| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Windows Defender\MsMpEng.exe
More info about file msmpeng.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Windows Defender program. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\brsvc01a.exe
More info about file brsvc01a.exe |
Legitimate |
Item found in 2-spyware.com library
This is an essential component of Brother printer drivers. File brsvc01a.exe.exe is used to control... |
Change status |
C:\WINDOWS\system32\brss01a.exe
More info about file brss01a.exe |
Legitimate |
Item found in 2-spyware.com library
This is an essential component of Brother printer drivers. File brss01a.exe is used to control a... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
More info about file schedul2.exe |
Legitimate |
Item found in 2-spyware.com library
Acronis True Image Scheduler |
Change status |
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
More info about file avgamsvr.exe |
Legitimate |
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft products. avgamsvr.exe is legitimate. |
Change status |
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
More info about file avgupsvc.exe |
Legitimate |
Item found in 2-spyware.com library
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status |
C:\WINDOWS\system32\Brmfrmps.exe
More info about file brmfrmps.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Brother printer/scanner application. |
Change status |
C:\WINDOWS\system32\CTsvcCDA.exe
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com library
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status |
C:\Program Files\ewido anti-spyware 4.0\guard.exe
More info about file guard.exe |
Legitimate |
Item found in 2-spyware.com library
ewido Anti-malware real-time guard |
Change status |
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com library
NVIDIA related software. |
Change status |
C:\WINDOWS\System32\snmp.exe
More info about file snmp.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to SNMP Service - it is a legitimate tool, which is a part of Microsoft... |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\fxssvc.exe
More info about file fxssvc.exe |
Legitimate |
Item found in 2-spyware.com library
File fxssvc.exe stands for Microsoft Fax Service. It is a standard Windows component, designed to... |
Change status |
C:\WINDOWS\system32\devldr32.exe
More info about file devldr32.exe |
Legitimate |
Item found in 2-spyware.com library
File devldr32.exe, started by an executable with the same name, is a standard component of the... |
Change status |
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
More info about file pptd40nt.exe |
Legitimate |
Item found in 2-spyware.com library
Part of Scansoft's PaperPort scanner application. Usually located in "C:\Program... |
Change status |
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\Windows Defender\MSASCui.exe
More info about file msascui.exe |
Legitimate |
Item found in 2-spyware.com library
The file is component of Microsoft Windows Defender application. |
Change status |
| C:\Program Files\Brother\ControlCenter2\brctrcen.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
More info about file avgcc.exe |
Legitimate |
Item found in 2-spyware.com library
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status |
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
More info about file trueimagemonitor.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Acronis True Image |
Change status |
| C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
More info about file schedhlp.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Acronis True Image |
Change status |
C:\WINDOWS\system32\RUNDLL32.EXE
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\MSN Messenger\msnmsgr.exe
More info about file msnmsgr.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft Windows Messenger chat client. |
Change status |
| C:\Program Files\NETGEAR\MA101 USB\WlanMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
More info about file outlook.exe |
Questionable |
This process is usually legitimate and related to Microsoft Office. But it also might be a part of parasite, depending on its location and other factors. Make some further research on it. |
Change status |
| C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\PROGRA~1\Brother\Brmfl04b\FAXRX.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Internet Explorer\iexplore.exe
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\HijackThis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS13 |
Not necessary |
http://g.msn.com/0SEENUS/SAOS13 is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html |
Not necessary |
http://www.comcast.net/home.html is your start page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS13 |
Not necessary |
http://g.msn.com/0SEENUS/SAOS13 is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html |
Not necessary |
http://www.comcast.net/home.html is your start page.
If you do not like this fact, fix this item. |
Change status |
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp
/defaults/su/*http://www.yahoo.com |
Not necessary |
.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost |
Not necessary |
localhost overrides your Proxy Server.
If you do not like this fact, fix this item. |
Change status |
| O1 - Hosts: 129.41.63.192 MAIL-04vs.atlarge.net |
Questionable |
Do you want an URL address "MAIL-04vs.atlarge.net" to be redirected to "129.41.63.192" when you type it? If not, then fix this |
|
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\IntCodec\isaddon.dll
More info about file isaddon.dll |
Dangerous |
Spyware related item according to inner database
The file is related to Trojan downloader Zlob.Media-Codec. It can download rogue anti-spyware... |
Change status
|
| O2 - BHO: ALTAVISTA - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\PROGRA~1\DYNAMI~1\ALTAVI~1\ALTAVI~1.DLL (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O3 - Toolbar: ALTAVISTA - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\PROGRA~1\DYNAMI~1\ALTAVI~1\ALTAVI~1.DLL (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
More info about file atiptaxx.exe |
Legitimate |
System item according to inner database
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status
|
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
More info about file pptd40nt.exe |
Legitimate |
System item according to inner database
Part of Scansoft's PaperPort scanner application. Usually located in "C:\Program... |
Change status
|
| O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
More info about file msascui.exe |
Legitimate |
Application program item according to inner database
The file is component of Microsoft Windows Defender application. |
Change status
|
| O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
More info about file avgcc.exe |
Legitimate |
System item according to inner database
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status
|
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
More info about file trueimagemonitor.exe |
Legitimate |
Application program item according to inner database
Related to Acronis True Image |
Change status
|
| O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
More info about file schedhlp.exe |
Legitimate |
Application program item according to inner database
Related to Acronis True Image |
Change status
|
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
More info about file nvcpl.dll |
Legitimate |
System item according to inner database
Related to nVidia cards. NvCpl.dll is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
More info about file nwiz.exe |
Legitimate |
System item according to inner database
Nwiz.exe is Related to nVidia graphic cards drivers.
Long name - NVIDIA nView Wizard.<br... |
Change status
|
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
More info about file nvmctray.dll |
Legitimate |
System item according to inner database
nVidia graphics cards related. NVMCTRAY.DLL is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
More info about file msnmsgr.exe |
Legitimate |
System item according to inner database
Microsoft Windows Messenger chat client. |
Change status
|
| O4 - Global Startup: MA101 Configuration Utility .lnk = C:\Program Files\NETGEAR\MA101 USB\WlanMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: Microsoft Office Outlook 2003.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe |
Unknown |
No exact entries found |
Insert file into database
|
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Tweak%20Marketing\Advanced%20Email%20Extractor
\AeeMsie.dll/page.html |
Not necessary |
Do you want item 'Advanced Email Extractor' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: AltaVista Search - file://C:\Program Files\Dynamic Toolbar\ALTAVISTA\Cache\SelectedContextSearch.htm |
Not necessary |
Do you want item 'AltaVista Search' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Tweak%20Marketing\Advanced%20Email%20Extractor
\AeeMsie.dll/link.html |
Not necessary |
Do you want item 'Scan link with AEE' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Translate - file://C:\Program Files\Dynamic Toolbar\ALTAVISTA\Cache\SelectedContextTranslation.htm |
Not necessary |
Do you want item 'Translate' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'ieSpell' and points to file 'C:\Program Files\ieSpell\iespell.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'ieSpell' and points to file 'C:\Program Files\ieSpell\iespell.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\ieSpell\iespell.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'ieSpell Options' and points to file 'C:\Program Files\ieSpell\iespell.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: All - {26835CE1-D5EC-11d5-AF6E-00C06D0086BF} - C:\Program Files\closeIeX\closeIeX.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'All' and points to file 'C:\Program Files\closeIeX\closeIeX.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Close ALL IEx''s - {26835CE1-D5EC-11d5-AF6E-00C06D0086BF} - C:\Program Files\closeIeX\closeIeX.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Close ALL IEx''s' and points to file 'C:\Program Files\closeIeX\closeIeX.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Others - {6A0426D1-0FF2-49a0-ABC2-05B67826C727} - C:\Program Files\closeIeX\closeIeY.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Others' and points to file 'C:\Program Files\closeIeX\closeIeY.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Close OTHER IEx''s - {6A0426D1-0FF2-49a0-ABC2-05B67826C727} - C:\Program Files\closeIeX\closeIeY.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Close OTHER IEx''s' and points to file 'C:\Program Files\closeIeX\closeIeY.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: ListGrabber - {CA1694AD-6CEA-4BBE-A00E-A09C1D589938} - C:\Program Files\eGrabber\ListGrabber Standard\InternetAddress.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'ListGrabber' and points to file 'C:\Program Files\eGrabber\ListGrabber Standard\InternetAddress.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Messenger' and points to file 'C:\Program Files\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Windows Messenger' and points to file 'C:\Program Files\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Tweak%20Marketing\Advanced%20Email%20Extractor
\AeeMsie.dll/page.html (file missing) (HKCU) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
O9 - Extra ''Tools'' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Tweak%20Marketing\Advanced%20Email%20Extractor
\AeeMsie.dll/page.html (file missing) (HKCU) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll |
Legitimate |
This item represents a plugin added to Internet Explorer to work with '.bcf' files. Seems to be safe, unless you know that it is malicious. |
Change status
|
| O15 - Trusted Zone: http://www.champplans.com |
Questionable |
Do you want URL pattern "http://www.champplans.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.fossi.us |
Questionable |
Do you want URL pattern "http://www.fossi.us" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.mgausa.com |
Questionable |
Do you want URL pattern "http://www.mgausa.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.rxcardfree.com |
Questionable |
Do you want URL pattern "http://www.rxcardfree.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.rxcardfree.net |
Questionable |
Do you want URL pattern "http://www.rxcardfree.net" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.staggsgroup.com |
Questionable |
Do you want URL pattern "http://www.staggsgroup.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O16 - DPF: {01112B00-3E00-11D2-8470-0060089874ED} (Support.com RemoteControl Class) - http://www.comcastsupport.com/sdccommon/download/tgrc.cab |
Questionable |
Are you using an ActiveX object with a name 'Support.com RemoteControl Class' located in 'http://www.comcastsupport.com/sdccommon/download/tgrc.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab |
Questionable |
Are you using an ActiveX object with a name 'Support.com Configuration Class' located in 'http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab |
Questionable |
Are you using an ActiveX object with a name 'HouseCall Control' located in 'http://housecall60.trendmicro.com/housecall/xscan60.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/latest/PlaxoInstall.cab |
Questionable |
Are you using an ActiveX object with a name 'PlxInstall Class' located in 'https://www.plaxo.com/down/latest/PlaxoInstall.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate' located in 'http://www.creative.com/su/ocx/15015/CTSUEng.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com/reader/dbplugin.cab |
Questionable |
Are you using an ActiveX object with a name 'dnlplayer Class' located in 'http://www.digitalwebbooks.com/reader/dbplugin.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {2C12697A-9D0B-4D03-8BFD-782E5D3DB54D} (Audio_tune_proj.Audio_tuning) - https://prodca.click4talk.com/click4talk/pc_phone/Audio_tuning.CAB |
Questionable |
Are you using an ActiveX object with a name 'Audio_tune_proj.Audio_tuning' located in 'https://prodca.click4talk.com/click4talk/pc_phone/Audio_tuning.CAB'? If not, fix this item. |
Change status
|
| O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab |
Questionable |
Are you using an ActiveX object with a name 'YInstStarter Class' located in 'http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comcastonline2
/onleng/downloads/VideoMail/vmLauncher2.cab |
Questionable |
Are you using an ActiveX object with a name 'vmLaunch Class' located in 'http://media2.comcast.net/anon.comcastonline2/onleng
/downloads/VideoMail/vmLauncher2.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {41D13E9A-BB94-402A-8502-AFA78526B63D} (iiittt Class) - http://www.thesearchmall.com/toolbar/winsrm32.cab |
Questionable |
Are you using an ActiveX object with a name 'iiittt Class' located in 'http://www.thesearchmall.com/toolbar/winsrm32.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1135193520609 |
Questionable |
Are you using an ActiveX object with a name 'MUWebControl Class' located in 'http://update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1135193520609'? If not, fix this item. |
Change status
|
| O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Maid Control) - http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab |
Questionable |
Are you using an ActiveX object with a name 'Maid Control' located in 'http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab |
Questionable |
Are you using an ActiveX object with a name 'InstallShield International Setup Player' located in 'http://www.installengine.com/engine/isetup.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc4.webresponse.one.microsoft.com/media/Visitorchat/TLIEFlash.CAB |
Questionable |
Are you using an ActiveX object with a name 'TLIEFlashObj Class' located in 'https://rtc4.webresponse.one.microsoft.com/media/Visitorchat/TLIEFlash.CAB'? If not, fix this item. |
Change status
|
| O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab |
Questionable |
Are you using an ActiveX object with a name 'ActiveScan Installer Class' located in 'http://www.pandasoftware.com/activescan/as5/asinst.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {AE775D48-49AA-11D1-8F1C-00C04FB67063} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v5/Ticker.cab |
Questionable |
Are you using an ActiveX object with a name 'MS Investor Ticker' located in 'http://fdl.msn.com/public/investor/v5/Ticker.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab |
Questionable |
Are you using an ActiveX object with a name 'MsnMessengerSetupDownloadControl Class' located in 'http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab |
Questionable |
Are you using an ActiveX object with a name 'ZoneIntro Class' located in 'http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {BD419ACD-B41C-49D9-8ADF-CCA159052515} - http://ads.adultcash.com/toolbar/bmeb.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://ads.adultcash.com/toolbar/bmeb.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://edna.ed.state.pa.us/viewer/activeXViewer/activexviewer.cab |
Questionable |
Are you using an ActiveX object with a name 'Crystal Report Viewer Control' located in 'http://edna.ed.state.pa.us/viewer/activeXViewer/activexviewer.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://ideastar.webex.com/client/v_mywebex/webex/ieatgpc.cab |
Questionable |
Are you using an ActiveX object with a name 'GpcContainer Class' located in 'https://ideastar.webex.com/client/v_mywebex/webex/ieatgpc.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lobby/searchsettings.cab |
Questionable |
Are you using an ActiveX object with a name 'Microsoft Search Settings Control' located in 'http://lg.home.microsoft.com/search/lobby/searchsettings.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate Support Package' located in 'http://www.creative.com/su/ocx/15014/CTPID.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {FA9740A2-5802-42E2-B509-81186EEB3C42} (WABControl Class) - https://www.linkedin.com/cab/wabctrl.cab |
Questionable |
Are you using an ActiveX object with a name 'WABControl Class' located in 'https://www.linkedin.com/cab/wabctrl.cab'? If not, fix this item. |
Change status
|
| O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) |
Not necessary |
It is a protocol hijacker that points to nowhere. Fix this item. |
Change status
|
| O18 - Protocol: x-mem3 - {4F6D06DD-44AB-4F89-BF13-9027B505B15A} - C:\WINDOWS\system32\eztoolslib2.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "x-mem3" and file "C:\WINDOWS\system32\eztoolslib2.dll". |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - (no file) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
More info about file schedul2.exe |
Legitimate |
Item found in 2-spyware.com database.
Acronis True Image... |
Change status
|
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
More info about file avgamsvr.exe |
Legitimate |
Item found in 2-spyware.com database.
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status
|
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
More info about file avgupsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status
|
| O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
More info about file brsvc01a.exe |
Legitimate |
Item found in 2-spyware.com database.
This is an essential component of Brother printer drivers. File brsvc01a.exe.exe is used to control... |
Change status
|
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com database.
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status
|
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
More info about file guard.exe |
Legitimate |
Item found in 2-spyware.com database.
ewido Anti-malware real-time... |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com database.
NVIDIA related... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
