Newest 100 Entries

Bleeping Computer

Welcome Guide Blogs Chat Help Search RSS

Welcome Guest (Log In | Create Account)

New Member? Join for free.

Have a problem and would like to ask us for help? To learn how to ask your question Click Here!

Do you have popups or other malware infecting your computer? If so, Start Here!

Are you having trouble using this site? Then you should visit the New User Orientation Center!

BleepingComputer.com -> Startup Programs Database -> Newest 100 Entries

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other

HJT: F0, F1, F2, F3 · O4 · O20 · O21 · O22 · O23

Rootkit List · Submit a Startup · Top Submitters

Startup Index · Newest Entries · Mozilla Search Tools · WebMaster Site Tools · Status Key
Startup Database Forum · Computer Help Forums · How to use the Startup Database

Enter the filename or keyword you would like to search for:

Advanced Search

Name	Filename	Status	Description
SystemVeteran.exe	SystemVeteran.exe	X	Added by the SystemVeteran rogue anti-spyware program.
BlockProtector.exe	BlockProtector.exe	X	Added by the BlockProtector rogue anti-spyware program.
calc	calc.dll	X	Added by the Opachki.a Trojan. Please note that rundll32.exe is a legitimate program and should not be deleted.
calc	ntuser.dll	X	Added by the Opachki.a Trojan. Please note that rundll32.exe is a legitimate program and should not be deleted.
Taskman	sysdrv.exe	X	Added by the Troj/Agent-LRB Trojan.
Server Registry	regscr32.exe	X	Added by the Troj/Bifrose-ZB Trojan.
Microsoft Driver Setup	mslsrv32.exe	X	Added by the Troj/Sdbot-DPF worm and IRC backdoor.
ttool	sa23sl.exe	X	Added by the Troj/Bckdr-QZZ backdoor Trojan.
BlockKeeper	BlockKeeper.exe	X	Added by the BlockKeeper rogue anti-spyware program.
Cerb	DivXx.exe	X	Added by the Troj/KeyLog-LV Trojan.
isqsys32.exe	isqsys32.exe	X	Added by the Bredolab.gen.a Trojan.
MCAFEEIPS	setup.exe	X	Added by the Trojan.Whitewell Trojan. Trojan.Whitewell is a Trojan horse that opens a back door on the compromised computer.
Optim4	regdtopt.exe	X	Added by the Trojan.Ramvicrype Trojan.
Optim3	regdtopt.exe	X	Added by the Trojan.Ramvicrype Trojan.
Optim2	regdtopt.exe	X	Added by the Trojan.Ramvicrype Trojan.
Optim1	regdtopt.exe	X	Added by the Trojan.Ramvicrype Trojan.
32.exe	nvscv32.exe	X	Added by the Troj/Agent-LOL Trojan.
9UmxQPSiTJMbA	NVUKZ.exe	X	Added by the Troj/Agent-LMN Trojan.
<not used>	tawaluvu.dll	X	Added by the Troj/Sadop-A Trojan.
nwiz	KHATRA.exe	X	Added by the W32/Orbina-A worm.
NvCplDaemon	Xplorer.exe	X	Added by the W32/Orbina-A worm.
USBcillin	USBcillin.exe	X	Added by the Troj/USBcill-A removable media worm.
CmSTP	cmstp.exe	X	Added by the Troj/Cosmu-A Trojan.
BlockWatcher	BlockWatcher.exe	X	Added by the BlockWatcher rogue anti-spyware program.
Windows Enterprise Suite	WE83b.exe	X	Added by the Windows Enterprise Suite rogue anti-spyware program.
tdifw_drv	tdifw_drv.sys	X	Added by the Desktop Defender 2010 rogue anti-spyware program. This driver is potentially legitimate, but is commonly bundled with malware programs.
Desktop Defender 2010	Desktop Defender 2010.exe	X	Added by the Desktop Defender 2010 rogue anti-spyware program.
SoftBarrier	SoftBarrier.exe	X	Added by the SoftBarrier rogue anti-spyware program.
HPAdvisor	HPAdvisor.exe	N	HP Advisor is a program that is preinstalled on HP computers. When run, this program will scan your computer for problems and provide advice on how to fix them or optimize the computer. Can be launched as needed.
avgsys	64444.reg	X	Added by the Volcano Security Suite rogue anti-spyware program.
Volcano Security Suite	VS83b.exe	X	Added by the Volcano Security Suite rogue anti-spyware program.
ShieldSafeness	ShieldSafeness.exe	X	Added by the ShieldSafeness rogue anti-spyware program.
Application In System	Snxmsh.exe	X	Added by the Troj/Agent-LNV Trojan.
crsmons	iomssls.exe	X	Added by the Troj/Backdr-AU backdoor Trojan.
filen	filen.exe	X	Added by the W32/VBNam-A worm.
SoftStronghold	SoftStronghold.exe	X	Added by the SoftStronghold rogue anti-spyware program.
sysldtray	ld15.exe	X	Added by the Troj/Agent-LNH Trojan.
Iexplorerr.exe	Iexplorerr.exe	X	Added by the Troj/Banker-EUT online banking Trojan.
Director Video	btnmgern.exe	X	Added by the W32/Mytob-KL worm.
Windows System Defender	WS83b.exe	X	Added by the Windows System Defender rogue anti-spyware program.
wow64main.exe	wow64main.exe	X	Identified by Kaspersky as a variant of the Packed.Win32.TDSS.aa malware.
WDefend	svohost.exe	X	Part of the Windows Police Pro rogue anti-spyware infection.
inixs	minix32.exe	X	Identified by Kaspersky as a variant of the Trojan.Win32.Scar.adsy malware. Typically found with Windows Police Pro infections.
minix32	minix32.exe	X	Identified by Kaspersky as a variant of the Trojan.Win32.Scar.adsy malware. Typically found with Windows Police Pro infections.
GbpSvc	GbpKms.sys	X	Added by the nfostealer.Bancos.BB Trojan. Infostealer.Bancos.BB is a Trojan horse that attempts to steal information from the compromised computer.
Java Update	svchost.exe.exe	X	Added by the Troj/Agent-LMM Trojan.
Sistema de Comm	conmsyrtl.exe	X	Added by the Troj/Agent-LMV Trojan.
restorer64_a	restorer64_a.exe	X	Added by the Troj/Inject-KE Trojan.
SoftVeteran	SoftVeteran.exe	X	Added by the SoftVeteran rogue anti-spyware program.
rnwabmig	rnwabmig.exe	X	Added by the Troj/Agent-LMI Trojan.
SoftCop	SoftCop.exe	X	Added by the SoftCop rogue anti-spyware program.
TRE AntiVirus	treav.exe	X	Added by the TRE AntiVirus rogue security programTRE AntiVirus.
winntR1	winntR1.exe	X	Added by the Troj/Banker-EUR password-stealing banking Trojan.
<not used>	ms32clod.dll	X	Added by the Troj/Spy-EC Trojan.
Active Security	asecurity.exe	X	Added by the Active Security rogue anti-spyware program.
PC Scout	pcscout.exe	X	Added by the PC Scout rogue anti-spyware program.
SoftSoldier	SoftSoldier.exe	X	Added by the SoftSoldier rogue anti-spyware program.
WMI Service Client	wmispv.exe	X	Added by the W32/AutoRun-ASX removable media worm.
TrustFighter	TrustFighter.exe	X	Added by the TrustFighter rogue security program.
MicrosoftCorp	update.exe	X	Added by the W32/Autorun-ASG removable media worm.
{51E24AC2-BA5C-A1E2-12D1-D322A14AA1BD}	msftil.exe	X	Added by the Troj/BDoor-AXL Backdoor Trojan.
Windows Enterprise Defender	WindowsEDefender.exe	X	Added by the Windows Enterprise Defender rogue anti-spyware program.
TrustSoldier	TrustSoldier.exe	X	Added by the TrustSoldier scareware program.
CS	tsc.exe	X	Added by the Cyber Security rogue anti-spyware program.
wscsvc32.exe	wscsvc32.exe	X	Added by the Antivirus rogue anti-spyware program.
Windows Upgrate Utility	winulty.exe	X	Added by the W32/Autorun-ASR removable media worm.
raidhost	raidhost.exe	X	Added by the Troj/Agent-LID Trojan.
SafeFighter	SafeFighter.exe	X	Added by the SafeFighter rogue anti-spyware program.
AutoProtect	AutoProtect.vbs	X	Added by the W32/KillBat-C worm.
afmsmsgs	afmsmsgs.exe	X	Added by the Troj/Dloadr-CUX Trojan.
FU	FUvirus.exe	X	Added by the Troj/VB-EJC Trojan.
TrustCop	TrustCop.exe	X	Added by the TrustCop rogue anti-spyware program.
AASSKK2	LSASS.EXE	X	Added by the W32.SillyFDC.BDB removable media worm. W32.SillyFDC.BDB is a worm that spreads by copying itself to removable drives. It also disables certain system software.
Captcha7	captcha.dll	X	Added by the W32/Koobface.worm.gen.h worm. The W32/Koobface.worm.gen.h is a variant of Koobface worm, which infects users of Facebook who visit malicious Facebook profiles.
Microsoft USB Bus Controller	usbctl.exe	X	Added by the WORM_ASPXOR.AB worm.
svchost	svcst.exe	X	Added by the W32/Agent-LIL worm.
mserv	seres.exe	X	Added by the W32/Agent-LIL worm.
PopRock	a.exe	X	Identified by McAfee as a variant of the FakeAlert-IM malware.
SecureWarrior Security Service	SecureWarriorSvc.exe	X	Added by the SecureWarrior rogue anti-spyware program.
SecureWarrior	SecureWarrior.exe	X	Added by the SecureWarrior rogue anti-spyware program.
autorn	autorn.exe	X	Added by the W32.SillyFDC.BCY removable media worm. W32.SillyFDC.BCY is a worm that spreads by copying itself to removable and network drives.
UltimateServices	ultsvcs.exe	X	Added by the Troj/Agent-LGT Trojan.
AntiPol	svchast.exe	X	Added by the Windows Police Pro rogue anti-spyware program.
SysiNet	sysinet.dll	X	Added by the Smart Protector rogue anti-spyware program.
smrtprt	smrtprt.exe	X	Added by the Smart Protector rogue anti-spyware program.
SecureFighter Security Service	SecureFighterSvc.exe	X	Added by the SecureFighter rogue anti-spyware program.
SecureFighter	SecureFighter.exe	X	Added by the SecureFighter rogue anti-spyware program.
HomeAV	homeav.exe	X	Added by the Home Personal Antivirus rogue anti-spyware program.
SecureVeteran Security Service	SecureVeteranSvc.exe	X	Added by the SecureVeteran rogue anti-spyware program.
SecureVeteran	SecureVeteran.exe	X	Added by the SecureVeteran rogue anti-spyware program.
SecuritySoldier Security Service	SecuritySoldierSvc.exe	X	Added by the SecuritySoldier rogue anti-spyware program.
SecuritySoldier	SecuritySoldier.exe	X	Added by the SecuritySoldier rogue anti-spyware program.
SecurityFighter Security Service	SecurityFighterSvc.exe	X	Added by the SecurityFighter rogue anti-spyware program.
SecurityFighter	SecurityFighter.exe	X	Added by the SecurityFighter rogue anti-spyware program.
SaveArmor Security Service	SaveArmorSvc.exe	X	Added by the SaveArmor rogue anti-spyware program.
SaveArmor	SaveArmor.exe	X	Added by the SaveArmor rogue anti-spyware program.
sofatnet Service	sofatnet.exe	X	Identified by Comodo as Backdoor.Win32.Refpron.~B.
Net_Login	svchust.exe	X	Identified as a variant of the Trojan-Clicker.Win32.Delf.cpm malware.
Net Login	svchost.exe	X	Identified as a variant of the Trojan-Clicker.Win32.Delf.cps malware.
<random characters>	rwg.exe	X	Added by the Green AV rogue anti-spyware program.

Status Key

Each entry in the database will have a Status assigned to it. The key to this status is the following:

Y - This status flag means that this entry should be left alone and be allowed to run as if it is unchecked it may break the functionality or use of a particular program.
N - This status flag means it is unnecessary to run this program automatically when Windows starts as you can run it manually when necessary.
U - This status flag means it is up to you whether or not you feel this program needs to run automatically.
X - This status flags means the item should definitely not start up automatically. Items that have this flag are generally malware such as viruses, trojans, hijackers, spyware but could also be programs that are not desirable to run on your computer.
? - This status flag means the status of this entry is unknown at this time and more research is necessary.

If you require assistance in removing one of these files you can ask us in the Startup Database Forum.

Disclaimer

It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. BleepingComputer.com will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.