Results of analyzing your log

The HijackThis log analyzer beta 2 is a brand new service, so it is natural that it may have a few issues with entry descriptions and status. You can help us to improve the analyzer! If you have some information on unknown items, please share it with us and thousands of 2-Spyware.com visitors. We will carefully check your submission and approve it, if it is correct. You can also change status of entries that do not look identified correctly to you. Also feel free to post your description for existing items. We will review and add it to the analyzer's database. Thank you!

Files and registry entries considered to be safe

Legitimate items	47	59%
Not necessary items	12	15%
	59	74%

File and registry entries that can be both dangerous or safe

Questionable items	1	1%
Unknown items	18	23%
	19	24%

Files and registry entries considered to be DANGEROUS. Fix immediately!

Dangerous items

Line:	Status:	Comments:	Actions:
C:\WINDOWS\System32\smss.exe More info about file smss.exe	Legitimate		Change status
C:\WINDOWS\system32\winlogon.exe More info about file winlogon.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\services.exe More info about file services.exe	Legitimate	In most of cases it is legitimate system process, only sometimes can be used by malicious software	Change status
C:\WINDOWS\system32\lsass.exe More info about file lsass.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Windows Defender\MsMpEng.exe More info about file msmpeng.exe	Legitimate	Item found in 2-spyware.com library Related to Windows Defender program.	Change status
C:\WINDOWS\System32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe More info about file aawservice.exe	Legitimate	Item found in 2-spyware.com library	Change status
C:\WINDOWS\Explorer.EXE More info about file explorer.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe More info about file issch.exe	Legitimate	Item found in 2-spyware.com library Executable issch.exe is a standard component of InstallShield software. It is used to connect to...	Change status
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe More info about file avgcc.exe	Legitimate	Item found in 2-spyware.com library It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
C:\WINDOWS\system32\igfxpers.exe More info about file igfxpers.exe	Legitimate	Item found in 2-spyware.com library Related to the integrated intel graphics adapter driver.	Change status
C:\Program Files\Microsoft IntelliPoint\point32.exe More info about file point32.exe	Legitimate	Item found in 2-spyware.com library Microsoft IntelliPoint Mouse Software.	Change status
C:\WINDOWS\system32\hkcmd.exe More info about file hkcmd.exe	Legitimate	Item found in 2-spyware.com library hkcmd.exe is a system process related to the Hotkey Command Module for Intel Graphics Contollers....	Change status
C:\Program Files\DIGStream\digstream.exe More info about file digstream.exe	Legitimate	Item found in 2-spyware.com library DIGStream is used by both ESPN Motion and Disney Motion to check the availability for new...	Change status
C:\Program Files\ESPNRunTime\DIGServices.exe More info about file digservices.exe	Legitimate	Item found in 2-spyware.com library Related to special software that allows to watch ESPN videos.	Change status
C:\Program Files\Windows Defender\MSASCui.exe More info about file msascui.exe	Legitimate	Item found in 2-spyware.com library The file is component of Microsoft Windows Defender application.	Change status
C:\Program Files\Lexmark 4300 Series\lxcemon.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Lexmark 4300 Series\ezprint.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe More info about file jusched.exe	Legitimate	Item found in 2-spyware.com library Checks if there are new versions of Java available.	Change status
C:\WINDOWS\system32\ctfmon.exe More info about file ctfmon.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\Dell Support Center\bin\sprtcmd.exe	Unknown	No exact entries found	Insert file into database
C:\WINDOWS\system32\spoolsv.exe More info about file spoolsv.exe	Legitimate	Process found in system process library	Change status
C:\Program Files\BHODemon 2\BHODemon.exe More info about file bhodemon.exe	Legitimate	Item found in 2-spyware.com library Main component of the BHODemon program, which is used to manage Internet Explorer plug-ins and...	Change status
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe More info about file avgamsvr.exe	Legitimate	Item found in 2-spyware.com library It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe More info about file avgupsvc.exe	Legitimate	Item found in 2-spyware.com library It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe More info about file avgemc.exe	Legitimate	Item found in 2-spyware.com library It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
C:\Program Files\Dell Support Center\bin\sprtsvc.exe	Unknown	No exact entries found	Insert file into database
C:\WINDOWS\system32\svchost.exe More info about file svchost.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\system32\lxcecoms.exe	Unknown	No exact entries found	Insert file into database
C:\Program Files\Internet Explorer\iexplore.exe More info about file iexplore.exe	Legitimate	Process found in system process library	Change status
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe More info about file helpsvc.exe	Dangerous	Item found in 2-spyware.com library The helpsvc.exe file is installed and used by Radium. You have to delete helpsvc.exe immediately...	Change status
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe	Unknown	No exact entries found	Insert file into database
C:\Documents and Settings\Millertime\Desktop\tools\HiJackThis_v2.exe	Unknown	No exact entries found	Insert file into database
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com	Not necessary	http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com is your Search Page. If you do not like this fact, fix this item.	Change status
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/	Not necessary	http://www.yahoo.com/ is your start page. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157	Not necessary	http://go.microsoft.com/fwlink/?LinkId=69157 is your Default Page URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com	Not necessary	http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com is your Default Search URL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8 /*http://www.yahoo.com/ext/search/search.html	Not necessary	http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8 /*http://www.yahoo.com/ext/search/search.html is your Search Bar. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com	Not necessary	http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com is your Search Page. If you do not like this fact, fix this item.	Change status
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/	Not necessary	http://www.yahoo.com/ is your start page. If you do not like this fact, fix this item.	Change status
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com	Not necessary	http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com is your default SearchURL. If you do not like this fact, fix this item.	Change status
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com	Not necessary	. If you do not like this fact, fix this item.	Change status
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost	Not necessary	localhost overrides your Proxy Server. If you do not like this fact, fix this item.	Change status
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll More info about file acroiehelper.dll	Legitimate	Application program item according to inner database File related to Adobe Acrobat Reader program.	Change status
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll More info about file ssv.dll	Legitimate	System item according to inner database Related to Java Virtual Machine software, which is legitimate.	Change status
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start More info about file issch.exe	Legitimate	Application program item according to inner database Executable issch.exe is a standard component of InstallShield software. It is used to connect to...	Change status
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP More info about file avgcc.exe	Legitimate	System item according to inner database It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup	Legitimate	InstallShield Automatic Updater	Change status
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe More info about file igfxpers.exe	Legitimate	Application program item according to inner database Related to the integrated intel graphics adapter driver.	Change status
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" More info about file point32.exe	Legitimate	System item according to inner database Microsoft IntelliPoint Mouse Software.	Change status
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe More info about file igfxtray.exe	Legitimate	System item according to inner database From a user: I just(hours ago) installed some newer Intel graphics drivers in my system(82810E),...	Change status
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe More info about file hkcmd.exe	Legitimate	System item according to inner database hkcmd.exe is a system process related to the Hotkey Command Module for Intel Graphics Contollers....	Change status
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe More info about file digstream.exe	Legitimate	Application program item according to inner database DIGStream is used by both ESPN Motion and Disney Motion to check the availability for new...	Change status
O4 - HKLM\..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe /brand=ESPN /priority=0 /poll=24 More info about file digservices.exe	Legitimate	Application program item according to inner database Related to special software that allows to watch ESPN videos.	Change status
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide More info about file msascui.exe	Legitimate	Application program item according to inner database The file is component of Microsoft Windows Defender application.	Change status
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"	Unknown	No exact entries found	Insert file into database
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" More info about file jusched.exe	Legitimate	Application program item according to inner database Checks if there are new versions of Java available.	Change status
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe More info about file ctfmon.exe	Legitimate	Application program item according to inner database When you run a Microsoft Office XP or Microsoft Office 2003 program, the file Ctfmon.exe (Ctfmon)...	Change status
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter	Unknown	No exact entries found	Insert file into database
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s	Unknown	No exact entries found	Insert file into database
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ''LOCAL SERVICE'')	Unknown	No exact entries found	Change status
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ''NETWORK SERVICE'')	Unknown	No exact entries found	Change status
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ''SYSTEM'')	Unknown	No exact entries found	Change status
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ''Default user'')	Unknown	No exact entries found	Change status
O4 - Startup: BHODemon 2.0.lnk = C:\Program Files\BHODemon 2\BHODemon.exe More info about file bhodemon.exe	Legitimate	Runs a main component of the BHODemon program on Windows startup. BHODemon manages Internet Explorer plug-ins and protects the web browser from unsolicited add-ons.	Change status
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe More info about file reader_sl.exe	Legitimate	A part of Adobe Acrobat Reader. Used to speed up the program's launch time.	Change status
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe More info about file ldmconf.exe	Legitimate	Application program item according to inner database Logitech Desktop Messenger. Checks for new products, upgrades and offers from Logitech. Located in...	Change status
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll	Not necessary	This item represents extra button in your IE toolbar without name and points to file 'C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll'. If you do not want it to be there, fix this item.	Change status
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll	Not necessary	This item represents extra menu item in your Tools menu in IE with a name 'Sun Java Console' and points to file 'C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll'. If you do not want it to be there, fix this item.	Change status
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls /en/x86/client/muweb_site.cab?1205715820828	Questionable	Are you using an ActiveX object with a name 'MUWebControl Class' located in 'http://www.update.microsoft.com/microsoftupdate/v6/V5Controls /en/x86/client/muweb_site.cab?1205715820828'? If not, fix this item.	Change status
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe More info about file aawservice.exe	Legitimate	Item found in 2-spyware.com database. ...	Change status
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe More info about file avgamsvr.exe	Legitimate	Item found in 2-spyware.com database. It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe More info about file avgupsvc.exe	Legitimate	Item found in 2-spyware.com database. It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe More info about file avgemc.exe	Legitimate	Item found in 2-spyware.com database. It is a part of the AVG Anti-Virus program made by Grisoft. It is also related to other Grisoft...	Change status
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe	Unknown	No exact entries found	Insert file into database
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe	Unknown	No exact entries found	Insert file into database

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

Recommended software:

Malwarebytes Anti Malware

(91/100)

There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t have many features. One such...

SpyHunter

(89/100)

SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are not computer savvy, but...

Spyware Doctor

(87/100)

Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and easy-to-manage...

STOPzilla

(86/100)

STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses, and viruses....

XoftSpySE Anti Spyware

(84/100)

XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to install and use. Trial version...

Latest Spyware news:

• Carl A Someone signature loved by spammers
• State of Utah Reveals Why 780k People Records Were Stolen
• The iPhone And iPad Are Targets For Hackers
• Malicious tweets spread rogue AV infecting Android users
• Be aware about malware spread via hotel Wi-Fi connections
• SecureCloud Key Management Systems Released by Trend Micro
• Microsoft and Adobe Releases Critical Security Updates. Update Now!
• Internet Apocalypsis Upcoming - Prepare for DNSChanger Servers Closure
• Hacks Through Compromised Websites Increases Rapidly, Says Symantec
• Facebook judged for its privacy controls

Subscribe to news

Encyclopedia of parasites:

ErrorSmart 24/05/12
Windows Safety Maint... 24/05/12
Windows Multi Contro... 23/05/12
System Protection Tools 23/05/12
Redirect 22/05/12
Windows Secure Kit 2012 22/05/12
WeatherBug 21/05/12
Dugenpal 21/05/12
Komodola 21/05/12
SpyGraphica 20/05/12
Windows Private Shield 20/05/12
WinMaximizer 19/05/12
Windows Pro Safety R... 18/05/12
Stekct 18/05/12
Linfo 18/05/12
Wiarp 18/05/12
Farfli 18/05/12
Happili redirect 18/05/12
Vasport 17/05/12
SeekService.com 17/05/12

Library of files:

mrt.exe 23/05/12
taskeng.exe 23/05/12
mplayer.exe 14/04/12
ccApp.exe 20/03/12
guest.js 06/03/12
BCU.exe 20/02/12
pbupdate.exe 20/02/12
dumprep.exe 20/02/12
arp.exe 12/02/12
hero remote control.... 08/02/12

Archive of files
Archive of startup entries