| Type |
Caption |
Section |
File name |
Description |
 |
AclService |
|
AclService |
C:\Windows\System32\aclservice.exe, and C:\Windows\Downloaded Program Files\acl.inf. |
|
b3d |
|
BDEsecureinstall.exe |
B3d Projector foistware - periodically trys to access the internet. (1) Uninstall it via Start -> Settings -> Control Panel -> Add/Remove Programs. (2) Remove the BDEsecureinstall.exe if still present in C:\\Windows\\System. (3) Disable and ideally delete it from the registry. (4) Remove the "BDE" directory and all its contents
Read more |
|
b3dUpdate |
|
Zupdate.exe |
B3d Projector foistware - periodically trys to access the internet. (1) Uninstall it via Start - Settings - Control Panel - Add/Remove Programs. (2) Remove the BDEsecureinstall.exe if still present in C:\Windows\System. (3) Disable and ideally delete it from the registry. (4) Remove the "BDE" directory and all its contents
Read more |
|
CacheLoader |
|
[random] |
Troj/Dloader-IX will download the [random] file to the Windows folder, sub-folder "Cache". That done, it moves to "Security iGuard.exe", found in the Program Files folder.
Read more |
|
Daily Weather Forecast |
|
WEATHER.EXE |
Added by Troj/Dloader-IP TROJAN to the Windows program folder.
Read more |
|
Explorer lptt01 |
|
explorer.exe |
Variant of the RapidBlaster parasite (in an "explorer" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here. Note - this is not the legitimate Windows Explorer (explorer.exe) which would only be in startups if you added it manually!
Read more |
|
Firewall |
|
wmlaunch .exe |
It will be found in the Windows Program Files folder. |
|
ICQ Lite Messenger |
|
[random filename] |
Added by an unidentified VIRUS, WORM or TROJAN! Unlike the legitimate ICQ Lite executable, which will be located in the ICQLITE folder in Program Files, this particular impostor is located in the Windows or Winnt\System32 directory |
|
itunes |
|
itunes.exe |
Added by a variant of the WIN32.RBOT WORM! - NOTE - this file will be placed in de Windows\System32 or Winnt\System32 folder, and should NOT be confused with the (legitimate) Apple iTunes process, always located in the Program Files\iTunes folder.
Read more |
|
loader |
|
WMPLAYER.EXE |
Unknown baddie - WMPLAYER.EXE is stored in the location and uses the same name as Windows Media Player but that valid Windows program doesn't load at startup |
|
Msconfig lptt01 |
|
msconfig.exe |
Variant of the RapidBlaster parasite (in a "msconfig" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here. Note - this is not the valid Windows Msconfig which has the same executable name
Read more |
|
NeroCheck |
|
regedit.exe |
Added by the DOOMJUICE.B WORM! Note - this is not the valid Ahead Nero CD burning program. Also it is not the valid Windows registry editor which resides in C:\Windows or C:\Winnt wheras this version resides in C:\Windows\System (Win9x/Me), C:\Winnt\System32 (WinNT/2K) or C:\Windows\System32 (WinXP)
Read more |
|
Notepad lptt01 |
|
notepad.exe |
Variant of the RapidBlaster parasite (in a "nvd32" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here. Note - this is not Windows Notepad which has the same executable name
Read more |
|
Protection |
|
Firewall.exe |
Added by W32/Elitper-A, a WORM, and found inthe Windows Program Files folder.
Read more |
|
smsslevel4 |
|
smss.exe |
UNidentified malware - NOTE - this file is placed in a:\Program Files\Windows Media Player\Skins\WindowsMediaSkin\Data\Level4 Level4 folder, and should NOT be confused with the legitimate Windows smss.exe process, always located in the Winnt\System32 or Windows\System32 folder, and which moreover should NOT figure in Msconfig/Startup!
Read more |
|
system |
|
outlook.exe |
Added by the MIMAIL.Q WORM! Note that Microsoft's outlook.exe resides in the Program Files sub-directory wheras this resides in C:\Windows or C:\Winnt
Read more |
|
update" -s setup |
|
Zupdate.exe |
B3d Projector foistware - periodically tries to access the internet. (1) Uninstall via Start - Settings - Control Panel - Add/Remove Programs. (2) Remove the BDEsecureinstall.exe if still present in C:\Windows\System. (3) Disable and ideally delete it from the registry. (4) Remove the "BDE" directory and all its contents
Read more |
|
Winmain |
|
winmain.exe |
One of the first of a new breed of malware. When run it immediately loads MSHTA.EXE from the Windows folder, placing it on "hot standby", ready to accept HTA scripting within a web page and then EXECUTE what is embedded IN the page as a program! In other words, it's possible for a "rogue" website to actually embed trojans, worms and/or viruses directly into a web page. BOClean's HTA Stop offers an easy way to toggle this capabiltity, or rather vulnerability, on and off. I suggest you leave it disabled! |
|
Zopenssl |
|
zopenssl.dll |
Added by the Trojan.Goldun.K rootkit. This program is used by the infection to stealth C:\Windows\System32\zopenssld.sys and its related service.
Read more |
|
Zupdate |
|
Zupdate.exe |
B3d Projector foistware - periodically trys to access the internet. (1) Uninstall it via Start -> Settings -> Control Panel -> Add/Remove Programs. (2) Remove the BDEsecureinstall.exe if still present in C:\\Windows\\System. (3) Disable and ideally delete it from the registry. (4) Remove the "BDE" directory and all its contents
Read more |
Sitemap
Italian
Russian
- unknown program.
- not required - can be disabled.
- user's choice.
- normal to run at start-up.
