Search the Community

Showing results for tags 'false Positive'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Lavasoft - Announcements (Read only)
    • Announcements
  • Product Support
    • adaware antivirus 12
    • Ad-Aware 11
    • adaware ad block & web protection
    • Ad-Aware Web Companion
    • General support
    • Old versions and other Lavasoft products
  • Request a Feature
    • adaware antivirus
    • adaware ad block
  • Malware Removal Help
    • Help with Stubborn Infections
    • Malware Uploads
  • False Positives
    • Report a False Positive
  • Beta Testing
    • Ad-Aware 12 Beta Testing
  • FAQ's
  • Archived Topics
    • Archives: Resolved/Inactive Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 28 results

  1. I have created a program that makes a thing in a game easier (not cheating nor hacking), the problem is that it is detected as a virus and trojan, even tho it is an false positive you can see the project here: https://github.com/kres0345/RGL-emailcode You can see here an scanning on NoDistribute.com the program is classified as a virus after it is compiled into an executable: scanning of the python file: http://nodistribute.com/result/a3AMP4gNDUhrYu5Q0 scanning of the compiled file: http://nodistribute.com/result/Cz3Xd2M9pgTQtn5rmUVKyIOjY I used Pyinstaller to compile the program. Aftermath: People think I am looking to infect them when it is classified as a virus. And one-time bad reputation all ways bad reputation compressed exe file: password: infected link: https://www.mediafire.com/file/msbsy221cg4vifg/rglemail.zip
  2. This program is a video subtitle editing software, but the file SayaSub2.exe is incorrectly identified as virus Gen:Variant.Graftor.386772 by Adaware. Filename: SayaSub2.exe Version: 2.2.2.3248 Website: http://www.sayatoosoft.com Package Download link: http://cache.sayatoosoft.com/setup/sayasub2.2.2.3248.exe
  3. Greetings! I'm testing Adaware, starting with the free version (12.0.649.11190, running on Windows 10 Pro v 1607 - I've not updated to the "Creators'" version yet), to see if it'll be suitable for my purposes, as I run a number of cryptocurrency miners and practically everyone that makes anti-malware software treats a miner as a trojan. So, exclusions are the name of the game. However, Adaware's automated scans seem to ignore exclusions. This is a problem. A big, big problem. I've had Adaware destroy the miner on my testbed system twice now, both times thanks to an automated scan auto-firing overnight and despite having the miner's path clearly listed in the "paths excluded" list. I have since disabled automatic scanning, in order to see if this is a suitable workaround that corrects the behavior. If the miner gets removed a third time, Adaware will be removed immediately after and I'll move on to test something else until I find a product that's well-behaved enough within the context of my usage conditions to justify my money. Is this behavior intended? If so, who thought it was a smart idea to have automatic scans ignore exclusions? Doesn't that defeat the entire point and purpose of having exclusions in the first place?
  4. Hello, The installer of our SIEM server is being reported as having the Trojan.Zmutzy.802 Trojan. How can I get this resolved? It does not appear that Ad-Aware is hitting on any of the files in our installer but the installer itself. This is a common self extracting winzip file. Link to file to be downloaded, https://correlog.com/Download/co-5-6-3.exe Can anyone assist? Thank you, Michael Correlog Inc. www.correlog.com
  5. A forum member reports that Ad-Aware blocked OTC, OldTimer's Clean-It, during execution. Download link: http://oldtimer.geekstogo.com/OTC.exe Report: http://www.lavasoftsupport.com/index.php?/topic/34494-trouble-with-malware/#entry150349 The file isn't detected by Ad-Aware on Virustotal: https://virustotal.com/en/file/29e515e04aef49b26a3b7066775798882b69dc0a3d719ee2808d2e91b3aa4936/analysis/1459851519/
  6. Dear Team, When we install our Ad blocking Software, then your product detects three sub-files WFPInstaller.exe ADS_Service.exe ADS_Installer.exe called during the execution as Infected process. We can assure you that the file is compliant with market standards and it does not perform any suspicious operations. The file has been tested extensively and it does not harm a end user at any point of time. I am sharing the standalone version of the file for your reference. The marked file can be downloaded from : https://adstopper.com/7-day-trial-download/?ads_source=landing-page&ads_conversion=y Can you please fix this false detection as it is hurting us a lot. Please do let us know if you need any other details.
  7. http://el.lichess.org/ blocked = unable to play and continuuous disconnection. When i stop Ad aware Pro security then works fine again.
  8. My ad-aware are detecting the uTorrent as a Malware. How can i put this program as positive
  9. Hello Some Remote Utilities files are detected as: Trojan.Generic.12415423 The files are enclosed. Remote Utilities is legitimate remote desktop software available here www.remoteutilities.com. Please, take appropriate measure to remove the detection. There is no log because we didn't install your software. The data is taken from today's VirusTotal.com run/report. There are two files being detected: 1. http://www.remoteutilities.com/download/viewer6.0en.msi 2. The attached one. Thanks. Conrad rutview.zip
  10. I have a personal .exe program that I use only on my computers and it keeps getting deleted or even when excluded it is stopped from running. Also ad-aware keeps removing it from all my usb drives when I try to back it up. How can i fix this? It's a database program for my work and this is a real problem.
  11. Hello, We discovered another possibly suspicious URL: sys.refocus.ru/f1.tyx, which we also consider to be a false positive. sys.refocus.ru/f1.tyx is generated as iframe and dynamically inserted on a webpage by sys.refocus.ru/ra.js script, which we already sent to you for analysis. Within this iframe we have another iframe http://sys.refocus.ru:7070/f2.tyx, [^] and our partner resource is loaded inside the second iframe ‘f2.tyx’. In this moment you can find such behavior only on http://anas.kg[^] website (hardcoded only for this website) <iframe> <iframe> Here goes partner resources </iframe> </iframe> Currently we cooperate only with aidata.me, but we are also going to cooperate with others like bluekai, visualdna, etc. Partners just collect audience statistics in order to conduct more precise advertisement campaigns. Here is code provided by aidata that is inserted inside the second iframe. <img height="1px" width="1px" alt="" src="http://advombat.ru/0.gif?pid=&id="[^] style="display: none !important;"> Feel free to contact me, if you require any further information Best Regards, Alekander, Solid Media LLC
  12. Hi, When we try to download the software "StormAlertsSetup: from 'i.allfreeapps.net/inst/cdn/StormAlerts/StormAlertsSetup.exe', Ad-Aware version 11 blocks the access to this site. It says " Ad-Aware" has deemed this page as Dangerous and has blocked the access to this site. The software does not contain any malicious code or perform any malicious activity. Request you to re-asses this detection.
  13. When I decided to replace my AVG antivirus with Ad-Aware, I uninstalled AVG, downloaded the Ad-Aware version 11.1.5354 install, adawaresetup.exe, to my download folder and installed Ad-Aware. That was about a week ago. Ad-Aware is now informing me that it has quarantined adawaresetup.exe because it is potentially harmful. I don't like that it doesn't tell me what is potentially harmful about adawaresetup.exe, but at least it allows me to Restore the quaratined file. How do I discover what Ad-Aware found in adawaresetup.exe? Should I Restore the adawaresetup.exe?
  14. Indapass.hu is the hungarian single-sign-on system of the largest social sites in Hungary (blog.hu, indafoto.hu, indavideo.hu, indamail.hu, forum.index.hu etc). Because we operate on different domains, we check our users loggedin status by redirecting every pageview through daemon.indapass.hu. That subdomain was detected by Ad-Aware as malicious - and it is a false positive. The daemons subdomain is totally harmless but its needed for tens of millions of pageviews per day. Here is the error message: And here is a typical URL: http://daemon.indapass.hu/http/session_request?redirect_to=http%3A%2F%2Fforum.index.hu%2FArticle%2FshowArticle%3Ft%3D9029418%26la%3D104273441&partner_id=forum Please reexamine the URL and put it on the whitelist. Questions are welcome, thank you in advance.
  15. Hi i am the webmaster of NetScop.Net adaware is detecting false positive our new software NetScopVPN it detects this: Trojan.Win32.Generic.pak!cobra you can download it from http://netscop01.com/NetScopVPN.exe when installing it detects the main executable file as infected please if you could correct that it is very annoing to my customers. i have tested it with avast and kaspersky and it is fine. in the waiting best thanks.
  16. I'm getting a false positive from http://learningwebconnect.homeftp.org and from http://learningwebconnect.homeftp.org/apl_camera_club/ which is a sub-directory of the main domain. Its an "educational" domain and the website of our town's library camera club.
  17. Hello, I have a program installed that is detected (correctly) as a hacktool. When I load the program, without fail, Ad Aware quanrentines it, rending the program inoperable. I then have to disable the real time protection and restore the file. I have tried adding the file to the ignore list, to no avail. Even on the list, it closes the program when I open it unless real time protection is disabled. I can't put this in the false positive thread because technically its not a false positive, but it is not a hacktool that is a threat to me. How do I get Ad Aware to truly leave my .dll alone?
  18. Since yesterday it detectes the file aeexp.dll of my Antivirus as a Trojan and it sends it to quarantine, so my Antivirus is stopped, and although I select "Ignore" everytime I reboot it detectes it again so it's quite annoying. Edit: I've just uninstalled Ad-Aware in both computers.
  19. Hello.I am new to this forum but i have a small request:The website MyAnimeList.Net is concidered unsafe by the Security toolbar that i downloaded with AdAware.Now i can still proceed to the website but I'd like to report this as a false positive because many use this website and its fairly trusted and clean. Thank you for reading.
  20. This website - [url="http://jaquikarr.com/members/home"]http://jaquikarr.com/members/home[/url] - is getting caught by the "Enable Bad Web Site Blocking" feature. It shouldn't be - help please
  21. Hi, My website [url="http://somoto.net"]http://www.somoto.net [/url]was flagged by Ad-Aware 10 as being a malicious site. The site is clean, it doesn't have anything malicious on it. How can I get this false positive removed. Thank you Shauli Zacks
  22. Hi, I downloaded and installed the file from [url="http://www.mynicepicks.com/download/buffering/buffering.base.php"]http://www.mynicepicks.com/download/buffering/buffering.base.php[/url]. When the installation finishes ,then a message is being displayed by adware as 'Process blocked'. The process has been identified as 'GamePlayLabs(v)'. The file has no connection with 'GamePlayLabs(v)'. I tried to copy the scan log file as mentioned in the forum guidelines, but it contains a single line as 'ERR [2016] 2012/05/14 12:13:41: SDKController::CheckEngineState -> Engine not loaded' I have also attached the screenshot of the alert for your reference.[attachment=9362:ad-aware.jpg] Please re-investigate this issue. Thanks Sameer
  23. [color=#282828]Hi,[/color] [color=#282828]I'm Filippo and I am a technical consultant at autostima.net, which is the most important italian ecommerce sites for ebook.[/color] [color=#282828]For some reason Adaware 10 is reporting "Visiting this site may harm your computer!" when people visit us. I guarantee you that it does not and will not hurt your computer in any way whatsoever ![/color] [color=#282828]Any info you might have on the best way to correct this would be appreciated. Please let me know if you need any additional info, and thanks again for the help.[/color] [color=#282828]Thanks,[/color] Filippo.
  24. Hi, I am one of the developers at Wajam.com For some reason Ad-Aware 10 is reporting [color=#282828][font=helvetica, arial, sans-serif]"Visiting this site may harm your computer!" when people are trying to visit us.[/font][/color] We assure you that the website will not harm your computer in any way. Another issue, it seems that there is a False Positive on the Wajam application flagging it as a Adware. We have specific Terms of Service explaining what we do here: [url="http://www.wajam.com/terms"]http://www.wajam.com/terms[/url] we also have a TRUSTe certification: [url="http://clicktoverify.truste.com/pvr.php?page=validate&url=www.wajam.com&sealid=101"]http://clicktoverify.truste.com/pvr.php?page=validate&url=www.wajam.com&sealid=101[/url] Regards, The website: [url="http://www.wajam.com"]http://www.wajam.com[/url] The application is downloadable here: [url="http://www.wajam.com/download/Wajam.exe"]http://www.wajam.com...nload/Wajam.exe[/url]
  25. I had a problem submitting through the form on this site, so excuse me if I over elaborate here. I got a Bluesoleil (a Bluetooth Stack company) install CD with a Bluetooth Dongle from Veho, (I think the only one they make: "VB-5881 Micro Bluetooth Dongle") the contents of which are available at their support/download page here: [url="http://www.veho-uk.com/main/downloads.aspx"]http://www.veho-uk.c.../downloads.aspx[/url] under Drivers and Software > 1) Bluetooth Dongles > VB-5881 Micro Bluetooth Dongle > VB-5881.zip . I unarachived, clicked Autorun and selected the XP install, this creates three suspicious looking .exe's in the install folder: BlueSoleil.exe, BlueSoleil_.exe and BlueSoleil__.exe and the one w two underscores gets quarantined as Trojan. I tried to submit it here but get informed "You aren't permitted to upload this kind of file". My ESET marks it (and everything) as clean, and VirusTotal.com lists 4/43 tagging it trojan. Thanks. Log: Logfile created: 08/05/2012 00:57:38 Ad-Aware version: 9.6.0 Extended engine: 3 Extended engine version: 3.1.2770 User performing scan: Aidan *********************** Definitions database information *********************** Lavasoft definition file: 150.827 Genotype definition file version: 2012/02/13 12:34:34 Extended engine definition file: 11889.0 ******************************** Scan results: ********************************* Scan profile name: Context menu scan (ID: contextmenuscan) Objects scanned: 3 Objects detected: 1 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 1 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0 Quarantined items: Description: d:\program files\ivt corporation\bluesoleil\bluesoleil__.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e74031cde24cf2b012bdb3c2ffa3d706 Scan and cleaning complete: Finished correctly after 2 seconds *********************************** Settings *********************************** Scan profile: ID: contextmenuscan, enabled:1, value: Context menu scan ID: folderstoscan, enabled:1, value: ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: false ID: scanrunningapps, enabled:1, value: false ID: scanregistry, enabled:1, value: false ID: scanlsp, enabled:1, value: false ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: false ID: scantrackingcookies, enabled:1, value: false ID: closebrowsers, enabled:0, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: true ID: onlyexecutables, enabled:1, value: false ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: false ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: N/A Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Tue Sep 06 22:28:00 2011 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Tue Sep 06 04:28:00 2011 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Tue Sep 06 10:28:00 2011 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Tue Sep 06 16:28:00 2011 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Tue Sep 06 22:28:00 2011 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: true ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: true ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: maintainbackup, enabled:1, value: true ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: onaccessprotection, enabled:1, value: true ID: registryprotection, enabled:1, value: true ID: networkprotection, enabled:1, value: true ****************************** System information ****************************** Computer name: PRIOR Processor name: Intel® Core™2 CPU 6300 @ 1.86GHz Processor identifier: x86 Family 6 Model 15 Stepping 6 Processor speed: ~1861MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3846, number of processors 2, processor features: [MMX,SSE,SSE2] Physical memory available: 251600896 bytes Physical memory total: 2145824768 bytes Virtual memory available: 1930240000 bytes Virtual memory total: 2147352576 bytes Memory load: 88% Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 800 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY PID: 860 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY PID: 892 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY PID: 936 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY PID: 948 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY PID: 1128 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 1192 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY PID: 1288 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 1328 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 1376 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY PID: 1528 name: C:\WINDOWS\system32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 1716 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY PID: 356 name: C:\WINDOWS\system32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 620 name: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe owner: SYSTEM domain: NT AUTHORITY PID: 792 name: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY PID: 848 name: C:\WINDOWS\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 1072 name: C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe owner: SYSTEM domain: NT AUTHORITY PID: 1412 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: NT AUTHORITY PID: 1460 name: C:\WINDOWS\Explorer.EXE owner: Aidan domain: PRIOR PID: 1076 name: C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe owner: UpdatusUser domain: PRIOR PID: 1920 name: C:\WINDOWS\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 248 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 320 name: D:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe owner: SYSTEM domain: NT AUTHORITY PID: 1388 name: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE owner: SYSTEM domain: NT AUTHORITY PID: 1940 name: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe owner: SYSTEM domain: NT AUTHORITY PID: 2084 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY PID: 2372 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY PID: 3224 name: C:\Program Files\ActivBoard\ABoard.exe owner: Aidan domain: PRIOR PID: 3248 name: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe owner: Aidan domain: PRIOR PID: 3256 name: C:\Program Files\ActivBoard\AOSD.exe owner: Aidan domain: PRIOR PID: 3264 name: C:\WINDOWS\RTHDCPL.EXE owner: Aidan domain: PRIOR PID: 3324 name: C:\WINDOWS\system32\RunDLL32.exe owner: Aidan domain: PRIOR PID: 3484 name: C:\WINDOWS\system32\ctfmon.exe owner: Aidan domain: PRIOR PID: 3604 name: D:\Program Files\EXPERTool 7.14\TBPanel.exe owner: Aidan domain: PRIOR PID: 3748 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe owner: Aidan domain: PRIOR PID: 1160 name: C:\WINDOWS\system32\taskmgr.exe owner: Aidan domain: PRIOR PID: 2932 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3368 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 700 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3968 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 1660 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3908 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 4088 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 2996 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 312 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 1368 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 4012 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3212 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 764 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 1500 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 2196 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 2708 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3660 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 3396 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 4072 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 692 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 4040 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 1304 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 2604 name: D:\Documents and Settings\Aidan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe owner: Aidan domain: PRIOR PID: 2564 name: D:\Documents and Settings\Aidan\My Documents\Chrome\VB-5881\autorun.exe owner: Aidan domain: PRIOR PID: 3200 name: C:\WINDOWS\system32\msiexec.exe owner: SYSTEM domain: NT AUTHORITY PID: 216 name: D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY PID: 3440 name: D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Aidan domain: PRIOR PID: 3208 name: D:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe owner: Aidan domain: PRIOR Startup items: Name: CTFMON.EXE imagepath: C:\WINDOWS\system32\CTFMON.EXE Name: NVIDIA nTune imagepath: "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: PHIME2002ASync imagepath: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC Name: PHIME2002A imagepath: C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName Name: IMJPMIG8.1 imagepath: "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" Name: ActivBoard imagepath: C:\Program Files\ActivBoard\ABoard.exe Name: egui imagepath: "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice Name: RTHDCPL imagepath: RTHDCPL.EXE Name: APSDaemon imagepath: "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" Name: BluetoothAuthenticationAgent imagepath: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent Name: Adobe Reader Speed Launcher imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" Name: Adobe ARM imagepath: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Name: NvCplDaemon imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Name: NvMediaCenter imagepath: RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login Name: nwiz imagepath: C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet Name: iTunesHelper imagepath: "D:\Program Files\iTunes\iTunesHelper.exe" Name: SunJavaUpdateSched imagepath: "C:\Program Files\Common Files\Java\Java Update\jusched.exe" Name: amd_dc_opt imagepath: C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Browseui preloader Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Component Categories cache daemon Name: imagepath: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: Alerter displayname: Alerter Name: AudioSrv displayname: Windows Audio Name: BITS displayname: Background Intelligent Transfer Service Name: CryptSvc displayname: Cryptographic Services Name: DcomLaunch displayname: DCOM Server Process Launcher Name: Dhcp displayname: DHCP Client Name: Dnscache displayname: DNS Client Name: ekrn displayname: ESET Service Name: ERSvc displayname: Error Reporting Service Name: Eventlog displayname: Event Log Name: EventSystem displayname: COM+ Event System Name: FastUserSwitchingCompatibility displayname: Fast User Switching Compatibility Name: helpsvc displayname: Help and Support Name: JavaQuickStarterService displayname: Java Quick Starter Name: lanmanserver displayname: Server Name: lanmanworkstation displayname: Workstation Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LmHosts displayname: TCP/IP NetBIOS Helper Name: MSIServer displayname: Windows Installer Name: Net Driver HPZ12 displayname: Net Driver HPZ12 Name: Netman displayname: Network Connections Name: Nla displayname: Network Location Awareness (NLA) Name: nTuneService displayname: nTune Service Name: NVSvc displayname: NVIDIA Driver Helper Service Name: nvUpdatusService displayname: NVIDIA Update Service Daemon Name: PlugPlay displayname: Plug and Play Name: Pml Driver HPZ12 displayname: Pml Driver HPZ12 Name: PolicyAgent displayname: IPSEC Services Name: ProtectedStorage displayname: Protected Storage Name: RasMan displayname: Remote Access Connection Manager Name: RpcSs displayname: Remote Procedure Call (RPC) Name: SamSs displayname: Security Accounts Manager Name: Schedule displayname: Task Scheduler Name: seclogon displayname: Secondary Logon Name: SENS displayname: System Event Notification Name: SharedAccess displayname: Windows Firewall/Internet Connection Sharing (ICS) Name: ShellHWDetection displayname: Shell Hardware Detection Name: Spooler displayname: Print Spooler Name: srservice displayname: System Restore Service Name: SSDPSRV displayname: SSDP Discovery Service Name: stisvc displayname: Windows Image Acquisition (WIA) Name: TapiSrv displayname: Telephony Name: TermService displayname: Terminal Services Name: Themes displayname: Themes Name: TrkWks displayname: Distributed Link Tracking Client Name: UpdateCenterService displayname: Update Center Service Name: upnphost displayname: Universal Plug and Play Device Host Name: W32Time displayname: Windows Time Name: WebClient displayname: WebClient Name: winmgmt displayname: Windows Management Instrumentation Name: wlidsvc displayname: Windows Live ID Sign-in Assistant Name: wscsvc displayname: Security Center Name: wuauserv displayname: Automatic Updates Name: WudfSvc displayname: Windows Driver Foundation - User-mode Driver Framework Name: WZCSVC displayname: Wireless Zero Configuration