"Added by the AGOBOT-UC WORM! Note - this is not the valid MSN Messenger (now Windows Live Messenger) utility which is located in either %ProgramFiles%\MSN Messenger or %ProgramFiles%\Windows Live\Messenger. This one is located in %System%"
"Added by the VB.HE VIRUS! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %ProgramFiles%\Common Files\system"
"Added by the CIADOOR-L TROJAN! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the POEBOT-LR WORM! Note - this is NOT the popular Winamp media player which resides in a ""Winamp"" subdirectory of the Program Files directory"
"Added by the DWNLDR-HGR TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %UserProfile%"
"Added by the VB-EBV TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %UserProfile%"
"Added by the WARBOT TROJAN! Note - this is not the legitimate smss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Windows Media Connect from Microsoft - stream digital media files on your computer to digital media receivers (DMRs) that are connected to your home network"
"Added by the KELVIR.G WORM or variants! Note - this is not the valid Windows Media Player as the file is located in %System% rather than %ProgramFiles%\Windows Media Player"
German software (comes with some Toshiba CD writers) that helps convert Powerpoint files to ASF (Streaming Media) files. Available via Start -> Programs
"Added by a variant of the IRCBOT BACKDOOR! See here. Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by a variant of the IRCBOT BACKDOOR! Note - this is not the legitimate Machine Debug Manager (mdm.exe) process which is located in %ProgramFiles%\Common Files\Microsoft Shared\VS7Debug (98/Me/XP/Vista) or C:\WINDOWS\SYSTEM (Me only)"
"Added by the IRCBOT.AKZ WORM! Note - this is not the legitimate Machine Debug Manager (mdm.exe) process which is located in %ProgramFiles%\Common Files\Microsoft Shared\VS7Debug (98/Me/XP/Vista) or C:\WINDOWS\SYSTEM (Me only)"
DISCLAIMER: It is assumed that users are familiar with the operating
system they are using and comfortable with making the suggested changes. I will
not be held responsible if changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager
or the Close Program window (CTRL+ALT+DEL) but a list of startup
applications, although you will find some of them listed via this method.
Pressing CTRL+ALT+DEL identifies programs that are currently running - not
necessarily at startup. For a list of tasks/processes you should try
WinTasks 5 Standard/Professional from LIUtilities or the list at
AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL
just because it has an "X" recommendation, please check whether it's in MSCONFIG
or the registry first. An example would be "svchost.exe" - which doesn't appear
in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't
do anything.
