| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
Item found in 2-spyware.com library
hkcmd.exe is a system process related to the Hotkey Command Module for Intel Graphics Contollers.... |
Change status |
| C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\BCMSMMSG.exe
More info about file bcmsmmsg.exe |
Legitimate |
Item found in 2-spyware.com library
File bcmsmmsg.exe is related to a background task that is functioning as a modem's driver. It is... |
Change status |
C:\Program Files\AIM\aim.exe
More info about file aim.exe |
Legitimate |
Item found in 2-spyware.com library
AOL Instant Messenger. Located in "C:Program FilesAIM95". File aim.exe is related to trojan AIM... |
Change status |
| C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
More info about file aolacsd.exe |
Legitimate |
Item found in 2-spyware.com library
This is a standard component of AOL 9.0 Internet connection software. File aolacsd.exe is required... |
Change status |
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
More info about file aoltsmon.exe |
Legitimate |
Item found in 2-spyware.com library
Related to AOL TopSpeed software, which increases Internet connection speed. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\trlrm\RMHSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
More info about file aoltpspd.exe |
Legitimate |
Item found in 2-spyware.com library
Main component of AOL TopSpeed software, which increases Internet connection speed. |
Change status |
C:\WINDOWS\System32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
| C:\Program Files\Viewpoint\Common\ViewpointService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
More info about file viewmgr.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of media player, which can act as an adware program. This player appears to be a... |
Change status |
C:\WINDOWS\System32\wuauclt.exe
More info about file wuauclt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
More info about file winword.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft Word, which is started by winword.exe file, is a text processing program, included in... |
Change status |
C:\WINDOWS\explorer.exe
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank |
Not necessary |
about:blank is your start page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll |
Questionable |
If you do not recognize this entry name "AOLSearchHook Class" and this path "C:\Program Files\AIM Search\AOLSearch.dll", then fix this item |
Change status |
| O1 - Hosts: ::1 localhost |
Questionable |
Do you want an URL address "localhost" to be redirected to "::1" when you type it? If not, then fix this |
|
| O1 - Hosts: 91.212.65.122 browser-security.microsoft.com |
Questionable |
Do you want an URL address "browser-security.microsoft.com" to be redirected to "91.212.65.122" when you type it? If not, then fix this |
|
| O1 - Hosts: 91.212.65.122 spyware-protector-2009.com |
Questionable |
Do you want an URL address "spyware-protector-2009.com" to be redirected to "91.212.65.122" when you type it? If not, then fix this |
|
| O1 - Hosts: 91.212.65.122 www.spyware-protector-2009.com |
Questionable |
Do you want an URL address "www.spyware-protector-2009.com" to be redirected to "91.212.65.122" when you type it? If not, then fix this |
|
| O1 - Hosts: 91.212.65.122 secure.spyware-protector-2009.com |
Questionable |
Do you want an URL address "secure.spyware-protector-2009.com" to be redirected to "91.212.65.122" when you type it? If not, then fix this |
|
| O1 - Hosts: 91.212.65.122 knocker |
Questionable |
Do you want an URL address "knocker" to be redirected to "91.212.65.122" when you type it? If not, then fix this |
|
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: (no name) - {2f283136-34e6-4993-a9a6-c7fcc4383350} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: BHO - {ABD42510-9B22-41cd-9DCD-8182A2D07C63} - C:\WINDOWS\system32\iehelper.dll (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
More info about file swg.dll |
Legitimate |
System item according to inner database
google toolbar notifier |
Change status
|
| O2 - BHO: (no name) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll |
Legitimate |
legitimate bho, related to Trlokom SpyWall |
Change status
|
| O2 - BHO: (no name) - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
More info about file msdxm.ocx |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O3 - Toolbar: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll
More info about file msdxm.ocx |
Legitimate |
legitimate bho, related to Trlokom SpyWall |
Change status
|
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
System item according to inner database
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status
|
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
System item according to inner database
hkcmd.exe is a system process related to the Hotkey Command Module for Intel Graphics Contollers.... |
Change status
|
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
More info about file realplay.exe |
Legitimate |
Application program item according to inner database
File realplay.exe, which starts a process with the same name, is the main executive component of... |
Change status
|
| O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
More info about file iphsend.exe |
Legitimate |
Application program item according to inner database
The file is related to AOL software. |
Change status
|
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
More info about file ituneshelper.exe |
Legitimate |
Application program item according to inner database
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status
|
O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
More info about file onetouchmon.exe |
Legitimate |
Application program item according to inner database
onetouchmon.exe is an application process related to OneTouch Module for Visioneer Scanners from... |
Change status
|
O4 - HKLM\..\Run: [Smapp] Smtray.exe
More info about file smtray.exe |
Legitimate |
Application program item according to inner database
Related to drivers for various sound cards and similar devices. Places an icon in the system tray... |
Change status
|
| O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
More info about file bcmsmmsg.exe |
Legitimate |
System item according to inner database
File bcmsmmsg.exe is related to a background task that is functioning as a modem's driver. It is... |
Change status
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
More info about file aim.exe |
Legitimate |
Application program item according to inner database
AOL Instant Messenger. Located in "C:Program FilesAIM95". File aim.exe is related to trojan AIM... |
Change status
|
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
More info about file teatimer.exe |
Legitimate |
Application program item according to inner database
File teatimer.exe is related to Spybot Search & Destroy spyware removal program. It runs background... |
Change status
|
O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe
More info about file sysguard.exe |
Dangerous |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - HKUS\S-1-5-21-1390067357-842925246-725345543-1004\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl (User ''neil'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - HKUS\S-1-5-21-1390067357-842925246-725345543-1004\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe (User ''neil'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - HKUS\S-1-5-21-1390067357-842925246-725345543-1005\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (User ''yoko'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - HKUS\S-1-5-21-1390067357-842925246-725345543-1007\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe -p (User ''mari'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - S-1-5-21-1390067357-842925246-725345543-1004 Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\ScanSoft\PaperPort\Config\Ereg\REMIND32.EXE (User ''neil'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
| O4 - S-1-5-21-1390067357-842925246-725345543-1004 User Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\ScanSoft\PaperPort\Config\Ereg\REMIND32.EXE (User ''neil'') |
Questionable |
Spyware related item according to inner database
sysguard.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
A part of Adobe Acrobat Reader. Used to speed up the program's launch time. |
Change status
|
| O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html |
Not necessary |
Do you want item 'Backward Links' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html |
Not necessary |
Do you want item 'Cached Snapshot of Page' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html |
Not necessary |
Do you want item 'Similar Pages' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html |
Not necessary |
Do you want item 'Translate Page into English' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe |
Legitimate |
Legitimate extra button in your browser - related to AOL Instant Messenger. |
Change status
|
| O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Real.com' and points to file 'C:\WINDOWS\System32\Shdocvw.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Messenger' and points to file 'C:\Program Files\Messenger\MSMSGS.EXE'. If you do not want it to be there, fix this item. |
Change status
|
| O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab? |
Questionable |
Are you using an ActiveX object with a name 'MiniBugTransporterX Class' located in 'http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?'? If not, fix this item. |
Change status
|
| O16 - DPF: {3C648A72-C49A-48EF-9F90-68EF13293F97} (Cacher Class) - http://www.priv.njmls.xmlsweb.com/XMLSearch/XMLCache.CAB |
Questionable |
Are you using an ActiveX object with a name 'Cacher Class' located in 'http://www.priv.njmls.xmlsweb.com/XMLSearch/XMLCache.CAB'? If not, fix this item. |
Change status
|
| O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.5.0) - |
Questionable |
Are you using an ActiveX object with a name 'Java Plug-in 1.5.0' located in ''? If not, fix this item. |
Change status
|
| O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) - |
Questionable |
Are you using an ActiveX object with a name 'Java Plug-in 1.5.0' located in ''? If not, fix this item. |
Change status
|
| O18 - Filter hijack: text/html - (no CLSID) - (no file) |
Not necessary |
It is a protocol hijacker that points to nowhere. Fix this item. |
Change status
|
| O20 - Winlogon Notify: dsmapi - dsmapi.dll (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
More info about file aolacsd.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a standard component of AOL 9.0 Internet connection software. File aolacsd.exe is required... |
Change status
|
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
More info about file aoltsmon.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to AOL TopSpeed software, which increases Internet connection... |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
| O23 - Service: Trlokom Central Management Helper 1.4.1 0 (trlokom_rmhsvc) - Trlokom, Inc. - C:\WINDOWS\trlrm\RMHSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe |
Unknown |
No exact entries found |
Insert file into database
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
