| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\AVG\AVG8\avgrsx.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\DeltTray.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com library
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\MsPMSPSv.exe
More info about file mspmspsv.exe |
Legitimate |
Item found in 2-spyware.com library
MsPMSPSv.exe is an application process related to Windows Media Player. It comes with several not... |
Change status |
C:\WINDOWS\system32\wscntfy.exe
More info about file wscntfy.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\Program Files\Winamp\winamp.exe
More info about file winamp.exe |
Legitimate |
Item found in 2-spyware.com library
File winamp.exe, which starts a process with the same name, is the main executable component of... |
Change status |
C:\WINDOWS\system32\msiexec.exe
More info about file msiexec.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to Microsoft Windows Installer - it is a system component, used to handle MSI... |
Change status |
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
Item found in 2-spyware.com library
SAS is one of the best as-programs |
Change status |
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults
/sb/*http://www.yahoo.com/search/ie.html |
Not necessary |
http://us.rd.yahoo.com/customize/ycomp/defaults
/sb/*http://www.yahoo.com/search/ie.html is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com |
Not necessary |
http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com |
Not necessary |
http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com is your default SearchURL.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0 |
Not necessary |
:0 is your Proxy Server.
If you do not like this fact, fix this item. |
Change status |
| O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
More info about file avgssie.dll |
Legitimate |
Application program item according to inner database
Related to AVG Antivirus 8.0 |
Change status
|
| O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
More info about file acroiefavclient.dll |
Legitimate |
System item according to inner database
The file belongs to Adobe Acrobat to display .pdf files in Internet Explorer. |
Change status
|
| O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - d:\Program Files\WinAVI FLV Converter\FLVTune.dll |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
More info about file acroiefavclient.dll |
Legitimate |
System item according to inner database
The file belongs to Adobe Acrobat to display .pdf files in Internet Explorer. |
Change status
|
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
More info about file acroiefavclient.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run |
Not necessary |
not necessary item according to our database |
Change status
|
| O4 - HKLM\..\Run: [LXCJCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16 |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [DeltTray] DeltTray.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
More info about file msconfig.exe |
Legitimate |
System item according to inner database
Microsoft System Configuration Utility. Located in "C:\Windows\System" on Windows 98/ME and... |
Change status
|
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html |
Not necessary |
Do you want item 'Convert link target to Adobe PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html |
Not necessary |
Do you want item 'Convert link target to existing PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html |
Not necessary |
Do you want item 'Convert selected links to Adobe PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html |
Not necessary |
Do you want item 'Convert selected links to existing PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html |
Not necessary |
Do you want item 'Convert selection to Adobe PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html |
Not necessary |
Do you want item 'Convert selection to existing PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html |
Not necessary |
Do you want item 'Convert to Adobe PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html |
Not necessary |
Do you want item 'Convert to existing PDF' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Send to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'S&end to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - d:\Program Files\WinAVI FLV Converter\FLVTune.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'WinAVI FLV Manager' and points to file 'd:\Program Files\WinAVI FLV Converter\FLVTune.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - d:\Program Files\WinAVI FLV Converter\FLVTune.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'WinAVI FLV Manager' and points to file 'd:\Program Files\WinAVI FLV Converter\FLVTune.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Spybot'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Spybot' and points to file '{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O16 - DPF: {162888D7-A4DF-4A0B-A65E-1C60D77D3C04} (BaseRunner Class) - http://65.34.29.219/ATNBase.cab |
Questionable |
Are you using an ActiveX object with a name 'BaseRunner Class' located in 'http://65.34.29.219/ATNBase.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls
/en/x86/client/wuweb_site.cab?1125508037062 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
| O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "grooveLocalGWS" and file "C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL". |
Change status
|
| O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "linkscanner" and file "C:\Program Files\AVG\AVG8\avgpp.dll". |
Change status
|
| O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "skype4com" and file "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL". |
Change status
|
| O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll |
Unknown |
No exact entries found |
Change status
|
| O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com database.
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
