"Part of Malwarebytes' RogueRemover PRO - the realtime ""RogueMonitor will alert you before you download a rogue application keeping you safe and secure before trouble occurs."" Now discontinued and the funtionality is included in Malwarebytes' Anti-Malware"
"Part of Malwarebytes' RogueRemover PRO - the realtime ""RogueMonitor will alert you before you download a rogue application keeping you safe and secure before trouble occurs."" Now discontinued and the funtionality is included in Malwarebytes' Anti-Malware"
"Added by the BANKER-FI TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\inf"
"System Tray access to Roxio Drag-to-Disc - part of the Roxio Easy CD & DVD Creator and Easy Media Creator series of CD/DVD tools. ""Easily drag and drop files for burning to CD or DVD. Disc formatting and burning will happen automatically"". Not required for Roxio to work properly and available via the Start menu"
"Added by the RBOT-GSA WORM! Note - the legitimate Windows Explorer (same filename) is located in %Windir% and would not normally appear in Msconfig/Startup unless you added it manually! This one is located in %System%"
"Added by the RITDOOR-C WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the PREX.D WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the PREXOT.D BACKDOOR! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the PREXOT.E BACKDOOR! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the RITDOOR-B WORM! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the MYDOOM.AL WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the BOBAX.AA WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the BOBAX.AD WORM! Note - this is not the legitimate csrss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the BOBAX.AD WORM! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Remote Procedure Call. Required by windows for programs to communicate with each other on networks/different machines. Originally for NT only but now installed with Win98/98se. Under Win98/98se
"Troubleshooting utility for the RoadRunner cable internet service. Not required and you are advised to completely uninstall it. Provides a lot of false alarms and gets a lot of people panicking about there internet connection"
"Required on the GeFroce 64 meg MX card to show the full 64 meg memory and appears to be a software memory emulator running under the Win2K - see here. High CPU useage results - hence the U status"
"Added by the DELCANTI-B TROJAN! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in a ""12053"" subfolder"
"Added by the SILLY.BR WORM! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in a ""4350"" subfolder"
"Added by the ROUTROBOT WORM! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %AppData%\SystemProc"
"Configuration utility for the Netgear WG111 54 Mbps Wireless USB 2.0 Adapter that ""provides wireless access to your desktop or notebook PC through the computer's USB port"""
"Added by the KREPPER-N TROJAN! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\inet10066"
"Chinese originated browser hijacker - redirecting to 4199.com Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted"
MIDI emulator driver for the integrated sound chip by C-Media based on the CMI-8330 chip set normally found in cheap motherboards. Also installed as part of the software for a Guillemot Maxi Muse sound card (PCI)
HPFSCHED is a small TSR that will remind you to clean the cartridges in your DeskJet from time to time in order to keep print quality high. It can be removed from the run line in win.ini if you do not want that feature
"PC Alert III - MSI motherboard monitoring software. Only required if you ""overclock"" your system. Appears as a service in XP/Vista and under the ""RunServices"" registry key in Win98/2K"
"Added by the MYTOB.IG WORM! Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The random DLL file is found in %System%"
"Added by the GUTTA TROJAN! Note - this is not the legitimate csrss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
DISCLAIMER: It is assumed that users are familiar with the operating
system they are using and comfortable with making the suggested changes. I will
not be held responsible if changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager
or the Close Program window (CTRL+ALT+DEL) but a list of startup
applications, although you will find some of them listed via this method.
Pressing CTRL+ALT+DEL identifies programs that are currently running - not
necessarily at startup. For a list of tasks/processes you should try
WinTasks 5 Standard/Professional from LIUtilities or the list at
AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL
just because it has an "X" recommendation, please check whether it's in MSCONFIG
or the registry first. An example would be "svchost.exe" - which doesn't appear
in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't
do anything.
