| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Dit.exe
More info about file dit.exe |
Legitimate |
Item found in 2-spyware.com library
Drive Icon and Label utility, represented by running dit.exe file, is a specific component of the... |
Change status |
C:\WINDOWS\AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
Item found in 2-spyware.com library
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status |
C:\WINDOWS\mHotkey.exe
More info about file mhotkey.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Chicony keyboard application. |
Change status |
C:\WINDOWS\CNYHKey.exe
More info about file cnyhkey.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Chicony keyboard application. |
Change status |
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
More info about file pcmservice.exe |
Legitimate |
Item found in 2-spyware.com library
From Dell: "The Dell Media Experience (DME) will ship on selected Dimension and Inspiron systems... |
Change status |
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
More info about file pptd40nt.exe |
Legitimate |
Item found in 2-spyware.com library
Part of Scansoft's PaperPort scanner application. Usually located in "C:\Program... |
Change status |
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
More info about file hpgs2wnd.exe |
Legitimate |
Item found in 2-spyware.com library
Hewlett Packard Share-to-Web utility built into thier products. |
Change status |
C:\Programme\D-Tools\daemon.exe
More info about file daemon.exe |
Legitimate |
Item found in 2-spyware.com library
CD image manager software. This program is used to run CDs on a computer without the cd in the... |
Change status |
C:\WINDOWS\system32\LVCOMSX.EXE
More info about file lvcomsx.exe |
Legitimate |
Item found in 2-spyware.com library
File lvcomsx.exe is a part of Logitech drivers that enable support for QuickCam digital camera.... |
Change status |
C:\Programme\Logitech\Video\LogiTray.exe
More info about file logitray.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Logitech Image Studio. It is a tool that displays an icon in the system tray providing... |
Change status |
C:\WINDOWS\system32\RUNDLL32.EXE
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
More info about file bdmcon.exe |
Legitimate |
Item found in 2-spyware.com library
Related to BitDefender program. |
Change status |
| C:\Programme\Softwin\BitDefender9\bdoesrv.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\progra~1\softwin\bitdef~1\bdnagent.exe
More info about file bdnagent.exe |
Legitimate |
Item found in 2-spyware.com library
BitDefender News Agent, a part of BitDefender antivirus software. |
Change status |
C:\Programme\Picasa2\PicasaMediaDetector.exe
More info about file picasamediadetector.exe |
Legitimate |
Item found in 2-spyware.com library
PicasaMediaDetector.exe belongs to Picasa application. |
Change status |
C:\progra~1\softwin\bitdef~1\bdswitch.exe
More info about file bdswitch.exe |
Legitimate |
Item found in 2-spyware.com library
Essential component of the BitDefender antivirus. |
Change status |
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Hewlett Packard software. |
Change status |
| C:\FlashEnc\FlashEnc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\ROUTER~1\ROUTERCONTROL.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Programme\ScanSoft\OmniPage15.0\Opware15.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
More info about file wcescomm.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft's free Synchronization manager which runs in the background in the System Tray. Enables... |
Change status |
C:\Programme\MSN Messenger\msnmsgr.exe
More info about file msnmsgr.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft Windows Messenger chat client. |
Change status |
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
More info about file hpgs2wnf.exe |
Legitimate |
Item found in 2-spyware.com library
Related to software from HP. Located in "C:\Program Files\Hewlett-Packard\HP Share-to-Web\". |
Change status |
| C:\Programme\Copernic Desktop Search\CopernicDesktopSearch.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
More info about file teatimer.exe |
Legitimate |
Item found in 2-spyware.com library
File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background... |
Change status |
| C:\Programme\ScanSoft\OmniPage15.0\OpAgent.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Programme\A-Trust GmbH\a-sign Client\a-sign client.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\WINDOWS\system32\hotSign.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Programme\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
More info about file eebsvc.exe |
Legitimate |
Item found in 2-spyware.com library
Executable eEBSvc.exe is related to Epson printer drivers and additional management tools. It is... |
Change status |
| C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
More info about file lssrvc.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Light Scribe software. |
Change status |
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
More info about file logwatnt.exe |
Legitimate |
Item found in 2-spyware.com library
This file contains a patch, issued by Computer Associates. It fixes bugs found in some... |
Change status |
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
C:\Programme\Logitech\Video\FxSvr2.exe
More info about file fxsvr2.exe |
Legitimate |
Item found in 2-spyware.com library
File fxsvr2.exe is related to Logitech drivers and additional tools. It runs background process,... |
Change status |
C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
More info about file hpqimzone.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to HP software. |
Change status |
C:\Programme\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
More info about file sqlservr.exe |
Legitimate |
Item found in 2-spyware.com library
Main component of Microsoft SQL Server |
Change status |
C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com library
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status |
| C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
More info about file xcommsvr.exe |
Legitimate |
Item found in 2-spyware.com library
BitDefender Communication Server. It is a vital component of the BitDefender antivirus. |
Change status |
| c:\programme\pinnacle\shared files\programs\mediaserver\pmshost.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
More info about file bdss.exe |
Legitimate |
Item found in 2-spyware.com library
BitDefender Scan Server, a vital component of BitDefender antivirus software. |
Change status |
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe
More info about file livesrv.exe |
Legitimate |
Item found in 2-spyware.com library
BitDefender Security Update Service. Updates BitDefender antivirus software. |
Change status |
| C:\Programme\Softwin\BitDefender9\vsserv.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wuauclt.exe
More info about file wuauclt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programme\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\Programme\Hijackthis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oegb.at/ |
Not necessary |
http://www.oegb.at/ is your start page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com |
Not necessary |
http://www.aldi.com is your Default Page URL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR |
Not necessary |
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm |
Not necessary |
\blank.htm is your local page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost |
Not necessary |
localhost overrides your Proxy Server.
If you do not like this fact, fix this item. |
Change status |
| O1 - Hosts: 212.227.126.5 lyra2 |
Questionable |
Do you want an URL address "lyra2" to be redirected to "212.227.126.5" when you type it? If not, then fix this |
|
| O1 - Hosts: 212.227.126.12 mapibe02 |
Questionable |
Do you want an URL address "mapibe02" to be redirected to "212.227.126.12" when you type it? If not, then fix this |
|
| O1 - Hosts: 212.227.126.14 mapibe03 |
Questionable |
Do you want an URL address "mapibe03" to be redirected to "212.227.126.14" when you type it? If not, then fix this |
|
| O1 - Hosts: 212.227.126.2 mapibe04 |
Questionable |
Do you want an URL address "mapibe04" to be redirected to "212.227.126.2" when you type it? If not, then fix this |
|
| O1 - Hosts: 212.227.126.8 mapibe07 |
Questionable |
Do you want an URL address "mapibe07" to be redirected to "212.227.126.8" when you type it? If not, then fix this |
|
| O1 - Hosts: 195.20.242.166 mapibe10 |
Questionable |
Do you want an URL address "mapibe10" to be redirected to "195.20.242.166" when you type it? If not, then fix this |
|
| O1 - Hosts: 195.20.242.167 mapibe11 |
Questionable |
Do you want an URL address "mapibe11" to be redirected to "195.20.242.167" when you type it? If not, then fix this |
|
| O1 - Hosts: 195.20.242.168 mapibe12 |
Questionable |
Do you want an URL address "mapibe12" to be redirected to "195.20.242.168" when you type it? If not, then fix this |
|
| O1 - Hosts: 195.20.242.165 mapibe09 |
Questionable |
Do you want an URL address "mapibe09" to be redirected to "195.20.242.165" when you type it? If not, then fix this |
|
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
More info about file googletoolbar1.dll |
Legitimate |
Application program item according to inner database
An essential component of Google Toolbar. |
Change status
|
| O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Programme\Copernic Desktop Search\CopernicDesktopSearchIntegration977.dll
More info about file googletoolbar1.dll |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
More info about file nvcpl.dll |
Legitimate |
System item according to inner database
Related to nVidia cards. NvCpl.dll is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
More info about file nwiz.exe |
Legitimate |
System item according to inner database
Nwiz.exe is Related to nVidia graphic cards drivers.
Long name - NVIDIA nView Wizard.<br... |
Change status
|
| O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Dit] Dit.exe
More info about file dit.exe |
Legitimate |
System item according to inner database
Drive Icon and Label utility, represented by running dit.exe file, is a specific component of the... |
Change status
|
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
System item according to inner database
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status
|
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
More info about file mhotkey.exe |
Legitimate |
Application program item according to inner database
The file is related to Chicony keyboard application. |
Change status
|
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
More info about file cnyhkey.exe |
Legitimate |
Application program item according to inner database
The file is related to Chicony keyboard application. |
Change status
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
More info about file pcmservice.exe |
Legitimate |
System item according to inner database
From Dell: "The Dell Media Experience (DME) will ship on selected Dimension and Inspiron systems... |
Change status
|
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
More info about file pptd40nt.exe |
Legitimate |
System item according to inner database
Part of Scansoft's PaperPort scanner application. Usually located in "C:\Program... |
Change status
|
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
More info about file hpgs2wnd.exe |
Legitimate |
System item according to inner database
Hewlett Packard Share-to-Web utility built into thier products. |
Change status
|
| O4 - HKLM\..\Run: [CheckMedi8or] C:\Programme\Mediator 7 Pro\CheckNewUser.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
More info about file daemon.exe |
Legitimate |
Application program item according to inner database
CD image manager software. This program is used to run CDs on a computer without the cd in the... |
Change status
|
O4 - HKLM\..\Run: [UpdateManager] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
More info about file sgtray.exe |
Legitimate |
Application program item according to inner database
Part of the Veritas Storage Guard. Located in "C:\Program Files\VERITAS Software\Update Manager\". |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
More info about file lvcomsx.exe |
Legitimate |
Application program item according to inner database
File lvcomsx.exe is a part of Logitech drivers that enable support for QuickCam digital camera.... |
Change status
|
| O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
More info about file logitray.exe |
Legitimate |
Application program item according to inner database
A part of Logitech Image Studio. It is a tool that displays an icon in the system tray providing... |
Change status
|
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
More info about file nvmctray.dll |
Legitimate |
System item according to inner database
nVidia graphics cards related. NVMCTRAY.DLL is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
More info about file bdmcon.exe |
Legitimate |
Application program item according to inner database
Related to BitDefender program. |
Change status
|
| O4 - HKLM\..\Run: [BDOESRV] "C:\Programme\Softwin\BitDefender9\bdoesrv.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdnagent.exe"
More info about file bdnagent.exe |
Legitimate |
Application program item according to inner database
BitDefender News Agent, a part of BitDefender antivirus software. |
Change status
|
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe
More info about file picasamediadetector.exe |
Legitimate |
Application program item according to inner database
PicasaMediaDetector.exe belongs to Picasa application. |
Change status
|
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
More info about file bdswitch.exe |
Legitimate |
Application program item according to inner database
Essential component of the BitDefender antivirus. |
Change status
|
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
More info about file psdrvcheck.exe |
Legitimate |
Application program item according to inner database
Related to Pinnacle InstantCopy CD/DVD software. Located in "C:\WINDOWS\SYSTEM\" on Windows... |
Change status
|
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup
More info about file googledesktop.exe |
Legitimate |
Application program item according to inner database
Main component of Google Desktop |
Change status
|
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Application program item according to inner database
The file is related to Hewlett Packard software. |
Change status
|
| O4 - HKLM\..\Run: [FlashEnc] "c:\FlashEnc\FlashEnc.exe" |
Questionable |
questionable item according to our database |
Change status
|
| O4 - HKLM\..\Run: [TrafficMonitor] C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [RouterControl] C:\PROGRA~1\ROUTER~1\ROUTERCONTROL.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k |
Questionable |
questionable item according to our database |
Change status
|
| O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot |
Questionable |
questionable item according to our database |
Change status
|
| O4 - HKLM\..\Run: [Opware15] "C:\Programme\ScanSoft\OmniPage15.0\Opware15.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [OpScheduler] "C:\Programme\ScanSoft\OmniPage15.0\OpScheduler.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [ScanSoft OmniPage 15.0-reminder] "C:\Programme\ScanSoft\OmniPage15.0\Ereg\ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\OmniPage15.0\Ereg\ereg.ini" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
More info about file wcescomm.exe |
Legitimate |
System item according to inner database
Microsoft's free Synchronization manager which runs in the background in the System Tray. Enables... |
Change status
|
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
More info about file msnmsgr.exe |
Legitimate |
System item according to inner database
Microsoft Windows Messenger chat client. |
Change status
|
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
More info about file manifestengine.exe |
Legitimate |
Application program item according to inner database
A tool installed alongside Logitech software for digital cameras. It updates this software... |
Change status
|
| O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Programme\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
More info about file teatimer.exe |
Legitimate |
Application program item according to inner database
File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background... |
Change status
|
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
More info about file backweb-8876480.exe |
Legitimate |
System item according to inner database
Logitech Desktop Manager. Located in "C:\Program Files\Logitech\Desktop Messenger\8876480\Program". |
Change status
|
| O4 - HKCU\..\Run: [OpAgent] "C:\Programme\ScanSoft\OmniPage15.0\OpAgent.exe" /agent |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Startup: PPThumbs.ptn |
Questionable |
Startup - link: 'PPThumbs.ptn', file: '' |
Change status
|
| O4 - Global Startup: A-Trust a-sign Client.lnk = C:\Programme\A-Trust GmbH\a-sign Client\a-sign client.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
Application program item according to inner database
Related to Adobe Acrobat Reader. |
Change status
|
| O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: hotSign.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
More info about file ldmconf.exe |
Legitimate |
Application program item according to inner database
Logitech Desktop Messenger. Checks for new products, upgrades and offers from Logitech. Located in... |
Change status
|
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
More info about file osa.exe |
Legitimate |
Application program item according to inner database
The Office Startup Assistant (Osa.exe or OSA) is a program that improves the performance of Office... |
Change status
|
| O4 - Global Startup: Pinnacle ShowCenter StreamServer.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O4 - Global Startup: PPThumbs.ptn |
Questionable |
Global Startup - link: 'PPThumbs.ptn', file: '' |
Change status
|
| O4 - Global Startup: Quicken 2006 Zahlungserinnerung.lnk = C:\Programme\Quicken2006\billmind.exe |
Questionable |
questionable item according to our database |
Change status
|
| O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html |
Not necessary |
Do you want item 'Im Cache gespeicherte Seite' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html |
Not necessary |
Do you want item 'Verweisseiten' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Programme\Java\jre1.5.0_06\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Konsole' and points to file 'C:\Programme\Java\jre1.5.0_06\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Mobilen Favoriten erstellen' and points to file 'C:\Programme\Microsoft ActiveSync\inetrepl.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Programme\Microsoft ActiveSync\inetrepl.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Mobilen Favoriten erstellen...' and points to file 'C:\Programme\Microsoft ActiveSync\inetrepl.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com |
Questionable |
This item changes your "default" Start page in IE. It will appear if you Restore default web settings. If you are an administrator and you do not recognize address "", fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 |
Questionable |
Are you using an ActiveX object with a name 'Windows Genuine Advantage Validation Tool' located in 'http://go.microsoft.com/fwlink/?linkid=39204'? If not, fix this item. |
Change status
|
| O16 - DPF: {3911F463-03E8-45A5-B7BE-A89E096ACB79} (ClientCheckX Control) - http://www.a-trust.at/html/ClientCheck/ClientCheckX.CAB |
Questionable |
Are you using an ActiveX object with a name 'ClientCheckX Control' located in 'http://www.a-trust.at/html/ClientCheck/ClientCheckX.CAB'? If not, fix this item. |
Change status
|
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls
/en/x86/client/wuweb_site.cab?1097418447593 |
Questionable |
Are you using an ActiveX object with a name 'WUWebControl Class' located in 'http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls
/en/x86/client/wuweb_site.cab?1097418447593'? If not, fix this item. |
Change status
|
| O16 - DPF: {75730152-9A0D-4783-B12A-D2E877868C12} (PBUpdate Control) - http://www.a-trust.at/zmrservice/PBUpdate.cab |
Questionable |
Are you using an ActiveX object with a name 'PBUpdate Control' located in 'http://www.a-trust.at/zmrservice/PBUpdate.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab |
Questionable |
Are you using an ActiveX object with a name 'MessengerStatsClient Class' located in 'http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Plug-in) - |
Questionable |
Are you using an ActiveX object with a name 'Java Plug-in' located in ''? If not, fix this item. |
Change status
|
| O16 - DPF: {E8304464-1EA9-4F39-A031-522874AAC230} (ESD Object) - |
Questionable |
Are you using an ActiveX object with a name 'ESD Object' located in ''? If not, fix this item. |
Change status
|
| O16 - DPF: {FCF77DBD-0AE7-4EA8-B9EF-A733F6879B4E} (KardToolX Control) - http://www.a-trust.at/html/CardCheck/KardToolX.CAB |
Questionable |
Are you using an ActiveX object with a name 'KardToolX Control' located in 'http://www.a-trust.at/html/CardCheck/KardToolX.CAB'? If not, fix this item. |
Change status
|
| O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "haufereader" and file "C:\Programme\Haufe\HaufeReader\HRInstmon.dll". |
Change status
|
| O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "livecall" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "ms-help" and file "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll". |
Change status
|
| O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "msnim" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe |
Legitimate |
Related to Adobe photoshop. |
Change status
|
| O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe |
Legitimate |
BlueSoleil
is a Bluetooth device manager for Windows. Made by the IVT_Corporation
The file associated with this service is found in the Program Files\IVT Corporation\BlueSoleil folder. |
Change status
|
| O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
More info about file eebsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Executable eEBSvc.exe is related to Epson printer drivers and additional management tools. It is... |
Change status
|
| O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - The Firebird Project - C:\MAGIX\Common\Database\bin\fbserver.exe |
Legitimate |
Firebird Database Server |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
| O23 - Service: License Management Service ESD - element5 - C:\Programme\Gemeinsame Dateien\element5 Shared\Service\Licence Manager ESD.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
More info about file lssrvc.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Light Scribe... |
Change status
|
| O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Ereignisprotokoll-Ãœberwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
More info about file logwatnt.exe |
Legitimate |
Item found in 2-spyware.com database.
This file contains a patch, issued by Computer Associates. It fixes bugs found in some... |
Change status
|
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com database.
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status
|
| O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe |
Legitimate |
Related to Adobe photoshop. |
Change status
|
| O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\programme\pinnacle\shared files\programs\mediaserver\pmshost.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender9\vsserv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe |
Legitimate |
X10 video streaming devices. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems |
Change status
|
| O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
