| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
More info about file mpfservice.exe |
Legitimate |
Item found in 2-spyware.com library
The file related to McAfee Personal Firewall Service |
Change status |
| C:\Program Files\Nakido\nakido.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\RioMSC.exe
More info about file riomsc.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to RIO MP3 player application. |
Change status |
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
More info about file starwindservice.exe |
Legitimate |
Item found in 2-spyware.com library
StarWindService.exe is a process which belongs to Alcohol 120% and provides network drive sharing... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
More info about file soffice.exe |
Legitimate |
Item found in 2-spyware.com library
Vital component of the OpenOffice.org suite |
Change status |
| C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
More info about file soffice.bin |
Legitimate |
Item found in 2-spyware.com library
Vital component of the OpenOffice.org suite |
Change status |
C:\WINDOWS\SYSTEM32\s?stem32\w?aclt.exe
More info about file w?aclt.exe |
Dangerous |
Item found in 2-spyware.com library
The file belongs to Clickspring adware. |
Change status |
| C:\Program Files\NJStar Communicator\Njcom32.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\MOZILL~1\plugins\GetFlash.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\explorer.exe
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\AIM\aim.exe
More info about file aim.exe |
Legitimate |
Item found in 2-spyware.com library
AOL Instant Messenger. Located in "C:Program FilesAIM95". File aim.exe is related to trojan AIM... |
Change status |
C:\WINDOWS\system32\ishost.exe
More info about file ishost.exe |
Dangerous |
Item found in 2-spyware.com library
ishost.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status |
| C:\WINDOWS\system32\ismini.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\issearch.exe
More info about file issearch.exe |
Dangerous |
Item found in 2-spyware.com library
The file is related to trojan downloader. It performs dangerous activities on your computer: logs... |
Change status |
C:\WINDOWS\system32\isnotify.exe
More info about file isnotify.exe |
Dangerous |
Item found in 2-spyware.com library
The file is related to trojan downloader. It performs dangerous activities on your computer: logs... |
Change status |
| C:\Program Files\Azureus\Azureus.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\WINDOWS\system32\taskmgr.exe
More info about file taskmgr.exe |
Legitimate |
Windows Task Manager |
Change status |
| C:\DOCUME~1\Firemann\LOCALS~1\Temp\Temporary Directory 1 for |
Unknown |
No exact entries found |
Insert file into database
|
| R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = |
Not necessary |
This is your folder of IE toolbar links, but it points to nowhere.
If you do not like this fact, fix this item. |
Change status |
| R3 - URLSearchHook: (no name) - {DC4AB282-0A47-74CB-1BD2-7FF2BF071497} - |
Questionable |
If you do not recognize this path "", then fix this item |
Change status |
| R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no |
Questionable |
If you do not recognize this path "(no", then fix this item |
Change status |
| O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05 |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
More info about file mcagent.exe |
Legitimate |
Application program item according to inner database
Part of McAfee Anti-Virus. Located in "c:\Program Files\mcafee.com\agent\". |
Change status
|
| O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe |
Legitimate |
An update utility used by the legitimate McAfee VirusScan antivirus. |
Change status
|
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
More info about file mpftray.exe |
Legitimate |
Application program item according to inner database
The file belongs to McAfee Internet Security suite. |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
| O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0 |
Questionable |
HKLM - Run: [RegisterDropHandler], file: (params - 'OGRA~1\TEXTBR~1.0') |
Change status
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
| O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
More info about file sm1bg.exe |
Legitimate |
System item according to inner database
SM1bg.exe is the "Cypress USB Mass Storage Adapter" from "Cypress Semiconductor". It comes with... |
Change status
|
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
System item according to inner database
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status
|
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
System item according to inner database
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status
|
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
More info about file igfxpers.exe |
Legitimate |
Application program item according to inner database
Related to the integrated intel graphics adapter driver. |
Change status
|
| O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [fpougih.dll] C:\WINDOWS\system32\rundll32.exe |
Unknown |
No exact entries found |
Change status
|
| O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [SpyQuake2.com] C:\Program Files\SpyQuake2.com\Spy- |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0 |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe"
More info about file dsagnt.exe |
Legitimate |
Application program item according to inner database
Dell Support Agent. It is a special utility offering additional support and providing updates for... |
Change status
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - HKCU\..\Run: [Tek] C:\WINDOWS\SYSTEM32\SSTEM3~1\WACLT~1.EXE |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [Sen] "C:\DOCUME~1\Firemann\MYDOCU~1\ASKS~1\cmd.exe" -vt
More info about file cmd.exe |
Legitimate |
System item according to inner database
Command prompt tool that comes with Windows NT/2000/XP. Located in "C:\WINNT\SYSTEM32" on Windows... |
Change status
|
| O4 - HKCU\..\Run: [SysProtect Free] "C:\Program Files\SysProtect |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0 |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft |
Unknown |
No exact entries found |
Insert file into database
|
| O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - |
Not necessary |
This item represents extra button in your IE toolbar with a name 'UltimateBet' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA- |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'UltimateBet' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AIM' and points to file 'C:\Program'. If you do not want it to be there, fix this item. |
Change status
|
| O15 - Trusted Zone: http://locator.cdn.imageservr.com |
Questionable |
Do you want URL pattern "http://locator.cdn.imageservr.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - |
Questionable |
Are you using an ActiveX object with no name located in ''? If not, fix this item. |
Change status
|
| O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - |
Questionable |
Are you using an ActiveX object with no name located in ''? If not, fix this item. |
Change status
|
| O20 - AppInit_DLLs: |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common |
Legitimate |
Required for PhotoshopCS |
Change status
|
| O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program |
Legitimate |
Related to McAfee.com Personal Firewall |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
| O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1 |
Legitimate |
Related to McAfee |
Change status
|
| O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, |
Legitimate |
McAfee Antivirus updater |
Change status
|
| O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - |
Legitimate |
McAfee AntiVirus |
Change status
|
| O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Nakido - Nakido - C:\Program Files\Nakido\nakido.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - |
Legitimate |
Intel NCS NetService |
Change status
|
| O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, |
Legitimate |
Related to Digital Networks North America. |
Change status
|
| O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division |
Legitimate |
StarWindService.exe
is a process which belongs to Alcohol 120% DVD/CD emulation and burning software and provides network drive sharing capabilities to this product. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems. |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
