| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
More info about file ccsetmgr.exe |
Legitimate |
Item found in 2-spyware.com library
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status |
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
More info about file ccevtmgr.exe |
Legitimate |
Item found in 2-spyware.com library
ccEvtMgr.exe is an event logging application and runs at startup. It monitors virus alerts, virus... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
More info about file aolacsd.exe |
Legitimate |
Item found in 2-spyware.com library
This is a standard component of AOL 9.0 Internet connection software. File aolacsd.exe is required... |
Change status |
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
More info about file avgamsvr.exe |
Legitimate |
Item found in 2-spyware.com library
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status |
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
More info about file avgupsvc.exe |
Legitimate |
Item found in 2-spyware.com library
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status |
C:\WINDOWS\eHome\ehRecvr.exe
More info about file ehrecvr.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Windows XP Media Center application, giving the OS additional mulitmedia... |
Change status |
C:\WINDOWS\eHome\ehSched.exe
More info about file ehsched.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Windows XP Media Center application. |
Change status |
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
More info about file iaantmon.exe |
Legitimate |
Item found in 2-spyware.com library
IAA Event Monitor. Part of Intel's Application Accelerator.
IAANTmon.exe is located in... |
Change status |
| C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| c:\program files\common files\mcafee\mna\mcnasvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\PROGRA~1\McAfee\MSC\mcpromgr.exe |
Unknown |
No exact entries found |
Insert file into database
|
| c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe |
Unknown |
No exact entries found |
Insert file into database
|
| c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
More info about file mcshield.exe |
Legitimate |
Item found in 2-spyware.com library
Process mcshield.exe usually starts automatically on system's startup and stays in background. It... |
Change status |
| C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
More info about file mdm.exe |
Legitimate |
Item found in 2-spyware.com library
mdm.exe is a system process - Machine Debug Manager. Used by developers. Located in "C:\PROGRAM... |
Change status |
| C:\Program Files\McAfee\MPF\MPFSrv.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\McAfee\MPS\mps.exe
More info about file mps.exe |
Legitimate |
McAfee Privacy Service |
Change status |
| C:\Program Files\McAfee\MSK\MskSrver.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Norton Ghost\Agent\VProSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\SiteAdvisor\6172\SAService.exe
More info about file saservice.exe |
Legitimate |
Item found in 2-spyware.com library
|
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
More info about file symlcsvc.exe |
Legitimate |
Item found in 2-spyware.com library
An essential component of security-related Symantec software such as Norton AntiVirus and Norton... |
Change status |
| C:\Program Files\Viewpoint\Common\ViewpointService.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\fxssvc.exe
More info about file fxssvc.exe |
Legitimate |
Item found in 2-spyware.com library
File fxssvc.exe stands for Microsoft Fax Service. It is a standard Windows component, designed to... |
Change status |
C:\WINDOWS\system32\dllhost.exe
More info about file dllhost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\msiexec.exe
More info about file msiexec.exe |
Legitimate |
Item found in 2-spyware.com library
This file is related to Microsoft Windows Installer - it is a system component, used to handle MSI... |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\McAfee\MPS\mpsevh.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
More info about file mcagent.exe |
Legitimate |
Item found in 2-spyware.com library
Part of McAfee Anti-Virus. Located in "c:\Program Files\mcafee.com\agent\". |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\ehome\ehtray.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\WINDOWS\eHome\ehmsas.exe
More info about file ehmsas.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Microsoft Windows Media Center application. |
Change status |
| C:\WINDOWS\stsystra.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
More info about file iaanotif.exe |
Legitimate |
Item found in 2-spyware.com library
"This is installed with Intel's Application Accelerator software. It uses about 1.6 MB RAM." Source... |
Change status |
| C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
More info about file dvdlauncher.exe |
Legitimate |
Item found in 2-spyware.com library
A part of CyberLink PowerDVD, video playing software. |
Change status |
C:\Program Files\Real\RealPlayer\RealPlay.exe
More info about file realplay.exe |
Legitimate |
Item found in 2-spyware.com library
File realplay.exe, which starts a process with the same name, is the main executive component of... |
Change status |
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
More info about file issch.exe |
Legitimate |
Item found in 2-spyware.com library
Executable issch.exe is a standard component of InstallShield software. It is used to connect to... |
Change status |
C:\WINDOWS\system32\dla\tfswctrl.exe
More info about file tfswctrl.exe |
Legitimate |
Item found in 2-spyware.com library
tfswctrl.exe fullname DLA Packet Writing Software
tfswctrl.exe Related to CD burning... |
Change status |
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
More info about file ccapp.exe |
Legitimate |
Item found in 2-spyware.com library
From Symantec: "ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status |
| C:\Program Files\Norton Ghost\Agent\GhostTray.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
More info about file dlccmon.exe |
Legitimate |
Item found in 2-spyware.com library
dlccmon.exe is an application related to DellDevice Monitor. It is responsible for monitoring Dell... |
Change status |
C:\Program Files\Common Files\AOL\1154411289\ee\AOLSoftware.exe
More info about file aolsoftware.exe |
Legitimate |
Item found in 2-spyware.com library
Related to legitimate America Online software |
Change status |
C:\Program Files\QuickTime\qttask.exe
More info about file qttask.exe |
Legitimate |
Item found in 2-spyware.com library
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status |
| C:\WINDOWS\system32\dlcccoms.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\iTunes\iTunesHelper.exe
More info about file ituneshelper.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status |
| C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\McAfee\MSK\MskAgent.exe
More info about file mskagent.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to McAfee SpamKiller application. |
Change status |
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
More info about file siteadv.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to Site Advisor application. |
Change status |
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
More info about file avgcc.exe |
Legitimate |
Item found in 2-spyware.com library
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status |
C:\Program Files\Messenger\msmsgs.exe
More info about file msmsgs.exe |
Legitimate |
Item found in 2-spyware.com library
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status |
C:\Program Files\DellSupport\DSAgnt.exe
More info about file dsagnt.exe |
Legitimate |
Item found in 2-spyware.com library
Dell Support Agent. It is a special utility offering additional support and providing updates for... |
Change status |
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
Item found in 2-spyware.com library
SAS is one of the best as-programs |
Change status |
C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com library
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status |
| C:\Program Files\Greetings Workshop\GWREMIND.EXE |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\MemoKit\memokit2.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\system32\wuauclt.exe
More info about file wuauclt.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
More info about file viewmgr.exe |
Legitimate |
Item found in 2-spyware.com library
This is a part of media player, which can act as an adware program. This player appears to be a... |
Change status |
| c:\program files\mcafee\msc\mcuimgr.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Documents and Settings\EDWARD TOCZYNSKI\Desktop\hijackthis\HijackThis.exe
More info about file hijackthis.exe |
Legitimate |
Item found in 2-spyware.com library
This is the main component of HijackThis security application, designed to perform system scans and... |
Change status |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = |
Not necessary |
Fix this item because it points to nowhere |
Change status |
| R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program |
Questionable |
If you do not recognize this entry name "AOLTBSearch Class" and this path "C:\Program", then fix this item |
Change status |
| O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: TTB000000 - {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - C:\WINDOWS\COUPON~1.DLL (file |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: MSVPS System - {6EB10F79-5E53-4F76-B146-409EFCDCB957} - C:\WINDOWS\movctrlfqd.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file) |
Not necessary |
Fix this item, because it points to file that cannot be found |
Change status
|
| O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: The nssfrch - {DF0ACE0C-4A3F-4A1F-8676-BA16DEB23C70} - C:\WINDOWS\nssfrch.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
| O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
More info about file iaanotif.exe |
Legitimate |
System item according to inner database
"This is installed with Intel's Application Accelerator software. It uses about 1.6 MB RAM." Source... |
Change status
|
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
More info about file atiptaxx.exe |
Legitimate |
System item according to inner database
ATI Desktop Control Panel from ATI Technologies, Inc. Located in "C:\Program Files\ATI... |
Change status
|
| O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
More info about file dvdlauncher.exe |
Legitimate |
Application program item according to inner database
A part of CyberLink PowerDVD, video playing software. |
Change status
|
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
More info about file realplay.exe |
Legitimate |
Application program item according to inner database
File realplay.exe, which starts a process with the same name, is the main executive component of... |
Change status
|
| O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
More info about file tfswctrl.exe |
Legitimate |
System item according to inner database
tfswctrl.exe fullname DLA Packet Writing Software
tfswctrl.exe Related to CD burning... |
Change status
|
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
More info about file ccapp.exe |
Legitimate |
System item according to inner database
From Symantec: <i>"ccApp.exe is the common hosting application that is used for both NAV and NIS.... |
Change status
|
| O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [DellHelp] C:\Dell\DellHelp\DellHelp.exe /c |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] |
Questionable |
HKLM - Run: [EPSON Stylus CX6600 Series], file: (params - '') |
Change status
|
| O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKLM\..\Run: [DLCCCATS] rundll32 |
Unknown |
No exact entries found |
Change status
|
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
More info about file dlccmon.exe |
Legitimate |
Application program item according to inner database
dlccmon.exe is an application related to DellDevice Monitor. It is responsible for monitoring Dell... |
Change status
|
| O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
More info about file iphsend.exe |
Legitimate |
Application program item according to inner database
The file is related to AOL software. |
Change status
|
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
More info about file qttask.exe |
Legitimate |
Application program item according to inner database
Provides system tray access to Apple's Quicktime Player. Located in "C:\Program Files\QuickTime\".... |
Change status
|
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
More info about file ituneshelper.exe |
Legitimate |
Application program item according to inner database
Related to Apple's iTunes for Windows. Located in "C:\Program Files\iTunes\". |
Change status
|
| O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] |
Questionable |
HKLM - Run: [My Web Search Bar Search Scope Monitor], file: (params - '') |
Change status
|
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
More info about file mwsoemon.exe |
Dangerous |
Spyware related item according to inner database
This is a part of an adware application, published by WebSearch. This program displays commercial... |
Change status
|
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
More info about file mskagent.exe |
Legitimate |
Application program item according to inner database
The file is related to McAfee SpamKiller application. |
Change status
|
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
More info about file siteadv.exe |
Legitimate |
Application program item according to inner database
The file belongs to Site Advisor application. |
Change status
|
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
More info about file avgcc.exe |
Legitimate |
System item according to inner database
It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft... |
Change status
|
| O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\PCSecureSystem\bm.exe" |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
More info about file msmsgs.exe |
Legitimate |
System item according to inner database
Windows Messenger from Microsoft. Located in "C:\Program Files\Messenger\". If you don't use... |
Change status
|
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d
More info about file aollaunch.exe |
Legitimate |
Application program item according to inner database
The file is related to AOL software. |
Change status
|
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
More info about file dsagnt.exe |
Legitimate |
Application program item according to inner database
Dell Support Agent. It is a special utility offering additional support and providing updates for... |
Change status
|
| O4 - HKCU\..\Run: [PCSecureSystem] C:\Program Files\PCSecureSystem\pgs.exe /min |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
More info about file superantispyware.exe |
Legitimate |
System item according to inner database
SAS is one of the best as-programs |
Change status
|
| O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Startup: MemoKit.lnk = C:\Program Files\MemoKit\mk.exe |
Unknown |
No exact entries found |
Insert file into database
|
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat
More info about file acrobat |
Dangerous |
Spyware related item according to inner database
acrobat is related to a dangerous parasite designed to violate your privacy and harm your computer.... |
Change status
|
| O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
| O8 - Extra context menu item: Backward Links - res://c:\program |
Not necessary |
Do you want item 'Backward Links' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program |
Not necessary |
Do you want item 'Cached Snapshot of Page' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Similar Pages - res://c:\program |
Not necessary |
Do you want item 'Similar Pages' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O8 - Extra context menu item: Translate Page into English - res://c:\program |
Not necessary |
Do you want item 'Translate Page into English' to appear in your internet explorer context menu when you do the right click? If you don't, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program |
Not necessary |
This item represents extra button in your IE toolbar with a name 'AOL Toolbar' and points to file 'C:\Program'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Yahoo! Services' and points to file 'C:\Program'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Research' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Real.com' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file '%windir%\Network'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name '@xpsp3res.dll,-20001' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program |
Not necessary |
This item represents extra button in your IE toolbar with a name 'Messenger' and points to file 'C:\Program'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Windows Messenger' and points to file ''. If you do not want it to be there, fix this item. |
Change status
|
| O11 - Options group: [INTERNATIONAL] International* |
Questionable |
This item represents a group added to Advanced Options tab in IE Tools > Internet Options menu. Should the item called "INTERNATIONAL" be there? If not, fix it. |
Change status
|
| O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - |
Questionable |
Are you using an ActiveX object with a name 'McAfee.com Operating System Class' located in ''? If not, fix this item. |
Change status
|
| O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program |
Questionable |
It may be a trace of dangerous protocol hijacker or a legitimate item. Make some research about the name "siteadvisor" and file "C:\Program". |
Change status
|
| O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL |
Legitimate |
The file is related to Google Desktop software. |
Change status
|
| O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll |
Unknown |
No exact entries found |
Change status
|
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
Legitimate |
windows check |
Change status
|
| O21 - SSODL: bxsbang - {32E64563-FAB4-417D-AF7B-1137A763080F} - C:\WINDOWS\bxsbang.dll |
Unknown |
No exact entries found |
Change status
|
| O21 - SSODL: ocgrep - {4D351E9B-EC01-4D59-8C7B-ADBBADCFEB3F} - C:\WINDOWS\ocgrep.dll |
Unknown |
No exact entries found |
Change status
|
| O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - |
Legitimate |
Owner: America Online. Description: AOL Connectivity Service - starts an automatic function that restores the connection should you lose it while online.
Also shown as AOL Connectivity Service (AOL ACS). |
Change status
|
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
| O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - |
Legitimate |
Related to AVG Anti-Virus. |
Change status
|
| O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - |
Legitimate |
Related to AVG Anti-Virus. |
Change status
|
| O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program |
Legitimate |
Related to Norton/Symantec AntiVirus |
Change status
|
| O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program |
Legitimate |
Related to Norton/Symantec AntiVirus. |
Change status
|
| O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program |
Legitimate |
Related to Norton/Symantec AntiVirus. |
Change status
|
| O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - |
Dangerous |
Added by the Troj/Hanlo-A
TROJAN!
<font color=red> Note:</font> This trojan file is located in the System32 folder.
|
Change status
|
| O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program |
Legitimate |
Related to Macrovision Corporation. |
Change status
|
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
More info about file ipodservice.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a legitimate component of iTunes music program. It offers wide range of music playing and... |
Change status
|
| O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
More info about file mps.exe |
Dangerous |
Item found in 2-spyware.com database.
mps.exe is an executable file that is responsible for launching parasites, loading main components... |
Change status
|
| O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program |
Legitimate |
Intel NCS NetService |
Change status
|
| O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton |
Legitimate |
symantec Norton Ghost Image related |
Change status
|
| O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
| O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common |
Legitimate |
Related to Norton/Symantec Anti-Virus. |
Change status
|
| O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program |
Unknown |
No exact entries found |
Insert file into database
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
