Results of analyzing your log

The HijackThis log analyzer beta 2 is a brand new service, so it is natural that it may have a few issues with entry descriptions and status. You can help us to improve the analyzer! If you have some information on unknown items, please share it with us and thousands of 2-Spyware.com visitors. We will carefully check your submission and approve it, if it is correct. You can also change status of entries that do not look identified correctly to you. Also feel free to post your description for existing items. We will review and add it to the analyzer's database. Thank you!

Files and registry entries considered to be safe

Legitimate items	24	36%
Not necessary items	13	19%
	37	55%

File and registry entries that can be both dangerous or safe

Questionable items	3	4%
Unknown items	27	40%
	30	44%

Files and registry entries considered to be DANGEROUS. Fix immediately!

Dangerous items

Line:	Status:	Comments:	Actions:
C:\Windows\system32\taskeng.exe	Unknown	No exact entries found	Insert file into database
C:\Windows\system32\Dwm.exe	Unknown	No exact entries found	Insert file into database
C:\Windows\Explorer.EXE More info about file explorer.exe	Legitimate	Process found in system process library	Change status
C:\Users\Alden\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\AIM6\aim6.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\AIM6\aolsoftware.exe More info about file aolsoftware.exe	Legitimate	Item found in 2-spyware.com library Related to legitimate America Online software application.	Change status
C:\Windows\system32\wbem\unsecapp.exe	Unknown	No exact entries found	Insert file into database
C:\Windows\system32\wuauclt.exe More info about file wuauclt.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe More info about file hijackthis.exe	Legitimate	Item found in 2-spyware.com library This is the main component of HijackThis security application, designed to perform system scans and...	Change status
C:\Program Files\Notepad++\notepad++.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Mozilla Firefox\firefox.exe More info about file firefox.exe	Legitimate	Item found in 2-spyware.com library File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all...	Change status
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe More info about file acrord32.exe	Legitimate	Item found in 2-spyware.com library File acrord32.exe is an executable of Acrobat Reader program, which is used to view PDF documents....	Change status
C:\Users\Alden\Documents\WinDjView-0.5.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE More info about file winword.exe	Legitimate	Item found in 2-spyware.com library Microsoft Word, which is started by winword.exe file, is a text processing program, included in...	Change status
C:\Program Files\mIRC\mirc.exe More info about file mirc.exe	Legitimate	Item found in 2-spyware.com library Related to IRC chat program.	Change status
C:\Windows\system32\SearchFilterHost.exe	Unknown	No exact entries found	Insert file into database
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.computers.us.fujitsu.com/	Not necessary	http://www.computers.us.fujitsu.com/ is your start page. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157	Not necessary	http://go.microsoft.com/fwlink/?LinkId=69157 is your Default Page URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896	Not necessary	http://go.microsoft.com/fwlink/?LinkId=54896 is your Default Search URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896	Not necessary	http://go.microsoft.com/fwlink/?LinkId=54896 is your Search Page. If you do not like this fact, fix this item.	Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157	Not necessary	http://go.microsoft.com/fwlink/?LinkId=69157 is your start page. If you do not like this fact, fix this item.	Change status
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local	Not necessary	*.local overrides your Proxy Server. If you do not like this fact, fix this item.	Change status
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =	Not necessary	This is your folder of IE toolbar links, but it points to nowhere. If you do not like this fact, fix this item.	Change status
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll More info about file coieplg.dll	Legitimate	System item according to inner database symantec shared file	Change status
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll More info about file ipsbho.dll	Legitimate	System item according to inner database Description ipsbho.dll is a IPS Browser Helper DLL belonging to Symantec Intrusion Detection from...	Change status
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll	Unknown	No exact entries found	Insert file into database
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll More info about file ssv.dll	Legitimate	System item according to inner database Related to Java Virtual Machine software, which is legitimate.	Change status
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll	Unknown	No exact entries found	Insert file into database
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll More info about file swg.dll	Legitimate	System item according to inner database google toolbar notifier	Change status
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll	Unknown	No exact entries found	Insert file into database
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll More info about file coieplg.dll	Legitimate	System item according to inner database symantec shared file	Change status
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll More info about file coieplg.dll	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [NACAgentUI] C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime More info about file qttask.exe	Legitimate	Application program item according to inner database Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\"....	Change status
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Alden\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp	Unknown	No exact entries found	Insert file into database
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll	Not necessary	This item represents extra button in your IE toolbar without name and points to file 'C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll	Not necessary	This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll	Not necessary	This item represents extra button in your IE toolbar with a name 'Send to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra ''Tools'' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll	Not necessary	This item represents extra menu item in your Tools menu in IE with a name 'S&end to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll	Not necessary	This item represents extra button in your IE toolbar with a name 'Bonjour' and points to file 'C:\Program Files\Bonjour\ExplorerPlugin.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL	Not necessary	This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL'. If you do not want it to be there, fix this item.	Change status
O17 - HKLM\System\CCS\Services\Tcpip\..\{2607E311-95DF-4A86-965B-08EDA2F7945B}: NameServer = 4.2.2.1,4.2.2.2,4.2.2.3,4.2.2.4	Questionable	Do you recognize these IP addresses '4.2.2.1,4.2.2.2,4.2.2.3,4.2.2.4' as your internet provider DNS servers? If not, fix this item.	Change status
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll	Questionable	It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "grooveLocalGWS" and file "C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll".	Change status
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL	Questionable	It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "skype4com" and file "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL".	Change status
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll More info about file	Unknown	No exact entries found	Change status
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe	Legitimate	Required for PhotoshopCS	Change status
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe More info about file agrsmsvc.exe	Legitimate	Item found in 2-spyware.com database. agrsmsvc.exe is a process responsible for the functionality of the audio device driver of the...	Change status
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe More info about file aluschedulersvc.exe	Legitimate	Item found in 2-spyware.com database. Related to Symantec anti-virus...	Change status
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe More info about file mdnsresponder.exe	Legitimate	Item found in 2-spyware.com database. The file belongs to Bonjour for Windows...	Change status
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe	Legitimate	Related to Norton/Symantec AntiVirus	Change status
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe	Legitimate	Related to Norton/Symantec AntiVirus.	Change status
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: dlcc_device - - C:\Windows\system32\dlcccoms.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe More info about file fnplicensingservice.exe	Legitimate	Item found in 2-spyware.com database. fnplicensingservice.exe is the Activation Licensing Service for the Macrovision FLEXnet Publisher...	Change status
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe More info about file googledesktop.exe	Legitimate	Item found in 2-spyware.com database. GoogleDesktop.exe is the main component of Google Desktop, an application that improves you...	Change status
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe More info about file googleupdaterservice.exe	Legitimate	Item found in 2-spyware.com database. Service for Google...	Change status
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE	Unknown	No exact entries found	Insert file into database
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Cisco NAC Agent (NACAgent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe More info about file symlcsvc.exe	Legitimate	Item found in 2-spyware.com database. An essential component of security-related Symantec software such as Norton AntiVirus and Norton...	Change status
O23 - Service: UpdateNaviInstallService - FUJITSU LIMITED - C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe	Unknown	No exact entries found	Insert file into database

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

Recommended software:

Malwarebytes Anti Malware

(91/100)

There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t have many features. One such...

SpyHunter

(89/100)

SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are not computer savvy, but...

Spyware Doctor

(87/100)

Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and easy-to-manage...

STOPzilla

(86/100)

STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses, and viruses....

XoftSpySE Anti Spyware

(84/100)

XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to install and use. Trial version...

Latest Spyware news:

• Carl A Someone signature loved by spammers
• State of Utah Reveals Why 780k People Records Were Stolen
• The iPhone And iPad Are Targets For Hackers
• Malicious tweets spread rogue AV infecting Android users
• Be aware about malware spread via hotel Wi-Fi connections
• SecureCloud Key Management Systems Released by Trend Micro
• Microsoft and Adobe Releases Critical Security Updates. Update Now!
• Internet Apocalypsis Upcoming - Prepare for DNSChanger Servers Closure
• Hacks Through Compromised Websites Increases Rapidly, Says Symantec
• Facebook judged for its privacy controls

Subscribe to news

Encyclopedia of parasites:

ErrorSmart 24/05/12
Windows Safety Maint... 24/05/12
Windows Multi Contro... 23/05/12
System Protection Tools 23/05/12
Redirect 22/05/12
Windows Secure Kit 2012 22/05/12
WeatherBug 21/05/12
Dugenpal 21/05/12
Komodola 21/05/12
SpyGraphica 20/05/12
Windows Private Shield 20/05/12
WinMaximizer 19/05/12
Windows Pro Safety R... 18/05/12
Stekct 18/05/12
Linfo 18/05/12
Wiarp 18/05/12
Farfli 18/05/12
Happili redirect 18/05/12
Vasport 17/05/12
SeekService.com 17/05/12

Library of files:

mrt.exe 23/05/12
taskeng.exe 23/05/12
mplayer.exe 14/04/12
ccApp.exe 20/03/12
guest.js 06/03/12
BCU.exe 20/02/12
pbupdate.exe 20/02/12
dumprep.exe 20/02/12
arp.exe 12/02/12
hero remote control.... 08/02/12

Archive of files
Archive of startup entries