| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com library
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
More info about file ccsetmgr.exe |
Legitimate |
Item found in 2-spyware.com library
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status |
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
More info about file ccevtmgr.exe |
Legitimate |
Item found in 2-spyware.com library
ccEvtMgr.exe is an event logging application and runs at startup. It monitors virus alerts, virus... |
Change status |
C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
More info about file ccproxy.exe |
Legitimate |
Item found in 2-spyware.com library
File related to Symantec software |
Change status |
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
More info about file sndsrvc.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of Norton Internet Security and Norton Personal Firewall applications. It runs... |
Change status |
C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
More info about file spbbcsvc.exe |
Legitimate |
Item found in 2-spyware.com library
Essential component of Symantec's Norton Internet Security suite. |
Change status |
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe |
Legitimate |
Item found in 2-spyware.com library
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Acer\eManager\anbmServ.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\bmwebcfg.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\cisvc.exe
More info about file cisvc.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
More info about file navapsvc.exe |
Legitimate |
Item found in 2-spyware.com library
Norton AntiVirus application that provides auto-protection of the system. NAVAPSVC.EXE runs on... |
Change status |
C:\Programmi\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Spyware Doctor, a popular legitimate anti-spyware program. |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
More info about file aluschedulersvc.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Symantec anti-virus software. |
Change status |
C:\WINDOWS\system32\fxssvc.exe
More info about file fxssvc.exe |
Legitimate |
Item found in 2-spyware.com library
File fxssvc.exe stands for Microsoft Fax Service. It is a standard Windows component, designed to... |
Change status |
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
More info about file atiptaxx.exe |
Legitimate |
Item found in 2-spyware.com library
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status |
C:\WINDOWS\SOUNDMAN.EXE
More info about file soundman.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Realtek Avance Logic soundcards. SOUNDMAN.EXE provides system tray access to a varity of... |
Change status |
C:\WINDOWS\AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
Item found in 2-spyware.com library
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status |
C:\Programmi\ltmoh\Ltmoh.exe
More info about file ltmoh.exe |
Legitimate |
Item found in 2-spyware.com library
Modem On Hold utility. It handles incoming and outgoing calls while being connected to the Internet. |
Change status |
C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
More info about file syntplpr.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".
created by:... |
Change status |
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
More info about file syntpenh.exe |
Legitimate |
Item found in 2-spyware.com library
System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".
Change status |
|
| C:\PROGRA~1\LAUNCH~1\LManager.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programmi\Aspire Arcade\PCMService.exe
More info about file pcmservice.exe |
Legitimate |
Item found in 2-spyware.com library
From Dell: "The Dell Media Experience (DME) will ship on selected Dimension and Inspiron systems... |
Change status |
C:\WINDOWS\system32\rundll32.exe
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\Ahead\InCD\InCD.exe
More info about file incd.exe |
Legitimate |
Item found in 2-spyware.com library
InCD.exe is part of Nero CD Burning Software.
"Write to CDs and DVDs as if they were... |
Change status |
C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\WINDOWS\system32\RunDLL32.exe
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Programmi\Web Accelerator\slipcore.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
More info about file ccapp.exe |
Legitimate |
Item found in 2-spyware.com library
From Symantec: "ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status |
C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
More info about file datalayer.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Nokia PC Suite. |
Change status |
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
More info about file launchapplication.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Nokia PC Suite. |
Change status |
C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
More info about file savscan.exe |
Legitimate |
Item found in 2-spyware.com library
This executable file is a standard part of antivirus and security-related software, published by... |
Change status |
C:\WINDOWS\System32\alg.exe
More info about file alg.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
More info about file realsched.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Programmi\RamBooster 2.0\Rambooster.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Programmi\HDD Health\HDDHealth.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
More info about file googletoolbarnotifier.exe |
Legitimate |
Item found in 2-spyware.com library
|
Change status |
C:\Programmi\Spyware Doctor\swdoctor.exe
More info about file swdoctor.exe |
Legitimate |
Item found in 2-spyware.com library
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status |
| C:\Programmi\Microsoft Office\Office10\msoffice.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
More info about file nscsrvce.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Norton Internet Security Suite. |
Change status |
C:\WINDOWS\system32\cidaemon.exe
More info about file cidaemon.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to Microsoft Indexing Service - it is a complex system utility, which indexes... |
Change status |
C:\Programmi\Internet Explorer\iexplore.exe
More info about file iexplore.exe |
Questionable |
Process found in system process library but with a different location |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Programmi\File comuni\Symantec Shared\NMain.exe
More info about file nmain.exe |
Legitimate |
Item found in 2-spyware.com library
Executable nmain.exe is related to Norton Internet Security. It is used by the program to scan... |
Change status |
C:\Programmi\Internet Explorer\IEXPLORE.EXE
More info about file iexplore.exe |
Questionable |
Process found in system process library but with a different location |
Change status |
C:\Programmi\GetRight\getright.exe
More info about file getright.exe |
Legitimate |
Item found in 2-spyware.com library
GetRight Download Manager from Headlight Software, Inc. |
Change status |
C:\PROGRA~1\WINZIP\winzip32.exe
More info about file winzip32.exe |
Legitimate |
Item found in 2-spyware.com library
The existence of running winzip32.exe file indicates, that you have opened a WinZip archiver or a... |
Change status |
C:\Documents and Settings\Francesco Zigrino\Impostazioni locali\Temp\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
C:\Programmi\Messenger\msmsgs.exe
More info about file msmsgs.exe |
Legitimate |
Item found in 2-spyware.com library
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ |
Not necessary |
http://www.libero.it/ is your start page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=69157 is your Default Page URL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=54896 is your Default Search URL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=54896 is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer |
Not necessary |
Microsoft Internet Explorer is the title in your Internet Explorer window.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti |
Not necessary |
Collegamenti is your folder of IE toolbar links.
If you do not like this fact, fix this item. |
Change status |
| R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll |
Questionable |
If you do not recognize this entry name "Yahoo! Toolbar" and this path "C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll", then fix this item |
Change status |
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Programmi\GetRight\xx2gr.dll |
Legitimate |
legitimate bho toolbar, related to GetRight |
Change status
|
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Programmi\Web Accelerator\PBHelper.dll
More info about file pbhelper.dll |
Dangerous |
Spyware related item according to inner database
pbhelper.dll is a library file that is responsible for implementing main parasite functions and... |
Change status
|
| O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Programmi\Web Accelerator\components\NOWImaging.dll |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
More info about file nisshext.dll |
Legitimate |
Application program item according to inner database
A web browser toolbar belonging to Symantec AdBlocker, which is integrated into a variety of... |
Change status
|
O2 - BHO: CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
More info about file navshext.dll |
Legitimate |
Application program item according to inner database
Component of Norton Anti-virus. Located in "C:\Program Files\Norton AntiVirus\". Uses... |
Change status
|
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
More info about file googletoolbar2.dll |
Legitimate |
Application program item according to inner database
Google Toolbar for Internet Explorer. |
Change status
|
| O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
| O2 - BHO: CPub Object - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\WINDOWS\system32\bmbho.dll |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn2\yt.dll
More info about file yt.dll |
Legitimate |
Application program item according to inner database
Yahoo! Toolbar |
Change status
|
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmi\File comuni\Symantec Shared\AdBlocking\NISShExt.dll
More info about file nisshext.dll |
Legitimate |
Application program item according to inner database
A web browser toolbar belonging to Symantec AdBlocker, which is integrated into a variety of... |
Change status
|
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton Internet Security\Norton AntiVirus\NavShExt.dll
More info about file navshext.dll |
Legitimate |
Application program item according to inner database
Component of Norton Anti-virus. Located in "C:\Program Files\Norton AntiVirus\". Uses... |
Change status
|
| O4 - HKLM\..\Run: [LaunchApp] Alaunch |
Questionable |
HKLM - Run: [LaunchApp], file: (params - 'ch') |
Change status
|
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
More info about file atiptaxx.exe |
Legitimate |
System item according to inner database
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status
|
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
More info about file soundman.exe |
Legitimate |
System item according to inner database
Related to Realtek Avance Logic soundcards. SOUNDMAN.EXE provides system tray access to a varity of... |
Change status
|
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
More info about file agrsmmsg.exe |
Legitimate |
System item according to inner database
Modem software from Agere.com. AGRSMMSG.exe is located in "C:\WINDOWS\" on Windows 95/98/ME/XP and... |
Change status
|
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
More info about file ltmoh.exe |
Legitimate |
Application program item according to inner database
Modem On Hold utility. It handles incoming and outgoing calls while being connected to the Internet. |
Change status
|
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
More info about file syntplpr.exe |
Legitimate |
System item according to inner database
Related to Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".
created by:... |
Change status
|
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
More info about file syntpenh.exe |
Legitimate |
System item according to inner database
System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".<br... |
Change status
|
| O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [PCMService] "C:\Programmi\Aspire Arcade\PCMService.exe"
More info about file pcmservice.exe |
Legitimate |
System item according to inner database
From Dell: "The Dell Media Experience (DME) will ship on selected Dimension and Inspiron systems... |
Change status
|
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
More info about file imjpmig.exe |
Legitimate |
System item according to inner database
Related to Windows East Asian language support (Japanese keyboard entry). Located in... |
Change status
|
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
More info about file imscinst.exe |
Legitimate |
Application program item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\PINTLGNT\". |
Change status
|
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
| O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
O4 - HKLM\..\Run: [InCD] C:\Programmi\Ahead\InCD\InCD.exe
More info about file incd.exe |
Legitimate |
Application program item according to inner database
InCD.exe is part of Nero CD Burning Software.
<i>"Write to CDs and DVDs as if they were... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_07\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
| O4 - HKLM\..\Run: [VF0070 STISvc] RunDLL32.exe V0070Pin.dll,RunDLL32EP 513 |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programmi\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
More info about file monitor.exe |
Legitimate |
System item according to inner database
This file is a part of Monitor - it is a legitimate tool, which works in the command line. It is... |
Change status
|
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\PPE.EXE
More info about file ppe.exe |
Legitimate |
System item according to inner database
PPE stands for PCI Performance Enhancer. It is a program of Pinnacle and is used to speed up the... |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
| O4 - HKLM\..\Run: [SlipStream] "C:\Programmi\Web Accelerator\slipcore.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
More info about file ccapp.exe |
Legitimate |
System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status
|
O4 - HKLM\..\Run: [DataLayer] C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
More info about file datalayer.exe |
Legitimate |
Application program item according to inner database
The file belongs to Nokia PC Suite. |
Change status
|
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
More info about file launchapplication.exe |
Legitimate |
Application program item according to inner database
The file belongs to Nokia PC Suite. |
Change status
|
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
More info about file realsched.exe |
Legitimate |
Application program item according to inner database
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status
|
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
More info about file psdrvcheck.exe |
Legitimate |
Application program item according to inner database
Related to Pinnacle InstantCopy CD/DVD software. Located in "C:\WINDOWS\SYSTEM\" on Windows... |
Change status
|
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmi\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
More info about file apdproxy.exe |
Legitimate |
Application program item according to inner database
The file is related to Adobe Photoshop Album software. |
Change status
|
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\nbj.exe" |
Questionable |
questionable item according to our database |
Change status
|
| O4 - HKCU\..\Run: [RamBooster] C:\Programmi\RamBooster 2.0\Rambooster.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [HDDHealth] C:\Programmi\HDD Health\HDDHealth.exe -wl |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
More info about file googletoolbarnotifier.exe |
Legitimate |
System item according to inner database
|
Change status
|
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programmi\Spyware Doctor\swdoctor.exe" /Q
More info about file swdoctor.exe |
Legitimate |
Application program item according to inner database
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status
|
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
More info about file adobe gamma loader.exe |
Legitimate |
Application program item according to inner database
From adobe: "The Adobe Gamma Control Panel is used to eliminate color casts in a monitor's display.... |
Change status
|
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
More info about file osa.exe |
Legitimate |
Application program item according to inner database
The Office Startup Assistant (Osa.exe or OSA) is a program that improves the performance of Office... |
Change status
|
| O4 - Global Startup: SlipStream Web Accelerator.lnk = C:\Programmi\Web Accelerator\slipgui.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
Application program item according to inner database
Related to Adobe Acrobat Reader. |
Change status
|
| O8 - Extra context menu item: Download with GetRight - C:\Programmi\GetRight\GRdownload.htm |
Not necessary |
Do you want item 'Download with GetRight' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Open with GetRight Browser - C:\Programmi\GetRight\GRbrowse.htm |
Not necessary |
Do you want item 'Open with GetRight Browser' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Programmi\Java\jre1.5.0_07\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Legitimate |
Legitimate extra button in your browser - related to Spyware Doctor. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Messenger' and points to file 'C:\Programmi\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Windows Messenger' and points to file 'C:\Programmi\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O11 - Options group: [INTERNATIONAL] International* |
Questionable |
This item represents a group added to Advanced Options tab in IE Tools > Internet Options menu. Should the item called "INTERNATIONAL" be there? If not, fix it. |
Change status
|
| O14 - IERESET.INF: START_PAGE_URL=http://www.libero.it |
Questionable |
This item changes your "default" Start page in IE. It will appear if you Restore default web settings. If you are an administrator and you do not recognize address "", fix this item. |
Change status
|
| O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.0.6.2.cab |
Questionable |
Are you using an ActiveX object with a name 'DownloadManager Control' located in 'http://dlm.tools.akamai.com/dlmanager/versions
/activex/dlm-activex-2.0.6.2.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab |
Questionable |
Are you using an ActiveX object with a name 'YInstStarter Class' located in 'http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab'? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CCS\Services\Tcpip\..\{55919B0D-11C6-49B2-8624-0EB4B934AA70}: NameServer = 147.162.100.180,147.162.1.2 |
Questionable |
Do you recognize these IP addresses '147.162.100.180,147.162.1.2' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe |
Legitimate |
Required for PhotoshopCS |
Change status
|
| O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
| O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
More info about file ccevtmgr.exe |
Legitimate |
Item found in 2-spyware.com database.
ccEvtMgr.exe is an event logging application and runs at startup. It monitors virus alerts, virus... |
Change status
|
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\ccPwdSvc.exe
More info about file ccpwdsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
guess this has to do with teh entry of the password for norton, is it corrupt or what, did someone... |
Change status
|
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccProxy.exe
More info about file ccproxy.exe |
Legitimate |
Item found in 2-spyware.com database.
File related to Symantec... |
Change status
|
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
More info about file ccsetmgr.exe |
Legitimate |
Item found in 2-spyware.com database.
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status
|
| O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmi\Norton Internet Security\comHost.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programmi\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
More info about file lucoms~1.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Symantecs Internet security suite... |
Change status
|
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\navapsvc.exe
More info about file navapsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Norton AntiVirus application that provides auto-protection of the system. NAVAPSVC.EXE runs on... |
Change status
|
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
More info about file nscsrvce.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Norton Internet Security... |
Change status
|
| O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe |
Legitimate |
SiSoftware Sandra Lite 2005 |
Change status
|
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton Internet Security\Norton AntiVirus\SAVScan.exe
More info about file savscan.exe |
Legitimate |
Item found in 2-spyware.com database.
This executable file is a standard part of antivirus and security-related software, published by... |
Change status
|
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmi\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com database.
A part of Spyware Doctor, a popular legitimate anti-spyware... |
Change status
|
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
More info about file sndsrvc.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a part of Norton Internet Security and Norton Personal Firewall applications. It runs... |
Change status
|
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
More info about file spbbcsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Essential component of Symantec's Norton Internet Security... |
Change status
|
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status
|
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
More info about file aluschedulersvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Symantec anti-virus... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
