| Line: |
Status: |
Comments: |
Actions: |
C:\WINDOWS\System32\smss.exe
More info about file smss.exe |
Legitimate |
|
Change status |
C:\WINDOWS\system32\winlogon.exe
More info about file winlogon.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\services.exe
More info about file services.exe |
Legitimate |
In most of cases it is legitimate system process, only sometimes can be used by malicious software |
Change status |
C:\WINDOWS\system32\lsass.exe
More info about file lsass.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\WINDOWS\system32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com library
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status |
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com library
ashServ.exe is a process related to Avast anti-virus software. It should not be disabled to ensure... |
Change status |
C:\WINDOWS\system32\spoolsv.exe
More info about file spoolsv.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\Explorer.EXE
More info about file explorer.exe |
Legitimate |
Process found in system process library |
Change status |
C:\WINDOWS\BCMSMMSG.exe
More info about file bcmsmmsg.exe |
Legitimate |
Item found in 2-spyware.com library
File bcmsmmsg.exe is related to a background task that is functioning as a modem's driver. It is... |
Change status |
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
More info about file hpwuschd2.exe |
Legitimate |
Item found in 2-spyware.com library
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. |
Change status |
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Legitimate |
Item found in 2-spyware.com library
Avast Anti virus |
Change status |
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
More info about file jusched.exe |
Legitimate |
Item found in 2-spyware.com library
Checks if there are new versions of Java available. |
Change status |
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
More info about file spysweeperui.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to SpySweeper application. |
Change status |
C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\Program Files\DNA\btdna.exe |
Unknown |
No exact entries found |
Insert file into database
|
| C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\WINDOWS\System32\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com library
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status |
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
More info about file hpqtra08.exe |
Legitimate |
Item found in 2-spyware.com library
This is a legitimate component of Hewlett-Packard device drivers. It is also included in other HP... |
Change status |
C:\Program Files\Internet Explorer\IEXPLORE.EXE
More info about file iexplore.exe |
Legitimate |
Process found in system process library |
Change status |
| C:\WINDOWS\system32\PnkBstrA.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
More info about file spysweeper.exe |
Legitimate |
Item found in 2-spyware.com library
An executable file of SpySweeper anti-spyware program. |
Change status |
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
More info about file hpqste08.exe |
Legitimate |
Item found in 2-spyware.com library
hpqSTE08.exe is related to integral HP software and should be kept intact. |
Change status |
| C:\Program Files\Webroot\Washer\WasherSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
More info about file ashmaisv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
More info about file ashwebsv.exe |
Legitimate |
Item found in 2-spyware.com library
Related to Avast anti-virus software. |
Change status |
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
More info about file hprblog.exe |
Legitimate |
Item found in 2-spyware.com library
The file is related to HP software. |
Change status |
C:\WINDOWS\System32\svchost.exe
More info about file svchost.exe |
Legitimate |
Process found in system process library |
Change status |
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
More info about file ssu.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to SpySweeper application. |
Change status |
C:\Program Files\Mozilla Firefox\firefox.exe
More info about file firefox.exe |
Legitimate |
Item found in 2-spyware.com library
File firefox.exe launches Mozilla Firefox web browser, implements user interface and controls all... |
Change status |
C:\Documents and Settings\Dad\Desktop\Temp\HijackThis_v1.99.1.exe
More info about file hijackthis_v1.99.1.exe |
Legitimate |
Item found in 2-spyware.com library
The file belongs to HijackThis application. |
Change status |
| R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL |
Questionable |
If you do not recognize this path "C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL", then fix this item |
Change status |
| O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: SXG Advisor - {32A3489E-5C5A-42CA-8DBB-0EE46C55F013} - C:\WINDOWS\dpvtporsot.dll |
Unknown |
No exact entries found |
Insert file into database
|
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
More info about file ssv.dll |
Legitimate |
System item according to inner database
Related to Java Virtual Machine software, which is legitimate. |
Change status
|
| O2 - BHO: SXG Advisor - {878CA87E-BD03-4991-A1A8-A1EBEB50578F} - C:\WINDOWS\dgtxrdfsnw.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: The elfwgps - {3728161D-8A68-4F3F-A8E1-96A4F9C93DB8} - C:\WINDOWS\elfwgps.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: ekvgsnw - {292547EC-9C38-4398-B336-6219B91A1634} - C:\WINDOWS\ekvgsnw.dll |
Unknown |
No exact entries found |
Insert file into database
|
| O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL |
Unknown |
No exact entries found |
Insert file into database
|
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
More info about file bcmsmmsg.exe |
Legitimate |
System item according to inner database
File bcmsmmsg.exe is related to a background task that is functioning as a modem's driver. It is... |
Change status
|
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
More info about file hpwuschd2.exe |
Legitimate |
Application program item according to inner database
hpwuschd2.exe is a legitimate process related to Hewlett Packard software. |
Change status
|
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
More info about file ashdisp.exe |
Legitimate |
Related to Avast anti-virus software. |
Change status
|
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
More info about file realsched.exe |
Legitimate |
Application program item according to inner database
Related to Real-One player. Located in "C:\Program Files\Common Files\Real\Update_OB\". |
Change status
|
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
More info about file jusched.exe |
Legitimate |
Application program item according to inner database
Checks if there are new versions of Java available. |
Change status
|
| O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k |
Questionable |
questionable item according to our database |
Change status
|
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
More info about file spysweeperui.exe |
Legitimate |
Application program item according to inner database
The file belongs to SpySweeper application. |
Change status
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
More info about file ctfmon.exe |
Legitimate |
Application program item according to inner database
When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)... |
Change status
|
| O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" |
Unknown |
No exact entries found |
Insert file into database
|
| O4 - Startup: PowerReg Scheduler.exe |
Not necessary |
A registration scheduler. In most cases useless. Sometimes it is malicious and used by parasites. |
Change status
|
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
More info about file hpqtra08.exe |
Legitimate |
Application program item according to inner database
This is a legitimate component of Hewlett-Packard device drivers. It is also included in other HP... |
Change status
|
| O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll |
Not necessary |
This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll |
Not necessary |
This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll'. If you do not want it to be there, fix this item. |
Change status
|
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
Not necessary |
Fix this item because it points to a file that cannot be found |
Change status
|
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra button in your browser - related to windows messenger. |
Change status
|
| O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
Legitimate |
Legitimate extra tools menu item - related to Windows Messenger. |
Change status
|
| O11 - Options group: [INTERNATIONAL] International* |
Questionable |
This item represents a group added to Advanced Options tab in IE Tools > Internet Options menu. Should the item called "INTERNATIONAL" be there? If not, fix it. |
Change status
|
| O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate' located in 'http://www.creative.com/su/ocx/15031/CTSUEng.cab'? If not, fix this item. |
Change status
|
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls
/en/x86/client/wuweb_site.cab?1197861967967 |
Questionable |
Are you using an ActiveX object with a name 'WUWebControl Class' located in 'http://www.update.microsoft.com/windowsupdate/v6/V5Controls
/en/x86/client/wuweb_site.cab?1197861967967'? If not, fix this item. |
Change status
|
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1197865732045 |
Questionable |
Are you using an ActiveX object with a name 'MUWebControl Class' located in 'http://www.update.microsoft.com/microsoftupdate/v6/V5Controls
/en/x86/client/muweb_site.cab?1197865732045'? If not, fix this item. |
Change status
|
| O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab |
Questionable |
Are you using an ActiveX object with a name 'Creative Software AutoUpdate Support Package' located in 'http://www.creative.com/su/ocx/15033/CTPID.cab'? If not, fix this item. |
Change status
|
| O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll |
Legitimate |
Related to SpySweeper v 4.5 by Webroot |
Change status
|
| O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll |
Legitimate |
The file belongs to WMP11 Beta application. |
Change status
|
| O21 - SSODL: bqxomdo - {AA58CD8A-19E1-483E-81F6-EAF5F2873B53} - C:\WINDOWS\bqxomdo.dll (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O21 - SSODL: aswmklt - {2FEBD090-8D60-4B84-857D-E7E383A3633C} - C:\WINDOWS\aswmklt.dll (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O21 - SSODL: alofkmn - {572D2429-250A-4118-97E1-0B475E9C69CF} - C:\WINDOWS\alofkmn.dll |
Unknown |
No exact entries found |
Change status
|
| O21 - SSODL: bxlrvps - {B2BFE0BD-4BC4-4F49-BA71-5A18AB7CD9E8} - C:\WINDOWS\bxlrvps.dll (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O21 - SSODL: RamRunOnce - {db36dd32-d603-47ab-9793-ae0c392c0d5e} - C:\WINDOWS\Installer\{db36dd32-d603-47ab-9793-ae0c392c0d5e}\RamRunOnce.dll |
Unknown |
No exact entries found |
Change status
|
| O21 - SSODL: RunOnceVolume - {92abdfcf-8cb0-44bc-b6ed-362a2269c075} - C:\WINDOWS\Installer\{92abdfcf-8cb0-44bc-b6ed-362a2269c075}\RunOnceVolume.dll |
Unknown |
No exact entries found |
Change status
|
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
More info about file aswupdsv.exe |
Legitimate |
Item found in 2-spyware.com database.
Related to Avast anti-virus... |
Change status
|
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
More info about file ati2evxx.exe |
Legitimate |
Item found in 2-spyware.com database.
File ati2evxx.exe, which starts a process with the same name, is the standard component of video... |
Change status
|
| O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe |
Legitimate |
ATI Video Card Control Panel |
Change status
|
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
More info about file ashserv.exe |
Legitimate |
Item found in 2-spyware.com database.
ashServ.exe is a process related to Avast anti-virus software. It should not be disabled to ensure... |
Change status
|
| O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
| O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) |
Not necessary |
Fix this item because it points to a file that does not exist |
Change status
|
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
More info about file hpzipm12.exe |
Legitimate |
Item found in 2-spyware.com database.
This is a standard component of Hewlett-Packard device drivers. The presence of this file means,... |
Change status
|
| O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe |
Unknown |
No exact entries found |
Insert file into database
|
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
More info about file spysweeper.exe |
Legitimate |
Item found in 2-spyware.com database.
An executable file of SpySweeper anti-spyware... |
Change status
|
| O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe |
Unknown |
No exact entries found |
Insert file into database
|
|
Follow us 
|
Like us 
(91/100)
(89/100)
(84/100)
