Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help Forums Windows Startup Programs Database Virus, Spyware, and Malware Removal Guides Computer Tutorials Uninstall Database File Database Computer Glossary Computer Resources
 

Alert!  Have a problem and would like to ask us for help? To learn how to ask your question Click Here!
Stop!  Do you have popups or other malware infecting your computer? If so, Start Here!
Question?  Are you having trouble using this site? Then you should visit the New User Orientation Center!



A    B    C    D    E    F    G    H    I    J    K    L    M    N    O    P    Q    R    S    T    U    V    W    X    Y    Z    Other   
HJT: F0, F1, F2, F3 · O4 · O20 · O21 · O22 · O23
Rootkit List  · Submit a Startup  · Top Submitters
 Startup Index · Newest Entries · Mozilla Search Tools · WebMaster Site Tools · Status Key
Startup Database Forum · Computer Help Forums · How to use the Startup Database

Enter the filename or keyword you would like to search for:
Advanced Search

Name Filename Status Description
search.vbs
X
Hijacker
vs.vsn
Y
Part of eSafe antivirus "SmartScan" - alerts the user if files have been changed/added ... Read More
com servoce
wowexecl ""
X
Added by the Troj/Vanity-A Trojan. This infection includes the files C:\Windows\System32\wowexecl.dll and c:\Windows\System32\wowexecl.ini. Due to ... Read More
legalnoticeapplication ""
U
Added by the Spyware.PCProwler surveillance software. If this program was not installed by yourself, it should be uninstalled immediately. ... Read More
$sys$cor.sys $sys$cor.sys
U
Added by the Sony/XCP DRM security software. This service is part of the digital rights management system utilized on certain Sony CDs. If you remove ... Read More
Plug and Play Device Manager $sys$DRMServer.exe
U
Added by the Sony/XCP DRM security software. This service is part of the digital rights management system utilized on certain Sony CDs. If you remove ... Read More
$sys$drv $sys$drv.exe
X
Added by the Backdoor.Ryknos Trojan backdoor that attempts to utilize the SecurityRisk.First4DRM security risk to hide itself on the compromised compu ... Read More
$sys$crash $sys$sonyTimer.exe
X
Added by the Trojan.Welomoch Trojan.
$sys$crash $sys$sos$sys$.exe
X
Added by the Trojan.Welomoch Trojan.
$sys$crash $sys$WeLoveMcCOL.exe
X
Added by the Trojan.Welomoch Trojan.
$sys$cmp $sys$xp.exe
X
Added by the Troj/Stinx-F backdoor Trojan. Troj/Stinx-F may be stealthed on an infected system by exploiting Sony DRM (Digital Rights Management) sof ... Read More
Flash Media %%%%%.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
<not used> %%%.exe
X
A variant of the Troj/Nymod-A malware.
@ %1
X
Added by the W32/Protorid-AD WORM!
Ctykd %Malware path and filename%
X
Added by the TSPY_SMALL.SN spyware.
PAV.EXE %Number%
X
Added by the KITRO.D (or ARGEN.A) WORM! %Number% can be any number
DumpFaultCheck %system%
N
Added by the W32/Scanbot-A worm and IRC backdoor. Though this infection adds these entries, they have no effect on your computer other than open the ... Read More
Installs SP4 %system%\ekrlgc\repcale.exe c:\windows\system32\ekrlgc\p0rd.exe
X
Added by the W32/Randon-AK worm. This infection, when started, connects to an IRC server using a provided MIRC client to receive commands. ... Read More
RGZCDHTN %System%\RGZCDHTN.exe /install
X
Added by the adware/redirector.
SystemWideHook for Windows NT %WinHook32.exe
X
Added by the MYDOOM.AC WORM!
ShowLOMControl (No file name)
U
Shows as O4 - HKLM\..\Run: [ShowLOMControl]  (note strange symbol here) HKLM\Software\Microsoft\Windows\Current Version\Run ShowLOMControl Reg_DWORD ... Read More
vbs.ipnuker@mm (original worm file name).vbs
X
Added by the VBS.Nukip ... Read More
windowz (original worm file name).vbs
X
Added by the VBS.Nukip ... Read More
bcnswsx (path to file)
X
Added as result of a Ranck-AJ trojan infection ... Read More
ibin (Pathname of the Trojan executable)
X
Added by the Troj/Perda-C ... Read More
virus removal tool (pathname of the Trojan executable)
X
Added by the Troj/Tometa-B ... Read More
Volume Task (Random 10 Letter).exe
X
A variant of the SpyBot.bn family of worms and IRC backdoor Trojans. This family of worms spread via mIRC and the Kazaa file sharing network. ... Read More
Windows update 55 (Random 10 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.aus family of worms and IRC backdoor Trojans. ... Read More
Program Access Service (Random 10 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Services Aganters (Random 10 Letter).exe
X
A variant of the WORM_RBOT.CUN family of worms and IRC backdoor Trojans.
MicroSoft Getway mqbol (Random 12 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.etg family of worms and IRC backdoor Trojans. ... Read More
syswin.txt (Random 3 Letter).exe
X
A variant of the Backdoor.Sdbot family of worms and IRC backdoor Trojans.
Service PAck SFVP (Random 4 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Service Ag3nt (Random 4 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.gox family of worms and IRC backdoor Trojans. ... Read More
Winds Sers Agts (Random 5 Letter).exe
X
A variant of the RBot family of worms and IRC backdoor Trojans.
Mioft Wiws Seice ent (Random 5 Letter).exe
X
A variant of the W32/Rbot-GIJ family of worms and IRC backdoor Trojans.
proses (Random 5 letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows haz Layer (Random 5 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.fbx family of worms and IRC backdoor Trojans. ... Read More
Auto Scroll Loader (Random 6 Letter).exe
X
A variant of the SpyBot.dw family of worms and IRC backdoor Trojans. This family of worms spread via mIRC and the Kazaa file sharing network. ... Read More
Windows NTFS Volume Manage (Random 6 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.edl family of worms and IRC backdoor Trojans. ... Read More
ivhost (Random 6 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Adobe SpeedLaunch (Random 6 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Service CV (Random 6 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Sysconf32 (Random 7 Letter).exe
X
A variant of the SpyBot.am family of worms and IRC backdoor Trojans. This family of worms spread via mIRC and the Kazaa file sharing network. ... Read More
Windows Secure talal32 (Random 7 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Microsoft Live 8.5 (Random 7 Letters).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Winsocgfhk driver (Random 7.Letter).exe
X
A variant of the SpyBot.a family of worms and IRC backdoor Trojans. This family of worms spread via mIRC and the Kazaa file sharing network. ... Read More
ifperx (Random 8 Letter).exe
X
Identified as the Trojan-Proxy.Win32.Slaper Trojan.
mmsddlx (Random 8 Letter).exe
X
Identified as a variant of the Trojan-Proxy.Win32.Slaper Trojan.
rtkernsw (Random 8 Letter).exe
X
Identified as a variant of the Trojan-Proxy.Win32.Slaper Trojan.
vbcdtm (Random 8 Letter).exe
X
Identified as a variant of the Trojan-Proxy.Win32.Slaper Trojan.
wpxmls (Random 8 Letter).exe
X
Identified as a variant of the Trojan-Proxy.Win32.Slaper Trojan.
Windows Services alges2 (Random 8 Letter).exe
X
A variant of the Backdoor.Win32.Rbot.esc family of worms and IRC backdoor Trojans. ... Read More
Windows Service alge (Random 8 Letter).exe
X
A variant of the WORM_RBOT.GJO family of worms and IRC backdoor Trojans.
Windows Microsoft Service (Random 8 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Microsoft Services (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
xswdmse (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
reszrv (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
icccomp (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
idlesam (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
kdmsx (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
mceipww (Random 8 Letter).exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
Windows Service Agnts (Random 8 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Service PAck hard (Random 8 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Newresck (Random 8 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Serces Agnt (Random 9 Letter).exe
X
A variant of the Rbot.civ family of worms and IRC backdoor Trojans.
Ipod Help (Random 9 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Servcesc (Random 9 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
MicroSoft Getway Dire (Random 9 Letter).exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Windows Serviece Agents (Random 9 Letter).exe
X
A variant of the Worm.Rbot.ABFK family of worms and IRC backdoor Trojans.
kerberos4 (Random Name).dll
X
A variant of the Win32:Agent-NZR malware.
sklfc94krteetj (Random Name).dll
X
Identified as a variant of the Trojan-Downloader.Win32.Small.hko malware.
JGhsdk393ktrfggh9dtj (Random Name).dll
X
Identified as a variant of the Trojan-Downloader.Win32.Small.hko malware.
UpdateWin (Random Name).exe
X
Identified as a variant of the Trojan.Dropper.LDPinch.Q Trojan.
DeviceSys (Random Name).exe
X
Identified as a variant of the Backdoor.Win32.VB.btu Trojan.
mssysif (Random Name).exe
X
Identified as a variant of the Trojan-Downloader.Win32.Agent.pnv malware.
Virtual Memory Protector (Random Name).exe
X
Identified as as variant of the Win32:Agent-XKO/Backdoor.Hamweq.B malware.
Physical Memory Protector (Random Name).exe
X
Identified as a variant of the Trojan-Downloader.Win32.Agent malware.
Microsoft (R) Windows Protocol Deployment Manager (Random Name).tmp
X
Added by the Backdoor.Ranky backdoor Trojan.
mssysif (Random Name).tmp
X
Identified as a variant of the Trojan-Downloader.Win32.Agent.pnv malware.
SfKg6wIP (RandomName).exe
X
Identified as a variant of the TrojanDownloader.Matcash malware.
Virtual Memory Dispatcher (RandomName).exe
X
Identified as a variant of the Win32:Agent-XKO/Backdoor.Hamweq.B malware.
clock (various file names)
X
LiveChat Adware - known file names include: mssetup.exe, kstatus.exe, spoolsv.exe, sptsupd.exe, osk.exe, msswchx.exe, netdde.exe, msbkup.exe ... Read More
romahere2 ************.exe [* = random char]
X
SuperSpider hijacker - a CoolWebSearch parasite variant
romahere3 ************.exe [* = random char]
X
SuperSpider hijacker - a CoolWebSearch parasite variant
Control handler ***********.exe [* = random char]
X
CoolWebSearch parasite variant
Network Security Guard **********.exe [* = random char]
X
CoolWebSearch parasite related
WindowsRegKey upd4te2d4te *********.exe [* = random char]
X
Added by the RBOT.XQ WORM!
sr64 ********. exe
X
Adware, as yet unidentified
rate.exe ********.exe [* = random char]
X
Unidentified adware
ms window update ******.exe (* = random character)
X
Added by a variant of the WIN32.RBOT WORM! ... Read More
Cryptographic Service ******.exe [* = random char]
X
Added by the KORGO.W or KORGO.X or KORGO.AB WORMS!
Narrator ******.exe [* = random char]
X
Transponder/VX2 related adware
web ******.exe [* = random char]
X
Added by a variant of the EASTO.A TROJAN!
pnpsvc_lock ******.exe [* = random digit]
X
Browser hijacker
0utlook express *****.exe (where * = random char)
X
Added by the W32/RBOT-CC WORM! ... Read More
outlook express config *****.exe (where * = random char)
X
Added by a variant of the WIN32.RBOT WORM! ... Read More
cyberfree.exe ****.dat [* = random char]
X
Unidentified adware
microsoft software ****.exe E255 [* = random char]
X
Added by an unidentified WORM or TROJAN!
Microsofts Security Manager ****.exe [**** = random char]
X
Added by the RBOT-WH TROJAN!
Win32SystemMonitor ***.exe [* = random char]
X
Browser hijacker
Nero.ma ***.exe [*** = 2 to 3 digits]
X
Added by the JONBARR.D WORM!
Description of Shortcuts *.exe
?
* seems to be a sequence of alphanumerics that can be different, i.e., 1960F8A9, 4EBD23F5, etc. Each of these files would appear to be a shortcut, i.e ... Read More
FLASH32 -flash32.exe
?
??
rarup dns ...explore.xe
X
Identified as the Rbot.cnn worm and IRC backdoor.
ccapp .EXE
X
Added by the W32/RBOT-LJ WORM! ... Read More
supernova .exe
X
Added as a result of the SURNOVA (or SUPOVA) VIRUS! .exe is the chosen name ... Read More
ccapp .EXE
X
Added by the W32/RBOT-LJ WORM! ... Read More
Gray_Pigeon .exe
X
Added by the Troj/GrayBrd-EH backdoor Trojan. This infection also creates the file c:\windows\temp\8e4ds4.dll. ... Read More
sInErA .exe
X
Added by the W32/SillyFDC-AB worm. W32/SillyFDC-AB will attempt to copy itself to removable drives and create a file autorun.inf in an attempt to auto ... Read More
present .exe
X
Added by the W32/Rubble-C worm.
<not used> .security
X
Identified as part of the Fake.Alert Trojan.
value .svchost.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
SB Audigy 2 Startup Menu /l:eng
N
Related to the Dell OEM version of the Sound Blaster Audigy 2 sound card. If this item is listed and checked in startup, the System32 Folder will appe ... Read More
ZeroAds 0
U
ZeroAds - culls ads, cookies and pop-ups. Tells ZeroAds not to run at startup - needed to start it manually ... Read More
Zonavirus 0
X
Added by the KITRO.D (or ARGEN.A) WORM!
begins 0.exe
X
Added by the W32/Mytob-HE mass-mailing worm and IRC backdoor.
solid 0.exe
X
Added by the WORM_MYTOB.PP worm and IRC backdoor.
0000000 0.exe
X
Added by the W32/Sdbot-CPP worm and IRC backdoor.

W32/Sdbot-CPP spreads to other network computers by exploiting common buffer overflo ... Read More
000StTHK 000StTHK.exe
U
Toshiba Hot key functionality for the function keys (Fn-Esc, Fn-F1 (lock), Fn-F2, Fn-F3, Fn-F4, Fn-F5 (switching between laptop and CRT display output ... Read More
0050726-007-i32-1 0050726-007-i32-1.exe
X
Added by the Troj/Bancban-EC ... Read More
00THotkey 00THotKey.exe
U
For Toshiba Satellite notebook series to use the front buttons, play, stop, next, prev. ... Read More
block 05.vbs
X
Added by the W32.Pusia.A@mm worm.
vbs_auto_update 0548656X.vbs
X
Added by the VBS/Gormlez-A ... Read More
{AD11A17C-83C2-4121-89C8-D0660555685C} 08835b.dll
X
Added by the Troj/Lineag-ANA password-stealing Trojan for the online game Lineage. ... Read More
0b82c247.exe 0b82c247.exe
X
Added by the Troj/Tiny-Q Trojan.
0mcamcap 0mcamcap.exe
X
Added by the Troj/Cosiam-H proxy Trojan.
OpenGL Drivers 0penGLD.exe
X
Added by the W32/Yimp-A Instant Messaging worm.
Numerical Xterm Agent 0x32.exe
X
Added by the W32/Rbot-FWP worm and IRC backdoor.
Rundll32_8 1.dll
X
Added by the Adware.BrowserAid adware.
1.exe 1.exe
X
Added by the Troj/Multidr-C Trojan! This Trojan downloads and installs further malware onto your computer. ... Read More
SysStart 1.exe
X
Added by the Adware.ZenoSearch adware.
1.bat 1.exe
X
Added by the Troj/Banload-LK Trojan.
Microsoft (R) Windows Network Latency Controller 1.tmp
X
Added by the Backdoor.Ranky backdoor Trojan. This infection also installs a Windows service of the same name and filename. ... Read More
10.1.08 10.1.08.exe
X
Added by the W32.Redlofs worm.
[Various Names] 10010.exe
X
Part of the Wareout infection as described here.
ASDPLUGIN 100171be.exe
X
AsdPlug premium rate adult content dialer variant
ASDPLUGIN 100176br.exe
X
Added by a variant of the ASDPLUG adult content premium rate dialer!
Wupdate 1037v.exe
X
Added by the Troj/Clagger-AR Trojan.
104D840A 104D840A.EXE
X
Added by the Troj/Agent-ENR Trojan.
Human Interface Device Access HidServNetDDEdsdm 1054j.exe
X
Added by the Troj/Agent-GVN Trojan.
load32 1111a.exe
X
Added by the DUMARU.AH WORM!
1111swapmgr.exe 1111swapmgr.exe
X
Added by the Troj/Bdoor-IC backdoor trojan.
Watch 1200UBWATCH.EXE
?
??
WinSysW 124327L.exe
X
Added by the Infostealer.Gampass information stealing Trojan for online games.
12Ghosts Popup-Killer 12popup.exe
U
12Ghosts Popup-Killer
stup 138762763.exe
X
Added by the Troj/FireSpy-A Spyware Trojan. This Trojan monitors the browsing behaviour of the FireFox browser. ... Read More
windowsregkey update 16winupdate32.exe
X
Added by a variant of the WIN32.RBOT WORM! ... Read More
180adsolution 180adsolution.exe
X
180Solutions/N-Case adware variant
180ax 180ax.exe
X
180Solutions/N-Case adware variant
18wheelsofsteelconvoy.exe 18wheelsofsteelconvoy.exe
X
Added by the Adware.Trymedia.D adware.
1916435341.exe 1916435341.exe
X
Added by the Troj/Dloadr-AXU Trojan downloader.
196_150_ni 196_150_ni.exe
X
Added by WinSoftware/WinFixer.Process TROJAN! ... Read More
197_150_ni_3 197_150_ni_3.exe
X
A variant TROJAN! ... Read More
19E7E238 19E7E238.EXE
X
Added by the Troj/Agent-ELX Trojan.
spyclean 1ClickSpyClean.exe
X
The application "1 Click Spy Clean" is using a database that was stolen from SpybotS&D A Rogue anti-spyware program see note ... Read More
ni.uwfx5_0001_n57m2112 1D7C.tmp
X
This is WinFixer Malware.
avptask 1explore.exe
X
Added by the Troj/Nofere-G Trojan. Troj/Nofere-G contains functionality to communicate with a remote server using HTTP, execute downloaded files, kill ... Read More
HELLBOT TEST 1hellbot.exe
X
Added by the W32/Mytob-BC worm/trojan.
1on1 1on1.exe
X
Adult content dialler
One Touch Monitor 1tou~2.exe
N
For Visioneer OneTouch scanners. System tray access to the control panel for the scanner ... Read More
OneTouchMonitor 1tou~2.exe
N
For Visioneer OneTouch scanners. System tray access to the control panel for the scanner ... Read More
ONETOU~2 1tou~2.exe
N
For Visioneer OneTouch scanners. System tray access to the control panel for the scanner ... Read More
1u7 1u7.exe
X
Added by the Troj/Bckdr-PQL backdoor Trojan.
Numerical Xtermz Agent 1x32.exe
X
Added by the W32/Rbot-FWX worm and IRC backdoor.
Numerical Xtermz Agent 1x32.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
2.exe 2.exe
X
Added by the Troj/Multidr-C Trojan! This file is found in the Windows folder.
20050726-007-i32-1 20050726-007-i32-1.exe
X
Added by the Troj/Bancban-EC information stealing Trojan.
2006Server 2006.exe
X
Added by the Troj/Feutel-DA backdoor Trojan.
Notebook Manager Service anbmServiceNetman 2052d.exe
X
Unknown malware.
Mike3 222.exe
X
Added by the Troj/Wombat-A Trojan.
{2C1CD3D7-86AC-4068-93BC-A02304BB2236} 2236_27.dll
X
Identified by Kaspersky Anti-Virus as Backdoor.Win32.Agent.adr.
{47994C89-1857-4D33-B196-263ED6FA4CFF} 231346E28D27.dll
X
Added by the Troj/PWS-AOV password-stealing Trojan.
{56CF31C1-A46F-4B57-886C-6638DA412087} 28bfe5.dll
X
Added by the Troj/Lineag-AD password-stealing Trojan for the online game Lineage. ... Read More
29547098.exe 29547098.exe
X
Identified as Downloader.Win32.Small.equ.
{3771BD45-B3B5-46FF-B309-028D126B9103} 299E55F.dll
X
Added by the Troj/Gampass-H password-stealing Trojan for online games.
{79FC744E-75CA-49B0-8F02-AEAE4CAACBE0} 2ACE4CFBAF2C.dll
X
Added by the Troj/Lineag-CG password-stealing Trojan for the online game Lineage. ... Read More
2kadiras 2kadiras.exe
Y
Allied_Telesyn AT series router/modem related - apparently required
ChanService 2pack.exe
X
Identified as a variant of Backdoor.Win32.SpyBoter.fb.
2wSysTray 2portalmon.exe
U
2Wire Homeportal user interface
gramdate 2Stop.exe
?
??
Numerical Xterm Agents 2x32.exe
X
Added by the W32/Rbot-FWY worm and IRC backdoor. W32/Rbot-FWY spreads to other computers by exploiting common buffer overflow vulnerabilities like SRV ... Read More
{1A2B5BD6-5867-48C3-B826-807FC6AE8F3D} 30835167.dll
X
Added by the Troj/Lineag-ANB password-stealing Trojan for the online game Lineage. ... Read More
{A0EE316A-316A-0EE6-6A0E-16AEE16A0EE6} 316a0ee6.dll
X
Added by the Troj/QQRob-AAS Trojan. The filename can be random but will be found in the same location. ... Read More
[Various Names] 321102.exe
X
Part of the Wareout infection as described here.
[Various Names] 321102.exe
X
Part of the Wareout infection as described here.
{855875B5-93F3-429D-FF34-660B206D897C} 32CCF.dll
X
Identified by Kaspersky as Trojan-Downloader.Win32.Small.ddx.
windows runtime proccess 32RUNdll.exe
X
Added by the SDBOT.QW WORM! ... Read More
Microsoft Service Host Manager 32svchost.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
winXP 33.exe
X
Added by the ANPES WORM!
[Various Names] 34763.exe
X
Part of the Wareout infection as described here.
36Osafe 36Osafe.exe
X
Added by the Troj/Dloadr-BKC Trojan.
Win32 USB2.0 Driver 386.exe
X
Added by the IRCBOT.D WORM!
39672EA4 39672EA4.EXE
X
Added by the Troj/GrayBir-EW backdoor Trojan.
3capplnk 3capplnk.exe
Y
US Robotics Modem driver
3cdminic 3CDMINIC.EXE
N
3Com DMI (DynamicAccess Desktop Management Interface) Agent associated with 3Com network cards ... Read More
3ComDMIAgent 3CDMINIC.EXE
N
3Com DMI (DynamicAccess Desktop Management Interface) Agent associated with 3Com network cards ... Read More
3CM Link 3cmcnkw.exe
?
??
3c1807pd 3cmlink.exe 3cpipe-3c1807pd
Y
3Com WinModem driver. See here for more WinModem information
3Cmlink 3CmlinkW.exe
Y
For a US Robotics WinModem. Provides the link to Windows as the CPU does the processing on WinModems - won't work without it. See here for more WinMod ... Read More
Détection matériel noyau ShellHWDetectionwinmgmt 3com_dmin.exe
X
Identified by Kaspersky as the Backdoor.Win32.IRCBot.ab malware.
3D Text 3D Text.scr
X
Added by the JERMY.A WORM!
3Deep Control Panel 3DeepCTL.EXE
U
From LightSurf Technologies (nee E-Color) - 3Deep corrects lighting, shading and color for all your 2D and 3D games ... Read More
3dfx Tools 3dfxCmn.dll
Y
Updates the registry with information that can't be held for Voodoo 3/4/5 series graphics cards. Important for owners of these cards ... Read More
3dfx Task Manager 3dfxMan.exe
N
System Tray application for 3dfx Voodoo 3/4/5 functions. Available via Start -> Programs ... Read More
3dfxv2ps.dll 3dfxv2ps.dll
Y
Updates the registry with info that can't be held for 3dfx Voodoo 2 video cards. Important for owners of these cards ... Read More
3DLabsHelperDemon 3dldemon.exe
U
Directly from the programs author "It is a tiny program that is installed by the Permedia2/3 and probably other Oxygen-series cards. Normally it sits ... Read More
3Dlabs Taskbar Display Manager 3DLman.exe
?
3DLabs graphics driver related. System Tray access to display settings?
3ware 3DM 3dm.exe
Y
Monitors status of the disk array on 3ware IDE RAID controllers
3DMouse.EXE 3DMouse.EXE
Y
Dritek System Inc. 3D Mouse drive
Primax 3D Mouse 3dmoused.exe
U
Enables the scroll button on the Primax 3-D Scroll mouse
3d_sound 3d_sound.exe
X
Added by the Troj/Riados-A Trojan that attempts a distributed denial of service (DDoS) attack against www.riaa.com. ... Read More
3klagia 3klagia.dll
X
Added by the Backdoor.Rustock backdoor rootkit.
3qdctl.exe 3qdctl.exe
U
Provided with Terratec 128i PCI and similar sound cards. Loads a sound profile at bootup, restoring volume and other audio settings to a pre-determine ... Read More
{79921D3F-7537-463E-9E38-CD503A8FA485} 45ad9fca.dll
X
Added by the Troj/Lineag-AJK password-stealing Trojan for the online game Lineage. ... Read More
tlz 47681727.exe
X
Identified as a Trojan downloader.
49ersScreenServer 49ersScreenServer.exe
N
Software from the MercurySports for streaming information about the San Francisco 49ers US Football team. Slightly loose Terms or Use and Privacy pol ... Read More
49ersScreenServerSvc 49ersScreenServer.exe
N
Software from the MercurySports for streaming information about the San Francisco 49ers US Football team. Slightly loose Terms or Use and Privacy pol ... Read More
49U5T1N4 49U5T1N4.exe
X
Added by the W32.Korron.B worm. W32.Korron.B is a worm that replaces some file types with a copy of itself. It also copies itself to all accessible dr ... Read More
{83B78794-1991-4BE4-A439-D5EF37E8DC97} 4B8A877E1319.dll
X
Added by the Troj/Lineag-BA password-stealing Trojan for the online game Lineage. ... Read More
4c0f6e34.exe 4c0f6e34.exe
X
Added by the Troj/Dloadr-XP downloader Trojan.
4ccc3cea.exe 4ccc3cea.exe
X
Added by the TROJ_ZLOB.ACB Trojan.
{F75BA725-26A4-4F94-94EC-F6F6758ADA38} 4CE9831689C2.DLL
X
Added by the W32/Lineage-AAB worm.
{36EAFED6-FE52-42E5-8FEC-703424BAA9CF} 4D1B90FDDF6B.dll
X
Added by the Troj/Lineag-BF password-stealing Trojan for the online game Lineage. ... Read More
4da92ad5.exe 4da92ad5.exe
X
Added by the Troj/Dloadr-WZ Trojan.
WheelMouse 4DMAIN.EXE
U
Mouse software for "Fellowes" Wheelman mouse. Has caused some users problems but shouldn't be needed if you don't use any enhanced features it may pro ... Read More
4fdw 4fdw.dll
X
Added by the Backdoor.Rustock backdoor rootkit.
4k51k4 4k51k4.exe
X
Added by the W32/Brontok-BH worm.
5-2-46-112 5-2-46-112.exe
X
Adult content pop-up dialler. Removal instructions here
Messenger 514.exe
X
Added by the Trojan.Esteems.D Trojan.
55euf6 55euf6.sys
X
Added by the Troj/DwnLdr-GWX Trojan downloader.
(Default) 5640.exe
X
Added by the Troj/DownLd-ABF advertising related downloader Trojan.
putil 5845.exe
X
Added by the Backdoor.Zinx backdoor. This backdoor listens on ports 14728 and 24759. ... Read More
Winsock2 driver 5ystem.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
63cica 63cica.sys
X
Added by a variant of the Troj/NTRootK-CL rootkit.
avgsys 64444.reg
X
Added by the Volcano Security Suite rogue anti-spyware program.
Windows USB Service 666.exe
X
Added by the W32/Mytob-AW WORM/IRC backdoor trojan!
pmc 764.exe
X
Adult content dialler
7VGAV 7VGAV.exe
X
Part of the Adware.Winpup infection. File is found in the Windows system folder. ... Read More
[various names] 80d0.exe
X
MediaMotor/Popuppers adware variant. Names spotted include 80d0, SWOD, g$p$, elos, seli, "piz, :C=e, resU and so on ... Read More
80xFire daemon 80xFire.exe
X
Added by the W32/Tilebot-BK worm and IRC backdoor. This also infects your computer with the rootkit rdriv.sys. ... Read More
TempCom 8746D.com
X
Added by the W32/Traxg-H mass-mailing worm.
[not used] 896588AppInit.DLL
X
Added by the Troj/LegMir-BI Trojan. This infection also creates the %WinDir%896588.dll file. ... Read More
WinSysW 896588L.exe
X
Added by the Troj/LegMir-ARQ password-stealing Trojan for the online game The Legend of Mir. ... Read More
Initialize8x8 8x8_init.exe
Y
Tool that initializes a Pinnacle PCTV card - maybe in capture or in showing overlay ... Read More
KAZAACuf 9
X
Added by the KITRO.D (or ARGEN.A) WORM!
ttool 9129837.exe
X
Added by the Troj/DwnLdr-FSA downloader Trojan.
9xadiras 9xadiras.exe
Y
Allied_Telesyn AT series router/modem related - apparently required ... Read More
Windows Insecure <4 random letters>.exe
X
Added by the W32/Rbot-FSM worm and IRC backdoor. W32/Rbot-FSM spreads to computers vulnerable to common exploits, including: LSASS (MS04-011), RPC-DCO ... Read More
Web Event Logger <8 random characters>.dll
X
Added by the Backdoor.Berbew.F backdoor.
newname <application executable>
X
Added by the Troj/Drsmartl-S Trojan.
MsnMessendger <DOWNLOADED FILE NAME>
X
Added by the Trojan.Kryski Trojan. Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites. ... Read More
MsnConvert <DOWNLOADED FILE NAME>
X
Added by the Trojan.Kryski Trojan. Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites. ... Read More
MsnLoad <DOWNLOADED FILE NAME>
X
Added by the Trojan.Kryski Trojan. Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites. ... Read More
MsnHost <DOWNLOADED FILE NAME>
X
Added by the Trojan.Kryski Trojan. Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites. ... Read More
Msn <DOWNLOADED FILE NAME>
X
Added by the Trojan.Kryski Trojan. Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites. ... Read More
Proc112 <File name of the dropped file>
X
Added by the WORM_IXBOT.A worm.
DTInstall <filename.>.dll
X
Added by the Troj/Small-ALM Trojan.
Hutley-Spieluhr <filename.exe>
X
Added by the Troj/Shpiel-A backdoor Trojan.
himem.exe <filename.exe>
X
Added by the W32/Stration-FW worm. The filename associated with this infection is random. Examples of some are dlksr32.exe, skksd32.exe, skcc32.exe, ... Read More
7v3j <filename.exe>
X
Added by the Troj/Dloadr-ARK Trojan downloader. The filenames associated with this infection are random. ... Read More
SilentSoftech <filename.exe>
X
Added by the W32/SillyFDC-BL removable device worm.
GlobalSCAPE <filename>.exe
X
Added by the W32/Rbot-AYM worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
DllLoader32 <filename>.exe
X
Added by the Troj/Bdoor-QD backdoor Trojan.
NAVNet <Name of Executable>
X
Added by the Troj/Small-FR Trojan. The filenames and locations are random.
winabc <ORIGFILENAME>.DLL
X
Added by the Troj/Lineage-PN password-stealing Trojan for the online game Lineage. ... Read More
ms_net_update <Original Filename of Worm>.exe
X
Added by the W32/Womble-A mass mailing worm. W32/Womble-A uses Exp/WMF-A which exploits a vulnerability in the image rendering functionality of the DL ... Read More
Virus Cleaner <original Trojan filename>
X
Added by the Troj/Delta-E Trojan.
DownLmm <original Trojan filename>
X
Added by the Troj/Dloadr-APL Trojan.
Downm <original Trojan filename>
X
Added by the Troj/Dloadr-APL Trojan.
SearchClick <original Trojan filename>
X
Added by the Troj/Agent-DWR Trojan.
NTupdater <path to a renamed Mirc client>
X
Added by the Troj/Digarix-D backdoor Trojan.
Safe <path to Trojan EXE>
X
Added by the Troj/Banker-DT password stealing Trojan aimed primarily at users of Brazilian banks. ... Read More
WheelsMouse <path to Trojan>
X
Added by the Troj/SocksPr-D proxy server Trojan.
Win_BooT <Path to Trojan>
X
Added by the Troj/Banker-GI password-stealing Trojan.
NVFW <Path to worm executable>
X
Added by the W32/Mofei-S worm.
WinShell <path to worm>
X
Added by the W32/Fanbot-B mass-mailing and P2P worm.
msresear <pathname of the Trojan executable>
X
Added by the Troj/Weasyw-B Trojan.
Devicewin <pathname of the Trojan executable>
X
Added by the Troj/Banker-AEV Trojan.
kernel32.dll <pathname of the Trojan executable>
X
Added by the Troj/Zlob-AP Trojan.
Microsoft Redirect <pathname of the Trojan executable>
X
Added by the Troj/Banker-FW Internet banking Trojan.
Rapdyleys <pathname of the Trojan executable>
X
Added by the Troj/QQPass-AD Trojan.
MSPRO32 <pathname of the worm executable>
X
Added by the W32/Hiberi-B worm.
Grogotix <random 5 characters>.exe
X
Added by the W32/Flukan-C backdoor virus. W32/Flukan-C infects files with ".zip" extensions on the local system, by overwriting the contents of the ZI ... Read More
hdlpscom <random 8 letters>.exe
X
Added by the W32/Rbot-FUL worm and IRC backdoor.
Winsocket log <random characters>.exe
X
Added by the Troj/Sdbot-AKF worm and IRC backdoor.
Windows S1ystem Managment <random characters>.exe
X
Added by the W32/Rbot-FUN worm and IRC backdoor.

W32/Rbot-FUN spreads to other network computers by:

- exploiting common ... Read More
Print Spooler Service <random file name>.exe
X
Added by the Troj/HacDef-DJ backdoor Trojan and rootkit.
SysTray.Exys <random filename with DLL extension>
X
Added by the Troj/Slogger-D Trojan.
st3i <random filename.dll>
X
Added by the Troj/Hasum-A Trojan.
MICROSFT RAMA UPDATE SUPPORT <random filename.exe>
X
Added by the W32/Rbot-ASM worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
Proc992 <random filename.exe>
X
Added by the W32/Ixbot-C worm and IRC backdoor.
eMCryT Sh3ars Panagers <random filename.exe>
X
Added by the W32/Rbot-AWI worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
Microsoft Anti-Virus <Random Filename.exe>
X
Added by the W32/Kassbot-O worm and IRC backdoor.
angnan <random filename.exe>
X
Added by the W32/Bobax-DB worm.
Windows Recycler <random filename.exe>
X
Identified by Kaspersky as a variant of the Backdoor.Win32.Rbot.gen worm and backdoor family. ... Read More
Print Spooler Service <Random Filename.exe>
X
Added by the W32/Bobax-DZ worm. W32/Bobax-DZ spreads to other network computers by exploiting common buffer overflow vulnerabilities. The filename for ... Read More
ShareSearcher <random filename.exe>
X
Added by the Troj/Agent-FPE Trojan.
Microsft Windows Adapter 5.1.3013 <random filename.exe>
X
Identified as the Trojan.PWS.LDPinch.TDD malware.
SharedAPPs <random filename.exe>
X
Added by the Troj/Banloa-ET Trojan.
WintelUpdate <random filename.exe>
X
Added by the Troj/Small-EKW backdoor Trojan.
Microsoft Windows Adapter 5.1.3214 <random filename.exe>
X
Related to the Zinaps Anti-Spyware 2008 rogue anti-spyware program.
Telnet24 <random filename>
X
Added by the W32/Rbot-ARD worm. This infection, when started, connects to an IRC server where it sits on a channel awaiting commands. ... Read More
Idoneus <random filename>
X
Added by the MSIL.Idonut virus.
Service Screan <random filename>
X
Added by the W32/Rbot-BAC worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
DER005 <random filename>
X
Added by the Troj/Hackvan-B Trojan rootkit.
XRW005 <random filename>
X
Added by the Troj/Hackvan-B Trojan rootkit.
Win Prosess0r <random filename>
X
Added by the W32/Rbot-BIT worm and IRC backdoor.
Msn Update SUPPORT <random filename>
X
Added by the W32/Rbot-BPS worm and IRC backdoor.
DBGA0EEG <random filename>.dll
X
Added by the W32/Doxpar-D password-stealing network worm.
wuauon <random filename>.exe
X
Added by the Troj/Bdoor-MC backdoor Trojan.
eTunnel <random filename>.exe
X
Added by the Troj/Meteor-E backdoor Trojan.
Windows Firewall Monitor <random filename>.exe
X
Added by the Troj/Proxy-AX proxy Trojan.
Winsvr <random filename>.exe
X
Added by the Troj/AdClick-DK Trojan.
winValidate <random filename>.exe
X
Added by the Troj/Bckdr-PNO Instant Messaging Trojan.
System SSDP Services <random letters>.sys
X
Added by the Troj/Pardot-A rootkit.
MEMSWEEP2 <random locations>
N
Added by the Sophos Anti-Rootkit security software. This service is only used when the software is scanning your computer. Otherwise, it can be remo ... Read More
systwyns <random name>.exe
X
Added by the Troj/PWS-ADX password-stealing Trojan.
Think-Adz <random name>.exe
X
A variant of Adware.ZenoSearch.
DomainService <random name>.exe
X
Service associated with Vundo infections.
Windows Servces Agent <random name>.exe
X
Identified by Kaspersky antivirus as the Backdoor.Win32.IRCBot.acg worm and IRC backdoor. ... Read More
L]kLp <random name>.exe
X
Identified by Kaspersky antivirus as the Net-Worm.Win32.Bobic.n worm.
NvGraphicsInterface <random name>.exe
X
Added by the Troj/Bckdr-QKI backdoor Trojan.
Windows Accounts Driver <random name>.exe
X
Added by the Troj/Agent-GGY Trojan.
WinDLLProcessor <random name>.exe
X
Added by the Troj/Bancos-BDO password stealing Trojan for online banks. If you are infected with this Trojan you should immediately change all of you ... Read More
tDefault <random name>.exe
X
Identified as a variant of the Backdoor.Win32.VB.btu Trojan.
Google Earth <random name>.pif
X
Added by the W32/Rbot-AXK worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
pe386 <random number>
X
Added by the Backdoor.Rustock.A backdoor Trojan. This infection uses Alternate Data Streams and rootkit technology to hide itself and the service ent ... Read More
Malware Cleaner <random number>.exe
X
Added by the MalwareCleaner rogue anti-spyware program.
Diagnostic Manager <random numbers>.exe
X
Unknown malware.
UserTools <random.exe>
X
Identified as a variant of the Backdoor.Win32.VB.btu Trojan.
MSFox <random.exe>
X
Added by the Troj/DwnLdr-HKP Trojan.
Cognac <random.exe>
X
Added by the Troj/DwnLdr-HLQ downloading Trojan.
SysTray.Exiv <random>.dll
X
Added by the Troj/Slogger-F backdoor Trojan.
ApachInc <random>.dll
X
Unknown malware typically bundled with LiveProtect. The dll is random but the registry entry will always be named ApachInc. ... Read More
LDpswSend <random>.dll
X
Identified as Trojan-Downloader.Win32.Agent.
MSServer <random>.dll
X
Unknown malware. Please note that C:\Windows\System32\rundll32.exe is a legitimate file. ... Read More
DriversLoad <random>.dll
X
Added by the Malware Defender rogue anti-spyware program.
Web Event Logger <random>.exe
X
Added by the Backdoor.Berbew.D backdoor.
System32Check <random>.exe
X
Added by the Troj/Chast-A backdoor and keylogging Trojan.
VSSTAT <random>.exe
X
Added by the W32/Gobot-N worm and IRC backdoor.
Wiinamp <random>.exe
X
Added by the Troj/IRCBot-OH backdoor Trojan which utilizes IRC to receive its commands. ... Read More
FiresWallservices <random>.exe
X
Added by the W32/Rbot-FJT worm and IRC backdoor.
Fire Well service <random>.exe
X
Added by the W32/Rbot-FJU worm and IRC backdoor.
grgtgvgb.exe <random>.exe
X
Added by the Troj/Agent-EBF Trojan.
Alexa bridge <random>.exe
X
Added by the Troj/Agent-EBL Trojan.
Anti-Virus <random>.exe
X
Added by the Troj/Caprobad-A proxy Trojan.
Managment Service <random>.exe
X
Added by the W32/Rbot-GQM worm and IRC backdoor.
E6F7BD90 <random>.exe
X
Added by the Troj/BDoor-ADP backdoor Trojan.
crtfmon <random>.exe
X
Added by the Troj/Dialer-EM dialer.
Edzy AntiVirus <random>.exe
X
A variant of the RBot family of worms and IRC backdoor Trojans.
Windos Seres Agnts <random>.exe
X
Added by the W32/Rbot-GUN worm and IRC backdoor.
Windows Live Messenger <random>.exe
X
Added by the W32/Rbot-GVL worm and IRC backdoor.
ChkDsk32 <random>.exe
X
Added by the Troj/DwnLdr-GZO downloader Trojan.
ToolHelp <random>.exe
X
Identified as a variant of the Trojan:Win32/Meredrop malware.
Somefox <random>.exe
X
Added by the Troj/Dwnldr-HHB Trojan.
win_drivr32 <random>.exe
X
Added by the Troj/Dloadr-CKT downloader Trojan.
Windows Resurections <random>.exe
X
Unknown malware.
uidenhiufgsduiazghs <random>.exe
X
Unknown malware.
Windows Security Suite <random>.exe
X
Added by the Windows Security Suite rogue anti-spyware program.
Alerter AlerterALG <random>.exe
X
Added by the W32/Backdr-AR backdoor.
Windows Overlay Components <randomfilename>.exe
X
Added by the Troj/Agent-JK Trojan.
nethost.exe <randomfilename>.exe
X
Added by the Troj/Perda-J backdoor Trojan.
whxpin service <RandomName>.exe
X
Added by the W32/Rbot-FWU worm and IRC backdoor.
SysCalcPlus <Spyware file name>
X
Added by the TSPY_BANKER.FTD spyware.
HATAPE <Trojan executable>
X
Added by the Troj/Banker-QF Trojan.
office_update <Trojan executable>
X
Added by the Troj/Dloader-ZB Trojan.
PHIME2OO2ASyst <Trojan executable>
X
Added by the Troj/DBdoor-B backdoor Trojan. This filename for this trojan can be change to one specified by the hacker. ... Read More
FindHack <Trojan executable>
X
Added by the W32/Kelvir-BA Trojan.
taskbar <Trojan executable>
X
Added by the Troj/Perda-I backdoor Trojan.
zzzsoft <Trojan executable>
X
Added by the Troj/QQRob-AD Trojan.
msapps32 <Trojan executable>
X
Added by the Troj/Banker-IS Trojan.
cppc <Trojan executable>
X
Added by the Troj/VB-NV Trojan. This trojan pretends to be a Half-Life 2 crack. ... Read More
Apoint System <Trojan Executable>
X
Added by the Troj/Banker-WK Trojan.
SmartTesting <Trojan executable>
X
Added by the Troj/Ranck-DO http proxy trojan.
Rapdetnlu <Trojan executable>
X
Added by the Troj/MapStor-A password-stealing Trojan.
WinSysModule <Trojan executable>
X
Added by the Troj/Agent-DIQ keylogging Trojan.
Smsvr <Trojan executable>
X
Added by the Troj/Dloadr-APC Trojan.
Timer Service <Trojan Executable>
X
Added by the Troj/WoW-IL password-stealing Trojan for the online game World of Warcraft. ... Read More
SvcManager <Trojan executable>
X
Added by the Troj/Zalon-A backdoor Trojan.
NvCp1Do <Trojan executable>
X
Added by the Troj/DwnLdr-GWE Trojan downloader.
MSSever <Trojan Filename.exe>
X
Added by the Troj/PWS-CW password-stealing Trojan.
aaprotect <Trojan Filename>
X
Added by the Troj/Bancban-MJ Trojan.
Tspy <Trojan Filename>
X
Added by the Troj/TSpy-B keylogging Trojan.
Myfault <Trojan.exe>
X
Added by the Troj/Ranck-DJ Trojan.
AAAKeyboard <unknown>
?
??
AccuWeather.com® Desktop <unknown>
N
Desktop weather from AccuWeather.com
AIMster <unknown>
N
Peer to Peer (P2P) file sharing client that runs over the AOL Instant Messenger network. Available via Start -> Programs ... Read More
Avxnews <unknown>
?
??
Bonzi Buddy <unknown>
X
Spyware - read here for information and here for removal instructions
Compaq Video CD Watcher <unknown>
N
For Compaq PC's. MPEG viewer
Coupon Offers <unknown>
?
??
CQSCP2P SERVER <unknown>
?
"Compaq printer utility which is required in the startup menu in order to make the printer work correctly". Personally I doubt whether it is actually ... Read More
CQSCP2PS <unknown>
?
"Compaq printer utility which is required in the startup menu in order to make the printer work correctly". Personally I doubt whether it is actually ... Read More
Devlog <unknown>
?
??
Dosbat <unknown>
?
??
EDRestore <unknown>
U
Set Point from Easy Desk Software - "small utility that automatically sets System Restore points for WinME/XP" ... Read More
FoolProofSweep <unknown>
Y
Part of FoolProof Security PC security software from SmartStuff
HP Info Express <unknown>
N
On HP PCs, allows the computer to automatically receive notifications from HP over the Internet. Associated with BackWeb ... Read More
HP RecordNow <unknown>
U
From HP "Software for the CD writer. Do not prevent from starting unless the CD writer is never going to be used." ... Read More
HP Updates <unknown>
N
On HP PCs, allows the computer to automatically receive notifications from HP over the Internet. Associated with BackWeb ... Read More
Imesh <unknown>
N
Imesh is a file sharing system
Imesh Auto Update <unknown>
N
Update check for the Imesh file sharing system. Turn the update off under "options" ... Read More
Introduction-Registration <unknown>
N
For Compaq PC's. Should only run first time, PC Introduction & Compaq registration ... Read More
LS120 Superdisk <unknown>
N
Supposed to accelerate transfer rate on LS-120, contributes to system lockups
McAfee Winguage <unknown>
N
Part of McAfee Nuts & Bolts. "WinGuage is a dynamic reporting tool that constantly monitors your use of Windows and your applications, to alert you to ... Read More
mfgboot <unknown>
?
??
Operator <unknown>
N
Media Pilot operator, in Win.ini. Locks port open
Qdsafe <unknown>
?
??
ScanFile <unknown>
?
??
SMS Win9x Message Agent <unknown>
U
This program assigns a user to a Systems Management Server site
Startup <unknown>
N
Related to an Iomega drive
TGCMG <unknown>
N
Related to Rogers@Home, causes errors in WinSock32.dll. Not required for connection to work ... Read More
Usrobotics Online Registration <unknown>
N
Pop-up reminding customers to register their products online at US Robotics
V128IITV <unknown>
?
Loads drivers for some STB graphics cards. May be related to such a card with a TV out option? ... Read More
Vinny <unknown>
?
??
Web Search <unknown>
?
??
Windows Eyes <unknown>
N
For blind people, gives a voice description of items on the screen. Windows application which gives you total control over what you hear, when you hea ... Read More
WRECK GUARD <unknown>
?
??
Tssh <unknown>
X
Added by the Troj/Mlsuc-E backdoor Trojan.
DirectX Service <Unknown>
X
Added by the Troj/Bdoor-AAT backdoor Trojan.
Content connector <various filenames.exe>
X
Added by the Troj/Dialer-Y dialer.
pangu_service_display <variousnames>.exe
X
Added by the Troj/DDoS-V DDOS Trojan. This infection can have various names such as C:\WINDOWS\System32\temp2.exe, C:\WINDOWS\system32\1003.exe, and ... Read More
Service Transaction Provisioning <variousnames>.exe
X
Added by the Troj/DDoS-U DDOS Trojan.
Microsoft Moniter Control <worm filename>
X
Added by the W32/Rbot-BAX worm and IRC backdoor.
WinMsgServices ?.exe
X
Added by the Troj/Kelebek-G. This file is added to the Windows system folder. The name of the filename is the ASCII character 255 which corresponds ... Read More
[random name] ??anregw.exe
X
PurityScan/Clickspring adware ... Read More
[random name] ??chost.exe
X
PurityScan adware variant.
[random name] ??erinit.exe
X
PurityScan/Clickspring adware
[random name] ??ool32.exe
X
PurityScan/Clickspring adware ... Read More
[random name] ??oolsv.exe
X
PurityScan adware variant.
[random name] ??rss.exe
X
PurityScan/Clickspring adware ... Read More
[random name] ??rvices.exe
X
PurityScan adware variant.
[random name] ??xplore.exe
X
PurityScan adware variant.
[random name] ?hkntfs.exe
X
PurityScan/Clickspring adware ... Read More
?ekio Startups ?nksvc32.exe
X
Added by the W32/Agobot-OV WORM/IRC backdoor. ? is a random character. It will kill processes, record keystrokes, allowing unauthorised access to enab ... Read More
[random name] ?ttrib.exe
X
PurityScan/Clickspring adware ... Read More
@liberamovilespt @liberamovilespt
X
Added by the Dialer.UDIS premium adult dialer.
@tour_ww @tour_ww[1].exe
X
Adult content dialler
Windows boot system cfg32 actboost.exe
X
Added by W32/Forbot-G, a network WORM!
admggxp admggxp.dll
X
Added by a variant of the MyGeek/CPVFeed adware.
Configuration apphost.exe
X
Added by W32/Sdbot-VP, a network WORM!
arprmdg0 arprmdg0.dll
X
Added by the Troj/Haxdoor-DI trojan. This infection utilizes the arprmdg5.sys rootkit to hide itself. ... Read More
<unknown> asusrx25.sys
X
Variant of the Troj/Haxdor-Fam rootkit.
AWatch Awatch.exe
U
Diagnosis tool that monitors DSL connections, installed alongside DSL drivers from AVM Fritz's range of modem products. ... Read More
Generic Host Process for Win32 Services bazzi.exe
X
Added by the W32/Ahker-E WORM, from an email attachment. First added to the Startup folder as BADO.EXE and MICHO.EXE, it copies itself to bazzi.exe. ... Read More
Wins32 Online cfgpwnz.exe
X
Added by W32/Rbot-WN, a network WORM!
upme dllman.exe
X
Added by the MUGLY.F WORM!
doit.exe doit.exe
X
Added by the W32/Forbot-EK WORM! This file is found in the Windows system folder. May also create a Windows service called doit.exe. ... Read More
<not used> eNetHook.dll
Y
Related to Acer's eNet Management software for Acer laptops.
eqvwamkl eqvwamkl.dll
X
Identified as a variant of the Adware.Agent malware.
GbpSvc GbpKms.sys
X
Added by the nfostealer.Bancos.BB Trojan. Infostealer.Bancos.BB is a Trojan horse that attempts to steal information from the compromised computer. ... Read More
gCac gcac.exe
X
Added by the Tactslay Family Trojan.
hsys HSYS.EXE
U
Added by the Spyware.ExpressKeylog surveillance software. Spyware.ExpressKeylog is a spyware program that records keystrokes on the computer. This sof ... Read More
ROME ROTYUS hxdefdrv.sys
X
Added by the Troj/HacDef-DR rootkit.
Network Connections internat.exe
X
Added by Troj/VB-ZD along with another file run from the system folder, "/rundll32.exe", named Background Intelligent Transfer Service. ... Read More
alkasr ÎäÒíÑ.exe
X
Added by the BALKART TROJAN!
Microsoft Manager 1 KKI1.exe
X
Added by the Troj/Banker-EMT information-stealing Trojan for online banks.
Kodak Camera Connection Software KodakCCS.exe
Y
Kodak DC File System Driver
Visual Lube.html
X
Added by the WM97/Lebone-A Microsoft Word macro virus.
[not used] mcafee32.exe
X
w32rbotxe drops a TROJAN, creating several files in %Program Files%, %Windir%, and %system% in addition to this file. ... Read More
Microsoft Console Manager mcm.exe
X
Added by the Troj/WinShel-A backdoor Trojan.
MPatrolPRO MPatrolPRO.exe
X
Added by the MalwarePatrolPro rogue anti-spyware program.
Microsoft Java Virtual Machine MsConfiG.exe
X
Added by the W32/Forbot-DV WORM/BACKDOOR! The file is found in the Windows system folder. This infection also installs a service called draeco.sytes ... Read More
Microsoft Diagnostic msdiag32.exe
X
Added by W32/Rbot-UC, a network worm and IRC backdoor Trojan found in the Windows system folder. ... Read More
WINDOWS MSI Installer Application msiexec.exe
X
A variant of the RBot.cgu family of worms and IRC backdoor Trojans.
mssp3 mssp22.exe
X
The Troj/IBank-D TROJAN adds this to steal data entered into a variety of web pages relating to money. ... Read More
Help Temp Files netreg.exe
X
Added by a network worm with backdoor functionality, W32/Forbot-EJ copies itself to the Windows system folder as netreg.exe and sets registry entries ... Read More
Windows Desktop Multimedia ntkrnl.exe
X
Unknown malware.
APC PBE Server pbeserver.exe
Y
Related to APC PowerChute Business Edition. This startup allows you to monitor UPS connected to different computers and servers. ... Read More
<not used> r3hook.dll
Y
Related to Kaspersky Antivirus.
System Registry Settings regedit.exe
X
Added by the W32/Rbot-WL WORM/backdoor Trojan and allows unauthorised remote access to infected computers via the IRC network. ... Read More
Background Intelligent Transfer Service rundll32.exe
X
Added by Troj/VB-ZD, which also adds another to insure starting.
Configuration Loader seru32.exe
X
Added by the 32/Forbot-EL WORM! File is found in the Windows system folder.
Windows Logon Application services.exe
X
Added by the Troj/Ciadoor-L trojan.
Microsoft Internet Explorer smiissm.exe
X
Added by the Troj/Delf-KK Trojan! The infection creates a folder called SYS in the Windows folder and copies itself there. ... Read More
Windows NT Session Managers smss.exe
X
Added by the W32/Sdbot-CPN worm and IRC backdoor. This infection should not be confused with the legitimate file C:\Windows\System32\smss.exe. ... Read More
Auth Starter Ident startauth.exe
X
Added by the W32/Rbot-WP WORM!
NetPanel Starter.exe
X
Added by the Trackware.Gemius trackware. Trackware.Gemius is a program that monitors and records networking activity and sends the gathered informatio ... Read More
Windows Service Host Process svchost.exe
X
Added by the W32.Ezio.A@mm WORM.
System Power Managment svcnost.exe
X
Added by the W32/Dref-I email worm and backdoor Trojan.
svhost windows services Svhost8.exe
X
Added by a WORM, W32/Rbot-WQ, with backdoor Trojan functionality and found in the Windows system folder. ... Read More
%cmpmixtitle% Unknown
N
Possibly related to C-Media Mixer Control panel?
usrpda USRmlnkA.exe
Y
US_Robotics modem driver ... Read More
$Volumouse$ volumouse.exe
U
Having this program started allows you to control the sound volume on your computer by using the mouse wheel on your mouse. ... Read More
128 Module win128.exe
X
Added by the W32/Forbot-ES WORM/backdoor Trojan, which allows unauthorized access to the PC using the IRC network and registration of a new service pr ... Read More
down winhelp.exe
X
Added by a TROJAN/DOWNLOADER, Troj/Dloader-FQ, and is found in the Windows system folder. ... Read More
virtual-machine wini.exe
X
Added by the WORM W32/Rbot-WR, and found in the Windows system folder.
Windows System Security Monitor [4 random letters].exe
X
Added by the W32.Pinkton.A worm.
Nvid [8 random charachters]
X
Unidentified adware
Web Event Logger [8 random characters].dll
X
Added by the Backdoor.Berbew.B backdoor.
WebEvent Logger [8 random characters].dll
X
Added by the Backdoor.Berbew.F backdoor.
Web Event Logger [8 random characters].dll
X
Added by the Backdoor.Berbew.M backdoor.
Web Event Logger [8 random characters].dll
X
Added by the Backdoor.Berbew.P backdoor.
anti-virus product sync [AN UNPRINTABLE CHARACTER][3 CHARACTERS]log.exe
X
Added by the W32.Kedebe.D(AT)mm ... Read More
Remote Procedure Call (RPC) Activator [Currently unknown]
X
Added by the Troj/Fiserv-A backdoor Trojan.
NSystem [downloaded file]
X
Added by the Troj/Nsys-A trojan downloader.
hxadsec [executable name]
X
Added by the Troj/AdClick-AP trojan.
fsdsft [file name]
X
Added by the Backdoor.Ranky.S Backdoor!
winupdatefiv_ [file name]
X
Added by the W32/Combra-C email worm.
ES Current Services [FILE NAME].exe
U
Added by the Spyware.123Keylogger surveillance software. pyware.123Keylogger is a spyware program that logs user activity on the compromised computer, ... Read More
SYDNEY [file path]
X
Added by the SYNEY WORM!
Systray [filename.exe]
X
Winfavorites adware
;Rundll [filename]
X
Added by the PWSLEGMIR.E TROJAN!
Configuration [filename]
X
Added by the SDBOT-ML WORM!
JavaUpdate0.07 [filename]
X
Added by the JUPDATE TROJAN!
LoadWindowsFile [filename]
X
Added by the DELF.B TROJAN! where [filename] is the infected file
Locator Service [filename]
X
Added by the AGOBOT-KY TROJAN!
LowVersionSupport [filename]
X
Added by the LASTRAS TROJAN!
Mantis [filename]
X
Added by the MANTIBE VIRUS!
MatrixScreen [filename]
X
Added by the MATRIXSCREEN TROJAN!
Microsoft Java Windows Update [filename]
X
Added by the RBOT-DZ WORM!
Myapp [filename]
X
Added by the FATEE.B WORM!
NavScan [filename]
X
Added by the OBSORB TROJAN!
OLE [filename]
X
Added by the STAWIN or TARNO.D TROJANS!
putil [filename]
X
Added by the LDPINCH TROJAN!
Scanreg [filename]
X
Added by the QQPASS.E TROJAN!
User32 [filename]
X
Added by the NETTRASH TROJAN!
UserSystem [filename]
X
CoolWebSearch SmartSearch variant - also see here
VideoDriver [filename]
X
Added by the GSPOT20.A TROJAN!
Windows Update [filename]
X
Added by the NORIO TROJAN! Acts as a hi-jacker redirecting to adult content sites ... Read More
GustavVED [filename].exe
X
Added by the OPASERV.H WORM!
hen [filename].exe
X
Added by the TARNO.G TROJAN!
Service Host [filename].exe
X
Added by the TORVEL.B WORM!
System Update [filename].exe
X
CoolWebSearch parasite variant
Windows Explorer [filename].exe
X
Added by the SDBOT TROJAN! Note - this is not the valid Windows Explorer (explorer.exe) which would only be in startups if you added it manually ... Read More
cAgOu [filename].hta
X
Added by the KAKWORM WORM!
ZaCker [filename].PIF
X
Added by the HOLAR.A WORM!
AddClass [Installation_Path]
X
Added by the STARTPAGE.F TROJAN!
{9B71D88C-C598-4935-C5D1-43AA4DB90836} [KD]Naruto.exe
X
A variant of the Backdoor.Bifrose backdoor Trojan. Backdoor.Bifrose is a Trojan horse that uses a backdoor server to send information to a remote serv ... Read More
enbrowser [name of file]
X
WINBO adware component ... Read More
c7 [name of worm]
X
Added by the W32.MEDIAKILL.A WORM! ... Read More
Update [original file path]
X
Added by the LYNDEGG WORM!
TSystem [original filename]
X
Added by the Troj/Nsys-A trojan downloader.
File0_0 [path of Trojan]
X
Added by the Troj/Dloader-OR trojan downloader.
ccApp [path to .exe]
X
Added by the W32/Rbot-LJ WORM/IRC backdoor Trojan!
Srv32 spool service [path to .exe]
X
Added by Troj/Dloader-LB.
loader32 [path to .exe]
X
Added by Troj/Domcom-D downloading TROJAN.
fasdqwdwq [path to .exe]
X
Added by the Troj/Ranck-CP TROJAN. It will listen on a randomly chosen TCP port in the range 10000-50000 when run. ... Read More
DllExecutable [path to .exe]
X
Added by the W32/VB-SP WORM!
PornoTop [path to .exe]
X
Added by Troj/Delf-RX, and will be found in the Program Files folder.
SunJavaUpdateSched [path to .exe]
X
Added by the Troj/Banker-AU TROJAN!
msproject [path to .exe]
X
Added by the Troj/Sdbot-TF TROJAN!
imgit [path to .exe]
X
Added by the Troj/Banker-CG TROJAN!
Anti-Virus Update Scheduler V1.39.12R [path to .exe]
X
Added by the Troj/Fireby-A proxy TROJAN!
OpenMstart [path to .exe]
X
Added by the Dial/Switch-E DIALER.
Client Agent [path to .exe]
X
Added by the Troj/PPdoor-F trojan. It will target Windows XP firewall and other security related processes for termination. ... Read More
Caesvrn [path to .exe]
X
Added by the Troj/Ranck-CQ. This infection sits on a randomly selected TCP port between 1025 and 9997, awaiting contact by a remote attacker. ... Read More
GDAX [path to backdoor]
X
Added by the RANKY.K TROJAN!
winupdateconn_ [path to exe]
X
Added by the W32/Combra-A WORM.
WinUpgrader [path to EXE]
X
Added by the trojan.
2thousandbuck [path to file]
X
Added by the RANKY.L TROJAN!
Band-Aid [path to file]
X
Added by the RANKY.O TROJAN!
DSAcass [path to file]
X
Added by the RANKY.M TROJAN!
Login Service [path to file]
X
Added by the MIGMAF TROJAN!
MsgApi [path to file]
X
Added by the DEDLER-D TROJAN!
MSSGisg [path to file]
X
Added by the RANKY.N TROJAN!
Printer [path to file]
N
Added by the LOWTAPER TROJAN!
REEGRUN [path to file]
X
Added by the SECDROP.AI TROJAN
ShellCommand [path to file]
X
Added by the REMCON-A TROJAN!
Taskmgo [path to file]
X
Added by the BANCBAN-T TROJAN!
tjstartup [path to file]
X
Added by the TJSERV.C TROJAN!
Windows Taskbar Manager [path to file]
X
Added by the PROTORIDE.B WORM!
WinXP fix [path to file]
X
Added by the RANKY.P TROJAN!
_Hazafibb [path to file]
X
Added by the ZAFI.B WORM!
dm_service [path to file]
X
Added by the MITGLIEDER.P TROJAN! ... Read More
winupdateconn [path to file]
X
Added by the W32/COMBRA-A WORM! ... Read More
winupdate_ [path to file]
X
Added by the W32.COMDOR.A WORM! ... Read More
lsass [path to lsass.exe]
X
Added by the ALADINZ.F TROJAN! Note - this is not the legitimate lasss.exe process which should NOT appear in Msconfig/Startup! ... Read More
ansjava [path to mirc application]
X
Added by the W32/Randon-AN worm and IRC backdoor..
smss [path to smss.exe]
X
Added by the ALADINZ.F TROJAN! Note - this is not the legitimate smss.exe process which should NOT appear in Msconfig/Startup! ... Read More
PPSVC [path to Spyware.PCPolice]
U
Added by the PC Police surveillance program. This program should be uninstalled if it was not installed by yourself. ... Read More
357aa41a-b7a8-4632-a27d-5b980b25cf43 [path to svchost.exe]
X
Added by the SMALL-AQ TROJAN! ... Read More
winlogon32_ [PATH TO THE WORM]
X
Added by the W32.Mailbancos@mm worm.
CTime [path to trojan]
X
Added by the HTTPDOS TROJAN!
Irwftp [path to trojan]
X
Added by the BANCOS.CR TROJAN!
mdetect [path to trojan]
X
Added by the SPABOT TROJAN!
Mspatch69 [path to trojan]
X
Added by the MPROX TROJAN!
mssvc [path to trojan]
X
Added by the PSK TROJAN!
Network Host Controller [path to trojan]
X
Added by the WHISPER TROJAN!
NTP Server [path to trojan]
X
Added by the RANKY.F TROJAN!
rngmf [path to trojan]
X
Added by the RANKY.C TROJAN!
Services [path to trojan]
X
Added by the METEORSHELL TROJAN!
Spool [path to trojan]
X
Added by the RANKY.R TROJAN!
svchost [path to trojan]
X
Added by the HAZZER TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup! ... Read More
ValidData [path to trojan]
X
Added by the RANKY.H TROJAN!
windows [path to trojan]
X
Added by the AIMWIN TROJAN!
Windows NNT [path to trojan]
X
Added by the RANKY.E TROJAN!
WindowsSetup [path to trojan]
X
Added by the EZBOT TROJAN!
WindUpdates [path to trojan]
X
Added by the AGENT.BF TROJAN!
WINSYS [path to trojan]
X
Added by the GOLDPLAY TROJAN!
winzip [path to trojan]
X
Added by the BANCOS.G or BANCOS.K TROJANS!
x3yy [path to trojan]
X
Added by the TANNICK TROJAN!
yyyyyyyy [path to trojan]
X
Added by the MUMUBOY.B TROJAN!
Zen.A [path to trojan]
X
Added by the ZOOMEN-A TROJAN!
msbsc [path to trojan]
X
Added by the Troj/Banker-DF password-stealing trojan of Brazilian banks.
Floppy Master [path to trojan]
X
Added by the Troj/Zonit-F backdoor trojan.

Some potential file names may be:

C:\WINDOWS\wavplay.exe
C:\WINDOWS\system ... Read More
5p4m [path to Trojan]
X
Added by the Troj/Litebot-C Trojan.
Connectivity Tool [path to trojan]
X
Added by the Troj/Litebot-E IRC backdoor Trojan.
ACCDEFRAGINFO [path to worm]
X
Added by the DARBY-O WORM!
AHU [path to worm]
X
Added by the ANACON-B WORM!
Cekirge [path to worm]
X
Added by the KERGEZ.A WORM!
DLL Service Manager [path to worm]
X
Added by the RPCBOT.F TROJAN!
Explorer [path to worm]
X
Added by the AUTEX WORM!
ICQ Center [path to worm]
X
Added by the RANDIN WORM!
InterceptedSystem [path to worm]
X
Added by the ANACON-B WORM!
Msgmgr [path to worm]
X
Added by the BABYBEAR WORM!
NAV Live Update [path to worm]
X
Added by the DEBORMS.C WORM! Note - this is not a valid Norton Anti-Virus (NAV) function from Symantec ... Read More
Nocana [path to worm]
X
Added by the ANACON-B WORM!
RPC Patcher [path to worm]
X
Added by the BOLGI WORM!
rundll32 [path to worm]
X
Added by the AUTEX WORM!
rundll64 [path to worm]
X
Added by the AUTEX WORM!
svcwinprocess32 [path to worm]
X
Added by the UPERING WORM!
Systry [path to worm]
X
Added by the AUTEX WORM!
Systryt [path to worm]
X
Added by the AUTEX WORM!
WinKernel [path to worm]
X
Added by the PLEA VIRUS!
Winres32vis [path to worm]
X
Added by the THRAX.A WORM!
[Ephemeral 2.x] by TreeHugger, [path to worm]
X
Added by the LEMOOR.A WORM! where "x" represents 3 or 4
App.EXEName [path to worm]\.exe
X
Added by the BODIRU WORM!
MEDIA32 [pathname of the executable]
X
Added by the Troj/PurScan-Z trojan.
Root_Machine [pathname of the Trojan executable]
X
Added by the Troj/Bancban-DP password-stealing trojan for customers of Brazilian banks. ... Read More
spoolax [pathname of the Trojan executable]
X
Added by the Troj/Perda-D Trojan.
stdlib [pathname of the Trojan executable]
X
Added by the Troj/Perda-E password-stealing Trojan.
ControlPanel [path] cmd32.exe internat.dll, LoadKeyboardProfile
X
Awmcash.biz foistware
print sharing [path] hidden32.exe [path] explorer.exe
X
Added by the ZCREW.B TROJAN! Note - this is not the valid Windows Explorer (explorer.exe) ... Read More
BelNotify [path] NPBelv32.dll, RunDll32_BelNotify
U
"BelTech enables licensees to offer automated, Web-based problem resolution to their end-users. BelTech allows the end-user to simply go to a web page ... Read More
DATABASE MySql [path] repcale.exe [path] beird.exe
X
Added by a variant of the RANDON.AN WORM!
NBT System alias [path] repcale.exe [path] beird.exe
X
Added by a variant of the RANDON.AN WORM!
System Restore Data [path] repcale.exe [path] beird.exe
X
Added by the RANDON.AN WORM!
boarddata [path] repcale.exe [path] palsp.exe
X
Added by a variant of the RANDON.AN WORM! ... Read More
element furth [path] repcale.exe [path] palsp.exe
X
Added by a variant of the RANDON.AN WORM! ... Read More
installs sp2 [path] repcale.exe [path] palsp.exe
X
Added by a variant of the RANDON.AN WORM! ... Read More
PrinterSpool [path] RESTORE.EXE [path] SPOOL.EXE
X
Added by the ALADINZ.K TROJAN!
Protection [path] runtask.exe [path] protection.exe
X
Added by a variant of the AGENT.3.AU TROJAN!
svchost [path] SETUP.EXE
X
Added by the SETCLO WORM!
svchost [path] SETUP.EXE
X
Added by the SETCLO WORM!
Windows Standard Securty [random 3 letter filename]
X
Added by the W32/Rbot-ALF worm.
KavSvc [random 6 char filename]
X
Qoologic downloader trojan variant using random file names (examples: nzkklz.exe) ... Read More
Startup Configuration [random 6 letter filename]
X
Added by the W32/Rbot-ARV worm. This infection will connect to a remote IRC server and wait for commands to be executed on the infected computer. ... Read More
SysTray.Excn [random 8 character dll)
X
Added by the Troj/Cozdoor-C Trojan.
SysTray.Exsh [random 8 character dll]
X
Added by the Troj/Cozdoor-D bacdoor Trojan.
MicroSoft Media Services [RANDOM 8 CHARACTER].sys
X
Added by the virus. W32.Mediasups is a virus that spreads by infecting executable files, may download files and communicate with a remote server. ... Read More
Legacy [RANDOM CHARACTERS]
X
Added by the Backdoor.Eparssa backdoor Trojan.
WinNetDDE [random characters].exe
X
dded by the _blank>NETDEPIX.B TROJAN!
Zul_Cinta_Anick [RANDOM CHARACTERS].exe
X
Added by the Trojan.Nickzul Trojan.
cintaku [RANDOM CHARACTERS].exe
X
Added by the Trojan.Nickzul Trojan.
Internet Agent [random CLSID]
X
Added by the Troj/PPdoor-F. It also uses a name Client Agent when changing the registry run key to enable auto-starting at logon. ... Read More
*ms setup [random file name]
X
Virtumondo adware, also known as the VUNDO TROJAN! ... Read More
agent browser [random file name]
X
Added by the PPdoor.M-bdr backdoor TROJAN!
voltage manager [random file name]
X
Added by the W32.DREFFORT WORM!
microsoft security gmanagers [random file name]
X
Added by a variant of the W32/SDBOT WORM! ... Read More
microsoft security panagers [random file name]
X
Added by a variant of the W32/SDBOT WORM! ... Read More
NetDDEipx [Random file name].exe
X
Added by the Trojan.Netdepix Trojan.
Norton Antivirus 7.0a [random filenames]
X
Added by the Troj/Perda-B trojan proxy.
AIM Instant Message Cookies [random filenames]
X
Added by the W32/Rbot-AFV worm. When started, this infections connects to a remote IRC server where it waits for commands to execute. ... Read More
AOL Messenger [random filename]
X
Added by an unidentified VIRUS, WORM or TROJAN!
ara-key [random filename]
X
Added by the ANTINNY WORM!
Avril Lavigne - Muse [random filename]
X
Added by the AVRIL-A WORM!
Bnexe [random filename]
X
Added by the KITRO.D (or ARGEN.A) WORM!
ccApp [random filename]
X
Added by the OBSORB TROJAN! Note the random filename compared to the valid Norton AntiVirus ... Read More
Danton* [random filename]
X
Added by the DANTON TROJAN! where * = random number
educational writer [random filename]
X
Added by the RBOT-LZ WORM!
hpsysconf1 [random filename]
X
Added by a variant of the VIVIA.A TROJAN!
ICQ Lite Messenger [random filename]
X
Added by an unidentified VIRUS, WORM or TROJAN! Unlike the legitimate ICQ Lite executable, which will be located in the ICQLITE folder in Program File ... Read More
ist service uninstall [random filename]
X
ISTBar parasite related
kern64dll [random filename]
X
Added by the TARNO.J TROJAN!
LoadOrderVerification [random filename]
X
Added by the TRON.A TROJAN!
MicroLoad [random filename]
X
Added by the DARBY WORM!
Microsoft Corporation [random filename]
X
Added by various VIRUSES, WORMS & TROJANS!
Microsoft Diagnostic [random filename]
X
Added by the ACEBOT TROJAN!
Microsoft IT Update [random filename]
X
Added by a variant of the RBOT WORM!
Microsoft Locals 332 [random filename]
X
Added by the RBOT-KU WORM!
Microsoft Tray [random filename]
X
Added by the DELF.BZ TROJAN!
Microsoft Update Loader [random filename]
X
Added by a variant of the RBOT WORM!
Microsoft Update Machine [random filename]
X
Added by a variant of the RBOT WORM!
MS-HTML [random filename]
X
Added by the LATINUS.15 TROJAN!
MSKCES32 [random filename]
X
Added by the CLONER TROJAN!
mswspl [random filename]
X
Added by the SMALL.IQ TROJAN!
nssysconf [random filename]
X
Added by the VIVIA.A TROJAN!
qbotd [random filename]
X
Added by the BOTTEN TROJAN!
RSPC Driver D [random filename]
X
Added by a variant of the RBOT WORM!
sws.exe [random filename]
X
Haldex type adult content dialler
System Update [random filename]
X
Added by the KORGO.W or KORGO.X WORMS!
TaskReg [random filename]
X
Added by the CBLAD WORM!
UpdSys [random filename]
X
Added by the BJ TROJAN!
Video Process [random filename]
X
Added by the RBOT-LM WORM!
Win32system [random filename]
X
Added by the DDV.B WORM!
Windows Compliant [random filename]
X
Added by the RBOT-IR WORM!
Windows Media Player [random filename]
X
Added by a variant of the RBOT WORM!
Windows Media Player Update [random filename]
X
Added by the RBOT-ET WORM!
Windows Media SP.2.37 [random filename]
X
Added by the LEMIR.C TROJAN!
Windows Update Checker [random filename]
X
Adware downloader trojan
Windows Update V6 [random filename]
X
Added by the RBOT-KT WORM!
WindowsRegistration [random filename]
X
Added by the RBOT-NO WORM!
WindowsRegKey Autoupdate [random filename]
X
Added by a variant of the RBOT WORM!
WindowsRegKey update [random filename]
X
Added by a variant of the RBOT WORM!
WinLoader [random filename]
X
Added by variants of the SUBSEVEN TROJAN!
zonealarm [random filename]
X
Added by an unidentified VIRUS, WORM or TROJAN! The only exception is if you have an older version of the ZoneAlarm firewall running ... Read More
Sav32 [random filename]
X
Added by the W32/Famus-G WORM! File found in c:recycled
down [random filename]
X
Added by the DLOADER.BG trojan downloader!
nsysconf [random filename]
X
Added by the Adware.ZioCom.C adware.
IO System Debug [random filename]
X
Added by Backdoor.Bla
System-Tray [random filename]
X
Added by Backdoor.BladeRunner
Microsoft UpToDate Driver (32-bits) [random filename]
X
Added by the W32/Rbot-ZV worm. When this infection starts it connects to an IRC server where it waits for remote commands to execute. It also instal ... Read More
System CPL manager [random filename]
X
Added by the W32/Rbot-SR worm. This infection connects to an IRC server where it waits for remote commands. ... Read More
Microsoft Security Manager [random filename]
X
Added by the W32/Rbot-TU worm. This infection connects to an IRC server where it waits for remote commands. ... Read More
VCbvnczsxcX [random filename]
X
Added by the Troj/Ranck-AK proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vcxcxvxcX [random filename]
X
Added by the Troj/Ranck-AQ proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
ffeqOME [random filename]
X
Added by the Troj/Ranck-AR proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vDSAGGQEvbA ASDAS dqdw [random filename]
X
Added by the Troj/Ranck-AT proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vDGDGvvsa dqdw [random filename]
X
Added by the Troj/Ranck-AV proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
bbdjmrxcX [random filename]
X
Added by the Troj/Ranck-AX proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
halloween stream [random filename]
X
Added by the Troj/Ranck-AY proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vxcxcvfck. [random filename]
X
Added by the Troj/Ranck-AZ proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
dfasack [random filename]
X
Added by the Troj/Ranck-BE proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
qffecdas [random filename]
X
Added by the Troj/Ranck-BF proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Bmsnwss [random filename]
X
Added by the Troj/Ranck-BK proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vXCXssdss [random filename]
X
Added by the Troj/Ranck-BO proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
fqxsbk [random filename]
X
Added by the Troj/Ranck-BS proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Wdqvsst [random filename]
X
Added by the Troj/Ranck-BT proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
SysData [random filename]
X
Added by the Troj/Ranck-BA proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
tkaskqjw [random filename]
X
Added by the Troj/Ranck-CA proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
PlanCx [random filename]
X
Added by the Troj/Ranck-CE proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
vadeinst [random filename]
X
Added by the Troj/Ranck-CF proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
WinManage [random filename]
X
Added by the Troj/Ranck-KH proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
svchosts32 [random filename]
X
Added by the Troj/Ranck-L proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Windows NT [random filename]
X
Added by the Troj/Ranck-M proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
ctfmonn [random filename]
X
Added by the Troj/Ranck-O proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
NTServ [random filename]
X
Added by the Troj/Ranck-P proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
msmsgss [random filename]
X
Added by the Troj/Ranck-S proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
NVidia Drivers [random filename]
X
Added by the Troj/Ranck-R proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
RealVNC Setup [random filename]
X
Added by the Troj/Ranck-V proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Msn Home [random filename]
X
Added by the Troj/Ranck-W proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
bdffefqes32 [random filename]
X
Added by the Troj/Ranck-Z proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Microsong [random filename]
X
Added by the Troj/Ranck-A proxy trojan. This infection allows a remote intruder to use your Internet connection to hide his location. ... Read More
Microsoft LV [random filename]
X
Added by the Troj/Bdoor-BDL trojan.
Monitor Test [random filename]
X
Added by the W32/Sdbot-NC worm. This infection, when started, connects to an IRC server where it sits on a channel awaiting commands. ... Read More
Symantec Autoscan [random filename]
X
Added by the W32/Rbot-AJO worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
Windows ExpIorer [random filename]
X
Added by the W32/Rbot-AKO worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
support-reverse-smileys [random filename]
X
Added by the Troj/Litebot-D Trojan.
Windows Security Service [random filename]
X
Added by the W32/Rbot-ALV worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
Trayz [random filename]
X
Added by the Troj/Bdoor-JG backdoor Trojan.
Windows Socketheader [random filename]
X
Added by the W32/Ixbot-A worm and IRC backdoor.
(default) [random filename].exe
X
Added by the BLACKMAL WORM!
Mickey Mouse Cereal [random filename].exe
X
Added by the RANKY.Q TROJAN!
RSPC Driver [random filename].exe
X
Added by the RBOT-SN WORM!
WindowsReg% update [random filename].exe
X
Added by the RBOT-HH WORM!
Kadoc [random filename].exe
X
Added by the Staprew TROJAN!
W32Load [random filename].scr
X
Added by the CASPID WORM!
Internet Explorer [random letters].dll
X
Added by the Troj/Proxma-A proxy and backdoor Trojan.
Ndpldaemon [random name]
X
Added by the W32/RpcSdbot-A backdoor trojan.
Iamnacho On Irc. MusicIrc.com Is a Homosexual! [random name]
X
Added by the W32/Randex-T worm. When started, this infection connects to an IRC server where it waits for remote commands to execute. ... Read More
Windows ASN Service [random name]
X
Added by the W32/Agobot-TC worm. This infection, when started, connects to an IRC server where it sits on a channel awaiting commands. ... Read More
Internet Explorer [RANDOM NAME].dll
X
Added by the Backdoor.Berbew.T backdoor.
HDAudio Driver 1.0 [random name].exe
X
Added by the Troj/Teadoor-D backdoor trojan.
xserv [random name].exe
X
Added by the Troj/Stumpy-A trojan.
center [random name]32.exe
X
Added by the BOFRA.A WORM!
Reactor3 [random name]32.exe
X
Added by the BOFRA.A WORM!
Reactor5 [random name]32.exe
X
Added by the BOFRA.D WORM!
Reactor6 [random name]32.exe
X
Added by the BOFRA.C WORM!
Reactor7 [random name]32.exe
X
Added by the BOFRA.B WORM!
Reactor8 [random name]32.exe
X
Added by the BOFRA.E WORM!
Reactor9 [random name]32.exe
X
Added by the BOFRA.E WORM!
Rhino [random name]32.exe
X
Added by the BOFRA.A WORM!
MSN 9.0 Plus [random.exe]
X
Added by the W32/Rbot-ALY worm. When started, this infection connects to a remote IRC server where it waits for commands to execute. ... Read More
TempCom [randomname].com
X
Added by the TRAXG WORM!
[Ephemeral 2.5] by TreeHugger, [randomname].exe
X
Added by the W32/Lemoor-C worm.
HDAudio Driver 2.0 [randomstring].exe
X
Added by the Troj/Teadoor-E trojan.
usbn [random]
X
Added by the Troj/Hogil-B Trojan. This infection adds various links to porn sites in your Desktop and Start Menu. ... Read More
vadseinst [random]
X
Added by the Troj/Ranck-CM Trojan!
taskmrg.exe [random]
X
Added by Troj/Bancban-BN, a TROJAN that attempts to steal banking details.
Services [random]
X
Added by the Troj/Agent-BV Trojan.
NT Virtual Machine [random]
X
Added by Troj/Agent-BV, a network WORM with backdoor Trojan functionality found in the Windows system folder. ... Read More
DI2 [random]
X
Added by Troj/Dloader-IK
Microsoft IIS [random]
X
Added by the WORM variant, W32/Francette-Q.
bluestart [random]
X
Added by Troj/Dloader-IR, a TROJAN!
xpsystem [random]
X
Added by Troj/Krepper-M, a TROJAN! It will be found in a subfolder of the Windows system folder named "services". ... Read More
XpAspy [random]
X
Added by Troj/Delf-WH, a TROJAN! It will be found in the Windows folder.
WXcmeinst [random]
X
Added by Troj/Ranck-CD, a backdoor TROJAN! It will chose a TCP port in the range 10000-49999 to notify a remote web server on that port using a web re ... Read More
CacheLoader [random]
X
Troj/Dloader-IX will download the [random] file to the Windows folder, sub-folder "Cache". That done, it moves to "Security iGuard.exe", found in the ... Read More
sixtysix [random]
X
Troj/LowZone-R TROJAN is responsible for a file found in the Windows folder that will reduce IE security zone settings. ... Read More
lk3h1 [random]
X
Added by the Troj/Mosuck-G TROJAN into the Windows system folder.
Floppy Master [random]
X
Added by the Troj/Zonit-E TROJAN to send spam using other computers.
RunWin [random]
X
Added by the Troj/Banker-BN TROJAN!
Microsoft (C) HTML Application host [random]
X
Added by the W32/Rbot-YB WORM/IRC backdoor, this file will allow termination of processes by way of a remote attacker using an IRC channel. ... Read More
Microsoft PCHealth32 [random]
X
The Troj/Nice-A TROJAN will log keystrokes using this file, and submit the data via email. ... Read More
BD [random]
X
The Troj/Agent-CM backdoor TROJAN will first place DC.EXE in the Temporary folder, then modify HKCUSoftwareMicrosoftWindowsCurrentVersionRun to ensu ... Read More
LanGuard [random]
X
Added by Troj/Dloader-JZ .
sVideo2 [random]
X
Added by Dial/Switch-D , a TROJAN premium-rate dialler
msn [random]
X
Added by the Troj/Bancban-BG TROJAN to steal passwords.