| Name |
Filename |
Status |
Description |
|
KB8648003
|
KB8648003\KB8648003.exe
|
X
|
Added by the Ransomware/Kovter ransomware infection. This malware file also launches from the Policies\Explorer\Run and Shell= Registry keys. |
|
courts
|
p1.exe
|
X
|
Added by the United States Courts ransomware. |
|
WinSATRestorePower
|
powercfg.exe
|
Y
|
Restores a saved power configuration after performing a test via the Windows System Assessment Tool.
|
|
AllShareAgent
|
AllShareAgent.exe
|
U
|
Part of Samsung's AllShare service. |
|
System Health Monitoring Service Pro
|
<random>.exe
|
X
|
Added by the Troj/Bckdr-RPS Ransomware. |
|
BrowserChoice
|
browserchoice.exe
|
N
|
Related to the BrowserChoice web site results from the European Union Microsoft competition case. |
|
CheckRun22find_uninstaller
|
CheckRun22find.exe
|
X
|
Added by the 22Find browser hijacker. This hijacker will also change the shortcuts associated with your browsers to automatically open up the 22find.com web site. |
|
HelpInfo
|
HelpInfo.exe
|
X
|
Korean rogue anti-spyware program.
|
|
Microsoft Corp Update
|
winsvrn32.exe
|
X
|
|
|
MSN Messenger
|
SVCHOST32.EXE
|
X
|
Added by the W32.Seswol.B worm. |
|
vaccinespeedstart
|
vaccinespeedstart.exe
|
X
|
Korean rogue anti-spyware program named Vaccine Speed.
|
|
windoguideopt
|
windopt.exe
|
X
|
Korean adware identified by Ahnlab as PUP/Win32.Addenbar.
|
|
windoguideagent
|
windoguideagent.exe
|
X
|
Korean adware identified by Ahnlab as PUP/Win32.Addenbar.
|
|
windoguide
|
windoguide.exe
|
X
|
Korean adware identified by Ahnlab as PUP/Win32.Addenbar.
|
|
WebConfig
|
WebConfig.exe
|
X
|
An adware detected by ESET Anti-virus as a variant of the Win32/Adware.Smarthink.A malware.
|
|
WinPcapInst
|
WinPcapInst.pif
|
X
|
A Trojan identified by Avira as a variant of the TR/Stoberox.B.13 malware.
|
|
atitool
|
pwrwin.exe
|
X
|
Added by the W32.Yazz worm. |
|
WindowMessenger
|
WinSysApp.exe
|
X
|
Added by the Win32/Wecykler removable media worm. |
|
Windows Common Files Manager
|
Commgr.exe
|
X
|
Added by the Win32/Wecykler removable media worm. |
|
Windows Alerter
|
WinAlert.exe
|
X
|
Added by the Win32/Wecykler removable media worm. |
|
infocover main
|
infocoveru.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
speedguarderstart.exe
|
speedguarderstart.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
speedguarder main
|
speedguarderu.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
VaccineSeven
|
Vaccine7.exe
|
X
|
Korean rogue anti-spyware program.
|
|
Tutorials
|
tutorials.exe
|
X
|
Adware program that is commonly detected as Adware.Tuto4PC.
|
|
pcguarderstart.exe
|
pcguarderstart.exe
|
X
|
Korean rogue anti-spyware program.
|
|
SearchProtectAll
|
cltmng.exe
|
X
|
Part of the Conduit adware program.
|
|
IntelSBA
|
SBALaunchDelay.exe
|
?
|
Part of Intel's Small Business Advantage program. Does anyone know what this program actually does? |
|
WinKey
|
WinKey.exe
|
X
|
Korean malware that is identified by Ahnlab as a variant of the Win-PUP/Helper.Winkey malware.
|
|
anysecuS
|
anysecuU.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
anysecu main
|
anysecuu.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
windowstatus
|
windowstatus.exe
|
X
|
A Korean malware called Stickads. Identified by Kaspersky Anti-virus as a variant of the Trojan.Win32.Scar.hhna malware.
|
|
stickads
|
stickads.exe
|
X
|
A Korean malware called Stickads. Identified by Kaspersky Anti-virus as a variant of the Trojan.Win32.Scar.hhna malware.
|
|
PrivitizeVPN
|
PrivitizeVPN.exe
|
N
|
Free VPN server that is bundled with numerous adware programs. Not malicious in itself, but you need to be careful you do not install any of the bundled programs.
|
|
Update
|
googleupdate.exe
|
X
|
Added by the Backdoor.Boda backdoor. |
|
PCScan Antispyware
|
pcsp.exe
|
X
|
Korean rogue identified by Malwarebytes as Rogue.PCAntiSpyware.
|
|
winchoice
|
Winchoice.exe
|
X
|
Korean malware identified as SPR/SearchHook.A by Avira.
|
|
winchoiceupdate
|
WinchoiceUpdate.exe run
|
X
|
Korean malware identified as SPR/SearchHook.A by Avira.
|
|
Sysinternals Desktops
|
desktops.exe
|
U
|
Added by the Sysinternals Desktops applications. Desktops allows you to organize your applications on up to four virtual desktops. |
|
OneDayOn Client
|
OneDayOn.exe
|
X
|
Korean malware that is identified by Microsoft as Adware:Win32/Oneday.
|
|
revealing_u
|
revealingu.exe
|
X
|
Korean adware that is detected as Adware.Enumerate.
|
|
revealing_st
|
revealingst.exe
|
X
|
Korean adware that is detected as Adware.Enumerate.
|
|
revealing_dc
|
revealingdc.exe
|
X
|
Korean adware that is detected as Adware.Enumerate.
|
|
adhelp.exe
|
adhelp.exe
|
X
|
Identified by ESET as a variant of the Win32/Adware.Kraddare.FY malware.
|
|
Kp
|
kpupdate.exe
|
X
|
Korean malware.
|
|
WiseSearch
|
wisesearch.exe
|
X
|
Identified by ESET as a variant of the Win32/Adware.Kraddare.GU malware.
|
|
C3
|
c3.exe
|
U
|
Added by the C3 in-game voice chatting software. |
|
PCI Compliant SCard
|
svchost.exe
|
X
|
Added by the Infostealer.Vskim Trojan. This infection should not be confused with the legitimate C:\Windows\system32\svchost.exe file. |
|
ACFinder
|
ACFinder.exe
|
X
|
Identified by ESET as a variant of the MSIL/Adware.SanctionedMedia.A malware.
|
|
AdobeBridge
|
Bridge.exe
|
U
|
Adobe Bridge keeps native Adobe files (such as PSD and PDF) as well as non‑Adobe files available for easy access. You can drag assets into your layouts, projects, and compositions as needed, preview files, and even add metadata (file information), making the files easier to locate.
|
|
ISZone
|
ISZoneUpdate.exe
|
X
|
Korean adware related to keywordInfo.co.kr.
|
|
CodeSecurityMain
|
CodeSecurity.exe
|
X
|
Korean rogue anti-spyware program.
|
|
nvdisplay
|
csrss.exe
|
X
|
Identified by Kaspersky antivirus as a variant of the Trojan.Win32.VBKrypt.blpf malware. This infection should not be confused with the legitimate C:\Windows\System\csrss.exe Windows file.
|
|
KB976002-v5
|
browserchoice.exe
|
N
|
Related to BrowserChoice Microsoft update. |
|
ALCKRESI.EXE
|
ALCKRESI.exe
|
U
|
Lenovo AutoLock uses the integrated camera to detect when the computer is unattended and then secures the computer to help guard against unauthorized use.
|
|
VirtualVaccine
|
VirtualVaccine.exe
|
X
|
Korean rogue anti-spyware program.
|
|
GoodScanMain
|
GoodScan.exe
|
X
|
Korean rogue anti-spyware program.
|
|
VaccineSecureMain
|
VaccineSecure.exe
|
X
|
Korean rogue anti-spyware program.
|
|
donx
|
donx.exe
|
X
|
Added by the Infostealer.Donx Trojan. |
|
PrivacyGate
|
PrivacyGate.exe
|
X
|
Korean rogue anti-spyware program.
|
|
ProtectBoan
|
ProtectBoan.exe
|
X
|
Korean rogue anti-spyware program.
|
|
BoanShield
|
BoanShield.exe
|
X
|
Korean rogue anti-spyware program.
|
|
multicodecopen
|
multicodecopen.exe
|
X
|
Korean malware.
|
|
multicodechper
|
multicodechper.exe
|
X
|
Korean malware.
|
|
multicodec
|
multicodecup.exe
|
X
|
Korean malware.
|
|
AhnLab V3Lite Update Process
|
nusb3mon.exe
|
X
|
|
|
WindowSRV64
|
winsrv64.exe
|
X
|
Korean adware.
|
|
boanguide
|
boanguide_up.exe
|
X
|
Korean rogue anti-spyware program.
|
|
SProtect
|
SProtect.exe
|
X
|
Korean rogue anti-spyware program.
|
|
VaccineTek
|
VaccineTek.exe
|
X
|
Korean rogue anti-spyware program.
|
|
BoanPro
|
BoanPro.exe
|
X
|
Korean rogue anti-spyware program.
|
|
ClearProtect
|
ClearProtect.exe
|
X
|
Korean rogue anti-spyware program.
|
|
signkey
|
signkey.exe
|
X
|
Korean malware.
|
|
walarm
|
update.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
newbac
|
baconup.exe
|
X
|
A Korean adware program.
|
|
ROC_roc_ssl_v12
|
ROC_roc_ssl_v12.exe
|
Y
|
Part of AVG Secure Search. AVG Secure Search alerts you before you visit dangerous webpages to make sure your identity, personal information, and computer are protected. |
|
ZeroBoan
|
ZeroBoan.exe
|
X
|
A rogue anti-spyware program.
|
|
windowplus
|
windowplus.exe
|
X
|
A Korean rogue anti-spyware program.
|
|
avast
|
avastUI.exe
|
Y
|
Tray Icon for Avast Antivirus. |
|
WinSat
|
winsat.exe
|
U
|
Winsat is a Windows program that simulates the composition operations of the Desktop Window Manager and produces a graphics memory throughput (bandwidth) metric that correlates with the performance of desktop composition.
|
|
FDM7
|
FdmDaemon.exe
|
U
|
Added by the Fujitsu Display Manager utility that allows you to easily switch screen display settings for your computer. |
|
<empty>
|
wlsidten.exe
|
X
|
A variant of the FBI Ransomware/Reveton computer infection. |
|
bywifi
|
bywifi.exe
|
X
|
Bywifi video downloader/adware that displays pop-up advertisements.
|
|
HP BTW Detect Program
|
HPBTWD.exe
|
N
|
Preinstalled on certain HP computers, this is file is part of HP's utilities and is an auto detect program for Bluetooth Wireless. |
|
SigmatelSysTrayApp
|
sttray.exe
|
N
|
System tray program for the Sigmatel Audio sound card. Often found on Dell computers..
|
|
SysTrayApp
|
sttray.exe
|
N
|
Installed with audio chips developed by IDT Audio and customized by the computer manufacturer, this is a tray icon and the 32 bit version of the file. |
|
Adobe Version Cue CS2
|
VersionCueCS2Tray.exe
|
U
|
Part of Adobe Creative Suite 2, this file is part of the Cue portion of the program which is a revision control software. Allows for collaboration of reviewing and editing PDF files, tracks the versions of documents and sundry other tasks. This file places a tray icon in the task bar. For additional information read here. |
|
WirelessAssistant
|
HPWAMain.exe
|
U
|
Wireless application bundled with HP computers that allows you to control different settings on the computer's wireless devices such as Bluetooth and WLAN.
|
|
HP
|
QuickSync.exe
|
N
|
HP QuickSync is a program bundled with HP computers that allow you to synchronize your data and files with other devices.
|
|
F
|
F.exe
|
X
|
Malware file which is often associated with backdoors and trojans and other sorts of malware.
|
|
F
|
F.exe
|
X
|
Malware file which is often associated with backdoors and trojans and other sorts of malware.
|
|
TPSBattM.exe
|
TPSBattM.exe
|
U
|
Preinstalled on certain Toshiba laptops, this file is part of the Toshiba Power Saver Utility through which the user can control such things as CPU speed. With this software running, the computer will use power more effectively and the battery will have a longer life.
|
|
Lotus Organizer 5
|
org5.exe
|
U
|
Installed with Lotus Organiser, 5th edition, which is also bundled with Lotus SmartSuite. If you want to be alerted to appointments and have the program running in the background, leave the startup running. Otherwise, you may easily run the program when you need it. |
|
Lotus Organizer
|
org5.exe
|
U
|
Installed with Lotus Organiser, 5th edition and possibly others, which is also bundled with Lotus SmartSuite. If you want to be alerted to appointments and have the program running in the background, leave the startup running. Otherwise, you may easily run the program when you need it. |
|
Check Point Endpoint Security
|
TrGUI.exe
|
N
|
Installed with Check Point's Endpoint Security, this file displays the General User Interface for this VPN program. Unnecessary to run at startup as it will start when you launch the software. |
|
HP Quick Launch
|
HPMSGSVC.exe
|
N
|
Preinstalled on certain HP computers, this file is the HP Message Service and is connected with the quick launch of some function keys. Disabling this startup does not affect the functioning of these keys.
|
|
pcdfsvc
|
<random>.exe
|
X
|
Added by the PC Defender Plus scareware program. |
|
AML Device Install
|
kdbsync.exe
|
U
|
Installed with the video drivers, often in an update, for certain AMD graphics/video cards, this file is part of the Catalyst Conversion part of the software and enables, for example video drag and drop when editing or developing videos and uses OpenCL to do so. Not all computers and video cards are compatible with OpenCL. |
|
PureText
|
PureText.exe
|
N
|
Executable for Pure Text which, via a hotkey, removes formatting from webpages and other documents to paste as plain text without going through Notepad. This program does not install and is easily started from where-ever the user has placed the file by double-clicking on the icon. |
|
HF_G_Jul
|
HF_G_Jul.exe
|
U
|
Added with updates to the AVG Security Toolbar, this file fixes a problem with the Firefox Add-on. |