HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77

78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99

Key: "Y" - Normally leave to run at start-up "N" - Not required - typically infrequently used tasks that can be started manually if necessary "U" - User's choice - depends whether a user deems it necessary "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs" "?" - Unknown

	Startup Name	Process Name	Details
X	Generic Host Process for Win32 Services	SPSVC.EXE	"Added by the SDBOT.DA WORM!"
X	Generic Host Process for Win32 Services	svchost32.exe	"Added by the AGOBOT.ALH WORM!"
X	Generic Host Process for Win32 Services	sv?h?st.exe	"Added by the DLOADER.AK TROJAN!"
X	Generic Host Process for Win32 Services	winlogon.exe	"Added by a variant of the IRCBOT BACKDOOR! See here. Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup!"
X	Generic Host Process for WinXP Services	mshelp.exe	"Added by the AGENT-GQP TROJAN!"
X	Generic Host Process2 System Backup	scvhost2.exe	"Added by the RBOT-BAH WORM!"
X	Generic Host Process326a System Backup	scvhost326a.exe	"Added by a variant of the SDBOT WORM!"
X	Generic Host Service	lshost.exe	"Added by the RBOT.LU WORM!"
X	Generic Service Process	regsvc32.exe	"Added by the GAOBOT.UJ or GAOBOT.UL WORMS!"
X	Generic Service Process	serv1ces.exe	"Added by the AGOBOT-JK WORM!"
X	Generic Service Process	nvsvc.exe	"Added by the AGOBOT.BY WORM! Note - this is not the valid NVIDIA Driver Helper Service and is located in the System (9x/Me) or System32 (NT/2K/XP) folder"
X	Generic Service Process	srvhost.exe	"Added by the AGOBOT-FX WORM!"
X	Generic Services Process	regsvc32.exe	"Added by the GAOBOT.SY WORM!"
X	GenericHostXP	WinLoaderXP.exe	"Added by the BDOOR-ACX BACKDOOR!"
Y	Genie USB Monitor	USBmonitor.exe	Port monitor for an external USB hard drive. Required to enable access to the drive
X	Genius Mose Driver	svghost.exe	"Added by a variant of the SPYBOT WORM! See here"
X	Geography TX 1.0 NT	CompuSpeed.vbs	"Added by the NEWLEY-A WORM!"
X	Gerenciamento de arquivos do Windows	Winmod32.exe	"Added by the DLOADER-WG TROJAN!"
X	german.exe	winsystems.exe	"Added by the BAGLEDl-AE TROJAN!"
X	german.exe	wintems.exe	"Added by the BAGLE-AS TROJAN!"
X	Gestionnaire de disques universel	sysoobe.exe	"Added by the TOADER-A TROJAN!"
N	Get Smile	getsmile.exe	Puts smilie faces in your E-mail. Run manually when required
X	Get-Torrent Service	wakeservice.exe	Get-Torrent bittorrent client - Installs LOP adware
Y	Getca	InfoMyCa.exe	"Monitor for a Belkin USB Wireless adapter"
X	GetModule18	GetModule18.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule19	GetModule19.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule20	GetModule20.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule21	GetModule21.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule23	GetModule23.exe	"Internet Speed Monitor adware related"
X	GetModule24	GetModule24.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule25	GetModule25.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule26	GetModule26.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule27	GetModule27.exe	"Internet Speed Monitor adware related"
X	GetModule29	GetModule29.exe	"Internet Speed Monitor adware related - see example here"
X	GetModule30	GetModule30.exe	"Internet Speed Monitor adware related"
X	GetMP3	rundll32.exe MSA64CHK.dll DllMostrar	"MatrixDialer related. Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The ""MSA64CHK.dll"" file is located in the Winnt or Windows folder"
X	GetPack18	GetPack18.exe	"Internet Speed Monitor adware related - see example here"
X	GetPack19	GetPack19.exe	"Internet Speed Monitor adware related - see example here"
X	GetPack20	GetPack20.exe	"Internet Speed Monitor adware related - see example here"
X	GetPack21	GetPack21.exe	"Internet Speed Monitor adware related - see example here"
X	GetPack22	GetPack22.exe	"Internet Speed Monitor adware related"
X	GetPack23	GetPack23.exe	"Internet Speed Monitor adware related"
X	GetPack24	GetPack24.exe	"Internet Speed Monitor adware related - see example here"
X	GetPack25	GetPack25.exe	"Internet Speed Monitor adware related"
N	GetRight Tray Icon	GETRIGHT.EXE	GetRight from Headlight Software - download manager for resuming downloads and choosing multiple download locations. The freeware version is/was spyware. The registered version isn't if you don't install the Aureate/Radiate software. Available via Start -> Programs
X	GetTheMusic	rundll32.exe MSA64CHK.dll DllMostrar	"MatrixDialer related. Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The ""MSA64CHK.dll"" file is located in the Winnt or Windows folder"
U	Getting started with MacDrive	MDGetStarted.exe	"MacDrive 7 from Mediafour Corporation - ""enables anyone using Windows Vista XP and 2003 Server to seamlessly access Mac disks (HFS/HFS+) of all types including CDs DVDs hard drives floppy Zip Jaz and more!"""
X	getwin	winB_.exe	"Added by the BANKER-HS TROJAN!"
X	gf1.0.0.2	ggf.exe	"Added by the EDFON.A TROJAN!"
X	gfxtray	rundll32 ctccw32.dll findwnd	"Detected by Kaspersky as the AGENT.AOU TROJAN! See here. Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted"
X	Ghost Relay	[random filename]	"Detected by Trend Micro as the DNSCHANG.EK TROJAN! See here"
U	GhostSecuritySuite	gss.exe	"Ghost Security Suite - protect the registry from unauthorized reading and modification and other tools"
N	GhostStartService	GhostStartService.exe	"Required to run the Windows based wizard in Norton Ghost - added from the 2003 version. Will start automatically when you run the wizard"
N	GhostStartTrayApp	GhostStartTrayApp.exe	"System Tray access to Norton Ghost - added from the 2003 version"
Y	GhostSurfDelSatellite	DeleteSatellite.exe	"Part of SpyCatcher spyware remover from Tenebril. Prevents rogue programs from sending personal information to a remote user via the Internet. If you use SpyCatcher with real time scanning you'll want to leave this file in place"
X	gigabit.exe	gigabit.exe	"Added by the BEAGLE.U WORM!"
X	GigaByte	Cheatle.exe	"Added by the SHODI.B VIRUS!"
U	Giganews Accelerator	GiganewsAccelerator.exe	"Giganews Accelerator from Giganews Inc. - ""a software-based news proxy which will allow you to compress headers and enable 256-bit SSL encryption regardless of whether or not SSL is supported natively by your news client"""
Y	Gilat SOM Enumerator	dllhost.exe	For Gilat Communications internet satellite systems - associated with SkyBlaster modem. Required if you have this system
Y	GilatFTC	ftc.exe	For Gilat Communications internet satellite systems - associated with SkyBlaster modem. Required if you have this system
X	gimmygames	[path to trojan]	"Added by the DLOADR-LN TROJAN!"
X	gimmysmileys	gimmysmileys.exe	"GimmySmileys adware"
X	GinaDll	ntgina.dll	"Added by the ANIG.A WORM!"
?	GisdnLog	gisdnlog.exe	"BT Digital Access USB"
U	Glass2k	Glass2k.exe	""Glass2k is a small little program that allows Win2K/XP users to make any window transparent""
X	GLF Network Lan Monitor	NPFMNTOR.exe	"Added by the RBOT-AGY WORM!"
Y	Glide	Glidew32.exe	"Cirque touchpad driver"
X	Global Startup	WinDash.EXE	"Detected by Kaspersky as the VB.Q WORM!"
X	GlobalSCAPE	[random filename]	"Added by the RBOT-AYM WORM!"
X	Glock Suite 1.1	glock32.exe	"Added by the TINY.GV TROJAN!"
X	GLSetIT32	msiexec16.exe	"Added by the OPTIX PRO TROJAN!"
X	GLSetIT32	isass.exe	"Added by a variant of the OPTIX PRO TROJAN!"
X	GLSetT32	smsiexec.exe	"Added by the OPTIX-D TROJAN!"
?	gluon	gluon.exe	"In a gluon/bin sub-directory"
X	glv	glv.exe	"Added by the DLOADER-NG TROJAN!"
X	GMedia2	GSM2.exe	"Malware downloader - detected by Kaspersky as the VB.UX TROJAN!"
X	GMedia2	GSMedia3.exe	"Malware downloader - detected by Kaspersky as the VB.UX TROJAN!"
Y	Gmouse	Gmouse.exe	Amouse mouse driver - required if you use non-standard Windows driver features
U	Gnetmous	gnetmous.exe	"Genius mouse driver - required if you use non-standard Windows driver features"
U	GNETMOUSE	gnetmouse.exe	"Genius mouse driver - required if you use non-standard Windows driver features"
X	GNP Generic Host Process	svchost.exe	"Added by the ZAPCHAS TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
X	GNP Generic Host Process	svchost.exe	"Added by the ZAPCHAS-R TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup and is always located in the System32 folder. This worm file is found in the System folder"
X	GNP Generic Host Process	svchost.exe	"Added by the ZAPCHAS-AA TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This one replaces svchost.exe in the System32 folder with a copy of Mirc on (NT/2K/XP) systems and just adds svchost.exe to the System folder on (9x/Me) systems"
?	gnub	gnub.exe	"??"
X	go	cvir.exe	"Added by the SILOV-A WORM!"
X	Go!Zilla	gozilla.exe	Download manager for resuming downloads and choosing multiple download locations. Advertising spyware
X	Go!Zilla Monster Downloads	Go.exe	Download manager for resuming downloads and choosing multiple download locations. Advertising spyware
U	GoBack	GBMenu.exe	"Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users recommended for Win9x/NT/2K users"
U	GoBack	GBTray.exe	"System Tray icon access to Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users recommended for Win9x/NT/2K users"
U	GoBack Polling Service	GBPoll.exe	"Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users recommended for Win9x/NT/2K users"
U	GoBack Tray Icon	GBTray.exe	"Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users recommended for Win9x/NT/2K users"
X	GOG	GOG.exe	"Added by the PHILIS.B VIRUS!"
X	goidr	goidr.exe	"Goidr adware"
U	Goldensoft_MndlSvr	MndlSvr.exe	Goldensoft CD Ghost related - turns a computer into a 200X-speed CD-ROM tower. Working from the hard drive users can simultaneously access as many as 23 virtual CD-ROM drives at a speed of 200X for true multitasking
X	Golum	services.exe	"Added by the GOLUM.A TROJAN! Note - this is not the legitimate services.exe process which should not appear in Msconfig/Startup!"
X	golumm	services.exe	"Added by the DLOADER-ET TROJAN! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in a ""golumm"" subfolder"
X	good	badvir.exe	"Added by the SILOV-B WORM!"
X	google	google.exe	"Added by the RBOT-AMW WORM!"
U	Google Desktop	GoogleDesktop.exe	"Google Desktop Search - ""a desktop search application that provides full text search over your email computer files chats and the web pages you've viewed. By making your computer searchable Google Desktop Search puts your information easily within your reach and frees you from having to manually organize your files emails and bookmarks"""
U	Google Desktop Search	GoogleDesktop.exe	"Google Desktop Search - ""a desktop search application that provides full text search over your email computer files chats and the web pages you've viewed. By making your computer searchable Google Desktop Search puts your information easily within your reach and frees you from having to manually organize your files emails and bookmarks"""
X	Google Earth	[random filename]	"Added by the RBOT-AXK TROJAN!"
N	Google Earth Viewer	GOOGLEMAPS.EXE	"Google Earth ""combines satellite imagery maps and the power of Google Search to put the world's geographic information at your fingertips"""
U	Google IME Autoupdater	GooglePinyinDaemon.exe	"Google Pinyin Input Method Editor (IME) - allows a user to input Chinese characters by entering the pinyin of a Chinese character (with or without tone depending on the system) and then presenting the user with a list of possible characters with that pronunciation"
X	google Intrenet Explorer	google.pif	"Added by the RBOT-ARA WORM!"
X	Google service	Googlesetup.exe	"Added by the IRCBOT-RJ WORM!"
X	Google Service FR	GO0GLEFREE.EXE	"Added by a variant of the SPYBOT WORM!"
X	google toolbar	ggtb32.exe	"Added by the AGOBOT-RR WORM!"
N	Google Updater	GOOGLE~1.EXE	Downloads and installs updates for Google applications (Google Earth Google Desktop etc.)
N	Google Updater	GoogleUpdater.exe	Downloads and installs updates for Google applications (Google Earth Google Desktop etc.)
X	GoogleBot.exe	GoogleBot.exe	"Added by the GB TROJAN!"
N	GoogleDCClient	GoogleDCC.exe	"Google Compute Client - only present if you installed the Google Toolbar with ""Google Compute"" client active. Does complex calculations in the background when idle. If you want to turn it off go to your browser click on the little double-helix on the Google Toolbar and click ""Stop Computing"". No longer supported"
U	googletalk	googletalk.exe	"Google Talk ""enables you to call or send instant messages to your friends for free-anytime anywhere in the world"". Can be launched manually"
U	GoToMyPC	g2svc.exe	"ExpertCity GoToMyPc logon - web-based remote-access solution that allows individuals and companies to register their computers online and then securely access those computers from any web browser"
X	GotSmiley	GotSmiley.exe	"GotSmiley - ad supported program that provides the user with smileys for use in emails. Not recommended. Please note that Claria Corporation no longer support GAIN-Supported software - see here"
X	gouday.exe	readme.exe	"Added by the BEAGLE.C WORM!"
X	govurarope	Rundll32.exe retasevo.dlls	"Added by the BHO-HG TROJAN! The ""retasevo.dll"" file is found in %System%"
X	GP Updater	gpupdater.exe	"Added by a variant of the IRCBOT BACKDOOR! See here"
X	GPLv3	[random name].dll	"Vundo adware"
X	gpmce	window.exe	"Detected by Kaspersky as the VB.CK WORM! See here"
N	GRA	gra.exe	Looks at system resources at startup and warns you if they have dropped. Contains links to the Disk Clean Up Defrag and Start Up Menu. It does have a link to a startup configuration utility. Similar to msconfig but can keep a list of disabled apps. Not really necessary. Only appears if you load the Gateway Startup Utility
?	gramdate	2Stop.exe	"??"
X	Graphic Driver	smss32.exe	"Added by a variant of the RBOT WORM!"
X	Graphic Loader	ntvdm32.exe	"Added by a variant of the RBOT WORM!"
X	Graphic Update	openglx.exe	"Detected by PCTools as the IRCBOT.BIM TROJAN! See here"
X	Graphics	_default.pif	"Added by the AUTOSKY WORM!"
X	Graphics adapter service	windll.exe	"Added by the ATNAS.A WORM!"
U	Gravis Appawareloader	dbserver.exe	"Looks like it's associated with Gravis game controllers and the Keyset Manager allowing the user to program the buttons for games that don't support them"
U	Gravis Xperience Driver Support	Grxp4exe.exe	"Driver for Gravis game controllers such as the Eliminator Aftershock. Must be loaded if you run the supplied application software for the controller to be recognized. Start it manually via a shortcut if not used"
?	GrdSys32	GrdSys32.exe	"X-Stream ISP software. Offers free Net access funded by on-screen ads. Is it required or can you create your own dial-up networking connection to use on demand?"
X	GreasyPalmUpdate	GreasyPalmUpdate.exe	"SearchFast adware"
N	Greetings Workshop	GWREMIND.EXE	You really want to be reminded about somebody's birthday at the expense of resources?
X	gremier	wscript.exe gpremier.vbs	"Added by the GPREMIER WORM! Note that wscript.exe is a legitimate Microsoft file used to launch script files and shouldn't be deleted. The ""gpremier.vbs"" file is found in the System (9x/Me) or System32 (NT/2K/XP) folder"
X	Gremlin	intrenat.exe	"Added by the DOOMJUICE WORM!"
X	grinders	grinders.exe	"Added by a variant of the Storm/Nuwar/Zhelatin WORM! See here for an example"
N	Grokster	Grokster.exe	"Grokster Peer-To-Peer File Sharing program"
Y	Groove Virtual Office	Groove.exe	"""Groove Virtual Office uses a peer-to-peer networking model to connect users in Groove Workspaces. In these workspaces geographically dispersed coworkers can do almost everything they could do in the same office. They can hold online meetings store files and folders save threaded discussions scribble on whiteboards share calendars and track project information and timelines."" Formerly by Groove Networks - now owned by Microsoft and part of MS Office"
Y	GrooveMonitor	GrooveMonitor.exe	"Microsoft Office Groove 2007 - Groove Folder Sharing synchronization (GFS). If you kill it your GFS workspaces may not synchronize properly (particularly around unread-marks) and you might experience some nagging discomfort"
U	GroupWise PDA Connect - 3CmPlm	AutoDet.exe	"3Com Palm PC specific translator for the GroupWise PDA Connect PDA synchronisation utility from Novell"
U	GroupWise PDA Connect - GrpWse	Agnt.exe	"GroupWise PDA Connect PDA synchronisation utility - from Novell"
U	GroupWise PDA Connect - PocketPC	AUTODE~1.EXE	"Windows Mobile Pocket PC specific translator for the GroupWise PDA Connect PDA synchronisation utility from Novell"
U	GroupWise PDA Connect - ScheduleSync	SCHEDU~1.EXE	"ScheduleSync specific translator for the GroupWise PDA Connect PDA synchronisation utility from Novell"
N	GrpConv	grpconv.exe	"Microsoft Windows Program Group Converter - used by installers (ONLY in the RunOnce keys) - provides the translation of groups and group items to folders and links. Also see this MS Knowledge Base article"
X	GsAds	gms2.exe	"PacerD_Media/Pacimedia.com adware"
?	Gscbc	Gscbc.exe	"??"
X	gshp	zzgshp.vbs	Homepage hi-jacker
N	Gsiconexe	Gsicon.exe	"ADSL modem monitor from Eicon Networks (as used by BT for its Broadband internet service for example). Can safely be disabled without affecting the connection - all this does is give an indication of connectivity and access to the diagnostic facilities"
?	GsiFinal	rundll32 gspndll.dllpostInstall final	"USB DSL modem related. What does it do and is it required?"
?	GSISETUP	[path] GsiInst.exe INSTALL [path] V205Res 13	"BT Voyager ADSL modem related - what does it do and is it required?"
N	GSOrganizer	GSOrganizer.exe	"GoldenSection Organizer (now WinOrganizer - personal information manager)"
X	gssomatic	gssomatic.exe	"Searchcentrix hijacker"
Y	gStart	gStart.exe	gStart GPS software from Garmin
X	GStartup	GMT.exe	"Gator spyware component - see here. Please note that Claria Corporation no longer support GAIN-Supported software - see here"
X	gsv	gsv.exe	Added by the ROBAL 1.0 backdoor TROJAN!
X	GT	GT.EXE	"Added by the SDBOT-AJ WORM!"
X	GT15J4R49V	cpuserv.exe	Identified as a variant of the Trojan.Win32.Radi.gu malware
U	GTVEpg	GTVEpg.exe	"Part of Got All Media - control your TV tuner and other utilities from your PC"
U	GTVRec	GTVRec.exe	"Part of Got All Media - control your TV tuner and other utilities from your PC"
N	Gtwatch	gtwatch.exe	Associated with a Mustec scanner and not required
X	gtydf	iisca.exe	"Added by the CLAGGER-BB TROJAN!"
X	gtydf	iscca.exe	"Added by the DWNLDR-GTK TROJAN!"
X	gtydf	ggrrgg.exe	"Added by the DLOADR-AZK TROJAN!"
U	Guard	Guard.exe	"Related to Phoenix Technologies Core Managed Environment (cME) Integration and Certification program"
N	Guardian	CMGrdian.exe	McAfee's QuickClean an offline version of the one in their online Clinic. Normally run offline and not needed. Incidentally incorporates more cleanup programs than the likes of WinOptimizer and System Mechanic
U	Guardian PC Security Tools	Pfft.exe	"Boomerang Software's Guardian PC Security Tools - now rebranded as the eXtendia Security Suite"
X	guarnset	guarnset.exe	"Adlogix adware"
X	gummy	gummy.exe	"Added by the VANEBOT-AQ WORM!"
X	GURL	gurl.exe	"GURLWatcher spyware"
U	GuruNet	GuruNet.exe	"GuruNet lets you click on any word on your screen to get the relevant information you want"
X	GustavVED	[filename].exe	"Added by the OPASERV.H WORM!"
X	gvagfxj	rundll32 ...gvagfxj.dll	Unidentified adware spyware or virus
Y	gw port controller	PORTCT95.EXE	From a visitor - "I must keep it active in start up or my Lexmark printer and RCA Cam program cannot discover a working port to work". From the file properties the file is known as "Smart Thru Fax Drive Spy" and is supplied by Samsung
N	GWInkMonitor	GWInkMonitor.exe	Gateway ink monitor - makes an annoying popup that says your printer may be running out of ink do you want to buy some!
X	gwiz	ntsystem.exe	"Added by the NITWIZ.A TROJAN!"
X	gwiz	arpl.exe	"Detected by F-Prot as W32/Downloader-Sml-based"
N	GWMDMMSG	GWMDMMSG.exe	Used with internal modems on Gateway and vprMatrix PCs. This is the "GTW modem messaging applet" and is not required for the modem to work correctly
U	GWMDMpi	GWMDMpi.exe	"Used with internal modems on Gateway PCs such as the 450SX Notebook. Required for audio settings to be maintained and does not remain in memory once run. See here for more information"
U	gwum	gwum.exe	Gigabyte utility manager. Loads if you have a Gigabyte motherboard and got a full bundle of utilities installed. Monitors CPU fans BIOS etc. Only used by system "tweakers"
?	gyy	gyy.exe	"Possibly Gator (and therefore spyware) related?"
X	G_Server.exe	G_Server.exe	"Added by the FEUTEL-C TROJAN!"
X	G_Server1.2.exe	G_Server1.2.exe	"Added by the GRAYBIRD-Z TROJAN!"

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Powered By Pac's Startup list