Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
If you're not finding what you're looking for please go to this forum and submit a new startup entry.

Key:

  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown



Startup Name Process Name Details
XIoadqmMedia Player.exe"Added by the HAWAWI WORM!"
XMedia Playermedia.exe"Added by the FLDMEDIA-A TROJAN!"
XMedia Playerwmplayer.exe"Added by a variant of the AGOBOT.BM WORM! Note - this is not the valid Windows Media Player as the file is located in %System% rather than %ProgramFiles%\Windows Media Player"
XMedia PlayerSysdll.exe"Added by the BANKER-BR TROJAN!"
XMedia PlayerSysnet.exe"BANKER.MW spyware"
XMedia Player Updatexpsp1mfh.exe"Added by a variant of the RBOT WORM!"
XMicrosoft Media player 9msmedia32.exe"Added by the RBOT-ADO WORM!"
XMicrosoft Windows Media Playermediaplayer.exe"Added by a variant of the RBOT WORM!"
XMicrosoft Windows Media Playerwimp.exe"Added by the RBOT-FN WORM!"
UMicrosoft Windows Media Player Network Sharing Service Configuration ApplicationWMPNSCFG.exe"Network sharing tool for Windows Media Player 11 for XP & Vista. When using WMP 11 on home network you can choose to share your favorite music
XReal Media Playerrealplayer2.exe"Added by a variant of the RBOT WORM!"
XWinamp media playerwinapa.exe"Added by an unidentified VIRUS
XWinamp Media Playerwinamap.exe"Added by the SDBOT.ACJM BACKDOOR!"
XWinamp Media Playerwinamp.exe"Added by a variant of the IRCBOT BACKDOOR! See here. Note - this is NOT the popular Winamp media player which resides in a ""Winamp"" subdirectory of %ProgramFiles%"
XWindows Media Playerwmediaplayer.exe"Added by the AGOBOT-NQ WORM!"
XWindows Media PlayerMediaPIayer.exe"Added by the SDBOT-QO TROJAN! Note - the lower case ""l"" in ""MediapIayer"" is a capital ""i"""
XWindows Media Player[random filename]"Added by a variant of the RBOT WORM!"
XWindows Media Playermsa.exe"Added by the RBOT-SI WORM!"
XWindows Media Playermcafe32.exe"Added by the RBOT-YO WORM!"
XWindows Media Playerwmplayer.exe"Added by the KELVIR.G WORM or variants! Note - this is not the valid Windows Media Player as the file is located in %System% rather than %ProgramFiles%\Windows Media Player"
XWindows Media Player50cent.exe"Added by a variant of the RBOT WORM!"
XWindows Media Playermpwe.exe"Added by the RBOT-TT WORM!"
XWindows Media Playermsams.exe"Added by the RBOT.AHR WORM!"
XWindows Media Playervmmreg32.exe"Added by the AGENT.AQO TROJAN!"
XWindows Media Playermsass43.exe"Added by the RBOT-RT WORM!"
XWindows Media Playermpupdata.exe"Added by the SDBOT.BBG WORM!"
XWindows Media Playerwmplayerc.exe"Added by the SILLYFDC.DBG WORM!"
XWindows Media Player 3.6wmpa36.exe"Added by a variant of the RBOT WORM!"
XWindows Media Player 3.6bWMPA36B.EXE"Added by the RBOT-VV WORM!"
XWindows Media Player 3.6dwmpa36d.exe"Added by the RBOT-YA WORM!"
XWindows Media Player 3.9wmpa36.exe"Added by a variant of the RBOT WORM!"
XWindows Media Player 6.1.2wmplayer612.exe"Added by the RBOT.AIB BACKDOOR!"
XWindows Media Player Servicewmedia.exe"Added by the RBOT.213504 WORM!"
XWindows Media Player Update[random filename]"Added by the RBOT-ET WORM!"


DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Copyright 2003-2013 iamnotageek &/or Martin Krohn.