| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com library
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Bonjour\mDNSResponder.exe
More info about file mdnsresponder.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Bonjour for Windows application. |
Change status |
C:\Program Files\Eset\nod32krn.exe
More info about file nod32krn.exe |
Legitimate |
Item found in 2-spyware.com library
The core component of NOD32 Antivirus System. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
Item found in 2-spyware.com library
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status |
| C:\WINDOWS\system32\ip.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\windows\system\hpsysdrv.exe
More info about file hpsysdrv.exe |
Legitimate |
Item found in 2-spyware.com library
Hewlett Packard related software. hpsysdrv.exe is located in "C:\windows\system\" on all Windows... |
Change status |
C:\Program Files\BroadJump\Client Foundation\CFD.exe
More info about file cfd.exe |
Legitimate |
Item found in 2-spyware.com library
Related to BroadJump Client Foundation - broadband troubleshooting software installed by some ISPs. |
Change status |
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
More info about file hpcmpmgr.exe |
Legitimate |
Item found in 2-spyware.com library
File hpcmpmgr.exe is a part of Hewlett-Packard Component Manager tool, which comes preinstalled on... |
Change status |
C:\WINDOWS\system32\ps2.exe
More info about file ps2.exe |
Legitimate |
Item found in 2-spyware.com library
ps.exe file Multimedia Keyboard companion on HP computers. If this is removed or prevented from... |
Change status |
| C:\Program Files\USB Storage RW\udsi.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to Hewlett Packard software. |
Change status |
C:\Program Files\iTunes\iTunesHelper.exe
More info about file ituneshelper.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Documents and Settings\Owner\Desktop\utorrent.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Last.fm\LastFMHelper.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com library
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status |
| C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Last.fm\LastFM.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Pidgin\pidgin.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
More info about file outlook.exe |
Questionable |
This process is usually legitimate and related to Microsoft Office. But it also might be a part of parasite, depending on its location and other factors. Make some further research on it. |
Change status |
C:\WINDOWS\system32\taskmgr.exe
More info about file taskmgr.exe |
Legitimate |
Windows Task Manager |
Change status |
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
More info about file ad-aware.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to spyware/adware scanner Ad-Aware from Lavasoft. |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
| C:\Program Files\ESET\nod32.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Documents and Settings\Owner\My Documents\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
C:\WINDOWS\explorer.exe
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults
/sb/sbcydsl/*http://www.yahoo.com/search/ie.html |
Not necessary |
http://red.clientapps.yahoo.com/customize/ie/defaults
/sb/sbcydsl/*http://www.yahoo.com/search/ie.html is your Search Bar.
If you do not like this fact, fix this item. |
Change status |
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie
/defaults/sp/sbcydsl/*http://www.yahoo.com |
Not necessary |
http://red.clientapps.yahoo.com/customize/ie
/defaults/sp/sbcydsl/*http://www.yahoo.com is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 |
Not necessary |
http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 is your start page.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=69157 is your Default Page URL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=54896 is your Default Search URL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=54896 is your Search Page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 |
Not necessary |
http://go.microsoft.com/fwlink/?LinkId=69157 is your start page.
If you do not like this fact, fix this item. |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com |
Not necessary |
http://red.clientapps.yahoo.com/customize/ie
/defaults/su/sbcydsl/*http://www.yahoo.com is your default SearchURL.
If you do not like this fact, fix this item. |
Change status |
| R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local |
Not necessary |
127.0.0.1;*.local overrides your Proxy Server.
If you do not like this fact, fix this item. |
Change status |
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
More info about file acroiehelper.dll |
Legitimate |
Application program item according to inner database
File related to Adobe Acrobat Reader program. |
Change status
|
| O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrdkq.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O3 - Toolbar: The netadv - {ABF529BE-6245-465A-BBD4-238C4EAB0F0A} - C:\WINDOWS\netadv.dll |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
More info about file hkcmd.exe |
Legitimate |
System item according to inner database
Hotkey Command Module for Intel Graphics Contollers. Located in "C:\WINNT\System32\" on Windows... |
Change status
|
| O4 - HKLM\..\Run: [iProtectYou] "C:\WINDOWS\system32\ip.exe" -h |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
More info about file hpsysdrv.exe |
Legitimate |
System item according to inner database
Hewlett Packard related software. hpsysdrv.exe is located in "C:\windows\system\" on all Windows... |
Change status
|
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
More info about file cfd.exe |
Legitimate |
Application program item according to inner database
Related to BroadJump Client Foundation - broadband troubleshooting software installed by some ISPs. |
Change status
|
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
More info about file igfxtray.exe |
Legitimate |
System item according to inner database
From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),... |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
More info about file hpcmpmgr.exe |
Legitimate |
Application program item according to inner database
File hpcmpmgr.exe is a part of Hewlett-Packard Component Manager tool, which comes preinstalled on... |
Change status
|
| O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
More info about file recguard.exe |
Legitimate |
Application program item according to inner database
File recguard.exe can be found on some Hewlett-Packard computers. It is used to protect Windows XP... |
Change status
|
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
More info about file ps2.exe |
Legitimate |
Application program item according to inner database
ps.exe file Multimedia Keyboard companion on HP computers. If this is removed or prevented from... |
Change status
|
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
More info about file nwiz.exe |
Legitimate |
System item according to inner database
Nwiz.exe is Related to nVidia graphic cards drivers.
Long name - NVIDIA nView Wizard.<br... |
Change status
|
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
More info about file nvcpl.dll |
Legitimate |
System item according to inner database
Related to nVidia cards. NvCpl.dll is located in "C:\WINDOWS\SYSTEM\" on Windows 95/98/ME,... |
Change status
|
O4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /R
More info about file cfgwiz.exe |
Legitimate |
System item according to inner database
Related to Norton Anti Virus. CfgWiz.exe is located in "C:\Program Files\Common Files\Symantec... |
Change status
|
| O4 - HKLM\..\Run: [KYE_UDSI] "C:\Program Files\USB Storage RW\udsi.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
More info about file ccregvfy.exe |
Legitimate |
Application program item according to inner database
ccRegVfy.exe is responsible for checking the integrity of the Norton product registry entries to... |
Change status
|
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
More info about file ccapp.exe |
Legitimate |
System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status
|
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
More info about file alcxmntr.exe |
Legitimate |
System item according to inner database
RealTek AC97 Event Monitor.
ALCXMNTR.EXE is located in "C:\WINDOWS\" on Windows 95/98/ME/XP... |
Change status
|
| O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
More info about file nod32kui.exe |
Legitimate |
Application program item according to inner database
its the Eset nod32 antivirus item its safe as far as i know |
Change status
|
| O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Application program item according to inner database
The file is related to Hewlett Packard software. |
Change status
|
| O4 - HKLM\..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
More info about file ituneshelper.exe |
Legitimate |
Application program item according to inner database
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status
|
| O4 - HKCU\..\Run: [Yahoo! Pager] 1 |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - HKCU\..\Run: [µTorrent] "C:\Documents and Settings\Owner\Desktop\utorrent.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\RunOnce: [BoxOfficeAddinUpdate] msiexec /i C:\DOCUME~1\Owner\LOCALS~1\Temp\boxofficeaddin.msi |
Unknown |
No exact entries found |
Change status
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
More info about file reader_sl.exe |
Legitimate |
A part of Adobe Acrobat Reader. Used to speed up the program's launch time. |
Change status
|
| O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Global Startup: SMART-ER.lnk = ? |
Not necessary |
Fix this item because it points to nowhere |
Change status
|
| O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html |
Not necessary |
Do you want item 'Shorten URL' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Send to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'S&end to OneNote' and points to file 'C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file 'C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AIM' and points to file 'C:\PROGRA~1\AIM95\aim.exe'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll |
Questionable |
This item represents actions of so-called Layered Service Provider. It can be legitimate item or spyware. Be careful fixing it, because you can lose your internet connection. Find more information in Google or use a program called LSPFix. |
Change status
|
| O11 - Options group: [INTERNATIONAL] International* |
Questionable |
This item represents a group added to Advanced Options tab in IE Tools > Internet Options menu. Should the item called "INTERNATIONAL" be there? If not, fix it. |
Change status
|
| O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\plugins\Npcdn32.dll |
Legitimate |
This item represents a plugin added to Internet Explorer to work with '.cdx' files. Seems to be safe, unless you know that it is malicious. |
Change status
|
| O16 - DPF: ConferenceRoom Java Client - http://irc.d2jsp.org:8000/java/cr.cab |
Questionable |
Are you using an ActiveX object with no name located in 'http://irc.d2jsp.org:8000/java/cr.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 |
Legitimate |
Legitimate ActiveX item from site http://go.microsoft.com/ |
Change status
|
| O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll |
Questionable |
Are you using an ActiveX object with a name 'YInstStarter Class' located in 'C:\Program Files\Yahoo!\common\yinsthelper.dll'? If not, fix this item. |
Change status
|
| O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab |
Questionable |
Are you using an ActiveX object with a name 'EGamesPlugin Class' located in 'https://www.e-games.com.my/com/EGamesPlugin.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab |
Questionable |
Are you using an ActiveX object with a name 'WScanCtl Class' located in 'http://www3.ca.com/securityadvisor/virusinfo/webscan.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.cartoon-fridge.com/nsvplayx_vp3_mp3.cab |
Questionable |
Are you using an ActiveX object with a name 'NsvPlayX Control' located in 'http://www.cartoon-fridge.com/nsvplayx_vp3_mp3.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab |
Questionable |
Are you using an ActiveX object with a name 'PhotosCtrl Class' located in 'http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab'? If not, fix this item. |
Change status
|
| O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab |
Questionable |
Are you using an ActiveX object with a name 'MSN Chat Control 4.5' located in 'http://chat.msn.com/controls/msnchat45.cab'? If not, fix this item. |
Change status
|
| O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "grooveLocalGWS" and file "C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL". |
Change status
|
| O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "ms-help" and file "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll". |
Change status
|
| O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "skype4com" and file "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL". |
Change status
|
| O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "text/xml" and file "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL". |
Change status
|
| O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll |
Legitimate |
Related to Intel(R) integrated graphics controller |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O21 - SSODL: msvb - {EF44EA60-B071-4A6F-911F-EC7B9BDF1EB4} - C:\WINDOWS\msvb.dll |
Unknown |
No exact entries found |
Change status
|
| O21 - SSODL: sysdx - {FE83EB76-0A6D-4E32-99EB-C3393F765F4E} - C:\WINDOWS\sysdx.dll |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
More info about file mdnsresponder.exe |
Legitimate |
Item found in 2-spyware.com database.
The file belongs to Bonjour for Windows... |
Change status
|
| O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
More info about file incdsrv.exe |
Legitimate |
Item found in 2-spyware.com database.
Ahead Nero InCD Service. Allows to format writeable CDs and DVDs and use them as regular hard... |
Change status
|
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
More info about file nod32krn.exe |
Legitimate |
Item found in 2-spyware.com database.
The core component of NOD32 Antivirus... |
Change status
|
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
More info about file nvsvc32.exe |
Legitimate |
Item found in 2-spyware.com database.
NVIDIA related software. nvsvc32.exe is an executable file that is responsible for launching... |
Change status
|
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status
|
| O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
