| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\csrss.exe
More info about file csrss.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Utils\USB Safely Remove\USBSRService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Symantec AntiVirus\Smc.exe
More info about file smc.exe |
Legitimate |
Item found in 2-spyware.com library
File smc.exe is the main part of Sygate Personal Firewall. It monitors incoming and outgoind... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Symantec AntiVirus\SNAC.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Avira\AntiVir Desktop\sched.exe
More info about file sched.exe |
Legitimate |
Item found in 2-spyware.com library
Scheduler for AntiVir Anti Virus program. |
Change status |
| C:\Program Files\Utils\a-squared Anti-Malware\a2service.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
More info about file avguard.exe |
Legitimate |
Item found in 2-spyware.com library
avguard.exe stands for AntiVir real-time protection process. Do not terminate it. |
Change status |
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
More info about file btwdins.exe |
Legitimate |
Item found in 2-spyware.com library
btwdins.exe is used when bluetooth device is installed. |
Change status |
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
More info about file lssrvc.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Light Scribe software. |
Change status |
| C:\Program Files\Intel\AMT\LMS.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com library
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status |
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
More info about file regsrvc.exe |
Legitimate |
Item found in 2-spyware.com library
regsrvc.exe is an essential part of Intel wireless hardware drivers. Do not terminate or delete it... |
Change status |
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
More info about file rtvscan.exe |
Legitimate |
Item found in 2-spyware.com library
File rtvscan.exe is an essential component of Norton AntiVirus application, published by Symantec... |
Change status |
C:\WINDOWS\system32\wdfmgr.exe
More info about file wdfmgr.exe |
Legitimate |
Item found in 2-spyware.com library
A part of Microsoft Windows Media Player 10. It is used to eliminate software compatibility... |
Change status |
| C:\Program Files\Intel\AMT\UNS.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
More info about file wuser32.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Microsoft Systems Management Server. |
Change status |
C:\WINDOWS\system32\CCM\CcmExec.exe
More info about file ccmexec.exe |
Legitimate |
Item found in 2-spyware.com library
CcmExec.exe is a system process related to Microsoft Systems Management Server. Do not terminate... |
Change status |
| C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\alg.exe
More info about file alg.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Symantec AntiVirus\SmcGui.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\taskmgr.exe
More info about file taskmgr.exe |
Legitimate |
Windows Task Manager |
Change status |
| C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Analog Devices\Core\smax4pnp.exe
More info about file smax4pnp.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to SoundMax software. |
Change status |
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
More info about file zcfgsvc.exe |
Legitimate |
Item found in 2-spyware.com library
ZcfgSvc.exe is a part of Intel wireless hardware drivers. Allows to monitor and configure the... |
Change status |
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Item found in 2-spyware.com library
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. |
Change status |
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
More info about file ccapp.exe |
Legitimate |
Item found in 2-spyware.com library
From Symantec: "ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status |
C:\Program Files\Java\jre6\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
More info about file googledesktop.exe |
Legitimate |
Item found in 2-spyware.com library
GoogleDesktop.exe is the main component of Google Desktop, an application that improves you... |
Change status |
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
More info about file googledesktop.exe |
Legitimate |
Item found in 2-spyware.com library
GoogleDesktop.exe is the main component of Google Desktop, an application that improves you... |
Change status |
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
More info about file avgnt.exe |
Legitimate |
Item found in 2-spyware.com library
avgnt.exe is a security process that is associated with the Avira Internet Security Suite, which... |
Change status |
| C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Utils\USB Safely Remove\USBSafelyRemove.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
More info about file outlook.exe |
Questionable |
This process is usually legitimate and related to Microsoft Office. But it also might be a part of parasite, depending on its location and other factors. Make some further research on it. |
Change status |
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
More info about file winword.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft Word, which is started by winword.exe file, is a text processing program, included in... |
Change status |
| c:\program files\avira\antivir desktop\avcenter.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
| c:\program files\avira\antivir desktop\avscan.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Utils\Winamp\winamp.exe
More info about file winamp.exe |
Legitimate |
Item found in 2-spyware.com library
File winamp.exe, which starts a process with the same name, is the main executable component of... |
Change status |
C:\Program Files\Internet Explorer\iexplore.exe
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Utils\HijackThis Trend Micro\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| C:\WINDOWS\system32\wbem\wmiprvse.exe |
Legitimate |
Process found in system process library |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.co.za/ |
Not necessary |
http://www.google.co.za/ is your Default Search URL.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/ |
Not necessary |
http://intranet/ is your start page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet/ |
Not necessary |
http://intranet/ is your start page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://intranet2k.sabc.co.za/proxyconf/proxy.pac |
Not necessary |
.
If you do not like this fact, fix this item. |
Change status |
O2 - BHO: MetaProducts Inquiry Helper - {001165C1-A640-11D7-9FD9-0080481ADA61} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll
More info about file inquiry.dll |
Legitimate |
System item according to inner database
Part of the Meta products Intenet program. |
Change status
|
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll
More info about file babyloniepi.dll |
Legitimate |
System item according to inner database
Part of the Babylon Dictionary and Translation prgram. |
Change status
|
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
More info about file wot.dll |
Legitimate |
System item according to inner database
Toolbar to provide information about websites before you click on links. Good safety toolbar. |
Change status
|
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Utils\Free Download Manager\iefdm2.dll
More info about file iefdm2.dll |
Legitimate |
Application program item according to inner database
The process belongs to the software Free Download Manager. |
Change status
|
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
More info about file jp2ssv.dll |
Legitimate |
System item according to inner database
|
Change status
|
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
More info about file jqs_plugin.dll |
Legitimate |
System item according to inner database
|
Change status
|
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
More info about file wot.dll |
Legitimate |
System item according to inner database
Toolbar to provide information about websites before you click on links. Good safety toolbar. |
Change status
|
O3 - Toolbar: MetaProducts Inquiry Bar - {B8238B20-FF2C-11D7-9FD9-0080481ADA61} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll
More info about file inquiry.dll |
Legitimate |
System item according to inner database
Part of the Meta products Intenet program. |
Change status
|
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
More info about file syntpenh.exe |
Legitimate |
System item according to inner database
System tray access for Synaptics touch pads. Located in "C:\Program Files\Synaptics\SynTP\".<br... |
Change status
|
| O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
More info about file smax4pnp.exe |
Legitimate |
Application program item according to inner database
The file is related to SoundMax software. |
Change status
|
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
More info about file iaanotif.exe |
Legitimate |
System item according to inner database
"This is installed with Intel's Application Accelerator software. It uses about 1.6 MB RAM." Source... |
Change status
|
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
More info about file cpqset.exe |
Legitimate |
Application program item according to inner database
cpqset.exe stands for Hewlett Packard Configuration Module, which is bundled with Hewlett Packard... |
Change status
|
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
More info about file zcfgsvc.exe |
Legitimate |
Driver related item according to inner database.
ZcfgSvc.exe is a part of Intel wireless hardware drivers. Allows to monitor and configure the... |
Change status
|
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Application program item according to inner database
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. |
Change status
|
| O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
More info about file ccapp.exe |
Legitimate |
System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\Utils\BillP Studios\WinPatrol\winpatrol.exe -expressboot
More info about file winpatrol.exe |
Legitimate |
System item according to inner database
Part of a Winpatrol program. |
Change status
|
| O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Utils\Malwarebytes'' Anti-Malware\mbam.exe" /runcleanupscript |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
More info about file googledesktop.exe |
Legitimate |
Application program item according to inner database
GoogleDesktop.exe is the main component of Google Desktop, an application that improves you... |
Change status
|
| O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\Utils\IObit Security 360\IS360tray.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Utils\PC Tools Internet Security\pctsTray.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Utils\Babylon-Pro\Babylon.exe -AutoStart |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
More info about file avgnt.exe |
Legitimate |
Application program item according to inner database
avgnt.exe is a security process that is associated with the Avira Internet Security Suite, which... |
Change status
|
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\Utils\a-squared Anti-Malware\a2guard.exe"
More info about file a2guard.exe |
Legitimate |
Application program item according to inner database
An essential component of a-squared Personal, a legitimate anti-spyware and anti-malware program. |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\Utils\USB Safely Remove\USBSafelyRemove.exe /startup |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
| O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Utils\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User ''SYSTEM'') |
Unknown |
No exact entries found |
Change status
|
| O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User ''Default user'') |
Unknown |
No exact entries found |
Change status
|
| O4 - Startup: Disabled |
Questionable |
Startup - link: 'Disabled', file: '' |
Change status
|
| O4 - Global Startup: VPN Client.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Utils\Free Download Manager\dlall.htm |
Not necessary |
Do you want item 'Download all with Free Download Manager' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Utils\Free Download Manager\dlselected.htm |
Not necessary |
Do you want item 'Download selected with Free Download Manager' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Utils\Free Download Manager\dlfvideo.htm |
Not necessary |
Do you want item 'Download video with Free Download Manager' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Utils\Free Download Manager\dllink.htm |
Not necessary |
Do you want item 'Download with Free Download Manager' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm |
Not necessary |
Do you want item 'Translate this web page with Babylon' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm |
Not necessary |
Do you want item 'Translate with Babylon' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: MP Inquiry - {49B46060-8AC4-11D7-9FD9-0080481ADA61} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'MP Inquiry' and points to file 'C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Save Page to Disk - {7FDB9AEE-D04A-440C-8D1D-52B807115C59} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Save Page to Disk' and points to file 'C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Save Images - {8F36E80B-AD7C-434E-AB92-DA3938EA01E5} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Save Images' and points to file 'C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Save with MP Inquiry - {B98EEB00-A0F2-11D7-9FD9-0080481ADA61} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Save with MP Inquiry' and points to file 'C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: &Save with MetaProducts Inquiry - {B98EEB00-A0F2-11D7-9FD9-0080481ADA61} - C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '&Save with MetaProducts Inquiry' and points to file 'C:\Program Files\Utils\MetaProducts Inquiry\inquiry.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\WINDOWS\system32\shdocvw.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name '@btrez.dll,-4015' and points to file 'C:\WINDOWS\system32\shdocvw.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\WINDOWS\system32\shdocvw.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '@btrez.dll,-4017' and points to file 'C:\WINDOWS\system32\shdocvw.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Utils\SPYBOT~2\SDHelper.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\PROGRA~1\Utils\SPYBOT~2\SDHelper.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Utils\SPYBOT~2\SDHelper.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Spybot' and points to file '{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '@xpsp3res.dll,-20001' and points to file 'C:\WINDOWS\Network Diagnostic\xpnetdiag.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Translate this web page with Babylon' and points to file 'C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Translate this web page with Babylon' and points to file 'C:\Program Files\Utils\Babylon-Pro\Utils\BabylonIEPI.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
| O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O14 - IERESET.INF: START_PAGE_URL=http://intranet |
Questionable |
This item changes your "default" Start page in IE. It will appear if you Restore default web settings. If you are an administrator and you do not recognize address "", fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.giveawayoftheday.com |
Questionable |
Do you want URL pattern "http://www.giveawayoftheday.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O15 - Trusted Zone: http://www.iobit360.com |
Questionable |
Do you want URL pattern "http://www.iobit360.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 |
Legitimate |
Legitimate ActiveX item from site http://go.microsoft.com/ |
Change status
|
| O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6796.cab |
Questionable |
Are you using an ActiveX object with a name 'Windows Live Safety Center Base Module' located in 'http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6796.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll |
Questionable |
Are you using an ActiveX object with a name 'PCPitstop AntiVirus' located in 'http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll'? If not, fix this item. |
Change status
|
| O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx |
Questionable |
Are you using an ActiveX object with a name 'Get_ActiveX Control' located in 'https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx'? If not, fix this item. |
Change status
|
| O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab |
Questionable |
Are you using an ActiveX object with a name 'SABScanProcesses Class' located in 'http://www.superadblocker.com/activex/sabspx.cab'? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O17 - HKLM\Software\..\Telephony: DomainName = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = sabc.co.za |
Questionable |
Do you recognize these IP addresses 'sabc.co.za' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "wot" and file "C:\Program Files\WOT\WOT.dll". |
Change status
|
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
More info about file |
Legitimate |
The file is related to Google Desktop software. |
Change status
|
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\Utils\SASp\SASWINLO.dll
More info about file |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Utils\a-squared Anti-Malware\a2service.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
More info about file sched.exe |
Legitimate |
Item found in 2-spyware.com database.
Scheduler for AntiVir Anti Virus... |
Change status
|
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
More info about file avguard.exe |
Legitimate |
Item found in 2-spyware.com database.
avguard.exe stands for AntiVir real-time protection process. Do not terminate it.... |
Change status
|
| O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\summersa\LOCALS~1\Temp\AVSETUP_4af921ad\basic\avupgsvc.exe (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe |
Dangerous |
Added by the Troj/Hanlo-A
TROJAN!
<font color=red> Note:</font> This trojan file is located in the System32 folder.
|
Change status
|
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
More info about file btwdins.exe |
Legitimate |
Item found in 2-spyware.com database.
btwdins.exe is used when bluetooth device is... |
Change status
|
| O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe |
Legitimate |
Related to Norton/Symantec AntiVirus |
Change status
|
| O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe |
Legitimate |
Related to Norton/Symantec AntiVirus. |
Change status
|
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
More info about file cvpnd.exe |
Legitimate |
Item found in 2-spyware.com database.
cvpnd.exe is a background task used by several applications and published by Cisco Systems. The... |
Change status
|
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
More info about file evteng.exe |
Legitimate |
Item found in 2-spyware.com database.
EvtEng.exe is an application process related to Intel EvtEng Module. It provides additional support... |
Change status
|
O23 - Service: Google Desktop Manager 5.9.909.8267 (GoogleDesktopManager-090809-085438) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
More info about file googledesktop.exe |
Legitimate |
Item found in 2-spyware.com database.
GoogleDesktop.exe is the main component of Google Desktop, an application that improves you... |
Change status
|
| O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
More info about file iaantmon.exe |
Legitimate |
Item found in 2-spyware.com database.
IAA Event Monitor. Part of Intel's Application Accelerator.
IAANTmon.exe is located in... |
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
| O23 - Service: IS360service - IObit - C:\Program Files\Utils\IObit Security 360\IS360srv.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
More info about file lssrvc.exe |
Legitimate |
Item found in 2-spyware.com database.
The file is related to Light Scribe... |
Change status
|
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
More info about file lucoms~1.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Symantecs Internet security suite... |
Change status
|
| O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe |
Dangerous |
Added by the Troj/Hanlo-A
TROJAN!
<font color=red> Note:</font> This trojan file is located in the System32 folder.
|
Change status
|
| O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Utils\CDBurnerXP\NMSAccessU.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status
|
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
More info about file regsrvc.exe |
Legitimate |
Item found in 2-spyware.com database.
regsrvc.exe is an essential part of Intel wireless hardware drivers. Do not terminate or delete it... |
Change status
|
| O23 - Service: RGService - Unknown owner - C:\Program Files\Utils\RadioGet\RGService.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe |
Legitimate |
Related to Winpcap (Windows Packet Capture Library) |
Change status
|
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
More info about file s24evmon.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to special software required by Intel wireless hardware. It allows to configure and... |
Change status
|
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
More info about file servicelayer.exe |
Legitimate |
Item found in 2-spyware.com database.
servicelayer.exe is part of the Nokia Connectivity Library. It is required by the Nokia Connection... |
Change status
|
| O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Program Files\Symantec AntiVirus\SmcLU\Setup\smcinst.exe (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Smc.exe
More info about file smc.exe |
Legitimate |
Item found in 2-spyware.com database.
File smc.exe is the main part of Sygate Personal Firewall. It monitors incoming and outgoind... |
Change status
|
| O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\SNAC.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
More info about file rtvscan.exe |
Legitimate |
Item found in 2-spyware.com database.
File rtvscan.exe is an essential component of Norton AntiVirus application, published by Symantec... |
Change status
|
| O23 - Service: ThreatFire - PC Tools - C:\Program Files\Utils\PC Tools Internet Security\TFEngine\TFService.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe |
Dangerous |
Added by the Troj/Hanlo-A
TROJAN!
<font color=red> Note:</font> This trojan file is located in the System32 folder.
|
Change status
|
| O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\Utils\USB Safely Remove\USBSRService.exe |
Unknown |
No exact entries found |
Insert file into database
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
