Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
If you're not finding what you're looking for please go to this forum and submit a new startup entry.

Key:

  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown



Startup Name Process Name Details
XNorton Antivirus 2004SYMANTECAV2.EXE"Added by the SPYBOT-DY WORM! Note - this is not the real Norton AV!"
XSymantecccapp.exe"Added by the REATLE WORM! Note - this is not a Symantec file"
XSymantec Anti Virussymantec32.exe"Added by a variant of the WOOTBOT WORM!"
XSymantec Antivirus professionaldfrgfrat.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalautoformat.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionaldyndns.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalf0dns.exe"Added by the FORBOT-GT WORM!"
XSymantec Antivirus professionalflushdns.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalfor.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalregedit.exe"Added by a variant of the FORBOT WORM! Note - this is not the valid Windows registry editor which resides in %Windir% and will not normally figure in Msconfig/Startup! This version resides in %System%"
XSymantec Antivirus professionalSymantex.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalwindows .exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalWinhp32.exe"Added by a variant of the FORBOT WORM!"
XSymantec Antivirus professionalwinudp.exe"Added by a variant of the WOOTBOT WORM! See here"
XSymantec Antivirus professionalxplrer.exe"Added by a variant of the FORBOT WORM!"
XSymantec Autoscan[random filename]"Added by the RBOT-AJO WORM!"
YSymantec Backup Exec Desktop AgentDLOClientu.exe"Part of Symantec's Backup Exec backup software"
XSymantec Client Securitysymclient.exe"Added by a variant of the IRCBOT BACKDOOR! See here"
XSymantec Configuration LoaderccApp32.exe"Added by the AGOBOT-EE WORM!"
YSymantec Core LCsymlcsvc.exe"Part of Norton AntiVirus 2004. What does it do?"
XSymantec Debug Clientsymdebugs.exe"Added by the IRCBOT-ACM TROJAN!"
NSymantec Fax Starter Edition PortOLFSNT40.EXEOffers a virtual printer as a fax machine. Can be run via a desktop shortcut
YSymantec NetBackup Desktop AgentDLOClientu.exe"Part of Symantec's NetBackup backup software"
USymantec NetDriver MonitorSNDMon.exe"Part of Symantec's LiveUpate (eg
USymantec NetDriver WarningSNDWarn.exePart of Symantec Live Update - displays the warning when you need to update the firewall database
USymantec PIF AlertEngPIFSvc.exe"Symantec LiveUpdate Notice Service"
XSymantec Secure Serversvrhost.exe"Added by the IRCBOT-UB TROJAN!"
XSymantec Securitysymantec32.exe"Added by the RANDEX.PR or RANDEX.YR WORMS!"
XSymantec Security Addonnvsvc.exe"Added by a variant of the AGOBOT/GAOBOT WORM! Note - do NOT confuse with the legitimate NVIDIA Driver Helper Service file of the same name as described here"
XSymantec Security Routine Addonnavpaw.exe"Added by the AGOBOT-ES BACKDOOR!"
XSymantec Security Routine Addon for Microsoft Windowsnavpxaw32.exe"Added by the AGOBOT-GJ TROJAN!"
XSymantec ServiceccApp.exe"Added by the AKHER.D WORM! Note - this is also not the valid Norton AV file with the same filename"
XSymantecFilterChecksvhost.exe"Added by the BANKER-EEO TROJAN!"
XSymantecFilterCheckgmilogof.exe"Added by the BANKER-EKC TROJAN!"
XSymantecFilterCheck[path to trojan]"Added by the BANKER-EIN TROJAN!"
XSymantecFilterCheckbsyys.scr"Added by the BANLOAD.DZC TROJAN!"
Xwww.symantec.comoz11111.exe"Added by the MYDOOM.W WORM"


DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Copyright 2003-2013 iamnotageek &/or Martin Krohn.