"Added by a variant of the RBOT WORM! Note - this is NOT the popular Winamp media player. The valid filename for the Winamp Agent is ""winampa.exe"" - see here"
"Added by a variant of the IRCBOT BACKDOOR! See here. Note - this is NOT the popular Winamp media player which resides in a ""Winamp"" subdirectory of %ProgramFiles%"
"Loads the System Tray icon for the popular Winamp media player - see here. Can be used to mantain file associations so programs like QuickTime and RealPlayer don't take over as default player for various media types. Available via Start -> Programs. Resides in a ""Winamp"" subdirectory of the Program Files directory"
"Added by the AGOBOT-GS TROJAN! Note - this is NOT associated with the popular Winamp media player. The valid file for the Winamp Agent resides in a ""Winamp"" subdirectory of %ProgramFiles% whereas this file is located in %System%"
"Added by the SPYBOT-BR WORM! Note - this is NOT the popular Winamp media player which is normally located in %ProgramFiles%\Winamp. This one is found in %System%"
"Loads the System Tray icon for the popular Winamp media player - see here. Can be used to mantain file associations so programs like QuickTime and RealPlayer don't take over as default player for various media types. Available via Start -> Programs. Resides in a ""Winamp"" subdirectory of the Program Files directory"
"Added by the STRTPAGE.BE TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the SOBER.V WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\ConnectionStatus\Microsoft and note the space at the beginning of the ""Startup Item"" field"
"Added by the SOBER.S WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\ConnectionStatus\Microsoft"
"Added by the AGOBOT-TL WORM! Note - this is not the legitimate Windows application wordpad.exe (which is found in the %ProgramFiles%\Accessories folder) which should not normally be seen in Msconfig or as a Startup item. This one is Located in %System%"
"Added by the SOBER-AD WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\PoolData and note the space at the beginning of the ""Startup Item"" field"
"Added by a variant of the IRCBOT BACKDOOR! Note that rundll32.exe is a legitimate Microsoft file used to launch DLL file types and shouldn't be deleted. The ""aqls32.exe"" file is found in %System%"
DISCLAIMER: It is assumed that users are familiar with the operating
system they are using and comfortable with making the suggested changes. I will
not be held responsible if changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager
or the Close Program window (CTRL+ALT+DEL) but a list of startup
applications, although you will find some of them listed via this method.
Pressing CTRL+ALT+DEL identifies programs that are currently running - not
necessarily at startup. For a list of tasks/processes you should try
WinTasks 5 Standard/Professional from LIUtilities or the list at
AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL
just because it has an "X" recommendation, please check whether it's in MSCONFIG
or the registry first. An example would be "svchost.exe" - which doesn't appear
in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't
do anything.
