Arcade File Downloads UsenetGeeks
Email
Confirm email
Articles Spyware Removal File Help Startup DB Tips Service DB News Hijack This! Analyzer

 

HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 012 3 4 5 6 7 8910 11 12 13 14 15 161718 19 20 21 22 23 242526 27 28 29 30 31 323334 35 36 37 38 39 40
414243 44 45 46 47 48 495051 52 53 54 55 56 575859 60 61 62 63 64 656667 68 69 70 71 72 737475 76 77
78 79 8081 82 83 84 85 8687 88 89 90 91 9293 94 95 96 97 9899

Key:

  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown
Startup Name Process Name Details
X System Service exp0lrer.exe"Added by a variant of the RBOT WORM!"
X System Service servicent.exe"Added by the RBOT-AJI WORM!"
X System service system.exe"Added by the BANCOS.AA TROJAN!"
X System Service msnwindows.exe"Added by the SPYBOT.YCL WORM!"
X System Service servicez.exe"Added by the RBOT-AOY WORM!"
X System Service msnxpexe.exe"Added by the RBOT-AUA WORM!"
X System Service teskmangr.exe"Added by the RBOT-AUV WORM!"
X System Service backup.exeAdded by the PACKBOT.AA WORM!
X System Service serious.exe"Added by the RBOT-FMV WORM! Note - deactivates the Microsoft Internet Connection Firewall (ICF)"
X SYSTEM service helper svchelper.exe"Added by the MONKBD-A WORM!"
X SYSTEM service helper syshelp.exe"Added by a variant of the MONKBD-A WORM!"
X System service** pokapoka**.exe"EliteBar adware - where ** represents the numbers 61 to 79"
X System service62 System service62pokapoka62.exe
X System service78 [path to file]"Added by the ELITEBAR-T and ELITEBAR-U TROJANS!"
X System service79 [path to file]"Added by the ELITEBAR-V TROJAN!"
X System Services [random file name]"Added by a variant of the RBOT WORM!"
X System Services connection.exeAdded by an unidentified WORM or TROJAN!
X System Services svcsenes.exe"Added by a variant of the RBOT WORM!"
X System Services svcsenes32a.exe"Added by the RBOT-AFG WORM!"
X System Services ssms.exe"Added by a variant of the RBOT WORM!"
X System Session Manager smss.exe"Added by the KALEL-E WORM! Note - this is not the legitimate smss.exe process which should NOT appear in Msconfig/Startup!"
X System settings burndl32.exe"Added by the SDBOT-ZO WORM!"
X System Setup rpcxcmod.exeAdded by an unidentified WORM or TROJAN!
X System Soap Pro soap.exe"System Soap Pro internet cleaning software. Bundles foistware like Httper and Zipclix - best avoided"
U System startup charmapx.exeOnly required if using an oriental language
X System Startup Voltio.exe"Added by the RBOT.NJ WORM!"
X System Startup kimochi.exe"Added by a variant of the RBOT WORM!"
X System Startup Manager smcss.exe"Added by the RBOT.AMD WORM!"
X System Stats SystemStats.exe"Added by a variant of the WOOTBOT WORM!"
X System Support syscfg.exe"Added by the RBOT-AGQ WORM!"
X System Support system32.exe"Added by the RBOT-AHA WORM!"
X System Support syssql.exe"Added by the RBOT-AUH WORM!"
X System Terminal SYSTEM2.EXE"Added by the SPYBOT-BZ TROJAN!"
X System time updator CSysTime.exe"Added by the RANDEX.S WORM!"
X System Toolkit Systools.exe"Added by the RONOPER-G WORM!"
X System Tray msccn32.exe"Added by the SOBIG.B WORM! Warning - spreading via infected E-mail attachments with the sender address faked as support@microsoft.com! Note - this is not the legitimate systray.exe process"
X System Tray systray.exe"Added by the FAN-A WORM!"
X System Tray Services spooles32.exe"Added by the AGOBOT.ZH WORM!"
X System Tray32 SysTray32.exe"Added by the REPAD WORM!"
X System Unix syscfg32.exe"Added by the RBOT-ZD WORM!"
X system updata updata.exe"Added by the LINEAGE-C TROJAN!"
X System Update [filename].exe"CoolWebSearch parasite variant"
X System Update [random filename]"Added by the KORGO.W or KORGO.X WORMS!"
X System Update wupdmgr.exe"Added by the SOROMO-A TROJAN!"
X System Update [random filename]"Added by the SOROMO-A TROJAN!"
X System Update wauluclt.exe"Added by the SDBOT.EF WORM!"
X System Update [path to trojan]"Added by the AUTOTROJ-D TROJAN!"
X System Update Service wmiprvsa.exe"Added by the AGOBOT-RG TROJAN!"
X System Update Service winupd32.exe"Added by the ADTODA-A TROJAN!"
X System Update Service system.pif"Added by the RBOT-ALL WORM!"
X System Update Service update.pif"Added by the SPYBOT.WOE WORM!"
X System Update2 explorer.exe"Added by the AUTOTROJ-C TROJAN! Note - the legitimate Windows Explorer (explorer.exe) is located in the Windows or Winnt folder and would not normally appear in Msconfig/Startup unless you added it manually! This one is located in the System (9x/Me) or System32 (NT/2K/XP) folder"
X System Update2 services.exe"Added by the AUTOTROJ-C TROJAN!Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup!"
X System Update2 svchost.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
X System Update2 system.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 taskman.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 taskmon.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 update.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 webcheck.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 wininet.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 winlogon.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate winlogon.exe process
X System Update2 winspool.exe"Added by the AUTOTROJ-C TROJAN!"
X System Update2 wupdmgr.exe"Added by the AUTOTROJ-C TROJAN!"
X System Updater Service wmiprvsw.exe"Added by the GAOBOT.AFC WORM!"
X System Updates winsci.exe"Added by a variant of the RBOT WORM!"
X System Updates szwi.exe"Added by the RBOT-AXE WORM!"
U System Updates unve.exe"Added by the RBOT-AWG TROJAN!"
X System Updates wmkl.exe"Added by the RBOT-AYJ WORM!"
X System Updates 4 mssysfix.exe"Added by the RBOT-ADU WORM!"
X System Updates Manager winserv32.exe"Added by the AGOBOT-AGA WORM!"
X System Updates Service updates.pif"Added by the RBOT-AMA WORM!"
X System Uptime Server SYSENTRY.EXE"Added by the RBOT.LK WORM!"
X System Uptime Server SYSENTRY32.EXE"Added by the RBOT.LK WORM!"
X system xp acdsee demo.exe"Added by the SALGA.A WORM!"
X System-Config msptmf32.com"Added by the LIOTEN.FA WORM!"
X System-Service EXPLORER.SCR"Added by the BENJAMIN.A WORM! KaZaA file-sharing users beware!"
X system. system..exe"Added by the OPTIXPRO.13.C TROJAN!"
X system... system...exe"Added by the OPTIXPRO.13.C TROJAN!"
X System.exe System.exeAdded by various WORMS and TROJANS!
X System132 Csrtss.exe"Added by the LANFILT-I TROJAN!"
X system23 notPad.exe"Added by the ESTEEMS.D TROJAN!"
X System32 system.exe"Added by the BUSHTRO122 TROJAN!"
X System32 System32.exeAdded by any number of WORMS or TROJANS!
U System32 sysdiag.exe"SpyAgent surveillance software - uninstall this software unless you put it there yourself!"
X System32 "system321.exe"
X system32 NeT-BoT.exe"Added by the AGOBOT-LJ WORM!"
X System32 lsasss.exe"Added by the RBOT-XW WORM!"
X System32 crsvvc.exe"Added by the RBOT.BLY WORM!"
X system32 QQGame.exe"Added by the QQPASS-AC TROJAN!"
X System32 PCI Manager syspci32.exe"Added by the RBOT-AFR WORM!"
X System32 PCI Manager syspci32.exe"Added by the RBOT-AFR WORM!"
X System32 TCP Manager systcpm.exe"Added by a variant of the RBOT WORM!"
X System32 TCP Manager systerm.exe"Added by the RBOT.AFD WORM!"
X System32 Temp Service systmp.exe"Added by the RBOT-AET WORM!"
X system32.dll systeminit.exe"CoolWebSearch parasite variant - re-directing to your-search.info"
X system32.dll sysdll32.exe"CoolWebSearch parasite variant. Redirecting to wholeworldmarket.com
X system32.exe services32.exe"Added by a variant of the BACKDOOR.IRC.BOT TROJAN!"
X system32.exe system32.exe"Added by the GRAYBIRD.P TROJAN!"
X System32Check [random].exe"Added by the CHAST-A TROJAN!"
X System32Dll DLL32SYS.EXE"Added by the SPYBOT-CZ WORM!"
X System32Ex System32Ex.exe"Added by the IRCCONTACT TROJAN!"
U System32kfvwÆ sysdiag.exe"SpyAgent surveillance software - uninstall this software unless you put it there yourself!"
X System33 FB_PNU.EXE"Added by the NICHELLO-A WORM!"
X System4224411 Virus"Added by the CAGER.A WORM!"
X System4224411 Systemdll.exe"Added by the YUSUFALI-B WORM!"
X SystemAdministration Wincmp32.exe"Added by the ASYLUM TROJAN!"
U SystemAgent Sage.exe"""Microsoft Plus! System Agent automatically tunes your system
X SystemB MessengerStopper.exe"MessStopper adware"
X SystemBackup mtx.exe"Added by the MTX VIRUS/WORM!"
X SystemBackup MicroLog.exe"Added by the MICROLOG.A TROJAN!"
X SystemBoot services.exe"Added by the SOBER-Q TROJAN! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a HelpHelp subfolder of the Windows or Winnt folder"
? SystemBoot ladies.htm"Unknown but sounds very suspicious??"
X SystemBoot Mshta.exe ...filename.htaAdult content dialler
X Systemboot msnsngr.exe"Added by a variant of the RBOT WORM!"
X SystemCheck Systemcheck.exe"Added by the LAVITS WORM!"
X SystemCheck services.exe"Added by the SOBER-M WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a Configsystem subfolder of the Windows or Winnt folder"
X SystemCheck svchost.exe"Added by the DELF-KR TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a C:DriverLoad folder"
X SystemCheck SysCheckBop32.exe"WINBO adware"
X SystemChecker Syschk.exe"Added by the GALIL.F WORM!"
X SystemCONF98i SystemCONF98i.exe"Added by the GLITCH BOT TROJAN!"
X SystemDebug Sysdeb32.exe"Added by the SYSBUG TROJAN!"
X SystemDll SystemDll.exe"Added by the LOXOSCAM TROJAN!"
X systemdll32.exe systemdll32.exe"Added by the FEUTEL-F TROJAN!"
X SystemDriver csrss.exe"Added by the ASCETIC.B TROJAN! Note - this is not the legitimate csrss.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a addinsexplorer subfolder of the Winnt or Windows folder"
X SystemDriverCheck svchost.exe"Added by the DELF-KR TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a C:DriverLoad folder"
X SystemDriverLoad svchost.exe"Added by the DELF-KR TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a C:DriverLoad folder"
X systemdrv ms32sys.exe"Added by an unidentified WORM or TROJAN - most likely GAOBOT variant"
X SystemEmergency [various filenames]"CoolWebSearch Smartsearch parasite variant"
X SystemExplorer explore.exe"Homepage hijacker - file located in the ""Services"" folder in Common Files"
X SystemFile SystemFile.exe"Added by the DULLDOOR-A TROJAN!"
X SystemFTP VSENMB.exe"Malware (ie
X SystemGent CVT.exe"Added by the BRONTOK-H WORM!"
U SystemGuardAlerter SystemGuardAlerter.exe"Part of System Mechanic maintenance software from Iolo Technologies. What does it do?"

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Powered By Pac's Startup list

Copyright 2005 I Am Not A Geek Inc.