| Name | Status | Filename | Description |
|---|
| AccessRamp Monitor01 | N | ARMon32a.exe | From a visitor "Just wanted to provide you with some info on Access Ramp software installed with Verizon DSL accounts in those areas that use the Winpoet PPPoE software. The Access Ramp TSRs are installed as part of IP Insight software (can't remember the software maker). You can decline to install IP Insight during Winpoet setup, or go into Add/Remove programs uninstall IP Insight by hand if it's already installed. It really doesn't do a darn thing for you. It was intended to help DSL techs monitor QoS, but the backend part was never implemented (at least as of earlier this year). This will not affect the user's ability or inability to access their DSL service." |
| AntiVirusProtection | ? | qumk.exe | ?? |
| AppletINIT | X | INITIATE.EXE | Added by a variant of the W32.Spybot.Worm family of worms and IRC backdoor Trojans. This family of worms spread via mIRC and the Kazaa file sharing network. Note: Located in \%WINDIR%\System32\ |
| Alogserv | U | Alogserv.exe | From McAfee VirusScan for logging scanning activities. In some cases, if left running it can cause CPU % usage to go between 5-95% or go to and stay at 100%. Disabling it impacts on the reported last scan date. It is reported to cause jerky graphics response in many games. As of version 6, this is a critical component of McAfee and disabling it can cause a PC to lock up |
| avgamsvr.exe | Y | Avgamsvr.exe | AVG antivirus related |
| advap32 | X | bskl***.exe | Identified as the Trojan-Downloader.Win32.Small.syj / Trojan.Pandex Note: Located in \%WINDIR%\System32\ Note: Use SDFix under supervision. Note: * = Random Numbers. |
| AuthConsoleStart | U | AuthStart.exe | Security Manager - part of a ComCast Internet software suite that provides a variety of features (firewall, popup blocker, parental controls etcetera) to help ensure your computer is secure, and your information is kept private. |
| avserve3.exe | X | avserve3.exe | Added by the SASSER.G worm |
| AdRotator.Application | X | services.exe | Added by FakeMessage/AdRotator adware - NOTE - this file is placed in a Winnt\System32\Inetserv or Windows\System32\Inetsrv folder, and should NOT be confused with the legitimate Windows services.exe process, always located in the Winnt\System32 or Windows\System32 folder, and which moreover should NOT figure in Msconfig/Startup!
|
| ALFY Accellerator | ? | AlfyAC~1.exe | ?? |
| audi32 | X | audi32.exe | Troj/Ranck-FL Read the link, allows remote access |
| adlhidp | X | psncc32.exe | Identified as the TrojanProxy.Slaper malware. Note: Located in \%WINDIR%\System32\ |
| Avast32 | Y | Astart32.exe | Part of Avast! anti-virus software |
| AOL Instant Messanger | X | aim.exe | Added by the W32/Sdbot-YT
Worm!
|
| ATI DeviceDetect | N | ATIDtct.EXE | This utility was meant for future use of the ATI TV WONDER™ USB 2.0 video driver and can be disabled. |
| ABC | X | keylogger.exe | Monitors keystrokes so you can check if someone has typed anything while your away from your PC. Reported as spyware by SpyCop in their FAQ |
| AbsoluteShield Internet Eraser | Y | cseraser.exe | Related to AbsoluteShield_Internet_Eraser application. Note: located in C:\Program Files\SysShield Tools\Internet Eraser\ |
| AutoUpdater | X | AutoUpdate.exe | PeopleonPage foistware |
| acEventServ | Y | acevtsrv.exe | Related to ActivCard Gold Component of ActivCard Gold from ActivIdentity, Inc. Smart cards that function as photo ID, proximity badges for facility access and as digital identification and authentication devices. Note: Located in \%Program Files%\ActivCard\ActivCard Gold\ |
| ActiveEyes | N | ActiveEyes.exe | ActiveEyes from TFI Technology |
| ATIPOLAB | U | ati2evae.exe | ATI Polling Program - part of the ATI graphics driver e.g. on some Fujitsu-Siemens Notebooks |
| AVGuard | Y | AVGNT.EXE | Background task of the AntiVir antivirus program which scans files transparently in the background |
| ALi5289 | U | ALi5289.exe | Related to Uli_Integrated_Drivers from Uli Electronics Inc. Note: Located in C:\Program Files\ULI5289\ |
| Avtray | U | Avtray.exe | Command_Antivirus tray icon - NOTE: do NOT confuse with the rogue WinAntivirus startup/process as described here |
| auto repair system | X | qualityx.exe | Unidentified worm, probably a W32.SpyBot variant
|
| APIClass | X | lexplore_.exe | Added by the Troj/MSNOpt-A
TROJAN!
Note: This trojan file is found in the System (95/98/ME) or System32 (NT/2000/XP) folder. |
| AV UpDate | X | Update.exe | Added by the TROJ_ROOTKIT.H
TROJAN!
Read the link, rootkit type stealth involved.
|
| AllToTray | U | ALLTOTRAY.EXE | Related to AlltoTray from DNTSoft. Minimize ANY program to your System Tray. |
| Adobe Photoshop 7.0 | X | AdobePhotoshop.exe | Added by a variant of the W32/SDBOT WORM! - NOTE: Do NOT confuse with the Adobe photo editing software of the same name! |
| Auto updat | X | crcss.exe | Added by the SDBOT.AAG WORM! Read the link, keylogger/password stealing trojan(s) involved. |
| Aim Plugin | X | aimplugin.exe | Added by the W32/Guap-F
WORM!
Note: This worm file is found in the System (95/98/ME) or System32 (NT/2000/XP) folder. |
| ANIWZCS2Service | Y | WZCSLDR2.exe | ALPHA_Networks wireless driver |
| AIM | U | AIM+.exe | AIM_plus a free add-on to AOL's Instant Messenger for Windows from Big-O Software |
| advap32 | X | ~tmp1174.exe | Added by an unidentified TROJAN! Note: of the Win32/Rbot Family. Note: located in %userprofile%\ Note: Use SDFix under supervision. |
| Antivirus2008y | X | antvrs.exe | Added by the Antivirus_2008 rogue anti-spyware program. Note: Located in \%Program Files%\Antivirus2008y\Note: Use Malwarebytes RogueRemover tool. |
| avast! | Y | ashDisp.exe | Part of Avast! anti-virus software |
| acc | U | acc.exe | Advanced Call Center - "full-featured yet easy-to-use answering machine software for your voice modem" |
| Antivirus | X | av.exe | Added by the SINKIN VIRUS! Resets IE start page to realphx.com |
| AntiClicker | X | SVCHST32.EXE | Added by the CBH TROJAN!
|
| ATI Launchpad | U | launchpd.exe | Convenient way to start all your Multimedia Center applications (DVD, Video CD, CD Audio, File Player). You can right-click LaunchPad, and uncheck Load on Startup in the menu |
| apisvc.exe | X | apisvc.exe | Added by a variant of the Lamebot TROJAN! |
| Auth Starter Ident | X | startauth.exe | Added by the W32/RBOT-WP WORM! Read the link, keylogger/password stealing trojan(s) involved. |
| Anti-Virus | X | (random,name).exe | Troj/Caprobad-A Read the link, allows remote access |
| AVP | X | (Path to trojan,EXE) | Added by the Troj/Mutbo-A
TROJAN!
|
| ARCHIVE CONTROL | X | fixupdattr.exe | Added by the W32.MYTOB.GU WORM! |
| Aqua Dock | Y | Aqua Dock.exe | Aqua_Dock "a free program that allows you to have an “OS X” style, nice animated launchbar / taskbar on your screen that reacts to your mouse when you mouse over it. Users can customize the look of each item on the dock and set various animation options for when the mouse is over an item on the dock. It is very easy to configure.
" |
| Automatic Media Update | X | CACHE.RVD | Added by the Troj/Bckdr-QHR TROJAN! Note: This trojan is located in C:\%WINDIR%\System32\ (XP/WinNT/2K) Read the link, allows remote access |
| Ai Quicker Help | U | AsRc.exe | Related to Asus_DH_Remote media portal launcher. Note: Located in \%Program Files%\ASUS\ASUS DH Remote\ |
| advap32 | X | loader.exe | Identified as a variant of the Trojan.Kobcka.DF malware. Note: located in \%WINDIR%\TEMP\ Note: Use SDFix under supervision. |
| alkasr | X | ÎäÒíÑ.exe | Added by the BALKART VIRUS |
| Alevir | X | Alevir.exe | Added by the OPASERV.F or OPASERV.G VIRUSES! |
| AccessRampLAN01 | N | ARUpld32.exe | Version of the above for LAN connections - a history uploader. The key in turning it off is a file named ARUCfg32.exe. This file (ARUCfg32.exe) does not show up in the startup process. If you have this file, you can execute it and remove all the monitoring activities it does. Removing all the checks in all the boxes (both tabs) still calls ARUpld32.exe to start when you start the dial up. You can block it from sending info if you have Zone Alarm installed. Renaming the extension of ARUCfg32.exe to ARUCfg32.exe1 works. The ARUpld32.exe is not loaded when launching the dial up client. Written by IP Insight and also included with Earthlink Total Access 2003 |
| Adult_Chat | X | Adult_Chat.exe | Adult content dialler |
| Actual Window Minimizer | U | ActualWindowMinimizerCenter.exe | Related to Actual_Window_Minimizer allows minimizing any window to task tray notification area or to the edge of the screen. Note: located in C:\Program Files\Actual Window Minimizer\ |
| ATI Display Driver | X | atixd.exe | Added by the W32/Rbot-FOV WORM! Note: This worm\trojan is located in C:\Windows\System\drivers\ (Win9x/Me), C:\%WINDIR%\System32\drivers\ (XP/WinNT/2K) |
