| Line: |
Status: |
Comments: |
Actions: |
C:\WINNT\System32\smss.exe
More info about file smss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\services.exe
More info about file services.exe |
Questionable |
This item can be legitimate or spyware related, depending on its location and other factors. Make some further research on it. |
Change status |
C:\WINNT\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\ZoneLabs\vsmon.exe
More info about file vsmon.exe |
Legitimate |
Item found in 2-spyware.com library
Related to the ZoneAlarm firewall from ZoneLabs. Located in "C:\WINDOWS\SYSTEM\ZONELABS\". |
Change status |
C:\WINNT\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
More info about file aluschedulersvc.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Symantec anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\WINNT\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\regsvc.exe
More info about file regsvc.exe |
Legitimate |
Item found in 2-spyware.com library
File is related to Remote Registry Service - it is a system component, which exists in Microsoft... |
Change status |
C:\WINNT\system32\MSTask.exe
More info about file mstask.exe |
Legitimate |
Item found in 2-spyware.com library
Mstask.exe is the task scheduler service, responsible for running tasks at a time predetermined by... |
Change status |
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe |
Legitimate |
Item found in 2-spyware.com library
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status |
C:\WINNT\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\System32\WBEM\WinMgmt.exe
More info about file winmgmt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\mspmspsv.exe
More info about file mspmspsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Windows Media Player. |
Change status |
C:\WINNT\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINNT\system32\devldr32.exe
More info about file devldr32.exe |
Legitimate |
Item found in 2-spyware.com library
File devldr32.exe, started by an executable with the same name, is a standard component of the... |
Change status |
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
More info about file ashmaisv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
More info about file ashwebsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\QuickTime\qttask.exe
More info about file qttask.exe |
Legitimate |
Item found in 2-spyware.com library
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status |
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
More info about file zlclient.exe |
Legitimate |
Item found in 2-spyware.com library
ZoneAlarm Firewall http://www.zonelabs.com |
Change status |
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Legitimate |
Item found in 2-spyware.com library
Avast Anti virus |
Change status |
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
More info about file realsched.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status |
| C:\Documents and Settings\All Users\Application Data\latmjeho.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINNT\system32\scchk32.exe
More info about file scchk32.exe |
Dangerous |
Item found in 2-spyware.com library
Kind of malware (exploit) |
Change status |
C:\WINNT\system32\internat.exe
More info about file internat.exe |
Questionable |
Process found in system process library but with a different location |
Change status |
C:\Program Files\PeerGuardian2\pg2.exe
More info about file pg2.exe |
Legitimate |
Item found in 2-spyware.com library
PeerGuardian |
Change status |
C:\Program Files\MSN Messenger\MsnMsgr.Exe
More info about file msnmsgr.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft Windows Messenger chat client. |
Change status |
| C:\Program Files\AlfaClock\AlfaClock.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
| C:\Program Files\Notepad++\notepad++.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Internet Explorer\iexplore.exe
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
C:\_Installation Files\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.xtramsn.co.nz/0SEENNZ/SAOS01 |
Not necessary |
http://g.xtramsn.co.nz/0SEENNZ/SAOS01 is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.woosh.co.nz/register.asp?imei=352697000028100 |
Not necessary |
http://www.woosh.co.nz/register.asp?imei=352697000028100 is related to your Internet Connection Wizard.
If you do not like this fact, fix this item. |
Change status |
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-nz\msntb.dll
More info about file msdxm.ocx |
Unknown |
No exact entries found |
Insert file into database
|
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
More info about file msdxm.ocx |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Synchronization Manager] "mobsync.exe" /logon |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\Updreg.exe
More info about file updreg.exe |
Legitimate |
System item according to inner database
Reminder to register with Creative. Comes with some of Creatives sound cards. Located in... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [Setup] C:\Program Files\Setup\Setup.exe
More info about file setup.exe |
Questionable |
File setup.exe is a common file for software setup process. It might be legitimate or dangerous, depending on the software it is related to. Make some further research on it. |
Change status
|
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
More info about file zlclient.exe |
Legitimate |
System item according to inner database
ZoneAlarm Firewall http://www.zonelabs.com |
Change status
|
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Legitimate |
Related to Avast anti-virus software. |
Change status
|
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
More info about file realsched.exe |
Legitimate |
Application program item according to inner database
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status
|
| O4 - HKLM\..\Run: [latmjeho.exe] "C:\Documents and Settings\All Users\Application Data\latmjeho.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [SC2] C:\WINNT\system32\scchk32.exe
More info about file scchk32.exe |
Dangerous |
Spyware related item according to inner database
Kind of malware (exploit) |
Change status
|
O4 - HKCU\..\Run: [internat.exe] internat.exe
More info about file internat.exe |
Questionable |
Questionable item according to inner database
Runs at startup and loads the input locale specified by the user that logs on the system.... |
Change status
|
O4 - HKCU\..\Run: [PeerGuardian] "C:\Program Files\PeerGuardian2\pg2.exe"
More info about file pg2.exe |
Legitimate |
Application program item according to inner database
PeerGuardian |
Change status
|
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
More info about file msnmsgr.exe |
Legitimate |
System item according to inner database
Microsoft Windows Messenger chat client. |
Change status
|
| O4 - HKCU\..\Run: [AlfaClock Classic] "C:\Program Files\AlfaClock\AlfaClock.exe" /startup |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
More info about file adobe gamma loader.exe |
Legitimate |
Application program item according to inner database
From adobe: "The Adobe Gamma Control Panel is used to eliminate color casts in a monitor's display.... |
Change status
|
| O4 - Startup: Wireless Broadband Modem Dialler.lnk = C:\Program Files\IPWireless Inc\IPWireless PC Software\UEStatus.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
Application program item according to inner database
Related to Adobe Acrobat Reader. |
Change status
|
| O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage |
Not necessary |
Do you want item 'StumbleUpon PhotoBlog It!' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O15 - Trusted Zone: *.stumbleupon.com |
Questionable |
Do you want URL pattern "*.stumbleupon.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab |
Questionable |
Are you using an ActiveX object with a name 'Facebook Photo Uploader Control' located in 'http://upload.facebook.com/controls/FacebookPhotoUploader.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls
/en/x86/client/wuweb_site.cab?1168967282093 |
Legitimate |
Legitimate ActiveX item from site http://update.microsoft.com/ |
Change status
|
| O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe |
Legitimate |
Required for PhotoshopCS |
Change status
|
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Avast anti-virus... |
Change status
|
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
More info about file aluschedulersvc.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Symantec anti-virus... |
Change status
|
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Avast anti-virus... |
Change status
|
| O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
More info about file dmadmin.exe |
Legitimate |
Item found in 2-spyware.com database.
File dmadmin.exe is a standard component of Microsoft Windows operating system. It is included in... |
Change status
|
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
More info about file lucoms~1.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Symantecs Internet security suite... |
Change status
|
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe |
Legitimate |
Item found in 2-spyware.com database.
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status
|
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
More info about file vsmon.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to the ZoneAlarm firewall from ZoneLabs. Located in... |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
