| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Windows Defender\MsMpEng.exe
More info about file msmpeng.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Windows Defender program. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com library
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status |
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\CTsvcCDA.exe
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com library
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status |
C:\WINDOWS\system32\CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
Item found in 2-spyware.com library
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status |
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
More info about file cvpnd.exe |
Legitimate |
Item found in 2-spyware.com library
File cvpnd.exe is a background task, used by several applications, published by Cisco Systems, such... |
Change status |
C:\Program Files\Windows Defender\MSASCui.exe
More info about file msascui.exe |
Legitimate |
Item found in 2-spyware.com library
The file is component of Microsoft Windows Defender application. |
Change status |
C:\Program Files\Winamp\winampa.exe
More info about file winampa.exe |
Legitimate |
Item found in 2-spyware.com library
System tray icon for Winamp. |
Change status |
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
More info about file dkservice.exe |
Legitimate |
Item found in 2-spyware.com library
File dkservice.exe is related to disk defragmenter, known as Diskeeper. This program uses the... |
Change status |
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
More info about file shwicon2k.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of the drivers for Alcor Micro multimedia card readers. File shwicon2k.exe runs... |
Change status |
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
More info about file spysweeperui.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to SpySweeper application. |
Change status |
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
More info about file smax4pnp.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to SoundMax software. |
Change status |
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
More info about file pdvdserv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to some DVD playing programs like CyberLink PowerDVD. Provides support for the DVD drive's... |
Change status |
C:\WINDOWS\System32\inetsrv\inetinfo.exe
More info about file inetinfo.exe |
Legitimate |
Item found in 2-spyware.com library
File inetinfo.exe is related to Microsoft Internet Information Services. This software acts as a... |
Change status |
C:\Program Files\RAM Idle\RAM_XP.exe
More info about file ram_xp.exe |
Legitimate |
Item found in 2-spyware.com library
tweaker file |
Change status |
| C:\WINDOWS\system32\sttool32.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com library
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status |
C:\WINDOWS\system32\rundll32.exe
More info about file rundll32.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\lg_fwupdate\fwupdate.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
More info about file smagent.exe |
Legitimate |
Item found in 2-spyware.com library
SoundMAX Agent. Related to drivers for various sound cards and similar devices. |
Change status |
| C:\WINDOWS\system32\jybgzopu.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\iTunes\iTunesHelper.exe
More info about file ituneshelper.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Ahead\InCD\InCD.exe
More info about file incd.exe |
Legitimate |
Item found in 2-spyware.com library
InCD.exe is part of Nero CD Burning Software.
"Write to CDs and DVDs as if they were... |
Change status |
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
More info about file spysweeper.exe |
Legitimate |
Item found in 2-spyware.com library
An executable file of SpySweeper anti-spyware program. |
Change status |
C:\Program Files\Creative\ShareDLL\CtNotify.exe
More info about file ctnotify.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Creative Sound Cards. Located in "C:\Program Files\Creative\ShareDLL\". |
Change status |
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Legitimate |
Item found in 2-spyware.com library
Avast Anti virus |
Change status |
C:\Program Files\Creative\ShareDLL\Mediadet.exe
More info about file mediadet.exe |
Legitimate |
Item found in 2-spyware.com library
File mediadet.exe is related to software, which is bundled with Creative audio cards. It runs... |
Change status |
| C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
More info about file acrotray.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Adobe Acrobat Reader program. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
More info about file ashmaisv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
More info about file ashwebsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com library
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status |
C:\WINDOWS\system32\wuauclt.exe
More info about file wuauclt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
More info about file ssu.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to SpySweeper application. |
Change status |
C:\WINDOWS\system32\WgaTray.exe
More info about file wgatray.exe |
Legitimate |
Item found in 2-spyware.com library
This is legitimate file related Microsoft Windows Genuine Advantage software. |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
| C:\Downloads\Programs\HijackThis1.99.1.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll |
Legitimate |
legitimate bho toolbar, related to Yahoo Companion! |
Change status
|
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
Legitimate |
legitimate bho toolbar, related to SpyBot Search&Destroy |
Change status
|
| O2 - BHO: (no name) - {5c97b3c2-1dd2-11b2-bf65-af952c974630} - C:\WINDOWS\system32\msiyuhev.dll (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
More info about file windowslivelogin.dll |
Legitimate |
Application program item according to inner database
The file belongs to Microsoft Windows Live application. |
Change status
|
| O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll |
Legitimate |
legitimate bho toolbar, related to MSN Toolbar |
Change status
|
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
More info about file acroiefavclient.dll |
Legitimate |
System item according to inner database
The file belongs to Adobe Acrobat to display .pdf files in Internet Explorer. |
Change status
|
| O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll |
Legitimate |
legitimate bho toolbar, related to MSN Toolbar |
Change status
|
| O2 - BHO: CFilter Object - {C97EAD04-D1D3-4580-BDAC-EB13B6CB176E} - C:\WINDOWS\fonts\font.dll (file missing) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O2 - BHO: BearShareMediaBar BHO - {E49CE891-CD83-4841-8CC9-6E284D7978D0} - C:\Program Files\BearShare Applications\MediaBar\1.bin\BEARSMBR.DLL |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
More info about file acroiefavclient.dll |
Legitimate |
System item according to inner database
The file belongs to Adobe Acrobat to display .pdf files in Internet Explorer. |
Change status
|
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
More info about file acroiefavclient.dll |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
More info about file acroiefavclient.dll |
Legitimate |
legitimate bho, related to MSN Toolbar |
Change status
|
O3 - Toolbar: BearShare Media Bar - {E49CE899-CD83-4841-8CC9-6E284D7978D0} - C:\Program Files\BearShare Applications\MediaBar\1.bin\BEARSMBR.DLL
More info about file acroiefavclient.dll |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
More info about file acroiefavclient.dll |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
More info about file cthelper.exe |
Legitimate |
System item according to inner database
Installed with Creative sound cards. Has been reported to use 100% CPU time.
CTHelper is a... |
Change status
|
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
More info about file msascui.exe |
Legitimate |
Application program item according to inner database
The file is component of Microsoft Windows Defender application. |
Change status
|
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
More info about file winampa.exe |
Legitimate |
Application program item according to inner database
System tray icon for Winamp. |
Change status
|
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
More info about file updreg.exe |
Legitimate |
System item according to inner database
Reminder to register with Creative. Comes with some of Creatives sound cards. Located in... |
Change status
|
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
More info about file sgtray.exe |
Legitimate |
Application program item according to inner database
Part of the Veritas Storage Guard. Located in "C:\Program Files\VERITAS Software\Update Manager\". |
Change status
|
O4 - HKLM\..\Run: [Sunkist2k] "C:\Program Files\Multimedia Card Reader\shwicon2k.exe"
More info about file shwicon2k.exe |
Legitimate |
Application program item according to inner database
This is a part of the drivers for Alcor Micro multimedia card readers. File shwicon2k.exe runs... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
More info about file spysweeperui.exe |
Legitimate |
Application program item according to inner database
The file belongs to SpySweeper application. |
Change status
|
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
More info about file smax4pnp.exe |
Legitimate |
Application program item according to inner database
The file is related to SoundMax software. |
Change status
|
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
More info about file smax4.exe |
Legitimate |
Application program item according to inner database
The file belongs to SoundMAX Control Center. |
Change status
|
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
More info about file pdvdserv.exe |
Legitimate |
Application program item according to inner database
Related to some DVD playing programs like CyberLink PowerDVD. Provides support for the DVD drive's... |
Change status
|
O4 - HKLM\..\Run: [RAM Idle Professional] "C:\Program Files\RAM Idle\RAM_XP.exe"
More info about file ram_xp.exe |
Legitimate |
Application program item according to inner database
tweaker file |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
| O4 - HKLM\..\Run: [PSC main] C:\WINDOWS\system32\sttool32.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
More info about file tintsetp.exe |
Legitimate |
System item according to inner database
Translation component from Microsoft. Located in "C:\WINDOWS\System32\IME\TINTLGNT\". |
Change status
|
| O4 - HKLM\..\Run: [PCSuiteTrayApplication] "C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" -startup |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
More info about file nerocheck.exe |
Legitimate |
Application program item according to inner database
Related to Nero CD/DVD Burning software. From the publisher: "This program constantly checks for... |
Change status
|
| O4 - HKLM\..\Run: [mfsyoxe.dll] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Eddie Chan\Local Settings\Application Data\mfsyoxe.dll",jofsxne |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [jybgzopu.exe] C:\WINDOWS\system32\jybgzopu.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
More info about file ituneshelper.exe |
Legitimate |
Application program item according to inner database
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status
|
O4 - HKLM\..\Run: [InCD] "C:\Program Files\Ahead\InCD\InCD.exe"
More info about file incd.exe |
Legitimate |
Application program item according to inner database
InCD.exe is part of Nero CD Burning Software.
<i>"Write to CDs and DVDs as if they were... |
Change status
|
| O4 - HKLM\..\Run: [IMONTRAY] "C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
More info about file imjpmig.exe |
Legitimate |
System item according to inner database
Related to Windows East Asian language support (Japanese keyboard entry). Located in... |
Change status
|
| O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [Disc Detector] "C:\Program Files\Creative\ShareDLL\CtNotify.exe"
More info about file ctnotify.exe |
Legitimate |
Application program item according to inner database
Related to Creative Sound Cards. Located in "C:\Program Files\Creative\ShareDLL\". |
Change status
|
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Questionable |
HKLM - Run: [avast!], file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (params - '') (short filename - ashDisp.exe) |
Change status
|
| O4 - HKLM\..\Run: [AudioHQ] "C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE" |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
More info about file backweb-8876480.exe |
Legitimate |
System item according to inner database
Logitech Desktop Manager. Located in "C:\Program Files\Logitech\Desktop Messenger\8876480\Program". |
Change status
|
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
More info about file acrotray.exe |
Legitimate |
Application program item according to inner database
Related to Adobe Acrobat Reader program. |
Change status
|
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
More info about file adobe gamma loader.exe |
Legitimate |
Application program item according to inner database
From adobe: "The Adobe Gamma Control Panel is used to eliminate color casts in a monitor's display.... |
Change status
|
| O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: Spy Sweeper Updater V 2.0.0.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'ICQ 4' and points to file 'C:\Program Files\ICQLite\ICQLite.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'ICQ Lite' and points to file 'C:\Program Files\ICQLite\ICQLite.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe |
Legitimate |
Legitimate extra button in your browser - related to Yahoo! Messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe |
Legitimate |
Legitimate extra tools menu item in your browser - related to Yahoo! Messenger. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
| O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file '(no file) (HKCU)'. If you do not want it to be there, fix this item. |
Change status
|
| O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll |
Legitimate |
This item represents a plugin added to Internet Explorer to work with '.mpeg' files. Seems to be safe, unless you know that it is malicious. |
Change status
|
| O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll |
Legitimate |
This item represents a plugin added to Internet Explorer to work with '.mpg' files. Seems to be safe, unless you know that it is malicious. |
Change status
|
| O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://www.pestscan.com/scanner/ppctlcab.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 |
Legitimate |
Legitimate ActiveX item from site http://go.microsoft.com/ |
Change status
|
| O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll |
Questionable |
Are you using an ActiveX object with no name located in 'http://www.miniclip.com/bestfriends/retro64_loader.dll'? If not, fix this item. |
Change status
|
| O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab |
Questionable |
Are you using an ActiveX object with a name 'PPSDKActiveXScanner.MainScreen' located in 'http://www.pestscan.com/scanner/axscanner.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab |
Questionable |
Are you using an ActiveX object with a name 'YInstStarter Class' located in 'http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,34 |
Questionable |
Are you using an ActiveX object with a name 'Pixami Image Editor Control' located in 'http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,34'? If not, fix this item. |
Change status
|
| O16 - DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} (NetCamPlayerWeb11g Control) - http://192.168.2.115/img/NetCamPlayerWeb11g.ocx |
Questionable |
Are you using an ActiveX object with a name 'NetCamPlayerWeb11g Control' located in 'http://192.168.2.115/img/NetCamPlayerWeb11g.ocx'? If not, fix this item. |
Change status
|
| O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by18fd.bay18.hotmail.msn.com/resources/MsnPUpld.cab |
Questionable |
Are you using an ActiveX object with a name 'MSN Photo Upload Tool' located in 'http://by18fd.bay18.hotmail.msn.com/resources/MsnPUpld.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab |
Questionable |
Are you using an ActiveX object with a name 'EARTPatchX Class' located in 'http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802 |
Questionable |
Are you using an ActiveX object with a name 'ZingBatchAXDwnl Class' located in 'http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802'? If not, fix this item. |
Change status
|
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040427/qtinstall
.info.apple.com/saba/us/win/QuickTimeInstaller.exe |
Questionable |
Are you using an ActiveX object with no name located in 'http://a1540.g.akamai.net/7/1540/52/20040427/qtinstall
.info.apple.com/saba/us/win/QuickTimeInstaller.exe'? If not, fix this item. |
Change status
|
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls
/en/x86/client/wuweb_site.cab?1122048778718 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1132585557609 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
| O16 - DPF: {7260569F-1D40-4E7F-B95B-2E68D35668B9} (MofileUploadX Control) - http://www.mofile.com/activex/UploadFX.CAB |
Questionable |
Are you using an ActiveX object with a name 'MofileUploadX Control' located in 'http://www.mofile.com/activex/UploadFX.CAB'? If not, fix this item. |
Change status
|
| O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - |
Questionable |
Are you using an ActiveX object with a name 'XML DOM Document 4.0' located in ''? If not, fix this item. |
Change status
|
| O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab |
Legitimate |
Legitimate ActiveX item from site http://download.zonelabs.com/ |
Change status
|
| O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab |
Legitimate |
Legitimate ActiveX item from site http://messenger.msn.com/ |
Change status
|
| O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab |
Legitimate |
Legitimate ActiveX item from site http://security.symantec.com/ |
Change status
|
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_games
/popcap/bejeweled2/popcaploader_v6.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://download.games.yahoo.com/games/web_games
/popcap/bejeweled2/popcaploader_v6.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {E1261DD0-C69A-11D4-8434-0010B559D5E9} (SignCtl Class) - http://luckydraw.hongkongpost.gov.hk/formsign.dll |
Questionable |
Are you using an ActiveX object with a name 'SignCtl Class' located in 'http://luckydraw.hongkongpost.gov.hk/formsign.dll'? If not, fix this item. |
Change status
|
| O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.streamload.com/Upload/XUpload.ocx |
Questionable |
Are you using an ActiveX object with a name 'Persits Software XUpload' located in 'http://www.streamload.com/Upload/XUpload.ocx'? If not, fix this item. |
Change status
|
| O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37 |
Questionable |
Are you using an ActiveX object with a name 'AxRUploadControl Object' located in 'http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37'? If not, fix this item. |
Change status
|
| O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "livecall" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "msnim" and file "C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL". |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll |
Legitimate |
Related to SpySweeper v 4.5 by Webroot |
Change status
|
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Avast anti-virus... |
Change status
|
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
| O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe |
Legitimate |
ATI Video Card Control Panel |
Change status
|
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Avast anti-virus... |
Change status
|
| O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
More info about file ctsvccda.exe |
Legitimate |
Item found in 2-spyware.com database.
Creative CD-ROM Services tool, started by ctsvccda.exe executable, is a common component of some... |
Change status
|
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
More info about file cvpnd.exe |
Legitimate |
Item found in 2-spyware.com database.
File cvpnd.exe is a background task, used by several applications, published by Cisco Systems, such... |
Change status
|
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
More info about file dkservice.exe |
Legitimate |
Item found in 2-spyware.com database.
File dkservice.exe is related to disk defragmenter, known as Diskeeper. This program uses the... |
Change status
|
| O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE |
Legitimate |
Related to Hewlett-Packard Company |
Change status
|
| O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE |
Legitimate |
Related to Hewlett-Packard Company |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
| O23 - Service: Intel(R) Active Monitor (imonNT) - Unknown owner - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
| O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status
|
| O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
More info about file smagent.exe |
Legitimate |
Item found in 2-spyware.com database.
SoundMAX Agent. Related to drivers for various sound cards and similar... |
Change status
|
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
More info about file vsmon.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to the ZoneAlarm firewall from ZoneLabs. Located in... |
Change status
|
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
More info about file spysweeper.exe |
Legitimate |
Item found in 2-spyware.com database.
An executable file of SpySweeper anti-spyware... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
