| Line: |
Status: |
Comments: |
Actions: |
C:\WINNT\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\services.exe
More info about file services.exe |
Questionable |
This item can be legitimate or spyware related, depending on its location and other factors. Make some further research on it. |
Change status |
C:\WINNT\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\ewido anti-malware\ewidoctrl.exe
More info about file ewidoctrl.exe |
Legitimate |
Item found in 2-spyware.com library
This is a vital component of ewido security suite, a popular anti-spyware and anti-malware program. |
Change status |
C:\WINNT\system32\regsvc.exe
More info about file regsvc.exe |
Legitimate |
Item found in 2-spyware.com library
File is related to Remote Registry Service - it is a system component, which exists in Microsoft... |
Change status |
C:\WINNT\system32\MSTask.exe
More info about file mstask.exe |
Legitimate |
Item found in 2-spyware.com library
Mstask.exe is the task scheduler service, responsible for running tasks at a time predetermined by... |
Change status |
C:\WINNT\system32\stisvc.exe
More info about file stisvc.exe |
Legitimate |
Item found in 2-spyware.com library
File stisvc.exe stands for Windows Still Image Service. It is a standard component of Windows 2000... |
Change status |
C:\WINNT\System32\mspmspsv.exe
More info about file mspmspsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Windows Media Player. |
Change status |
C:\WINNT\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\System32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Internet Explorer\IEXPLORE.EXE
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Spyware Doctor, a popular legitimate anti-spyware program. |
Change status |
C:\WINNT\System32\cmd.exe
More info about file cmd.exe |
Legitimate |
Item found in 2-spyware.com library
Command prompt tool that comes with Windows NT/2000/XP. Located in "C:\WINNT\SYSTEM32" on Windows... |
Change status |
C:\Program Files\Spyware Doctor\swdoctor.exe
More info about file swdoctor.exe |
Legitimate |
Item found in 2-spyware.com library
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status |
C:\WINNT\regedit.exe
More info about file regedit.exe |
Legitimate |
Item found in 2-spyware.com library
From Microsoft: "Regedit.exe is the registration editor for 16-bit Windows. It is used tomodify... |
Change status |
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KillBox.exe
More info about file killbox.exe |
Legitimate |
Item found in 2-spyware.com library
A main file of Pocket Killbox utility. |
Change status |
C:\Program Files\Outlook Express\msimn.exe
More info about file msimn.exe |
Legitimate |
Item found in 2-spyware.com library
This is the most significant component of Microsoft Outlook Express mail client. It is responsible... |
Change status |
C:\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm |
Not necessary |
C:\windows\system32\blank.htm is your local page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm |
Not necessary |
C:\windows\system32\blank.htm is your local page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 |
Not necessary |
:0 is your Proxy Server.
If you do not like this fact, fix this item. |
Change status |
| O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
| O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Legitimate |
legitimate bho toolbar, related to PCTools Spyware Doctor |
Change status
|
| O2 - BHO: (no name) - {edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O3 - Toolbar: AEVITA Save Flash - {33973600-925A-11D9-A1F6-9234C84D2622} - C:\Program Files\AEVITA Save Flash\saveflash.dll |
Legitimate |
legitimate toolbar, related to AEVITA Save_Flash |
Change status
|
| O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [MSConfig] C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\37HIVNXA\msconfig[1].exe /auto |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
More info about file mobsync.exe |
Legitimate |
System item according to inner database
"With Internet Explorer, you can make pages available offline. You can use Synchronization Manager... |
Change status
|
| O4 - HKLM\..\RunServices: [atiupdpl] C:\WINNT\System32\atiupdpl.exe |
Dangerous |
dangerous item according to our database |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
More info about file swdoctor.exe |
Legitimate |
Application program item according to inner database
Main component of Spyware Doctor, a popular anti-spyware program. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AEVITA Save Flash - {0C4D904C-697B-4F51-B82F-D5D8D8D36405} - C:\Program Files\AEVITA Save Flash\saveflash.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AEVITA Save Flash' and points to file 'C:\Program Files\AEVITA Save Flash\saveflash.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Spyware Doctor' and points to file 'C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AIM' and points to file 'C:\Program Files\AIM\aim.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Real.com' and points to file 'C:\WINNT\System32\Shdocvw.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Microsoft AntiSpyware helper - {3A6D93C2-2742-49D3-88C6-028CA6D11425} - (no file) (HKCU) |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Microsoft AntiSpyware helper' and points to file '(no file) (HKCU)'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Microsoft AntiSpyware helper - {3A6D93C2-2742-49D3-88C6-028CA6D11425} - (no file) (HKCU) |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Microsoft AntiSpyware helper' and points to file '(no file) (HKCU)'. If you do not want it to be there, fix this item. |
Change status
|
| O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab |
Questionable |
Are you using an ActiveX object with a name 'ActiveScan Installer Class' located in 'http://acs.pandasoftware.com/activescan/as5free/asinst.cab'? If not, fix this item. |
Change status
|
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
More info about file dmadmin.exe |
Legitimate |
Item found in 2-spyware.com database.
File dmadmin.exe is a standard component of Microsoft Windows operating system. It is included in... |
Change status
|
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
More info about file ewidoctrl.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a vital component of ewido security suite, a popular anti-spyware and anti-malware... |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
| O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe |
Legitimate |
Kodak Software to connect digital cameras |
Change status
|
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com database.
A part of Spyware Doctor, a popular legitimate anti-spyware... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
