| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com library
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
More info about file ccevtmgr.exe |
Legitimate |
Item found in 2-spyware.com library
ccEvtMgr.exe is an event logging application and runs at startup. It monitors virus alerts, virus... |
Change status |
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
More info about file navapsvc.exe |
Legitimate |
Item found in 2-spyware.com library
Norton AntiVirus application that provides auto-protection of the system. NAVAPSVC.EXE runs on... |
Change status |
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
More info about file nprotect.exe |
Legitimate |
Item found in 2-spyware.com library
NPROTECT.EXE is part of Norton Antivirus. NPROTECT.EXE is located in "C:\PROGRAM FILES\NORTON... |
Change status |
| C:\Program Files\CyberLink\Shared files\RichVideo.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Spyware Doctor, a popular legitimate anti-spyware program. |
Change status |
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
More info about file nopdb.exe |
Legitimate |
Item found in 2-spyware.com library
NOPDB.EXE is a service used by Speed Disk, part of Norton SystemWorks 2003. It is mainly associated... |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
| C:\WINDOWS\System32\WFXSVC.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\WinFax\WFXMOD32.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\wwSecure.exe
More info about file wwsecure.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Webroot Window Washer application. |
Change status |
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
More info about file symwsc.exe |
Legitimate |
Item found in 2-spyware.com library
File symwsc.exe is included in Norton Antivirus program. It runs background process, which... |
Change status |
C:\WINDOWS\System32\alg.exe
More info about file alg.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
Item found in 2-spyware.com library
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status |
C:\WINDOWS\System32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
Item found in 2-spyware.com library
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status |
| C:\program files\TV Capture Card\RecSche.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
More info about file hpztsb04.exe |
Legitimate |
Item found in 2-spyware.com library
File hpztsb04.exe is an essential component of Hewlett-Packard printer drivers. It is responsible... |
Change status |
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
More info about file hpgs2wnd.exe |
Legitimate |
Item found in 2-spyware.com library
Hewlett Packard Share-to-Web utility built into thier products. |
Change status |
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
More info about file hpgs2wnf.exe |
Legitimate |
Item found in 2-spyware.com library
Related to software from HP. Located in "C:\Program Files\Hewlett-Packard\HP Share-to-Web\". |
Change status |
C:\PROGRA~1\WinFax\WFXSWTCH.exe
More info about file wfxswtch.exe |
Legitimate |
Item found in 2-spyware.com library
Part of the Norton WinFax software. |
Change status |
| C:\WINDOWS\system32\wfxsnt40.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
More info about file pdvdserv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to some DVD playing programs like CyberLink PowerDVD. Provides support for the DVD drive's... |
Change status |
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
More info about file ccapp.exe |
Legitimate |
Item found in 2-spyware.com library
From Symantec: "ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status |
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\Ahead\InCD\InCD.exe
More info about file incd.exe |
Legitimate |
Item found in 2-spyware.com library
InCD.exe is part of Nero CD Burning Software.
"Write to CDs and DVDs as if they were... |
Change status |
C:\Program Files\iTunes\iTunesHelper.exe
More info about file ituneshelper.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status |
C:\Program Files\QuickTime\qttask.exe
More info about file qttask.exe |
Legitimate |
Item found in 2-spyware.com library
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status |
C:\Program Files\Winamp\winampa.exe
More info about file winampa.exe |
Legitimate |
Item found in 2-spyware.com library
System tray icon for Winamp. |
Change status |
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
More info about file realsched.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status |
C:\Program Files\ICQLite\ICQLite.exe
More info about file icqlite.exe |
Legitimate |
Item found in 2-spyware.com library
ICQ Lite is an instant messaging software. Located in "C:\Program Files\ICQLite\". |
Change status |
C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com library
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status |
| C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Messenger\msmsgs.exe
More info about file msmsgs.exe |
Legitimate |
Item found in 2-spyware.com library
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
More info about file ad-watch.exe |
Legitimate |
Item found in 2-spyware.com library
Related to ad-aware anti-spyware program. |
Change status |
| C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Webroot\Washer\wwDisp.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\ASEMBL~1\rundll.exe
More info about file rundll.exe |
Questionable |
Process found in system process library but with a different location |
Change status |
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
More info about file servicelayer.exe |
Legitimate |
Item found in 2-spyware.com library
|
Change status |
C:\Program Files\Spyware Doctor\swdoctor.exe
More info about file swdoctor.exe |
Legitimate |
Item found in 2-spyware.com library
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status |
| C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\WinFax\WFXCTL32.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\FinePixViewer\QuickDCF.exe
More info about file quickdcf.exe |
Legitimate |
Item found in 2-spyware.com library
A part of legitimate software bundled with Fuji digital cameras. |
Change status |
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
More info about file sysdoc32.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Norton System Utilities. |
Change status |
C:\Program Files\WinZip\WZQKPICK.EXE
More info about file wzqkpick.exe |
Legitimate |
Item found in 2-spyware.com library
System tray icon for WinZip software by Niko Mak Computing, Inc. WZQKPick.exe is located in... |
Change status |
| C:\Program Files\NJStar Chinese Calendar\NJCalend.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\ntvdm.exe
More info about file ntvdm.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Microsoft Office\Office10\msoffice.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Internet Explorer\iexplore.exe
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
D:\My Downloads\Spyware Removal\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php |
Not necessary |
http://google.icq.com/search/search_frame.php is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com |
Not necessary |
http://google.icq.com is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.singnet.com.sg/ |
Not necessary |
http://www.singnet.com.sg/ is your start page.
If you do not like this fact, fix this item. |
Change status |
| R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status |
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O2 - BHO: (no name) - {8bf5b8fc-11cb-409f-8c91-4d4ca04a1b6d} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
More info about file windowslivelogin.dll |
Legitimate |
Application program item according to inner database
The file belongs to Microsoft Windows Live application. |
Change status
|
| O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
| O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
More info about file navshext.dll |
Legitimate |
Application program item according to inner database
Component of Norton Anti-virus. Located in "C:\Program Files\Norton AntiVirus\". Uses... |
Change status
|
| O2 - BHO: (no name) - {c3703265-4671-4858-92a4-cba6a7b3bb45} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
More info about file navshext.dll |
Legitimate |
Application program item according to inner database
Component of Norton Anti-virus. Located in "C:\Program Files\Norton AntiVirus\". Uses... |
Change status
|
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
More info about file navshext.dll |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
More info about file imjpmig.exe |
Legitimate |
System item according to inner database
Related to Windows East Asian language support (Japanese keyboard entry). Located in... |
Change status
|
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
System item according to inner database
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status
|
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
System item according to inner database
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status
|
| O4 - HKLM\..\Run: [RecSche] c:\program files\TV Capture Card\RecSche.exe /Startup |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
More info about file hpztsb04.exe |
Legitimate |
Application program item according to inner database
File hpztsb04.exe is an essential component of Hewlett-Packard printer drivers. It is responsible... |
Change status
|
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
More info about file hpgs2wnd.exe |
Legitimate |
System item according to inner database
Hewlett Packard Share-to-Web utility built into thier products. |
Change status
|
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\WinFax\WFXSWTCH.exe
More info about file wfxswtch.exe |
Legitimate |
System item according to inner database
Part of the Norton WinFax software. |
Change status
|
| O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
More info about file pdvdserv.exe |
Legitimate |
Application program item according to inner database
Related to some DVD playing programs like CyberLink PowerDVD. Provides support for the DVD drive's... |
Change status
|
| O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
More info about file ccapp.exe |
Legitimate |
System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status
|
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
More info about file ccregvfy.exe |
Legitimate |
Application program item according to inner database
ccRegVfy.exe is responsible for checking the integrity of the Norton product registry entries to... |
Change status
|
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
More info about file sndmon.exe |
Legitimate |
Application program item according to inner database
This is the main part of LiveUpdate tool, published by Symantec. It is required to update all... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
More info about file incd.exe |
Legitimate |
Application program item according to inner database
InCD.exe is part of Nero CD Burning Software.
<i>"Write to CDs and DVDs as if they were... |
Change status
|
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
More info about file regshave.exe |
Legitimate |
Application program item according to inner database
REGSHAVE.EXE cleans up some registry entries after or before installation of software from Fuji.... |
Change status
|
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
More info about file ituneshelper.exe |
Legitimate |
Application program item according to inner database
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
More info about file winampa.exe |
Legitimate |
Application program item according to inner database
System tray icon for Winamp. |
Change status
|
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
More info about file realsched.exe |
Legitimate |
Application program item according to inner database
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status
|
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
More info about file icqlite.exe |
Legitimate |
Application program item according to inner database
ICQ Lite is an instant messaging software. Located in "C:\Program Files\ICQLite\". |
Change status
|
| O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvrup.dll,startup |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
More info about file ad-watch.exe |
Legitimate |
Application program item according to inner database
Related to ad-aware anti-spyware program. |
Change status
|
| O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe /startup |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKCU\..\Run: [Snae] "C:\WINDOWS\ASEMBL~1\rundll.exe" -vt yazb
More info about file rundll.exe |
Dangerous |
Spyware related item according to inner database
rundll.exe is an executable file which primary purpose is to start a parasite or launch some of its... |
Change status
|
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
More info about file swdoctor.exe |
Legitimate |
Application program item according to inner database
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status
|
| O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot |
Questionable |
Application program item according to inner database
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status
|
| O4 - Startup: NJStar Chinese Calendar.lnk = C:\Program Files\NJStar Chinese Calendar\NJCalend.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
A part of Adobe Acrobat Reader. Used to speed up the program's launch time. |
Change status
|
| O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: Controller.LNK = C:\Program Files\WinFax\WFXCTL32.EXE |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
More info about file quickdcf.exe |
Legitimate |
System item according to inner database
A part of legitimate software bundled with Fuji digital cameras. |
Change status
|
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
More info about file osa.exe |
Legitimate |
Application program item according to inner database
The Office Startup Assistant (Osa.exe or OSA) is a program that improves the performance of Office... |
Change status
|
O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
More info about file sysdoc32.exe |
Legitimate |
Application program item according to inner database
The file belongs to Norton System Utilities. |
Change status
|
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
More info about file wzqkpick.exe |
Legitimate |
Application program item according to inner database
System tray icon for WinZip software by Niko Mak Computing, Inc. WZQKPick.exe is located in... |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Legitimate |
Legitimate extra button in your browser - related to Spyware Doctor. |
Change status
|
| O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe |
Legitimate |
Legitimate extra button in your browser - related to ICQ Lite chat program. |
Change status
|
| O9 - Extra ''Tools'' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'ICQ Lite' and points to file 'C:\Program Files\ICQLite\ICQLite.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1155371986609 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
| O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab |
Questionable |
Are you using an ActiveX object with a name 'ZoneIntro Class' located in 'http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab'? If not, fix this item. |
Change status
|
| O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "livecall" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "msnim" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll |
Legitimate |
Related to Intel(R) integrated graphics controller |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe |
Legitimate |
Required for PhotoshopCS |
Change status
|
| O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe |
Legitimate |
BlueSoleil
is a Bluetooth device manager for Windows. Made by the IVT_Corporation
The file associated with this service is found in the Program Files\IVT Corporation\BlueSoleil folder. |
Change status
|
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
More info about file ccevtmgr.exe |
Legitimate |
Item found in 2-spyware.com database.
ccEvtMgr.exe is an event logging application and runs at startup. It monitors virus alerts, virus... |
Change status
|
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
More info about file ccpwdsvc.exe |
Legitimate |
Runs Common Client Password Validation Service on every Windows startup. Used by legitimate Symantec software. |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
More info about file navapsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Norton AntiVirus application that provides auto-protection of the system. NAVAPSVC.EXE runs on... |
Change status
|
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
More info about file nprotect.exe |
Legitimate |
Item found in 2-spyware.com database.
NPROTECT.EXE is part of Norton Antivirus. NPROTECT.EXE is located in "C:\PROGRAM FILES\NORTON... |
Change status
|
| O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
More info about file sbserv.exe |
Legitimate |
Item found in 2-spyware.com database.
Part of Norton Anti-virus. SBServ.exe is located in "C:\Program Files\Common Files\Symantec... |
Change status
|
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com database.
A part of Spyware Doctor, a popular legitimate anti-spyware... |
Change status
|
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
More info about file servicelayer.exe |
Legitimate |
Item found in 2-spyware.com database.
... |
Change status
|
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
More info about file sndsrvc.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a part of Norton Internet Security and Norton Personal Firewall applications. It runs... |
Change status
|
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
More info about file nopdb.exe |
Legitimate |
Item found in 2-spyware.com database.
NOPDB.EXE is a service used by Speed Disk, part of Norton SystemWorks 2003. It is mainly associated... |
Change status
|
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
More info about file symwsc.exe |
Legitimate |
Item found in 2-spyware.com database.
File symwsc.exe is included in Norton Antivirus program. It runs background process, which... |
Change status
|
| O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\System32\WFXSVC.EXE |
Legitimate |
Symantec Corporation |
Change status
|
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\System32\wwSecure.exe
More info about file wwsecure.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Webroot Window Washer... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
