| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\SYSTEM32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Windows Defender\MsMpEng.exe
More info about file msmpeng.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Windows Defender program. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\ewido anti-malware\ewidoctrl.exe
More info about file ewidoctrl.exe |
Legitimate |
Item found in 2-spyware.com library
This is a vital component of ewido security suite, a popular anti-spyware and anti-malware program. |
Change status |
C:\WINDOWS\system32\CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
Item found in 2-spyware.com library
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status |
| C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
| C:\Program Files\NASDAK\OmniMouse Driver\4.06\MOUSE32A.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Omni\Omni keyboard driver\5.0\KbdAp32A.exe
More info about file kbdap32a.exe |
Legitimate |
Item found in 2-spyware.com library
wireless keyboard |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
More info about file cli.exe |
Legitimate |
Item found in 2-spyware.com library
File cli.exe is related to ATI graphics card drivers. It runs simple program, which is not required... |
Change status |
| C:\Program Files\Windows Defender\MSASCui.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\ATI Multimedia\main\ATIDtct.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\Documents and Settings\AMD AthlonXP 1800mhz\Application Data\?icrosoft.NET\wowexec.exe
More info about file wowexec.exe |
Questionable |
Process found in system process library but with a different location |
Change status |
| C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\rundll32.exe
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
More info about file avengine.exe |
Legitimate |
Item found in 2-spyware.com library
File avengine.exe is related to Panda Antivirus. It is a complex tool, designed to launch the... |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Spyware Doctor, a popular legitimate anti-spyware program. |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\wbem\wmiapsrv.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\wscntfy.exe
More info about file wscntfy.exe |
Questionable |
Item found in 2-spyware.com library
wscntfy.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status |
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\alg.exe
More info about file alg.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wuauclt.exe
More info about file wuauclt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
More info about file cli.exe |
Legitimate |
Item found in 2-spyware.com library
File cli.exe is related to ATI graphics card drivers. It runs simple program, which is not required... |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\Documents and Settings\AMD AthlonXP 1800mhz\Desktop\HJT\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\avciman.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hpE7EF.tmp (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
System item according to inner database
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status
|
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
More info about file updreg.exe |
Legitimate |
System item according to inner database
Reminder to register with Creative. Comes with some of Creatives sound cards. Located in... |
Change status
|
| O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
| O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.06\MOUSE32A.EXE |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Omni\Omni keyboard driver\5.0\KbdAp32A.exe
More info about file kbdap32a.exe |
Legitimate |
Driver related item according to inner database.
wireless keyboard |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
More info about file atiptaxx.exe |
Legitimate |
System item according to inner database
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status
|
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
More info about file cli.exe |
Legitimate |
Application program item according to inner database
File cli.exe is related to ATI graphics card drivers. It runs simple program, which is not required... |
Change status
|
| O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [\\JOE\EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P25 "\\JOE\EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
More info about file apvxdwin.exe |
Legitimate |
Application program item according to inner database
Part of the Panda Platinum Anti Virus Package |
Change status
|
| O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [Cwjcygk] C:\Documents and Settings\AMD AthlonXP 1800mhz\Application Data\?icrosoft.NET\wowexec.exe
More info about file wowexec.exe |
Legitimate |
System item according to inner database
When you start a 16-bit program on a computer running Windows NT, the Ntvdm.exe and Wowexec.exe... |
Change status
|
| O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe |
Questionable |
questionable item according to our database |
Change status
|
| O4 - HKCU\..\Run: [Atpd] "C:\WINDOWS\system32\STEM~1\arpa.exe" -vt ndrv |
Unknown |
No exact entries found |
Insert file into database
|
| O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Spyware Doctor' and points to file 'C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'ATI TV' and points to file 'C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Messenger' and points to file 'C:\Program Files\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Windows Messenger' and points to file 'C:\Program Files\Messenger\msmsgs.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate' located in 'http://www.creative.com/su/ocx/15015/CTSUEng.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 |
Questionable |
Are you using an ActiveX object with a name 'Windows Genuine Advantage Validation Tool' located in 'http://go.microsoft.com/fwlink/?linkid=39204'? If not, fix this item. |
Change status
|
| O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab |
Questionable |
Are you using an ActiveX object with a name 'MSN Photo Upload Tool' located in 'http://spaces.msn.com//PhotoUpload/MsnPUpld.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 |
Questionable |
Are you using an ActiveX object with no name located in 'http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123'? If not, fix this item. |
Change status
|
| O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate Support Package' located in 'http://www.creative.com/su/ocx/15016/CTPID.cab'? If not, fix this item. |
Change status
|
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
| O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe |
Legitimate |
ATI Video Card Control Panel |
Change status
|
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
More info about file ewidoctrl.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a vital component of ewido security suite, a popular anti-spyware and anti-malware... |
Change status
|
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
More info about file ewidoguard.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a vital component of ewido security suite, which is a popular anti-spyware and anti-malware... |
Change status
|
| O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE |
Legitimate |
Related to Norton. GHOSTSTARTSERVICE is the background support task/service for Ghost for Windows. |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
| O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe |
Legitimate |
Related to Macromedia products: Flash, Dreamweaver, etc. |
Change status
|
| O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe |
Legitimate |
Related to Panda Firewall |
Change status
|
| O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe |
Legitimate |
RElated to Panda Antovirus software |
Change status
|
| O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe |
Legitimate |
Related to Panda Titanium Antivirus |
Change status
|
| O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe |
Legitimate |
Related to Panda Titanium Antivirus |
Change status
|
| O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe |
Legitimate |
Related to Panda Software |
Change status
|
| O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe |
Legitimate |
Panda Anti-virus Service |
Change status
|
| O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe |
Legitimate |
Related to Panda Titanium Antivirus |
Change status
|
| O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe |
Legitimate |
Related to Panda Titanium Antivirus |
Change status
|
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
More info about file sdhelp.exe |
Legitimate |
Item found in 2-spyware.com database.
A part of Spyware Doctor, a popular legitimate anti-spyware... |
Change status
|
| O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
