You are on page 1of 13

Logfile created: 10/30/2010 10:05:24

Ad-Aware version: 8.3.3


Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Emperor
*********************** Definitions database information ***********************
Lavasoft definition file: 150.97
Genotype definition file version: Unknown
Extended engine definition file: 6910.0
******************************** Scan results: *********************************
Scan profile name: Smart Scan (ID: smart)
Objects scanned: 43881
Objects detected: 103

Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 5
Folders.........: 0
LSPs............: 0
Cookies.........: 98
Browser hijacks.: 0
MRU objects.....: 0

Removed items:
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID:
408943 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Succ
ess Item ID: 409172 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409218 Family ID: 0
Description: *addynamix* Family Name: Cookies Engine: 1 Clean status: Success It
em ID: 409026 Family ID: 0
Description: *.bridgetrack* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 409095 Family ID: 0
Description: *pointroll* Family Name: Cookies Engine: 1 Clean status: Success It
em ID: 408826 Family ID: 0
Description: *ads.pointroll* Family Name: Cookies Engine: 1 Clean status: Succes
s Item ID: 408927 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Ite
m ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409020 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409018 Family ID: 0
Description: *adultfriendfinder* Family Name: Cookies Engine: 1 Clean status: Su
ccess Item ID: 409164 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Ite
m ID: 408918 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 409017 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item I
D: 408910 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Succe
ss Item ID: 408902 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 409130 Family ID: 0
Description: *casalemedia* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 409152 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Succes
s Item ID: 408807 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 408875 Family ID: 0
Description: *gamers* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409301 Family ID: 0
Description: *fastclick* Family Name: Cookies Engine: 1 Clean status: Success It
em ID: 408869 Family ID: 0
Description: *gostats* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 408859 Family ID: 0
Description: *webads* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 408780 Family ID: 0
Description: *kontera* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409363 Family ID: 0
Description: *linksynergy* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 408845 Family ID: 0
Description: *inksynergy* Family Name: Cookies Engine: 1 Clean status: Success I
tem ID: 408995 Family ID: 0
Description: *webtrends* Family Name: Cookies Engine: 1 Clean status: Success It
em ID: 599640 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success It
em ID: 408991 Family ID: 0
Description: *mrskin* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409189 Family ID: 0
Description: *overture* Family Name: Cookies Engine: 1 Clean status: Success Ite
m ID: 408834 Family ID: 0
Description: *partypoker* Family Name: Cookies Engine: 1 Clean status: Success I
tem ID: 409141 Family ID: 0
Description: *real* Family Name: Cookies Engine: 1 Clean status: Success Item ID
: 408817 Family ID: 0
Description: *searchportal.information* Family Name: Cookies Engine: 1 Clean sta
tus: Success Item ID: 409134 Family ID: 0
Description: *revenue* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409138 Family ID: 0
Description: *spylog* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 408970 Family ID: 0
Description: *statcounter* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 409185 Family ID: 0
Description: *statse.webtrends* Family Name: Cookies Engine: 1 Clean status: Suc
cess Item ID: 408803 Family ID: 0
Description: *webtrendslive* Family Name: Cookies Engine: 1 Clean status: Succes
s Item ID: 408954 Family ID: 0
Description: *.webtrendslive* Family Name: Cookies Engine: 1 Clean status: Succe
ss Item ID: 409033 Family ID: 0
Description: *statse.webtrendslive* Family Name: Cookies Engine: 1 Clean status:
Success Item ID: 409269 Family ID: 0
Description: *tacoda* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409123 Family ID: 0
Description: *trafic* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409119 Family ID: 0
Description: *tribalfusion* Family Name: Cookies Engine: 1 Clean status: Success
Item ID: 408785 Family ID: 0
Description: *adbureau* Family Name: Cookies Engine: 1 Clean status: Success Ite
m ID: 409027 Family ID: 0
Description: www.new* Family Name: Cookies Engine: 1 Clean status: Success Item
ID: 409109 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item I
D: 408873 Family ID: 0
Description: zedo* Family Name: Cookies Engine: 1 Clean status: Success Item ID:
408736 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID:
408943 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Fail
ed Item ID: 409172 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 409218 Family ID: 0
Description: *addynamix* Family Name: Cookies Engine: 1 Clean status: Failed Ite
m ID: 409026 Family ID: 0
Description: *.bridgetrack* Family Name: Cookies Engine: 1 Clean status: Failed
Item ID: 409095 Family ID: 0
Description: *pointroll* Family Name: Cookies Engine: 1 Clean status: Failed Ite
m ID: 408826 Family ID: 0
Description: *ads.pointroll* Family Name: Cookies Engine: 1 Clean status: Failed
Item ID: 408927 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 409020 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409018 Family ID: 0
Description: *adultfriendfinder* Family Name: Cookies Engine: 1 Clean status: Fa
iled Item ID: 409164 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 408918 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 409017 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Failed Item ID
: 408910 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Faile
d Item ID: 408902 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 409130 Family ID: 0
Description: *casalemedia* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 409152 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Failed
Item ID: 408807 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 408875 Family ID: 0
Description: *gamers* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409301 Family ID: 0
Description: *fastclick* Family Name: Cookies Engine: 1 Clean status: Failed Ite
m ID: 408869 Family ID: 0
Description: *gostats* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 408859 Family ID: 0
Description: *webads* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 408780 Family ID: 0
Description: *kontera* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 409363 Family ID: 0
Description: *linksynergy* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 408845 Family ID: 0
Description: *inksynergy* Family Name: Cookies Engine: 1 Clean status: Failed It
em ID: 408995 Family ID: 0
Description: *webtrends* Family Name: Cookies Engine: 1 Clean status: Failed Ite
m ID: 599640 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Failed Ite
m ID: 408991 Family ID: 0
Description: *mrskin* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409189 Family ID: 0
Description: *overture* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 408834 Family ID: 0
Description: *partypoker* Family Name: Cookies Engine: 1 Clean status: Failed It
em ID: 409141 Family ID: 0
Description: *real* Family Name: Cookies Engine: 1 Clean status: Failed Item ID:
408817 Family ID: 0
Description: *searchportal.information* Family Name: Cookies Engine: 1 Clean sta
tus: Failed Item ID: 409134 Family ID: 0
Description: *revenue* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 409138 Family ID: 0
Description: *spylog* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 408970 Family ID: 0
Description: *statcounter* Family Name: Cookies Engine: 1 Clean status: Failed I
tem ID: 409185 Family ID: 0
Description: *statse.webtrends* Family Name: Cookies Engine: 1 Clean status: Fai
led Item ID: 408803 Family ID: 0
Description: *webtrendslive* Family Name: Cookies Engine: 1 Clean status: Failed
Item ID: 408954 Family ID: 0
Description: *.webtrendslive* Family Name: Cookies Engine: 1 Clean status: Faile
d Item ID: 409033 Family ID: 0
Description: *statse.webtrendslive* Family Name: Cookies Engine: 1 Clean status:
Failed Item ID: 409269 Family ID: 0
Description: *tacoda* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409123 Family ID: 0
Description: *trafic* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409119 Family ID: 0
Description: *tribalfusion* Family Name: Cookies Engine: 1 Clean status: Failed
Item ID: 408785 Family ID: 0
Description: *adbureau* Family Name: Cookies Engine: 1 Clean status: Failed Item
ID: 409027 Family ID: 0
Description: www.new* Family Name: Cookies Engine: 1 Clean status: Failed Item I
D: 409109 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Failed Item ID
: 408873 Family ID: 0
Description: zedo* Family Name: Cookies Engine: 1 Clean status: Failed Item ID:
408736 Family ID: 0
Quarantined items:
Description: c:\users\emperor\appdata\roaming\thinstall\microsoft office enterpr
ise 2007\300000007300002h\powerpnt.exe Family Name: Trojan.Win32.Generic!BT Engi
ne: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: d508994efc8a554e64ac7bf
2ff8b6d5f
Description: c:\users\emperor\desktop\games\family restaurant\family_restaurant\
family restaurant\family restaurant.exe Family Name: Trojan.Win32.Generic!BT Eng
ine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: a967244461475c2e16cabb
8a2caa2eda
Description: c:\users\emperor\documents\downloads\compressed\idm 6.02\jamu\patch
.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item I
D: 1 Family ID: 0 MD5: e2e8dd0dc219b99bb666a185ea410a08
Description: c:\users\emperor\documents\downloads\compressed\mouse usil\system.e
xe Family Name: Win32.BadJoke.BadJoke Engine: 1 Clean status: Success Item ID: 0
Family ID: 531807 MD5: 55500070ade5fed7ce8637bc6fccd068
Description: c:\users\emperor\documents\downloads\compressed\nis 2011\norton int
ernet security 2011_mak\ntr2011-v1.7\ntr2010-v1.7.exe Family Name: Trojan.Win32.
Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 20c217db
1e103aa4cf2bbf793fbf77e7
Scan and cleaning complete: Finished correctly after 946 seconds
*********************************** Settings ***********************************
Scan profile:
ID: smart, enabled:1, value: Smart Scan
ID: folderstoscan, enabled:1, value:
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: false
ID: onlyexecutables, enabled:1, value: true
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,sile
ntly
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,download
andinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,do
wnloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sat Oct 30 08:12:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems
tart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sat Oct 30 14:12:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems
tart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sat Oct 30 20:12:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems
tart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sat Oct 30 02:12:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systems
tart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Oct 30 08:12:00 2010
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,system
start,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTW
ARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\L
avasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,
onlyimportant
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: false
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true

****************************** System information ******************************


Computer name: EMPEROR
Processor name: AMD Turion(tm) X2 Dual-Core Mobile RM-75
Processor identifier: x86 Family 17 Model 3 Stepping 1
Processor speed: ~2200MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 17, process
or revision 769, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,
3DNow]
Physical memory available: 1345568768 bytes
Physical memory total: 2950516736 bytes
Virtual memory available: 1862991872 bytes
Virtual memory total: 2147352576 bytes
Memory load: 54%
Microsoft (build 7600)
Windows startup mode:
Running processes:
PID: 312 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 412 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 488 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORIT
Y
PID: 500 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 544 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORI
TY
PID: 588 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT AUTHORI
TY
PID: 604 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 612 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT AUTHORITY
PID: 720 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORIT
Y
PID: 816 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT
AUTHORITY
PID: 912 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT A
UTHORITY
PID: 968 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORIT
Y
PID: 992 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORIT
Y
PID: 1172 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT
AUTHORITY
PID: 1348 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: N
T AUTHORITY
PID: 1472 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM
domain: NT AUTHORITY
PID: 1588 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT AUTHORI
TY
PID: 1620 name: C:\Program Files\Avira\AntiVir Desktop\sched.exe owner: SYSTEM d
omain: NT AUTHORITY
PID: 1640 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT
AUTHORITY
PID: 1740 name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM
domain: NT AUTHORITY
PID: 1792 name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleM
obileDeviceService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1812 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain:
NT AUTHORITY
PID: 1856 name: C:\Windows\System32\ChgService.exe owner: SYSTEM domain: NT AUTH
ORITY
PID: 1948 name: C:\Program Files\Borland\InterBase\bin\ibguard.exe owner: SYSTEM
domain: NT AUTHORITY
PID: 1976 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYST
EM domain: NT AUTHORITY
PID: 2008 name: C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlserv
r.exe owner: NETWORK SERVICE domain: NT AUTHORITY
PID: 2032 name: C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe owner: SY
STEM domain: NT AUTHORITY
PID: 324 name: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
owner: SYSTEM domain: NT AUTHORITY
PID: 416 name: C:\Program Files\Netop\Netop Remote Control\Host\NHOSTSVC.EXE own
er: SYSTEM domain: NT AUTHORITY
PID: 656 name: C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
owner: SYSTEM domain: NT AUTHORITY
PID: 1260 name: C:\Program Files\CyberLink\Shared files\RichVideo.exe owner: SYS
TEM domain: NT AUTHORITY
PID: 1316 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT
AUTHORITY
PID: 668 name: C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.e
xe owner: SYSTEM domain: NT AUTHORITY
PID: 2076 name: C:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk.exe owner:
SYSTEM domain: NT AUTHORITY
PID: 2164 name: C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe owner:
SYSTEM domain: NT AUTHORITY
PID: 2436 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT A
UTHORITY
PID: 2540 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT A
UTHORITY
PID: 2708 name: C:\Program Files\Borland\InterBase\bin\ibserver.exe owner: SYSTE
M domain: NT AUTHORITY
PID: 2916 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORI
TY
PID: 2956 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: N
T AUTHORITY
PID: 3252 name: C:\Windows\System32\dwm.exe owner: Emperor domain: EMPEROR
PID: 3260 name: C:\Windows\explorer.exe owner: Emperor domain: EMPEROR
PID: 3412 name: C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
owner: Emperor domain: EMPEROR
PID: 3572 name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe owner: Emperor
domain: EMPEROR
PID: 3644 name: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe own
er: Emperor domain: EMPEROR
PID: 3712 name: C:\Program Files\CyberLink\Shared files\brs.exe owner: Emperor d
omain: EMPEROR
PID: 3720 name: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe owner: Emperor
domain: EMPEROR
PID: 3736 name: C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe owner: Emp
eror domain: EMPEROR
PID: 3764 name: C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe owner: E
mperor domain: EMPEROR
PID: 3788 name: C:\Program Files\Classic PhoneTools\capFax.exe owner: Emperor do
main: EMPEROR
PID: 3796 name: C:\Windows\System32\spool\drivers\w32x86\3\E_FATIAAP.EXE owner:
Emperor domain: EMPEROR
PID: 3852 name: C:\Program Files\iolo\Search and Recover 2\DiskImageService.exe
owner: Emperor domain: EMPEROR
PID: 3860 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: Emperor doma
in: EMPEROR
PID: 3972 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: NETWORK SERVICE dom
ain: NT AUTHORITY
PID: 4032 name: C:\Program Files\DAEMON Tools Lite\DTLite.exe owner: Emperor dom
ain: EMPEROR
PID: 1444 name: C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.
exe owner: Emperor domain: EMPEROR
PID: 3016 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT A
UTHORITY
PID: 4424 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Emperor do
main: EMPEROR
PID: 4672 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT
AUTHORITY
PID: 3956 name: C:\Program Files\Internet Download Manager\IDMan.exe owner: Empe
ror domain: EMPEROR
PID: 4876 name: C:\Program Files\Internet Download Manager\IEMonitor.exe owner:
Emperor domain: EMPEROR
PID: 5048 name: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe owner: Empe
ror domain: EMPEROR
PID: 5856 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT
AUTHORITY
PID: 4596 name: C:\Users\Emperor\Documents\Downloads\Programs\hjsplit.exe owner:
Emperor domain: EMPEROR
PID: 4480 name: C:\Windows\System32\taskhost.exe owner: Emperor domain: EMPEROR
PID: 5500 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Emperor d
omain: EMPEROR
Startup items:
Name: avgnt
imagepath: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
Name: GrooveMonitor
imagepath: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.e
xe"
Name: AdobeCS4ServiceManager
imagepath: "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4S
erviceManager.exe" -launchedbylogin
Name: BDRegion
imagepath: C:\Program Files\Cyberlink\Shared Files\brs.exe
Name: RemoteControl
imagepath: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
Name: LanguageShortcut
imagepath: "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
Name: OpwareSE4
imagepath: "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startu
p\desktop.ini
Name:
location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
\TabUserW.exe.lnk
imagepath: C:\Windows\System32\Wtablet\TabUserW.exe
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: AeLookupSvc
displayname: Application Experience
Name: AntiVirSchedulerService
displayname: Avira AntiVir Scheduler
Name: AntiVirService
displayname: Avira AntiVir Guard
Name: Apple Mobile Device
displayname: Apple Mobile Device
Name: AudioEndpointBuilder
displayname: Windows Audio Endpoint Builder
Name: Audiosrv
displayname: Windows Audio
Name: BFE
displayname: Base Filtering Engine
Name: BITS
displayname: Background Intelligent Transfer Service
Name: Bonjour Service
displayname: Bonjour Service
Name: Browser
displayname: Computer Browser
Name: Change Modem Device Service
displayname: Change Modem Device Service
Name: CryptSvc
displayname: Cryptographic Services
Name: CscService
displayname: Offline Files
Name: DcomLaunch
displayname: DCOM Server Process Launcher
Name: Dhcp
displayname: DHCP Client
Name: Dnscache
displayname: DNS Client
Name: DPS
displayname: Diagnostic Policy Service
Name: EapHost
displayname: Extensible Authentication Protocol
Name: eventlog
displayname: Windows Event Log
Name: EventSystem
displayname: COM+ Event System
Name: fdPHost
displayname: Function Discovery Provider Host
Name: gpsvc
displayname: Group Policy Client
Name: IKEEXT
displayname: IKE and AuthIP IPsec Keying Modules
Name: InterBaseGuardian
displayname: InterBase Guardian
Name: InterBaseServer
displayname: InterBase Server
Name: iphlpsvc
displayname: IP Helper
Name: KeyIso
displayname: CNG Key Isolation
Name: LanmanServer
displayname: Server
Name: LanmanWorkstation
displayname: Workstation
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: lmhosts
displayname: TCP/IP NetBIOS Helper
Name: MMCSS
displayname: Multimedia Class Scheduler
Name: MpsSvc
displayname: Windows Firewall
Name: MSSQL$SQLEXPRESS
displayname: SQL Server (SQLEXPRESS)
Name: MySQL
displayname: MySQL
Name: Nero BackItUp Scheduler 4.0
displayname: Nero BackItUp Scheduler 4.0
Name: Netman
displayname: Network Connections
Name: NetOp Host for NT Service
displayname: NetOp Helper ver. 9.50 (2009348)
Name: netprofm
displayname: Network List Service
Name: NlaSvc
displayname: Network Location Awareness
Name: nsi
displayname: Network Store Interface Service
Name: OMSI download service
displayname: Sony Ericsson OMSI download service
Name: p2pimsvc
displayname: Peer Networking Identity Manager
Name: PcaSvc
displayname: Program Compatibility Assistant Service
Name: PlugPlay
displayname: Plug and Play
Name: PNRPsvc
displayname: Peer Name Resolution Protocol
Name: PolicyAgent
displayname: IPsec Policy Agent
Name: Power
displayname: Power
Name: ProfSvc
displayname: User Profile Service
Name: RasMan
displayname: Remote Access Connection Manager
Name: RichVideo
displayname: Cyberlink RichVideo Service(CRVS)
Name: RpcEptMapper
displayname: RPC Endpoint Mapper
Name: RpcSs
displayname: Remote Procedure Call (RPC)
Name: SamSs
displayname: Security Accounts Manager
Name: Schedule
displayname: Task Scheduler
Name: SENS
displayname: System Event Notification Service
Name: ShellHWDetection
displayname: Shell Hardware Detection
Name: Spooler
displayname: Print Spooler
Name: SSDPSRV
displayname: SSDP Discovery
Name: SstpSvc
displayname: Secure Socket Tunneling Protocol Service
Name: StiSvc
displayname: Windows Image Acquisition (WIA)
Name: SysMain
displayname: Superfetch
Name: TapiSrv
displayname: Telephony
Name: Themes
displayname: Themes
Name: TrkWks
displayname: Distributed Link Tracking Client
Name: TuneUp.UtilitiesSvc
displayname: TuneUp Utilities Service
Name: UDisk Monitor
displayname: UDisk Monitor
Name: upnphost
displayname: UPnP Device Host
Name: UxSms
displayname: Desktop Window Manager Session Manager
Name: UxTuneUp
displayname: TuneUp Theme Extension
Name: wcncsvc
displayname: Windows Connect Now - Config Registrar
Name: WdiServiceHost
displayname: Diagnostic Service Host
Name: WdiSystemHost
displayname: Diagnostic System Host
Name: WinDefend
displayname: Windows Defender
Name: Winmgmt
displayname: Windows Management Instrumentation
Name: Wlansvc
displayname: WLAN AutoConfig
Name: wscsvc
displayname: Security Center
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: YahooAUService
displayname: Yahoo! Updater