Results of analyzing your log

The HijackThis log analyzer beta 2 is a brand new service, so it is natural that it may have a few issues with entry descriptions and status. You can help us to improve the analyzer! If you have some information on unknown items, please share it with us and thousands of 2-Spyware.com visitors. We will carefully check your submission and approve it, if it is correct. You can also change status of entries that do not look identified correctly to you. Also feel free to post your description for existing items. We will review and add it to the analyzer's database. Thank you!

Files and registry entries considered to be safe

Legitimate items	66	69%
Not necessary items	6	6%
	72	75%

File and registry entries that can be both dangerous or safe

Questionable items	3	3%
Unknown items	21	22%
	24	25%

Files and registry entries considered to be DANGEROUS. Fix immediately!

Dangerous items

Line:	Status:	Comments:	Actions:
C:\WINDOWS\System32\smss.exe More info about file smss.exe	Legitimate		Change status
C:\WINDOWS\system32\csrss.exe More info about file csrss.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\winlogon.exe More info about file winlogon.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\services.exe More info about file services.exe	Legitimate	In most of cases it is legitimate system process, only sometimes can be used by malicious software	Change status
C:\WINDOWS\system32\lsass.exe More info about file lsass.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe More info about file evteng.exe	Legitimate	Item found in 2-spyware.com library EvtEng.exe is an application process related to Intel EvtEng Module. It provides additional support...	Change status
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe More info about file s24evmon.exe	Legitimate	Item found in 2-spyware.com library Related to special software required by Intel wireless hardware. It allows to configure and...	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe More info about file zcfgsvc.exe	Legitimate	Item found in 2-spyware.com library ZcfgSvc.exe is a part of Intel wireless hardware drivers. Allows to monitor and configure the...	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\spoolsv.exe More info about file spoolsv.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe More info about file syntplpr.exe	Legitimate	Item found in 2-spyware.com library syntplpr.exe is a legitimate process related to Synaptics touch pads. Located in "C:\Program...	Change status
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe More info about file syntpenh.exe	Legitimate	Item found in 2-spyware.com library System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".	Change status
C:\Program Files\Java\jre6\bin\jusched.exe More info about file jusched.exe	Legitimate	Item found in 2-spyware.com library Checks if there are new versions of Java available.	Change status
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe More info about file drgtodsc.exe	Legitimate	Item found in 2-spyware.com library Roxio Drag To Disc. It is a special tool that allows to drag files on its system tray icon in order...	Change status
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe More info about file ifrmewrk.exe	Legitimate	Item found in 2-spyware.com library ifrmewrk.exe is an essential part of Intel wireless hardware drivers.	Change status
C:\WINDOWS\system32\igfxtray.exe More info about file igfxtray.exe	Legitimate	Item found in 2-spyware.com library From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),...	Change status
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe More info about file 1xconfig.exe	Legitimate	Item found in 2-spyware.com library This is a part of the drivers for USB devices. It also is related to special monitoring and...	Change status
C:\WINDOWS\explorer.exe More info about file explorer.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe More info about file bullguardupdate.exe	Legitimate	Item found in 2-spyware.com library	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Fujitsu HandyDrive\Password\F3EJTHDD.EXE	Unknown	No exact entries found	Insert file into database
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe More info about file googleupdaterservice.exe	Legitimate	Item found in 2-spyware.com library Service for Google Updater	Change status
C:\Program Files\Java\jre6\bin\jqs.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe More info about file oprotsvc.exe	Legitimate	Item found in 2-spyware.com library OProtSvc.exe is an application process that is related to PROSet Wireless software. You should not...	Change status
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe More info about file regsrvc.exe	Legitimate	Item found in 2-spyware.com library regsrvc.exe is an essential part of Intel wireless hardware drivers. Do not terminate or delete it...	Change status
C:\WINDOWS\System32\alg.exe More info about file alg.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\wuauclt.exe More info about file wuauclt.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\msiexec.exe More info about file msiexec.exe	Legitimate	Item found in 2-spyware.com library This file is related to Microsoft Windows Installer - it is a system component, used to handle MSI...	Change status
C:\Program Files\Spyware Doctor\pctsAuxs.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Spyware Doctor\pctsSvc.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Spyware Doctor\pctsTray.exe	Unknown	No exact entries found	Insert file into database
C:\WINDOWS\system32\wbem\wmiprvse.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe More info about file hijackthis.exe	Legitimate	Item found in 2-spyware.com library This is the main component of HijackThis security application, designed to perform system scans and...	Change status
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/	Legitimate	http://www.google.co.uk/ is your start page. This is a legitimate page.	Change status
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843	Unknown	No exact entries found	Change status
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll More info about file acroiehelper.dll	Legitimate	Application program item according to inner database File related to Adobe Acrobat Reader program.	Change status
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll More info about file ssv.dll	Legitimate	System item according to inner database Related to Java Virtual Machine software, which is legitimate.	Change status
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll More info about file googletoolbar2.dll	Legitimate	Application program item according to inner database Google Toolbar for Internet Explorer.	Change status
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll More info about file swg.dll	Legitimate	System item according to inner database google toolbar notifier	Change status
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll More info about file jp2ssv.dll	Legitimate	System item according to inner database	Change status
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll More info about file jqs_plugin.dll	Legitimate	System item according to inner database	Change status
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe More info about file syntplpr.exe	Legitimate	System item according to inner database syntplpr.exe is a legitimate process related to Synaptics touch pads. Located in "C:\Program...	Change status
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe More info about file syntpenh.exe	Legitimate	System item according to inner database System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".<br...	Change status
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" More info about file jusched.exe	Legitimate	Application program item according to inner database Checks if there are new versions of Java available.	Change status
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" More info about file drgtodsc.exe	Legitimate	Application program item according to inner database Roxio Drag To Disc. It is a special tool that allows to drag files on its system tray icon in order...	Change status
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless More info about file ifrmewrk.exe	Legitimate	Driver related item according to inner database. ifrmewrk.exe is an essential part of Intel wireless hardware drivers.	Change status
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe More info about file igfxtray.exe	Legitimate	System item according to inner database From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),...	Change status
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe More info about file hkcmd.exe	Legitimate	System item according to inner database hkcmd.exe is a system process related to the Hotkey Command Module for Intel Graphics Contollers....	Change status
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe More info about file eouwiz.exe	Legitimate	Application program item according to inner database EOUWiz.exe is related to the PROSet Wireless software. You should not terminate this process or...	Change status
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -boot	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime More info about file qttask.exe	Legitimate	Application program item according to inner database Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\"....	Change status
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" More info about file ituneshelper.exe	Legitimate	Application program item according to inner database Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\".	Change status
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot More info about file realsched.exe	Legitimate	Application program item according to inner database Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\".	Change status
O4 - HKLM\..\Run: [BHR] C:\Program Files\Zamaan''s Software\Browser Hijack Retaliator 4.5\BHR.exe	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\RunOnce: [Malwarebytes'' Anti-Malware] C:\Program Files\Malwarebytes'' Anti-Malware\mbamgui.exe /install /silent	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe More info about file ctfmon.exe	Legitimate	Application program item according to inner database When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)...	Change status
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 More info about file adobeupdatemanager.exe	Legitimate	Application program item according to inner database Related to Adobe Acrobat Reader.	Change status
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe More info about file teatimer.exe	Legitimate	Application program item according to inner database File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background...	Change status
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ''SYSTEM'')	Questionable	Application program item according to inner database File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background...	Change status
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ''Default user'')	Questionable	Application program item according to inner database File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background...	Change status
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe More info about file reader_sl.exe	Legitimate	A part of Adobe Acrobat Reader. Used to speed up the program's launch time.	Change status
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL	Not necessary	This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)	Not necessary	Fix this item. It represents extra button in your IE toolbar and points to file that doesn't exist.	Change status
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll	Not necessary	This item represents extra button in your IE toolbar without name and points to file 'C:\PROGRA~1\SPYBOT~1\SDHelper.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra ''Tools'' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll	Not necessary	This item represents extra menu item in your Tools menu in IE with a name 'Spybot' and points to file '{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe	Not necessary	This item represents extra button in your IE toolbar without name and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item.	Change status
O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe	Not necessary	This item represents extra menu item in your Tools menu in IE with a name '@xpsp3res.dll,-20001' and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe	Legitimate	Legitimate extra button in your browser - related to windows messenger.	Change status
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe	Legitimate	Legitimate extra tools menu item - related to Windows Messenger.	Change status
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls /en/x86/client/wuweb_site.cab?1094724646427	Questionable	Are you using an ActiveX object with a name 'WUWebControl Class' located in 'http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls /en/x86/client/wuweb_site.cab?1094724646427'? If not, fix this item.	Change status
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe More info about file bullguardupdate.exe	Legitimate	Item found in 2-spyware.com database. ...	Change status
O23 - Service: BGRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe More info about file evteng.exe	Legitimate	Item found in 2-spyware.com database. EvtEng.exe is an application process related to Intel EvtEng Module. It provides additional support...	Change status
O23 - Service: HandyDrive Password Lock Tool Service (F3EJTHDD) - FUJITSU LIMITED - C:\Program Files\Fujitsu HandyDrive\Password\F3EJTHDD.EXE	Unknown	No exact entries found	Insert file into database
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe More info about file googleupdaterservice.exe	Legitimate	Item found in 2-spyware.com database. Service for Google...	Change status
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe	Legitimate	Related to Macrovision Corporation.	Change status
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe More info about file ipodservice.exe	Legitimate	Item found in 2-spyware.com database. This is a legitimate component of iTunes music program. It offers wide range of music playing and...	Change status
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe More info about file oprotsvc.exe	Legitimate	Item found in 2-spyware.com database. OProtSvc.exe is an application process that is related to PROSet Wireless software. You should not...	Change status
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe More info about file regsrvc.exe	Legitimate	Item found in 2-spyware.com database. regsrvc.exe is an essential part of Intel wireless hardware drivers. Do not terminate or delete it...	Change status
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe More info about file s24evmon.exe	Legitimate	Item found in 2-spyware.com database. Related to special software required by Intel wireless hardware. It allows to configure and...	Change status
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe	Unknown	No exact entries found	Insert file into database

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

Recommended software:

Malwarebytes Anti Malware

(91/100)

There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t have many features. One such...

SpyHunter

(89/100)

SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are not computer savvy, but...

Spyware Doctor

(87/100)

Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and easy-to-manage...

STOPzilla

(86/100)

STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses, and viruses....

XoftSpySE Anti Spyware

(84/100)

XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to install and use. Trial version...

Latest Spyware news:

• Carl A Someone signature loved by spammers
• State of Utah Reveals Why 780k People Records Were Stolen
• The iPhone And iPad Are Targets For Hackers
• Malicious tweets spread rogue AV infecting Android users
• Be aware about malware spread via hotel Wi-Fi connections
• SecureCloud Key Management Systems Released by Trend Micro
• Microsoft and Adobe Releases Critical Security Updates. Update Now!
• Internet Apocalypsis Upcoming - Prepare for DNSChanger Servers Closure
• Hacks Through Compromised Websites Increases Rapidly, Says Symantec
• Facebook judged for its privacy controls

Subscribe to news

Encyclopedia of parasites:

ErrorSmart 24/05/12
Windows Safety Maint... 24/05/12
Windows Multi Contro... 23/05/12
System Protection Tools 23/05/12
Redirect 22/05/12
Windows Secure Kit 2012 22/05/12
WeatherBug 21/05/12
Dugenpal 21/05/12
Komodola 21/05/12
SpyGraphica 20/05/12
Windows Private Shield 20/05/12
WinMaximizer 19/05/12
Windows Pro Safety R... 18/05/12
Stekct 18/05/12
Linfo 18/05/12
Wiarp 18/05/12
Farfli 18/05/12
Happili redirect 18/05/12
Vasport 17/05/12
SeekService.com 17/05/12

Library of files:

mrt.exe 23/05/12
taskeng.exe 23/05/12
mplayer.exe 14/04/12
ccApp.exe 20/03/12
guest.js 06/03/12
BCU.exe 20/02/12
pbupdate.exe 20/02/12
dumprep.exe 20/02/12
arp.exe 12/02/12
hero remote control.... 08/02/12

Archive of files
Archive of startup entries