| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\LEXBCES.EXE
More info about file lexbces.exe |
Legitimate |
Item found in 2-spyware.com library
This file is a component of MarkVision software, published by Lexmark International. This software... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\LEXPPS.EXE
More info about file lexpps.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to Lexmark Printer Port Scanner utility, it is a standard component of the... |
Change status |
C:\WINDOWS\system32\CTsvcCDA.EXE
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com library
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status |
C:\WINDOWS\System32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com library
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status |
C:\WINDOWS\System32\tcpsvcs.exe
More info about file tcpsvcs.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft TCP/IP Services, represented by tcpsvcs.exe file, are included in Windows NT 4/2000/XP... |
Change status |
| C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
| C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\wscntfy.exe
More info about file wscntfy.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\alg.exe
More info about file alg.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\ezSP_Px.exe
More info about file ezsp_px.exe |
Legitimate |
Item found in 2-spyware.com library
Installed by the Easy Systems CD & DVD writing software. |
Change status |
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
More info about file ybrwicon.exe |
Legitimate |
Item found in 2-spyware.com library
ybrwicon.exe is related to Yahoo! browser. It is a legitimate application process, which does not... |
Change status |
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
More info about file ycommon.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of some Yahoo! software, installed on your computer. Executable ycommon.exe runs... |
Change status |
| C:\Program Files\SONY\sHotKey\sHotKey.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\WINDOWS\ehome\ehtray.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
Item found in 2-spyware.com library
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status |
C:\WINDOWS\AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
Item found in 2-spyware.com library
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status |
C:\WINDOWS\ehome\ehmsas.exe
More info about file ehmsas.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Microsoft Windows Media Center application. |
Change status |
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
More info about file directcd.exe |
Legitimate |
Item found in 2-spyware.com library
directcd.exe is an application process used by Roxio's Easy CD/DVD Creator when burning a CD or a... |
Change status |
| C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
More info about file motivesb.exe |
Legitimate |
Item found in 2-spyware.com library
File motivesb.exe is related to Motive Broadband Manager. This software is used by some Internet... |
Change status |
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
| C:\PROGRA~1\Yahoo!\YOP\yop.exe |
Unknown |
No exact entries found |
Insert file into database
|
D:\Program Files\QuickTime\qttask.exe
More info about file qttask.exe |
Legitimate |
Item found in 2-spyware.com library
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status |
| C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Messenger\MSMSGS.EXE
More info about file msmsgs.exe |
Legitimate |
Item found in 2-spyware.com library
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status |
| D:\PROGRAM FILES\Ares\Ares.exe |
Unknown |
No exact entries found |
Insert file into database
|
D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
More info about file ctdetect.exe |
Legitimate |
Item found in 2-spyware.com library
|
Change status |
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
More info about file teatimer.exe |
Legitimate |
Item found in 2-spyware.com library
File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background... |
Change status |
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
Item found in 2-spyware.com library
SAS is one of the best as-programs |
Change status |
D:\PROGRAM FILES\Sandisk\Common\Bin\WinCinemaMgr.exe
More info about file wincinemamgr.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to WinDVD software. |
Change status |
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
More info about file mpbtn.exe |
Legitimate |
Item found in 2-spyware.com library
The file is a part of application which is used by various ISP. |
Change status |
D:\PROGRAM FILES\WinZip\WZQKPICK.EXE
More info about file wzqkpick.exe |
Legitimate |
Item found in 2-spyware.com library
System tray icon for WinZip software by Niko Mak Computing, Inc. WZQKPick.exe is located in... |
Change status |
| D:\PROGRAM FILES\Verizon Wireless\V CAST Music Manager\MEMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Yahoo!\browser\ybrowser.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\NOTEPAD.EXE
More info about file notepad.exe |
Legitimate |
Process found in system process library |
Change status |
D:\PROGRAM FILES\hyjackthis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| C:\WINDOWS\System32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html |
Not necessary |
http://www.yahoo.com/search/ie.html is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.sbc.com/dsl |
Not necessary |
yahoo.sbc.com/dsl is your start page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com |
Not necessary |
http://www.yahoo.com is your Default Page URL.
If you do not like this fact, fix this item. |
Change status |
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com |
Not necessary |
http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com is your Default Search URL.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com |
Legitimate |
http://www.yahoo.com is your start page.
This is a legitimate page. |
Change status |
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com |
Not necessary |
http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com is your default SearchURL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://aimexpress.aol.com/v1_5/gz/aolcom/html/AESignout.html |
Not necessary |
http://aimexpress.aol.com/v1_5/gz/aolcom/html/AESignout.html is related to your Internet Connection Wizard.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Yahoo! |
Not necessary |
Microsoft Internet Explorer provided by Yahoo! is the title in your Internet Explorer window.
If you do not like this fact, fix this item. |
Change status |
| R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll |
Questionable |
If you do not recognize this entry name "Yahoo! Toolbar" and this path "C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll", then fix this item |
Change status |
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll
More info about file yt.dll |
Legitimate |
Application program item according to inner database
Yahoo! Toolbar |
Change status
|
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
More info about file yiesrvc.dll |
Legitimate |
Application program item according to inner database
The file is related to Yahoo! software. |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll |
Legitimate |
legitimate bho toolbar, related to SBC Yahoo! Browser |
Change status
|
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\Companion\Installs\cpn\yt.dll
More info about file yt.dll |
Legitimate |
Application program item according to inner database
Yahoo! Toolbar |
Change status
|
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
More info about file ezsp_px.exe |
Legitimate |
Application program item according to inner database
Installed by the Easy Systems CD & DVD writing software. |
Change status
|
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
More info about file ybrwicon.exe |
Legitimate |
Application program item according to inner database
ybrwicon.exe is related to Yahoo! browser. It is a legitimate application process, which does not... |
Change status
|
| O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
More info about file nwiz.exe |
Legitimate |
System item according to inner database
Nwiz.exe is Related to nVidia graphic cards drivers. Full name - NVIDIA nView Wizard.<br... |
Change status
|
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
More info about file nvcpl.dll |
Legitimate |
System item according to inner database
Related to nVidia cards. NvCpl.dll is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
| O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
System item according to inner database
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status
|
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
More info about file atiptaxx.exe |
Legitimate |
System item according to inner database
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status
|
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
More info about file ati2mdxx.exe |
Legitimate |
System item according to inner database
ATI 2D Mode component from ATI Technologies, Inc. Related to your graphics card. Located in... |
Change status
|
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
System item according to inner database
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status
|
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
More info about file directcd.exe |
Legitimate |
Application program item according to inner database
directcd.exe is an application process used by Roxio's Easy CD/DVD Creator when burning a CD or a... |
Change status
|
| O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
More info about file motivesb.exe |
Legitimate |
Application program item according to inner database
File motivesb.exe is related to Motive Broadband Manager. This software is used by some Internet... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
More info about file realsched.exe |
Legitimate |
Application program item according to inner database
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status
|
| O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
| O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\RunOnce: [SpybotDeletingA6254] command /c del "C:\WINDOWS\system32\lruvqvw.dll_old" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
More info about file weather.exe |
Legitimate |
It's a legimate progam provided by The Weather Channel |
Change status
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
| O4 - HKCU\..\Run: [ares] "D:\PROGRAM FILES\Ares\Ares.exe" -h |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [Creative Detector] D:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
More info about file ctdetect.exe |
Legitimate |
System item according to inner database
|
Change status
|
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
More info about file steam.exe |
Legitimate |
Application program item according to inner database
This file is a part of application that comes with most games, published by Valve Corporation. It... |
Change status
|
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
More info about file teatimer.exe |
Legitimate |
Application program item according to inner database
File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background... |
Change status
|
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O4 - HKUS\S-1-5-19\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User ''LOCAL SERVICE'') |
Questionable |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ''LOCAL SERVICE'') |
Questionable |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O4 - HKUS\S-1-5-20\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User ''NETWORK SERVICE'') |
Questionable |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O4 - Startup: MEMonitor.lnk = D:\PROGRAM FILES\Verizon Wireless\V CAST Music Manager\MEMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: WinCinema Manager.lnk = D:\PROGRAM FILES\Sandisk\Common\Bin\WinCinemaMgr.exe
More info about file wincinemamgr.exe |
Legitimate |
Application program item according to inner database
The file is related to WinDVD software. |
Change status
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\PROGRAM FILES\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
Application program item according to inner database
reader_sl.exe is Related to Adobe Acrobat Reader. |
Change status
|
| O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Microsoft Office.lnk = D:\PROGRAM FILES\Microsoft Office\Office\OSA9.EXE
More info about file osa9.exe |
Legitimate |
Application program item according to inner database
Loads Microsoft Office components at reboot, to improve the startup time of the Office programs.... |
Change status
|
O4 - Global Startup: WinZip Quick Pick.lnk = D:\PROGRAM FILES\WinZip\WZQKPICK.EXE
More info about file wzqkpick.exe |
Legitimate |
Application program item according to inner database
System tray icon for WinZip software by Niko Mak Computing, Inc. WZQKPick.exe is located in... |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AT&T Yahoo! Services' and points to file 'C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe |
Legitimate |
Legitimate extra button in your browser - related to AOL Instant Messenger. |
Change status
|
| O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'D:\PROGRA~1\SPYBOT~1\SDHelper.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Spybot' and points to file '{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '@xpsp3res.dll,-20001' and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
| O14 - IERESET.INF: START_PAGE_URL=http://www.yahoo.com |
Questionable |
This item changes your "default" Start page in IE. It will appear if you Restore default web settings. If you are an administrator and you do not recognize address "", fix this item. |
Change status
|
| O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://www.miniclip.com/hamsterball/raptisoftgameloader.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab |
Questionable |
Are you using an ActiveX object with a name 'Musicnotes Viewer' located in 'http://www.musicnotes.com/download/mnviewer.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 |
Legitimate |
Legitimate ActiveX item from site http://go.microsoft.com/ |
Change status
|
O16 - DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} (CPlayFirstmsiControl Object) - http://www.shockwave.com/content/sharkisland
/sis/MysteryOfSharkIslandWeb.1.0.0.8.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstmsiControl Object' located in 'http://www.shockwave.com/content/sharkisland
/sis/MysteryOfSharkIslandWeb.1.0.0.8.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll |
Questionable |
Are you using an ActiveX object with a name 'yucsetreg Class' located in 'C:\Program Files\Yahoo!\common\yucconfig.dll'? If not, fix this item. |
Change status
|
| O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125B84} (CR64Loader Object) - http://www.gamehouse.com/games/cosmicbugs/r64loader.cab |
Questionable |
Are you using an ActiveX object with a name 'CR64Loader Object' located in 'http://www.gamehouse.com/games/cosmicbugs/r64loader.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstDinerDash2Control Object' located in 'http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab |
Questionable |
Are you using an ActiveX object with a name 'AtlAtomadersCtlAttrib Class' located in 'http://zone.msn.com/bingame/amad/default/atomaders.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstDoggieDashControl Object' located in 'http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1168806912343 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
| O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} (Abx(gh) Control) - http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab |
Questionable |
Are you using an ActiveX object with a name 'Abx(gh' located in 'http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab |
Questionable |
Are you using an ActiveX object with a name 'GameHouse Games Player' located in 'http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles
/dreamweb.1.0.0.9.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstdreamControl Object' located in 'http://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles
/dreamweb.1.0.0.9.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/ballistik/sis/slgwebinstall.cab |
Questionable |
Are you using an ActiveX object with a name 'Sandlot Loader Control' located in 'http://www.shockwave.com/content/ballistik/sis/slgwebinstall.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab |
Questionable |
Are you using an ActiveX object with a name 'MJLauncherCtrl Class' located in 'http://zone.msn.com/bingame/chnz/default/mjolauncher.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.com/content/tumblebugs/sis/axhost.cab |
Questionable |
Are you using an ActiveX object with a name 'WildfireActiveXHost Class' located in 'http://www.shockwave.com/content/tumblebugs/sis/axhost.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {8B6193F1-837F-11D4-89E6-0050DA666184} (Sol2axctl Class) - http://download.solitaire.com/download/solitaire.cab |
Questionable |
Are you using an ActiveX object with a name 'Sol2axctl Class' located in 'http://download.solitaire.com/download/solitaire.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://www.shockwave.com/content/bigcityadventuresf/sis/JBGamePlayer.cab |
Questionable |
Are you using an ActiveX object with a name 'Jolly Bear Games Player' located in 'http://www.shockwave.com/content/bigcityadventuresf/sis/JBGamePlayer.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVCDownloadControl) - http://download.games.yahoo.com/games/web_games
/sony/davinci/DVCDownloadControl.cab |
Questionable |
Are you using an ActiveX object with a name 'DVCDownloadControl' located in 'http://download.games.yahoo.com/games/web_games
/sony/davinci/DVCDownloadControl.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B0FB831D-17F6-4CBD-9B5D-3305881D362E} (LHGLauncherXForm Control) - http://www.shockwave.com/content/reaxxion/sis/HLGLauncher.cab |
Questionable |
Are you using an ActiveX object with a name 'LHGLauncherXForm Control' located in 'http://www.shockwave.com/content/reaxxion/sis/HLGLauncher.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab |
Questionable |
Are you using an ActiveX object with a name 'SABScanProcesses Class' located in 'http://www.superadblocker.com/activex/sabspx.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v5.cab |
Questionable |
Are you using an ActiveX object with a name 'GoBit Games Player' located in 'http://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v5.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab |
Questionable |
Are you using an ActiveX object with a name 'MSN Games - Installer' located in 'http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go
/ddfotg.1.0.0.33.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstddfotgControl Object' located in 'http://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go
/ddfotg.1.0.0.33.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab |
Questionable |
Are you using an ActiveX object with a name 'Zylom Games Player' located in 'http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://www.shockwave.com/content/joboosgems/sis/AstoundLauncher.cab |
Questionable |
Are you using an ActiveX object with a name 'AstoundLauncher Control' located in 'http://www.shockwave.com/content/joboosgems/sis/AstoundLauncher.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab |
Questionable |
Are you using an ActiveX object with a name 'Oberon Flash Game Host' located in 'http://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} (CPlayFirstSandScriptControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-sandscript/SandScript.1.0.0.21.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstSandScriptControl Object' located in 'http://aolsvc.aol.com/onlinegames/free-trial-sandscript
/SandScript.1.0.0.21.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe |
Questionable |
Are you using an ActiveX object with a name 'Virtools WebPlayer Class' located in 'http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe'? If not, fix this item. |
Change status
|
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_games
/gamehouse/frenzy/SproutLauncher.cab |
Questionable |
Are you using an ActiveX object with a name 'SproutLauncherCtrl Class' located in 'http://download.games.yahoo.com/games/web_games
/gamehouse/frenzy/SproutLauncher.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/peggle/sis/popcaploader_v10_en.cab |
Questionable |
Are you using an ActiveX object with a name 'PopCapLoader Object' located in 'http://www.shockwave.com/content/peggle/sis/popcaploader_v10_en.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab |
Questionable |
Are you using an ActiveX object with a name 'HeartbeatCtl Class' located in 'http://fdl.msn.com/zone/datafiles/heartbeat.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-wedding-dash
/WeddingDash.1.0.0.47.cab |
Questionable |
Are you using an ActiveX object with a name 'CPlayFirstWeddingDashControl Object' located in 'http://aolsvc.aol.com/onlinegames/free-trial-wedding-dash
/WeddingDash.1.0.0.47.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo
.com/dl/toolbar/yiebio5_3_16_0.cab |
Questionable |
Are you using an ActiveX object with a name 'Yahoo! Toolbar' located in 'http://us.dl1.yimg.com/download.companion.yahoo
.com/dl/toolbar/yiebio5_3_16_0.cab'? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CCS\Services\Tcpip\..\{9DCCAB9D-50A7-47FC-BEF3-A9C69423F98A}: NameServer = 68.94.156.1 151.164.8.201 |
Questionable |
Do you recognize these IP addresses '68.94.156.1 151.164.8.201' as your internet provider DNS servers? If not, fix this item. |
Change status
|
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com database.
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status
|
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
More info about file lexbces.exe |
Legitimate |
Item found in 2-spyware.com database.
This file is a component of MarkVision software, published by Lexmark International. This software... |
Change status
|
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com database.
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status
|
| O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
More info about file halsv.exe |
Legitimate |
Item found in 2-spyware.com database.
halsv.exe is the main application process for Sony TV Tuner Controller. You should not disable this... |
Change status
|
| O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe |
Legitimate |
Sony computers |
Change status
|
| O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe |
Legitimate |
Sony computers |
Change status
|
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
More info about file sssvr.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to VAIO Media Music Server... |
Change status
|
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
More info about file sv_httpd.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
More info about file upnpframework.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
More info about file photoappsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to VAIO Media Photo Server... |
Change status
|
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
More info about file sv_httpd.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
More info about file upnpframework.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
| O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe |
Legitimate |
Sony VAIO computers |
Change status
|
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
More info about file sv_httpd.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
More info about file upnpframework.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Sony VAIO Media Integrated Server... |
Change status
|
| O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE |
Legitimate |
Related to Yahoo |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
