"Added by the AUTORUN.DIB WORM! Note - this is not the legitimate smss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in a ~A~m~B~u~R~a~D~u~L~� subfolder"
"Added by the AGENT.QG TROJAN! Note - this is not the legitimate Internet Explorer (iexplore.exe) which is always located in %ProgramFiles%\Internet Explorer and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the BABA-B WORM! Note - this is not the legitimate csrss.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in the root folder (ie
"Added by an unidentified WORM or TROJAN! Note - this is not the legitimate svchost.exe process which is always located in %System% and should not normally figure in Msconfig/Startup!"
"Added by the PADMIN-A TROJAN! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\Repair"
"Added by the YODO WORM! Note - the legitimate Windows Explorer (same filename) is located in %Windir% and would not normally appear in Msconfig/Startup unless you added it manually! This one is located in %System%"
"Part of the Windstream Broadband service from AllTel. ""matcli.exe is a motive Assistant Command line interface that gathers information about your system's identity like your name email address
"CTHELPER is a background task that is a plug-in manager for Creative drivers. The theory is that 3rd party manufacturers can use the CTHELPER plug-in interface to produce drivers
"Added by the CRUTLE-B WORM! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
System Tray application that starts up the Winfox utility for a Leadtek Winfast graphics card to restore settings. Can be started manually via Start → Control Panel → Display. Only needed if you wish to run things like the hardware monitor or overclock your card
From WinFax 10.0 and possibly earlier versions. Appears if you chose to have WinFax appear in the taskbar (System Tray) during installation and displays a yellow fax/telephone icon. Available via Start -> Programs
"WinFlip from Tokyo Downstairs - a 'Flip-3D' task switcher alternative to the standard Alt+Tab on Windows XP that adds the equivalent 'Aero' feature from Windows 7 and Vista. You can either click on the tray icon
"WinFlip from Tokyo Downstairs - a 'Flip-3D' task switcher alternative to the standard Alt+Tab on Windows XP that adds the equivalent 'Aero' feature from Windows 7 and Vista. You can either click on the tray icon
System Tray application that starts up the Winfox utility for a Leadtek Winfast graphics card to restore settings. Can be started manually via Start → Control Panel → Display. Only needed if you wish to run things like the hardware monitor or overclock your card
"Added by the LOVGATE-F WORM! Note - this is not the legitimate RealPlayer (realsched.exe) application of the same name. This one is located in %System%"
"Added by the GANT.B WORM! Note that wscript.exe is a legitimate Microsoft file used to launch script files and shouldn't be deleted. The ""Msexec32.vbs"" file is found in %System%"
"Added by the SOBER.R WORM! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%\ConnectionStatus and note the space at the beginning of the ""Startup Item"" field"
"Added by the TRODAL TROJAN! Note - this is not the legitimate winlogon.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the YSPAN.F WORM! Note that wscript.exe is a legitimate Microsoft file used to launch script files and shouldn't be deleted. The ""WINLOGON.vbs"" file is found in %System%"
"Added by the ALCOP-B WORM! Note - this is not the legitimate lsass.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %Windir%"
"Added by the KIPIS.M WORM! Note - this is not the legitimate svchost.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in a ""1032"" sub-folder"
DISCLAIMER: It is assumed that users are familiar with the operating
system they are using and comfortable with making the suggested changes. I will
not be held responsible if changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager
or the Close Program window (CTRL+ALT+DEL) but a list of startup
applications, although you will find some of them listed via this method.
Pressing CTRL+ALT+DEL identifies programs that are currently running - not
necessarily at startup. For a list of tasks/processes you should try
WinTasks 5 Standard/Professional from LIUtilities or the list at
AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL
just because it has an "X" recommendation, please check whether it's in MSCONFIG
or the registry first. An example would be "svchost.exe" - which doesn't appear
in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't
do anything.
