Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help Forums Windows Startup Programs Database Spyware and Malware Removal Guides Computer Tutorials Uninstall Database File Database Computer Glossary Computer Resources
 

Alert!  Have a problem and would like to ask us for help? To learn how to ask your question Click Here!
Stop!  Do you have popups or other malware infecting your computer? If so, Start Here!
Question?  Are you having trouble using this site? Then you should visit the New User Orientation Center!



A    B    C    D    E    F    G    H    I    J    K    L    M    N    O    P    Q    R    S    T    U    V    W    X    Y    Z    Other   
HJT: F0, F1, F2, F3 · O4 · O20 · O21 · O22 · O23
Rootkit List  · Submit a Startup  · Top Submitters
 Startup Index · Newest Entries · Mozilla Search Tools · WebMaster Site Tools · Status Key
Startup Database Forum · Computer Help Forums · How to use the Startup Database

Enter the filename or keyword you would like to search for:
Advanced Search

Name Filename Status Description
achromatic gtckad.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
tipguard.exe tipguard.exe
X
Added by the Privacy Commander rogue security software.
QnX qnx.exe
X
Added by the W32.Ackantta@mm mass-mailing worm.
Wind River Systems vxworks.exe
X
Added by the WORM_MYDOOM.CG mass-mailing worm.
star8 svscheld.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star7 Mscheldncx.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star6 MscheldB.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star4 Zred2.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star3 Xred1.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star2 ischot.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
star1 Winrun.exe
X
Added by the Troj/DwnLdr-HLK downloading Trojan.
Supports RAS Connections svhost.exe
X
Added by the W32/Rbot-GXH worm and IRC backdoor.
Windows Service Agent spoolvs.exe
X
Added by the W32/Rbot-GXI worm and IRC backdoor.
{77520Q86-864L-N81R-0R2W-7U2G0P22436U} qnx.exe
X
Added by the W32/Autorun-RI removable media worm.
Yahoo Messengger gphone.exe
X
Added by the W32/Tiotua-AA Trojan.
Perfect Defender 2009 pdfndr.exe
X
Added by the Perfect Defender 2009 rogue anti-spyware program.
fddi pbhha.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
AntiVirusProMFCT StartApp.exe
X
Added by the Antivirus Pro rogue anti-spyware program.
Nano Antivirus nanoav.exe
X
Added by the Nano Antivirus rogue anti-spyware program.
Last.fm Helper LastFMHelper.exe
N
Installed by the Last.fm software. This program provides iPod support and is used to detect when an iPod is plugged in.
PMX Daemon ICO.EXE
U
Mouse software that allows you to change a variety of options for your mouse. May cause problem with some DirectX games if it disabled.
JDe-sign Electronic Signature Capture dsignature.exe
?
Related to software from John Deere.
sbrige sbrige.dll
X
Added by a variant of the Goldun.Fam Trojan.
wrapkm wrapkm.dll
X
Added by a variant of the Goldun.Fam Trojan.
mckwave mckwave.dll
X
Added by a variant of the Goldun.Fam Trojan.
evacuative cwegus.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
AnvTrgr AnvTrgr.exe
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
{Y479C6A0-OTRV-U5KH-S1UE-E0BC10B4E666} UNINSTLV16.exe
X
Added by the TROJ_RANDSOM.A Trojan.
Sysanalysing myrvc.exe
X
Added by the W32/AutoRun-RD removable media worm.
.Net Recovery dotnetfx.dll
X
Added by the W32.Delezium virus. W32.Delezium is a virus that infects executable files and deletes certain files on the compromised computer.
<not used> LOVERAHULSAS.VBS
X
Added by the VBS/Autorun-QO removable media worm.
WinwebSecurity WinwebSecurity.exe
X
Added by the Winweb Security rogue anti-spyware program.
disaffiliation eebpj.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
Generic Host wauclt.exe
X
Added by the W32/Sdbot-DNL worm and IRC backdoor.
AntiSpywareGuard asg.exe
X
Added by the AntiSpywareGuard rogue anti-spyware program.
demobilisation umhzwl.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
crimsonness tiltmeo.dll
X
Zlob Trojan which installs the AntivirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install AntivirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
VirTrigger virtrigger.exe
X
Added by the VirusTrigger rogue anti-spyware program.
AvirTr AvirTr.exe
X
Added by the AntivirusTrigger rogue anti-spyware program.
Internet Explorer Sys32 isys32.exe
X
Added by the W32/IRCBot-ADA worm and IRC backdoor.
SpywareRemover2009 SR.exe
X
Added by the SpywareRemover 2009 rogue anti-spyware program.
XP Protection Center XPProtectionCenter.exe
X
Added by the XP Protection Center rogue anti-spyware program.
priarsz priarsz.dll
X
Identified as a variant of the Goldun infection.
OEM05Mon.exe OEM05Mon.exe
U
Program related to the Creative Live! Cam Console. This console allows you to adjust various settings of your webcam. Does not need to be enabled unless you change these options often.
crimsonness tiltmeo.dll
X
Zlob Trojan which installs the VirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
CompuSpy KeyLogger cswin2008.exe
U
Added by the Spyware.CompuSpy surveillance software. Spyware.CompuSpy is a spyware program that attempts to record keystrokes on the computer. If this software was found on your computer without your knowledge, you should uninstall it.
10.1.08 10.1.08.exe
X
Added by the W32.Redlofs worm.
VMware hptray hpmon.exe
X
Trojan that is typically bundled with rogue anti-spyware programs and fake codecs. Once installed, this infection will advertise other rogue anti-spyware programs on your computer through the use of fake or misleading security alerts.
QuickTime Task qttask.exe
X
Trojan that is typically bundled with rogue anti-spyware programs and fake codecs. Once installed, this infection will advertise other rogue anti-spyware programs on your computer through the use of fake or misleading security alerts.
behaves gowqug.dll
X
Zlob Trojan which installs the VirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
Quernt wntfy.exe
X
Added by the W32/Autorun-PF removable media worm.
MSFox <random.exe>
X
Added by the Troj/DwnLdr-HKP Trojan.
ish-b.exe ish-b.exe
X
Added by the Troj/IRCBot-ACZ worm and IRC backdoor.
explozer exploner.exe
X
Added by the Troj/PWS-AWB password-stealing Trojan.
flaxen wakjs.dll
X
Zlob Trojan which installs the VirusTrigger rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusTrigger onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
{BFFC91EE-6600-4F8D-13F4-C91F18F4E130} Q.BoyZ .exe
X
Added by the Troj/Mdrop-BWT Trojan.
mt49hub mt49hub.dll
X
A variant of the Haxdoor Trojan. This infection is hidden by the msvtch.sys rootkit.
Kernel Mode SND msvtcher msvtch.sys
X
A variant of the Haxdoor rootkit.
<not used> vmmon.exe
X
Added by the W32/AutoRun-NZ removable media worm.
VirusTriggerBin VirusTriggerBin.exe
X
Added by the VirusTrigger rogue anti-spyware program.
{A797F5CE-088E-F569-4314-616820293A49} kiral.exe
X
A variant of the Backdoor.Bifrose backdoor Trojan. Backdoor.Bifrose is a Trojan horse that uses a backdoor server to send information to a remote server. It then uploads one or more files and runs them on the compromised system.
{3B5C01D2-3541-080B-0602-050403070505} msisv.exe
X
Identified as a variant of the Backdoor:Win32/Poison malware.
{28ABC5C0-4FCB-33CF-AAX5-35GX1C642122} Taquito.exe
X
Identified as a variant of the IRC-Worm.Win32.Small worm.
{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} vmmgr.exe
X
Identified as a variant of the IRC-Worm.Win32.Small worm.
XP HOT Ops KB15oooo.exe
X
Identified as a variant of the Worm:Win32/Wootbot.gen worm.
System Update smss.exe
X
Identified as a variant of the Trojan:Win32/Eson.C Trojan. This infection should not be confused with the legitimate C:\Windows\system32\smss.exe file.
sysmanager.exe sysmanager.exe.exe
X
Identified as a variant of the Backdoor.Win32.IrcContact malware.
Symantec Boot Config symbootcfg.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
Printer Spooler spoolsv.exe
X
Identified as a variant of the IRC-Worm.Win32.Small worm.
Windows Update VNASC.exe
X
A variant of the Rbot family of worms and IRC backdoor Trojans.
Microsoft Agent sxchost.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
MSn Client Cfg msnclicfg.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
indows Services explrer.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
MSN lsuss.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
MSN lsas.exe
X
A variant of the IRCBot family of worms and IRC backdoor Trojans.
Logitech RX slrhost.exe
X
A variant of the Backdoor.Sdbot family of worms and IRC backdoor Trojans.
MSN svhost.exe
X
A variant of the Backdoor.Sdbot family of worms and IRC backdoor Trojans.
internet security manager dll32.exe
X
Identified as a variant of the IRC-Worm.Win32.Small worm.
<not used> msupdt.exe
X
Identified as a variant of the TR/Downloader.Gen Trojan.
<not used> Servicess.exe
X
Identified as a variant of the Worm.IM.Sohanad worm.
gadcom winlogun.exe
X
Identified as a variant of the Trojan:Win32/Matcash.HZ malware. The * in the command represents a random number.
<random name> winlogun.exe
X
Identified as a variant of the Trojan.Fakealert.ALU malware.
ExploreUpdSched mcntmtdl.exe
X
Identified as a variant of the AdWare.Win32.ZenoSearch.am malware.
DW_Start dwwnw64r.exe
X
Identified as a variant of the AdWare.Win32.ZenoSearch.am malware.
status status.dll
X
A variant of the Haxdoor Trojan. This infection is hidden by the tage32.sys rootkit.
NGate service tage32.sys
X
A variant of the Haxdoor rootkit.
Vistual PC vssrvc.exe
X
Added by the Troj/Dloadr-BYZ downloading Trojan.
Java Express sjehost.exe
X
Added by the W32/Sdbot-DNJ worm and IRC backdoor.
GetModule27 GetModule27.exe
X
Added by the Troj/Agent-IEG keylogging Trojan.
cypselomorphae ebmkdz.dll
X
Zlob Trojan which installs the VirusResponse Lab 2009 rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusResponse Lab onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
prunnet prun.exe
X
Added by the Troj/VBDown-H Trojan.
Wireless Zero Configuration WZCSVCRpcLocator Setupw.exe
X
Added by the Troj/Kango-F Trojan.
ViRsLab ViRsLab.exe
X
Added by the VirusResponse Lab 2009 rogue anti-spyware program.
awash bcxjqr.dll
X
Zlob Trojan which installs the VirusResponse Lab 2009 rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusResponse Lab onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
ANTIVIRUS UltraAV.exe
X
Added by the Ultra Antivirus 2009 rogue anti-spyware program.
displume qfrmwmq.dll
X
Zlob Trojan which installs the VirusResponse Lab 2009 rogue anti-spyware program. This program displays fake security alerts stating that your computer has a security problem and then downloads and install VirusResponse Lab onto your computer without permission. This Trojan pretends to be a fake video codec required to watch videos online.
f1020 f1020.exe
X
Added by the WORM_AUTORUN.MBC removable media worm.
Antivirus Pro 2009 AntivirusPro2009.exe
X
Added by the Antivirus Pro 2009 rogue anti-spyware program.
BDRegion brs.exe
U
Added by the PowerDVD. This startup allows the user to set the Region on Blu-ray discs.
pep pep.exe
X
Added by the Troj/Zlob-AQH Trojan.


> Status Key
Each entry in the database will have a Status assigned to it. The key to this status is the following:
  • Y - This status flag means that this entry should be left alone and be allowed to run as if it is unchecked it may break the functionality or use of a particular program.
  • N - This status flag means it is unnecessary to run this program automatically when Windows starts as you can run it manually when necessary.
  • U - This status flag means it is up to you whether or not you feel this program needs to run automatically.
  • X - This status flags means the item should definitely not start up automatically. Items that have this flag are generally malware such as viruses, trojans, hijackers, spyware but could also be programs that are not desirable to run on your computer.
  • ? - This status flag means the status of this entry is unknown at this time and more research is necessary.
If you require assistance in removing one of these files you can ask us in the Startup Database Forum.

> Disclaimer
It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. BleepingComputer.com will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.


Advertise   |   About Us   |   Terms of Use   |   Privacy Policy   |   Contact Us   |   Site Map   |   Chat   |   Tutorials
Discussion Forums   |   The Computer Glossary   |   Resources   |   RSS Feeds   |   Startups   |   The File Database   |   Malware Removal Guides


Portions of this database © Paul Collins
© 2003-2008 All Rights Reserved Bleeping Computer LLC.
PGT: 0.21492 Queries: 5