Results of analyzing your log

The HijackThis log analyzer beta 2 is a brand new service, so it is natural that it may have a few issues with entry descriptions and status. You can help us to improve the analyzer! If you have some information on unknown items, please share it with us and thousands of 2-Spyware.com visitors. We will carefully check your submission and approve it, if it is correct. You can also change status of entries that do not look identified correctly to you. Also feel free to post your description for existing items. We will review and add it to the analyzer's database. Thank you!

Files and registry entries considered to be safe

Legitimate items	43	58%
Not necessary items	8	11%
	51	69%

File and registry entries that can be both dangerous or safe

Questionable items	1	1%
Unknown items	22	30%
	23	31%

Files and registry entries considered to be DANGEROUS. Fix immediately!

Dangerous items

Line:	Status:	Comments:	Actions:
C:\WINDOWS\System32\smss.exe More info about file smss.exe	Legitimate		Change status
C:\WINDOWS\system32\winlogon.exe More info about file winlogon.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\services.exe More info about file services.exe	Legitimate	In most of cases it is legitimate system process, only sometimes can be used by malicious software	Change status
C:\WINDOWS\system32\lsass.exe More info about file lsass.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\System32\WLTRYSVC.EXE More info about file wltrysvc.exe	Legitimate	Item found in 2-spyware.com library Installed alongside Broadcom wireless communication software. It is a tool that displays an icon in...	Change status
C:\WINDOWS\System32\bcmwltry.exe More info about file bcmwltry.exe	Legitimate	Item found in 2-spyware.com library bcmwltry.exe is BroadCom's Wireless Network Tray Applet. It runs if you are on a wireless...	Change status
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe More info about file aawservice.exe	Legitimate	Item found in 2-spyware.com library	Change status
C:\WINDOWS\Explorer.EXE More info about file explorer.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\spoolsv.exe More info about file spoolsv.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe More info about file syntpenh.exe	Legitimate	Item found in 2-spyware.com library System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".	Change status
C:\WINDOWS\stsystra.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Unlocker\UnlockerAssistant.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Dell Support Center\bin\sprtcmd.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe More info about file groovemonitor.exe	Legitimate	Item found in 2-spyware.com library groovemonitor.exe is the Microsoft GrooveMonitor Utility, and is a legitimate process that may be...	Change status
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe More info about file issch.exe	Legitimate	Item found in 2-spyware.com library Executable issch.exe is a standard component of InstallShield software. It is used to connect to...	Change status
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe More info about file spysweeperui.exe	Legitimate	Item found in 2-spyware.com library The file belongs to SpySweeper application.	Change status
C:\WINDOWS\system32\ctfmon.exe More info about file ctfmon.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe More info about file btwdins.exe	Legitimate	Item found in 2-spyware.com library btwdins.exe is used when bluetooth device is installed.	Change status
C:\WINDOWS\system32\CTsvcCDA.EXE More info about file ctsvccda.exe	Legitimate	Item found in 2-spyware.com library Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some...	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\iolo\common\lib\ioloServiceManager.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE More info about file mdm.exe	Legitimate	Item found in 2-spyware.com library mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM...	Change status
C:\Program Files\Dell Support Center\bin\sprtsvc.exe	Unknown	No exact entries found	Insert file into database
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Viewpoint\Common\ViewpointService.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Webroot\Webroot Desktop Firewall\wdfsvc.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe More info about file spysweeper.exe	Legitimate	Item found in 2-spyware.com library An executable file of SpySweeper anti-spyware program.	Change status
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe More info about file viewmgr.exe	Legitimate	Item found in 2-spyware.com library This is a part of media player, which can act as an adware program. This player appears to be a...	Change status
C:\Program Files\Internet Explorer\iexplore.exe More info about file iexplore.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE More info about file ssu.exe	Legitimate	Item found in 2-spyware.com library The file belongs to SpySweeper application.	Change status
C:\Program Files\Splunk\bin\splunkd.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Splunk\bin\PythonService.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe More info about file hijackthis.exe	Legitimate	Item found in 2-spyware.com library This is the main component of HijackThis security application, designed to perform system scans and...	Change status
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061005	Not necessary	www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061005 is your Default Page URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157	Not necessary	http://go.microsoft.com/fwlink/?LinkId=69157 is your Default Page URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896	Not necessary	http://go.microsoft.com/fwlink/?LinkId=54896 is your Default Search URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896	Not necessary	http://go.microsoft.com/fwlink/?LinkId=54896 is your Search Page. If you do not like this fact, fix this item.	Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157	Not necessary	http://go.microsoft.com/fwlink/?LinkId=69157 is your start page. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0061005	Not necessary	. If you do not like this fact, fix this item.	Change status
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll	Unknown	No exact entries found	Insert file into database
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll More info about file ssv.dll	Legitimate	System item according to inner database Related to Java Virtual Machine software, which is legitimate.	Change status
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" More info about file syntpenh.exe	Legitimate	System item according to inner database System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".<br...	Change status
O4 - HKLM\..\Run: [PDF4 Registry Controller] "C:\Program Files\ScanSoft\PDF Professional 4.0\RegistryController.exe" More info about file registrycontroller.exe	Legitimate	Application program item according to inner database registrycontroller.exe is a legitimate application process, and is responsible for controlling the...	Change status
O4 - HKLM\..\Run: [SigmatelSysTrayApp] "C:\WINDOWS\stsystra.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" More info about file groovemonitor.exe	Legitimate	Application program item according to inner database groovemonitor.exe is the Microsoft GrooveMonitor Utility, and is a legitimate process that may be...	Change status
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start More info about file issch.exe	Legitimate	Application program item according to inner database Executable issch.exe is a standard component of InstallShield software. It is used to connect to...	Change status
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup	Questionable	questionable item according to our database	Change status
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray More info about file spysweeperui.exe	Legitimate	Application program item according to inner database The file belongs to SpySweeper application.	Change status
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe" More info about file ctfmon.exe	Legitimate	Application program item according to inner database When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)...	Change status
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100	Not necessary	Do you want item 'Open with ScanSoft PDF Converter 4.0' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item.	Change status
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe More info about file aawservice.exe	Legitimate	Item found in 2-spyware.com database. ...	Change status
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe	Legitimate	Required for PhotoshopCS	Change status
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe More info about file btwdins.exe	Legitimate	Item found in 2-spyware.com database. btwdins.exe is used when bluetooth device is...	Change status
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE More info about file ctsvccda.exe	Legitimate	Item found in 2-spyware.com database. Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some...	Change status
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe	Legitimate	Related to Macrovision Corporation.	Change status
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE More info about file lucoms~1.exe	Legitimate	Item found in 2-spyware.com database. The file belongs to Symantecs Internet security suite...	Change status
O23 - Service: MaxBackServiceInt - Mobile Action Technology Inc. - (no file)	Not necessary	Fix this item because it points to a file that does not exist	Change status
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe More info about file hpzipm12.exe	Legitimate	Item found in 2-spyware.com database. This is a standard component of Hewlett-Packard device drivers. The presence of this file means,...	Change status
O23 - Service: Splunkd - Unknown owner - C:\Program Files\Splunk\bin\splunkd.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: SplunkWeb - Unknown owner - C:\Program Files\Splunk\bin\PythonService.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Webroot Desktop Firewall network service (WDFNet) - Webroot Software Inc (www.webroot.com) - C:\Program Files\Webroot\Webroot Desktop Firewall\wdfsvc.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe More info about file spysweeper.exe	Legitimate	Item found in 2-spyware.com database. An executable file of SpySweeper anti-spyware...	Change status
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE More info about file wltrysvc.exe	Legitimate	Item found in 2-spyware.com database. Installed alongside Broadcom wireless communication software. It is a tool that displays an icon in...	Change status

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

Recommended software:

Malwarebytes Anti Malware

(91/100)

There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t have many features. One such...

SpyHunter

(89/100)

SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are not computer savvy, but...

Spyware Doctor

(87/100)

Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and easy-to-manage...

STOPzilla

(86/100)

STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses, and viruses....

XoftSpySE Anti Spyware

(84/100)

XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to install and use. Trial version...

Latest Spyware news:

• Carl A Someone signature loved by spammers
• State of Utah Reveals Why 780k People Records Were Stolen
• The iPhone And iPad Are Targets For Hackers
• Malicious tweets spread rogue AV infecting Android users
• Be aware about malware spread via hotel Wi-Fi connections
• SecureCloud Key Management Systems Released by Trend Micro
• Microsoft and Adobe Releases Critical Security Updates. Update Now!
• Internet Apocalypsis Upcoming - Prepare for DNSChanger Servers Closure
• Hacks Through Compromised Websites Increases Rapidly, Says Symantec
• Facebook judged for its privacy controls

Subscribe to news

Encyclopedia of parasites:

ErrorSmart 24/05/12
Windows Safety Maint... 24/05/12
Windows Multi Contro... 23/05/12
System Protection Tools 23/05/12
Redirect 22/05/12
Windows Secure Kit 2012 22/05/12
WeatherBug 21/05/12
Dugenpal 21/05/12
Komodola 21/05/12
SpyGraphica 20/05/12
Windows Private Shield 20/05/12
WinMaximizer 19/05/12
Windows Pro Safety R... 18/05/12
Stekct 18/05/12
Linfo 18/05/12
Wiarp 18/05/12
Farfli 18/05/12
Happili redirect 18/05/12
Vasport 17/05/12
SeekService.com 17/05/12

Library of files:

mrt.exe 23/05/12
taskeng.exe 23/05/12
mplayer.exe 14/04/12
ccApp.exe 20/03/12
guest.js 06/03/12
BCU.exe 20/02/12
pbupdate.exe 20/02/12
dumprep.exe 20/02/12
arp.exe 12/02/12
hero remote control.... 08/02/12

Archive of files
Archive of startup entries