdsk40.exe otestujte na VIRUSTOTALu
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
Cemmac.HMI tuto doménu znáte?
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
