Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
If you're not finding what you're looking for please go to this forum and submit a new startup entry.

Key:

  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown



Startup Name Process Name Details
XDistributed File Systemkernel32dll.exe"Added by the MYFIP-C or MYFIP.K WORMS!"
XKERNEL 32SKERNEL32.com"Added by the SEMAPI-A WORM"
Xkernel32kern32.exe"Added by the BADTRANS.A WORM!"
XKernel32Kernel32.exe"Added by a number of VIRUSES
Xkernel32kernel.dli"Added by the NETDEVIL.B TROJAN!"
XKernel32Kernel.dll"Added by the REDLOF.M VIRUS!"
Xkernel32kernel32.dlI"Added by the NETDEVIL.15 TROJAN!"
XKernel32krnl32.exe"Added by the EPON WORM!"
XKernel32Kernel32.win"Added by the GAGGLE.D or GAGGLE.E WORMS!"
XKernel32kernel32s.exe"Added by the BCKDR-CIC BACKDOOR!"
Xkernel32kernel32.dll.vbs"Added by the WEKODE-A WORM!"
XKernel32svchosts.exeAdded by an unidentified WORM or TROJAN!
XKernel32svchost.exe"Added by an unidentified WORM or TROJAN! Note - this is not the legitimate svchost.exe process which is always located in %System% and should not normally figure in Msconfig/Startup! This one is located in %System%\drivers"
Xkernel32dllguardpc.exe"Added by the FORBOT-CU WORM!"
Xkernel32sys.dllIEXPLORER.exe"Added by the RBOT-MK WORM!"
XKernel32_sysdampersysdamp.exe"Added by an unidentified WORM or TROJAN! See here"
XLoadWindowsFileKernel32.exe"Added by the DELF.B TROJAN!"
XMicrosoft KernelWindows_kernel32.exe"Added by the NETSKY.AE WORM!"
XMicrosoft Windows System Kernelkernel32.exe"Added by a variant of the IRCBOT TROJAN!"
XMSKernel32MSKernel32.vbs"Added by the LOVELETTER (I LOVE YOU) VIRUS!"
XMSkernel32System.exe 4820"Added by the TUXDER BACKDOOR!"
XMstaskkernel32.exe"Added by the STAP-C WORM!"
Xrundll32kernel32.exe"Added by the STAP-C WORM!"
Xsystemkernel32.ini"Added by the SILLYFDC.CJ WORM!"
XWin32 Kernel core componentKernel32.pif"Added by the MOKS VIRUS!"
XWin32GKernel32.com"Added by the ESTRELLA TROJAN!"
XWindoes Kernelkernel32.exe"Added by the KICKIN.A (or CYDOG.C) WORM!"
XWindowsKernel32.exe"Added by the TENDOOLF.A WORM!"
Xwinkernel32wWin32.com"Added by the BANSAP TROJAN!"
XWSAConfigurationkernel32.exe"Added by the AGOBOT-KV WORM!"


DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Copyright 2003-2013 iamnotageek &/or Martin Krohn.