Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

NEW HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Page 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
If you're not finding what you're looking for please go to this forum and submit a new startup entry.

Key:

  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown



Startup Name Process Name Details
XMicrosoft System Updatesysupdate.exe"Added by the SDBOT.DG WORM!"
XMSPP System Update 64wiaadmgr.exe"Detected by Kaspersky as the RANKY.GEN TROJAN!"
XSystem Update[filename].exe"CoolWebSearch parasite variant"
XSystem Update[random filename]"Added by the KORGO.W or KORGO.X WORMS!"
XSystem Updatewupdmgr.exe"Added by the SOROMO-A TROJAN!"
XSystem Update[random filename]"Added by the SOROMO-A TROJAN!"
XSystem Updatewauluclt.exe"Added by the SDBOT.EF WORM!"
XSystem Update[path to trojan]"Added by the AUTOTROJ-D TROJAN!"
XSystem Updatemssetupconf.exe"Added by the RBOT.DLC WORM!"
XSystem Update Applicationmsbuffer.exe"Added by the SDBOT.AFF WORM!"
XSystem Update Servicewmiprvsa.exe"Added by the AGOBOT-RG TROJAN!"
XSystem Update Servicewinupd32.exe"Added by the ADTODA-A TROJAN!"
XSystem Update Servicesystem.pif"Added by the RBOT-ALL WORM!"
XSystem Update Serviceupdate.pif"Added by the SPYBOT.WOE WORM!"
XSystem Update Servicewmiprvsv.exe"Added by the AGOBOT.YG WORM!"
XSystem Update Servicecsrss32.exe"Added by the AGOBOT-HI WORM!"
XSystem Update2explorer.exe"Added by the AUTOTROJ-C TROJAN! Note - the legitimate Windows Explorer (same filename) is located in %Windir% and would not normally appear in Msconfig/Startup unless you added it manually! This one is located in %System%"
XSystem Update2services.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate services.exe process which is always located in %System% and should not normally figure in Msconfig/Startup!"
XSystem Update2svchost.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
XSystem Update2system.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2taskman.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2taskmon.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate Win98/Me file of the same name which is located in %Windir% as this version is located in %System%. It is not normally found on a WinXP system"
XSystem Update2update.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2webcheck.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2wininet.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2winlogon.exe"Added by the AUTOTROJ-C TROJAN! Note - this is not the legitimate winlogon.exe process
XSystem Update2winspool.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Update2wupdmgr.exe"Added by the AUTOTROJ-C TROJAN!"
XSystem Updatedsvchoes.exe"Added by the RBOT-ASF WORM!"
XSystem Updater Machinecrhwss.exe"Added by the CIADOOR-DQ TROJAN!"
XSystem Updater Machinesystem.exe"Added by the CIADOOR.GN BACKDOOR!"
XSystem Updater Processwmiprvsw.exe"Added by the AGOBOT-IL WORM!"
XSystem Updater Servicewmiprvsw.exe"Added by the GAOBOT.AFC WORM!"
XSystem Updateswinsci.exe"Added by a variant of the RBOT WORM!"
XSystem Updatesszwi.exe"Added by the RBOT-AXE WORM!"
XSystem Updatesunve.exe"Added by the RBOT-AWG TROJAN!"
XSystem Updateswmkl.exe"Added by the RBOT-AYJ WORM!"
XSystem Updates 4mssysfix.exe"Added by the RBOT-ADU WORM!"
XSystem Updates Managerwinserv32.exe"Added by the AGOBOT-AGA WORM!"
XSystem Updates Serviceupdates.pif"Added by the RBOT-AMA WORM!"
XWINDOWS SYSTEM UPDATExDcc.exe"Added by the MYOTB-EH WORM!"
XWindows System Update Toolsupds.exe"Added by the VANBOT.CX BACKDOOR!"


DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. For a list of tasks/processes you should try WinTasks 5 Standard/Professional from LIUtilities or the list at AnswersThatWork. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Copyright 2003-2013 iamnotageek &/or Martin Krohn.