Guard

NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page

If you're not finding what you're looking for please go to this forum and submit a new startup entry.

Key:

"Y" - Normally leave to run at start-up
"N" - Not required - typically infrequently used tasks that can be started manually if necessary
"U" - User's choice - depends whether a user deems it necessary
"X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
"?" - Unknown

	Startup Name	Process Name	Details
Y	!1_ProcessGuard_Startup	procguard.exe	"DiamondCS ProcessGuard security software - stops malicious worms and trojans from being executed silently in the background
Y	'Ashampoo AntiSpyWare 2 Guard'	AntiSpyWare2Guard.exe	"Part of Ashampoo® AntiSpyWare 2 from Ashampoo GmbH & Co. KG. This part is the realtime monitor that looks for changes on the users system such as BHO
Y	a-squared	a2guard.exe	"System Tray access to and Anti-Malware Guard feature of Emsisoft Anti-Malware from Emsi Software GmbH - which provides ""comprehensive PC protection against viruses
Y	a-squared	a2adguard.exe	"System Tray access to and Background Guard feature of Emsisoft Anti-Dialer from Emsi Software GmbH - which provides ""provides a complete defense against Dialers"""
Y	a-squared Anti-Dialer	a2adguard.exe	"System Tray access to and Background Guard feature of Emsisoft Anti-Dialer from Emsi Software GmbH - which provides ""provides a complete defense against Dialers"""
Y	a2adguard	a2adguard.exe	"System Tray access to and Background Guard feature of Emsisoft Anti-Dialer from Emsi Software GmbH - which provides ""provides a complete defense against Dialers"""
Y	a2guard	a2guard.exe	"System Tray access to and Anti-Malware Guard feature of Emsisoft Anti-Malware from Emsi Software GmbH - which provides ""comprehensive PC protection against viruses
X	Additional Guard	WI[random characters].exe	"Additional Guard rogue security software - not recommended
X	AdvancedPrivacyGuard	apg.exe	"AdvancedPrivacyGuard rogue privacy program - not recommended
X	AntiMalwareGuard	amg.exe	"AntiMalwareGuard rogue security software - not recommended
X	AntiSpyGuard	AntiSpyGuard.exe	"AntiSpyGuard rogue security software - not recommended
Y	AntiSpyWare2Guard	AntiSpyWare2Guard.exe	"Part of Ashampoo® AntiSpyWare 2 from Ashampoo GmbH & Co. KG. This part is the realtime monitor that looks for changes on the users system such as BHO
X	AntiSpywareGuard	asg.exe	"AntiSpywareGuard rogue spyware remover - not recommended
Y	Ashampoo AntiSpyWare 2	AntiSpyWare2Guard.exe	"Part of Ashampoo® AntiSpyWare 2 from Ashampoo GmbH & Co. KG. This part is the realtime monitor that looks for changes on the users system such as BHO
Y	Ashampoo AntiSpyWare 2 Guard	AntiSpyWare2Guard.exe	"Part of Ashampoo® AntiSpyWare 2 from Ashampoo GmbH & Co. KG. This part is the realtime monitor that looks for changes on the users system such as BHO
Y	Ashampoo AntiVirus Service	GuardGui.exe	"System Tray access to the main user interface for Ashampoo® AntiVirus from Ashampoo GmbH & Co. KG."
U	Ashampoo HDD Control Guard	HDDControlGuard.exe	"Part of Ashampoo® HDD Control from Ashampoo GmbH & Co. KG - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray access"
Y	AVGuard	AVGuard.exe	"AntiVir® PersonalEdition Classic antivirus. Background task which scans files transparently"
X	avguard3876	000b09274b.exe	"AntiVirus ransomware security software - not recommended
Y	a�	a2guard.exe	"System Tray access to and Anti-Malware Guard feature of Emsisoft Anti-Malware from Emsi Software GmbH - which provides ""comprehensive PC protection against viruses
X	Backup One	smbguard.exe	"Added by the SDBOT-MI WORM!"
Y	bg	bullguard.exe	"Bullguard antivirus and firewall. The P2P version is free with KaZaA Media Desktop and Grokster"
Y	BullGuard	mgui.exe	"Part of Bullguard antivirus"
Y	BullGuard	BullGuard.exe	"Part of BullGuard antivirus"
U	BullGuard Update	avxlive.exe	"Part of Bullguard antivirus. Leave enabled unless you manually update virus definitions"
Y	BullGuard XComm	XCOMMSVR.EXE	"Part of Bullguard antivirus"
Y	BullGuardInit	AVXINIT.EXE	"Part of Bullguard antivirus"
Y	BullguardoptIn	bulldownload.exe	"Part of Bullguard antivirus"
X	ComStart	Trojan Guarder.exe	"TrojanGuarder rogue security software - not recommended"
X	Coreguard Antivirus 2009	Coreguard 2009.exe	"Coreguard Antivirus 2009 rogue security software - not recommended
N	Data LifeGuard	BACKWE~1.EXE	Data LifeGuard diagnostic tools for Western Digital's series of hard drives
N	Data LifeGuard LifeLine Lite installer	DLGLI.EXE	"Backweb installer - see here"
U	dguard	dguard.exe	"eAcceleration Stop-Sign security software related. Previously not recommended
X	Dr. Guard	drguard.exe	"Dr. Guard rogue security software - not recommended
U	ELSAChipGuard	elsavect.exe	"ChipGuard for ELSA graphics cards - monitoring solution which monitors both the GPU temperature and fan speed
Y	Emsisoft Anti-Malware	a2guard.exe	"System Tray access to and Anti-Malware Guard feature of Emsisoft Anti-Malware from Emsi Software GmbH - which provides ""comprehensive PC protection against viruses
X	ErrorGuard	ErrorGuard.exe	"ErrorGuard rogue spyware remover - not recommended
X	FBSearch	SearchGuardPlus.exe	"Fast Browser Search/Search Guard Plus parasite - installed with ""Make the Web Better"" applications such as My Web Tattoo
U	Filterguard	Filtrgrd.exe	"An icon located in the lower left of the screen and looks like a lifesaver. This icon is a ""short-cut"" to access the basic features of SOS-Guardian
X	FlashGuard	FlashGuard.exe	"Added by the AUTOIT.AL WORM!"
U	Guard	Guard.exe	"Related to Phoenix Technologies Core Managed Environment (cME) Integration and Certification program"
X	Guard Pro	VH339.exe	"Guard Pro rogue security software - not recommended
X	GuardCenter	GuardCenter.exe	"GuardCenter rogue security software - not recommended"
Y	GuardGui Application	GuardGui.exe	"System Tray access to the main user interface for Ashampoo® AntiVirus from Ashampoo GmbH & Co. KG."
U	Guardian	CMGrdian.exe	"McAfee Guardian shortcut menu on the System Tray (looks like a castle) given access to Internet Security
U	Guardian PC Security Tools	Pfft.exe	"Boomerang Software's Guardian PC Security Tools - now rebranded as the eXtendia Security Suite"
X	GuardPcs.exe	GuardPcs.exe	"GuardPcs rogue security software - not recommended
X	GuardWWW	GuardWWW.exe	"GuardWWW rogue security software - not recommended
X	HardDriveGuard	SysRep.exe	"HardDriveGuard rogue system error and cleaning utility - not recommended
U	HDDControlGuard	HDDControlGuard.exe	"Part of Ashampoo® HDD Control from Ashampoo GmbH & Co. KG - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray access"
U	HDDControlGuard.exe	HDDControlGuard.exe	"Part of Ashampoo® HDD Control from Ashampoo GmbH & Co. KG - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray access"
X	IGuardPc.exe	IGuardPc.exe	"IGuardPc rogue security software - not recommended
X	kernel32dll	guardpc.exe	"Added by the FORBOT-CU WORM!"
X	LanGuard	languard.exe	"Adware downloader - also detected as the SECONDT-C TROJAN!"
X	LanGuard	[path to trojan]	"Added by the DLOADER-VO TROJAN!"
X	Load-Guard	Wscript.exe LGuarg.exe.vbs	"Added by the YENO.B and YENO.C WORMS! Note that wscript.exe is a legitimate Microsoft file used to launch script files and shouldn't be deleted. The ""LGuarg.exe.vbs"" file is located in %Windir%"
X	LowRiskFileTypes	sysguard.exe	"Added by the FAKEAV-UY TROJAN!"
U	LUGuard	LUGuard.exe	"PC-Duo Remote Control enables your help desk technicians to take instant control of any remote desktop PC at any location across the LAN
Y	Mamutu Guard	mamutu.exe	"Background Guard feature of Mamutu from Emsi Software GmbH - which provides behaviour rather than signature based protection that ""recognizes new and unknown Trojans
U	McAfee Guardian	CMGrdian.exe	"McAfee Guardian shortcut menu on the System Tray (looks like a castle) given access to Internet Security
X	Microsoft	guard.exe	"Added by a variant of the SDBOT WORM!"
X	Microsoft DLL Verifier	winavguard.exe	Added by the SDBOT.AAD WORM!
X	Microsoft Update	wauguard.exe	"Added by the RBOT.AEE WORM!"
X	Microsoft Updating	navguard.exe	"Added by the RBOT.HW WORM!"
X	Microsoft Updating	wuamguards.exe	"Added by the RBOT-BY WORM!"
X	MS Unix Binary	WinGuard.exe	"Added by the RBOT-ACL WORM!"
X	MS Windows Update	scguard.exe	"Added by the RBOT-YZ WORM!"
X	MyAV	avpguard.exe	"Added by the NETSKY.J WORM!"
X	NetDy	VisualGuard.exe	"Added by the NETSKY.N or NETSKY.W WORMS!"
U	NetGuard	NetGuard.exe	FBM Software ZeroSpyware 2004 spyware detector and remover - real time monitor
X	Network Security Guard	*********.exe [ = random char]	"CoolWebSearch parasite variant"
X	Network Security Guard	[path to trojan]	"Added by the COLEM-A TROJAN!"
N	Norton Crashguard Monitor	cgmenu.exe	Troublesome program that doesn't actually work with WinME so Norton removed it from SystemWorks 2001
X	Norton Guard 32	ntguard32.exe	"Added by a variant of the RBOT WORM!"
Y	ntl Netguard	RPS.exe	"ntl Netguard - anti-virus a package of services
Y	OfficeGuard RegChecker	ogrc.exe	"Kaspersky Labs anti-virus"
X	OfficeGuardUI	svcss.exe	"Added by the DEDLER-C TROJAN!"
X	OnlineGuard	OnlineGuard.exe	"OnlineGuard rogue security software - not recommended
X	PC Live Guard	PC[random characters].exe	"PC Live Guard rogue security software - not recommended
U	PC Tools Privacy Guardian	pg.exe	"Part of Privacy Guardian from PC Tools - which ""is a safe and easy-to-use privacy protection tool that securely deletes online Internet tracks and program activity records that are stored in your browser and other hidden files on your computer"". This startup entry runs only on the next reboot if the ""Cache
Y	PCBG	PCBODYGUARD.EXE	"PC Bodyguard from Calluna - protects system files and settings from being deleted
Y	PCBODYGUARD	PCBODYGUARD.EXE	"PC Bodyguard from Calluna - protects system files and settings from being deleted
U	PeerGuardian	PeerGuardian_1.99b_pr14.exe	"PeerGuardian - IP blocker for Windows. Used to protect privacy on P2P networks by blocking IP addresses specified in blocklists. Features support for multiple lists
U	PeerGuardian	pg2.exe	"PeerGuardian - IP blocker for Windows. Used to protect privacy on P2P networks by blocking IP addresses specified in blocklists. Features support for multiple lists
X	personalguard	personalguard.exe	"Personal Guard 2009 rogue security software - not recommended
X	PK Guard	pkguard32.exe	"Added by the GUAPIM WORM!"
Y	Privacy Guardian	PgIndex.exe	"Part of Privacy Guardian from PC Tools - which ""is a safe and easy-to-use privacy protection tool that securely deletes online Internet tracks and program activity records that are stored in your browser and other hidden files on your computer"". This startup entry runs only on the next reboot if the ""Index.dat"" option is selected for IE under ""Browsers"" when the users selects ""Clean Your Computer"". Index.dat files keep a track of pages
U	Privacy Guardian	pg.exe	"Part of Privacy Guardian from PC Tools - which ""is a safe and easy-to-use privacy protection tool that securely deletes online Internet tracks and program activity records that are stored in your browser and other hidden files on your computer"". This startup entry runs only on the next reboot if the ""Cache
Y	PrivacyGuardianIndex	PgIndex.exe	"Part of Privacy Guardian from PC Tools - which ""is a safe and easy-to-use privacy protection tool that securely deletes online Internet tracks and program activity records that are stored in your browser and other hidden files on your computer"". This startup entry runs only on the next reboot if the ""Index.dat"" option is selected for IE under ""Browsers"" when the users selects ""Clean Your Computer"". Index.dat files keep a track of pages
X	PSGuard	PSGuard.exe	"Variant of the SmitFraud alias FAKEALE-C TROJAN!"
X	PSGuard spyware remover	PSGuard.exe	"Variant of the SmitFraud alias FAKEALE-C TROJAN!"
Y	Recguard	recguard.exe	"On HP computers
X	Safeguard 2009	sf2009.exe	"Safeguard 2009 rogue spyware remover - not recommended
X	SafeGuard Popup Blocker Updater	regsvr32 sfgupd.dll	"SafeguardProtect/Veevo hijacker. Note that regsvr32.exe is a legitimate Microsoft file used to register and unregister OLE controls and shouldn't be deleted. The random DLL file is found in %System%"
X	SafeGuard Popup Blocker Updater (required)	regsvr32 sfg***.dll [ = ramdom char]	"SafeguardProtect/Veevo hijacker. Note that regsvr32.exe is a legitimate Microsoft file used to register and unregister OLE controls and shouldn't be deleted. The random DLL file is found in %System%"
X	SafeGuard Popup Updater (required)	regsvr32 sfg***.dll [ = random char]	"SafeguardProtect/Veevo hijacker. Note that regsvr32.exe is a legitimate Microsoft file used to register and unregister OLE controls and shouldn't be deleted. The random DLL file is found in %System%"
X	SafeGuard Popup Updater (required)	regsvr32 PDF***.dll [ = random char]	"SafeguardProtect/Veevo hijacker. Note that regsvr32.exe is a legitimate Microsoft file used to register and unregister OLE controls and shouldn't be deleted. The random DLL file is found in %System%"
X	Safeguard.exe	Safeguard.exe	"Super Spyware Killer rogue spyware remover - not recommended"
U	Screen Guard	launch.exe	"Part of Access Denied security and privacy software"
U	Screen Guard Message Scan	sgms.exe	"Part of Access Denied security and privacy software"
X	Security Guard	SG[random characters].exe	"Security Guard rogue security software - not recommended
X	Security iGuard	Security iGuard.exe	"Security iGuard spyware remover - not recommended
X	Special Firewall Service	avguard.exe	"Added by the NETSKY.G WORM! Note - do not confuse with AntiVir® antivirus which uses the same filename. This one is located in %Windir%"
X	SpyGuarder	spyguarder.exe	"SpyGuarder rogue security software - not recommended
X	SpyGuardPro	pgs.exe	"SpyGuardPro rogue security software - not recommended. A member of the AVSystemCare family"
U	Spyware Guard Control Panel	spywareguardcp.exe	"""SpywareGuard provides a real-time protection solution against spyware"""
U	spywarefighterguard	spfprc.exe	Spyware Fighter - anti spyware program
Y	SpywareGuard	sgmain.exe	"""SpywareGuard provides a real-time protection solution against spyware"""
X	SpywareGuard	winproc32.exe	"Startpage adware Trojan"
X	SpywareGuard	deinst_qfe001.exe	"Added by a variant of the Win32.Small TROJAN! - Do NOT confuse with the legitimate SpywareGuard application"
X	spywareguard	spywareguard.exe	"Spyware Guard 2008 rogue spyware remover - not recommended
X	Spywareguard lptt01	Spywareguard.exe	"RapidBlaster variant (in a ""Spyguard"" folder in Program Files). Recommended you use RapidBlaster Killer to uninstall - see here"
X	Spywareguard ml097e	Spywareguard.exe	"RapidBlaster variant (in a ""Spyguard"" folder in Program Files). Recommended you use RapidBlaster Killer to uninstall - see here"
X	SpywareGuardPlus	winmm64.exe	StartPage.ht homepage hijacker
U	StorageGuard	sgtray.exe	"StorageGuard from Veritas. Free utility that integrates with Backup MyPC (formerly Backup Exec Desktop)
U	SurfinGuard Pro	winsfcm.exe	"SurfinGuard Pro from Finjan - internet protection software
X	sysguard	sysguard.exe	"Added by the FAKEAV-KI TROJAN!"
X	sysguardn	s	"Spyware Protect 2009 rogue spyware remover - not recommended
X	System Guard	mhguard.exe	"Added by the RBOT-AGU WORM!"
U	System LifeGuard Scheduler	Slsched.exe	"System LifeGuard scheduler"
U	System Mechanic Startup Guard	StartupGuard.exe	"System Mechanic Startup Guard protects the Window's startup locations from being modified by viruses
X	system tool	sysguard.exe	"Antivirus System Pro rogue security software - not recommended
X	systemguard	systemguard.exe	"System Guard 2009 rogue security software - not recommended
?	SystemGuardAlerter	SystemGuardAlerter.exe	"Part of the Iolo System Mechanic maintenance software. What does it do?"
X	SystemGuardCenter	SystemGuardCenter.exe	"System Guard Center rogue security suite - not recommended
X	The Spy Guard	spyguard.exe	"The SpyGuard rogue spyware remover - not recommended
X	The Spy Guard Monitor	spyguard_monitor.exe	"The SpyGuard rogue spyware remover - not recommended
U	THGuard	TH_Guard.exe	"Resident memory scanning for TrojanHunter"
U	THGuard	THGuard.exe	"Resident memory scanning for TrojanHunter"
X	tipguard.exe	tipguard.exe	"Privacy Commander rogue privacy program - not recommended
X	Trojan Guarder Gold Version	Trojan Guarder.exe	"TrojanGuarder rogue security software - not recommended"
U	Trojancheck 6 Guard	tcguard.exe	"TrojanCheck anti-trojan software"
X	Ultimate System Guard	MainFAVProj.exe	"Ultimate System Guard rogue security software - not recommended
Y	VAGuard	VAGNT.exe	"Vexira Antivirus - virus scanner from Central Command"
X	VirtualPCGuard	pgs.exe	"VirtualPCGuard rogue security software - not recommended
X	VirusGuardPlus	pgs.exe	"VirusGuardPlus rogue security software - not recommended
X	Windows Additional Guard	WI[random characters].exe	"Windows Additional Guard rogue security software - not recommended
X	Windows firewall manager	msguard.exe	"Added by a variant of the RANDEX.GEL WORM!"
X	Windows Guard	WAUMGRD.EXE	"Added by the RBOT-GY WORM!"
X	Windows Guard Pro	WindowsGP.exe	"Windows Guard Pro rogue security software - not recommended
U	Windows Guardian	thehel1iawgrd32.exe	Part of First Aid by Cybermedia who were subsequently bought by McAfee (Network Associates). Protects your Windows system from application failure and crashes
U	Windows Guardian	Fawgrd32.exe	Part of First Aid by Cybermedia who were subsequently bought by McAfee (Network Associates). Protects your Windows system from application failure and crashes
X	Windows modez Verifier	Wwuamguard.exe	"Added by the RBOT.EZJ WORM!"
X	Windows modez Verifier	wuamguard.exe	"Added by the RBOT.EZJ BACKDOOR!"
X	Windows Network Controller	Mqguard.exe	"Added by the FORBOT-CL WORM!"
X	Windows System Guard	egun.exe	"Added by the AGENT-NHY TROJAN!"
X	Windows System Guard	msdn.exe	"Added by the FAKEAV-BJD TROJAN!"
X	Windows System Guard	msng.exe	"Added by the EGGDROP-BO WORM!"
X	Windows System Guard	msns.exe	"Added by the DWNLDR-IGD TROJAN!"
X	Windows Update	winmguard.exe	"Added by the RBOT-EM WORM!"
X	Windows Xp	nortonguard.exe	"Added by the MYTOB-DZ WORM!"
Y	Winguard	WGFE95.EXE	"Dr Solomon's Virex antivirus"
X	winguard	wingrd32.exe	"Added by a variant of the RBOT WORM!"
X	WinGuard	winguard.exe	"Added by the AGOBOT-OQ WORM! The file is located in %System%"
U	WinGuard	Winguard.exe	"Winguard Popup Remover - pop-up stopper. The file is located in %ProgramFiles%\Winguard Popup Remover"
U	WinGuard Pro	wgp.exe	"Winguard Pro"
X	WiniGuard	WiniGuard.exe	"WiniGuard rogue security software - not recommended. There are number of variants in this family sharing the same user interface - see here"
X	winusb.dll	winguard.exe	"Added by the FORBOT-CN WORM!"
?	WRECK GUARD	??	"??"
X	WSAConfiguration	ntguard32.exe	"Added by a variant of the AGOBOT/GAOBOT WORM!"
X	wuanguard	wuanguard32.exe	"Added by the RBOT-AAF WORM!"
X	XPGuard	XP-Guard.exe	"XP-Guard rogue security software - not recommended
X	YourPrivacyGuard	GDC.exe	"YourPrivacyGuard rogue privacy tool - not recommended
U	zSPGuard	Spguard.exe	""StartPage Guard (SPG) protects your PC from cyberscam
X	[random]	[random]sysguard.exe	"Antivirus Soft

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.