| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
| E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\tcpsvcs.exe
More info about file tcpsvcs.exe |
Legitimate |
Item found in 2-spyware.com library
Microsoft TCP/IP Services, represented by tcpsvcs.exe file, are included in Windows NT 4/2000/XP... |
Change status |
C:\WINDOWS\System32\snmp.exe
More info about file snmp.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to SNMP Service - it is a legitimate tool, which is a part of Microsoft... |
Change status |
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
More info about file smagent.exe |
Legitimate |
Item found in 2-spyware.com library
SoundMAX Agent. Related to drivers for various sound cards and similar devices. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
More info about file tmntsrv.exe |
Legitimate |
Item found in 2-spyware.com library
Executable tmntsrv.exe is related to PC-cillin Internet Security. It is used by the program to scan... |
Change status |
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
More info about file pccpfw.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of Trend Micro PC-cillin Internet Security suite. It runs an essential process,... |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\wscntfy.exe
More info about file wscntfy.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
Item found in 2-spyware.com library
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status |
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
More info about file starteak.exe |
Legitimate |
Item found in 2-spyware.com library
Process starteak.exe, started by an executable with the same name, is Easy Access Keyboard... |
Change status |
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
More info about file pccguide.exe |
Legitimate |
Item found in 2-spyware.com library
Trend Micro PC-cillin. pccguide.exe is located in "C:\Program Files\Trend Micro\Internet... |
Change status |
| C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
More info about file pop3trap.exe |
Legitimate |
Item found in 2-spyware.com library
Related to PC-cillin, antivirus software. Location: C:\Program Files\Trend Micro\PC-cillin 7.5 |
Change status |
| C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\USBStorage\USBDetector.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\igfxpers.exe
More info about file igfxpers.exe |
Legitimate |
Item found in 2-spyware.com library
Related to the integrated intel graphics adapter driver. |
Change status |
C:\Program Files\QuickTime6\qttask.exe
More info about file qttask.exe |
Legitimate |
Item found in 2-spyware.com library
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status |
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
| C:\WINDOWS\system32\xpuupdate.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Compaq\EAKDRV\EAUSBKBD.EXE |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
More info about file bttnserv.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of Compaq Easy Access Keyboard program, which allows to configure keyboard shortcuts... |
Change status |
C:\Program Files\KOL Connection\dialer.exe
More info about file dialer.exe |
Dangerous |
Item found in 2-spyware.com library
Dialer.exe is an executable file that starts a malicious process, launches certain parasite... |
Change status |
C:\Program Files\Internet Explorer\IEXPLORE.EXE
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
C:\DOCUME~1\BR\LOCALS~1\Temp\Rar$EX00.984\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet |
Not necessary |
.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet |
Not necessary |
.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKCU\Software\Microsoft\Internet |
Not necessary |
.
If you do not like this fact, fix this item. |
Change status |
| O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: SSVHelper Class - |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: MSN Toolbar - |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
System item according to inner database
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status
|
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
System item according to inner database
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status
|
| O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Synchronization Manager] |
Questionable |
HKLM - Run: [Synchronization Manager], file: (params - '') |
Change status
|
| O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [KernelFaultCheck] |
Questionable |
HKLM - Run: [KernelFaultCheck], file: (params - '') |
Change status
|
| O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
More info about file igfxpers.exe |
Legitimate |
Application program item according to inner database
Related to the integrated intel graphics adapter driver. |
Change status
|
| O4 - HKLM\..\Run: [NeroFilterCheck] |
Questionable |
HKLM - Run: [NeroFilterCheck], file: (params - '') |
Change status
|
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe
More info about file outlook.exe |
Questionable |
Questionable item according to inner database
outlook.exe is an executable file that is responsible for launching parasites, loading main... |
Change status
|
| O4 - HKLM\..\Run: [Windows Updater Servc] |
Questionable |
HKLM - Run: [Windows Updater Servc], file: (params - '') |
Change status
|
| O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: |
Questionable |
HKCU - Run: [], file: (params - '') |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - Global Startup: Microsoft Office.lnk = |
Questionable |
Global Startup - link: 'Microsoft Office.lnk =', file: '' |
Change status
|
| O9 - Extra button: (no name) - |
Not necessary |
This item represents extra button in your IE toolbar with a name '(no name) -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - |
Not necessary |
This item represents extra button in your IE toolbar with a name '(no name) -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - |
Not necessary |
This item represents extra button in your IE toolbar with a name '(no name) -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '@xpsp3res.dll,-20001 -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Messenger -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Windows Messenger -' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O11 - Options group: [INTERNATIONAL] International* |
Questionable |
This item represents a group added to Advanced Options tab in IE Tools > Internet Options menu. Should the item called "INTERNATIONAL" be there? If not, fix it. |
Change status
|
| O15 - Trusted Zone: http://www.gmail.com |
Questionable |
Do you want URL pattern "http://www.gmail.com" to be in your trusted zone of IE? If not, fix this item. |
Change status
|
| O17 - |
Questionable |
Do you recognize these IP addresses 'O17 -' as your internet provider DNS servers? If not, fix this item. |
Change status
|
| O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "msnim" and file "". |
Change status
|
| O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll |
Questionable |
Related to Intel(R) integrated graphics controller |
Change status
|
| O20 - Winlogon Notify: WgaLogon - |
Unknown |
No exact entries found |
Change status
|
| O21 - SSODL: WPDShServiceObj - |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro |
Legitimate |
Related to Trend Micro Inc. Firewall |
Change status
|
| O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service |
Legitimate |
SoundMAX Sound Device |
Change status
|
| O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro |
Unknown |
No exact entries found |
Insert file into database
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
