Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

HijackThis automated log analyzer! Get your logs analyzed INSTANTLY!

Svchost.exe

What is it?
Service Host Process - svchost.exe

What does it do?

Here's a direct quote from MS about this: (source)
Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

Svchost.exe groups are identified in the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost

Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService

If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it.

1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt

Here's an example of what I got when I issued this command if you'd like to take a look at an example.

A Description of Svchost.exe in Windows XP:
http://support.microsoft.com/?kbid=314056

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.



wdsvc.exe

wdsvc.exe - This is from Dantz Retospect backup process from EMC, while running this should not remove.



wins.exe

wins.exe - This is the pre decessor to the current DNS service, this offers computer name resolution services for your LAN only terminate when not in use.



dwwin.exe

dwwin.exe Application Error


One of the biggest things being searched for on this site right now is dwwin.exe. The reason for this is because it displays during quite a few common fatal error messages.

First of all dwwin.exe is Dr Watson which is used by the error reporting tool. Alot of security related applications will throw up warning flags about this file trying to read, write or modify a number of other .exe files. This isn't anything to worry about because it's only trying to investigate "events" that it believes is causing problems that may lead to crashing.

File can be found:
*:windowssystem32dwwin.exe

The biggest complaint about the error reporting service is it causing alot of various applications to not load or crash during use. Quite a few of these can be fixed by downloading updates from windows update and scanning for viruses/spyware but alot of others simply won't be fixed with the currently available updates. In that case you'll want to just disable the service! After that 90% of the time the program will then run properly. I have been telling people to disable this service in quite a few of my guides. If you've found this article through a search engine you'll want to disable it now.

I've written an article dedicated to stopping this error reporting tool from running. Read it here. An overview of the error reporting process can be found @ Microsoft's site.



lsass.exe

What is it?
Local Security Authentication Server - lsass.exe

What does it do?
lsass.exe - It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token.

You will not be able to end this through task manager!

From MS



The lsass.exe which is from Microsoft is located at c:windowsSystem32lsass.exe . there's a few viruses that have been found to run as lsass.exe to hide from you.



S3apphk.exe

S3apphk.exe - This is installed with drivers for your S3 video output device, this allows access to more configurations and diagnostics, this is non essential only terminate if causing problems.



CHKADMIN.EXE

CHKADMIN.EXE - This is a process from the tray bar for Compaq Network Managment System, it lets the user access manage network resources.



webrebates0.exe

webrebates0.exe


What is it?
Top Rebates - webrebates0.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



bxxs5.dll

bxxs5.dll


What is it?
BookedSpace - bxxs5.dll

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

This bug sends popup ads to you from time to time while you're online. This decreases the value of the ads on the sites you're visiting. Please clean this thing off your system so that sites like this can make more money This is also a BHO or Browser Help Object

Removal Instructions:
Our guide has been posted here.


Also .



csrss.exe

What is it?
csrss.exe - Client/Server Runtime Server Subsystem

What does it do?
This is the user-mode portion of the Win32 subsystem (with Win32.sys being the kernel-mode portion). Csrss stands for client/server run-time subsystem and is an essential subsystem that must be running at all times. Csrss is responsible for console windows, creating and/or deleting threads, and some parts of the 16-bit virtual MS-DOS environment.

You will not be able to end this through task manager!

More info

Virus Precaution:

The csrss.exe which is from Microsoft is located in the %Windows/System32/csrss.exe folder.
There have been quite a few different viruses that masquerade as this file. If you find it in a location like C:\DOCUME~1\Home\LOCALS~1\Temp\csrss.exe you will probably need to run combofix to clear this.

Nimda.E - Symantec Corporation



Smss.exe

What is it?
Session Manager SubSystem - smss.exe

What does it do?
smss.exe - This is the session manager subsystem, which is responsible for starting the user session. This process is initiated by the system thread and is responsible for various activities, including launching the Winlogon and Win32 (Csrss.exe) processes and setting system variables. After it has launched these processes, it waits for either Winlogon or Csrss to end. If this happens "normally," the system shuts down; if it happens unexpectedly, Smss.exe causes the system to stop responding (hang).

Additional Reading:
Smss.exe does not resolve forward references in environment

You will not be able to end this through task manager!

More info



Virus Precaution:

The smss.exe which is from Microsoft is located at c:windowsSystem32smss.exe . We've been able to find several viruses that run as smss to trick you.

Adware.Advision - Symantec Corporation
Adware.DreamAd - Symantec Corporation
Backdoor.IRC.Aladinz.O - Symantec Corporation
Backdoor.IRC.Flood.F - Symantec Corporation
W32.Dalbug.Worm - Symantec Corporation
W32.Resdoc - Symantec Corporation



vic32.dll

vic32.dll


What is it?
Top Rebates - vic32.dll

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



Spoolsv.exe

What is it?
SPOOLer SerVice - spoolsv.exe

What does it do?
spoolsv.exe - The spooler service is responsible for managing spooled print/fax jobs

You will be able to end this through task manager!

More info



Virus Precaution:
The spoolsv.exe which is from Microsoft is located at c:windowsSystem32spoolsv.exe . We've been able to find several viruses that run as spoolsv to trick you.

Backdoor.Ciadoor.B - Symantec Corporation
Hacktool.Privshell - Symantec Corporation
VBS.Masscal.Worm (vbs) - Symantec Corporation
Graybird-A @ Sophos



internat.exe

What is it?
loads the different input locales - internat.exe

What does it do?
Internat.exe runs at startup; it loads the different input locales that are specified by the user. The locales to be loaded for the current user are taken from the following registry key: HKEY_CURRENT_USERKeyboard LayoutPreload

Internat.exe loads the "EN" icon into the system tray, allowing the user to easily switch between locales. This icon disappears when the process is stopped, but the locales can still be changed through Control Panel.

Note The locales for the "System" are loaded from here: HKEY_USERS.DEFAULTKeyboard LayoutPreload

These locales are used by system services that are running under the Local System account or when no user is logged on (for example, at the logon prompt).

You will be able to end this through task manager!

More info



Virus Precaution:
The internat.exe which is from Microsoft is located at c:windowsSystem32internat.exe . We've been able to find two viruses that run as internat to trick you.

PWSteal.Netsnake Symantec
Win32.HLLW.Ghotex.A [KAV] Symantec



webrebates1.exe

webrebates1.exe


What is it?
Top Rebates - webrebates1.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



cashback.exe

cashback.exe


What is it?
Top Rebates - cashback.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



dfssvc.exe

All of us paranoid people keep a very close eye on what processes are running in the background. I already took a look at

Alg.exe
csrss.exe
Dfssvc.exe
dwwin.exe
internat.exe
lsass.exe
msdtc.exe
smss.exe
spoolsv.exe
svchost.exe

Today I'm hoping to explain to you guys what dfssvc is.

What is it?
Distributed File System

What does it do?
Microsoft Distributed File System does for servers and shares what file systems do for hard disks. File systems provide uniform named access to collections of sectors on disks; Dfs provides a uniform naming convention and mapping for collections of servers, shares, and files. Thus, Dfs makes it possible to organize file servers and their shares into a logical hierarchy, making it considerably easier for a large corporation to manage and use its information resources. In addition, Dfs is not limited to a single file protocol and can support the mapping of servers, shares, and files, regardless of the file client being used, provided that the client supports the native server and share.

You CAN end this process through task manager!

Quoted From:
Additional Reading

Virus Precaution:
The dfssvc.exe which is from Microsoft is located in the c:windowsSystem32 folder. We've been unable to find any threats that run as dfssvc to trick you.



msdtc.exe

What is it?
Distributed Transaction Coordinator - msdtc.exe

What does msdtc.exe do?
The best straight up explanation of this was found on THIS page. A quote from part of it:

MSDTC is an acronym for Microsoft Distributed Transaction Coordinator. As the name says, MSDTC is a Windows service providing transaction infrastructure for distributed systems. In this case, a transaction means a general way of structuring the interactions between autonomous agents in a distributed system. Each transaction is a state transformation with four key properties - the ACID properties: Atomic (all or nothing), Consistent (legal), Isolated (independent of concurrent transactions) and Durable (once it happens, it cannot be abrogated).
More Details

Virus Precaution:
The msdtc.exe which is from Microsoft is located at c:windowsSystem32msdtc.exe. We've been unable to find any threats that run as msdtc.exe to trick you.



ctfmon.exe

What is it?
Language bar AKA Alternative User Input Services - ctfmon.exe

What does it do?
ctfmon.exe - it's an ever annoying helper tool that comes rather unexpectedly at times and liked by nearly nobody.

Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies.

Loads of information can be found on microsoft's site here.

Unless you're using anything in that list above you'll want to stop this file from loading!

How do I get rid of it?
There's been a number of threads in our forum as well as others about this. A typical thread can be found here.

control panel --> regional and language options --> languages tab --> details button --> language bar button

Virus Precaution:
Just like so many of the other files I've written about so far, ctfmon.exe is located in the c:windowsSystem32ctfmon.exe. At the time of this writing there isn't any spyware, viruses or anything like that masking itself as this file. If you find any info on one then please let me know!



3_0_1browserhelper3.dll

3_0_1browserhelper3.dll


What is it?
Top Rebates - 3_0_1browserhelper3.dll

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



mstask.exe

What is it?
MS Task scheduler - mstask.exe

What does it do?
mstask.exe - Gives you the ability to schedule tasks to be run at certain on certain days and times. I use it to automate as many tasks as I possibly can.

Virus Precaution:
When googling I was able to find

W32/Opaserv -H
W32.Myparty@mm

The mstask.exe which is from Microsoft is located at c:windowsSystem32mstask.exe . If you find it anywhere else then you should be suspicious for sure.



djtopr1150.exe

djtopr1150.exe


What is it?
Top Rebates - djtopr1150.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.


Also .



nvsvc32.exe

What is it?
NVIDIA Driver Helper Service - nvsvc32.exe

What does it do?
nvsvc32.exe - For all of you that have video cards that utilize one of the Nvidia chipsets running under Windows NT4/2k/XP/2k3 they install a driver help service. We have emailed Nvidia asking them about this but haven't been able to get a response. I was able to to end this task without any issues.

There have been a number of reports that say this service is the root of some nasty shutdown slowdowns! Even though I haven't experienced this personally, Black Viper is a source that I trust and he has stated this service has caused extreme slowdowns during shutdown.

There's been a number of rumors posted that state that this is some form of spyware. I have not found it to transmit any form of data while I've been using it. I also don't believe Nvidia is stupid enough to package spyware and send it to their massive installation base.

You'll want to visit nvidia.com for more information about them and their products. You may also want to download the latest drivers from them.

Virus Precaution:
nvsvc32.exe is located at c:windowsSystem32 vsvc32.exe . We've been unable to find any threats that run as nvsvc32.exe to trick you.



alg.exe

What is it?
Application Layer Gateway - alg.exe

What does it do?
This program provides optional utilities like the Windows Firewall and ICS. If you're not using either one of them then you should not be seeing this program run.

You CAN end this process through task manager. ICS and the Windows firewall will quit working though.

More Reading

Virus Precaution:
The alg.exe which is from Microsoft is located at c:windowsSystem32alg.exe .



wsup.exe

wsup.exe


What Is It?
Ibis Toolbar - wsup.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



Gdqfw.exe

What is it?
Gdqfw.exe is a file associated with the w32.beagle@mm worm

What does it do?
the beagle worm W32.Beagle.AQ@mm is a variant of W32.Beagle.AO@mm, which is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to Trojan.Mitglieder and Download.Ject.C, which downloads the worm from an external source.

Removal
@symantec



explore.exe

What is it?
GRAYBIRD.G virus explore.exe

What does it do?
This sucker allows unauthorized access to an infected persons system! The Trojan is written in Borland Delphi and is compressed with ASPack.

Removal:
Symantec has the full dirt (HERE)



taskswitch.exe

What is it?
MS PowerToys Task Switcher

What does taskswitch.exe do?
This The cooler version of alt-tab which displays a little thumbnail of each window. You can download it and other useful utilites here:

MS Powertoys

OR Directly from us here

Virus Precaution:
The original file from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. Currently there've been 0 reports.



taskmgr.exe

What is it?
Windows Task Manager

What does it do?
This is the application that comes up in windowsk 2k/xp/2k3 when you hit Ctrl+Alt+Del together. This is used for ending applications and processes that are either no longer responding.

The other thing that this is good for is probably what brought you to this site Basically you can get a list of ALL processes running and if you were doing a search for taskmgr.exe then you already know what this screen looks like so I won't bother posting an image of it.

Search MS for more info: Link

Virus Precaution:
The original file from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. Currently there've been 0 reports. Everything in that search isn't related to this particular file.



Winlogon.exe

What is it?
Windows Logon Process - Winlogon.exe

What does it do?
Direct Quote from here:
This is the process responsible for managing user logon and logoff. Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL, at which point it shows the security dialog box.

Search MS for more info: Link

Virus Precaution:
The original Winlogon.exe from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. We've been able to find only 1 report of a virus so far.

Troj/Madr-B @ Sophos
Netsky.D @ Trend Micro



Winmgmt.exe

What is it?
Windows Management Service -winmgmt.exe

What does winmgmt.exe do?
Direct quote from THIS MS Doc:

A core component of client management. This process starts when the first client application connects, or when management applications request its services.


Search MS for more info: Link

Virus Precaution:
The original winmgmt.exe from Microsoft gets placed at C:WINDOWSSystem32winmgmt.exe . if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. Currently there've been 0 reports. Everything in that search isn't related to this particular file.



DLLhost.exe

What is it?
DCOM DLL Host Process - dllhost.exe

What does it do?
dllhost.exe - DCOM DLL host process supports DLL-based COM objects and is used by many Windows programs. .NET Runtime and IIS are probably the two most common applications that use this process.

What's DCOM? "A wire protocol that enables software components to communicate directly over a network"

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the C:WINDOWSSystem32dllhost.exe directory. if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus.

Nachia-A @ Sophos



explorer.exe

What is it?
Windows Explorer - explorer.exe

What does it do?
explorer.exe - Below is a direct quote from Microsoft found on THIS page:

This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system.

I have found that stopping this process is needed sometimes to stop some other processes.

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus.

Deloder-A @ Sophos
MyDoom.B @ Symantec



mdm.exe

What is it?
Machine Debug Manager - mdm.exe

What does it do?
mdm.exe - Below is a direct quote from Microsoft found on THIS page:

The Machine Debug Manager, Mdm.exe, is a program that is installed with the Microsoft Script Editor to provide support for program debugging. The Microsoft Script Editor is included with Microsoft Office 2000, and also can be obtained from the Microsoft Windows Update Web site.

The Machine Debug Manager runs as a service and is loaded when your computer starts. If you do not use your computer for debugging purposes, you can safely turn off the Machine Debug Manager.

This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system.

Unless you're a code monkey doing some debugging turn this sucker off!

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed at C:WINDOWSSystem32mdm.exe . if you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



msmsgs.exe

What is it?
Windows Messenger AKA MSN Messenger - msmsgs.exe

What does it do?
msmsgs.exe - This is Microsofts version of AIM or ICQ. Just like Internet Explorer they've been forcing it upon people for years being installed on your system by default. They hope that you will use their IM/Chat app instead of downloading and installing a seperate one. Below is a way to stop it from automatically starting up.

If you don't use Windows Messenger, you can disable it as follows: Start -> Programs -> Windows Messenger -> Tools -> Options -> Preferences. Uncheck "Run this program when Windows Starts

To fully remove the app you'll need to modify a windows file:

X:Windowsinfsysoc.inf (replace X with your windows drive)

Open it and look for:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf, hide ,7

Change that to this:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,,7

Now under add/remove --> Windows Components you'll have the option to remove this ;)

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:Program FilesMessengermsmsgs.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



regsvc.exe

What is it?
Remote Registry Service - regsvc.exe

What does it do?
regsvc.exe - This service allows access to the Windows registry from remote computers. This service is needed on nearly all corporate computers to allow things like applications to be installed remotely. It's also handy for remotely tweaking our other systems :)

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:WINNTsystem32regsvc.exe. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



iaanotif.exe

What is it?
IAA Event Monitor User Notification Tool - iaanotif.exe

What does it do?
iaanotif.exe - IAA Event Monitor User Notification Tool is part of Intel? Application Accelerator which is a software package that is made for PCs using Intel chipsets that replaces the ATA drivers that come with windows.

More Info

Virus Precaution:
The original iaanotif.exe is placed in the C:Program FilesIntelIntel Application Accelerator directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



wisptis.exe

What is it?
Windows Ink Services Platform Tablet Input Subsystem - wisptis.exe

What does it do?

This executable runs as a system service that provides pen-data collection. If you're not using a tablet PC or a tablet with your PC this does not need to be running. The executable's name is an acronym that references an outdated internal name for the team that developed it (Windows Ink Services Platform Tablet Input Subsystem).

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:WINDOWSSystem32wisptis.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.


.



wmiexe.exe

What is it?
Windows Management Instrumentation - wmiexe.exe

What does it do?
wmiexe.exe - Here's a direct quote from MS about this: (source)
Effective management of PC and server systems in an enterprise network benefits from well-instrumented computer software and hardware, which allow system components to be monitored and controlled, both locally and remotely. Microsoft is committed to simplifying instrumentation of hardware and software under Microsoft? Windows? operating systems. Microsoft is also committed to providing consistent access to this instrumentation for both Windows-based management systems and legacy management systems that are hosted in other environments.

In Win98/NT/2000 this is a seperate process whereas in XP it is a part of svchost

More Info
More Info

Virus Precaution:
The original wmiexe.exe from Microsoft gets placed in the Located at C:WINDOWSSystem32wmiexe.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



NvCpl.dll

What is it?
Nvidia Control Panel - NvCpl.dll

What does it do?
NvCpl.dll - This is loaded as a startup item. This loads the Nvidia Control Panel which is where you can tweak a ton of settings and overclock your card. Without this your drivers will be rather messed up and may or may not work properly.

This is a windows startup item.? If you're looking at your HJT log you will see a line that looks something like this:
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is :WINDOWSsystem32NvCpl.dll



NvMcTray.dll

What is it?
Nvidia Media Center Tray - NvMcTray.dll

What does it do?
NvMcTray.dll - This is loaded as a startup item. This is the tray icon to easily change a number of settings. Games like everquest actually need this to be running.

This is a windows startup item.? If you're looking at your HJT log you will see a line that looks something like this:
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSsystem32NvMcTray.dll



wmiprvse.exe

What is it?
Windows Management Instrumentation Provider Host program - wmiprvse.exe

What does it do?

Here's a direct quote from MS about this: (source)
Effective management of PC and server systems in an enterprise network benefits from well-instrumented computer software and hardware, which allow system components to be monitored and controlled, both locally and remotely. Microsoft is committed to simplifying instrumentation of hardware and software under Microsoft? Windows? operating systems. Microsoft is also committed to providing consistent access to this instrumentation for both Windows-based management systems and legacy management systems that are hosted in other environments.

In Win98/NT/2000 this is a seperate process whereas in XP it is a part of svchost

More Info
More Info

See Also wmiexe.exe

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:WINDOWSSystem32wbemwmiprvse.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

.

W32/Sonebot-B @ Sophos.com



wuauclt.exe

What is it?
Windows Update Automatic Client - wuauclt.exe

What does it do?
wuauclt.exe - This is used by the automatic update tool in Windows ME to check the Windows Update site every so often to see if any updates need to be installed.

More Info
More Info

Virus Precaution:
The original wuauclt.exe from Microsoft gets placed in the Located at C:WINDOWSSystem32wuauclt.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

.

Backdoor.Clt @ Symantec Corporation
Troj/Cult-B @ Sophos



rundll32.exe

What is it?
Run a DLL as an App - rundll32.exe

What does it do?
Direct Quote from MS: (Source)
Microsoft Windows 95, Windows 98, and Windows Millennium Edition (Me) contains two command-line utility programs named Rundll.exe and Rundll32.exe that allow you to invoke a function exported from a DLL, either 16-bit or 32-bit. However, Rundll and Rundll32 programs do not allow you to call any exported function from any DLL. For example, you can not use these utility programs to call the Win32 API (Application Programming Interface) calls exported from the system DLLs. The programs only allow you to call functions from a DLL that are explicitly written to be called by them. This article provides more details on the use of Rundll and Rundll32 programs under the Windows operating systems listed above.

More Info
More Info

Virus Precaution:
The original file from Microsoft gets placed in the Located at C:WINDOWSSystem32 undll32.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses.

.

W32.Miroot.Worm @ Symantec
Backdoor.Lastdoor @ Symantec
Trojan.StartPage @ Symantec



autorun.exe

What is it?
Autorun autorun.exe

What does it do?
AutoRun.exe is a Win32 executable program intended for use with the Windows 95, 98, Me, NT4, 2000, and XP AutoRun facility. As you are probably aware, this facility (if enabled) will automatically run an executable as soon as a CD-ROM is inserted into the CD drive of the computer.

More Info
More Info

Virus Precaution:
This is found on various CDs that you put in. The contents and locations vary by CD.

You'll want to keep an eye on this google search for any known viruses.

W32.Tulu.A @ RAV
Troj/Digits-B @ Sophos



cmd32.exe

What is it?
P2P.TANKED virus cmd32.exe

What does it do?
Worm spreading through Kazaa

Virus Library has the full dirt (source)

The worm has a powerful backdoor routine that connects to an IRC channel and listens to commands from its "master".

The worm itself is a Windows PE EXE file about 100KB in length and written in Microsoft Visual C++. The worm is compressed by the UPX file compression utility and then encrypted with the "Krypton" Win EXE file encryptor.

When the infected file is run, the installation routine gains control.

Removal:
Virus Library has the full dirt (HERE)



zlclient.exe

What is it?
Zone Alarm - zlclient.exe

What does it do?
zlclient.exe is a part of Zone Labs Internet Security. You should not end this process for any reason. This is the firewall I use behind my router as a second level of protection. The most important part of this is having to give permission to applications before they access the internet in any way. routers and the windows firewall have a tendency to allow anything out and only blocking inbound connections.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program Filesone LabsoneAlarmzlclient.exe



wupdt.exe

What is it?
IMISERV VIRUS wupdt.exe

What does it do?
Backdoor.Imiserv connects and sends data to a predefined Web site. It is written in the Microsoft C/C++ program language.

Removal:
Symantec has the full dirt (HERE)



fsdfwd.exe

fsdfwd.exe - This processi s from F-Secure anti-virus suite, for a secure computer do not terminate.



pds.exe

pds.exe - This process is with Intel LANDesk management suite software, this discovers registered products on your computer, this is non essential only terminate if causing problems.



KEYBDMGR.EXE

KEYBDMGR.EXE - This process is only mandatory for some keyboards it is used to operate extra functioning keys, terminateing this would stop those keys from working.



kernel32.exe

What is it?
Floodnet virus kernel32.exe

What does it do?
This is a remote access trojan and worm. When run, it attempts to send a message to the alias
"All Users" using Microsoft Outlook. If this address is not present in a local or global address book, or not an alias on the specified SMTP server, then the message will not get sent.

Removal:
VSS has the full dirt (HERE)



msblast.exe

What is it?
MSBlast Worm msblast.exe

What does it do?
W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (first described in Microsoft Security Bulletin MS03-026 )(users are recommended to patch this vulnerability by applying Microsoft Security Bulletin MS03-039 ) using TCP port 135. The worm targets only Windows 2000 and Windows XP machines. While Windows NT and Windows 2003 Server machines are vulnerable to the aforementioned exploit (if not properly patched), the worm is not coded to replicate to those systems. This worm attempts to download the msblast.exe file to the %WinDir%system32 directory and then execute it. W32.Blaster.Worm does not have a mass-mailing functionality.

Removal:
Symantec has the full dirt (HERE)



kazza.exe

What is it?
Backdoor.OptixPro.12 Trojan kazza.exe

What does it do?
Backdoor.OptixPro.12.c, a variant of the Backdoor.OptixPro.12 Trojan Horse, can provide its creator unauthorized access to an infected computer. By default, this Trojan opens port 3410 on a compromised computer. The existence of the file Kazza.exe is an indication of a possible infection.

Removal:
Symantec has the full dirt (HERE)



service.exe

What is it?
Worm.Win32.Raleka service.exe

What does it do?
Raleka is a worm-virus that spreads through the Internet by exploiting a vulnerability in the DCOM RPC service in Microsoft Windows. This vulnerability is detailed in Microsoft Security Bulletin MSO3-026 .

The infected file is approx. 14KB in size when packed by UPX.

Removal:
VirusList has the full dirt (HERE)



mwsvm.exe

What is it?
ADW_SCANPORTAL.A - MWSVM.EXE, IEASST.DLL, MWSVM.OCX

What does it do?
This adware program downloads updates of itself from specified Internet addresses listed in its body. It also downloads ads and displays them as popups in the system.

This adware also downloads data from advertisements and saves them its log files. It also changes the Internet Explorer search assistant.

Removal:
Trend Micro has the full dirt ( HERE )



Avserve2.exe

What is it?
WORM_SASSER.B - AVSERVE2.EXE

What does it do?
This worm exploits the Windows LSASS vulnerability , which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of affected systems. This vulnerability is discussed in detail in the following pages:

Upon execution, it drops a copy of itself in the Windows folder as AVSERVE2.EXE.

Removal:
Trend Micro has the full dirt ( HERE )



Avserve.exe

What is it?
WORM_SASSER.A - AVSERVE.EXE

What does it do?
This worm exploits the Windows LSASS vulnerability , which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of affected systems.This vulnerability is discussed in detail in the following pages:

To propagate, it scans the network for vulnerable systems. When it finds a vulnerable system, this malware sends a specially crafted packet to produce a buffer overflow on LSASS.EXE.

It creates the script file CMD.FTP, which contains instructions for the vulnerable system to download and execute a copy of this malware from a remote infected system using FTP on TCP port 5554.

Removal:
Trend Micro has the full dirt ( HERE )



Fvprotect.exe

What is it?
WORM_NETSKY.P - FVPROTECT.EXE

What does it do?
This NETSKY variant propagates via email using its own Simple Mail Transfer Protocol (SMTP) engine.

It exploits a known vulnerability affecting Internet Explorer involving incorrect MIME Header (MS01-020), which allows the automatic execution of email attachments while an email is read or previewed. More information on this vulnerability is available at:

The email that it sends out has varying subjects, message bodies, and attachment file names. It gathers email addresses from files with certain extension names.

It also attempts to propagate via network shares by dropping copies of itself on certain folders found in the affected system.

It deletes several autorun registry entries in an attempt to prevent the automatic execution of BAGLE, NACHI, MYDOOM and DEADHAT worms. It also deletes certain registry keys.

Removal:
Trend Micro has the full dirt ( HERE )



Jammer2nd.exe

What is it?
WORM_NETSKY.Z - Jammer2nd.exe

What does it do?
This NETSKY variant propagates via email using its own Simple Mail Transfer Protocol (SMTP) engine.

It gathers email address from files with certain extension names to spoof the "From:" field of the email. It randomizes the email?s subject, message body and attachment names from lists of specific strings and file names present in the malware code. It may use several external DNS servers for its propagation routine, which are hardcoded in its body.

This malware also has backdoor capabilities. It listens to port 665 for commands from remote users. Once outside connection is established, this malware is then able to download and execute files on infected systems.

Removal:
Trend Micro has the full dirt ( HERE )



bridge.dll

What is it?
Adware.Winfavorites - bridge.dll

What does it do?
Adware.WinFavorites is an adware program that downloads advertisements onto your computer.

Transmission
This adware program must be manually installed or installed as a component of another program.

Also using:
bridge.exe
winfavorites.exe
bridge.dll
bridge.inf
jao.dll

Adware.WinFavorites is an adware program that may have two components: an executable file and a Browser Helper Object.

A common error with this is:
error loading c:WindowsSystem32ridge.dll during startup.

Removal:
Symantec has the full dirt ( HERE )



bridge.exe

What is it?
Adware.Winfavorites - bridge.dll

What does it do?
Adware.WinFavorites is an adware program that downloads advertisements onto your computer.

Also using: bridge.exe
winfavorites.exe
bridge.dll
bridge.inf
jao.dll

Adware.WinFavorites is an adware program that may have two components: an executable file and a Browser Helper Object.

Removal:
Symantec has the full dirt ( HERE )



isass.exe

What is it?
TROJ_ISAPASS.A - ISASS.EXE

What does it do?
It then transfers control of execution to the dropped file ISASS.EXE.

It deletes PWL files found on the system and performs key logging routines.

It runs on Windows 95, 98, NT, ME, 2000, and XP.

Also using:

  • MSSVCHST.DLL
  • MSHLPAPI.DLL

Removal:
Trend Micro has the full dirt ( HERE )



WINdirect.exe

What is it?
W32.Beagle.AO@mm OR TROJ_MITGLIEDR.S WINdirect.exe

What does it do?
I've dug up reports of two different Viruses running a file with this name.
Mitgliedr:
This Trojan may arrive on a system either by installation by another malware or by manual installation by a user.
Beagle:
is a mass mailing worm that uses its own SMTP engine to spread. The email attachment is a Mitglieder-like downloader that brings the worm from external sources.

Removal:
TROJ_MITGLIEDR.S
W32.Beagle.AO@mm



java.exe

What is it?
Possibly One of Symantecs top threats currently - W32.Mydoom.M@mm - Java.exe

What does it do?
W32.Mydoom.M@mm is a mass-mailing worm that drops and executes a backdoor, detected as Backdoor.Zincite.A , that listens on TCP port 1034. The worm uses its own SMTP engine to send itself to email addresses it finds on the infected computer.

Removal:
Symantec has the full dirt ( Here )



winxp.exe

What is it?
W32.Beagle.AG@mm - winxp.exe

What does it do?
W32.Beagle.AG@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.

The subject line, body, and attachment name of the email vary. The attachment will have a .com, .cpl, .exe, .scr, or .zip file extension. If the file attachment is a .zip file, it will be password protected. This zip file will be detected as W32.Beagle@mm!zip .

The worm is packed with PeX.

Removal:
Symantec has the full dirt ( Here )



sysxp.exe

What is it?
W32.Beagle.AB@mm - sysxp.exe

What does it do?
W32.Beagle.AB@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1080.

The subject line, body, and attachment name of the email vary. The attachment will have a .com, .cpl, .exe, .scr, or .zip file extension.

The worm is packed with UPX.

Removal:
Symantec has the full dirt ( Here )



fsg_4104.exe

What is it?
Gain/Gator/Claria - fsg_4104.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



gator.exe

What is it?
Gain/Gator/Claria - gator.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



guninstaller.exe

What is it?
Gain/Gator/Claria - guninstaller.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



gmt.exe

What is it?
Gain/Gator/Claria - gmt.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



cmesys.exe

What is it?
Gain/Gator/Claria - cmesys.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



gatorstubsetup.exe

What is it?
Gain/Gator/Claria - gatorstubsetup.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



kazaa.exe

What is it?
Kazaa

What does it do?
Kazaa is the most popular filesharing application out currrently. Just like companies like Napster their days are numbered. Being number one in an industry like this means you'd better have some of the best lawyers that money can buy! This means you'd better have gobs of cash floating around which means selling your data and displaying ads. According to them they have no spyware. " No application included with your KMD installation, or KMD itself, collects personally identifiable information about users without their consent." and also " Kazaa Media Desktop contains banner advertising and the option to install other third party applications in order to remain free to the user." To sum it up, it may have some spyware type applications that are "optional" PLUS the ads themselves by alot of peoples definition is in fact spyware

Removal Instructions:
Kazaa adware & spyware removal



mmod.exe

What is it?
Kazaa

What does it do?
Kazaa is the most popular filesharing application out currrently. Just like companies like Napster their days are numbered. Being number one in an industry like this means you'd better have some of the best lawyers that money can buy! This means you'd better have gobs of cash floating around which means selling your data and displaying ads. According to them they have no spyware. " No application included with your KMD installation, or KMD itself, collects personally identifiable information about users without their consent." and also " Kazaa Media Desktop contains banner advertising and the option to install other third party applications in order to remain free to the user." To sum it up, it may have some spyware type applications that are "optional" PLUS the ads themselves by alot of peoples definition is in fact spyware

Removal Instructions:
Kazaa adware & spyware removal



pgmonitr.exe

What is it?
Kazaa

What does it do?
Kazaa is the most popular filesharing application out currrently. Just like companies like Napster their days are numbered. Being number one in an industry like this means you'd better have some of the best lawyers that money can buy! This means you'd better have gobs of cash floating around which means selling your data and displaying ads. According to them they have no spyware. " No application included with your KMD installation, or KMD itself, collects personally identifiable information about users without their consent." and also " Kazaa Media Desktop contains banner advertising and the option to install other third party applications in order to remain free to the user." To sum it up, it may have some spyware type applications that are "optional" PLUS the ads themselves by alot of peoples definition is in fact spyware

Removal Instructions:
Kazaa adware & spyware removal



topsearch.dll

What is it?
Kazaa

What does it do?
Kazaa is the most popular filesharing application out currrently. Just like companies like Napster their days are numbered. Being number one in an industry like this means you'd better have some of the best lawyers that money can buy! This means you'd better have gobs of cash floating around which means selling your data and displaying ads. According to them they have no spyware. " No application included with your KMD installation, or KMD itself, collects personally identifiable information about users without their consent." and also " Kazaa Media Desktop contains banner advertising and the option to install other third party applications in order to remain free to the user." To sum it up, it may have some spyware type applications that are "optional" PLUS the ads themselves by alot of peoples definition is in fact spyware

Removal Instructions:
Kazaa adware & spyware removal



appconn32.exe

What is it?
Trojan.Cargao.Bappconn32.exe

What does it do?
Trojan.Cargao.B is a Trojan horse program that sends an email to all the addresses that it finds in the Microsoft Outlook address book. It also downloads and runs executable files from the Internet.

Creates the following file:

C:ARQUIVOS DE PROGRAMASARQUIVOS COMUNSappconn32.exe

Note: This file is usually 126,464 bytes in size, but due to a bug in the code, the file may expand to fill the hard disk.

Removal Instructions:
Full dirt @ Symantec



Wintime.exe

What is it?
Downloader.Harnig Wintime.exe

What does it do?
Downloader.Harnig is a program that downloads Trojans, adware, and dialers, and terminates services associated with antivirus software.

Adds an entry "New Dialup Connection" to the RAS phonebook and makes the entry the default. It then attempts to use the modem to dial a predetermined, high-cost phone number and establish a RAS connection.

Removal Instructions:
Full dirt @ Symantec



sdiapp.exe

What is it?
PWSteal.Bancos.I SDIAPP.exe

What does it do?
PWSteal.Bancos.I is a Trojan horse that mimics the online interfaces of certain Brazilian banks to try to steal account information. It is a minor variant of PWSteal.Bancos.H.

This threat is packed using UPX and may be contained in a self-extracting RAR file.

Monitors active Internet Explorer windows, waiting for the user to open a Web page that matches the characteristics of certain banking sites. When such a site is opened, the Trojan displays one of several login screens. The screen is selected according to the URL or HTML page title.

Removal Instructions:
Full dirt @ Symantec



dx32hhlp.exe

What is it?
Backdoor.Nemog dx32hhlp.exe

What does it do?
Backdoor.Nemog is a Backdoor Trojan horse that allows an infected computer to be used as an email relay and HTTP proxy.

This backdoor is dropped by W32.Mydoom.Q@mm

Creates the following files:

Creates the following service so that it executes every time Windows starts:
dx32hhec

Removal Instructions:
Full dirt @ Symantec



winpsd.exe

What is it?
W32.Mydoom.Q@mm winpsd.exe

What does it do?
W32.Mydoom.Q@mm is a mass-mailing worm that downloads an executable file and uses its own SMTP engine to send itself to the email addresses that it finds on the infected computer.

The downloaded file is detected as Backdoor.Nemog .

Creates a mutex named "43jfds93872", so that only one copy of the worm will run on the infected computer

Removal Instructions:
Full dirt @ Symantec



rasor38a.dll

What is it?
W32.Mydoom.Q@mm rasor38a.dll

What does it do?
W32.Mydoom.Q@mm is a mass-mailing worm that downloads an executable file and uses its own SMTP engine to send itself to the email addresses that it finds on the infected computer.

The downloaded file is detected as Backdoor.Nemog .

Creates a mutex named "43jfds93872", so that only one copy of the worm will run on the infected computer

Removal Instructions:
Full dirt @ Symantec



belt.exe

What is it?
Adware.Binet File names: Varies: Bi.dll and Biprep.exe; Belt.exe; Belt.ini; Belt.inf; Susp.exe; Susp.ini; Susp.inf

What does it do?
Adware.Binet is a Browser Helper Object that displays advertisements and downloads and installs files. Being a Browser Helper object this kind of thing is VERY easy to get installed on your system. If you have this then please upgrade your system to Windows XP with SP2 to help you avoid this kind of thing.

Removal:
Symantec has the full dirt ( Here )



biprep.exe

What is it?
Adware.Binet File names: Varies: Bi.dll and Biprep.exe; Belt.exe; Belt.ini; Belt.inf; Susp.exe; Susp.ini; Susp.inf

What does it do?
Adware.Binet is a Browser Helper Object that displays advertisements and downloads and installs files. Being a Browser Helper object this kind of thing is VERY easy to get installed on your system. If you have this then please upgrade your system to Windows XP with SP2 to help you avoid this kind of thing.

Removal:
Symantec has the full dirt ( Here )



susp.exe

What is it?
Adware.Binet File names: Varies: Bi.dll and Biprep.exe; Belt.exe; Belt.ini; Belt.inf; Susp.exe; Susp.ini; Susp.inf

What does it do?
Adware.Binet is a Browser Helper Object that displays advertisements and downloads and installs files. Being a Browser Helper object this kind of thing is VERY easy to get installed on your system. If you have this then please upgrade your system to Windows XP with SP2 to help you avoid this kind of thing.

Removal:
Symantec has the full dirt ( Here )



ati2evxx.exe

What is it?
ATI External Event Utility EXE Module AKA ATI Hotkey Poller - ati2evxx.exe

What does it do?
ati2evxx.exe - This process provides optional features that the majority of us really couldn't care less about. The XT's overdrive feature uses this. If you have an XT you'll probably want to leave this on.

This is installed as a service so you'll need to do the following to disable:
Start --> Run --> services.msc
Find ATI Hotkey Poller and double click it.
Change the startup type to disabled

According to ATI this process is supposed to have 2 instances running. ( link )

The best explanation I've managed to find for this is: (Source)
We have to have the 2 instances to support multisession (fast user switch) support. A system service does not have access to change per user settings on a any session other than the default session. In fast user switch, multiple sessions get created. To be able to change the settings on non-default session we need to create a per user instance of the external event.

Many users have reported this process to slow their boot time down.

Virus Precaution:
The original ati2evxx.exe from ATI gets placed at C:WINDOWSSystem32ati2evxx.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



atiptaxx.exe

What is it?
ATI Task Icon - atiptaxx.exe

What does it do?
atiptaxx.exe - It's basically just that little ATI icon in the tray at the bottom right. You don't need to have this running unless you like something that it provides. I don't so I disable this.

To turn it off go to Display Properties -> Settings -> Advanced -> Options and uncheck the box for Enable ATI taskbar icon application .

Virus Precaution:
The original atiptaxx.exe from ATI gets placed at C:WINDOWSSystem32atiptaxx.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



ati2sgag.exe - ATI Smart

What is it?
ATI Smart - ati2sgag.exe

What does it do?
This only runs occasionally: When you first install the card and after a driver update to check for compatibility and stability issues. It will determine and set the best AGP bus settings for you. Things like fast writes are set by this.

This is a service that is set to automatic. I will go against what alot of people are saying and tell you to just leave this sucker alone. It does NOT remain running after its done so leaving this alone really won't hurt anything.

Virus Precaution:
The original file from ATI gets placed in the C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



wscntfy.exe

What is It?
Windows Security Center Notification - wscntfy.exe

What does it do?
wscntfy.exe - This is a part of windows XP's SP2. This is a little notification that will be in your taskbar and continue to nag you about various security settings like your firewall, automatic updates and virus protection.

If you'd like to get rid of this process you'll want to go into your control panel and then go into the security center. Once in there look along the left bar where you'll see quite a bit of text. At the bottom of this list you'll see where it says change the way security center alerts me. Click on this. Uncheck all three of these settings.

Click image for larger version

Name:  alert.png
Views: 0
Size:  8.8 KB

Virus Precaution:
The original wscntfy.exe from Microsoft gets placed at C:WINDOWSSystem32wscntfy.exe . If you find it anywhere else then you should be suspicious for sure.

You'll want to keep an eye on this google search for any known viruses. At this time I have not found ANY viruses that run themselves using this filename. All of the results currently affect this file in some way, but do not actually run as this filename.



gearsec.exe

What is it?
Gear Software's Recording Engine - Gearsec.exe

What does it do?
gearsec.exe - DVD x COPY , itunes and Power Quest's Drive Image are the most popular programs that utilize this software. You can find more information about Gear Software here. I do not believe that there is any form of spyware, adware or call home functions in this file. It should be harmless. Basically it gives a number of third part applications the ability to burn CDs and DVDs.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of gearsec.exe is your dystem% directory which is normally C:WINDOWSSystem32gearsec.exe. At this time my search shows nothing.



jusched.exe

What is it?
Java Update Scheduler - jusched.exe

What does it do?
jusched.exe - This is Sun's Java automatic update utility. If you would like to disable this scheduler then go to your control panel and click on the java module. The go to the updates tab and uncheck "check for updates automatically".

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of jusched.exe is C:Program FilesJavaj2re1.4.2_04injusched.exe. Obviously j2re1.4.2_04 is the version number. At this time my search shows nothing that you need to worry about..



mspmspsv.exe

What is it?
Windows Media Player Service- MsPMSPSv.exe

What does mspmspsv.exe do?
This is a helper service for Media Player 7+ which adds support for Windows Media Device Manager which is stuff like your portable media devices. If you don't take your music with you then this service can be disabled. This

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of mspmspsv.exe is gystem%MsPMSPSv.exe commonly: C:WINDOWSSystem32MsPMSPSv.exe. At this time my search shows nothing that you need to worry about.



em_exec.exe

What is it?
Logitech Mouseware - em_exec.exe

What does it do?
em_exec.exe - This is nothing more than a tray application that gives you easier access to things that are in your control panel. I prefer to keep the clutter off of my system tray and rarely change mouse settings so I would disable this from your startup.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of em_exec.exe is in your Program FilesLOGITECHMOUSESYSTEMem_exec.exe At this time my search shows nothing that you need to worry about.



qttask.exe

What is it?
Quick Time Tray icon - qttask.exe

What does it do?
qttask.exe - This is is a task tray icon which is used as a shortcut to a number of QuickTime related features. You really don't need this in your system tray. It is safe to remove this from your startup. QuickTime's most common purpose is for watching movies commonly in the .mov format.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of qttask.exe is in your C:Program FilesQuickTimeqttask.exe At this time my search shows nothing that you need to worry about.



htpatch.exe

What is it?
SiS Hyperthreading patch - htpatch.exe

What does it do?
htpatch.exe - This is a patch for SiS users that use a CPU that supports Hyperthreading. It appears to be harmless, but some people without hyperthreading CPUs have reported a performance LOSS so you may want to do some benchmarking yourself on this.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of htpatch.exe is: C:WINDOWShtpatch.exe At this time my search shows nothing that you need to worry about.



trickler.exe

What is it?
Gain/Gator/Claria - trickler.exe

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
Gain/Gator/Claria Removal Guide



vsmon.exe

What is it?
True Vector Internet Monitor - vsmon.exe

What does vsmon.exe do?
This process is associated with Zone Alarm's personal firewall. This is the process that runs in the background and sends you the alert messages anytime an application either breaks one of the already created rules or it doesn't have a rule in place already so you have to "train it".

It is highly suggested that you use a firewall application like this one.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of vsmon.exe is: %windows%systemvsmon.exe

At this time There's quite a few viruses running around using this filename!
for vsmon.exe

Also .



point32.exe

What is it?
Microsoft Intellimouse Monitor - point32.exe

What does point32.exe do?
This is the mouse settings tray icon. Some people report that you must have this running for the programmed extra button support. If you don't program those buttons for special tasks then you'll want to shut this process down.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of point32.exe is C:Program FilesMicrosoft HardwarePoint32.exe

At this time I did not find anything using this filename!

Also .



nwiz.exe

What is it?
NVIDIA nView Wizard - nwiz.exe

What does nwiz.exe do?
This is a multi desktop application used by NVIDIA. I pulled a quote from here:
NVIDIA? nView? multi-display software--bundled free with NVIDIA? ForceWare? desktop, workstation, mobile, platform, and multimedia software solutions--provides a revolutionary way to multi-task and process information easier. Instead of stacking window upon window within the confines of a single display, imagine spreading your work across multiple displays. Financial analysts can have a monitor for tracking each data stream. Graphic artists can use an entire display for palettes, and another for editing. The possibilities are endless.

If you're using a multi desktop environment then most likely you won't want to touch this process.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of nwiz.exe is C:WindowsSystem32 wiz.exe

At this time I did not find anything using this filename!

Also .



navapsvc.exe

What is it?
Norton AV Auto Protect Service - navapsvc.exe

What does navapsvc.exe do?
This is the service that is run by Norton AV to protect your system from infection. This does things like scan your emails as they come in and scanning files as you open or download them. This can be a severe resource hog if all of the options are enabled. I personally turn a lot of these options off and use my head for bug avoidance.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of navapsvc.exe is C:Program FilesNorton AntiVirusnavapsvc.exe

Nearly every virus out there tries to knock this file out!

Also .



hkcmd.exe

What is it?
Intel's HotKey Command - hkcmd.exe

What does hkcmd.exe do?
Not much data has been found on this. It seems like every manufacturer has their own hotkey programming application and this is the one brought to you by Intel.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of hkcmd.exe is C:WINDOWSSystem32hkcmd.exe

At this time no viruses were found running as this process. You will want to check since new bugs come through daily.

Also .



hbinst.exe

What is it?
Hotbar - hbinst.exe

What does it Do?
hbinst.exe - This is marketed as a way to add "skins" to your Internet Explorer and its toolbars. Most of the ads for this use babes in bikinis with large breasts or other things you'd want to stare out all day long. It would be perfectly fine if this program ONLY did this. The problem is it monitors every site you visit and displays advertisements in its toolbar that fit whatever site you're visiting.

Removal Instructions:
Hotbar Removal Guide



hotbar.exe

What is it?
Hotbar - hotbar.exe

What does it Do?
This is marketed as a way to add "skins" to your Internet Explorer and its toolbars. Most of the ads for this use babes in bikinis with large breasts or other things you'd want to stare out all day long. It would be perfectly fine if this program ONLY did this. The problem is it monitors every site you visit and displays advertisements in its toolbar that fit whatever site you're visiting.

Removal Instructions:
Hotbar Removal Guide



hbsrv.exe

What is it?
Hotbar - hbsrv.exe

What does it Do?
This is marketed as a way to add "skins" to your Internet Explorer and its toolbars. Most of the ads for this use babes in bikinis with large breasts or other things you'd want to stare out all day long. It would be perfectly fine if this program ONLY did this. The problem is it monitors every site you visit and displays advertisements in its toolbar that fit whatever site you're visiting.

Removal Instructions:
Hotbar Removal Guide



weatherontray.exe

What is it?
Hotbar -? weatherontray.exe

What does it Do?
This is marketed as a way to add "skins" to your Internet Explorer and its toolbars. Most of the ads for this use babes in bikinis with large breasts or other things you'd want to stare out all day long. It would be perfectly fine if this program ONLY did this. The problem is it monitors every site you visit and displays advertisements in its toolbar that fit whatever site you're visiting.

Removal Instructions:
Hotbar Removal Guide



inetinfo.exe

What is it?
IIS Debugger Tool- inetinfo.exe

What does it do?
inetinfo.exe? - This is a vital system process for anybody running an IIS based server. If you're having a problem with this process crashing then Microsoft has a patch for you here.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSYSTEM32INETSRVinetinfo.exe



wmon32.exe

What Is It?
W32.Gaobot.BAJ - Wmon32.exe
What Does it Do?
W32.Gaobot.BAJ is a worm that spreads through open network shares and through backdoors that the Mydoom family of worms open. It allows attackers to access an infected computer using a predetermined IRC channel.
Removal Instructions



CTSvcCDA.EXE

What is it?
Creative CD Assistant Service - CTSvcCDA.EXE

What does it do?
CTSvcCDA.EXE - This is a service creative by Creative labs to help your CD drive. Every time you insert a CD Creatives Player will try to play it for you. I suggest removing this and using either the built in Windows Media Player or Winamp.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSystem32CTSvcCDA.EXE



firefox.exe

What is it?
Mozilla Firefox - firefox.exe

What does it do?
firefox.exe - This is Mozilla Firefox my personal favorite browser. It is the slimmed down browser only project based upon Mozilla code.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesMozilla Firefoxfirefox.exe



Dreamweaver.exe

What is it?
Macromedia Dreamweaver - Dreamweaver.exe

What does it do?
Dreamweaver.exe - This is a WYSIWYG editor that makes HTML coding extremely easy. It also works as a great editor for really any web programming language. It helps keep the coding slimmed down and compliant which is something that frontpage simply doesn't do. Yes this is what I use for everything on this site from the PHP backend to template editing.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesMacromediaDreamweaver MX 2004Dreamweaver.exe



googletoolbar2.dll

What is it?
Google Toolbar - googletoolbar2.dll

What does it do?
googletoolbar2.dll - If you're an Internet Explorer user you will want to have this toolbar addon for your browser. It blocks some popups (more and more are getting around it) along with adding that spiffy google search bar for easy google searching. (That is one of the cooler parts about Firefox)

This is described as a BHO or Browser Help Object. If you're looking at your HJT log you will see a line that looks something like this:
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:program filesgooglegoogletoolbar2.dll



tkbellexe.exe

What Is It?
W32.Lovgate.AO@mm - TkBellExe.exe
What Does it Do?
W32.Lovgate.AO@mm is a mass-mailing worm that propagates through open network shares and prepends itself to .exe files.

The email has a variable subject and attachment name, with a .bat, .cmd, .com, .exe, .pif, .scr, or.zip file extension.

Copies itself to:
Removal Instructions



isafe.exe

What is it?
Etrust AV - isafe.exe

What does it do?
isafe.exe is a part of Etrust AV which is also use by Zone Labs Internet Security. You should not end this process for any reason. This handles the scanning of emails for viruses and possibly some automatic updates.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSsystem32oneLabsisafe.exe OR C:PROGRAM FILESCAETRUST EZ ARMORETRUST EZ ANTIVIRUSISAFE.EXE



hxdef.exe

What Is It?
W32.Lovgate.AO@mm - hxdef.exe
What Does it Do?
W32.Lovgate.AO@mm is a mass-mailing worm that propagates through open network shares and prepends itself to .exe files.

The email has a variable subject and attachment name, with a .bat, .cmd, .com, .exe, .pif, .scr, or.zip file extension.

Copies itself to:
Removal Instructions



avserve3.exe

What Is It?
W32.Sasser.G - avserve3.exe
What Does it Do?
W32.Sasser.G is a variant of W32.Sasser.Worm that attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011. The worm spreads by scanning random IP addresses and drops W32.Netsky.AC@mm.
Copies itself to:
Removal Instructions



wserver.exe

What Is It?
W32.Sasser.G - wserver.exe
What Does it Do?
W32.Sasser.G is a variant of W32.Sasser.Worm that attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011. The worm spreads by scanning random IP addresses and drops W32.Netsky.AC@mm.
Copies itself to:
Removal Instructions



ccsetmgr.exe

What Is It?
Norton Security - ccsetmgr.exe

What Does ccsetmgr.exe Do?
This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.

Virus Precautions:
The normal location of ccsetmgr.exe is: C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDccsetmgr.exe



ccevtmgr.exe

What Is It?
Norton Security - ccEvtMgr.exe

What Does ccevtmgr.exe Do?
This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
This particular process is the event log manager which monitors the virus scanning process and will trigger the alert process as needed.

Virus Precautions:
The normal location of ccevtmgr.exe is: C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDccevtmgr.exe



ccproxy.exe

What Is It?
Norton Security - ccProxy.exe

What Does ccproxy.exe Do?
This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
This particular process is the email proxy service that is required for your firewall and email scanning to work properly.

Virus Precautions:
The normal location of ccproxy.exe is: C:PROGRAM FILESCOMMON FILESSYMANTEC SHAREDccproxy.exe



savscan.exe

What Is It?
Norton Security -??SAVScan.exe
?
What Does it Do?
This is one of MANY processes that are used?by Norton Security (AV + Net Security)?If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
?
Virus Precautions:
The normal location of this file is in this directory:? C:Program FilesNorton AntiVirus



SNDSrvc.exe

What Is It?
Norton Security - SNDSrvc.exe

What Does it Do?
SNDSrvc.exe - This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
This process is known as Symantec Network Driver Service. Google isn't revealing any specific information on this. Please let me know if you find a good source of info on this.
Virus Precautions:
The normal location of SNDSrvc.exe is: C:Program FilesNorton AntiVirusSNDSrvc.exe



MediaPass.exe

MediaPass.exe - This program is from Mediapass series of adware processes that are installed on to your system and serve advertisments, this also monitors your surfing habits, for a safe system do not remove.



MediaPassK.exe

MediaPassK.exe - This process is from Mediapass series of adware processes that are installed in your system and serve advertisments, they also monitor your surfing habits, for a safe computer do not remove.



fsgk32st.exe

fsgk32st.exe - This process is with F-secure anti-virus, for a safe computer this should not be removed.



mantispm.exe

mantispm.exe - This is the process for Mailfrontier Desktop, Mailfrontier Desktop is for Outlook, and Outlook Express it is an advanced spam filter.



IntelMEM.exe

IntelMEM.exe - This is a process for Intel Chipset based modems, this is non essential only terminate if causing problems.



UAService7.exe

UAService7.exe - This process is from SecuROM user access service, this is used to access disk images protected by SecuROM, this is non essential only terminate if causing problems.



ccApp.exe

What Is It?
Norton Security - ccApp.exe
?
What Does it Do?
ccapp.exe - This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
This process is referred to as Common Client App which is also used by auto protect and email checking.

Virus Precautions:
The normal location of ccapp.exe is: C:Program FilesCommon FilesSymantec Sharedccapp.exe



nmain.exe

What Is It?
Norton Security -?? NMain.exe?
?
What Does it Do?
This is one of MANY processes that are used?by Norton Security (AV + Net Security)?If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.
?
This process is the main control panel that acts as a gateway to all of the other applications.
?
Virus Precautions:
The normal location of this file is in this directory:??? C:Program FilesCommon FilesSymantec Shared?
?



drvddll.exe

What is it?
W32.Beagle.AP@mm is a mass-mailing worm that spreads via email, using its own SMTP engine.

What's it do?
Copies itself as the following files:
  • drvddll.exe
  • drvddll.exeopen
  • drvddll.exeopenopen
  • drvddll.exeopenopenopen
Removal
@symantec



mvsc.exe

What is it?
It is a file created by the worm W32.Spybot.DAZ also known as Backdoor.Rbot.gen

What does it do?
W32.Spybot.DAZ is a worm that spreads through IRC, network shares and exploits, as well as computers that are infected with common backdoor Trojan horses.

Copies itself as:
%System%mvsc.exe

Removal Instructions
@symantec



ctrlpan.dll

what is it?
ctrlpan.dll is associated with a trojan horse virus called Trojan.Bookmarker.B

What does it do?
This Trojan changes the Internet Explorer home page to webcoolsearch.com. It is also packed with UPX. It is a variant of trojan.bookmarker that modifies the Internet Explorer home page and search page and adds bookmarks, which point to pornographic Web sites; into the Favorites folder!.

When the Ctrlpan.dll file is loaded, it does the following:
  1. Creates the file hh.htt
  2. Adds the value:

    "AppInit_DLLs"="ctrlpan.dll"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows

    so that each Windows-based program running......................
More info and Removal instructions
@symantec



windll.exe

what is it?
windll.exe is a file associated with the worm W32.Beagle.AQ@mm
this worm is a variant of W32.Beagle.AO@mm, which is a mass-mailing worm that uses its own SMTP engine to spread

what does it do?
Among other bad things, this worm Copies itself as the following files:
  • %System%windll.exe. (A copy of the worm)
  • %System%windll.exeopen (A copy of the worm)
  • %System%windll.exeopenopen (A copy of the worm
Removal
Read more about this nasty bug and how to remove it @symantec



dx32hhec.sys

What is it?
Backdoor.Nemog is a Backdoor Trojan horse.

What's it do?
Allows an infected computer to be used as an email relay and HTTP proxy

Creates the service dx32hhec so that it executes every time Windows starts.

Creates the following files:
%System%dx32hhlp.exe
%System%dx32hhec.sys

Removal
@symantec



gamechannel.exe

What is it?
WildTangent - gamechannel.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



ddcmigrate.exe

What is it?
WildTangent - ddcmigrate.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



winamp.exe

What is it?
Winamp- winamp.exe

What does it do?
winamp.exe - If you're not familiar with what Winamp it is and always has been the greatest MP3 player on the planet. With the last bunch of releases this ranges from a basica media player all the way to a full media solution with ripping and burning all built into a single interface. Originally a "rebel" piece of software its now as commercialized and accepted as anything else out there. AOL actually even purchased it... Doesn't get much more commerical and/or accepted as that.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesWinampwinamp.exe



rungame.exe

What is it?
WildTangent - rungame.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



ddcactivemenu.exe

What is it?
WildTangent - ddcactivemenu.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



ddcman.exe

What is it?
WildTangent - ddcman.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



wcmdmgr.exe

What is it?
WildTangent - wcmdmgr.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



msdxm.ocx

What is it?
Windows Media Player IE Plugin - msdxm.ocx

What does it do?
msdxm.ocx - This is the activeX control used by internet explorer to integrate things like audio and video and playing it in the Windows Media Player.

This is described as a Toolbar by HJT. If you're looking at your HJT log you will see a line that looks something like this:
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSsystem32msdxm.ocx

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:program filesgooglegoogletoolbar2.dll



wcmdmgrl.exe

What is it?
WildTangent - wcmdmgrl.exe

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



zzzzzzz.DLL

What is it?
A randomly created file related to the w32.bugbear.m worm
the file is located in the system folder and is (usually 5632 bytes)

What does it do?
the zzzzzzzz.DLL file has been reported to be a Keylogger program! This means when it is active it is creating a log file of all the keys that you press while you are using the computer that is infected.

w32.bugbear.m spreads by sending emails containing attachments and by locating shared resources on your network to which it can copy itself.

More info and Removal instructions
@symantec



xxx.EXE

What is it?
xxx.exe is a copy of the executable code that contains the w32.bugbear.m worm

What does it do?
the xxx.exe file has been reported to be copied into the startup folder of the infected system so that the worm is activated each time the computer is booted. The w32.bugbear.m worm itself is a mass-mailing worm that sends itself to email addresses it gathers from certain files on the system, using its own SMTP engine.

More information and removal instructions
@symantec



tasker.exe

What is it?
tasker.exe is a file associated with the mass mailer W32.Mydoom.R worm

What does it do?
W32.Mydoom.R@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer. The email contains a spoofed From address. The subject and message body vary, and the attachment has a .bat, .cmd, .exe, .pif, .scr, or .zip extension.

More info and Removal instructions
@symantec



damon.exe

What is it?
D
ell Alert Monitor - damon.exe

What does it do?
This is a part of Dells software support system. This system does not appear to be any form of security risk. I suggest removing this from your system startup due to added crashing/conflict possibilities.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesDellSupportAlertinDAMon.exe


Also .



osa.exe

What is it?
O
ffice Startup Assistant - Osa.exe

What does it do?
The Office Startup Assistant (Osa.exe or OSA) is a program that improves the performance of Office XP programs. Office Setup places a shortcut to the Osa.exe file in the Windows Startup folder; the file is named "Microsoft Office".

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:PROGRAM FILESMSOFFICEOFFICEOSA.EXE


Also .



shdoclc.dll

What is it?
Shell Document Object and Control library - shdoclc.dll

What does it do?
Shdoclc.dll (the Shell Document Object and Control library) is a resource-only library that is used by Internet Explorer to store localized items such as menus, dialog boxes, and strings.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WindowsSystem32shdoclc.dll


Also .



iexplore.exe

What is it?
Internet Explorer - iexplore.exe

What does iexplore.exe do?
This is the main executable to the browser brought to you by Microsoft. If you're using this then please look into Firefox. This browser is a security hazard

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of iexplore.exe is C:Program FilesInternet Exploreriexplore.exe There's a LOT of bugs you need to worry about if the exe is running in any location other than that one.


search Trend Micro.



Winupdate.exe

What is it?
Winupdate.exe is a file associated with a virus called w32.Gaobot.BIA

What does it do?
W32.gaobot.bia is a network-aware worm that spreads to remote network shares, through backdoors opened by other common backdoor Trojan horse programs, and by exploiting several Windows vulnerabilities. The worm opens a backdoor and allows a remote attacker to have unauthorized access to the infected computer.


More information and removal instructions
@symantec



ossmtp.dll

What is it?
ossmtp.dll is a dynamic link library used by software to send and receive email

Is there a Virus Risk?
unfortunately, there is a mass mailing worm called w32.blackmal.c@mm that is also associated with the ossmtp.dll file!

What does the virus do?
W32.Blackmal.C@mm is a mass-mailing worm that lowers security settings by deleting files associated with security applications. It sends a copy of itself to all email addresses gathered from the Outlook address book, Yahoo Messenger address book, and Yahoo Pager address book.

More info and Removal Instructions
@symantec



cidaemon.exe

What is it?
Indexing Service - cidaemon.exe

What does cidaemon.exe do?
If you use Microsoft Indexing Service, cidaemon.exe might explain the high CPU utilization. This process builds and updates the Index catalog and typically uses a lot of CPU time. However, cidaemon .exe is also set to run at a low priority, so it usually doesn't degrade the performance of the system even if it's at a high CPU level.
Source


The Filtering component coordinates filtering of files. Its output is called a word list. This component is called by the Indexing component.
The CiDaemon.exe file contains the Filtering component. One executing instance of CiDaemon.exe exists for each Indexing Service catalog.


Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of cidaemon.exe is C:WINDOWSsystem32cidaemon.exe If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


search Trend Micro.



cisvc.exe

What is it?
Indexing ServiceHelper - cisvc.exe

What does it do?
The Indexing component calls the Filtering component to extract the text and values from files that need to be filtered. After additional processing, it merges the resulting word lists into an index that is saved to disk. Indexing Service eventually merges content information (the text within a file) into the master index and saves value information (properties internal to the file) in the property cache. Source

The Change-Notification component informs Indexing Service when files have been altered (added, modified, deleted) to trigger indexing or re-indexing of the contents and values of changed files. Source.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSsystem32cisvc.exe If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also search Trend Micro.



cmd.exe

What is it?
Command Prompt - cmd.exe

What does it do?
cmd.exe is a treat for all of us old schoolers out there who believe it is quicker to type most things than to click around to it. cmd.exe brings all of the simple power of DOS to our modern windows machines. You'll want to look around our tips and guides section if you're unsure of the incredible things that can be done thanks to this little file.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Windowssystem32cmd.exe If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also search Trend Micro.



comctl32.dll

What is it?
Windows Common Controls Library - comctl32.dll

What does it do?
The shell incorporates a number of controls that help give Windows its distinctive look and feel. Because these controls are supported by DLLs that are a part of the operating system, they are available to all applications. Using the common controls helps keep an application's user interface consistent with that of the shell and other applications. Because developing a control can be a substantial undertaking, using the common controls can also save you a significant amount of development time.

The common controls are a set of control windows supported by the common control library Comctl32.dll. Like other controls, a common control is a child window that an application uses in conjunction with another window to perform I/O tasks. The common control DLL includes a programming interface that applications use to create and manipulate the controls as well as to receive user input. Source

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Windowssystem32comctl32.dll If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also .



commctrl.dll

What is it?
Windows Common Controls Library - commctrl.dll (16bit)

What does it do?
16 bit version of comctl32.dll
The shell incorporates a number of controls that help give Windows its distinctive look and feel. Because these controls are supported by DLLs that are a part of the operating system, they are available to all applications. Using the common controls helps keep an application's user interface consistent with that of the shell and other applications. Because developing a control can be a substantial undertaking, using the common controls can also save you a significant amount of development time.

The common controls are a set of control windows supported by the common control library Comctl32.dll. Like other controls, a common control is a child window that an application uses in conjunction with another window to perform I/O tasks. The common control DLL includes a programming interface that applications use to create and manipulate the controls as well as to receive user input. Source

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Windowssystem32commctrl.dll If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also .



comdlg32.dll

What is it?
Windows Common Dialogs Library - comdlg32.dll

What does it do?
The Common Dialog Box Library contains a set of dialog boxes for performing common tasks, such as opening files and printing documents. The common dialog boxes provide a uniform user interface that lets users carry out these common tasks without being forced to learn new techniques with each application. Source

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Windowssystem32comdlg32.dll If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also .



hal.dll

What is it?
MS Hardware Abstraction Layer - hal.dll

What does it do?
Short for hardware abstraction layer, programming in an operating system that functions as an interface between a system?s hardware and software, providing a consistent hardware platform on which to run applications. When a HAL is employed, applications do not access hardware directly but access the abstract layer provided by the HAL. Like APIs, HALs allow applications to be device-independent because they abstract information from such systems as caches, I/O buses and interrupts and use this data to give the software a way to interact with the specific requirements of the hardware on which it is running. Source:

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Windowssystem32hal.dll If its not running in that location you'll want to reference some virus DBs and/or scan for viruses.


Also .



ezSP_Px.exe

What is it?
Easy Systems CD/DVD Writing Software- ezSP_Px.exe

What does it do?
ezSP_Px.exe? - If you're using Easy Systems Drag?n Drop CD & DVD writing software you will not want to remove or end this process. It is commonly bundled on Sony computers.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSystem32ezSP_Px.exe



igfxtray.exe

What is it?
Intel Graphics Tray- igfxtray.exe

What does it do?
igfxtray.exe? - This application gives you easy access to your Intel graphics configuration by giving options to you in the system tray.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINNTSystem32igfxtray.exe



cfd.exe

What is it?
Broadband Modem Support Tool - cfd.exe

What does it do?
cfd.exe? - The most common place that you pick this process up is after installing SBC's DSL software. It is some form of a support tool which most of us don't need or want on our systems.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesBroadJumpClient FoundationCFD.exe



win32s.exe

What is it?
win32s.exe is a file associated with the w32.mydoom.v@mm worm.

What does it do?
W32.Mydoom.V@mm is a mass-mailing worm that downloads an excutable file.

When W32.Mydoom.V@mm is executed, it does the following:
  • Adds the value:

    "Win32System" = "%WinSysDir%win32s.exe"

    to the following registry key:

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun

    so that it is executed every time Windows starts.
  • Creates a mutex named "LLLf54fxrDLLL" so that only one copy of the worm is run on the infected computer.
  • Retrieves the email addresses from the Windows address book files.
  • Retrieves the email addresses from the files that have the following extensions on drives C through Y:.........
  • ........
More info and removal instructions
@symantec



sndconfg16.exe

sndconfg16.exe description

File description: This file is a worm! It is the WORM_SHAREBOT.A worm which uses P2P networks to infect users. This worm, when executed will dump a bunch of files in random folders (usually shared folders) with names such as:

-> Ad-aware Pro Crack.exe
-> Adobe Acrobat Reader crack.exe
-> Adobe Golive v6.0 Keygen.exe
-> Adobe Illustrator v10.0 Time Limit Crack.exe
-> Adobe ImageReady v1.0 crack.exe
-> Adobe PageMaker v7.0 Keygen.exe
-> Adobe Photoshop 7 keygen.exe
-> Adobe Photoshop all.exe
-> Adobe Serial Generator v2.0.exe
-> Age of Empires II The Age of Kings NO CD crack.exe
-> Age Of Mythology - The Titans no cd crack.exe
-> Age Of Mythology no cd crack.exe
-> Alias Acclaim crack.exe
-> All Macromedia Products Keygen.exe
-> Anti-Trojan 4.0.exe
-> Avant Browser.exe
-> Backyard Baseball 2003 no cd crack.exe
-> Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe
-> Battlefield 1942 no cd crack.exe
-> Battlefield Vietnam EA Games crack.exe
-> Battlefield Vietnam Multiplayer Online Crack.exe
-> Besieger Strategy DreamCatcher Interactive crack.exe
-> Blinx 2 - Masters of Time & Space Microsoft crack.exe
-> Blitzkrieg - Burning Horizon Strategy CDV Software GmbH crack.exe
-> Call of Duty Activision crack.exe
-> Call Of Duty no cd crack.exe
-> City of Heroes Role-Playing NCsoft crack.exe
-> Civilization III crack.exe
-> Classic NES Series - The Legend of Zelda GBA Role-Playing Nintendo crack.exe
-> CloneDVD v1.x crack.exe
-> Command & Conquer - Generals no cd crack.exe
-> Command & Conquer - Generals Zero Hour no cd crack.exe
-> Command & Conquer - Generals Zero Hour Strategy EA Games crack.exe
-> Counter-Strike Condition Zero Keygen.exe
-> Credit card generator.exe
-> Crusader Kings Strategy Paradox Entertainment crack.exe
-> Cubase Audio XT 3.X crack.exe
-> Dark Age Of Camelot - Trials Of Atlantis no cd crack.exe
-> Dark Matter - The Baryon Proj crack.exe
-> Deus Ex Invisible War NO CD Crack.exe
-> Diablo 2 NO CD crack.exe
-> Diablo 2 no cd crack.exe
-> DivX Player and Codec.exe
-> Doom 3 Activision crack.exe
-> Doom 3 NO CD Crack.exe
-> Download Accelerator Plus (spyware free).exe
-> Dragon Ball Z - Budokai 3 Atari crack.exe
-> Dragon Ball Z - Supersonic Warriors GBA Atari crack.exe
-> Dragon Warrior VIII Role-Playing Square Enix crack.exe
-> DRIV3R Atari crack.exe
-> Dungeon Lords Role-Playing DreamCatcher Interactive crack.exe
-> Dungeon Siege no cd crack.exe
-> Enter the Matrix Atari crack.exe
-> ESPN NFL 2K5 Sega crack.exe
-> F.E.A.R. VU Games crack.exe
-> Fable Role-Playing Microsoft crack.exe
-> Far Cry Ubisoft crack.exe
-> Final Fantasy VII - Advent Children PSP Role-Playing Square Enix crack.exe
-> Final Fantasy XI - Square Enix USA no cd crack.exe
-> Final Fantasy XII Role-Playing Square Enix crack.exe
-> Fire Emblem - Seima no Kouseki GBA Role-Playing Nintendo crack.exe
-> FlashFXP 2 RC2 Crack.exe
-> FlashFXP v1.4.1 Crack.exe
-> FlashFXP v1.4.3 Crack.exe
-> FlashFXP v2.0 Crack.exe
-> FlashFXP v2.1 crack.exe
-> FlashFXP v2.2 crack.exe
-> FlashGet.exe
-> Forgotten Realms - Demon Stone Atari crack.exe
-> Forgotten Realms - Demon Stone crack.exe
-> Freedom Force no cd crack.exe
-> Front Mission 4 Strategy Square Enix crack.exe
-> Full Spectrum Warrior Strategy THQ crack.exe
-> Geist GC Nintendo crack.exe
-> Goblin Commander - Unleash the Horde Strategy Jaleco Entertainment crack.exe
-> Gran Turismo 4 SCEA crack.exe
-> Grand Theft Auto - San Andreas Rockstar Games crack.exe
-> Grand Theft Auto 3 no cd crack.exe
-> Grand Theft Auto III no cd crack.exe
-> Grand Theft Auto San Andreas NO CD crack.exe
-> Grand Theft Auto Vice City NO CD crack.exe
-> GTA crack.exe
-> Half-Life 2 Keygen.exe
-> Half-Life 2 NO CD Crack.exe
-> Half-Life 2 VU Games crack.exe
-> Halo - Combat Evolved - Microsoft no cd crack.exe
-> Halo 2 crack.exe
-> Harry Potter & The Sorcerers Stone no cd crack.exe
-> Harry Potter and the Prisoner of Azkaban Adventure EA Games crack.exe
-> Harry Potter and the Sorcerers Stone no cd crack.exe
-> Heroes of Might & Magic IV no cd crack.exe
-> Hidden & Dangerous 2 NO CD Crack.exe
-> Icewind Dale 2 no cd crack.exe
-> ICQ 4.exe
-> ICQ Pro 2003b.exe
-> iMesh patch.exe
-> Jedi Academy NO CD Crack.exe
-> Joint Operations - Typhoon Rising NovaLogic crack.exe
-> Juiced Acclaim crack.exe
-> Kingdom Hearts II Role-Playing Square Enix crack.exe
-> Knights Apprentice Memoricks Adventures Games crack.exe
-> LimeWire server scanner.exe
-> Macromedia ColdFusion MX crack.exe
-> Macromedia Contribute v2.0 crack.exe
-> Macromedia Director 8 Crack.exe
-> Macromedia Dreamweaver 4.0 Patch.exe
-> Macromedia Dreamweaver MX v6.0 crack.exe
-> Macromedia Dreamweaver UltraDev 4.0 Patch.exe
-> Macromedia Fireworks 4.0 Patch.exe
-> Macromedia Flash All Versions keygen.exe
-> Macromedia Flash MX v6.0 crack.exe
-> Macromedia Flash SWF-Unprotect v2.0.exe
-> Macromedia FreeHand v10 Loader.exe
-> Madden NFL 2003 no cd crack.exe
-> Madden NFL 2005 EA crack.exe
-> Mafia no cd crack.exe
-> Malice Mud Duck Productions crack.exe
-> Mario Pinball Land GBA Puzzle Nintendo crack.exe
-> Mario Tennis GC Nintendo crack.exe
-> Matrix Screensaver.exe
-> Max Payne 2 Fall Of Max Payne no cd crack.exe
-> Max Payne 2 NO CD Crack.exe
-> Max Payne 2 The Fall of Max Payne NO CD crack.exe
-> MaxPayne 2 The Fall Of Max Payne Crack.exe
-> McFarlanes Evil Prophecy Konami crack.exe
-> Medal Of Honor - Allied Assault no cd crack.exe
-> Medal Of Honor - Allied Assault BreakThrough no cd crack.exe
-> Medal Of Honor - Allied Assault no cd crack.exe
-> Medal of Honor Pacific Assault EA Games crack.exe
-> Medal of Honor- Allied Assault no cd crack.exe
-> Medieval - Total War no cd crack.exe
-> Mega Man Anniversary Collection GC Capcom crack.exe
-> Metal Gear Acid PSP Strategy Konami crack.exe
-> Metal Gear Solid 3 - Snake Eater Konami crack.exe
-> Microsoft Flight Simulator 2004 - A Century Of Flight no cd crack.exe
-> Microsoft Office 2000 Regmaker.exe
-> Microsoft Office XP Activation Crack.exe
-> Microsoft Office XP Activation Killer.exe
-> Microsoft Office XP Professional Crack.exe
-> Microsoft Office XP Professional Serial.exe
-> Microsoft Office XP Universal Activator v1.0.exe
-> Midnight Club 3 - DUB Edition Rockstar Games crack.exe
-> mirc 6.1x reg entries.exe
-> mIRC 6.X crack.exe
-> Morpheus patch.exe
-> MS Office XP Activation Crack.exe
-> MS Zoo Tycoon no cd crack.exe
-> MSN advert remover.exe
-> MSN Toolbar advert remover.exe
-> MVP Baseball 2004 EA crack.exe
-> NBA Live 2003 crack.exe
-> NBA Live 2004 crack.exe
-> NCAA Football 2005 EA crack.exe
-> Need For Speed 5 - no cd.exe
-> Need for Speed Hot Pursuit 2 CD KeyGenerator.exe
-> Need for speed underground - nocd.exe
-> Need for Speed Underground 2 crack.exe
-> Need for Speed Underground 2 Electronic Arts crack.exe
-> Need for Speed Underground 2 NO CD crack.exe
-> Need for Speed Underground NO CD crack.exe
-> Need for Speed4 - NOCD.exe
-> NeedforspeedUnderground-nocd.exe
-> Nero Burning ROM v6.x crack.exe
-> Ninja Gaiden Tecmo crack.exe
-> Norton AntiVirus 2004 crack.exe
-> Onimusha 3 - Demon Siege Adventure Capcom crack.exe
-> Psi-Ops - The Mindgate Conspiracy Midway crack.exe
-> Purge Jihad Freeform Interactive LLC crack.exe
-> RealPlayer crack (keygen).exe
-> Red Dead Revolver Rockstar Games crack.exe
-> Resident Evil 4 GC Adventure Capcom crack.exe
-> Rise of Nations - Thrones & Patriots Strategy Microsoft crack.exe
-> RoboForm crack.exe
-> Roller Coaster Tycoon no cd crack.exe
-> RYL crack.exe
-> Second Life Role-Playing Linden Lab crack.exe
-> Shadow Ops - Red Mercury Atari crack.exe
-> ShellShock - Nam 67 Eidos Interactive crack.exe
-> Silent Storm - Sentinels Strategy _No Company crack.exe
-> Sim City 4 - Rush Hour no cd crack.exe
-> Sim City 4 Deluxe no cd crack.exe
-> Sim Theme Park World no cd crack.exe
-> Singles - Flirt Up Your Life Strategy Eidos Interactive crack.exe
-> Snood crack.exe
-> Snowblind Eidos Interactive crack.exe
-> Soldier of Fortune II- Double Helix no cd crack.exe
-> SolSuite 2004 - Solitaire Card Games Suite crack.exe
-> Sonic the Hedgehog 3 crack.exe
-> Spider-Man 2 Activision crack.exe
-> Spider-Man 2 GC Activision crack.exe
-> Sponge Bob Square Pants - Operation Krabby Patty no cd crack.exe
-> Spybot Search and Destroy.exe
-> Star Wars - Jedi Knight - Jedi Academy no cd crack.exe
-> Star Wars - Knights of the Old Republic Role-Playing LucasArts crack.exe
-> Star Wars Galactic Battlegrounds- Clone Campaigns no cd crack.exe
-> Star Wars Jedi Knight II - Jedi Outcast no cd crack.exe
-> Star Wars Jedi Knight II- Jedi Outcast no cd crack.exe
-> Star Wars Knights of the Old Republic II - The Sith Lords Role-Playing LucasArts crack.exe
-> Starcraft - Battlechest no cd crack.exe
-> The Chronicles of Riddick - Escape From Butcher Bay VU Games crack.exe
-> The Elder Scrolls III - Morrowind Game of the Year Edition Role-Playing Bethesda Softworks crack.exe
-> The Legend of Zelda (working title) GC Nintendo crack.exe
-> The Legend of Zelda - Four Swords Adventures GC Nintendo crack.exe
-> The Legend of Zelda - The Minish Cap GBA Nintendo crack.exe
-> The Lord of the Rings The Battle for Middle-earth Strategy EA Games crack.exe
-> The Lord of the Rings The Return of The King crack.exe
-> The Sims no cd crack.exe
-> The Sims - Hot Date Expansion Pack no cd crack.exe
-> The Sims - Makin Magic Expansion Pack no cd crack.exe
-> The Sims - Superstar Expansion Pack no cd crack.exe
-> The Sims - Unleashed Expansion Pack no cd crack.exe
-> The Sims - Vacation Expansion Pack no cd crack.exe
-> The Sims - Hot Date Expansion Pack no cd crack.exe
-> The Sims - Vacation Expansion Pack no cd crack.exe
-> The Sims 2 crack.exe
-> The Sims Deluxe no cd crack.exe
-> The Sims Deluxe no cd crack.exe
-> The Sims Double Deluxe no cd crack.exe
-> The Sims no cd crack.exe
-> The Sims- Vacation no cd crack.exe
-> The Suffering Encore Software Inc. crack.exe
-> The Suffering Midway crack.exe
-> Thief - Deadly Shadows Eidos Interactive crack.exe
-> Tiger Woods PGA Tour 2004 crack.exe
-> Tom Clancy's Splinter Cell Pandora Tomorrow crack.exe
-> Tom Clancys Ghost Recon - Desert Siege no cd crack.exe
-> Tom Clancys Splinter Cell Pandora Tomorrow Ubisoft crack.exe
-> Tom Clancys Splinter Cell Ubisoft crack.exe
-> Tony Hawks Underground crack.exe
-> Trillian crasher.exe
-> Unreal Tournament 2003 no cd crack.exe
-> Unreal Tournament 2004 Atari crack.exe
-> Unreal Tournament 2004 crack (keygen).exe
-> Unreal Tournament 2004 NO CD crack.exe
-> Vampire - The Masquerade - Bloodlines Role-Playing Activision crack.exe
-> VirtualLab Data Recovery crack.exe
-> Warcraft III - Reign Of Chaos no cd crack.exe
-> Warez P2P.exe
-> Webroot Spy Sweeper.exe
-> windows server 2003 crack.exe
-> Windows XP Activation Crack.exe
-> Windows XP home edition Activation.exe
-> Windows XP Professional crack.exe
-> WinRAR crack (keygen).exe
-> WinZip All Versions keygen.exe
-> Winzip keygen.exe
-> WinZip Self-Extractor v2.2 keygen.exe
-> WinZip Self-Extractor v2.2 Patch.exe
-> WinZip v8.0 Keygen.exe
-> WinZip v8.x - v9.x patch.exe
-> WinZIP v9.0 Keygen.exe
-> WinZip v9.0 Registration.exe
-> World of Warcraft Role-Playing Blizzard Entertainment crack.exe
-> Worms Armageddon NO CD crack.exe
-> WWE Day of Reckoning GC THQ crack.exe
-> WWE SmackDown! vs. Raw THQ crack.exe
-> XBOX X-Fer Ripper and Transfer.exe
-> Yoshinoya Success crack.exe
-> ZoneAlarm crack (keygen).exe
-> Zoo Tycoon - Complete Collection no cd crack.exe
-> Zoo Tycoon no cd crack.exe
-> Zoo Tycoon- Dinosaur Digs no cd crack.exe


This worm propatigates on Altnet , eDonkey2000 , iMesh , KaZaA , LimeWire and Morpheus.

This worm also attempts to connect to the mIRC server irc.m00p.org through the ##Pc2Pc## channel to notify a remote user and listen for further commands.

If you find this file on your PC, go in regedit and delete these entries:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunWinProfile = "sndcfg16.exe"
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices
WinProfile = "sndcfg16.exe"
This worm is not really destructive but is an inconvenience like any type of malware is.

If you find any traces of this worm run a full virus scan to make sure they are gone, this will help make sure you are not sharing it with other P2P users not aware of this.



timesrv.exe

What is it?
timesrv.exe is a time synchronization utility from the original Windows NT 4.0 server resource kit.

Virus risk?
unfortunately timesrv.exe is associated with the W32.Spybot.DNC worm

What does it do?
W32.Spybot.DNC is a worm that may be remotely controlled via IRC channels.

When the worm is executed it copies itself to the windows system folder as timesrv.exe

The worm has the ability to perform distributed denial of service (DDoS) attacks and open a backdoor on the infected computers. It also attempts to steal CD keys from some computer games.

More info and Removal instructions
@symantec



HPPrint.exe

What is it?
HPPrint.exe is an application used commonly by the HP brand printer software

Virus risk?
Unfortunately this file is associated with the W32.Spybot.DNB worm

What does it do?
W32.Spybot.DNB is a worm that may be remotely controlled via IRC channels. The worm has the ability to perform distributed denial of service (DDoS) attacks and open a backdoor on the infected computers. It also attempts to steal CD keys from some computer games.

More info and removal instructions
@symantec



wsbho2k0.dll

What is it?
WSFTP Browser Plugin - wsbho2k0.dll

What does it do?
If you have an FTP program installed like WSFTP you will want to use that for all of your FTP transfers instead of the tool built into Internet Explorer. This Browser Help Object basically forces your FTP connections through WSFTP.

This is described as a BHO or Browser Help Object. If you're looking at your HJT log you will see a line that looks something like this:
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesWS_FTP Prowsbho2k0.dll



ezstub.exe

What is it?
Ezula - ezstub.exe

What does it do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Ezula Removal Guide



carpserv.exe

What is it?
Modem - carpserv.exe

What does it do?
carpserv.exe? - This is a utility for Zoltrix and Conexant modems to allow you to listen to the modem as its connecting to the internet. This is more of a debugging utility that isn't needed unless your dialup is acting weird and you need to listen for line noise.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSystem32carpserv.exe



se.exe

What is it?
Ezula - se.exe

What does it do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Ezula Removal Guide



sed.exe

What is it?
Ezula - sed.exe

What does it do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Ezula Removal Guide



wo.exe

What is it?
Ezula - wo.exe

What does wo.exe do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Ezula Removal Guide



wowexec.exe

What is it?
Windows On Windows Execution - wowexec.exe

What does it do?
In addition to the 16-bit applications, each NTVDM process includes a heartbeat thread that interrupts every 55 milliseconds to simulate a timer interrupt, and the Wowexec.exe thread, which helps to create 16-bit tasks and to handle the delivery of the 16-bit interrupt. This thread supports 16-bit Windows applications in a 32-bit Windows environment. The WOW subsystem provides an NTVDM where all Win16 applications run. You will see the heartbeat and Wowexec threads when monitoring 16-bit applications.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowssystem32wowexec.exe


.



ntvdm.exe

What is it?
NT Virtual DOS Machine - ntvdm.exe

What does ntvdm.exe do?
In Windows 2000, by default, all active 16-bit Windows applications run as separate threads in a single multithreaded process called NT Virtual DOS Machine (NTVDM). The NTVDM process simulates a 16-bit Windows environment complete with all of the DLLs called by 16-bit Windows applications.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of ntvdm.exe is C:windowssystem32ntvdm.exe


Also .



ntdll.dll

What is it?
NT Layer DLL - ntdll.dll

What does it do?
Ntdll.dll is an NT layer DLL file that controls Windows NT system functions.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowssystem32ntdll.dll


.



notepad.exe

What is it?
Windows Notepad - notepad.exe

What does it do?
Notepad is a basic text editor you can use for simple documents or for creating Web pages.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowsnotepad.exe


Also .



oleaut32.dll

What is it?
Microsoft OLE DLL - oleaut32.dll

What does it do?
Microsoft has made and is continuing to make heavy investments in OLE-related technologies. OLE itself has been in development for more than seven years, and almost every new technology coming out of Microsoft somehow incorporates elements of OLE. Why does OLE deserve such an investment? And why is OLE significant for the independent software vendor (ISV) and the computer industry as a whole?

The answer, as this paper explores, is that Microsoft created OLE to solve, in an object-oriented manner called component software, many practical problems encountered during Microsoft's lengthy experience in operating systems and applications. OLE provides the necessary specifications and the key services that enable component software, which is ultimately a significant gain for the entire computing industry.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowssystem32oleaut32.dll


.



olepro32.dll

What is it?
Microsoft OLE Property Support DLL - olepro32.dll

What does it do?
Microsoft has made and is continuing to make heavy investments in OLE-related technologies. OLE itself has been in development for more than seven years, and almost every new technology coming out of Microsoft somehow incorporates elements of OLE. Why does OLE deserve such an investment? And why is OLE significant for the independent software vendor (ISV) and the computer industry as a whole?

The answer, as this paper explores, is that Microsoft created OLE to solve, in an object-oriented manner called component software, many practical problems encountered during Microsoft's lengthy experience in operating systems and applications. OLE provides the necessary specifications and the key services that enable component software, which is ultimately a significant gain for the entire computing industry.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowssystem32olepro32.dll


.



Shell32.dll

What is it?
Microsoft Shell Library - shell32.dll

What does it do?
The Microsoft Windows?user interface (UI) provides users with access to a wide variety of objects necessary for running applications and managing the operating system. The most numerous and familiar of these objects are the folders and files that reside on computer disk drives. There are also a number of virtual objects that allow the user to do tasks such as sending files to remote printers or accessing the Recycle Bin. The Shell organizes these objects into a hierarchical namespace, and provides users and applications with a consistent and efficient way to access and manage objects.

Microsoft's information page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:windowssystem32shell32.dll


.



_re_file.exe

What is it?
_re_file.exe is a file associated with the w32.beagle@mm worm

What does it do?
The w32.beagle@mm worm has many different variations.

W32.Beagle.AQ@mm which is a variant of W32.Beagle.AO@mm, it is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to Trojan.Mitglieder and Download.Ject.C, which downloads the worm from an external source.

Removal
@symantec



doriot.exe

What is it?
doriot.exe is a file associated with the w32.beagle@mm worm

What does it do?
the beagle worm W32.Beagle.AQ@mm is a variant of W32.Beagle.AO@mm, which is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to Trojan.Mitglieder and Download.Ject.C, which downloads the worm from an external source.

Removal
@symantec



fotos.zip

what is it?
fotos.zip is a file associated with the w32.beagle@mm worm

Where did it come from?
Usually you get these randomly in your inbox, so never download the attachment. It could be named foto1.zip foto2.zip foto3.zip or similar .pif or .exe...

What's it do?
W32.Beagle.AQ@mm is a variant of W32.Beagle.AO@mm, which is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to Trojan.Mitglieder and Download.Ject.C, which downloads the worm from an external source.

Recommendations
Use THIS google search
to view links to some antivirus programs that support email attachment scanning or email protection.

For people that use outlook or other pop services that automatically download your emails from a remote server I highly recomend using an antivirus program that scans all your email attachments before they can be opened..

More information and removal instructions
@symantec



syshosts.exe

What is it?
syshosts.exe is a file associated with the W32.MyDoom.Y@mm worm

What does it do?
W32.MyDoom.Y@mm is a mass-mailing worm

when w32.mydoom.ymm is executed it does the following:

Copies itself as the following files:
    • %System%syshosts.exe
  • Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  1. Adds the value:

    "MS Updates"="%System%syshosts.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun

    so that the worm is executed every time Windows starts.
  2. Opens http://www.microsucks.com in Internet Explorer.
More information and removal instructions
@symantec



oz2.exe

What is it?
oz2.exe is a file associated with the w32.mydoom.w@mm worm

What does it do?
W32.Mydoom.W@mm is a mass-mailing worm that attempts to perform a Distributed Denial of Service (DDoS) attack against www.symantec.com.

When W32.Mydoom.W@mm is executed, it performs the following actions:
  1. Creates the following registry keys:

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32Version
    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32Version
    HKEY_CURRENT_USERSoftwareMicrosoftDaemon
    HKEY_LOCAL_MACHINESoftwareMicrosoftDaemon
  2. Creates the mutex "Sept-Symantec-Attack" so that only one instance of the worm can be executed.
  3. Deletes the files in the Windows Temp folder.
  4. Inserts the following files:
    • %Temp%Services.exe: This file will be detected as Backdoor.Zincite.A.
    • %System%About_Mydoom.txt: This is a text file and should be manually deleted.
    • %System%Doompic.jpg: This is a JPEG file and should be manually deleted.
    • %System%log32zx.exe: This file will be detected as Keylogger.Trojan.
    • %System%Downxz.bat: This file will be detected as Download.Trojan.
  5. Copies itself as:
    • %System%oz11111.exe
    • %Windir%oz2.exe
More information and removal instructions
@symantec



oz11111.exe

What is it?
oz11111.exe is a file associated with the w32.mydoom.w@mm worm

What does it do?
W32.Mydoom.W@mm is a mass-mailing worm that attempts to perform a Distributed Denial of Service (DDoS) attack against www.symantec.com.

When W32.Mydoom.W@mm is executed, it performs the following actions:
  1. Creates the following registry keys:

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32Version
    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32Version
    HKEY_CURRENT_USERSoftwareMicrosoftDaemon
    HKEY_LOCAL_MACHINESoftwareMicrosoftDaemon
  2. Creates the mutex "Sept-Symantec-Attack" so that only one instance of the worm can be executed.
  3. Deletes the files in the Windows Temp folder.
  4. Inserts the following files:
    • %Temp%Services.exe: This file will be detected as Backdoor.Zincite.A.
    • %System%About_Mydoom.txt: This is a text file and should be manually deleted.
    • %System%Doompic.jpg: This is a JPEG file and should be manually deleted.
    • %System%log32zx.exe: This file will be detected as Keylogger.Trojan.
    • %System%Downxz.bat: This file will be detected as Download.Trojan.
  5. Copies itself as:
    • %System%oz11111.exe
    • %Windir%oz2.exe
More information and removal instructions
@symantec



ypager.exe

What is it?
Yahoo Instant Messenger - ypager.exe

What does it do?
ypager.exe - This is the tray bar for Yahoo's Instant Messenger application. I'm a big fan of trillian to connect to AIM, Yahoo, MSN all at the same time. If you have multiple tray bar applications for IM apps you should look into it.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of ypager.exe is C:Program FilesYahoo!Messengerypager.exe



winword.exe

What is it?
Microsoft Word - winword.exe

What does it do?
Microsoft Word is the most common professional level document reading and writing application on the market. Due to this you will find plenty of viruses floating around that will try to represent themselves as this file.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesMicrosoft OfficeVERSIONwinword.exe


Also .



wmplayer.exe

What is it?
Microsoft Windows Media Player - wmplayer.exe

What does it do?
This is an exe of the Windows Media Player which since its bundled with windows is the most common application out there for playing music and watching movies. If this process is running and you're not viewing or listening to any media then this is quite likely a BAD process that you should knock out right away. Even if it is the Media Player you can easily end the process without anything bad happening to your system.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesWindows Media Playerwmplayer.exe


Also .



winzip32.exe

What is it?
Winzip - winzip32.exe

What does it do?
Winzip has been the most popular file archive tool since the Win 95 days. It is used to easily extract from and add to various compressed archives for easier storage/transfer. Information on what file formats it supports go to this page.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesWinZipwinzip32.exe


Also .



WZQKPICK.EXE

What is it?
Winzip Tray Icon- wzqkpick.exe

What does it do?
Winzip has been the most popular file archive tool since the Win 95 days. It is used to easily extract from and add to various compressed archives for easier storage/transfer. Information on what file formats it supports go to this page.

This is a tray application. You really don't need to have it running unless you're currently extracting something.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesWinZipWZQKPICK.EXE


Also .



vptray.exe

What is it?
Norton AV Tray icon- vptray.exe

What does it do?
This executable belongs to Norton Antivirus and is nothing more than a try icon which gives you quicker access to various settings. I hate cluttered task bars so I personally would end this task from my startup list.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesSymantec_Client_SecuritySymantec AntiVirusvptray.exe



rtvscan.exe

What is it?
Real Time Virus scan (Symantec Security) - rtvscan.exe

What does it do?
Symantec Internet Security Suite is taking Norton AV to another level and scan the files as they enter your system instead of the usual scan right after they hit your system. You should not end this process if you have it running.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe


Also .



acroiefavclient.dll

What is it?
Adobe Acrobat IE plugin - acroiefavclient.dll

What does it do?
If you'd like to open your PDF documents directly in IE you will want to keep this file. This is the browser plugin.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll


Also .



acroiehelper.dll

What is it?
Adobe Acrobat IE ActiveX plugin - acroiehelper.dll

What does it do?
If you'd like to open your PDF documents directly in IE you will want to keep this file. This is the browser plugin.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll


Also .



AcroIEHelper.ocx

What is it?
Adobe Acrobat IE plugin - acroiehelper.ocx

What does it do?
If you'd like to open your PDF documents directly in IE you will want to keep this file. This is the browser plugin.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.ocx


Also .



SDHelper.dll

What is it?
Spybot Search & Destroy - sdhelper.dll

What does it do?
Spybot S&D resident IE protection, bad download blocker (BHO) Source:

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesSpybot - Search & DestroySDHelper.dll


Also .



realsched.exe

What is it?
Real Player Scheduler - realsched.exe

What does it do?

realsched.exe - The Real Player automatic update utility. It has no real functional purpose. I would certainly stop this from running on startup.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of realsched.exe is C:Program FilesCommon FilesRealUpdate_OBrealsched.exe


.



ctagent.dll

What is it?
Creative Software - ctagent.dll

What does it do?
This is bundled with Creative software If you have something like a Creative Labs soundcard in your system this file is OK. If you don't then you've got a problem. See also cthelper.exe

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSystem32ctagent.dll


Also .



cthelper.exe

What is it?
Creative Software - cthelper.exe

What does it do?
cthelper.exe - This is bundled with Creative software. It is designed to help third party developer build plugins and software to work alongside creatives software and hardware packages. If you have something like a Creative Labs soundcard in your system this file is OK. If you don't then you've got a problem.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of cthelper.exe is C:WINDOWSsystem32CTHELPER.EXE



NavShExt.dll

What is it?
Norton AV - navshext.dll

What does it do?
This file is a part of Norton AV. There is a common error while trying to uninstall Norton where this file fails to be removed. Their support page on this matter can be found here. You'll see a message that says: "Cannot delete navshext.dll. The specified file is being used by Windows." This happens even if the computer has been restarted in a clean boot or in Safe mode. The best fix is to unregister this .dll file and then delete the folder.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesNorton AntiVirusNavShExt.dll


Also .



acrotray.exe

What is it?
Adobe Acrobat Distiller - acrotray.exe

What does it do?
While printing large files to the PDF format this process may consume large chunks of your CPU. Do not end this process if you're printing something to PDF.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesAdobeAcrobat 6.0Distillracrotray.exe


Also .



nerocheck.exe

What is it?
Nero Check - nerocheck.exe

What does it do?
nerocheck.exe - This program constantly checks for known drivers that can conflict with our Nero/Nero Express/NeroVision Express software. And when you print or save the Nero log file, you will see this list of drivers that this program has found at the bottom of the Nero Log file.

Source:

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of nerocheck.exe is C:WINDOWSSystem32NeroCheck.exe



winampa.exe

What is it?
Winamp Agent - winampa.exe

What does it do?
winampa.exe? - Task bar tray icon for easy access to Winamp. If you're not familiar with what Winamp it is and always has been the greatest MP3 player on the planet. With the last bunch of releases this ranges from a basic media player all the way to a full media solution with ripping and burning all built into a single interface. Originally a "rebel" piece of software its now as commercialized and accepted as anything else out there. AOL actually even purchased it... Doesn't get much more commerical and/or accepted as that.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:PROGRAM FILESWINAMPWINAMPA.EXE



webscanx.exe

What is it?
Mcafee Web Scan - webscanx.exe

What does it do?
webscanx.exe? - This application is designed to scan and protect you from quite a few web based attacks such as viruses coming through your emails to activeX exploit protection and even the files you download. I would call this a vital process.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesMcAfeeMcAfee VirusScanWebscanx.exe



smc.exe

What is it?
Sygate Firewall - smc.exe

What does it do?
smc.exe - This is the firewall process that protects you from internet based attacks. I personally have not used this firewall since I use Zone Alarm.

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of smc.exe is C:PROGRAMASSYGATESPFSMC.EXE


Also .



dmserver.exe

dmserver.exe


What is it?
OrbitExplorer - dmserver.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

This is some adware that you really should get rid of. "OrbitExplorer.com is a website search engine catering to a wide varity of groups. The goals of OrbitExplorer.com are to provide the most relevant content to any search. Our content is organized into categories accessible from our front page, and is as well searchable via keywords.

OrbitExplorer is an advertising supported software application that provides you with additional content and advertisements based on the Web sites you visit most! " http://www.orbitexplorer.com/privacy.html


Removal Instructions:
Our guide has been posted here.


Also .



egnsengine.dll

egnsengine.dll


What is it?
Claria - egnsengine.dll

What does it do?
By far the widest spread form of adware. Claria is known by a number of names such as GAIN and Gator. Claria is the latest name change for a company that is very widely hated (all adware, spyware and malware companies are hated). Tons of "Free programs" install some variant of this ad serving software on your system to make that developer money. This approach to offering free software is NOT something that I currently or ever will approve of.

Removal Instructions:
I've posted my Claria Removal instructions here:



ctor.dll

ctor.dll


What is it?
Hotbar - ctor.dll

What does it do?
This is marketed as a way to add "skins" to your Internet Explorer and its toolbars. Most of the ads for this use babes in bikinis with large breasts or other things you'd want to stare out all day long. It would be perfectly fine if this program ONLY did this. The problem is it monitors every site you visit and displays advertisements in its toolbar that fit whatever site you're visiting.

Removal Instructions:
I've posted my Hotbar Removal instructions here:



mxtarget.dll

mxtarget.dll


What is it?
Twain-Tech - mxtarget.dll

What does it do?
Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.

Twain-Tech is installed on your computer as a module that comes with free software or content, when you downloaded it from the Internet. At that time, you accepted this Privacy Policy as part of the download process that you completed. It is our strict policy to distribute Twain-Tech only to users who have been given the opportunity to review and accept this privacy policy prior to the downloading of the TPS software.

Privacy Policy: http://www.twain-tech.com/privacy.htm

Removal Instructions:
Our Twain-Tech Removal guide has been posted here.


Also .



twaintec.dll

twaintec.dll


What is it?
Twain-Tech - twaintec.dll

What does it do?
Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.

Twain-Tech is installed on your computer as a module that comes with free software or content, when you downloaded it from the Internet. At that time, you accepted this Privacy Policy as part of the download process that you completed. It is our strict policy to distribute Twain-Tech only to users who have been given the opportunity to review and accept this privacy policy prior to the downloading of the TPS software.

Privacy Policy: http://www.twain-tech.com/privacy.htm

Removal Instructions:
Our Twain-Tech Removal guide has been posted here.


Also .



adm.exe

adm.exe


What is it?
TOPicks - adm.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

This bug delivers ads to you. They send you top sites for whatever category you're browsing through to try and be useful to your browsing. The toolbar sorta makes me think about Alexa, but Alexa doesn't show ads so it doesn't really bother me.

Removal Instructions:
Our TOPicks Removal guide has been posted here.


Also .



asm.exe

asm.exe


What is it?
TOPicks - asm.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

This bug delivers ads to you. They send you top sites for whatever category you're browsing through to try and be useful to your browsing. The toolbar sorta makes me think about Alexa, but Alexa doesn't show ads so it doesn't really bother me.

Removal Instructions:
Our TOPicks Removal guide has been posted here.


Also .



pilif.exe

pilif.exe


What is it?
pilif.exe is a file associated with the w32.Fili@mm worm.

What does it do?
W32.Fili@mm is a generic Visual Basic worm that propagates via Microsoft Outlook and through peer-to-peer file-sharing networks. It can also spread via mIRC.

When W32.Fili@mm runs, it performs the following actions:
  1. Copies itself to %System%pilif.exe.

    Note: %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Adds the value:

    "Pilif" = "%System%pilif.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun

    so that the worm runs when Windows starts.
  3. Creates the following files:
    • %System%adrbook
    • mIRC folderManifesto Anti Censore Pilif.txt.exe
  4. Searches for KaZaA, Morpheus, eDonkey, Grokster, limewire, ICQ, and WinMX-shared directories and copies itself as:
    • Norton 2004 crack
    • Kasperky AV Universal Key
    • Dark Coderz Alliance
    • Anti-hacker Utility
    • Cracks mega warez collection
    • Sex - totally free porn
    • Easy credit card validation
    • Yahoo hacker
    • Webmail official hacker
    • Free porn sites accounts
  5. Adds the value:
"DisableTaskMgr" = "00000001"

To the registry key:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
PoliciesSystem

to disable the task manager.

More info and removal instructions
@symantec



funny.exe

funny.exe


What is it?
funny.exe is a file associated with the w32.funner worm.

What does is do?
W32.Funner is a worm that spreads using Microsoft's Windows Messenger instant message program and modifies the hosts file.

When W32.Funner is executed, it performs the following actions:
  1. Copies itself as:
    • %System%IEXPLORE.EXE
    • %System%EXPLORE.EXE
    • %Windir% undll32.exe
    • %System%userinit32.exe
    • c:funny.exe

      and executes the first three files listed.

      Notes:
    • The three files make sure that the other two are running and will restart them if any are stopped.
    • These files require the MSVBVM60.DLL file, which is a component of the Microsoft Visual Basic run-time environment.
    • %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
    • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:Windows or C:Winnt.
  2. Creates a log file named %System%sfirst2.log.
  3. Adds the value:

    "Userinit"="userinit32.exe,"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon

    so that the userinit32.exe runs when you start Windows.
More info and Removal
@symantec



WinHook32.exe

WinHook32.exe


What is it?
WinHook32.exe is a file associated with the W32.mydoom.ac@mm worm

What does it do?
W32.Mydoom.AC@mm is a mass-mailing worm that launches a Denial of Service (DoS) attack against a remote server. It can also spread through file-sharing networks.
Copies itself as WinHook32.exe in the system folder
  1. Adds the value:

    "SystemWideHook for Windows NT" = "%WinHook32.exe"

    to the registry key:

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
    RunServices
  2. Adds the value:

    "Run" = "WinHook32.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion
    policiesExplorer
  3. Creates a mutex named "focDSJSODidvjfdsivraSDOSDoisdi", so that only one copy of the worm runs at once on the compromised system.
Searches for the Kazaa, Morpheus, and iMesh-shared folders by querying the registry. It also searches for the following folders:
    • C:Program FileseDonkey2000Incoming
    • C:Program FilesLimeWireShared
  1. Copies itself to the file share folders found, using the following file names:
    • MSNCracker2005.exe
    • GameCrack2005.exe
    • Windows_Activation.exe
    • XP_Crack.exe
    • Office2005.exe
    • Install.exe
    • Setup.exe
Removal

@symantec



syslogin.exe

syslogin.exe


What is it?
syslogin.exe is a file associated with the W32.Bagz@mm worm.

What does it do?
W32.Bagz@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses gathered from the infected computer.

When W32.Bagz@mm is executed, it does the following:
  1. Creates the following copy of itself:

    %System% utorial.doc <spaces> .exe

    Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Adds the value:

    "syslogin.exe" = "syslogin.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun

    so that the worm is executed every time Windows starts.
  3. Creates the following files:
    • %System%dl.exe
    • %System%syslogin.exe
  4. Disables the Windows firewall.
  5. Downloads and executes remote files.
  6. Installs its own network driver to bypass local firewalls.
Removal
@symantec



dl.exe

dl.exe


What is it?
dl.exe is a file associated with the W32.Bagz@mm worm

What does it do?
W32.Bagz@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses gathered from the infected computer.

When W32.Bagz@mm is executed, it does the following:
  1. Creates the following copy of itself:

    %System% utorial.doc <spaces> .exe

    Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Adds the value:

    "syslogin.exe" = "syslogin.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun

    so that the worm is executed every time Windows starts.
  3. Creates the following files:
    • %System%dl.exe
    • %System%syslogin.exe
  4. Disables the Windows firewall.
  5. Downloads and executes remote files.
  6. Installs its own network driver to bypass local firewalls.
Removal
@symantec



re_file.exe

re_file.exe


What is it?
re_file.exe is associated with the w32.beagle.ar@mm mass mailing worm.

What does it do?
W32.Beagle.AR@mm is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to the Mitglieder family of Trojans, that downloads the worm from an external source.

When W32.Beagle.AR@mm runs, it does the following:
  1. Creates seven mutexes with the following names, which prevent some variants of the W32.Netsky@mm family of worms from running:
    • MuXxXxTENYKSDesignedAsTheFollowerOfSkynet-D
    • 'D'r'o'p'p'e'd'S'k'y'N'e't'
    • _-oOaxX|-+S+-+k+-+y+-+N+-+e+-+t+-|XxKOo-_
    • [SkyNet.cz]SystemsMutex
    • AdmSkynetJklS003
    • ____--->>>>U<<<<--____
    • _-oO]xX|-S-k-y-N-e-t-|Xx[Oo-_
  2. Creates the following files:
    • %System%awindo.exe.
    • %System%awindo.exeopen (A copy of the worm with randomly appended data.)
    • %System%awindo.exeopenopen (A copy of the worm with randomly appended data.)
    • %System% e_file.exe
  3. Adds a value:


    "bawindo"="%System%awindo.exe"

    to the registry key:

    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun
Attempts to create copies of itself in any folder that contains the characters "shar". The files will have the following file names:
  • Microsoft Office 2003 Crack, Working!.exe
  • Microsoft Windows XP, WinXP Crack, working Keygen.exe
  • Microsoft Office XP working Crack, Keygen.exe
  • Porno, sex, oral, anal cool, awesome!!.exe
  • Porno Screensaver.scr
  • Serials.txt.exe
  • KAV 5.0
  • Kaspersky Antivirus 5.0
  • Porno pics arhive, xxx.exe
  • Windows Sourcecode update.doc.exe
  • Ahead Nero 7.exe
  • Windown Longhorn Beta Leak.exe
  • Opera 8 New!.exe
  • XXX hardcore images.exe
  • WinAmp 6 New!.exe
  • WinAmp 5 Pro Keygen Crack Update.exe
  • Adobe Photoshop 9 full.exe
  • Matrix 3 Revolution English Subtitles.exe
  • ACDSee 9.exe
More info and Removal
@symantec



vsvbvvsq.exe

vsvbvvsq.exe


What is it?
Vsvbvvsq.exe is a file associated with the W32.Mydoom.U@mm mass mailing worm.

What does it do?
W32.Mydoom.U@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer. The subject and message body vary, and the attachment has a .bat, .cmd, .exe, .pif, .scr, or .zip extension. It is similar to W32.Mydoom.P@mm.

When W32.Mydoom.U@mm is executed, it does the following:
  1. Copies itself as %System% askmon.exe.

    Notes:
      • Taskmon.exe is a legitimate file in the Windows 95/98/Me operating systems, but is in the %Windir% folder, not the %System% folder. (By default, this is C:Windows or C:Winnt.) Do not delete the legitimate file in the %Windir% folder.
      • %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
  2. Creates the file, %Temp%Message, and then opens it with Notepad.


    Note:
    %Temp% is a variable that refers to the Windows temporary folder. By default, this is C:WindowsTEMP (Windows 95/98/Me/XP) or C:WINNTTemp (Windows NT/2000).
  3. Creates a mutex, "SwebSipcSmtxS1," which allows only one instance of the worm to run in memory.
  4. Creates the registry key:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion
    ExplorerComDlg32Version
  5. Downloads a file from a predefined Web page as vsvbvvsq.exe, and then runs the file.
More info and Removal
@symantec



windrv32.exe

windrv32.exe


What is it?
windrv32.exe is a file associated with the W32.Mydoom.T@mm mass mailing worm

What does it do?
W32.Mydoom.T@mm is a mass-mailing worm that downloads a copy of Backdoor.Nemog.B.
Once W32.Mydoom.T@mm is executed, it performs the following actions:
  1. Creates the following copies of itself:
    • %System%windrv32.exe
    • %Userprofile%Start MenuProgramsStartupautostart.exe

      Notes:
    • %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
    • %Userprofile% is a variable that refers to the current user's profile folder. By default, this is C:Documents and Settings<Current User> (Windows NT/2000/XP).
  2. Downloads, saves, and executes a temporary file from one of the following domains:
  3. Adds the value:


    "WinSPF" = "%System%windrv32.exe"

    to the following registry keys:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun

    so that it is executed every time Windows starts.
More info and Removal
@symantec



bawindo.exe

bawindo.exe


What is it?
bawindo.exe is a file associated with the W32.Beagle.AR@mm mass-mailing worm

What does it do?
W32.Beagle.AR@mm is a mass-mailing worm that uses its own SMTP engine to spread. The email attachment is a downloader, similar to the Mitglieder family of Trojans, that downloads the worm from an external source.

When the w32.Beagle.AR@mm worm is executed it:

Creates the following files:

%System%awindo.exe.
%System%awindo.exeopen
%System%awindo.exeopenopen
%System% e_file.exe

Adds a value:

"bawindo"="%System%awindo.exe" to the registry key: HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun

deletes some registry values from the registry keys: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunAttempts to create copies of itself in any folder that contains the characters "shar". The files will have the following file names:
  • Microsoft Office 2003 Crack, Working!.exe
  • Microsoft Windows XP, WinXP Crack, working Keygen.exe
  • Microsoft Office XP working Crack, Keygen.exe
  • Porno, sex, oral, anal cool, awesome!!.exe
  • Porno Screensaver.scr
  • Serials.txt.exe
  • KAV 5.0
  • Kaspersky Antivirus 5.0
  • Porno pics arhive, xxx.exe
  • Windows Sourcecode update.doc.exe
  • Ahead Nero 7.exe
  • Windown Longhorn Beta Leak.exe
  • Opera 8 New!.exe
  • XXX hardcore images.exe
  • WinAmp 6 New!.exe
  • WinAmp 5 Pro Keygen Crack Update.exe
  • Adobe Photoshop 9 full.exe
  • Matrix 3 Revolution English Subtitles.exe
  • ACDSee 9.exe
More info and Removal
@symantec



Sysconf32.exe

Sysconf32.exe


What is it?
Sysconf32.exe is a file associated with the w32.Noomy.A@mm mass mailing worm

What does it do?
When W32.Noomy.A@mm is executed, it performs the following actions:
  1. Copies itself as %Windir%Sysconf32.exe.
  2. Adds the value:

    "Windows HTML files "="%Windir%Sysconf32.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
    so that the worm runs when you start Windows.

Copies itself to %System%SystemBck as the following file names:
  • XboxIso2RomConverter.exe
  • Ageofempires2crack.exe
  • AgeOfMythologyISO.exe
  • BattlenetkeygeneratorWORKS.exe
  • BritneyspearsNude.scr
  • Burnout2CarRacing.exe
  • Cablemodemuncapper.exe
  • CloneCDcrack.exe
  • CloneCDallversionskeygenerator.exe
  • Copyprotectionremover.exe
  • Crazytaxicrack.exe
  • CuteFTPPro30.exe
  • DivXcodecv6.0.exe
  • DivXnewestversion.exe
  • DivXpatch-Increasesquality.exe
  • DivXprokeygenerator.exe
  • Doom3Beta.exe
  • DragonballZCOMPLETEepisodeguide.exe
  • DragonballZepisode1.exe
  • DragonballZshootout.exe
  • GamecubeEmulatorWORKS.exe
  • FIFA2004crack.exe
  • GrandPrix4crack.exe
  • Grandtheftauto3CD1crack.exe
  • GTA3crack.exe
  • Hackintoanycomputer.exe
  • Half-lifeONLINEkeygenerator.exe
  • Half-lifeWONkeygenerator.exe
  • J-LONudeREAL.scr
  • JediKnight2crack.exe
  • KaZaAhack.exe
  • NBA2004crack.exe
  • AquaNox2crack.exe
  • UT2003bloodpatch.exe
  • Unreal2bloodpatch.exe
  • Battlefield1942bloodpatch.exe
  • AVPCrackNEW.exe
  • zoneallarmprocrack2004.exe
  • counterstrikerkeygen2004.exe
  • warcraft3keygen.exe
  • adness2.exe
  • N0RT0NANTIVIRUS2004.exe
  • Neverwinternightscrack.exe
  • Nokiasimlockremoverincludesnewmodels.exe
  • Nortonantivirus2002.exe
  • Rayman2Full.exe
  • ResidentEvilDivX.exe
  • Starwarsepisode2downloader.exe
  • TotalImmersionRacingISO.exe
  • Warcraft3battlenetserialgenerator.exe
  • Warcraft3ONLINEkeygenerator.exe
  • WinAPs2.exe
  • WindowsXPkeygenerator.exe
  • WindowsXPserialgenerator.exe
  • WindowsXPSP1key-Crack.exe
  • Winrarandcrack.exe
  • Winzip80serial.exe
  • WorkingIsoBurner.exe
  • XBOXemulatorWORKS.exe
  • Xboxinfo.exe
  • AnaKurnikovaVirualGirl2004.scr
  • Battlefield1942Bloodpatch.exe
  • AngelinaRealScreenSaver.scr
  • CounterStrikeHLDSv1.1.0.9.exe
  • DVDCoppierv1.5.7byCrash2004.exe
  • FunnyBush2004movieSeptember.scr
  • DVDRipperv1.3.2byCrash2004.exe
  • iWormMymoonremovetool2.5.exe
  • EvidenceEraserbyCrash2004.exe
  • McAffeeUtilitiesv3.11FinalbyR2P2K.exe
  • McAffeeUtilitiesv3.11byR2P2K.exe
  • NeroBurningROMv5.5.8.2Keygen.exe
  • NeroBurningROMv5.5.8.2Serial.exe
  • NeroBurningROMv5.5.8.2byCooKie.exe
  • SpyAgentRemoteControl1.05.exe
  • SpyCamv6.32.exe
  • SpyTechSpyAgentPersonalv3.00.00byAmoK.exe
  • StarCraftBroodWarv1.09byFR.exe
  • UnrealTournament2bloodpatch.exe
  • UnrealTournament2004Bloodpatch.exe
  • Windows2004Keygen.exe
  • WindowsXPKeyGen.exe
  • YahooPasswordHacker2004BF.exe
  • ZoneAlarmProv3.0.2.6byOrion.exe
  • Generalscrack.exe
  • Mirc7.0Crack.exe
  • NapsterClone.exe
  • PlayGamesOnlineForFREE.exe
  • Ps2Emulator.exe
  • Ps2Iso2RomConverter.exe
  • ShakiraDancing.scr
  • SoldierOfFortune2MutiplayerSerialHack.exe
  • SystemMonitor.exe
  • TheSimsGameCrack.exe
  • UniversalGameCrack.exe
  • Warcraft3Battle.netCrack.exe
  • XboxEmulator.exe
  • 1001nesroms.exe
  • windowsxpkeygen.exe
  • deadaim4.0.exe
  • deadaim4.0serial.exe
  • counterstrikemaphack.exe
  • counterstrikeaim_bot.exe
  • AliciaSilverstonePayboyNude.scr
  • Bingo.exe
  • BritneySpearsDanceBeat.scr
  • DDosClient2005.exe
  • EmailBomber447.exe
  • FileServer.exe
  • FlashGolf.exe
  • FreeMpegsLists.pif
  • FreePicsList.pif
  • FreePornLists.pif
  • HoesForYouSolitare.exe
  • J.LoBikiniScreensaver.scr
  • JennaJamisonDildoHumping.scr
  • KamaSutraTetris.exe
  • KazaaClone.exe
  • KaZaAmediadesktopv2.0UNOFFICIAL.exe
  • KaZaAspywareremover.exe
  • KeygeneratorforallwindowsXPversions.exe
  • Keygeneratorforoverreally.exe
More info and Removal instructions

@symantec



randreco.exe

randreco.exe


What Is It?
Second Thought - randreco.exe

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



wtoolss.exe

wtoolss.exe


What Is It?
Ibis Toolbar - wtoolss.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



preinsmt.exe

preinsmt.exe


What is it?
Twain-Tech - preinsmt.exe

What does it do?
Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.

Twain-Tech is installed on your computer as a module that comes with free software or content, when you downloaded it from the Internet. At that time, you accepted this Privacy Policy as part of the download process that you completed. It is our strict policy to distribute Twain-Tech only to users who have been given the opportunity to review and accept this privacy policy prior to the downloading of the TPS software.

Privacy Policy: http://www.twain-tech.com/privacy.htm

Removal Instructions:
Our Twain-Tech Removal guide has been posted here.


Also .



preinstt.exe

preinstt.exe


What is it?
Twain-Tech - preinstt.exe

What does it do?
Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.

Twain-Tech is installed on your computer as a module that comes with free software or content, when you downloaded it from the Internet. At that time, you accepted this Privacy Policy as part of the download process that you completed. It is our strict policy to distribute Twain-Tech only to users who have been given the opportunity to review and accept this privacy policy prior to the downloading of the TPS software.

Privacy Policy: http://www.twain-tech.com/privacy.htm

Removal Instructions:
Our Twain-Tech Removal guide has been posted here.


Also .



2ndsrch.dll

2ndsrch.dll


What Is It?
Second Thought - 2ndsrch.dll

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



btiein.dll

btiein.dll


What Is It?
Ibis Toolbar - btiein.dll

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



wtoolsb.dll

wtoolsb.dll


What Is It?
Ibis Toolbar - wtoolsb.dll

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



stcloader.exe

stcloader.exe


What Is It?
Second Thought - stcloader.exe

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



wtoolsa.exe

wtoolsa.exe


What Is It?
Ibis Toolbar - wtoolsa.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



cpuinf32.dll

cpuinf32.dll


What is it?
Backweb - cpuinf32.dll

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



incfin~1.dll

incfin~1.dll


What is it?
Euniverse.Incredifind - incfin~1.dll

What does it do?
Euniverse.Incredifind Removal - This is a hijacker that redirects data Euniverse.com All hijackers are scum and need to be removed immediately! What makes this so hard to remove is its a BHO that unless you use a program like HJT to destroy the Browser Help Object it will keep coming back!

Removal Instructions:
Our Euniverse.Incredifind Removal guide has been posted here.



backweb-7288971.exe

backweb-7288971.exe


What is it?
Backweb - backweb-7288971.exe

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



backweb-8876480.exe

backweb-8876480.exe


What is it?
Backweb - backweb-8876480.exe

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



saie.exe

saie.exe


What Is It?
Internet Optimizer - saie.exe

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



180ax.exe

180ax.exe


What Is It?
Internet Optimizer - 180ax.exe

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



idleui.dll

idleui.dll


What Is It?
Second Thought - idleui.dll

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



khooker.exe

What is it?
SiS Keyboard Daemon - khooker.exe

What does it do?
khooker.exe - System Tray utility which gets installed by the drivers of the latter day SiS VGA cards. Can cause errors at startup and isn't required

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:WINDOWSSystem32khooker.exe

Also found to be a part of WindUpdates Trojan Downloader. Removal Instructions here.



Adobe%20Gamma%20Loader.exe

What is it?
Adobe Gamma Loader - Adobe Gamma Loader.exe

What does it do?
Adobe Gamma Loader.exe - Adjusts monitor colours across all programs, including Photoshop. It is needed by some graphics professionals who want their monitor calibrated. Most home users will not need it. In my case I can verify this as Photoshop loads fine (Quoted From Startup DB)

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe



iadhide4.dll

iadhide4.dll


What is it?
Backweb - iadhide4.dll

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



backweb-137903.exe

backweb-137903.exe

What is it?
Backweb - backweb-137903.exe

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



SkypePM.exe

We Don't know! Please post a comment with information about this file



wintools.exe

wintools.exe


What Is It?
Ibis Toolbar - wintools.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



mwsoemon.exe

mwsoemon.exe


What Is It?
LinkGrabber 99 - mwsoemon.exe

What Does it Do?
LinkGrabber 99 is one of the more common forms of BHO adware which really can be hard to remove at times. This system will deliver popup ads to you while you are surfing. Brought to you by Netjumper.com

Removal Instructions:
Our LinkGrabber 99 Removal guide can be found here.



fash.exe

fash.exe


What Is It?
Ibis Toolbar - fash.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



actalert.exe

actalert.exe


What Is It?
Internet Optimizer - actalert.exe

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



optimize.exe

optimize.exe


What Is It?
Internet Optimizer - optimize.exe

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



salm.exe

salm.exe


What Is It?
180Search Assistant - salm.exe

What Does it Do?
180Search Assistant is generally installed by some other piece of spyware. This not only displays ads but logs your browsing habits to send back to 180! If you have this you most likely have several other programs that you need to uninstall.

Removal Instructions:
Our 180Search Assistant Removal guide can be found here.



sais.exe

sais.exe


What Is It?
180Search Assistant - sais.exe

What Does it Do?
180Search Assistant is generally installed by some other piece of spyware. This not only displays ads but logs your browsing habits to send back to 180! If you have this you most likely have several other programs that you need to uninstall.

Removal Instructions:
Our 180Search Assistant Removal guide can be found here.



webrebates.exe

webrebates.exe


What Is It?
eBates Moe MoneyMaker - webrebates.exe

What Does it Do?
eBates Moe MoneyMaker not only displays pop up ads but it interferes with many programs that try to prevent it from working properly. On top of this it also hijacks your browser and redirects you to sites where it can make money off of you. Removing this is a MUST.

Removal Instructions:
Our eBates Moe MoneyMaker Removal guide can be found here.



backweb.dll

backweb.dll


What is it?
Backweb - backweb.dll

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



saap.exe

saap.exe


What Is It?
180Search Assistant - saap.exe

What Does it Do?
180Search Assistant is generally installed by some other piece of spyware. This not only displays ads but logs your browsing habits to send back to 180! If you have this you most likely have several other programs that you need to uninstall.

Removal Instructions:
Our 180Search Assistant Removal guide can be found here.



jkill.exe

jkill.exe


What Is It?
180Search Assistant - jkill.exe

What Does it Do?
180Search Assistant is generally installed by some other piece of spyware. This not only displays ads but logs your browsing habits to send back to 180! If you have this you most likely have several other programs that you need to uninstall.

Removal Instructions:
Our 180Search Assistant Removal guide can be found here.



msbbhook.dll

msbbhook.dll


What Is It?
Internet Optimizer - msbbhook.dll

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



sagate.exe

sagate.exe


What is it?
sagate.exe is a file associated with the W32.gaobot.BOW worm

What does it do?
W32.Gaobot.BOW is a network-aware worm that has backdoor capabilities and can be controlled through IRC channels

When W32.Gaobot.BOW is executed, it performs the following actions:

Copies itself as %System%sagate.exe.

Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).

Adds the value:

"Sagate Security Firewall" = "sagate.exe"

to the registry keys:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion
RunServices

so that the W32.Gaobot.BOW runs when you start Windows.

Connects the backdoor component to the remote IRC server lud.b0b.org on TCP port 7000 and awaits commands from a remote attacker.

The backdoor allows the attacker to perform some of the following actions on the compromised system:
  • Download and execute files
  • Scan the network
  • List, stop, and start processes
  • Control the file system (Delete, create, and list files)
  • Launch Denial of Service (DoS) attacks
  • Perform port redirection
  • Start a socks proxy
  • Start an FTP server
  • Retrieve Windows product keys
Opens three randomly selected TCP ports.

Overwrites bystem%driversetchosts with the following lines:
  • 127.0.0.1 www.trendmicro.com
  • 127.0.0.1 trendmicro.com
  • 127.0.0.1 rads.mcafee.com
  • 127.0.0.1 customer.symantec.com
  • 127.0.0.1 liveupdate.symantec.com
  • 127.0.0.1 us.mcafee.com
  • 127.0.0.1 updates.symantec.com
  • 127.0.0.1 update.symantec.com
  • 127.0.0.1 www.nai.com
  • 127.0.0.1 nai.com
  • 127.0.0.1 secure.nai.com
  • 127.0.0.1 dispatch.mcafee.com
  • 127.0.0.1 download.mcafee.com
  • 127.0.0.1 www.my-etrust.com
  • 127.0.0.1 my-etrust.com
  • 127.0.0.1 mast.mcafee.com
  • 127.0.0.1 ca.com
  • 127.0.0.1 www.ca.com
  • 127.0.0.1 networkassociates.com
  • 127.0.0.1 www.networkassociates.com
  • 127.0.0.1 avp.com
  • 127.0.0.1 www.kaspersky.com
  • 127.0.0.1 www.avp.com
  • 127.0.0.1 kaspersky.com
  • 127.0.0.1 www.f-secure.com
  • 127.0.0.1 f-secure.com
  • 127.0.0.1 viruslist.com
  • 127.0.0.1 www.viruslist.com
  • 127.0.0.1 liveupdate.symantecliveupdate.com
  • 127.0.0.1 mcafee.com
  • 127.0.0.1 www.mcafee.com
  • 127.0.0.1 sophos.com
  • 127.0.0.1 www.sophos.com
  • 127.0.0.1 symantec.com
  • 127.0.0.1 securityresponse.symantec.com
  • 127.0.0.1 www.symantec.com
Attempts to copy itself to the following shares on randomly generated IP addresses:
  • admin$
  • print$
  • C$
  • D$
  • E$
using it's own list of user names and passwords

Sends HTTP GET messages to the following hosts (to measure connection speed):
  • yahoo.co.jp
  • www.nifty.com
  • www.d1asia.com
  • www.st.lib.keio.ac.jp
  • www.lib.nthu.edu.tw
  • www.above.net
  • www.level3.com
  • nitro.ucsc.edu
  • www.burst.net
  • www.cogentco.com
  • www.rit.edu
  • www.nocster.com
  • www.verio.com
  • www.stanford.edu
  • www.xo.net
  • de.yahoo.com
  • www.belwue.de
  • www.switch.ch
  • www.1und1.de
  • verio.fr
  • www.utwente.nl
  • www.schlund.net
Attempts to steal CD keys for a number of computer games

More info and Removal
@symantec



PDVDServ.exe

What is it?
PowerDVD Remote Control - PDVDServ.exe

What does it do?
Remote Control background application for CyberLink's PowerDVD version 5 and above. Enables you to use a remote control with your DVD drive if your drive came with one. Not required if you don't have a remote control, or don't wish to use one

Virus Precautions:
You'll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesCyberLinkPowerDVDPDVDServ.exe



wdskctl.exe

wdskctl.exe


What Is It?
IEPlugin Removal - wdskctl.exe

What Does it Do?
IEPlugin is an IE BHO that monitors web site addresses you visit, form contents and even your local file browsing! It also automatically updates and adds a few items to your favorites list. On top of this it will display ads when it finds certain keywords in your browser.

Removal Instructions:
Our IEPlugin Removal guide can be found here.



systb.exe

systb.exe


What Is It?
IEPlugin Removal - systb.exe

What Does it Do?
IEPlugin is an IE BHO that monitors web site addresses you visit, form contents and even your local file browsing! It also automatically updates and adds a few items to your favorites list. On top of this it will display ads when it finds certain keywords in your browser.

Removal Instructions:
Our IEPlugin Removal guide can be found here.



ebatesmoemoneymaker0.exe

ebatesmoemoneymaker0.exe


What Is It?
eBates Moe MoneyMaker - ebatesmoemoneymaker0.exe

What Does it Do?
eBates Moe MoneyMaker not only displays pop up ads but it interferes with many programs that try to prevent it from working properly. On top of this it also hijacks your browser and redirects you to sites where it can make money off of you. Removing this is a MUST.

Removal Instructions:
Our eBates Moe MoneyMaker Removal guide can be found here.



sep.dll

sep.dll


What Is It?
Ibis Toolbar - sep.dll

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



newdotnet6_38.dll

newdotnet6_38.dll


What Is It?
NewDotNet - newdotnet6_38.dll

What Does it Do?
NewDotNet is a browser hijacker and can update itself without any input from you. Anything that modifies your windows HOSTS file is a hijacker and we don't want it! The "purpose" of this is to add support for additional domains like .AGENT .INC .LOVE .SHOP .SPORT. We suggest you remove this.

Removal Instructions:
Our NewDotNet Removal guide can be found here.



saiehook.dll

saiehook.dll


What Is It?
Internet Optimizer - saiehook.dll

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here.



newdot~1.dll

newdot~1.dll


What Is It?
NewDotNet - newdot~1.dll

What Does it Do?
NewDotNet is a browser hijacker and can update itself without any input from you. Anything that modifies your windows HOSTS file is a hijacker and we don't want it! The "purpose" of this is to add support for additional domains like .AGENT .INC .LOVE .SHOP .SPORT. We suggest you remove this.

Removal Instructions:
Our NewDotNet Removal guide can be found here.



tvmbho.dll

tvmbho.dll


What Is It?
TVMedia - tvmbho.dll

What Does it Do?
TVMedia is generally installed by other forms of ad/spyware or the usual driveby ActiveX installation. It is your basic pop up adware. It collects information about your browsing and sends it to their main servers which makes it spyware. It can also download updates and additional programs without your permission.

Removal Instructions:
Our TVMedia Removal guide can be found here.



rh.exe

rh.exe


What Is It?
DownloadWare - rh.exe

What Does it Do?
DownloadWare is scum of nearly every variety! It's adware, downloader, toolbar, search hijacker AND a trojan all rolled into one. This is installed using ActiveX by a number of questionable sites. It will download and install a number of various applications from its advertisers which will further mess up your system. There is truly no reason why you'll ever want to leave this trash on your system. Remove it NOW!

Removal Instructions:
Our DownloadWare Removal guide can be found here.



bundleouter.exe

bundleouter.exe


What Is It?
Virtual Bouncer - bundleouter.exe

What Does it Do?
It's always funny when we see an anti spyware program supported by adware! Virtual Bouncer has spread enough so that we felt the need to tell you guys to REMOVE this program and go with a free solution. Yes the paid version is pretty nice but there's plenty of free alternatives out there.
Any program that is supported by ads and lacks a privacy policy should throw some pretty big flags up! I looked around their site and even googled looking for their privacy policy and found NOTHING. If google can't even find a privacy policy they simply don't have one.

Removal Instructions:
Our Virtual Bouncer Removal guide can be found here.



wros.exe

wros.exe


What Is It?
TVMedia - wros.exe

What Does it Do?
TVMedia is generally installed by other forms of ad/spyware or the usual driveby ActiveX installation. It is your basic pop up adware. It collects information about your browsing and sends it to their main servers which makes it spyware. It can also download updates and additional programs without your permission.

Removal Instructions:
Our TVMedia Removal guide can be found here.



preinsln.exe

preinsln.exe


What is it?
Ezula - preinsln.exe

What does it do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Our Ezula Removal guide has been posted here.



tvm.exe

tvm.exe


What Is It?
TVMedia - tvm.exe

What Does it Do?
TVMedia is generally installed by other forms of ad/spyware or the usual driveby ActiveX installation. It is your basic pop up adware. It collects information about your browsing and sends it to their main servers which makes it spyware. It can also download updates and additional programs without your permission.

Removal Instructions:
Our TVMedia Removal guide can be found here.



ebatesmoemoneymaker.exe

ebatesmoemoneymaker.exe


What Is It?
eBates Moe MoneyMaker - ebatesmoemoneymaker.exe

What Does it Do?
eBates Moe MoneyMaker not only displays pop up ads but it interferes with many programs that try to prevent it from working properly. On top of this it also hijacks your browser and redirects you to sites where it can make money off of you. Removing this is a MUST.

Removal Instructions:
Our eBates Moe MoneyMaker Removal guide can be found here.



cli.exe

What is it?
ATI Catalyst - cli.exe

What does cli.exe do?
cli.exe quote's are from the startup DB. There are 2 primary listings. One is called cli.exe systemtray and it is:
"System Tray access to ATI's CATALYST? CONTROL CENTER. Note that this has "SystemTray" appended to CLI.exe in the "Command" column of MSCONFIG. Not required to run the control center - which is available via a right-click on the desktop"

The second entry is called cli.exe runtime.
"ATI's CATALYST? CONTROL CENTER. Required if you want to change graphics settings on a regular basis but you must have internet access and Microsoft's .NET framework installed. Note that this has "runtime" appended to cli.exe in the "Command" column of MSCONFIG. If not you can start the program manually via Start -> Programs -> ATI Catalyst Control Center -> Advanced -> Restart Runtime "

Neither is needed by windows.



bling.exe

What is it?
RBOT-NI WORM!? - bling.exe

What does bling.exe do?
W32/Rbot-NI is a worm which attempts to spread to remote network shares. It also contains backdoor Trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process.

Removal:
Sophos has the full dirt ( HERE )



lsp.dll

lsp.dll


What Is It?
SAHagent - lsp.dll

What Does it Do?
SAHagent is a browser hijacker that monitors all of the sites you visit and inserts affiliate code wherever possible to make THEM money instead of the referring website. As a webmaster that earns income off some affiliate programs I believe this is a truly aweful hijacking. This is commonly bundled with some kind of "free" software like Grokster and IMesh to make money for the developers of that software. It will contact it's home servers and log information about the sites you visit. There is also an automatic update which can potentially install additional junk onto your system without your permission. There's really no reason I've been able to think of for this to NOT be removed immediately.

Removal Instructions:
Our SAHagent Removal guide can be found here.



cdaengine0400.dll

cdaengine0400.dll


What is it?
WildTangent - cdaengine0400.dll

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



bundle.exe

bundle.exe


What Is It?
SAHagent - bundle.exe

What Does it Do?
SAHagent is a browser hijacker that monitors all of the sites you visit and inserts affiliate code wherever possible to make THEM money instead of the referring website. As a webmaster that earns income off some affiliate programs I believe this is a truly aweful hijacking. This is commonly bundled with some kind of "free" software like Grokster and IMesh to make money for the developers of that software. It will contact it's home servers and log information about the sites you visit. There is also an automatic update which can potentially install additional junk onto your system without your permission. There's really no reason I've been able to think of for this to NOT be removed immediately.

Removal Instructions:
Our SAHagent Removal guide can be found here.



se.dll

What Is It?
IEPlugin Removal - se.dll

What Does it Do?
IEPlugin is an IE BHO that monitors web site addresses you visit, form contents and even your local file browsing! It also automatically updates and adds a few items to your favorites list. On top of this it will display ads when it finds certain keywords in your browser.

Removal Instructions:
Our IEPlugin Removal guide can be found here.



wdengine.dll

wdengine.dll


What is it?
WildTangent - wdengine.dll

What does it do?
This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all.

Removal Instructions:
WildTangent Removal Guide



sahagent.exe

sahagent.exe


What Is It?
SAHagent - sahagent.exe

What Does it Do?
SAHagent is a browser hijacker that monitors all of the sites you visit and inserts affiliate code wherever possible to make THEM money instead of the referring website. As a webmaster that earns income off some affiliate programs I believe this is a truly aweful hijacking. This is commonly bundled with some kind of "free" software like Grokster and IMesh to make money for the developers of that software. It will contact it's home servers and log information about the sites you visit. There is also an automatic update which can potentially install additional junk onto your system without your permission. There's really no reason I've been able to think of for this to NOT be removed immediately.

Removal Instructions:
Our SAHagent Removal guide can be found here.



180.dll

180.dll


What Is It?
180Search Assistant - 180.dll

What Does it Do?
180Search Assistant is generally installed by some other piece of spyware. This not only displays ads but logs your browsing habits to send back to 180! If you have this you most likely have several other programs that you need to uninstall.

Removal Instructions:
Our 180Search Assistant Removal guide can be found here.



6eo4svc.dll

6eo4svc.dll


What Is It?
VX2 - 6eo4svc.dll

What Does it Do?
VX2 is primarily a data mining form of spyware that monitors your activity and phones home. It can also install additional programs without you knowing which has a tendency to bring in pop ups and other bugs. There isn't anything good that comes from this and should be removed immediately. This can be pretty hard to completely remove from your system.

Removal Instructions:
Our VX2 Removal guide can be found here.



gcasdtserv.exe

What is it?
Giant AntiSpyware/Microsoft AntiSpyware - gcasdtserv.exe

What does it do?
Giant AntiSpyware proved to be one of the better spyware removing applications. Microsoft purchased this company and shortly after released their beta. For more information about this check with MS here.

Search for this item in the startup DB here.



gcasserv.exe

What is it?
Giant AntiSpyware/Microsoft AntiSpyware - gcasserv.exe

What does it do?
Giant AntiSpyware proved to be one of the better spyware removing applications. Microsoft purchased this company and shortly after released their beta. For more information about this check with MS here.



cdac11ba.exe

What is It?
C-dilla - cdac11ba.exe

What does it do?

C-dilla was purchased by Macrovision and used in their safecast technology which is used by quite a few major software developers for copy protection. Disabling this process may cause certain programs to no longer work. Some of the more common applications are turbotax and autocad.



stmain.dll

What is it?
MSN Toolbar - stmain.dll

What does it do?
This is the file that you will see in programs such as HJT that loads the MSN toolbar. If you want to keep your toolbar installed you'll have to leave this file alone.



wdfmgr.exe

What is it?
Windows Media Player 10+ - wdfmgr.exe

What does it do?
This process helps WMP10 compatibility with a range of applications and devices. It will also help make things like driver development easier.

http://www.microsoft.com/windows/wi...icesupport.aspx
http://www.microsoft.com/whdc/driver/wdf/wdf-intro.mspx



sahhtml.exe

What Is It?
SAHagent - sahhtml.exe

What Does it Do?
SAHagent is a browser hijacker that monitors all of the sites you visit and inserts affiliate code wherever possible to make THEM money instead of the referring website. As a webmaster that earns income off some affiliate programs I believe this is a truly aweful hijacking. This is commonly bundled with some kind of "free" software like Grokster and IMesh to make money for the developers of that software. It will contact it's home servers and log information about the sites you visit. There is also an automatic update which can potentially install additional junk onto your system without your permission. There's really no reason I've been able to think of for this to NOT be removed immediately.

Removal Instructions:
Our SAHagent Removal guide can be found here.



EasyShare.exe

EasyShare.exe


What is it?
Kodak Easyshare - EasyShare.exe

What does it do?
This is part of the software bundled with all Kodak cameras to manage the connection between your PC and your camera. If this is running and you don't have a Kodak camera you may have some form of malware



dfrgntfs.exe

dfrgntfs.exe


What is it?
Windows Defrag - dfrgntfs.exe

What does it do?
This is the process in Windows 2000 and XP that handles the file defragmentation process. This helps to speed up things like opening and reading files which will make it so that your applications run as fast as they can on your system. NEVER end this process, if you do it can cause corruption in whatever file it was processing when you ended it.



polall1r.exe

What is it?
Unknown Trojan - polall1r.exe

How to remove it?
This seems to get past HJT 1.99.0 somehow and the term polall1r.exe is near the top of our forum ref log for January so I thought I should post something about it. I've been searching for quite a while now and haven't found a valid application using this .exe or the .cab file that is related to it.

Boot into safe mode and search for and remove all instances of polall1r.exe and polall1r.cab. They are usually in temp directories but have it search your entire computer just to be safe.

Use HJT and remove any items in your startup list that seem to be randomly generated to help prevent this from coming back.



msbe.dll

what is it?
msbe.dll is a file associated with the trojan downloader TROJ_ISTBAR.MM

What does it do?
When executed, this trojan attempts to download spyware and adware files from the internet. It may also attempt to place links in the my favorites folder.

More info and Removal
You can find more info about the trojan downloader Troj_istbar.mm and msbe.dll from trend micro



wltrysvc.exe

What is it?
wltrysvc.exe is a program that is installed with some wireless connection devices.

What does it do?
wltrysvc.exe provides status information about the wireless connection options and conditions.

More info
You can find more info by keeping an eye on these google search results.

Watch for viruses and spyware associated with this file.



localnrd.dll

what is it?
localnrd.dll is a file associated with the trojan downloader TROJ_ISTZONE.B

What does it do?
The trojan virus attempts to download and execute spyware and adware programs from the internet.

Trend micro Antivirus detects localnrd.dll as ADW NRD.A

More info and Removal
You can find more info about the trojan downloader istzone.b and ADW_NRD.A from trend micro.



googletoolbar1.dll

what is it?
googletoolbar1.dll is a file related to google search tool for web browsers.

what does it do?
By installing google toolbar you gain the ability to:
  • Search the web with Google from any site
  • Eliminate annoying pop-up ads
  • Shop faster
  • fill in forms with one click.
for more information about google toolbar click here



crypserv.exe

what is it?
crypserv.exe is a program included with some trial software titles.

what does it do?
crypserve.exe is a program that renders trial software useless after a period of time, usually 30 days.



dva.386

What is it?
Dva.386 is a standard windows system file.
 
Default location is windowssystemdva.386
 
Whats it do?
dva.386 is a virtual device driver for windows video software.
 
More about dva.386 from suport.microsoft.com available here



lexpps.exe

What is it?
lexpps.exe is an application associated with lexmark printer software.

What does it do?
lexpps.exe is used to configure a printer as a network share.

More info
At the time of this writing lexpps.exe is not associated with viruses, spyware or adware. Keep an eye on this google search, Watch for any association with viruses, adware and spyware.



lexbces.exe

What is it?
lexbces.exe is an application included with the software and driver installation of certain lexmark network ready printers.

What does it do?
The application provides configuration of the internal network interface card that is included with lexmark network ready printers.

More info
At the time of this writing lexbces.exe is not associated with any malware
You will want to keep an eye on this google search. Watch for any association of lexbces.exe with viruses adware and spyware.



rmctrl.exe

What is it?
rmctrl.exe is an application installed with Power DVD

What does it do?
rmctrl.exe will let you use an Infrared wireless Remote control with power DVD software to control playback and other options.

More info
It is not currently associated with any virus or spyware
keep an eye on this google search for any association with viruses, adware and spyware.



idleproc.dll

What is it?
Originally idleproc.dll is a file included with AOL Unfortunately it is also associated with a kind of spyware known as a keylogger.

What does it do?
A Keylogger will create a log file of all keys pressed on the keyboard. It may send this file to a remote machine. Although I have not confirmed this there are roomers that this keylogger is used as part of the Parental controls of AOL so that parents can review what their kids have been doing online.

More info and Removal
Mcaffe has an application available for download called Stinger. It will detect and remove the keylogger along with other malware that might be on your system.



nopdb.exe

What is it?
nopdb.exe is a file associated with Symantec's Norton SystemWorks.

What does it do?
nopdb.exe might be a scheduling agent for a program called Speed Disk that is included in SystemWorks.

According to Symantec:
Speed Disk improves system performance by reorganizing the contents of your disk.

More info
You can read more about Norton SystemWorks at www.symantec.com

It is popular opinion that Speed Disk consumes resources and slows down read write access to the hard drive that it is working on. Apparently it is much like MS Defrag. I recommended that you reschedule the application to run at a time that will not inconvenience you by any system slowdowns it might cause.

At the time of this writing I did not find any significant risk related to viruses or adware/spyware related to the file. You will want to keep an eye on this google search look for any association of nopdb.exe with viruses, spyware or adware.



minibugtransporter.dll

What Is It?
Minibug / Weatherbug - minibugtransporter.dll

What Does it Do?
Minibug / Weatherbug isn't a major concern but it does has some potential privacy related things that you should be aware of. They do collect personally identifiable information. You will want to read over the EULA. A form of adware called My Search will also be installed on your system. You do get something decent out of this deal since you get reliable weather updates. If it weren't for the privacy issues and adware this would really be a nice program.

Removal Instructions:
Our MiniBug Removal guide can be found here.



wast2.exe

What is it?
Twain-Tech - wast2.exe

What does it do?
Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.

Twain-Tech is installed on your computer as a module that comes with free software or content, when you downloaded it from the Internet. At that time, you accepted this Privacy Policy as part of the download process that you completed. It is our strict policy to distribute Twain-Tech only to users who have been given the opportunity to review and accept this privacy policy prior to the downloading of the TPS software.

Privacy Policy: http://www.twain-tech.com/privacy.htm

Removal Instructions:
Our Twain-Tech Removal guide has been posted here.

Search Symantec
Also search Trend Micro.



psapi.dll

What Is It?
VX2 - psapi.dll

What Does it Do?
VX2 is primarily a data mining form of spyware that monitors your activity and phones home. It can also install additional programs without you knowing which has a tendency to bring in pop ups and other bugs. There isn't anything good that comes from this and should be removed immediately. This can be pretty hard to completely remove from your system.

Removal Instructions:
Our VX2 Removal guide can be found here.



systb.dll

What Is It?
IEPlugin Removal - systb.dll

What Does it Do?
IEPlugin is an IE BHO that monitors web site addresses you visit, form contents and even your local file browsing! It also automatically updates and adds a few items to your favorites list. On top of this it will display ads when it finds certain keywords in your browser.

Removal Instructions:
Our IEPlugin Removal guide can be found here.



counter.exe

What Is It?
DownloadWare - counter.exe

What Does it Do?
DownloadWare is scum of nearly every variety! It's adware, downloader, toolbar, search hijacker AND a trojan all rolled into one. This is installed using ActiveX by a number of questionable sites. It will download and install a number of various applications from its advertisers which will further mess up your system. There is truly no reason why you'll ever want to leave this trash on your system. Remove it NOW!

Removal Instructions:
Our DownloadWare Removal guide can be found here.



newdot~2.dll

What Is It?
NewDotNet - newdot~2.dll

What Does it Do?
NewDotNet is a browser hijacker and can update itself without any input from you. Anything that modifies your windows HOSTS file is a hijacker and we don't want it! The "purpose" of this is to add support for additional domains like .AGENT .INC .LOVE .SHOP .SPORT. We suggest you remove this.

Removal Instructions:
Our NewDotNet Removal guide can be found here.



sahuninstall.exe

What Is It?
SAHagent - sahuninstall.exe

What Does it Do?
SAHagent is a browser hijacker that monitors all of the sites you visit and inserts affiliate code wherever possible to make THEM money instead of the referring website. As a webmaster that earns income off some affiliate programs I believe this is a truly aweful hijacking. This is commonly bundled with some kind of "free" software like Grokster and IMesh to make money for the developers of that software. It will contact it's home servers and log information about the sites you visit. There is also an automatic update which can potentially install additional junk onto your system without your permission. There's really no reason I've been able to think of for this to NOT be removed immediately.

Removal Instructions:
Our SAHagent Removal guide can be found here.



symlcsvc.exe

What Is It?
Norton Security - symlcsvc.exe

What Does it Do?
This is one of MANY processes that are used by Norton Security (AV + Net Security) If its under the appropriate directory you'll have nothing to worry about. If you're experiencing slowdowns you'll want to upgrade your hard drive and/or your RAM. Norton is a resource hog.

Virus Precautions:
The normal location of this file is in this directory: C:Program FilesCommon FilesSymantec SharedCCPD-LC



msbb.exe

What Is It?
Internet Optimizer - msbb.exe

What Does it Do?
Internet Optimizer is an error page hijacker. This is commonly installed by other malware packages like Moneytree. This system is known to download and install additional packages which you don't want. If you have this then you likely have a number of other things you'll need to remove.

Removal Instructions:
Our Internet Optimizer Removal guide can be found here. Also found in BargainBuddy



frontpg.exe

Microsoft FrontPage is a part of MS Office and is a WYSIWYG HTML editor. If this process is running and you don't edit HTML pages using FP you will want to investigate further.



outlook.exe

Microsoft Outlook is a part of MS Office and is arguably the best email client available. If this process is running and you don't use outlook for checking your mail you will want to investigate further.



LeapFTP.exe

LeapFTP is an FTP client. You can download it and get more information from here. I personally use this to maintain this site since it is nice and basic and not "gay" like CuteFTP and others.



HijackThis.exe

This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here.



services.exe

services.exe is a part of Windows that manages the processes. Anytime a service starts or stops it is through services.exe. During system startup and shutdown is when this process sees most of its action. You should never end this process unless it is running outside of your windows system folder.



UltraMon.exe

UltraMon is a must have application for anybody using multiple monitors! My favorite feature is having a taskbar on each of monitors. That way everything being displayed on monitor #2 is not filling the taskbar on my main monitor.

Quoted from the developer:

UltraMon is a utility for multi-monitor systems, designed to increase productivity and unlock the full potential of multiple monitors.

  • efficiently move windows and maximize windows across the desktop
  • manage more applications with the Smart Taskbar
  • control application positioning with UltraMon Shortcuts
  • multi-monitor support for desktop wallpapers and screen savers
  • mirror your main monitor to secondary monitors for a presentation



UltraMonTaskbar.exe

UltraMon is a must have application for anybody using multiple monitors! My favorite feature is having a taskbar on each of monitors. That way everything being displayed on monitor #2 is not filling the taskbar on my main monitor.

Quoted from the developer:

UltraMon is a utility for multi-monitor systems, designed to increase productivity and unlock the full potential of multiple monitors.

  • efficiently move windows and maximize windows across the desktop
  • manage more applications with the Smart Taskbar
  • control application positioning with UltraMon Shortcuts
  • multi-monitor support for desktop wallpapers and screen savers
  • mirror your main monitor to secondary monitors for a presentation



avwupsrv.exe

This process handles the automatic updates for AntiVir. It does not appear to be a security threat.



FrameworkService.exe

FrameworkService.exe is the automatic update process for McAfee. It checks to make sure their software is up to date and protecting you from new threats that make their way into the wild. If you end this process your antivirus may become out of data and not protect you properly.



Mcshield.exe

Mcshield.exe is what scans every file being opened and every running process to provide you with "On-Access" protection. This is one of the core processes to McAfee. I believe you should always have an antivirus application scanning things as they are opened to help maximize your level of protection.



VsTskMgr.exe

VsTskMgr.exe is a vital part of McAfee Internet Security. Ending this process will prevent your AV from working properly. Nobody should ever be running without proper and up to date virus protection.



shstat.exe

shstat.exe handles the communication between the various McAfee processes that may be running on your system. This is a vital process to running McAfee Internet Security without any major issues.



TBMon.exe

Network Associates Error Reporting Tool - tool traps errors and requests submission to NAI for the purpose of betatesting new software. Ending this process may cause McAfee AV to quite working properly. This process is called TalkBack Monitor.



trillian.exe

trillian.exe is Trillian. Trillian is my favorite instant messaging application because it allows me to use Yahoo, MSN, ICQ, and AIM all in a single running application and manages my lists all in a single place. If you'd like to learn more about it go here.

Quote:
Trillian is a fully featured, stand-alone, skinnable chat client that supports AIM, ICQ, MSN, Yahoo Messenger, and IRC. It provides capabilities not possible with original network clients, while supporting standard features such as audio chat, file transfers, group chats, chat rooms, buddy icons, multiple simultaneous connections to the same network, server-side contact importing, typing notification, direct connection (AIM), proxy support, encrypted messaging (AIM/ICQ), SMS support, and privacy settings.

Without stealing your home page and with no other included software, pop-ups, or spyware, Trillian provides unique functionality such as contact message history, a powerful skinning language, tabbed messaging, global status changes (set all networks away at once), Instant Lookup (automatic Wikipedia integration), contact alerts, an advanced automation system to trigger events based on anything happening in the client, docking, hundreds of emoticons, emotisounds, shell extensions for file transfers, and systray notifications.



cvpnd.exe

cvpnd.exe is Cisco's VPN client. Virtual Private Network applications allow you to connect to remote servers with either encrypted or unencrpted connections. More information about this client can be found here.

Quote:

Simple to deploy and operate, the Cisco VPN Client allows organizations to establish end-to-end, encrypted VPN tunnels for secure connectivity for mobile employees or teleworkers. This thin design, IP security (IPSec)-implementation is compatible with all Cisco virtual private network (VPN) products.



SynTPLpr.exe

SynTPLpr.exe is Synaptics touchpad driver helper. Required for touchpad features to work. More information can be found here.

Quote:

Synaptics TouchPad? devices are touch-sensitive pads that sense the position of a person's finger on its surface to provide screen navigation, cursor movement, and a platform for interactive input. Synaptics TouchPad devices are the industry leading solution, known for their durability, reliability, and accuracy. Synaptics TouchPad solutions can be custom designed to meet your requirements for sizes, thickness, feature functionality and electrical interfaces.

Synaptics TouchPad devices also offer advanced device driver features that allow end users to customize their TouchPad device settings to meet their individual preferences.




SynTPEnh.exe

SynTPEnh.exe is Synaptics touchpad driver helper. Required for touchpad features to work. More information can be found here.

Quote:

Synaptics TouchPad? devices are touch-sensitive pads that sense the position of a person's finger on its surface to provide screen navigation, cursor movement, and a platform for interactive input. Synaptics TouchPad devices are the industry leading solution, known for their durability, reliability, and accuracy. Synaptics TouchPad solutions can be custom designed to meet your requirements for sizes, thickness, feature functionality and electrical interfaces.

Synaptics TouchPad devices also offer advanced device driver features that allow end users to customize their TouchPad device settings to meet their individual preferences.



gnotify.exe

gnotify.exe is Google Gmail_notifier. Alerts you when you have new Gmail messages.

Quote:
The Gmail Notifier is a downloadable Windows application that alerts you when you have new Gmail messages. It displays an icon in your system tray to let you know if you have unread Gmail messages, and shows you their subjects, senders and snippets, all without your having to open a web browser.



msnmsgr.exe

msnmsgr.exe is the main system process for Windows Messenger AKA Microsoft Messenger. You can get more information on this file here.

Quote:
Instant message in real time, get face-to-face with webcam, send messages to your friends' cell phones, or get the latest news with MSN Alerts. It's easy to explore all the ways to stay in touch!



radio.exe

radio.exe - This process is formradio userland logging tool on the web, this is non essential you should not terminate this process.



picsvr.exe

picsvr.exe - This is a hijacker that will intermittently change your system settings, this is usually installed with your consent diguised as something else, this is a registered security risk so it should be removed immediately.



ADeck.exe

ADeck.exe is a system tray application for VIA's sound cards which offers quick access to a number of sound card related items. If you don't use this application for its shortcuts you can simply end this process and remove it from your startup. It's a rather worthless tray icon.



tsmsvc.exe

tsmsvc.exe is associated with T-DSL SpeedManager which is mainly distributed in german. Translated information page here.

Quote:
With this software the channel transfer rate of the current DSL connection can be measured and indicated in the InterNet. The speed manager supports routing and multi-station systems, as well as all telephone systems with DSL functionality.

Thus you optimize your operating system for a maximum information flow-rate over a DSL connection in the InterNet. A connecting test between the PC and the DSL entrance permits a statement immediately to the function of the connection.



mirc.exe

mirc.exe is the process name for mIRC a shareware Internet Relay Chat client which seems to be the most popular IRC client. More information can be found here.

Quote:
mIRC is a shareware IRC client for Windows. It is developed and copyrighted by Khaled Mardam-Bey. mIRC is a highly configurable IRC client with all the goodies other clients on UNIX, Macintosh and even on windows offer, combined with a *nice* and clean user interface. mIRC offers full color text lines, DCC File Send and Get capabilities, programmable aliases, a remote commands and events handler, place sensitive popup menu's, a great Switchbar, World Wide Web and sound support, and... a lot more. mIRC is shareware but not crippled in any way...



perl.exe

perl.exe is the windows Perl command interpreter. More commonly found as a part of POPFile an E-mail spam blocker

Quote:
POPFile is an automatic mail classification tool. Once properly set up and trained, it will scan all email as it arrives and classify it based on your training. You can give it a simple job, like separating out junk e-mail, or a complicated one?like filing mail into a dozen folders. Think of it as a personal assistant for your inbox.



mysqld.exe

mysqld.exe is the windows MySQL server daemon. For use either on a server or a development workstation. More information can be found here.

Quote:
MySQL AB develops and markets a family of high performance, affordable database servers and tools. Our mission is to make superior data management available and affordable for all. We contribute to building the mission-critical, high-volume systems and products worldwide.



nprotect.exe

nprotect.exe is Norton Protected Recycle Bin from Norton Utilities. Adds an extra layer of safety before you remove deleted files from the Recycled Bin. Can be listed twice which is valid.



locator.exe

locator.exe is a vital windows system process which is used to maintain a database of valid RPC's on your system. RPC stands for Remote Procedure Call. More information about it can be found here.

Quote:
RPC is a powerful technique for constructing distributed, client-server based applications. It is based on extending the notion of conventional, or local procedure calling, so that the called procedure need not exist in the same address space as the calling procedure. The two processes may be on the same system, or they may be on different systems with a network connecting them. By using RPC, programmers of distributed applications avoid the details of the interface with the network. The transport independence of RPC isolates the application from the physical and logical elements of the data communications mechanism and allows the application to use a variety of transports.



SDMCP.exe

SDMCP.exe is Stardocks desktopX which allows you to customize your windows desktop. More information on stardock products can be found here. DesktopX specific information can be found here.

Quote:

DesktopX is a multi-faceted Windows desktop enhancer that allows significant enhancement to the Windows experience by allowing users to completely customize the look, feel, and function of the desktop.

DesktopX enhances Windows by enabling users to replace or enhance their Windows icons with DesktopX objects, add new functionality to their desktop (clocks, calendars, stock tickers, media players, resource monitors, etc.) by adding mini-applets called widgets. Or they can replace their entire desktop at once by downloading DesktopX "themes" that can totally alter the existing Windows desktop.




tardisnt.exe

tardisnt.exe is a shareware program the synchronizes your clock with various time servers. More information can be found here.

Quote:
Tardis is a shareware utility for Windows that makes sure your PC?s clock tells the right time. It can find out what the right time is in various ways including accessing Internet-based Atomic Clocks, using networked timeservers, GPS (The Global Positioning System), Radio clocks, and by listening for time broadcasts over a LAN.

The Service version of Tardis 2000 runs as a Windows NT/2000/XP/2003 "service", just like other services that come as standard with Windows.




PRPCUI.exe

PRPCUI.exe - This process is from Intel this process monitors your laptops power source, this is an autostarting process, for a safe computer do not remove.



AcctMgr.exe

AcctMgr.exe is Norton? Password Manager - part of Norton SystemWorks 2004 - stores passwords and other personal information, and retrieves the data needed for email logins, shopping orders, banking, and other online activities?all from the safety of your own PC



optool.exe

optool.exe is Opera Tool. More information can be found here.

Quote:
Optool (formerly Operatool, now Optional Browser tool or Open-in-another-browser-tool - or whatever you like!) for MS Windows is a freeware utility which easily allows you to open a given web site in another browser. Use it if your preferred browser doesn't show the site properly or if you are a developer and want to check the page in several browsers without the hassle of cutting and pasting the URL. Additionally, version 2.0 adds some very useful features to navigate to the parent or root URL of the web site, or to close all windows of the current application or even all running browsers!



Opera.exe

Opera.exe is an alternative web browser. More information can be found here. I personally prefer FireFox.

Quote:
The most full-featured Internet power tool on the market, Opera includes pop-up blocking, tabbed browsing, integrated searches, and advanced functions like Opera's groundbreaking E-mail program, RSS Newsfeeds and IRC chat. And because we know that our users have different needs, you can customize the look and content of your Opera browser with a few clicks of the mouse.



avgamsvr.exe

avgamsvr.exe is a part of AVG antivirus. More information can be found here.

Quote:
AVG for workstations provide comprehensive antivirus protection for personal computers. The unique combination of detection methods (heueristic analysis, generic detection, scanning and integrity checking) ensures that your computer receives the maximum protection possible on multiple levels (Resident Shield, Email Scanner plug-ins, Personal Email Scanner, On-Demand and other tests, etc.). It is available as AVG Professional Single Edition for single workstation protection and AVG SoHo Edition (Small office - Home office) for home or small offices.



avgupsvc.exe

avgupsvc.exe is a part of AVG antivirus. More information can be found here.

Quote:
AVG for workstations provide comprehensive antivirus protection for personal computers. The unique combination of detection methods (heueristic analysis, generic detection, scanning and integrity checking) ensures that your computer receives the maximum protection possible on multiple levels (Resident Shield, Email Scanner plug-ins, Personal Email Scanner, On-Demand and other tests, etc.). It is available as AVG Professional Single Edition for single workstation protection and AVG SoHo Edition (Small office - Home office) for home or small offices.



ICQ.exe

ICQ.exe is ICQ. more information can be found here.

Quote:
ICQ (short for 'I Seek You') is about creating simple, massively popular ways to communicate online. From the first internet-wide instant messaging service launched in 1996, ICQ is CNET's all time most popular download and was labeled the world's fastest growing community.
Today, with over 150 million registered users, ICQ stands for messaging on any platform, incredible global reach, one of the largest and most active global communities, and by far the coolest way to find, meet people & connect.



TeaTimer.exe

TeaTimer.exe is Spybot Search and Destroys resident protection which prevents unauthorized system changes. More information can be found here.

Quote:

The Resident TeaTimer is a new tool of Spybot-S&D which perpetually monitors the processes called/initiated. It immediately detects known malicious processes wanting to start and terminates them giving you some options, how to deal with this process in the future: You can set TeaTimer to:

  • be informed, when the process tries to start again
  • automatically kill the process
  • or generally allow the process to run

There is also an option to delete the file associated with this process.

In addition, TeaTimer detects, when something wants to change some critical registry keys. TeaTimer can protect you against such changes again giving you an option: You can either "Allow" or "Deny" the change.

As TeaTimer is always running in the background, it takes some resources of about 5 MB.




soundman.exe

System Tray icon for the Realtek AC97 Audio Sound Manager for AC97 onboard audio. Available via Start -> Settings-> Control Panel.

It adds shortcuts to various configuration settings in your taskbar. I personally wouldn't ever useit since all of the options are in the control panel.

You can read more about Realtek AC97 audio here.



SpeedMgr.exe

SpeedMgr.exe is T-Online ISP SpeedManager - shows upload and download speed. Also checks for updates automatically more information can be found here.

Quote:
With that
t-DSL Speed managers keep you at any time the overview of the momentary extent of utilization of their t-DSL Connection. That t-DSL Speed manager contains also an extensive installation and function test, with that you problems with the structure of their t-DSL Connection also without expertise fast to repair know.



scanregw.exe

scanregw.exe Scans the system registry and makes back-ups at start-up. Important should the registry become corrupt. The executable "Scanregw.exe" is located in %windir% (where %windir% is the Windows directory - C:Windows or C:Winnt) More information can be found here.

Quote:
Windows Registry Checker automatically scans the system registry for invalid entries and empty data blocks when it is started. If invalid registry entries are detected, Windows Registry Checker automatically restores a previous day's backup. This is equivalent to running the scanreg /autorun command from a command prompt. If no backups are available, Windows Registry Checker tries to make repairs to the registry. This is equivalent to running the scanreg /fix command from a command prompt. If the registry contains more than 500 KB of empty data blocks, Windows Registry Checker automatically optimizes it.



taskmon.exe

taskmon.exe - The Task Monitor checks the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful. Note: for Norton Anti-Virus 2002 users, loading TaskMonitor will typically solve many, if not most, of those annoying IE scripting errors (per Symantec's Knowledgebase)



UsrPrmpt.exe

UsrPrmpt.exe is a part of Symantec AntiVirus and we're currently unsure of its exact purpose. If you find any documents with a detailed description ofwhat this process does please let us know.



symtray.exe

symtray.exe Keeps all System Tray icons for Norton SystemWorks together to reduce clutter. SystemWorks includes Norton Anti-Virus, Norton Utilities and Norton CleanSweep - mentioned elsewhere here. Personally I only have Norton eMail Protect running which doesn't need SymTray



quotes.exe

Quotes 2002 is a fun utility that lets you manage your e-mail signature files, categorize and use quotations in your e-mail. Left-click the Quotes system tray icon and see a random quotation for an occasional grin. Brighten the day with a fun, historic, philosophical, or encouraging quotation.

More information can be found here.



eDonkey2000.exe

eDonkey2000.exe is a popular filesharing program. More information can be found here.

Quote:
eDonkey contains the most advanced peer to peer filesharing technology available. It is robust, fast and easy to use.

  • Elegant easy to use interface
  • International versions. Now available in many languages
  • Share and Download any type of file.
  • Downloads are automatically continued from session to session.
  • Completely distributed and self organizing network. No central servers.
  • Horde Anti-leeching system (see side bar)
  • Multiple source downloads. Download a file from several different users at once.
  • Network wide searches (see side bar)
  • Support for other download protocols such as http and bittorrent
  • Private messaging
  • Simultaneous uploading and downloading of the same file. Providing the fastest distribution of files possible.
  • Dynamic ports. eDonkey can be configured to run over any port.
  • Plugin System
  • Skins
  • ed2k links. You can embed links in webpages that will initiate downloads within eDonkey.
  • Statistics. Keep track of how much your client is sending and receiving
  • Multiple search tab interface
  • Automatic fake file detection



Symtrdr.exe

Keeps all System Tray icons for Norton SystemWorks together to reduce clutter. SystemWorks includes Norton Anti-Virus, Norton Utilities and Norton CleanSweep - mentioned elsewhere here. Personally I only have Norton eMail Protect running which doesn't need SymTray



tbps.exe

tbps.exe is a part of WebSearch toolbar, HuntBar parasite variant

HuntBar is a search-hijacker from Traffic Syndicate, with various additional features depending on version.



ffisearch.exe

ffisearch.exe is a part of iSearch "Desktop Search" hijacker Removal instructions can be found here.



ehSched.exe

ehSched.exe - This process is from Microsoft Media center scheduler service it installed sheduled updates to your computer for this product for a safe computer this is important.



fsav32.exe

fsav32.exe - This is a process with F-secure antivirus, for a safe computer do not remove



fssm32.exe

fssm32.exe - This is a process with F-secure antivirus, for a safe computer this should not be removed.



ptask.exe

Added by unidentified adware- recognized by Kaspersky antivirus as Trojan-Downloader.Win32.Small.adg

Sophos has a pair of removal guides

Troj/Dloader-GR
Troj/Dloader-FY



packager.exe

What is it?
Packager.exe is a windows application that came about with windows 95 it is normally located in the WINDOWSSYSTEM32 directory

What does it do?
When an OLE client creates an embedded object from a dropped file, it inserts a packaged object that refers to the dropped file. The OLE server for a packaged object (an object of the Package class) is the Microsoft Windows Object Packager (PACKAGER.EXE) application. Packager supports associating a command line, a file, or an object with an icon.

More Info:
http://support.microsoft.com/default.aspx?scid=kb;en-us;86270



BootSkin.exe

BootSkin.exe is a part of Stardocks bootskin application. You can find more information here.

Quote:
Stardock BootSkin is a program that allows users to change their Windows 2000 and Windows XP boot screens.

Unlike other programs that can change the Windows XP boot screens, BootSkin does so in a safe manner. It doesn't patch the Windows XP kernel. Nor does it require the user to download replacement Windows XP kernels to do so.




aston.exe

aston.exe is a part of Aston Shell replacement. More information can be found here.

Quote:
Aston shell is a powerful and flexible shell replacement application.
Unlike many competing products, you do not have to have an expensive powerful computer to run Aston. Combining high speed and eye-candy it consumes less RAM, than default Windows shell and needs few processor resources. It is fast and stable, so you can save your computer's power for other tasks.

Aston fully replaces standard Windows Desktop and adds numerous new features:



OPScan.exe

OPScan.exe is a core component of Norton AV without it your AV may not function properly. It is highly recommended that you leave this process running.



TBPSSvc.exe

TBPSSvc.exe is a part of the Neo Toolbar. There's several variants of this. Please use our HJT log analyzer and HJT forum to make sure you get rid of it all.



wanmpsvc.exe

wanmpsvc.exe is a part of AOL's WAN miniport service. Your internet connection may get goofy after removing this so consider yourself warned.



tgcmd.exe

This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. "tgcmdprovidersbc" is for SBC Yahoo DSL. One Toshiba user reports problems with hibernate on his laptop if disabled -this is your choice, it is a potential privacy issue but might cause problems.



lxbrbmgr.exe

Lexmark printer button manager. Required for correct operation



lxbrbmon.exe

This has something to do with your Lexmark printer but we're not sure exactly what it does.



lxbrcmon.exe

lxbrcmon.exe is related to your Lexmark printer but currently unsure of its exact purpose.



avgcc.exe

AVG Anti-Virus 7.0 Control Center. Allows you to manage and control all AVG Anti-Virus components, settings and updates



avgemc.exe

AVG Anti-Virus 7.0 Email Cleaner. Scans incoming and outgoing email for viruses



PIB.exe

PIB.exe is a part of the PIB toolbar spyware. Removal instructions can be found here.

HJT should show a line that looks like this:
O4 - HKLM..Run: [PIB] C:PROGRA~1ToolbarPIB.exe
simply clean that and its gone.



RoboTaskBarIcon.exe

Roboform - password manager and web form filler. Will work without this startup entry, as the "active" component is an integrated Internet Explorer browser plugin More information can be found here.

Quote:

Save and Remember Online Passwords
Every other site these days forces you to create a UserID and Password combination. RoboForm saves the day by saving the online passwords (AutoSave dialog) and then filling login forms from the saved data (AutoFill dialog).



aoltray.exe

aoltray.exe is nothing more than a tray icon that provides shortcuts to various AOL tools. If your system tray is cluttered this should go for sure.



HotTray.exe

eFax Messenger Tray Menu system tray icon for eFax Messenger Plus. Available via Start -> Programs. Disabling instructions available here



Dllcmd32.exe

eFax Send button for eFax Messenger Plus. Available via Start -> Programs Disabling instructions available here



IMApp.exe

IMApp.exe is spyware!? You'll want to read up on this thread for more information. I wouldn't risk it ;) I'd yank this sucker off my system.



waol.exe

waol.exe is one of the main parts of AOL. I have to put this into the spyware category because a CWS variant uses this process name. It is most likely AOL but triple check to make sure that this is in fact AOL.



shellmon.exe

shellmon.exe is a part of AOL and may not be needed for it to work properly.



aolwbspd.exe

aolwbspd.exe - AOL topspeed related??



azureus.exe

What is it?

Azureus.exe is a file associated with bit torent

what does it do?

Azureus offers multiple torrent downloads, queuing/priority systems (on torrents and files), start/stop seeding options and instant access to numerous pieces of information about your torrents.

More info:

http://azureus.sourceforge.net/



excel.exe

what is it?

excel.exe is the main Microsoft excel application executable

what does it do?

Improve the way you turn data into information using powerful tools to analyze, communicate, and share your results

More info:

http://www.microsoft.com/Office/Excel/prodinfo/default.mspx



RioMSC.exe

What is it?

RioMSC.exe is the main application executable for Rio Music Manager

What does it do?

Rio Music Manager, designed to help you find and organize music on your computer, and then copy that music on to your Rio player.

More info:

http://www.digitalnetworksna.com/rioaudio/MusicManager.asp



stisvc.exe

What is it?

stisvc.exe is? a still image device?service that is part of windows 2000 WIA software

What does it do?

Windows Image Acquisition (WIA) enables imaging programs, such as Microsoft Picture It! 2000, Kodak Imaging, or Adobe Photoshop, to communicate with imaging devices such as digital cameras and scanners.

More info:

http://support.microsoft.com/default.aspx?scid=kb;en-us;266348



asr_fnt.exe

What is it?

asr_fnt.exe is a file dropped by the wootbot.ge worm.

What does it do?

This worm exploits the Windows LSASS vulnerability to propagate across networks. This vulnerability is a buffer overrun that allows remote code execution.

More info:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_WOOTBOT.GE



AdManKeep.exe

What is it?

AdManKeep.exe is a file associated with WinAD spyware

What does it do?

Admanager Controller is a software that provides targeted advertising offers. It generates pop-up advertisements on the system where it is installed.

When executed, it asks first if the user accepts the End-User License Agreement (EULA) before completely installing itself on the machine.

More info:

http://www.trendmicro.com/vinfo/grayware/graywareDetails.asp?SNAME=ADW%5FWINAD%2EM



AdManCtl.exe

What is it?

AdManCtl.exe is a file associated with the WinAd spyware.

What does it do?

Admanager Controller is a software that provides targeted advertising offers. It generates pop-up advertisements on the system where it is installed.

When executed, it asks first if the user accepts the End-User License Agreement (EULA) before completely installing itself on the machine.

More info:

http://www.trendmicro.com/vinfo/grayware/graywareDetails.asp?SNAME=ADW%5FWINAD%2EM



bargains.exe

What Is It?
Bargains.exe is a file associated with the bargains buddy adware

What Does it Do?
BargainBuddy is a BHO that displays advertisements when certain keywords are shown on websites. This can give you pop unders and checks for updated versions of itself every time your computer starts.

Removal Instructions:
Our BargainBuddy Removal guide can be found here.



incdsrv.exe

What is it?

incdsrv.exe is the primary executable for the Ahead INCD application.

What does it do?

Rewritable CDs and DVDs can be formatted to allow them to be written from any program, as if they were large disks or hard drives.

More info:

http://www.nero.com/us/InCD_4_prev.html



ServUDaemon.exe

What is it?

ServUDaemon.exe is the primary executable of the Serv-U FTP client

What does it do?

Serv-U began as the personal project of Rob Beckers around 1994 in an attempt to create a usable FTP server that didn't sacrifice security

More info:

http://www.serv-u.com/features.asp?Prod=su



ULCDRSvr.exe

What is it?

ULCDRSVr.exe is associated with Ulead cd/dvd software.?

What does it do?

If you have Ulead software installed,?leave it running.

More info:

for more information about ulead software visit www.ulead.com



agrsmmsg.exe

agrsmmsg.exe is installed as a part of an IBM AMR modem driver. Since this is a software modem your connection probably won't work correctly without this process running.



systray.exe

What is it?

Your PC's system tray - Systray.exe

What does it do?

Systray.exe is the?windows service?which handles your system tray - the collection of icons found typically at the bottom right hand of your screen. MS also describe it as:

Systray.exe is a tool for system taskbar notifications. The taskbar provides a location for programs and hardware devices to display icons. For example, if your computer supports advanced power management (APM), a Battery Meter icon can appear on the taskbar.

Virus Precautions

Systray.exe is legitimately found in C:WINDOWSSYSTEM32, but?has been known to host viruses and trojans, and being the popular file that it is, it has also been passed off by many viruses and trojans in different folders. Some of?these include:

32.Ghotex.A - Symantec
Backdoor.IRC.Aladinz.P - Symantec
Backdoor.IRC.Mutebot - Symantec
IRC/Flood.av - NetworkAccosiates
W32.HLLP.Systemp - Symantec

In any case, this Google search should keep you up to date on any virus found to reside in systray.exe or create its own phony systray.exe.

How can you tell if your systray.exe is infected outside of a virus scanner? It is said under Windows2000 and XP systray.exe should NOT be displayed in your list of processes in the taskmanager. If you find systray.exe in your taskmanager chances are you have an infection.



kernel32.dll

What is it?

kernel32.dll is a very important?Windows system file.

What does it do?

Kernel32.dll is considered?the core of the Windows opperating system. It handles Memory addressing, Input/output, Interupts etc.

More info:

There are a few common?error popups that list kernel32.dll as the culprit.?Search microsofts knowledge base at support.microsoft.com for more about kernel errors and patches to fix them.

Keep an eye on this [url=http://www.google.com/search?hl=en&lr=&q=KERNEL32.DLL+%2Bvirus+%2Bspyware+%2Badware]google search[/url] Watch for kernel32.dll with viruses, spyware adware.



LXBFBMGR.EXE

what is it?

LXBFBMGR.EXE is?a file included with the install of some lexmark printers.

What does it do?

not sure about this one. It's included with the lexmark x6100 series software install. The file is?normally located at C:PROGRAM FILESLEXMARK X6100 SERIESLXBFBMGR.EXE

If you?are using?a lexmark?x6100 series?printer or have installed lexmark printer?applications you can leave it

More info:

www.lexmark.com



aswUpdSv.exe

What is it?

aswUpdSv.exe is an executable file that is included with the avast! anti virus program

What does it do?

aswUpdSv.exe handles automatic updates for the avast anti virus program.

Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.

If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.

More info:

http://www.avast.com/



btwdins.exe

What is it?

btwdins.exe is an?application for bluetooth wireless communication devices.

What does it do?

Senses the presence of bluetooth enabled devices in the area of?the PC that is equiped with the?bluetooth transceiver.

There are over 1200 unique Bluetooth enabled products on the market ranging from automobiles to personal computers, mobile phones to pulse oximeters. There are over 2000 companies, worldwide, that build Bluetooth wireless technology into their products.

More info:

http://www.bluetooth.com/help/tech.asp

[url=http://www.microsoft.com/hardware/mouseandkeyboard/features/bluetooth.mspx]www.microsoft.com[/url]?bluetooth info



SPBBCSvc.exe

SPBBCSvc.exe is a part of Symantec Internet Security. Stopping SPBBCSvc.exe can cause things like your antivirus to no longer operate properly.



smss32.exe

smss32.exe is added by a number of worms and even a spyware application! We haven't found a single valid application of this file.
AGOBOT.MB
RBOT.MS
RBOT.CB
AGENT-AU TROJAN!
and Adware downloader - recognized by Kaspersky antivirus as Trojan-Proxy.Win32.Agent.cj



AOLDial.exe

AOLDial.exe is exactly what it sounds like. This runs when you're dialing into AOL. Generally activated through a desktop application or some AOL icon somewhere on your system.



AOLSP Scheduler.exe

AOLSP Scheduler.exe is AOL's spyware protection program. It runs based upon a set schedule which is where the scheduler part of the filename comes in. Please don't rely on this as your only form of protection from spyware. Give Microsoft's entry a try along with ad aware and spybot. You really can't be too cautious now can you?



xpsp2fw.exe

xpsp2fw.exe has only been found in reference to SMALL-RN TROJAN!



aim.exe

aim.exe is AOL's instant messaging application. Like ICQ, MSN and Yahoo you can send messages to your friends instantly if they're online. Faster than email! More information can be found here.



aoltpspd.exe

aoltpspd.exe is AOL's TopSpeed technology which speeds up your internet connection. You can safely end this but your net connection may not work as fast as it did before.



ExtractorService.exe

What is it?
ExtractorService.exe is a file associated with Symantec DeepSight Analyzer application

Whats it do?
DeepSight is a utility which submits users incidents anonymously and automatically to the Symantec Event Database. This information is then used to help monitor and analyze suspicious internet activity.


More info:
http://analyzer.symantec.com/



ExtractorServiceNPF04.exe

What is it?
ExtractorServiceNPF04.exe is a file associated with Symantec DeepSight Analyzer application

Whats it do?
DeepSight is a utility which submits users incidents anonymously and automatically to the Symantec Event Database. This information is then used to help monitor and analyze suspicious internet activity.


More info:
http://analyzer.symantec.com/



AOLacsd.exe

AOLacsd.exe is AOL's Access Daemon. Is something that constantly monitors your net connection to make sure you stay connected. If you're dropped for any reason it will reconnect you. Shouldn't be needed for using AOL for net access but you just never know YMMV.



DefWatch.exe

DefWatch.exe is a part of Norton Antivirus. By Symantec Corporation and is the virus definition monitor that will make sure your virus definitions do not get too horribly outdated. You should leave this process running so your definitions don't get out of date.



iaantmon.exe

iaantmon.exe is a part of Intel's application accelerator. This application is known to provide a pretty noticeable boost to your ATA activities if you're using an Intel chipset. This is basically a replacement for your windows driver which is optimized for newer Intel chipsets.



SavRoam.exe

SavRoam.exe is a part of Symantecs Antivirus. This process provides roaming user support. Going through a few google searches I wasn't able to track down exactly what is handled by the roaming user process.



mqsvc.exe

What is it?

mqsvc.exe is the executable file of the microsoft message queuing service.

What does it do?

Microsoft Message Queueing (MSQS)?provides guaranteed message delivery, efficient routing, security, and priority-based messaging. It can be used to implement solutions for both asynchronous and synchronous messaging scenarios.

More info:

Everything you ever wanted to know about MSQS can be found at [url=http://www.microsoft.com/windows2000/technologies/communications/msmq/default.asp]microsoft.com[/url]



GIANTAntiSpywareMain.exe

What is it?

GIANTAntiSpywareMain.exe is microsofts?anti spyware application

What does it do?

Microsoft Windows AntiSpyware (Beta) is a security technology that helps protect Windows users from spyware and other potentially unwanted software

More info:

[url=http://www.microsoft.com/athome/security/spyware/software/about.mspx]microsoft.com[/url]



imonnt.exe

imonnt.exe is Intel's motherboard monitor. More information can be found here.

Quote:

Intel? Active Monitor Screen

Intel? Active Monitor is an alerting utility created by Intel and available exclusively on Intel? Desktop Boards1. As PCs increase in performance and decrease in size, monitoring the cooling and overall system health becomesmore important. The Intel Active Monitor works with specialized sensors on your Intel Desktop Board to constantly monitor the system's temperatures, power supply voltages, and fan speeds. If temperatures become extremely hot or asystem fan or power supply fails, the user is immediately notified.




selmcoll.exe

What is it?

selmcoll.exe is a file associated with?GFI Lan Gaurd Security Event monitor application.

What does it do?

GFI LANguard Security Event Log Monitor (S.E.L.M.) performs event log based intrusion detection and network-wide event log management. GFI LANguard S.E.L.M. archives and analyzes the event logs of all network machines and alerts you in real time to security issues, attacks and other critical events

more info:

http://www.gfistore.com/pc/viewCat_P.asp?idCategory=7



tb2launch.exe

from the doc : "With Timbuktu Pro, you can control or observe a remote PC or Macintosh, from anywhere on your network, including dialing in from off campus. Timbuktu is especially helpful for user support and management of remote servers. You can also transfer files between Macintosh and PC platforms easily, without using a server. More information is available on the Netopia Web site."

To remove this spyware you will want to visit Pest Patrol's page here.



imontray.exe

imontray.exe is Intel's active monitor tray icon. More information can be found here.

Quote about active monitor:

Intel? Active Monitor ScreenIntel? Active Monitor is an alerting utility created by Intel and available exclusively on Intel? Desktop Boards1. As PCs increase in performance and decrease in size, monitoring the cooling and overall system health becomesmore important. The Intel Active Monitor works with specialized sensors on your Intel Desktop Board to constantly monitor the system's temperatures, power supply voltages, and fan speeds. If temperatures become extremely hot or asystem fan or power supply fails, the user is immediately notified.




selmarch.exe

What is it?

selmarch.exe is a file associated with GFI Languard Security Event Log Monitor application

What does it do?

GFI LANguard Security Event Log Monitor (S.E.L.M.) performs event log based intrusion detection and network-wide event log management. GFI LANguard S.E.L.M. archives and analyzes the event logs of all network machines and alerts you in real time to security issues, attacks and other critical events.

More info:

http://www.gfistore.com/pc/viewCat_P.asp?idCategory=7



selmalrt.exe

What is it?

selmalrt.exe is a file associated with GFI Languard application

What does it do?

GFI LANguard Security Event Log Monitor (S.E.L.M.) performs event log based intrusion detection and network-wide event log management. GFI LANguard S.E.L.M. archives and analyzes the event logs of all network machines and alerts you in real time to security issues, attacks and other critical events.

More info:

http://www.gfistore.com/pc/viewCat_P.asp?idCategory=7



WallWatcher.exe

WallWatcher.exe is a firewall watcher. More information can be found here. Everybody with a paranoid color of orange or worse better use this.

Quote:

  • provides filtering, immediate alerts, emailed alerts, historical analysis, summaries, and charts
    • filters let you choose what data and time periods to log, display, analyze, and chart
    • alerts offer real-time visual and audible signals of possible intrusion attempts
    • historical analysis helps you find patterns of recent intrusion attempts
    • summaries condense log histories for easier review
    • user-selectable charts let you spot patterns of suspicious activities



thunderbird.exe

thunderbird.exe os Thunderbird! Thunderbird is an alternative to outlook for all of your mail and RSS needs. More information can be found here. OK, I'll admit I've been too lazy to convert and still use Outlook. Please do not shoot me, I'm a slacker.

Quote:
Thunderbird gives you a faster, safer, and more productive email experience. We designed Thunderbird to prevent viruses and to stop junk mail so you can get back to reading your mail. Read on to find out more about the reasons why you should use Thunderbird as your mail client and RSS reader.



BHODemon.exe

BHODemon.exe straight up rocks! It checks all of the BHO's on your system and lets you know if they're safe or not. You can get more information here.

Quote:

Think of BHODemon as a guardian for your Internet Explorer browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually.? It also monitors your Registry and alerts you when a BHO is installed.? Best of all, BHODemon knows about the most common BHOs - the good ones, and the not-so-good ones!

BHODemon is free, runs in the "tray" area, and works on Windows 95 or later operating systems (in other words, Windows 95, Windows 98, Windows 98SE, Windows ME, Windows NT4, Windows 2000, and Windows XP).




ATnotes.exe

ATnotes.exe Loads the ATnotes program for virtual sticky notes for your desktop.

With ATnotes, you will never miss important events or lose information. You can organize your notes by using folders, set alarm, change color or font and send your note to your colleagues. See introduction for more info.



tinyspell.exe

Tinyspell - "allows you to easily and quickly check the spelling of words in any Windows application. Monitors your typing on the fly, alerts you whenever it detects a misspelled word, and checks the spelling of every word you copy to the clipboard"

Quote:
Occasionally you need to check the spelling of words in an application that does not include a spelling checker and you don't want to launch your word processor just for that. This is when tinySpell becomes handy. It is a small utility that allows you to easily and quickly check the spelling of words in any Windows application. tinySpell monitors your typing on the fly and alerts you whenever it detects a misspelled word. It also checks the spelling of every word you copy to the clipboard.
tinySpell installs itself in the system tray for easy access. It comes with an American-English dictionary containing more than 110,000 words.



sgmain.exe

sgmain.exe is SpywareGuard which provides realtime protection from spyware. More information can be found here.

Quote:
The last release was 8-31-2003 and the last spyware definition was released on 1/22/04 but this remains one of the better tools out there that is freely available to help prevent spyware from getting on your machine. Below is a direct quote from the developer about this software;

SpywareGuard provides a real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard.

SpywareGuard now also features Download Protection and Browser Hijacking Protection!

Features Listing:

  • Fast Real-Time Scanning engine - catch and block spyware before it is executed (EXE and CAB files supported) with signature-based scanning for known spyware and heuristic/generic detection capabilities to catch new/mutated spyware
  • Download Protection - prevent spyware from being download in Internet Explorer
  • Browser Hijacking Protection - stop browser hijacking activity in real-time
  • SG LiveUpdate - provides an easy updating solution
  • Small size - with a small size and small definition sizes, download and updates are quick
  • Report Capabilities - keep a detailed log of all spyware detected
  • Spyware files are blocked before being opened or run - they are not simply shut down after they are loaded in memory (and after they have performed their tasks)
  • It's a free download



kmw_run.exe

kmw_run.exe is installed with a Kensington mouse driver. You can disable this process without anything bad happening. If you like the shortcuts it provides keep it. If you're a freak about conserving system resources ditch it.



F-StopW.EXE

F-StopW.EXE is F-Prot anti-virus background scanner by F-Risk Software.



KMW_SHOW.EXE

KMW_SHOW.EXE is Kensington mouseworks and is only need if you use some of the special features it provides like remapping the buttons.



K9.exe

K9.exe is a spam filter program. More information is available here.

Quote:

K9 is an email filtering application that works in conjunction with your regular POP3 email program and automatically classifies incoming emails as spam (junk email) or non-spam without the need for maintaining dozens of rules or constant updates to be downloaded. It uses intelligent statistical analysis that can result in extremely high accuracy over time.

K9 learns from its mistakes and becomes better and better at being able to identify spam. More importantly it learns to recognize what you consider to be spam.

K9 is for standard POP3 email accounts only. It does not directly support Hotmail, AOL or any other kind of webmail type systems, nor does it support SSL or secure authentication as used by MSN.




sgbhp.exe

sgbhp.exe is a part of spywareguard which is also available as SpywareBlaster. More information can be found here.

Quote:
This program is NOT for scanning and removing spyware that is already on your system but instead it offers protection for you to help prevent the crap from ever getting on your system! For all of you Internet Explorer users it will protect you from an ever growing list of ActiveX related driveby installations that hit so many people. It will also use the restricted zones feature of IE to completely block access to certain known bad domains. Both IE and Mozilla/FireFox users will benefit from ad cookie tracking which is classified as a form of spyware since it can track your visitation to a number of sites that use the same ad company.



msimn.exe

msimn.exe is Microsoft's free email reader Outlook Express. Everybody has it. Everybody uses it. Everybody hates it.

Typical MS product.

Complain all you want... You're using it aren't you?



Maxthon.exe

Maxthon.exe is the Maxthon browser which is based upon IE but considerably better. More information available here.

Quote:
Maxthon Internet Browser software is a powerful tabbed browser with a highly customizable interface. It is based on the Internet Explorer browser engine (your most likely current web browser) which means that what works in the IE browser will work the same in Maxthon tabbed browser but with many additional efficient features like...



OneTouch.EXE

OneTouch.EXE is Hewlett Packard One Touch keyboard driver. Required if you use the additional keys

It is also used by Maxtor with external hard drives to handle various tasks like data backup by pushing a button.



DirectCD.exe

DirectCD.exe is DirectCD which is the classic Adaptec CD creation software. Allows you to do things like write things to disc through Windows Explorer in a simple drag/drop copy/paste interface. More information here.

Quote:

DirectCD is a program that allows you to write files directly to a CD-Recordable (CD-R) or CD-ReWritable (CD-RW) disc in much the same way that you copy files to a floppy diskette or removable drive.

DirectCD lets you read and write your files directly to your CD with any software application that can read from and write to a drive letter. Some examples include:

> Software applications, such as Microsoft Word, when you use the "Save" or "Save As" commands

>Windows Explorer when you drag and drop files




RealPlay.exe

RealPlay.exe is Real Player.

This industry-standard, streaming-media player undergoes a face-lift and emerges with a downloadable music store and enhanced jukebox capabilities. Though not groundbreaking, the RealPlayer music store gets a thumbs-up for being easy to use and offering a flexible DRM policy. The new jukebox features let you make playlists, rip CDs, burn custom mixes, and listen to hundreds of online radio stations, The interface, though better than previous versions, still feels cluttered, sluggish, and confusing. On the bright side, audio and video quality is crisp and clear. The program still suffers from the intrusive installation, file-type hijacking, and upgrade harassment that have plagued it since its inception. Overall, though, RealPlayer has taken steps in the right direction. Users of earlier versions certainly should upgrade.



ymsgr_tray.exe

ymsgr_tray.exe is the Yahoo Instant Messenger tray application. If you don't want Yahoo automatically starting on you when you connect to the internet end this process. Kill this from your system startup also if you don't want it to automatically connect.



spoolss.exe

What is it?

spoolss.exe is the microsoft windows printer spool subsytsem application.

What does it do?

lotsa printing stuff. Not much else... A printer spool is an organised buffer space to hold documents in a specific order ready to print, as the printer becomes available the spool sends a particular document or print job to the printer.

More info:

[url=http://www.microsoft.com/windowsserver2003/technologies/fileandprint/print/default.mspx]microsoft.com[/url]



InCD.exe

InCD.exe is sorta like adaptecs directcd. You can write to your CDs through windows explorer as if they were hard drives. More information can be found here.

Quote:

Write to CDs and DVDs as if they were hard drives!

With the help of InCD 4, rewritable CDs and DVDs can be formatted to allow them to be written from any program, as if they were large disks or hard drives.

Simply drag and drop the required data from Windows Explorer to the RW drive and the data will be saved on the medium.
Files can be saved, renamed and deleted, just as with other rewritable storage media such as floppy or hard disk.




persfw.exe

persfw.exe is Kerio's personal firewall. More information can be found here.

Quote:
Tiny Firewall 6 is the greatest security solution for the windows based host presented to general public to date. The suite of features covers the protection from various angles - from network security, file and registry protection, application launch control and management through signature based Intrusion detection and Prevention.

Most importantly - these security features are packed into user friendly tools - such as Track'n Reverse tool which allows to erase changes made to the computer by the applications. Whenever you are unsure about the application behavior - just put it into the Track'n Reverse mode knowing that all your files and registry will be protected and the changes including the deletions could be brought back.



SymWSC.exe

SymWSC.exe is a part of Symantec security center and may cause some symantec products to quit working properly if you kill this process.



msnappau.exe

msnappau.exe is a part of the MSN toolbar. This process initiates automatic updates of the toolbar. I personally hate toolbars and IE in general. killing this process is up to user preference.



msoffice.exe

msoffice.exe is a Microsoft office shortcut bar. I personally put shortcuts to anything I use frequently enough in my Quick launch. I think this "helper" bar is pointless and should be removed but some people actually like it.



devldr32.exe

devldr32.exe is installed with Creative Lab's sound cards. This process is need if you plan on running any of the Creative applications like AudioHQ.



cuteftppro.exe

cuteftppro.exe is CuteFTP. This is one of the more popular FTP clients. More information can be found here.

Quote:
Cute FTP? 6.0 Professional integrates state-of-the-art security standards to ensure that confidential business data stays that way. You can maximize bandwidth throughput, download from multiple sites while uploading or browsing, automatically update Web content and customize data management processes all in one cost-effective application.



ftpte.exe

ftpte.exe is a part of CuteFTP one of the more popular FTP clients. This process is a background helper process to CuteFTP which handles a number of things highlighted by scheduled transfers.



COM.EXE

What is it?

Com.exe is the communications link application for the Uninteruptable power suply monitoring software.

What does it do?

After UPSMAN starts as a background program, it collects data from the UPS and displays pre-defined messages for any UPS events that occurs.

More info:

http://www.generex.de/index2.html



COM_SRV.EXE

What is it?

COM_SRV.EXE is the communications link application for the Uninteruptable power suply monitoring software.

What does it do?

After UPSMAN starts as a background program, it collects data from the UPS and displays pre-defined messages for any UPS events that occurs.

More info:

http://www.generex.de/index2.html



war-ftpd.exe

war-ftpd.exe is a free FTP server. More information can be found here.

Quote:
War FTP Daemon is the original free FTP server for Windows. When it was released in 1996, it bacame an instant success. After that, the server has earned its status as one of the "essential" Internet Server Applications for Windows.

Unlike many other "free" Windows applications, War FTP Daemon contains absolulely no spyware or adware. The program is designed to transfer files to and from the server, according to your demands - and nothing else. There are no backdoor, no advertizing pop-ups, no "reporting home" nonsense or any other hidden "features". The only security or privacy risk with the (at any time) latest version of War FTP Daemon, is misconfigurations or yet undiscovered bugs.



MON_SRV.EXE

What is it?

MON_SRV.EXE?is the?monitoring service application for the Uninteruptable power suply monitoring software.

What does it do?

After UPSMAN starts as a background program, it collects data from the UPS and displays pre-defined messages for any UPS events that occurs.

More info:

http://www.generex.de/index2.html



TrueImageMonitor.exe

TrueImageMonitor.exe is a part of Acronis True Image. Which is a data backup system. More information available here.

Quote:

Acronis True?Image allows you to create an exact disk image for complete system backup and disk cloning providing the most comprehensive data protection.

The disk backup file contains the exact copy of a hard disk, including all the computer data, operating system, and programs.

After a system crash you can restore the entire system or simply replace lost files and folders from your disk backup.



LogiTray.exe

LogiTray.exe is a tray icon which gives you quick shortcuts to a number of features for your Logitech webcam. It may be needed by some of the software installed with your camera.



MON.EXE

What is it?

MON.EXE?is the?monitoring application for Uninteruptable power suply monitoring software.

What does it do?

After UPSMAN starts as a background program, it collects data from the UPS and displays pre-defined messages for any UPS events that occurs.

More info:

http://www.generex.de/index2.html



rasman.exe

What is it?

rasman.exe is the windows remote access service Connection Manager application

What does it do?

RAS Connection Manager is Microsoft's managed remote access client. It allows an administrator to build a remote access configuration package to be distributed to the administrator's remote users. For more information on Connection Manager and the Connection Manager Administration Kit, see the online help for Microsoft Windows?2000 Server and later operating systems.

More info:

www.microsoft.com



fppdis2a.exe

What is it?

fppdis2a.exe is the spool service for the Fineprint PDF factory software and printer driver.

What does it do?

pdfFactory products offer a unique approach to PDF creation that is simpler, more effective and less expensive than that offered by other programs. pdf factory is the standard version for creating pdf files, and?pdf factory pro?is for those who need secure PDFs

More info:

http://www.fineprint.com/products/pdffactory/index.html



msconfig.exe

What is it?

Microsoft Configuration utility - MSConfig.exe

What does it do?

MSConfig.exe is a "user friendly" front end for editing system files such as win.ini and autoexec.bat. This file does not exist on Windows2000 or WindowsXP machines it would seem, as a legitimate file it was only used in the 9x series of Windows.

Virus Precautions

MSConfig.exe?was a popular file back in the 9x days and since it was left out of 2000 and XP, it would make sense a virus, or in this case a worm, would create it and pass it off as a normal Windows file. This such worm is Winur, a worm found in some popular P2P programs. More information including removal at Symantec.



nvmixertray.exe

What is it?

Nvidia Audio Control - NVMixerTray.exe

What does it do?

This is a file?designated to give the user access to audio controls such as volume via the system tray for Nvidia audio chipsets.

Virus Precautions

At this point in time, this file doesn't seem to be associated with any virus as such - but keep up to date with this search for any future occurances.



ISSVC.exe

ISSVC.exe is a vital part of Norton Internet Security. Without it running your system will be vulnerable to attacks.



getright.exe

getright.exe is Getright one of the original download managers. It used to be packed with spyware but they seem to have cleaned up their act. The makers of spybot cleared them so they're OK in my book. More information can be found here.

GetRight works with your web browser to help you download files from the Internet.
GetRight can accelerate your downloads and can recover downloads if errors occur (resume downloading). GetRight has many other advanced features such as scheduling, automatic dialing, and file searching



Skype.exe

Skype.exe is Skype which is a VOIP system. More information is available here.

Quote:
Skype in a nutshell.

Our software?s quick and easy to get started with. Download, register, install, plug in your headset, speakers or USB phone and start calling your friends. The calls have excellent sound quality and are highly secure with end-to-end encryption. You don?t even need to configure your firewall or router or any other networking gear. It just, you know? works.




winFAH.exe

winFAH.exe is Folding at home which is a distributed computing project that started out of stanford. If you don't know what it is then most likely it was installed without you knowing it. That has happened quite a bit. The people of our distributed computing forum can give you more information about this or help you get rid of it. Forum.



VersionCueTray.exe

VersionCueTray.exe -? "An exclusive feature of the Adobe? Creative Suite, Version Cue? helps you find files fast, track multiple versions of your files, and share your files for creative collaboration"



Promon.exe

Promon.exe is a diagnostic tool for Intel network card. This is a systray process which offers shortcuts to a number of otherwise hard to find tools.



FahCore_65.exe

FahCore_65.exe is Folding at home which is a distributed computing project that started out of stanford. If you don't know what it is then most likely it was installed without you knowing it. That has happened quite a bit. The people of our distributed computing forum can give you more information about this or help you get rid of it. Forum.



apiwo32.exe

apiwo32.exe CoolWebSearch malware.



StyleXPService.exe

StyleXPService.exe StyleXP is a pretty cool application to customize windows. More information can be found here.

Quote:
Style XP supports native Microsoft visual styles instead of a non-Microsoft skinning engine. As a result, skinning in Style XP will not slow down your computer as other skinning software can.



RAM_XP.exe

RAM_XP.exe is a RAM idle program from tweaknow. All RAM idle type applications are a scam and a waste of money. They will not improve your performance in any way. More information about this program can be found here.

Quote:
RAM Idle Professional is a smart memory management program that will keep your computer running more efficiently, faster, and longer. RAM Idle works by freeing up physical RAM wasted by Windows and other applications. RAM Idle also includes cache and startup managers that make it easy to optimize Windows.



alcmtr.exe

What is it?

Realtek AC97 Monitor?- ALCMTR.EXE

What does it do?

ALCMTR.EXE is not really much of a spyware to worry about if your main concern is system performance as it isn't a resource hog?spyware, however it still is spyware that basically collects information from your PC and sends it to Realtek, providers of the popular AC97 audio chip found in many onboard sound solutions.

Removal Instructions

Most popular spyware removal programs will get rid of this, such as HijackThis.



istsvc.exe

What is it?

Intergrated Search Technologies - istsvc.exe

What does it do?

istsvc.exe is spyware at its most annoying - on any infected system, it will monitor browsing habbits and send the information back to base, which is analysed for marketing purposes. This process will also display popup adverts on your system, probably targeted based on your browsing habbits where possible. It should be removed without hesitation.

Removal Instructions

Most popular spyware removal programs will get rid of this, such as HijackThis.



WarTrayIcon.exe

WarTrayIcon.exe is the Tray icon for War FTP.

War FTP Daemon is the original free FTP server for Windows. When it was released in 1996, it bacame an instant success. After that, the server has earned its status as one of the "essential" Internet Server Applications for Windows.

Unlike many other "free" Windows applications, War FTP Daemon contains absolulely no spyware or adware. The program is designed to transfer files to and from the server, according to your demands - and nothing else. There are no backdoor, no advertizing pop-ups, no "reporting home" nonsense or any other hidden "features". The only security or privacy risk with the (at any time) latest version of War FTP Daemon, is misconfigurations or yet undiscovered bugs.



LowLight.exe

LowLight.exe is a part of the Logitech webcam software. I haven't found anything solid on this process yet but I can assume its for low light situations and compensation.

When in a location like C:Program FilesLogitechVideoLowLight.exe it is safe.



winpatrol.exe

winpatrol.exe WinPatrol - "Manage Startup programs, tasks, cookies; will sniff out Worms, Trojan horses, Cookies, Adware, Spyware, Klez, Assumption and other malicious programs" More information can be found here.



kbd.exe

What is it?

Logitech Keyboard Configuration - KBD.EXE

What does it do?

KBD.EXE is a utility made by Logitech to configure extra keys found on some of their keyboards - obviously unique keys go beyond the capabilities of the?standard Windows keyboard control panel, so Logitech created this program allowing the end user to configure keys unique to their keyboards.

Virus Precations

At this point in time, there does not appear to be any major viruses or trojans associated with KBD.EXE. This google search should keep you up to date on any future threats.



GhostStartTrayApp.exe

GhostStartTrayApp.exe is the tray icon for Norton's Ghost. Ghost is a disk image backup system and has been around for a very long time. I remember first starting to use it back in the win95 days. More information about ghost can be found here.



iTouch.exe

iTouch.exe is an application used by Logitech keyboards. If your keyboard has "multimedia" or "internet" related extra buttons you will have to leave this process running to continue using these keyboard hotkeys.



daemon.exe

daemon.exe is the main executable of Daemon tools. It is used for breaking things like CD checks and running ISO's off your system. More information can be found here.

Quote:
DAEMON Tools is an advanced application for multiprotection emulation. It is further development of Generic Safedisc emulator and incorporates all its features. This program allows running Backup Copies of SafeDisc (C-Dilla), Securom, Laserlock, CDCOPS, StarForce and Protect CD (and many others) protected games. Also included is a Virtual DVDROM drive (Generic DVD-ROM) enabling you to use your CD images as if they were already burned to CD! DAEMON Tools works under Windows9x/ME/NT/2000/XP with all types of CD/DVDROM drives (IDE/SCSI) and supports nearly any CD protection.



wkcalrem.exe

wkcalrem.exe is Microsoft Work's Calendar reminder. If you use the MS Works suite to handle your calendar it will provide popup reminders to remind you of various events you need to be doing.



iTunesHelper.exe

iTunesHelper.exe belongs to Apples Itunes which is an online MP3 store. Ituneshelper.exe will play the music and it also monitors for when you plug your ipod in so it can transfer files over to it.

Ipod's rock... Even with the horrible U2... U2 sucks and Bono needs to keep his mouth shut and out of politics. Nobody cares what a musician thinks.

Oh wait, Bono isn't a musician....



mmtask.exe

mmtask.exe is primarily Part of MusicMatch Jukebox - digital music player / CD burner and ripper / music organizer / playlist creator.

BACKGAT.A TROJAN!
YAB.A TROJAN!
There's also an adware downloader with this .exe name. Make sure to cross reference your startup list with our startup DB.



MBM5.EXE

MBM5.EXE is Motherboard Monitor v5. Lets you monitor your temperatures, voltages and other things like fan speed. More information can be found here.



pstrip.exe

pstrip.exe is powerstrip which allows you to overclock your video card and change a ton of video settings. More information can be found here.

Quote:
PowerStrip provides advanced, multi-monitor, programmable hardware support to a wide range of graphics cards - from the venerable Matrox Millennium I to the latest GeForce 6600GT and ATI X800. It is in fact the only program of its type to support multiple graphics cards from multiple chipset vendors, simultaneously, under every Windows operating system from Windows 95 to the x64-bit edition of XP. A simple menu that pops up from the system tray provides access to some 500 controls over your display hardware, including sophisticated color correction tools, period level adjustments over screen geometry, and driver independent clock controls.



MsiExec.exe

MsiExec.exe is the executable for the windows installer. This should only be running while you are running an installer. If this is still running after the installer has completed it should be safe to end this process.



WinRAR.exe

WinRAR.exe WinRAR is a powerful archive manager. It can backup your data and reduce size of email attachments, decompress RAR, ZIP and other files downloaded from Internet and create new archives in RAR and ZIP file format. You may try WinRAR before buy, its trial version is available in downloads.



SpySub.exe

SpySub.exe is SpySubtract from Intermute. More information can be found here.

Safely removes spyware and prevents browser hijackings: Stops spyware programs that track PC usage and Web surfing and includes CWShredder?, the best defense against CoolWebSearch.



WinMX.exe

WinMX.exe is WinMX file sharing application. More information available here.

Quote:

What is WinMX?
WinMX is a FREE file-sharing program like no other.? It allows you to connect, download, and share files with MILLIONS of other users through the decentralized WinMX Peer Network.? Once WinMX is installed, you'll have access to one of the largest and most diverse networks of shared media files in the world.? And unlike many other 'peer to peer' software providers, we respect your privacy and will never sell you out to spyware.? When you download WinMX, you're getting WinMX and only WinMX, no bundled spyware, no ads, no B.S.




zeta.exe

What is it?

ZESOFT AdWare - zeta.exe

What does it do?

Details are sketchy, and it seems ZESOFT, the owners of the zeta.exe file, are no longer in business (atleast, zesoft.com doesn't seem to be working). According to this page on Paretologic.com, ZESOFT are associated with adware, specifically the AdWare.P2PNetworking, however zeta.exe itself is not mentioned there but it is adware regardless, probably just another name for the same AdWare.P2PNetworking, perhaps to create confusion.

Removal Instructions

To stop the ZESOFT process, go to Start, Run, and type in services.msc, click OK. Scroll down to ZESOFT, double click it, and then click the Stop button. Now click the arrow in the drop down window for Startup type and set it to Disabled. Click Apply, then OK. Make sure this phantom Service has not reactivated itself prior to any scanning of the system. Using a?popular anti-spyware program probably wouldn't hurt either.



AcroRd32.exe

AcroRd32.exe Acrobat Reader is used for reading PDF documents and has been the standard for portable documents on the web for many years now.



WORDPAD.EXE

WORDPAD.EXE is a rather basic word processor that comes for free with Windows. Microsoft has posted a guide to using wordpad here.



scsiaccess.exe

What is it?

Alcohol 120%?- ScsiAccess.EXE

What does it do?

scsiaccess.exe is an executable that comes with the DVD and CD writing/mounting software Alcohol 120%. It is used, as you may have guessed, for SCSI drive emulation.

Virus Precations

It is highly unlikely this is distributed?by a virus, but if you find it outside of WINDOWS/SYSTEM32 it should be treated as suspicious. NOTE: Using Alcohol 120% 1.9.2 does not seem to produce this file,?it is likely not being distributed anymore.



HackerEliminator.exe

HackerEliminator.exe is Hacker Eliminator which is designed to protect you from trojans. More information is available here.

Quote:

Hacker Eliminator picks up where anti virus scanners and firewalls leave off.? Why We Offer A Hacker Proof Guarantee Hacker Eliminator is easy to use and offers the utmost protection available from Trojan Horse programs and hackers. Hacker Eliminator is not solely reliant on file signatures like many other products. Hacker Eliminator will automatically alert you of any suspicious activity instantly because of real time monitoring of all new processes and hidden programs. Hacker Eliminator will also monitor programs that add themselves to the start up areas plus a whole plethora of other interactive monitoring features that are simple to operate.



AdTools.exe

AdTools.exe is a Windupdates adware variant.



AdToolsKeep.exe

AdToolsKeep.exe is Windupdates adware variant and usually has adtools.exe there is a startup item that you need to remove

[AdTools Service] C:Program FilesAdTools ServiceAdTools.exe



NISUM.EXE

NISUM.EXE is a part of Norton Internet Security. This is needed by Norton Personal Firewall. More information can be found here.



SymProxySvc.exe

SymProxySvc.exe is a part of Norton Internet Security. More information can be found here.

Quote:
Symantec's Norton Internet Security 2005 provides essential protection from viruses, hackers, and privacy threats. Norton AntiVirus is the world?s most trusted antivirus solution.* Norton Personal Firewall keeps personal data in and hackers out. And Norton Privacy Control, Norton AntiSpam, and Norton Parental Control safeguard you and your family from other common online risks.



NISSERV.EXE

NISSERV.EXE is a part of Norton Internet Security. More information can be found here.

Quote:
Symantec's Norton Internet Security 2005 provides essential protection from viruses, hackers, and privacy threats. Norton AntiVirus is the world?s most trusted antivirus solution.* Norton Personal Firewall keeps personal data in and hackers out. And Norton Privacy Control, Norton AntiSpam, and Norton Parental Control safeguard you and your family from other common online risks.



IAMAPP.EXE

IAMAPP.EXE is a part of Norton Internet Security. More information can be found here.

Quote:
Symantec's Norton Internet Security 2005 provides essential protection from viruses, hackers, and privacy threats. Norton AntiVirus is the world?s most trusted antivirus solution.* Norton Personal Firewall keeps personal data in and hackers out. And Norton Privacy Control, Norton AntiSpam, and Norton Parental Control safeguard you and your family from other common online risks.



ATRACK.EXE

ATRACK.EXE is a part of Norton Internet Security. More information can be found here.

Quote:
Symantec's Norton Internet Security 2005 provides essential protection from viruses, hackers, and privacy threats. Norton AntiVirus is the world?s most trusted antivirus solution.* Norton Personal Firewall keeps personal data in and hackers out. And Norton Privacy Control, Norton AntiSpam, and Norton Parental Control safeguard you and your family from other common online risks.



pctspk.exe

pctspk.exe is a diagnostic program for PCTel modems. It doesn't seem to be recquired. Some people have said their modem still works after closing this program while others have reported problems.?



ashDisp.exe

What is it?

ashDisp.exe is an executable file that is included with the avast! anti virus program

What does it do?

Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.

If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.

More info:

http://www.avast.com/



ashServ.exe

What is it?

ashServ.exe is an executable file that is included with the avast! anti virus program

What does it do?

Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.

If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.

More info:

http://www.avast.com/



ashMaiSv.exe

What is it?

ashMaiSv.exe is an executable file that is included with the avast! anti virus program

What does it do?

Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily. The typical size of a virus database update are tens of KB, the program update usually has hundreds of KB.

If your Internet connection is persistent, the updates are performed completely automatically in fixed time intervals. If you connect to the Internet only occasionally, avast! watches your connection and tries to perform the update when you are online.

More info:

http://www.avast.com/



netdde.exe

What is it?

netdde.exe is associatd with?a?microsoft windows application

What does it do?

The network dynamic data exchange (network DDE) functions enable a process to establish conversations with processes running on different computers in a network.More info:

more info:

The network DDE agent starts network DDE if it detects local network DDE activity. It does not detect a remote client trying to connect

[url=http://whidbey.msdn.microsoft.com/library/default.asp?url=/library/en-us/ipc/base/network_dynamic_data_exchange.asp]microsoft.com[/url]



Ad-Aware.exe

Ad-Aware.exe is Ad-Aware which is by far the greatest (also free) application for fighting adware/spyware. More information can be found here.

Quote:
Ad-Aware is designed to provide advanced protection from known Data-mining, aggressive advertising, Parasites, Scumware, selected traditional Trojans, Dialers, Malware, Browser hijackers, and tracking components. With the release of Ad-Aware SE Personal edition, Lavasoft takes the fight against Spyware to the next level.



wbload.exe

wbload.exe is WindowBlinds from stardock. It is used to take things like Windows styles to a whole new level. More information can be found here.

Quote:

WindowBlinds is a program that that enables Windows users to completely change the look and feel of the Windows user interface.? It does so by natively extending the user interface features of Windows to support enhanced visual styles.

If you have Windows XP, you're already half-way there. Windows XP includes a basic visual style engine that WindowBlinds is able to extend and accelerate to provide more features, optimize its memory usage, and improve its performance.




gcASCleaner.exe

What is it?

gcASCleaner.exe is part of the Giant / Microsoft Antispyware application.

What does it do?

Giant microsoft antispyware is a security technology that helps protect Windows users from spyware and other potentially unwanted software.

More info:

[url=http://www.microsoft.com/athome/security/spyware/software/about.mspx]microsoft.com[/url]



MyDailyHoroscope.exe

MyDailyHoroscope.exe is adware. More information can be found here. If you have this you will be seeing unwanted pop up ads.



JabberIM.exe

JabberIM.exe will allow you to connect to all of the major IM systems from a single program. Trillian does this also. More information can be found here.

Quote:
Jabber is best known as "the Linux of instant messaging" -- an open, secure, ad-free alternative to consumer IM services like AIM, ICQ, MSN, and Yahoo (see the IM quickstart). Under the hood, Jabber is a set of streaming XML protocols and technologies that enable any two entities on the Internet to exchange messages, presence, and other structured information in close to real time. Jabber technologies offer several key advantages:



lxbkbmgr.exe

What is it?

lxbkbmgr.exe is a?program for the?lexmark series x1100 printer

what does it do?

x1100 series all in one will print, copy, scan and fax.

More info:

www.lexmark.com



mcvsrte.exe

What is it?

mcvsrte.exe is a component of mcafee security software

What does it do?

aparently it is the application that handles mcafee software and antivirus definition updates

More info:

www.mcafee.com



MMJB.EXE

What is it?

MMJB.EXE is a file associated with the music match juke box multimedia player

What does it do?

player for audio and video. mmjb.exe is the main application for music match jukebox.

more info:

http://www.musicmatch.com/home.htm



MMDiag.exe

What is it?

MMDiag.exe is a file associated with music match multimedia software.

What does it do?

MMDiag.exe is a diagnostic application for music match multimedia software.

Musicmatch Jukebox is capable of providing detailed diagnostic information regarding its installation and configuration on your PC

More info:

www.musicmatch.com



GeekSuperhero.exe

What is it?

GeekSuperhero.exe is the geek super hero application

What does it do?

watches dozens and dozens of important settings on your computer and warns you if any program has changed them

More info:

http://www.geeksuperhero.com/index.shtml



hpqtra08.exe

What is it?

hpqtra08.exe is a file associated with HP imaging software

What does it do?

provies a system?tray icon to quickly?monitor scans,?faxes and for?quick access to HP?diagnotic applications.

More info:

www.hp.com



PQV2iSvc.exe

What is it?

PQV2iSvc.exe is part of Power Quest drive image and norton Ghost drive backup software.

What does it do?

Create complete drive backups, restore files, schedual automatic backup and restore tasks

More info:

May cause resources to be gobbled up?resulting in?heavy page file swapping. This?might be a problem durring drive imaging. Try restarting without virtual memory then perform drive images and backups with this software.

http://www.symantec.com/sabu/ghost/ghost_personal/



retrorun.exe

What is it?

retrorun.exe is part of Dantz retrospect backup software

What does it do?

retrospect can protect a single Windows server, desktop, or notebook, or a small network of Windows, Macintosh, Linux, or Solaris desktops and notebooks by backing them up to a Windows-based computer.

More info:

http://www.dantz.com/en/products/index.dtml



FreeRAM XP Pro 1.40.exe

What is it?

FreeRAM XP Pro 1.40.exe is a freeware?RAM optimization application

What does it do?

Freeware application to free and optimize your computer's RAM

More info:

On a small minority of systems, installing Service Pack 2 (SP2) for Windows XP will result in the FreeRAM XP Pro tray icon not showing up properly when starting with Windows

http://www.yourwaresolutions.com/software.html



fxssvc.exe

What is it?

fxssvc.exe is a file associated with the microsoft FAX application

what does it do?

Fax provides you with complete fax facilities from your computer. You can configure fax settings, send and receive faxes, track and monitor fax activity, and access archived faxes.

More info:

[url=http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?url=/windowsxp/home/using/productdoc/en/app_faxclient.asp]microsoft.com[/url]



lxbkbmon.exe

What is it?

lxbkbmon.exe is a?button monitor program for the?lexmark series x1100 printer

what does it do?

x1100 series all in one will print, copy, scan and fax.

More info:

www.lexmark.com



portreporter.exe

portreporter.exe Is Microsoft's port reporting utility. More information can be found here.

The Port Reporter tool logs TCP and UDP port activity. The tool is a small program that runs as a service on a computer that is running Windows Server 2003, Windows XP, or Windows 2000.

On Windows Server 2003 and on Windows XP-based computers, the service can log the following information:
?The ports that are used
?The processes that use the port
?Whether a process is a service
?The modules that a process loaded
?The user accounts that run a process
On Windows 2000-based computers, the service logs the ports that are used and when the ports are used.



KMaestro.exe

KMaestro.exe is software for multimedia keyboards. Used by many different manufacturers.



hidserv.exe

hidserv.exe is the windows human interface device service. It monitors your system for when you plug various USB devices in. More information can be found here.

Quote:
Microsoft? Windows??98 and later versions provide built-in support for devices compliant with the USB Device Class Definition for Audio Devices, Version 1.0 (see http://www.usb.org/?This link leaves the Microsoft.com site), and for audio control devices compliant with the USB Device Class Definition for Human Interface Devices (HID), Version 1.0 and 1.1.



WinVNC.exe

WinVNC.exe is a remote control application. More information is available here.

Quote:
VNC (Virtual Network Computing) software makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet. VNC software is cross-platform, allowing remote control between different types of computer. For ultimate simplicity, there is even a Java viewer, so that any desktop can be controlled remotely from within a browser without having to install software.



mcvsescn.exe

mcvsescn.exe is a process related to McAfee virus scan. This process scans your emails. You should leave this running if you want to stay protected from the various bugs floating around the net.



mcagent.exe

mcagent.exe is a process related to McAfee virus scan. This process helps keep your virus definitions up to date.. You should leave this running if you want to stay protected from the various bugs floating around the net.



mcvsshld.exe

mcvsshld.exe is a process related to McAfee virus scan. You should leave this running if you want to stay protected from the various bugs floating around the net.



launchpd.exe

What is it?

ATi Toolbar- launchpd.exe

What does it do?

launchpd.exe is part of the ATi?Catalyst Driver Suite, when this service is enabled a toolbar is displayed on the screen with shortcuts to various system components such as media player etc.

Virus Precations

No virus at this point in time appears to target this file for infection nor attempts to distribute itself via this filename. Keep up to date on any launchpd.exe viruses with this google search. You can disable it by right-clicking on the Toolbar and taking the tick off the "Load on Startup" option.



kem.exe

What is it?

Logitech SetPoint Configuration Utility - KEM.exe

What does it do?

This file is related to the Logitech keyboard and mouse utilities, replacing iTouch and MouseWare. It is also necessary to run if you wish to utilize special multimedia buttons on some Logitech devices.

Virus Precations

No virus appears to infest or distribute the KEM.EXE file, however?this google search will keep you up to date if any developments occur. At this point in time KEM.EXE is a harmless Logitech executable, nothing more.



wini.exe

What is it?

Backdoor.Optix.04.d Trojan - wini.exe

What does it do?

Backdoor.Optix.04.d is a backdoor trojan. Once a system is infected, it will attempt to?terminate any process related to security or virus scanning software. In most forms, the trojan listens on port 5151. Wini.exe is copied into the default Windows directory.

Removal Procedure

Full information including removal?can be read at Symantec.



hpztsb10.exe

What is it?

hpztsb10.exe is?associated with HP printer products software and drivers.

What does it do?

HP spool service application for Windows 32 bit environments on X86 platforms "PC's"

More info:

www.hp.com



actxprxy.exe

What is it?

Adsrv.com/IeDriver Adware Variant - actxprxy.exe

What does it do?

actxprxy.exe is a distributor of the Adware.IEDriver, which basically downloads and displays advertisements on your computer. It resides in the %WINDOWS%\%SYSTEM%iedriver folder, which it creates during install.

Removal Instructions

AdWare.IEDriver is removable via most popular anti adware/spyware software.



LogWatNT.exe

What is it?

LogWatNT.exe is the windows NT version of a file necissary for the propper opperation of unicener?products

What does it do?

Prevents access violation errors and patches memory leaks.

More info:



logwat95.exe

What is it?

LogWat95.exe is the windows?9x version of a file necissary for the propper opperation of unicener?products

What does it do?

Prevents access violation errors and patches memory leaks.

More info:



tcpsvcs.exe

What is it?

Microsoft TCP/IP Networking - tcpsvcs.exe

What does it do?

tcpsvcs.exe is an essential service for Windows systems using the TCP/IP protocol, and is required to run such components as DHCP and network printing. It is a very important file and should not be tampered with.

Virus Precations

There does not seem to be any major viruses or trojans associated with tcpsvcs.exe, however you can keep updated via this Google search.



freeshade.exe

What is it?

FreeShade - freeshade.exe

What does it do?

freeshade.exe is the main executable for the freeware utility 'FreeShade', which changes how documents and programs are handled in Windows display wise. Basically, instead of minimising open documents and programs?to the system tray, it minimises them?to their own title bars, as seen in MacOS. For more information check out this link.

Virus Precations

freeshade.exe does not appear to be targeted or distributed by any known virus and since it is only somewhat of a less known utility, it is highly unlikely it ever will.



sistray.exe

What is it?

SiS System Tray - sistray.exe

What does it do?

SiS, who are now somewhat dead in the consumer graphics market, used the sistray.exe file to load their configuration utility into the system tray. The default location for sistray.exe is %WINDOWS%/System32/.

Virus Precations

sistray.exe is targeted by a few nasties, namely Trojan.Prova as seen here at Symantec. This variant stores itself into %WINDOWS%/Command/ rather than %WINDOWS%/System32/.



startupmonitor.exe

What is it?

Startup Monitor - startupmonitor.exe

What does it do?

startupmonitor.exe is the main executable for the program Startup Monitor. This program monitors your system for any changes to the?startup list, whether it be in the registry or in the startup folder. Basically, nothing on your computer will be set to launch on Windows startup without you approving it, quite the handy utility when stopping phantom services from hogging your resources.

Virus Precations

No virus resides with the filename startupmonitor.exe at this time but to keep up to date, use this Google search.



mxjqzl.exe

What is it?

Sandboxer - MxjQzL.exe

What does it do?

MxjQzL.exe is a spawn of Sandboxer - a game website which packs a little surprise with their downloads, that being a nasty spyware/adware. It uses random file names that it changes dynamically in set periods. It also uses random text for registry entries, which it also changes. It will also respawn once damaged or deleted. It sets its file attributes to "system" and "hidden" to make detection and removal harder. On top of all this, it is designed to download more adware and spyware. The alternative names include Adware-MemWatcher, Backdoor.VB.nb, Backdoor.VB.oq, Peper Trojan and Peper.trojan.

The following are filenames typical with an infected PC:

upgradememorywatcher.exe
regrepair.exe
idjqqk.exe
bvu9v35.exe
gnsdk.exe
lbk7.exe
mxjqzl.exe
ocn67i0.exe
ojz1.exe
pusy6.exe
pwbm74i.exe
tgjog.exe
tpws.exe
unj36t.exe
xjpvq9t0.exe
yfk8.exe
yubxk.exe
zpuwldj.exe
ymcjqxfa.exe

Removal Procedure

You will find a good removal guide and more details at the CA.com?Spyware Information Center.



gcasServAlert.exe

What is it?

gcasServAlert.exe is part of the Giant/windows antispyware software.

What does it do?

This file is part of the alert service that reports events via?a popup on the desktop.

More info:

There's a bug with this software that causes the process to remain running in the background when the start/quicklaunch bar docked in the vertical position on?the desktop.?The alert box?scrolls by from one side of the screen to the other without stopping in a spot on-screen. The alert is still running, just somewhere that?can't be?seen or clicked. A work around is to keep?the start/quicklaunch bar docked on the bottom of the desktop screen or use the process manager to end the alert... Word is that microsoft knows about this and is working on a fix.



KillBox.exe

What is it?

KillBox.exe is the main executable file of the application called KillBox. This sounds bad but it's not.

What does it do?

Alot of people are using killbox.exe to help remove stuborn files while?ridding?a computer of?viruses n other bad files.

More info:

Killbox is also the name of a band- I haven't heard any of their stuff so I won't comment on that.

if you are looking for killbox.exe you can find it with this google search



gaim.exe

gaim.exe -? Gaim is a multi-protocol instant messaging (IM) client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ (Oscar protocol), MSN Messenger, Yahoo!, IRC, Jabber, Gadu-Gadu, SILC, GroupWise Messenger, and Zephyr networks. More information can be found here.



iPodService.exe

iPodService.exe monitors for when you connect your ipod. see also ituneshelper.exe. Ipods are great and if you own one you are slightly cooler than me.



procexp.exe

procexp.exe is process explorer. It is an expanded version of task manager. More information can be found here.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you?ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you?ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.



WinBar.exe

WinBar.exe? is a free and compact program that lets you monitor your system and provides easy access to frequently used controls.? This program is absolutely free of charge and does not contain any advertisements or spyware. More information can be found here.



AnyDVD.exe

AnyDVD.exe? AnyDVD is a driver, which descrambles DVD-Movies automatically in the background. This DVD appears unprotected and region code free for all applications and the Windows operating system as well. With AnyDVD's help copy tools like CloneDVD, Pinnacle Instant Copy, InterVideo DVD-Copy, etc. are able to copy CSS protected Movies. With the help of AnyDVD you can watch movies with non matching region codes with every DVD Player Software you like! More information is available here.



USISrv.exe

USISrv.exe "Ulead's DVD Workshop 1.0 set the DVD authoring world on fire due to its packed featureset, pro-approach to authoring, AC3 capabilities, and low price point. To their own chagrin, no one in the DVD authoring world was expecting this dark horse to amount to much. Ulead sneaked up from behind and gave everyone pause. Can Ulead do it again with their second-generation of this software? I think they can if they market it aggressively and get this tool into the hands of loyal and vociferous users. While the product is still fresh, and in the vein of Adobe, Sony, Sonic Solutions and other DVD authoring apps being released and with Pinnacle walking away to some extent from the separate authoring app, Ulead hits a very unique niche with their interpretation of how DVD authoring should be done." Quoted from a review



FileZilla Server.exe

FileZilla Server.exe FileZilla is a fast FTP and SFTP client for Windows with a lot of features. FileZilla Server is a reliable FTP server. More information can be found here.



AppServices.exe

AppServices.exe is a part of the Iomega Zip drive. Without this process your zip drive may not work properly.



sqlservr.exe

sqlservr.exe is Microsoft's SQL Server. SQL Server 2000 exceeds dependability requirements and provides innovative capabilities that increase employee effectiveness, integrate heterogeneous IT ecosystems, and maximize capital and operating budgets. SQL Server 2000 provides the enterprise data management platform your organization needs to adapt quickly in a fast-changing environment. More information can be found here.



PPMemCheck.exe

PPMemCheck.exe is a part of PestPatrol anti-spyware application. Since they were purchased by etrust I don't consider this application to be one of the major players anymore. Microsoft's antispyware is a better, FREE solution. More information about PestPatrol can be found here.



PPControl.exe

PPControl.exe is a part of PestPatrol anti-spyware application. Since they were purchased by etrust I don't consider this application to be one of the major players anymore. Microsoft's antispyware is a better, FREE solution. More information about PestPatrol can be found here.



CookiePatrol.exe

CookiePatrol.exe is a part of PestPatrol anti-spyware application. Since they were purchased by etrust I don't consider this application to be one of the major players anymore. Microsoft's antispyware is a better, FREE solution. More information about PestPatrol can be found here.



hijackthis1.exe

This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here.



InoRpc.exe

InoRpc.exe - eTrust Antivirus helps manage your virus challenges by providing a single, comprehensive virus management solution that eliminates virus infections, eases administration, simplifies and automates the updating process, and more. More information is available here.



InoRT.exe

InoRT.exe - eTrust Antivirus helps manage your virus challenges by providing a single, comprehensive virus management solution that eliminates virus infections, eases administration, simplifies and automates the updating process, and more. More information is available here.



InoTask.exe

InoTask.exe - eTrust Antivirus helps manage your virus challenges by providing a single, comprehensive virus management solution that eliminates virus infections, eases administration, simplifies and automates the updating process, and more. More information is available here.



exe.exe

What is it?

W32.Bropia.P/W32.Spybot.Worm - exe.exe

What does it do?

exe.exe (which in itself is infected with?the W32.Spybot worm) is a file dumped by the W32.Bropia.P worm in a system's C: root. Upon virus execution it also copies the file exe.exe to %WINDOWS%\%SYSTEM%winis.exe. It then proceeds to send itself to any contacts in?Microsoft Messenger,?should it be installed on the system.

Removal Procedure

W32.Bropia.P Information - Symantec
W32.Spybot.Worm Information - Symantec



InocIT.exe

InocIT.exe - eTrust Antivirus helps manage your virus challenges by providing a single, comprehensive virus management solution that eliminates virus infections, eases administration, simplifies and automates the updating process, and more. More information is available here.



PVSConfigService.exe

PVSConfigService.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



BTVTaskListProcessorService.exe

BTVTaskListProcessorService.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



SMAgent.exe

What is it?

SMAgent.exe is part of the drivers installed with soundmax Audio devices.

It is common to mainboards that include?AC97 onboard audio.

What does it do?

SoundMAX is a powerful combination of Analog Devices' reliable AC'97 CODEC series and innovative software that enables PC OEMs to provide features that surpass the functionality of premium soundcards at a fraction of the cost.

more info:

www.soundmax.com/products/



PVSLibraryAppService.exe

PVSLibraryAppService.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



PVSSchedulerService.exe

PVSSchedulerService.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



BTVWebServer.exe

BTVWebServer.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



BTVRecordingEngine.exe

BTVRecordingEngine.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



BTVAgent2.exe

BTVAgent2.exe - Beyond TV is software that records TV in a similiar fashion as Tivo. It's one of the better windows based PVR applications. More information can be found here.



Apntex.exe

What is it?

Apntex.exe is part of Alps pointer device drivers.

What does it do?

This is the driver for?Alps Electronics touchpad?and? pointing sticks.

More info:

http://www.alps.co.jp/e/press/new2000/f0127-e.htm



DSentry.exe

DSentry.exe - Quite a few DVDs install a crappy piece of software for DVD playback. The player in question will monitor what movies you watch and report back to their servers. Dell has provided this application to monitor for when these types of applications attempt to install themselves onto your system.



NotifyAlert.exe

NotifyAlert.exe is an application from Dell that is similiar to windows automatic update notifications only this one checks for updates to the various applications that came with your Dell system.



ViewMgr.exe

What is it?
ViewPoint Toolbar - viewmgr.exe

What does it do?
ViewPoint Toolbar will hijack your search queries and also transmits non personally identifiable information back to their servers (It's still data therefore spyware as far as I'm concerned.) Here is a quote from the download.com review.

"This free toolbar offers a way to save bookmarks in visual form, as well as a fairly capable pop-up blocker. The Viewpoint Toolbar has an attractive, compact interface that quickly expands when necessary. For example, if you want to view screenshots of bookmarks, you simply click a button to scroll through all images. Though the thumbnails are rather small, they are big enough to give you a general overview of a page's contents. The thumbnails have as annotation text from the search results, so you can quickly understand what a page is about. The pop-up blocker was mostly effective in our tests, except with floating ads, though its performance seemed a bit slow. You can specify whether to allow ads from a certain site and whether to display an icon and play a sound when the toolbar blocks ads. You'll also find a basic search function powered by Yahoo's engine. Since it offers a rather unique way to store bookmarks and doesn't cost a dime, we can see how Viewpoint Toolbar makes a beneficial addition for many Web surfers."

Unlike a lot of the crap we see around here this does offer something that is somewhat useful.

Removal Instructions:
I've posted my ViewPoint Toolbar Removal instructions here:



f3scrctr.dll

What Is It?
MyWebSearch - f3scrctr.dll

What Does it Do?
MyWebSearch is a toolbar that quite a few third party software developers bundle with their "free" software. It is a search and error page hijacker that can be fairly tricky to remove. Smileycentral.com is probably the largest website pushing this toolbar. This toolbar will quite likely slow the speed of IE web browsing and searching due to the hijackings.

Removal Instructions:
Our MyWebSearch Removal guide can be found here.



stc.exe

What Is It?
Second Thought - stc.exe

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



iadhide.dll

What is it?
Backweb - iadhide.dll

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



DAP.EXE

DAP.EXE is Download Accelerator which is a very powerful download management application but it comes at a hefty price with a dubious privacy policy and contains Adware. More information can be found from the company that brought us Spybot.

Quote:
A few versions back, Download Accelerator Plus came even without a privacy policy, and the one found in a hidden place online contained some bad terms. Today, during the installation a license agreement will be shown, and this license agreement contains a privacy policy. It's still quite misleading and contradicting though, speaking about co-registrations with other services on the one hand, but only anonymous publishing on the other hand. How a registration with other services can be done anonymously is beyond my understanding...
In addition, just starting it opens half a dozen connections to ad servers, including Cydoor. Couldn't deal with the downloads on the site I used for this tests, as it always tried to download the download page, blocking the load of it inside the browser. On other pages, it worked ok. Still, even if you neglect the ads and possible spying, there are other download managers that are easier to use.



csutil.dll

What is it?
OrbitExplorer - csutil.dll

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

This is some adware that you really should get rid of. "OrbitExplorer.com is a website search engine catering to a wide varity of groups. The goals of OrbitExplorer.com are to provide the most relevant content to any search. Our content is organized into categories accessible from our front page, and is as well searchable via keywords.

OrbitExplorer is an advertising supported software application that provides you with additional content and advertisements based on the Web sites you visit most! " http://www.orbitexplorer.com/privacy.html


Removal Instructions:
Our guide has been posted here.



iexploreskins.exe

What Is It?
Ibis Toolbar - iexploreskins.exe

What Does it Do?
This toolbar is also a search hijacker and BHO. It will also try to install a number of other applications which according to the terms you agreed to while installing it CAN do! IBIS has been known to prevent you from visiting a number of popular spyware removal sites.

Web Search features one-click access to the search results of fifteen (15) of the best search providers on the Internet! Now, you can search for relevant web results, images, audio, news and much more from one convenient location! Web Search is your best "search friendly" tool on the web, saving you time and effort. Source

Removal Instructions:
Our Ibis Toolbar Removal guide can be found here.



opware32.exe

opware32.exe is Omnipage from scansoft. This is an application to scan text into your office documents. You should leave this process running unless it is causing problems.



winupdt.exe

What Is It?
WindUpdates - winupdt.exe

What Does it Do?
WindUpdates is a trojan downloader that by itself will deliver popup advertisements to your system. This is NOT the part thats so bad... It also installs a number of other adware/spyware applications and is installed on your system through an activex control that installs itself on alot of IE users systems without them ever knowing it. All they have to do is visit the wrong site! Use FireFox NOW!

Removal Instructions:
Our WindUpdates Removal guide can be found here.



ezpopstub.exe

What is it?
Ezula - ezpopstub.exe

What does it do?
Ezula primarily provides a browser addon that allows you to hold alt + click any word and it searches that term for you. It does help skip a step or two to save some time. I personally use Firefox and have a little google search box in the top right where I can toss something into and quickly search that way. For all of you super lazy people you may want to leave this installed but it will serve ads to you.

Removal Instructions:
Our Ezula Removal guide has been posted here.



kodak software updater.exe

What is it?
Backweb - kodak software updater.exe

What does it do?
Backweb Removal - This is very widely used among corporations like Kodak, WD and HP. The original intention of this program is to easily keep your applications updated without you having to do anything. The down side to this is many variants of are floating around and some collect information about you. I suggest doing all updates yourself and removing this application!

Removal Instructions:
Our Backweb Removal guide has been posted here.



WkUFind.exe

WkUFind.exe is related to Microsoft Works/PictureIt! and will check for software updates. It is safe to remove this from your system startup.



disp1150.exe

What is it?
Top Rebates - disp1150.exe

What does it do?
adware plus possible trojan downloader! We highly suggest getting rid of this pest for security and system stability reasons.

Removal Instructions:
Our guide has been posted here.



trans.exe

What Is It?
Second Thought - trans.exe

What Does it Do?
Second Thought is adware and its also a hijacker. There isn't any possible reason why you would ever want to leave this on your system. According to their terms they can contact their servers to log things like your browsing habits. They could also install additional junk on your system without your approval!

Removal Instructions:
Our Second Thought Removal guide can be found here.



CDANTSRV.EXE

CDANTSRV.EXE is a part of the C-Dilla license management system. Helps manage licenses for the software that uses it. Its an anti piracy application.



rundlg32.dll

What Is It?
CWS.StartPage - rundlg32.dll

What Does it Do?
CoolWebSearch.StartPage is one of the MANY CWS variants. This browser hijacker will modify your trusted and safe sites list to allow other threats to be installed on your system without your permission. Luckily CWShredder is around to automate the removal of this bugger because it can be a pain to do on your own! There are quite a few BHO's and toolbars installed by this bugger.

Removal Instructions:
Our CWS.StartPage Removal guide can be found here.



cd_clint.dll

What Is It?
DownloadWare - cd_clint.dll

What Does it Do?
DownloadWare is scum of nearly every variety! It's adware, downloader, toolbar, search hijacker AND a trojan all rolled into one. This is installed using ActiveX by a number of questionable sites. It will download and install a number of various applications from its advertisers which will further mess up your system. There is truly no reason why you'll ever want to leave this trash on your system. Remove it NOW!

Removal Instructions:
Our DownloadWare Removal guide can be found here.



sysmonnt.exe

What is it?

sysmonnt.exe is either part of a legitimate third party application called SysMon or it is a component of Msavc32?vx2 spyware and adware

What does it do?

The legitimate application:

fkWare SysMon displays the current memory consumption, CPU and resource usage, date, time, Windows uptime, IP address and a lot more

Risks:

The adware?associated with?sysmonnt.exe gathers info of started processes, internet habits etc. If you don't have the FkWare version of SysMon or other third party Sysmon Applications consider sysmonnt.exe a bad file and remove it.

More info:

You can read more about FkWares Sysmon [url=http://www.fkware.com/sysmon/]here[/url]

Keep an eye on [url=http://www.google.com/search?hl=en&q=sysmonnt.exe+%2Badware+%2Bspyware+%2Bvirus&btnG=Google+Search]this[/url] Google search for?sysmonnt.exe?associations with?adware spyware and viruses.

There are other 3rd party apps associated with the filename Sysmon so do your homework before deleting this one.



ZCfgSvc.exe

What is it?

ZCfgSvc.exe is part of intell wireless network adapters proset utility. It is included with the installation of the drivers?and included with the?OEM install of PC?notebooks with Intel Cintrino technology

What does it do?

Allows monitoring and configuration of the wireless connection.

More info:

You can read more about Intel wireless technology's proset utility?and Cintrino device drivers[url=http://support.intel.com/support/wireless/wlan/sb/CS-010623.htm]@ intel.com[/url]



1XConfig.exe

What is it?

1XConfig.exe is?associated with?shuttle multimedia device?drivers, software?or?USB utillities.

What does it do?

Provides a tray icon to access and config shuttle multimedia?utillities,?Monitor usb devices, connections?or?configuration.

More info:

Might have been included with software utilities for a Shuttle X?PC, an?OEM slim PC or other add on device,?more specifically USB card readers.

?Not certain about this file,?ask?[url=www.google.com]google[/url]



lvcoms.exe

What is it?

Logiech QuickCam Software - LVComS.exe

What does it do?

lvcoms.exe is part of Logitech's QuickCam software for its webcam products, which basically allows Logitech?webcams to function in?Netmeeting and other video streaming software.

Virus Precations

LVComS.exe does not presently pose any sort of virus or trojan risk, but you can check up on this Google search for future developments.



steam.exe

What is it?

Valve Steam - steam.exe

What does it do?

Steam.exe is the main executable for Valve Software's Steam Powered content streaming application. Steam?distributes games and?content such as Half Life 2 and its addons like Counter Strike?using an online?streaming method. Whilst many would argue it is not the best software ever made, it is by no means harmful ;)

Virus Precations

Files associated with popular games tend to be targets, although at this point in time no such virus seems to exist that targets steam.exe or distributes itself as?steam.exe. This Google search should keep you up to date in case one does surface though.



win32.exe

What is it?

Backdoor.Ratega?- Win32.exe

What does it do?

Win32.exe is spawned by the Ratega Trojan (Backdoor.Ratega), which usually resides in C:\%Windows%. By default, the Trojan listens on port 6969 and notifies the hacker?via email. It, like most trojans, is designed to give the hacker remote control of infected systems.?It also creates C:\%Windows%\%System%Keylog.text, C:\%Windows%\%System%lib.dll and C:\%Windows%Win32.dll.

Virus Precations

Full information on Ratega.Trojan including removal at Symantec.



bearsh~1.exe

What is it?

Bear Share ? bearsh~1.exe

?

What does it do?

BearShare is a peer-to-peer file sharing program similar to Kazaa. What BearShare also does is sell its users information for advertising.



bearshare.exe

What is it?

Bear Share ? bearshare.exe

What does it do?

BearShare is a peer-to-peer file sharing program similar to Kazaa. What BearShare also does is sell its users information for advertising.



bsproinstall.exe

What is it?

Bear Share ? bsproinstall.exe

?

What does it do?

BearShare is a peer-to-peer file sharing program similar to Kazaa. What BearShare also does is sell its users information for advertising.



dearshare.dll

What is it?

Bear Share ? bearshare.dll

?

What does it do?

BearShare is a peer-to-peer file sharing program similar to Kazaa. What BearShare also does is sell its users information for advertising.



divx player.exe

What is it?

Media Player ? divx player.exe

?

What does it do?

Plays media files.



netdrive.exe

What is it?

netdrive.exe is a file associated with a Novell Client application as well as other third party applications.

What does it do?

Provides?single or multiple client access to a common?Network?storage area.

More info:

@[url=http://www.novell.com/coolsolutions/qna/999.html]novell.com[/url]

Also [url=http://www.southrivertech.com/index.php?pg=./products/webdrive/index]WebDrive[/url]



config.exe

What is it?

Divx Pro ? config.exe

?

What does it do?

The ad-supported version installs Gain, a common ad-ware program.



libeay32.exe

What is it?

Divx Pro ? libeay32.exe

?

What does it do?

The ad-supported version installs Gain, a common ad-ware program.



Istbar.dll

What is it?

IST Bar - Istbar.dll

?

What does it do?

ISTbar is a homepage and search hijacking adware. It adds a toolbar to Internet Explorer and displays popup ads that come mainly from porn sites.



mmtask.tsk

mmtask.tsk is a "Multimedia background task support module" for windows 9x/ME. it is a 16 bit application that may be needed by some sound cards.



nhksrv.exe

What is it?

nhksrv.exe is a 3rd party application included in the software and driver install?of some keyboards with extra function buttons. The extra function buttons?are common to?multimedia keyboards.?If you own an Acer, Dell, Compaq?or some other brand PC that included?a Multimedia Keyboard this file might have?been included with the drivers for your hardware.

What does it do?

nhksrv.exe is the Hot Key monitoring service, when you press the?EMAIL button, or the LINKS button on the multimedia keyboard this service links the key pressed to either your default email application or your default internet browser ETC....

More info:

Read more about multimedia keyboards @[url=http://www.google.com/search?hl=en&q=multimedia+keyboard]GOOGLE.com[/url]



aoltsmon.exe

What is it?

aoltsmon.exe is?part of AOL's Web Acceloration Technology.

What does it do?

aoltsmon.exe is known as AOL Top Speed Monitor, it is supposed to help with download speeds but nothing really helps your downloads go faster if your connection to the internet is slow.

More info:

If for some reason you have issues with this software and you don't like AOL you should get another Internet Service Provider. What you really need is MORE bandwidth.?Cable internet is really fast and so is DSL. You will want one or the other for fast internet downloads.



AirCFG.exe

What is it?

AirCFG.exe is a file associated with D-link airport wireless hardware.

What does it do?

Provides a system tray ICON for quick access to connection settings, status and security configuration of your D-link air port wireless network hardware.

More info:

www.dlink.com



avant.exe

What is it?

Avant.exe is a 3rd party application associated with the avant internet browser upgrade for windows internet explorer.

What does it do?

Flash Animation Filter:

More than 85% of all flash animation on web pages is advertising. These flash files are pretty large, and normally take up to 90% of the size of the page you're visiting. With Avant Browser you can save this bandwidth by blocking the download of these flash files...................

Built-in Pop-up Stopper:

Easily eliminate unwanted pop-up pages automatically with just one click.

Additional Mouse Functions:

Multi-Window Browsing:

More info:

@ [url=http://www.avantbrowser.com/index.html]avant.com[/url]



WZCBDLS.exe

What is it?

WZCBDLS.exe is a file associated with D-link software.

What does it do?

loads dlink applications

More info:

Keep an eye on [url=http://www.google.com/search?hl=en&q=WZCBDLS.exe&btnG=Google+Search]this[/url] google search for any association of WZCBDLS.exe with adware, spyware or viruses.



hjt.exe

What is it?

hjt.exe is the main application executable for?[url=http://www.iamnotageek.com/a/401-p1.php]Hijack This[/url]

What does it do?

Hijack This is an application dedicated to helping you keep your computer free of browser hijackers and other malware.

More info:

Read more about using Hijack this and get help removing what Hijack this finds [url=http://www.iamnotageek.com/a/401-p1.php]Right here[/url].



wdService.exe

What is it?

wdService.exe is a file associated with the 3rd party application WeDrive from South River Technologies LLC.

What does it do?

wdService.exe most likely provides a taskbar icon for quick access to the remote storage area and or webdrive application config utility.

WebDrive integrates WebDAV, FTP, or SFTP servers into the Windows desktop by mapping them to a network drive letter. Files are transferred by simply saving them to a drive letter - there's no need to run a separate FTP/SFTP client. WebDrive instantly web-enables any Windows application by providing the.....

more info:

Read more about [url=http://www.southrivertech.com/index.php?pg=./products/webdrive/index]WebDrive[/url] @ southrivertech.com



shwicon2k.exe

shwicon2k.exe is a multimedia card reader generally located at? C:Program FilesMultimedia Card Readershwicon2k.exe if you don't use a card reader this process can be safely ended.



VTTimer.exe

VTTimer.exe is a part of the VIA graphic driver package. It provides several diagnostic tools.



SpamSub.exe

SpamSub.exe is a part of Spam Subtract by Intermute. More information can be found here.

Quote:
On a daily basis email Inboxes are filling up with unsolicited junk email. Analysts report, on average 50% of all email is spam. The result: frustrated users who spend half their time using email manually sorting and deleting junk email. SpamSubtract is InterMute?s spam blocking solution. SpamSubtract is an easy-to-use, program that keeps unwanted email out of your Inbox.



hpsysdrv.exe

hpsysdrv.exe should only be running on an HP/compaq made system. This tracks some information about your usage of the recovery CD that comes with your system to reinstall the OS and drivers.



hphmon05.exe

hphmon05.exe is related to the HP PhotoSmart software. This provides the user with a number of flash card related functions.



PicasaMediaDetector.exe

PicasaMediaDetector.exe is Picasa an automated photo organizer. More information can be found here.

Quote:
A free software download from Google.

Picasa is software that helps you instantly find, edit and share all the pictures on your PC. Every time you open Picasa, it automatically locates all your pictures (even ones you forgot you had) and sorts them into visual albums organized by date with folder names you will recognize. You can drag and drop to arrange your albums and make labels to create new groups. Picasa makes sure your pictures are always organized.




PSFree.exe

PSFree.exe is Panicware's popup stopper. Everybody hates the pop up/under ads but they're a very high paying format and provides thousands of dollars of additional funding for sites like this one. More information here.

Quote:
Pop-Up Stopper Professional is the latest in Panicware's award-winning pop-up ad-blocking product line. The only product to provide native support for AOL, MSN, Internet Explorer, Netscape, Opera, SBC Yahoo!, CompuServe, WMConnect, Juno, NetZero, Mozilla all in one software package!



rnathchk.exe

rnathchk.exe is the part of Real Networks RealOne Player that goes online to see if any updates are available and will notify you if there is.



PopSub.exe

PopSub.exe is InterMutes Popup subtractor. This is a popup ad blocker. More information can be found here.

Quote:
PopSubtract is InterMute?s intelligent pop-up ad blocking utility. Designed for ease-of-use, superior blocking and super fast download, PopSubtract keeps both Internet browser Pop-Up and Pop-Under windows from appearing. PopSubtract even blocks those annoying Windows Messaging Pop-Ups!



BTTray.exe

BTTray.exe is a System tray icon which shows the status of a BlueTooth wireless module. Most systems with such a module installed can enable/disable the module. The system tray icon changes from blue/white to blue/red when the module is turned off. Allows access to explore bluetooth places, setup wizard, advanced configuration, quick connect and shutdown device



zonealarm.exe

zonealarm.exe is the most popular software firewall currently available other than Windows Firewall. More information is available here.



MpfAgent.exe

MpfAgent.exe is Mcafee Personal Firewall Agent. It is a core process to Internet Security.



MPFSERVICE.exe

MPFSERVICE.exe is Mcafee Personal Firewall Service. This is a core process to Internet Security. Leave this process running if you want your firewall up and protecting you.



brsvc01a.exe

What is it?

brsvc01a.exe is associated with drivers for Brother printers

What does it do?

brother printer software,?needed for Brother?printers.

More info:

If you need help with your brother printer look for a solution [url=http://solutions.brother.com]@ brother.com[/url]



Avsynmgr.exe

What is it?

Avsynmgr.exe is Mcafee Antivirus Synchronization manager.?Associated with Mcafee Antivirus software?included with Mcafee?Security Suite.

What does it do?

Runs as a service, launches?several Mcafee applications, Anti Virus updates etc.

More info:

If you are having trouble with your mcafee software, look for help on?the support page at www.mcafee.com



Apoint.exe

Touchpad software for laptop PC's. For instance it is found on the Panasonic machines and allows part of the touchpad to be used for document or Web-page scrolling. Required for proper functioning of the pointing software but not required for the laptop to work



quickset.exe

Dell taskbar icon allowing you to quickly change settings. The highlights are power management and diagnostics.



nvsc32.exe

Added by a variant of the IRC.BOT TROJAN! It is meant to look like the Nvidia application. nvsvc32.exe



pcsync.exe

If a Nokia phone has been connected, synchronises the phone with MS Outlook or other organiser software. It is installed by the Nokia PC Suite, and the tray icon shows if a phone has been connected.



DVDLauncher.exe

DVDLauncher.exe - A process belonging to the Cyberlink PowerCinema video viewing software which allows you to play DVDs upon insertion. If you're not a fan of autoplay type applications feel free to get rid of this process.



SAdBlock.exe

SAdBlock.exe - SuperAdBlocker highlights:

  • Real-Time Spyware/Adware protection. No "scanning" required.
  • Superior Pop-Up, Pop-Up Under and Banner Blocking.
  • Advanced Flash and Rich Media (Fly-In) Ad Blocking.
  • Home Page Hi-Jacker Protection
  • Integrated Cookie and Browser History cleaning.
  • Automatic updates. Always stay up-to-date.



desktop.exe

There's 2 known bad guys that use this process name and no good guys!
1.) iSearch "Desktop Search" hijacker
2.) The SDBOT.MD WORM!



alg32.exe

Added by a variant of the SPYBOT WORM! This is meant to fly under your radar by looking like alg.exe



mm_tray.exe

MusicMatch Jukebox icon in the task tray - digital music player / CD burner and ripper / music organizer / playlist creator



type32.exe

For MS programmable keyboards. If you disable Intellitype in Startup, any "Hot Keys" that are changed by the user to perform functions other than default settings, defer back to their default settings unless you have changed them



NPFMntor.exe

Norton AntiVirus Firewall Monitor is an important part of Norton Internet Security.



MsgPlus.exe

MsgPlus.exe - is a third party extension of Microsoft Messenger. There is some optional sponsored software that may be installed with this application that is classified as spyware.



Dragdiag.exe

For an external Alcatel ADSL high-speed modem. A diagnostic tool and can be run from the Start menu when required. The only reason it might be useful on startup is if you like seeing an 'at-a-glance' status indicator on the taskbar (the icon is a different colour depending on the status of the device/line)



PCMService.exe

PCMService.exe is a part of Cyberlink's Power Cinema. Commonly distributed with the Dell MultiMedia software suite. It is used to watch movies, play music and even watch TV in a central location.



mcmnhdlr.exe

mcmnhdlr.exe is a part of Mcafee's online virus scan system. This process must be running for your virus scanning to function.



mghtml.exe

mghtml.exe is a part of Mcafee Internet security but we're not sure of its exact function currently. Leave it running to be on the safe side.



mcupdate.exe

mcupdate.exe is a part of Mcafee Viruscan and is in charge of updating your virus definitions.



UpdateStats.exe

UpdateStats.exe - Statblaster - "Get officially liscensed MLB pitch-by-pitch real time updates from every stadium around the league. StatBlaster provides live streaming statistics for each fantasy matchup you want tracked either in one league or across all your leagues"



EabServr.exe

EabServr.exe - Easy Access Buttons control panel on Compaq laptops. Only required if you use the extra keys



SABSVC.EXE

SABSVC.EXE - SuperAdBlocker highlights:

  • Real-Time Spyware/Adware protection. No "scanning" required.
  • Superior Pop-Up, Pop-Up Under and Banner Blocking.
  • Advanced Flash and Rich Media (Fly-In) Ad Blocking.
  • Home Page Hi-Jacker Protection
  • Integrated Cookie and Browser History cleaning.
  • Automatic updates. Always stay up-to-date.



regedit.exe

regedit.exe is the registry editing application provided by Microsoft for viewing and editing keys in your registry. This should only be used by advanced users.



ibmpmsvc.exe

ibmpmsvc.exe is the IBM Power Management Service which monitors the various power buttons, hibernation and various other things to help conserve your battery life.



slserv.exe

What is it?

slserv.exe is associated with smartlink modem software.

What does it do?

provides a system tray icon that shows the connection status.

More info:

Keep it if you use a smartlink modem



CPATR10.EXE

What is it?

CPATR10.EXE is a driver associated with some laptops special function hot keys

What does it do?

monitors special laptop buttons such as pause, play, Contrast etc..

More info:

If you're using a?laptop such as?Toshiba or Compaq,?this file is needed?so the special funtion keys work.



RtlWake.exe

What is it?

RtlWake.exe is a file associated with belkin wireless network?device drivers and?software.

What does it do?

Apparently it is part of the Configuration and Monitoring utility for the wireless networking device.

The network monitor and configuration utility provides a system tray icon giving quick access to singnal strength,

network status, configuration of SSID encryption,?DHCP and other network?settings.

More info:

May have been included with the software of your belkin wireless?network adapter, router or highspeed modem.



3ComABG.exe

What is it?

3ComABG.exe is a file associated with 3com wireless 802.11 A/B/G Management software.

What does it do?

3com Wireless Card Manager lets an administrator create profiles for mobile users that reflect specific settings for each place they travel, displays connection status, and features simple-to-use diagnostic tools.

More info:

3com ABG adapters Support all three existing IEEE 802.11 networking standards?11a, 11b, and 11g. That means you can stay connected, no matter what wireless environment you're in.

Read More about 3com abg devices [url=http://www.3com.com/products/en_US/prodlist.jsp?tab=cat&pathtype=purchase&cat=13&selcat=Wireless+Products&family=142442]@ 3com.com[/url]



cseraser.exe

What is it?

cseraser.exe is associated with?the CuteShield application, also known as Internet Eraser.

What does it do?

AbsoluteShield Track Eraser protects your privacy by cleaning up all the tracks of your Internet and computer activities. The tool is integrated with the browser and it can erase the browser cache, history, cookies, typed URLs, autocomplete list and so on in one click.

More info:

Ream more about CuteShield and Internet Eraser [url=http://www.cuteshield.com/]@ Cuteshield.com[/url]



soffice.exe

What is it?

soffice.exe is associated with?OpenOffice and StarOffice word processing software from Sun Microsystems.

What does it do?

Provides Word processing and Spreadsheet applications for creating and editing?documents.

StarOffice software is an affordable alternative in office productivity suites that runs on multiple operating systems, including Solaris Operating Environment, Microsoft Windows, and Linux. The office suite has a simple, easy-to-use interface and contains full-featured applications including word processing, spreadsheet, presentation, graphics, and database capabilities. StarOffice can read, edit, and save MS Office files and is interoperable with many third party file formats like PDF and XML.

More info:

Read more about StarOffice [url=http://www.staroffice.com/index.php]@ staroffice.com[/url]



Dit.exe

What is it?

Dit.exe is associated with?drivers for Flash memory card readers, Specifically Multiple Card Readers.

What does it do?

Assigns drive icons and names to flash memory cards. Required, otherwise the drives aren't found

More info:

Found in our startup Data Base

http://startup.iamnotageek.com/srch-Dit.html



mHotkey.exe

What is it?

mHotkey.exe is associated with drivers for Chicony Multimedia Keyboards.

What does it do?

Provides support for the special function keys on the multimedia keyboard.

More info:

If you are having Trouble with your Chicony Keyboard look for support at the Chicony website:

www.chicony.com



CNYHKey.exe

What is it?

CNYHKey.exe is associated with drivers for?Chicony Multimedia Keyboards.

What does it do?

Provides support for the special function keys of the Chicony Multimedia Keyboard.

More info:

If you are having trouble with your Chicony Mutimedia Keyboard look for support at the Chicony website

www.chicony.com



hpztsb0 8.exe

What is it?

hpztsb0 8.exe Is associated with drivers for some HP deskjet printers.

What does it do?

Printer maintanence, configuration and Print Spool application.

Provides a system tray icon for quick access to the HP?configuation and maintanence Utility.

More info:

You can check your ink levels, print jobs,?access the print head cleaning and allignment tools.

If you are having trouble with your HP printer look for support at HP.com



DitExp.exe

What is it?

DitExp.exe Is associated with Flash memory card reader drivers, specifically Multiple Card Readers.

What does it do?

Handles?drive icons and names for flash memory cards.

More info:

Also associated with Dit.exe which is found in our startup Database

http://startup.iamnotageek.com/srch-dit.exe.html



S24EvMon.exe

S24EvMon.exe is used in the situations where you have a wireless and wired LAN connection at the same time. It acts like a software "bridge" to use the bandwidth of both connections at the same time.



QCONSVC.EXE

QCONSVC.EXE is a part of the IBM Thinkpad software suite. This is a network connections related service that is supposed to make changing network connections easier.



RegSrvc.exe

RegSrvc.exe is a part of the Intel PROSet drivers and is used by your wireless connection. Ending this process may cause your network connection to quit working properly.



TPHKMGR.exe

TPHKMGR.exe is an IBM Thinkpad utility that lets you map the FN keys to various functions. If you're using these as shortcuts to various programs you'll want to leave this running. If you don't know anything about that then this process is safe to end :)



UpdaterUI.exe

UpdaterUI.exe is a part of McAfee's security application. It will keep your virus definitions up to date. You really should leave this process running. Old virus definitions are almost as bad as not running an AV application at all!



tfswctrl.exe

tfswctrl.exe is HP's packet writing software. It is similiar in function to Adaptec's DIrectCD. Basically you can copy files in windows explorer to the CD drive and it will write them straight to the CD.? Windows XP has CD writing functions built in so programs like this are slowly going away.



DLG.exe

DLG.exe is a digital line detecting application. I'm really not a fan of these. Basically it just checks the line to see if your modem is plugged into a digital or analog line. The modem will not work on a digital line. If you never use dialup you? should disable this process. If you do use your modem you may still want to kill this process.



DkService.exe

DkService.exe is Executive Software's diskeeper. It is the best hard drive disk defragmentation program I've found. In NT based OS's this file will be run as a service and is used for a users sheduled disk defragmentation. It is good to have your drive scheduled to defrag at least once a week at a time when you know you'll be in bed.



flashget.exe

flashget.exe - the freely available version is adware supported so that is why it is in our spyware category. You don't have to worry about the paid version. In case you didn't know, this is one of the better and more popular file download management applications available.



DrgToDsc.exe

DrgToDsc.exe is the Adaptec/Roxio Easy CD/DVD Creator software that used to be known as DirectCD. This is a packet writing application that is integrated with windows explorer so that anytime you want to write something to a CD you simply use windows explorer and copy the files to the CD drive.



RxMon.exe

RxMon.exe is a part of Roxio easy CD creator and places the Roxio AudioCentral icon in you system tray. "Includes a player, media manager, ripper, tag and sound editor - integrated in a single application". This application isn't need for Roxio to operate properly. We're not a big fan of shortcut type things running in the task tray.



bcmwltry.exe

bcmwltry.exe is a Broadcom wireless networking tray icon. This is only a shortcut to configuring your wireless network.



HOTSYNC.EXE

HOTSYNC.EXE is Palm's hotsync application. Everytime you place your Palm on the cradle this process will synchronize it with your PC. If you use your Palm alot you should leave this program running.



MSGSRV32.EXE

MSGSRV32.EXE is a part of Windows 9x/Me. This is a 32 bit message server.? For more information on its function and why it's needed, see here.



MPREXE.EXE

MPREXE.EXE is a part of Windows 9x/Me which allows the computer to use multiple network protocols and/or multiple network interface cards. This should always be a background process and shouldn't be ended.



RPCSS.EXE

RPCSS.EXE is the Remote Procedure Call Services on the local machine. This process shouldn't be ended. This is needed for network computers to communicate with each other.



MPFTRAY.EXE

MPFTRAY.EXE - McAfee Personal Firewall tray icon. This is a non essential process that is used for easy access to various Mcafee Personal Firewall functions.



DDHELP.EXE

DDHELP.EXE is a part of DirectX. This is DirectDraw Helper. You should leave this process as is if you like your video and audio :)



SPOOL32.EXE

SPOOL32.EXE is your windows printer spool handler and is important for a stable windows OS.



STIMON.EXE

STIMON.EXE is a windows process that provides extra functionality when you plug in a scanner, digital camera or some type of video/image hardware.

It is called Still Image Monitor and you can read more about it here. Quote:
Still Image Monitor (Stimon.exe) is a tool that is installed by Windows Millennium Edition (Me) and Windows 98 when a Universal Serial Bus (USB) scanning device is successfully enumerated. Stimon.exe is configured to start automatically during the Windows startup process, and is loaded from the following registry key:



IMGICON.EXE

IMGICON.EXE - Displays Iomega icons in Explorer/My Computer, ejects Zip disks on shutdown and displays a special delete confirmation box when deleting files on an Iomega drive. Available via Start -> Programs. If you disable it remember to eject disks first before powering the drive down



MMKEYBD.EXE

MMKEYBD.EXE is a generic multimedia keyboard process which is packaged with some Dell's, Packard Bells and countless other companies. If you don't use the multimedia shortcuts on your keyboard you don't need this process.



OSD.EXE

OSD.EXE is made by By Netropa for HP and other brands. Same group as KBD MediaCenter & Touch Manager. Pressing a "hot key" on such a keyboard brings a corresponding panel on the screen for volume, etc. Nice but not required if you don't adjust things regularly



PSTORES.EXE

PSTORES.EXE is a part of protected storage server. It is used by Microsoft programs like IE and outlook to store things like your passwords securely in your windows registry.



snmp.exe

snmp.exe is a windows process that is related to networking.

The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.



HPZipm12.exe

HPZipm12.exe is a part of the HP driver package. It helps keep your printer functioning properly. Leave this process alone. Ending it may cause your printer to to quit functioning properly.



CTSysVol.exe

CTSysVol.exe is installed alongside Creative Labs audio devices and handles the volume. I personally would end this process and use the windows built in volume control.



QWDLLS.EXE

QWDLLS.EXE is a part of Quicken and helps the software load faster. This process is not actually needed by Quicken to operate properly.



GoogleDesktop.exe

Google Desktop Search - "a desktop search application that provides full text search over your email, computer files, chats, and the web pages you've viewed. By making your computer searchable, Google Desktop Search puts your information easily within your reach and frees you from having to manually organize your files, emails, and bookmarks"



dpps2.exe

What is it?

dpps2.exe is associated with the pop up stopper companion from Panicware.

What does it do?

Pop-up blocker.

More info:

Found [url=http://startup.iamnotageek.com/srch-dpps2.exe.html]here[/url] in our startup DB.



GoogleDesktopIndex.exe

Google Desktop Search - "a desktop search application that provides full text search over your email, computer files, chats, and the web pages you've viewed. By making your computer searchable, Google Desktop Search puts your information easily within your reach and frees you from having to manually organize your files, emails, and bookmarks"



GoogleDesktopCrawl.exe

Google Desktop Search - "a desktop search application that provides full text search over your email, computer files, chats, and the web pages you've viewed. By making your computer searchable, Google Desktop Search puts your information easily within your reach and frees you from having to manually organize your files, emails, and bookmarks"



ARESLITE.EXE

What is it?

ARESLITE.EXE is associated with a program called ares light edition.?

What does it do?

Enables peer-to-peer file-sharing on the Ares P2P network.

More info:

Found [url=http://startup.iamnotageek.com/srch-AresLite.exe.html]here[/url] in our startup db.



APACHE.EXE

APACHE.EXE is the web server Apache. It was originally designed for linux and it is our web server of choice. It is open source and best of all FREE! http://apache.org/



hpztsb05.exe

hpztsb05.exe is a part of the HP printer driver software. Don't ask me why they use such weird filenames.



dmadmin.exe

dmadmin.exe is a logical disk manager admin. Every time you add or change a drives partitions this process is run. If it is running you shouldn't end it because it will end itself.



WCESCOMM.EXE

WCESCOMM.EXE is the built in windows synchronization manager for keeping your data synchronized with windows CE based handhelds.



hpqcmon.exe

hpqcmon.exe is HP digital imaging and belongs to your scanner or camera driver.



hpgs2wnd.exe

hpgs2wnd.exe belongs to Hewlett-Packard's share-to-web software. "HP's exclusive Share-to-Web software makes it easy to share content with others through our affiliate Internet websites."



hpgs2wnf.exe

hpgs2wnf.exe belongs to Hewlett-Packard's share-to-web software. "HP's exclusive Share-to-Web software makes it easy to share content with others through our affiliate Internet websites."



acsd.exe

acsd.exe AOL Connectivity Service - starts an automatic function that restores the connection should you lose it while online. Negates having to go through the procedure of signing back on manually



MotiveSB.exe

MotiveSB.exe System tray icon for the Virtual Assistant from AT&T Broadband, used to communicate internet problems via the network rather than telephone. Available via desktop shortcut or Start -> Programs - not required



ccPxySvc.exe

Part of Norton's AntiVirus 2003, Internet Security and Firewall products. E-mail proxy service - required for E-mail scanning and the firewall



hphmon03.exe

hphmon03.exe - Traybar icon that is a part of HP photosmarts diagnostic/configuration software.



HPHipm09.exe

HPHipm09.exe - Is some kind of HP tool. We're not exactly sure what its purpose is currently. Please let us know if you have detailed information on this. Googling didn't find any real details currently.



wmiapsrv.exe

wmiapsrv.exe is WMI performance server. If you are using the built in windows performance monitoring software this process will be running.



hpotdd01.exe

hpotdd01.exe Detection of new imaging, printing and other peripherals on HP machines such as USB printers, cameras and Bluetooth products. "This program is a non-essential process, but should not be terminated unless suspected to be causing problems"



hpoevm08.exe

hpoevm08.exe is a part of the HP printer software. It is needed by your printers.



hpoSTS08.exe

hpoSTS08.exe belongs to the HP officejet diagnostic and monitoring tools. May not be needed for normal printer operations.



HPWuSchd2.exe

HPWuSchd2.exe - HP software updates. If a shortcut doesn't exist, create your own and run it manually



hpcmpmgr.exe

hpcmpmgr.exe - Checks the internet for updated drivers/utilities for your HP product - update manually. Disabling will remove the error "Windows can't shutdown the computer because hpcmpmgr.exe can't be ended"



Ad-Watch.exe

Ad-Watch.exe - Part of Lavasoft Ad-aware Plus - realtime spyware-monitor watching your memory and registry for spyware that tries to install or change your system



Weather.exe

Weather.exe - Weatherbug provides current outdoor temperature in the System Tray, also weather alerts.



tmproxy.exe

tmproxy.exe - Trend Micro PC-cillin 2003 antivirus software



STMGR.EXE

STMGR.EXE - Microsoft PC state manager



HPODEV07.EXE

what is it?

HPODEV07.EXE is associated various HP all-in-one printer/scanner/copier devices.

What does it do?

Detects all device events and handles all ongoing communication on the device

More info:

Found [url=http://startup.iamnotageek.com/srch-hpodev07.exe.html]here[/url]?in our startup DB



KODAKCCS.EXE

KODAKCCS.EXE - Kodak DC File System Driver. This is a non essential process.



SpybotSD.exe

SpybotSD.exe is Spybot - Search & Destroy. In my book it's the second best spyware removal program on the market and a must have for everybody since its FREE!



ALCXMNTR.EXE

ALCXMNTR.EXE - Realtek AC97 Audio - Event Monitor. Sypware file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but is being used by Realtek to gather data about customers



mpbtn.exe

mpbtn.exe - System tray icon for the Virtual Assistant from AT&T Broadband, used to communicate internet problems via the network rather than telephone. Available via desktop shortcut or Start -> Programs - not required



MsgSys.EXE

MsgSys.EXE is Intel's LANDesks Alert system and is a non essential process.



NAVAPW32.EXE

NAVAPW32.EXE - Norton Anti-Virus's background scanning process



Mixer.exe

Mixer.exe - C-Media produce audio chipsets that are often found on popular motherboards with on-board audio. Provides System Tray access to change audio settings. Available via Start -> Settings -> Control Panel or Start -> Programs



calc.exe

calc.exe the windows calculator :) 1+1=3 4x4=8 That's the Microsoft programmer way at least ;) ALL WRONG!



mcvsftsn.exe

mcvsftsn.exe is Mcafee virus scan's utility and should not be stopped.



SAgent2.exe

SAgent2.exe - Seiko Epson printer status agent. Disable if printer is not used often



wsxsvc.exe

wsxsvc.exe - Delfin Media Viewer or "Promulgate" adware variant



LOADQM.EXE

LOADQM.EXE - Installed with MSN Explorer and loads the MSN Queue Manager. Required to enable the WU AutoUpdate feature. Note that disabling this can sometimes prevent internet sharing working on Win2K Pro SP2. Reports also suggest that removing it will re-enable internet access - hence the "users choice" recommendation. If you have problems leave it, otherwise I recommend you disable it



VSSTAT.EXE

VSSTAT.EXE - From McAfee VirusScan up to version 4.x and Dr Solomon's VirusScan. Communicates between VSSTAT.EXE and the VShield System Scan module. Can be started automatically or available via Start -> Programs



VSHWIN32.EXE

VSHWIN32.EXE - From McAfee VirusScan up to version 4.x and Dr Solomon's VirusScan. Communicates between VSSTAT.EXE and the VShield System Scan module. Can be started automatically or available via Start -> Programs



VCONSOL.EXE

VCONSOL.EXE - From McAfee VirusScan up to version 4.x and Dr Solomon's VirusScan. Used to schedule regular scans. If you don't have scans scheduled you don't need it



tapisrv.exe

tapisrv.exe is the background service that provides the Windows telephony support for windows 98 and NT4.



agent.exe

agent.exe has quite a few known applications. The most popular is Forte Agent which is probably the best news reader available. CyberLinks power VCR and even a couple of OEM diagnostic tools.



HotKey.exe

HotKey.exe is shared by a number of keyboard for shortcuts and even a video driver.



Avconsol.exe

Avconsol.exe - From McAfee VirusScan up to version 4.x and Dr Solomon's VirusScan. Used to schedule regular scans. If you don't have scans scheduled you don't need it



dslagent.exe

dslagent.exe - Used in conjunction with USB connected ADSL modems from Eicon Networks (as used by BT for its Broadband internet service for example). Required for a permanent ADSL connection



ICQLite.exe

ICQLite.exe - ICQ Lite - compact version of the popular messaging program



javaw.exe

javaw.exe is a part of Sun's Java. If you want your system to support/browser to support java you will need this process.



gah95on6.exe

gah95on6.exe is bad but I'm not exactly sure what it is. Remove the startup entry and delete the file. If you have more specific information on this file please let us know. Ad-Aware seems to detect and remove it.

There will be a startup entry that looks like this:
O4 - HKLM..Run: [gah95on6] C:WINDOWSSystem32gah95on6.exe



LVComsX.exe

LVComsX.exe is installed with Logitech webcams. It is needed for your webcam to work properly.



mmc.exe

mmc.exe is Microsoft's management console which handles management applications in your control panel.



SpySweeper.exe

SpySweeper.exe - Spy Sweeper - detects and removes spyware



CTDVDDet.EXE

CTDVDDet.EXE - Auto-detect and play a DVD when using a Creative Soundblaster Audigy2 soundcard. Uses about 2.2 MB of memory. Disable it by heading to the MediaSource DVD Audio Player, selecting Tools, then uncheck the Auto Start box. It should not start up automatically again



FxSvr2.exe

FxSvr2.exe is a logitech video server which is used by their video products like webcams.



BCMSMMSG.exe

BCMSMMSG.exe - BCM voicemodem driver. Required for dial-up if you have one of these modems



CloneCDTray.exe

CloneCDTray.exe - System tray for CloneCD - the only useful option is "Hide CDR Media" only available via this tray. Has additional unknown functions in later versions



hpztsb04.exe

hpztsb04.exe - (1) Ghostscript device driver for printers understanding Hewlett-Packard's Printer Command Language - see here for more info or (2) Creates 1 or all 3 icons on taskbar. The 1st one has a yellow border around it warning that ink is low on the printer. The 2nd one is HP Device Detection Software and the 3rd one is about a card being inserted into the Hp printer



WinCinemaMgr.exe

WinCinemaMgr.exe - WinCinema Manager is needed when using the WinDVD Remote Control for WinDVD from Intervideo.



RCMan.EXE

RCMan.EXE - Remote control for Creative MediaSource - plays back music in DVD-Audio, MP3, WMA, WAV and other media formats



swdoctor.exe

swdoctor.exe - Spyware Doctor spyware remover



mysqld-nt.exe

mysqld-nt.exe is the MySQL Daemon. This is a must have for any web developer's dev box. If you're not a programmer you really shouldn't have this on ;0 Also stop the service if you're not using the databases since this can hog quite a bit of RAM.



HPOEVM07.EXE

HPOEVM07.EXE - is a part of the HP printer software and is useful for some diagnostics and configuration changes.



HPOSTS07.EXE

HPOSTS07.EXE - is a part of the HP printer software and is useful for some diagnostics and configuration changes.



HPOFXM07.EXE

HPOFXM07.EXE - is a part of the HP printer software and is useful for some diagnostics and configuration changes.



HPOIPM07.EXE

HPOIPM07.EXE - is a part of the HP printer software and is useful for some diagnostics and configuration changes.



HPWuSchd.exe

HPWuSchd.exe - HP software updates. If a shortcut doesn't exist, create your own and run it manually



STARTER.EXE

What is it?

STARTER.EXE is associated with the Ensonique Mixer software for creative labs audio devices.

What does it do?

Puts the Ensoniq mixer?in the?system tray.

More info:

Found [url=http://startup.iamnotageek.com/srch-starter.exe.html]here[/url] in our startup DB.



ssdpsrv.exe

What is it?

SSDPSRV.EXE is related to services for?network?plug and play functionality known as Simple Service Discovery Protocol (SSDP) and General Event Notification Architecture (GENA)

What does it do?

Starts up a web server on port 5000

More info:

Found [url=http://startup.iamnotageek.com/srch-ssdpsrv.exe.html]here[/url] in our startup db.



HPOOPM07.EXE

What is it?

HPOOPM07.EXE is a file associated with software included with?various HP all-in-one printer/scanner/copier devices.

What does it do?

Detects if the device moves to a different port, and notifies other processes to look on the new port.

More info:

Found [url=http://startup.iamnotageek.com/srch-hpoopm07.exe.html]here[/url] in our startup DB.



ashwebsv.exe

What is it?

ashwebsv.exe is a file associated with Avast antivirus software.

What does it do?

Both the virus database and the program itself can be updated automatically. The updates are incremental, i.e. only the new or missing data are downloaded, thus reducing the transfer heavily.

More info:

Read more about avast antivirus software

[url=http://www.avast.com/eng/products.html]@ avast.com[/url]



WEBSHOTSTRAY.EXE

What is it?

WEBSHOTSTRAY.EXE is a file associated with Webshots screensaver and desktop wallpaper software.

What does it do?

system tray service?provides quick?access to configure webshots software.

webshots loads digital images into the screensaver and or as the desktop wallpaper.

More info:

Read more about Webshots [url=http://www.webshots.com/homepage.html]@ webshots.com[/url]



HPOID407.EXE

What is it?

HPOID407.EXE is a file associated with HP all in one software.

What does it do?

The software included with your HP printer provides an interface to configure?settings, monitor?print jobs, ink levels etc...

More info:

If you are?getting an error message?related to?hpoid407.exe you can find help in the support section [url=http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=bpu04834&locale=en_US&docId=10694]@ HP.com[/url]

Read more about HP products at [url=http://www.hp.com/]hp.com[/url].



CREATECD50.EXE

What is it?

CREATECD50.EXE is associated with EZ CD Creator 5 software

What does it do?

Adaptec Easy CD Creator version 5 system tray application

Provides quick access to the cd?creator application via the system tray icon.

More info:

EZ cd creator 5.0 is included with many retail?CD burners. There?are updates,?as well as other more inclusive applications?available from Roxio.

Read more about Roxio software [url=www.roxio.com]@ Roxio.com[/url]



TRAYMON.EXE

What is it?

TRAYMON.EXE is associated with software included with netropa multimedia keyboards

What does it do?

Netropa Internet Receiver traymonitor.

More info:

Found [url=http://startup.iamnotageek.com/srch-traymon.exe.html]here[/url] in our startup DB.



SCANNERFINDER.EXE

What is it?

SCANNERFINDER.EXE is an application associated with microtek scanners

also known as scanner detector.

What does it do?

Monitors and reports?weather a scanner has been detected, or not..

More info:

If you are having trouble with your microtek scanner?or software, look for?help in the support section?[url=www.support.microtek.com]@ microtek.com[/url]



CALCHECK.EXE

What is it?

CALCHECK.EXE is associated with Ulead Photo Express Calandar desktop wallpaper application.

What does it do?

Photo Express Calandar checker monitors the?date on?the computer?and automatically updates the wallpaper image according to the schedule set in the application.

This can be configured weekly, monthly or yearly at your preference.

More info:

Read more about Ulead Imaging software [url=www.ulead.com]@ Ulead.com[/url]

Also found [url=http://startup.iamnotageek.com/srch-calcheck.exe.html]here[/url] in our startup db.



RNAAPP.EXE

What is it?

RNAAPP.EXE (Remote Network Access Application)?component of Windows Dial Up Networking.

What does it do?

Runs when using a modem to connect to the internet or another computer.

More info:

Found in our startup DB [url=http://startup.iamnotageek.com/srch-rnaapp.exe.html]here[/url]



schedul2.exe

schedul2.exe is Acronis True Image. More information can be found here.

Acronis True?Image allows you to create an exact disk image for complete system backup and disk cloning providing the most comprehensive data protection.

The disk backup file contains the exact copy of a hard disk, including all the computer data, operating system, and programs.




mozilla.exe

mozilla.exe is the bigger brother/father of FireFox. More information can be found here.

Web-browser, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple -- all your Internet needs in one application.



CtNotify.exe

CtNotify.exe - For Creative Soundblaster Live! series soundcards. Detects when you insert a CD-ROM, DVD-ROM, etc. Available via Start -> Settings -> Control Panel



MediaDet.exe

MediaDet.exe is associated with Creative Labs sound cards. Basically when you insert something into your CD/DVD player it will launch the appropriate application.



realmon.exe

realmon.exe - Realtime scanner part of eTrust Antivirus/InoculateIT version 6 virus scanners from Computer Associates



x10nets.exe

x10nets.exe is a part of the X10 video streaming device software. They've been spending a ton of money advertising those small spycam type devices and can be a great source of fun for alot of us perverts.



hpobnz08.exe

hpobnz08.exe System Tray icon indicating when the printer is ready. Can be started manually with HP Director but takes time to start



sqlmangr.exe

sqlmangr.exe SQL Server?Service Manager - provides tray access to SQL server,?the server agent and MSDTC. Available via Start -> Programs



xcommsvr.exe

What is it?

xcommsvr.exe is part of an antivirus?application called bit defender.

What does it do?

Bit defender helps protect?the PC?against virus infections

More info:

Read more?at www.bitdefender.com



bdswitch.exe

What is it?

bdswitch.exe is part of bit defender antivirus software.

What does it do?

Bit defender helps protect the PC against virus infections.

More info:

read more at www.bitdefender.com



bdnagent.exe

What is it?

bdnagent.exe is part of bit defender anti virus software.

What does it do?

bit defender helps protect the PC against virus infections.

More info:

read more at www.bitdefender.com



gg.exe

What is it?

gg.exe is a component of the gadu-gadu Instant messenging client.

What does it do?

Provides a polish language instant messanger. Kinda like AIM, in the polish language.

More info:

I have no more info for this file.



bdss.exe

What is it?

bdss.exe is part of the bit defender antivirus application.

What does it do?

Bit defender helps protect the PC from virus infections.

More info:

Read more at www.bitdefender.com



vsserv.exe

What is it?

vsserv.exe is part of the bit defender antivirus application.

What does it do?

Bit defender helps protect the PC from virus infections.

More info:

Read more at www.bitdefender.com



bdmcon.exe

What is it?

bdmcon.exe is part of bit defender anti virus application.

What does it do?

Bit defender helps protect the PC from virus infections.

More info:

Read more at www.bitdefender.com



NeroVision.exe

What is it?

NeroVision.exe is part of Ahead Nero CD/DVD authoring software.

What does it do?

nerovision.exe ???? I guess it's part of nero burning rom. I didn't see anything about nerovision.exe on the website.

More info:

read more at www.nero.com



emule.exe

What is it?

emule.exe is a p2p file sharing application.

What does it do?

Allows multiple users to share files across multiple networks.

From their site:

"eMule is one of the biggest and most reliable peer-to-peer file sharing clients around the world"

More info:

read more at www.emule-project.net



Playlist.exe

Playlist.exe is a part of Roxio's EZ CD Creator 6 it generates the playlists for the CDs you burn. This is a non essential process.



EvtEng.exe

EvtEng.exe belongs to EvtEng Module to provide additional support to your Intel Wireless hardware. If you're not using your wireless hardware feel free to remove this.



basfipm.exe

basfipm.exe is installed with many broadcom cummunications drivers and is used for IP monitoring.



WCESMgr.exe

WCESMgr.exe is a part of Microsoft's ActiveSync which is used to synchronize your windodws CE based machines with your main computer.



msnavc32.exe

msnavc32.exe is the latest variation of VX2 and can be a pain to remove. You'll want to post your logs in the HJT forum to get help on removing this one.



OLFSNT40.EXE

OLFSNT40.EXE is a part of Symantec that brings virtual printing and faxing to your computer. This can be run as a desktop shortcut and doesn't need to be a startup item.



KHALMNPR.EXE

KHALMNPR.EXE - For a Logitech Bluetooth wireless mouse. Part of SetPoint that sets the Windows mouse sensitivity to minimum. The idea is that you will use the SetPoint Control Panel to adjust your mouse sensitivity. This setting is maintained separately from the Windows setting, but is combined with the Windows setting to determine the final sensitivity. For this reason, KHALMNPR sets the Windows setting to 0 so it doesn't alter the one you set in SetPoint



Fast.exe

Fast.exe - Installs as part of Windows XP PowerToys as an option for very-fast user switching (allowing a keystoke to switch users instead of using the login screen). It is only used for the hot-key switch and yet it hogs 1.5 megs of memory in two separate processes (one run by the user & one by the system). Optional install in PowerToys



PackethSvc.exe

What is it?

PackethSvc.exe is a associated with the?Compuserve?virtual adaptor service.

What does it do?

Not exactly sure on this one? Some say it is?a compuserve/aol component used for virtual networking or peer to peer connections.

More info:

If you?use Compuserve or AOL,?this file may be needed for?those services.

If you did not?install compuserve or AOL, you may want to disable Packethsvc.exe, the choice is yours.

Keep an eye on this google search for more info:[url=http://www.google.com/search?hl=en&lr=&q=PackethSvc.exe&btnG=Search]google search[/url] If you notice?PackethSvc.exe associated with networking services?that you did not install or authorise, Trash can it.



ADService.exe

What is it?

Part of Iomega's Active Desk software.

What does it do?

Allows software applications to be run directly from an Iomega Zip? disk. Required if you wish the applications to launch on insertion of a disk

More info:

Found [url=http://startup.iamnotageek.com/srch-ADService.exe.html]here[/url] in our startup DB.



Atomtime.exe

What is it?

AtomTime.EXE is the executable file for Atom Time Pro

What does it do?

Atom Time Pro will sync?the computers time with the atomic clock in Boulder CO over the internet.

More info:

Read more about Atom Time Pro at?[url=http://www.atomtime.com/]atomtime.com[/url]



ADUserMon.exe

What is it?

ADUserMon.exe is part of Iomega's Active desk software.

What does it do?

Allows software?applications to be run directly from an Iomega Zip? disk. Required if you wish the applications to launch on insertion of a disk

More info:

Found [http://startup.iamnotageek.com/srch-ADUserMon.exe.html]here[/url] in our Startup DB



CursorXP.exe

what is it?

CursorXP.exe is part of CurserXP?from Stardock.

What does it do?

It is a tool for creating mouse cursors.

More info:

Found [url=http://startup.iamnotageek.com/srch-CursorXP.exe.html]here[/url] in our Startup DB.



ggviewer.exe

What is it?

ggviewer.exe is part of the Google Deskbar application.

Whats it do?

Google Deskbar lets you use the Google Search engine right from your desktop without using an internet browser.

More info:

Read more about the google deskbar application at [url=http://deskbar.google.com/]google.com[/url].



Adsgone.exe

What is it?

adsgone.exe is part of a?pop up blocker

Whats it do?

Blocks unwanted popup ads. Allows the ones you want.

Prevent Messenger Service and Web Page Dialog Ads, Blocks Banner Ads; Remove all the clutter of all the flashing banner ads.

More info:

Read more about pop up blocker at www.adsgone.com



Nod32krn.exe

What is it?

nod32krn.exe is part of an antivirus application.

What does it do?

Real-Time Protection against Viruses, Trojans, Spyware, Adware and Riskware.

More info:

Found [url=http://startup.iamnotageek.com/srch-Nod32krn.exe.html]here[/url] in our Startup DB.

Read more about nod32 antivirus at www.nod32.com



pptd40nt.exe

"PaperPort" software associated with scanners



CMGrdian.exe

McAfee's QuickClean



LXSUPMON.EXE

Lexmark Printer. The printer should work fine without it



2PortalMon.exe

2Wire Homeportal user interface



RuLaunch.exe

Instant Updater for McAfee's VirusScan



REMIND32.EXE

A reminder process for the registration of quite a few programs from quite a few developers. More information can be found here.



hpohmr08.exe

One of the MANY files associated with HP printers. They always use filenames that look weird and almost like random filenames which toss up flags to research deeper.



WinStylerThemeSvc.exe

Associated with TuneUp Utilities 2004 I haven't used it but here's a quote from the developer: Extend your operating system's capabilities:
With TuneUp Utilities 2004, you can make Windows faster, more secure and comfortable. All important aspects of system configuration, setting up security, cleaning and maintenance are combined under a modern graphical user interface. More



sunasDTServ.exe

What is it?

sunasDTServ.exe is?associated with Sunbelt Software CounterSpy.

What does it do?

"CounterSpy is a powerful anti-spyware tool that detects, deletes and protects your personal computer from a broad range of malicious software"

More info:

Read more about Sunbelt Software's Counterspy @ [url=http://www.sunbelt-software.com/Products.cfm]sunbelt-software.com[/url]



sunasServ.exe

What is it?

sunasServ.exe is associated with sunbelt software's counter spy.

What does it do?

CounterSpy is a powerful anti-spyware tool that detects, deletes and protects your personal computer from a broad range of malicious software.

More info:

Read more about counterspy @ [url=http://www.sunbelt-software.com/Products.cfm]sunbelt-software.com[/url]



upsd.exe

What is it?

upsd.exe is associated with the belkin bullgod service UPS monitoring software.

What does it do?

runs under Windows 95 or later and monitors the UPS (Uninterrupted Power Supply) via a serial or USB link

More info:



HydraDM.exe

What is it?

HydraDM.exe is associated with ATI technologies Hydravidion Desktop manager.

What does it do?

"Hydravision Multi-monitor Management Software enables you to tailor your desktop to the way you work, so you can manage increased amounts of information and improve your productivity."

More info:

Read more about ATI Technologies HydraVision @ [url=http://www.ati.com/products/Hydravision/]ati.com[/url]



ATIDtct.EXE

What is it?

ATIDtct.EXE is associated with ATI Technologies Display Adaptor drivers and software.

What does it do?

Utility meant for future use of the ATI TV WONDER? USB 2.0 video driver and can be disabled

More info:

Found [url=http://startup.iamnotageek.com/srch-ATIDtct.EXE.html]here[/url] in our startup DB



ptsnoop.exe


"These descriptions I've come across - all valid as far as I can see :- (1) Program installed with some modems that monitors the COM ports for the modem driver. Not required from what I've read - may need a registry edit to get rid of it (2) Backdoor trojan virus that copies itself as PTSNOOP.EXE -see here for more info(3) Apparently the people who put it out claim it's a driver for a Voice modems (don't know who they are though - Ed) Note: If using AOL and you disable this you may lose your connection or lock up (4) Can also be an older Logitech scanner program. Remove from the Win.ini tab under Load='path'PTSNOOP and the System.ini tab under drivers='path'ptrtkr.drb. Can cause parallel port conflicts big time dragging system resources way down when a conflict exists (5) Allows audio monitoring of modem phone dialling tones and can be useful if you have connection problems (6) Karen Kenworthy's Snooper - ""logs the start and stop time of all programs run under Windows"""



ATISched.EXE

What is it?

ATISched.EXE is associated with ATI Technologies video card drivers and software.

What does it do?

"Component that remains resident in memory and automatically launches the ATI VIDEO PLAYER at a user selected time and date"

More info:

Found [url=startup.iamnotageek.com/srch-Atisched.exe.html]here[/url] in our startup DB.



avgwb.dat

Part of the AVG anti-virus suite. Not dangerous in any way, just holds data during scans, and during background processes.



iap.exe

iap.exe controls Dell's "OpenManage Client Instrumentation". It gives access to computer information via remote management tools. If it's using too many resources, go ahead, disable it.



FAMEH32.EXE

FAMEH32.EXE - This process is with F-secure antivirus, for a safe computer this should not be removed.



dpmw32.exe

dpmw32.exe - This process is with Novell Client, this process runs the backround it allows the system to access NDPS and assist with access to Netware security features.



FCH32.EXE

FCH32.EXE - This is the tray bar process for F-secure antivirus, it is used for easy access to F-secure antivirus application, for a safe computer this should not be removed.



QUICKDCF.EXE

USB mass storage driver used by some digital cameras such as the Fuji Finepix. Only required if you use it regularly



NoAdware3.exe

What is it?

NoAdware3.exe is associated with NoAdware, adware scanner and remover.

What does it do?

Application for scanning and removing adware.

More info:

read more about noadware3 at [url=www.noadware.net]www.noadware.net[/url]



ATIRW.exe

What is it?

ATIRW.exe is associated with ATI graphics card software.

What does it do?

Driver for the remote control for ATI's All-In-Wonder graphic cards and other products.

More info:

Read more about ATI?products?[url=www.ati.com]@ ati.com[/url]



ATIMMC.EXE

What is it?

ATI?multimedia center is ATI's main player application.

What does it do?

Player for?cd/dvd/audio/video mpg, tunes TV chanels in a window or full screen etc.

More info:

For more info about ATI multimedia center [url=http://www.ati.com/products/multimediacenter/]click here[/url].?



AVGUARD.EXE

What is it?

AVGUARD.EXE?Part of antivirus scanning software. Also noted to be part of a netsky infection.

What does it do?

AVG?runs on your?pc?to protect your bits from nasty bytes?that spread?viruses.

More info:

Found [url=http://startup.iamnotageek.com/srch-avguard.exe.html]here[/url] in our Startup DB.

If?you're worried about a virus on your?system?scan it?with an antivirus program?such as:

[url=http://www.grisoft.com/doc/1]AVG?antivirus[/url]

[url=http://www.bitdefender.com/index.php]Bit Defender[/url]

[url=http://housecall.trendmicro.com/]Trend micro?housecall[/url



mgabg.exe

What is it?

mgabg.exe is associated with MGA "matrox"?bios guard software.

What does it do?

More info:

found [url=http://startup.iamnotageek.com/srch-Mgabg.exe.html]here[/url] in our Startup DB.



PDesk.exe

What is it?

PDesk.exe is associated with the Matrox Power Desk?software.

What does it do?

Provides quick access to the matrox desktop managment software to change your display properties.

More info:

found [url=http://startup.iamnotageek.com/srch-Matrox%20PowerDesk%208.html]here[/url] in our Startup DB.



dslstat.exe

What is it?

dslstat.exe is associated with dsl connection monitoring software.

What does it do?

Provides a system tray icon that?shows the connection status for ADSL modems from Eicon Networks (as used by BT Broadband for example)

More info:

found [url=http://startup.iamnotageek.com/srch-dslstat.exe.html]here[/url] in our Startup DB.



FSGK32.EXE

FSGK32.EXE - This is with F-secure antivirus for a safe computer this should not be removed.



FSMB32.EXE

FSMB32.EXE - This is a part of F-secure antivirus application, for a safe computer this should not be removed.



AVGNT.EXE

What is it?

AVGNT.EXE is associated with the AVG antivirus application.

What does it do?

Helps protect your computer bits from nasty bytes that might spread viruses.

More info:

Read more about AVG antivirus at [url=http://www.grisoft.com/doc/1]grisoft.com[/url]



schedhlp.exe

What is it?

schedhlp.exe is part of Acronis True Image?backup software.

What does it do?

Co-operates with the schedul2.exe servuce to perform backup/restore tasks correctly.

More info:

Required if you want to use TrueImage to do some real ackup/restore tasks - not if you only want to explore/mount images.

Found [url=http://startup.iamnotageek.com/srch-schedhlp.exe.html]here[/url] in our Startup DB.



nod32kui.exe

What is it?

nod32kui.exe is associated with Nod32 Antivirus version 2.

What does it do?

"Provides protection against viruses endangering your PC, running on various
platforms from Microsoft Windows 95 / 98 / ME / NT / 2000 / XP, a number of UNIX ..."

More info:

Read more about Nod32 at [url=www.nod32.com]nod32.com[/url]



ANTIVIRUS.EXE

What is it?

ANTIVIRUS.EXE may be part of a legitimate application however at the time of this writing it has been found to be associated with several internet worms, It is therefore recommended to thouroughly scan your PC with up-to-date antivirus applications.

What does it do?

Viruses do bad stuff ;)

More info:

Keep an eye on [url=http://www.google.com/search?hl=en&q=ANTIVIRUS.EXE]this[/url] Google search for associations and help to remove any worms related to "antivirus.exe" Compare the discriptions of the worms, use appropriate applications to identify any infected files prior to any attempt at manually removing them?via the instructions provided by some of those web pages.



USRmlnkA.exe

What is it?

USRmlnkA.exe is associated with USRobotics Modem software and drivers.

What does it do?

More info:



reader_sl.exe

What is it?

reader_sl.exe is associated with the Adobe Reader application.

What does it do?

speeds up the loading of the reader application.

More info:

"Adobe? Reader? is free software that allows everyone from business professionals to home users to easily and reliably view, print, and search PDF files using a variety of platforms and devices."

Read more about Adobe Reader?at [url=http://www.adobe.com/products/acrobat/readermain.html]Adobe.com[/url]



TOTALCMD.EXE

What is it?

TOTALCMD.EXE is associated with Total Commander software

What does it do?

Total Commander is a sharware File Manager for windows.

More info:

Read more about total commander at [url=http://www.ghisler.com/index.htm]ghisler.com[/url]



FahCore_78.exe

What is it?

FahCore_78.exe is associated with the Folding at home application

What does it do?

Fahcore_78.exe is the CORE of the application,?kinda like the "Kernel"?in windows.

Folding at home or FAH is a distirbuted computing project designed to spread the processing load of the emense amount of number cruching needed to model folding proteins.

More info:

Read more about Folding at home or "FAH" at [url=http://folding.stanford.edu/]stanford.edu[/url]

Find FAH interesting?

would you like to join in the fun?

Join?Ianag in the task of "Folding at home" we are?Team 49 and you can read about how to join our struggle in taking over the world! err, I mean running up to the top of the?FAH?contenders?[url=http://forum.iamnotageek.com/t-52943.html]RIGHT HERE[/url]



HPConfig.exe

What is it?

HPConfig.exe is associated with the HP Configuration module?

What does it do?

Included with HP?notebooks and some HP?network ready?printer?drivers.

Needed for proper function of HP products and software.

More info:

Keep an eye on [url=http://www.google.com/search?hl=en&q=HPConfig.exe+%2Bmalware+%2Bspyware+%2Bvirus]this[/url] google search for any association of HPConfig.exe with Malware.



AutoUpdate.exe

AutoUpdate.exe is a known trojan, or a known spyware or more commonly an AT&T software update program. We haven't been able to find any circumstances where this process was actually even needed. We suggest removing this. Make sure you check here for more information.



CxtPls.exe

CxtPls.exe is a part of apropos adware. You will want to remove this for sure. A guide for removing this garbage is available here.



StatusClient.exe

What is it?

StatusClient.exe is associated with HP?software and drivers.

What does it do?

Provies printer to client?status messages via the built in webserver onboard the network ready printer.

More info:

Read more about StatusClient [url=http://search.hp.com/query.html?col=a3x80+b3x80+c3x80+c3x8765+d3x80+d3x8765&charset=iso-8859-1&la=en&hpvc=US+-+main&qs=&nh=10&lk=1&rf=0&uf=1&st=1&qt=toolbox+status+client]@ hp.com[/url]



svchst.exe

What is it?

svchst.exe is associated with several worms and viruses

What does it do?

svchst.exe is added to the registry so that the?virus runs when?windows?starts.

Typical bad stuff that worms and viruses do.

A?worm that is associated with svchst.exe may attempt to steal CD-Keys of some video games.

More info:

Try some or all of these free virus scanners.

[url=http://www.grisoft.com/doc/38/lng/us/tpl/tpl01]avg.com[/url]

[url=housecall.trendmicro.com]trendmicro.com[/url] -Free online scan.

[url=http://www.bitdefender.com/scan8/ie.html]bitdefender.com[/url] -Free online scan.



prutqct.exe

What is it?

prutqct.exe is associated with?the TROJ_PRUTEC.B?virus.

What does it do?

from trendmicro:

""This Trojan is capable of terminating the following processes, which are mostly related to antivirus, security, and anti-spyware applications:

  • AdAware
  • AdAware6
  • Norton Internet Security
  • Spybot - Search & Destroy
  • YAHOO_ANTISPYWND
  • ZoneAlarm ""

Removal and More info:

more info @ [url=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FPRUTEC%2EB&VSect=T]trendmicro.com[/url]



clfmon.exe

What is it?

clfmon.exe is associated with the agent-bj Trojan!

What does it do?

BJ viruses tend to be mass mailers. There are several variants that do their own different?things, you will need up-to date antivirus that can handle the bj variants.

More info:

There's not much info available?on this; I found the reference in our Startup DB.

It?may be?a varient of the Beagle and/or?mytob mass mailing worm.



SYSfit.exe

What is it?

SYSfit.exe has been reported to be associated with Advertisment content delivery software adshooter.

What does it do?

adshooter Allegedly provides popup windows containing advertisments.

More info:

This process is non critical, you probly don't like the popup's -more of a reason to?remove it.

At the Moment, I Don't know if it records user tracks to figure out popup content, It's worth?a?look to see if it can be?identified as spyware.

Mcafee users will have to use the commandline scan switch /PROGRAM in oder to detect adware.adshooter and?other programs of this type.



dadapp.exe

What is it?

dadapp.exe? is associated with Dell Access Direct software.

What does it do?

DadApp is the SW utility that controls the programmable buttons on Dell Laptops. Not required

More info:

Found [url=http://startup.iamnotageek.com/srch-dadapp.exe.html]here[/url] in?the Startup DB



DragStrip.exe

What is it?

DragStrip.exe is associated with Aladdin systems Dragstrip?software.

What does it do?

Provides quick access to all your Most recently used applications, files, folders,?websites etc.

Quote From Aladdin

"Find, organize, and launch applications and files without having to search all over your PC"

More info:

Read more about dragstrip @ [url=http://www.allume.com/win/dragstrip/index.html]Alladin systems[/url]



ASFAgent.exe

Intel Alert Standard Format Console - asfagent.exe is a system management utility commonly used with Dell's OpenManage



Tablet.exe

"Loads the tablet drivers for the Wacom Graphics Tablet. This can be unchecked in msconfig without problems if you don't need the tablet functional all the time. Create your own shortcut if you need to run it ad hoc. If you forget to run it before running Paint Shop Pro & Adobe Photo Shop) you may find the following: (1) Paint Shop Pro (version 7.04) - (a) Browse function will NOT work (program freezes) (b) On program exit



GBPoll.exe

"Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users



GhostTray.exe

This is simply a tray icon to Norton's Ghost. You do not need this in your tray. Simply manually run it as needed.



GBTray.exe

"System Tray icon access to Roxio's (nee Adaptec) GoBack software which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty - performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag. Not required for WinMe/XP users



MailWasher.exe

MailWasher Pro is the first step in your email-line of defense so you can make informed decisions about your messages. You'll soon be saving much more time with MailWasher Pro - read all your email on the server and delete the messages you don't want, then download only the messages you want to keep and reply to. It's easy to set MailWasher Pro to remove all the spam automatically too so you never see it.

MailWasher makes it easy to distinguish between good email and bad email, simply by using colours (which you can personalize to suit) and giving you the status of each message.

Directly quoted from here.



outpost.exe

Outpost Firewall Pro, provides a superior arsenal of defense against PC infiltration by denying unauthorized access by remote hackers and protecting against data theft, denial-of-service attacks, privacy violation, Trojan horses, spyware and more. Four major criteria define Outpost Firewall Pro: security, control, privacy and ease of use.

More information available here.



GhostStartService.exe

"Required to run the Windows based wizard in Norton Ghost - added from the 2003 version. Will start automatically when you run the wizard"



scvhost.EXE

scvhost.EXE is a whole bunch of bad bugs that you'll need to remove from your system! Quite a few details are available here.



uphclean.exe

What is it?

uphclean.exe is associated with Windows User profile cleanup utility.

What does it do?

Quote from MS

"A service to help with slow log off and unreconciled profile problems."

More info:

Read more about uphclean.exe @ [url=http://www.microsoft.com/downloads/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&displaylang=en]Microsoft.com[/url]



SMTray.exe

System Tray access for the Compaq/ADI SoundMAX integrated digital audio controller



AdMunch.exe

What is it?

AdMunch.exe is an ads pop-up blocker for windows.

What does it do?

Ad Muncher removes adverts, pop-ups and general annoyances in your browser, file-sharing and messenger programs. Causes conflicts with Outlook, game sites and web-building applications

More Info:

Found [url=http://startup.iamnotageek.com/srch-ADMUNCH.EXE.html]here[/url] in our Startup DB.

May conflict with other similar applications.



StartEAK.exe

For Compaq PC's. Allows the use of programmable keys on mulimedia keyboards. Required if you use the additional keys



cwbsvstr.exe

"Part of IBM's iSeries (nee As/400) Client Access - communications suite that allows desktop



MEDIAACCK.EXE

MEDIAACCK.EXE - This is an advertising program from Windupdate, this program monitors your surfing habits online and sends the data back to the main sever for analysis, advertisments are also promt to popup, this program should be removed immediately it is a registered security risk.



brss01a.exe

brss01a.exe is needed by your brother printer. Ending this process may prevent some printer related functions to no longer work properly.



LTMSG.exe

"One of the "popular" WinModem series. WinModems use software rather than hardware - hence putting a load on the CPU. Needed if you have it for loading the drivers. See here for more WinModem information"



dlprotect.dll

dlprotect.dll is the spywareguard download protection and is a good thing to have running. Generally found in your HJT log and looks like this:

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:Program FilesSpywareGuarddlprotect.dll



RoboForm.dll

RoboForm.dll is a part of the Roboform software and it helps you automated the process of filling out forms. a typical HJT log will look like this:

O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:Program FilesSiber SystemsAI RoboFormRoboForm.dll



mobsync.exe

"MS Syncrhonization Manager - updates the network copy of materials that were edited offline



cmicnfg.cpl

cmicnfg.cpl is the control panel for C-Media based sound cards which is the onboard audio on alot of motherboards.



lsasrv.exe

lsasrv.exe has been found to be a part of several MyDoom variants. We haven't found a single good purpose for this process yet. We suggest removing this sucker immediately.



crss.exe

crss.exe belongs to the agobot.gh worm and irc.bot trojans. We suggest removing this.



ps2.exe

What is it?

ps2.exe is associated with HP keyboard software

What does it do?

Application that?provides support for some HP Keyboards extra features and buttons.

More info:

Read more about hp products and services at WWW.HP.COM



lclock.exe

What is it?

lclock.exe?associated with a longhorn application.

What does it do?

System tray clock?

More info:

At the time of this writing, I've only seen one report of it being a legitimate windows file. If you have any doubts,?keep an eye on [url=http://www.google.com/search?hl=en&q=lclock.exe&btnG=Google+Search]this search[/url] for more info about lclock.exe



dcsuserprot.exe

What is it?

dcsuserprot.exe is associated with DoamondCS ProcessGuard software.

What does it do?

From DiamondCS:

"ProcessGuard is a powerful new cutting-edge program that greatly increases
the security of your computer by preventing processes from being able to attack
each other. It is considered by experts to be a must-have program for all users
of Windows, and is the only program available that can actually prevent the
installation and infection of all known rootkit stealth trojans"

More info:

Read more about ProcessGuard?@ [url=http://www.diamondcs.com.au/processguard/index.php?page=home]diamondcs.com[/url]



pgaccount.exe

What is it?

pgaccount.exe is associated with DiamondCS ProcessGuard software.

What does it do?

From DiamonCS:

"ProcessGuard is a powerful new cutting-edge program that greatly increases
the security of your computer by preventing processes from being able to attack
each other. It is considered by experts to be a must-have program for all users
of Windows, and is the only program available that can actually prevent the
installation and infection of all known rootkit stealth trojans."

More info:

Read more about ProcessGuard at [url=http://www.diamondcs.com.au/processguard/index.php?page=home]DiamondCS.com[/url]



PPActiveDetection.exe

What is it?

PPActiveDetection.exe is part of PestPatrol software.

What does it do?

"Real-time protection feature. Stops spyware before it infects your system"

More info:

Found [url=http://startup.iamnotageek.com/srch-PPActiveDetection.exe.html]here[/url] in our Startup DB



CTCMSGo.exe

What is it?

CTCMSGo.exe is part of Creative's MediaSource?audio software.

What does it do?

"MediaSource plays back music "DVD-Audio, MP3, WMA, WAV and other media formats"

More info:

Found [url=http://startup.iamnotageek.com/srch-CTCMSGo.exe.html]here[/url] in our Startup DB.



transtask.exe

What is it?

Transtask.exe is associated with?Tweak-XP software.

What does it do?

Feature?to make the taskbar transparent.

More info:

Read more about Tweak-xp at www.tweakxp.com



procguard.exe

What is it?

procguard.exe is associated with the DiamondCS ProcessGuard security software.

What does it do?

ProcessGuard security software stops malicious worms and trojans from being executed silently in the background, as well as a variety of other attack.

More info:

Found [url=http://startup.iamnotageek.com/srch-procguard.exe.html]here[/url] in our Startup DB.



NMSSvc.exe

What is it?

NMSSvc.exe is associated with Intel Network card software.

What does it do?

NIC Management Service - diagnostics program for Intel Pro family network cards

More info:

Found [url=http://startup.iamnotageek.com/srch-NMSSVC.EXE.html]here[/url] in our Startup DB



EAUSBKBD.EXE

EAUSBKBD.EXE - Is a device istalled with your keyboard to give you extra keys.



CPQEADM.EXE

CPQEADM.EXE - Is a process made from Compaq that will let you add more keys to your compaq keyboard.



BttnServ.exe

BttnServ.exe - This process adds support for compaq easy access bottons on multimedia keboards ,but this disables all other buttons.



ups.exe

ups.exe - It is an uninterruptible power supply from Microsoft that comes with a UI it will tell you if the UPS had to take over because something in your computer failed this servicecan also turn off your computer if your power is low.



GWMDMMSG.exe

GWMDMMSG.exe - This is installed with modem drivers on Gateway and vprMatrix computers thisis not essential to how the modem functions, only terminate if causing problems.



tray.exe

tray.exe - It is a stupid program that will set your homepage to a site full of adult content you cannot set your own homepage with this installed in your computer.



sgtray.exe

sgtray.exe - This is a process from VERITAS Software Corp it installs itself on the tray bar it reminds you to move your files back.



S3tray2.exe

S3tray2.exe - Is a device installed with your drivers for your s3 video output this gives available configuration and, diagnostic information this is a non essential program.



kav.exe

kav.exe - This is a program from Kaspersky Anti-Virus software this program should not be removed so that your security is not breached.



DVDRAMSV.exe

DVDRAMSV.exe - is a program acompanied by the DVD-RAM Utility Helper Service from Matsushita Electric Industrial.



hpqgalry.exe

hpqgalry.exe - Digital imaging software made by Hewlett-Packard.



hphmon04.exe

hphmon04.exe - Shows an icon on the tray bar so you can access Hewlett-Packard Photosmart's configuration?utilities and diagnostics module.



RAMASST.exe

RAMASST.exe - This is a program that you could get installed with a DVD drive ,this program is used to disable cd burning functions built by XP, this program should not be removed if there are no problems.



WRSSSDK.exe

WRSSSDK.exe - This process is from Webroots Spysweeper this keeps your computer safe from internet bound threats this is important for a secure computer.



CAVRID.exe

CAVRID.exe - This is a process with eTrust EZ antivirus from system associates for a secure computerthis should not be removed.



THOTKEY.EXE

THOTKEY.EXE - is a program associated with the function keys on Toshiba laptop computers, disabling this program will not allow the function keys to work.



P2P Networking.exe

P2P Networking.exe - This is an advertising process by jotlid this program monitors what you do online and sends it back to the author for analysis, this also prompts advertising popups, this process is a registered secuity risk.



TPWRTRAY.EXE

TPWRTRAY.EXE - Toshiba corp makes this program it's process is to replace Windows Advanced Power Management on Toshiba laptops.



TFncKy.exe

TFncKy.exe - This program made by Toshiba makes keys(F1-F12) functionable.



NkvMon.exe

NkvMon.exe - Nikon Coolpix makes this program, when a coolpix camera is connected it automatically detects it, if this program is not causing problems it should not be terminated.



TFNF5.exe

TFNF5.exe - This is a program made by Toshiba Corp made to use the hotkey facility on Toshiba computers.



urlmap.exe

urlmap.exe - This is an online tool that asist you gathering financial information from Microsoft Money.



TouchED.Exe

TouchED.Exe - This is a touhpad utlity made by Toshiba.



ycommon.exe

ycommon.exe - This is a program owned by Yahoo Browser, unless causing problems do not termiate.



ybrwicon.exe

ybrwicon.exe - This is an easy to use icon that is part of a Yahoo Browser, this process is non essential.



ntrtscan.exe

ntrtscan.exe - This is an officescan process if this process is stopped it is possible for your computer be hacked into.



tmlisten.exe

tmlisten.exe - This a process from Trend Micro Anti Virus this should not be moved to ensure that your security is not breached.



pccntmon.exe

pccntmon.exe - This anti virus suite is part of PC cillin real time is monitored for running or being installed virus threats this program is important for secure running of your computer.



PccPfw.exe

PccPfw.exe - Trend Micro's range of Internet security products. a firewall applicatio is offered which blocks, in real-time Virus attacks distributed online. This program is important for the stable running of your computer and should not be terminated.



pccguide.exe

pccguide.exe - PC cillin anti virus suite real time is monitored for anti virus threats on your computer,your computer may not run securely if you terminate this program.



PCClient.exe

PCClient.exe - This is a program accompanied by PC-Cillin antivirus from Trend Micro. This program should not be removed to ensure that your system security is not breached.



TMOAgent.exe

TMOAgent.exe - This program is owned by Trend Micro Antivirus Suite it takes the responsibility of warning you about the outbreak of viruses this program should not be terminated unless you believe it is causing problems.



BigFix.exe

BigFix.exe - This is a BigFix application that assists you solving problems with your PC.



evntsvc.exe

evntsvc.exe - This is installed with realone player, this is realone players scheduler, This is a non essential program.



exec.exe

exec.exe - This is a? registered program as the W32/Spybot-Z Trojan. This Trojan allows attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should immediately be removed.



NETSCP.EXE

NETSCP.EXE - This is process is Netscape Internet Browser owned which allows you to surf the Internet in relative safety. Includes mail, newsgroups, Internet Chat and pop-up stoppers. This program is non-essential process to the running of the system, but should be terminated if suspected to be causing problems.



eEBSVC.exe

eEBSVC.exe - This is installed with Epson printer drivers, and allows access to advanced diagnostic utilities. This program is a non-essential process, but should be terminated suspected to be causing problems.



E_S10IC2.EXE

E_S10IC2.EXE - This is installed with Epson Stylus printers. Lets the user to engage in the cleaning of the printer, diagnostics and configuration. This program is a non-essential system process.



WIN32SL.EXE

WIN32SL.EXE - This is a Dell OpenManage Client Instrumentation software program, it allows remote management through a client computer during maintainance.



RTVSCN95.EXE

RTVSCN95.EXE - This is a program from Norton Anti-Virus Corporate Edition this scanning process is used for real time viruses. For your computers safety do not remove.



MMUSBKB2.EXE

MMUSBKB2.EXE - This is a program which allows the configuration of additional keys on the One-Touch Multimedia keyboard range this is a non essential program, but additional keys will not function without it.



Ares.exe

Ares.exe - It is a worm that gets into your computer, and allows hackers to get into your computer.



UD.EXE

UD.EXE - This device recycles your PC's unused resources for medical and scientific research this does not disturb your computer.



GHOSTS~2.EXE

GHOSTS~2.EXE - It puts a desktop tray icon on your computer for Norton Ghost and Norton Systemworks, this is non essential.



hpztsb09.exe

hpztsb09.exe - This is a utility from Hewlett Packard this allows diagnostic and maintenence occur to your HP printer, this is non essential, only termininate if suspected to be causing problems.



MSKSrvr.exe

MSKSrvr.exe - This process is from McAfee Spamkiller it offers internet protection this program is important for a secure computer do not terminate.



oodag.exe

oodag.exe - This is the main executable for O&O Defrag,? this O&O Defrag? utility is for windows. while running a harddrive defragmentation? you should not remove.



MskAgent.exe

MskAgent.exe - This is a process is accompanied by McAfee SpamKiller to keep you safe this process should not be terminated.



dns.exe

What is it?

dns.exe is associated with the microsoft windows DNS application.

What does it do?

A DNS or "domain name service" provides a database to?link?domain names to IP addresses and MAC addresses?across the internet so that routers and internetworking hardware can connect the dots from point a to point b.

More info:



DWRCS.EXE

What is it?

DWRCS.EXE is associated with the DameWare Remote controll application.

What does it do?

Provides client side software for Administrators?to?remotely control the computer.

More info:

Read more about Dameware remote control software at www.dameware.com



ismserv.exe

What is it?

ismserv.exe is associated with instersite messaging windows server application.

What does it do?

allows users to send messages between two servers supporting ismserv.

More info:



ntfrs.exe

What is it?

ntfrs.exe is associated with a windows system file "NT file replicating service"

What does it do?

Used to keep files syncronised between multiple servers for several reasons.

More info:

Needed for server related stuff.



StoreServ.exe

What is it?

StoreServ.exe is associated with Adaptec Storage manager.

What does it do?

From Adaptec:

"Easy-to-use graphical interface for intuitive configuration, management and health monitoring of your Adaptec server-based and adapter RAID storage."

More info:

Found [url=http://service.iamnotageek.com/srch-14.html]here[/url] in our Services DB.

Read more about Adaptec Storage manager @ [url=http://www.adaptec.com/worldwide/product/proddetail.html?prodkey=Adaptec_Storage_Manager&cat=/Technology/SCSI&language=English%20US]adaptec.com[/url].



StorServ.exe

What is it?

StorServ.exe is associated with the?Adaptec Storage manager application

What does it do?

From Adaptec:

"Easy-to-use graphical interface for intuitive configuration, management and health monitoring of your Adaptec server-based and adapter RAID storage."

More info:

Read more about Adaptec Storage manager @ [url=http://www.adaptec.com/worldwide/product/proddetail.html?prodkey=Adaptec_Storage_Manager&cat=/Technology/SCSI&language=English%20US]Adaptec.com[/url].



hpztsb08.exe

hpztsb08.exe - This is a utility from Hewlett Packard it allows diagnostic and maintainance to be done on your Hp printer.



wm.exe

wm.exe - This is apart of the novel Workstation Manager, this process is non essential.



PRONoMgr.exe

PRONoMgr.exe - This is a process from Intel it allows the configuration and diagnostic console Ethernet adaptors from Intel Pro.



NWTRAY.EXE

NWTRAY.EXE - This is aprocess for Novell Netware, it helps you get essential Netware features.



NetLimiter.exe

NetLimiter.exe - This is atool that you use to make your internet connection either slower or faster.



navw32.exe

navw32.exe - This is a Norton Anti virus program that helps keep internet bound viruses out of your computer, this is important for a secure computer.



Support.exe

Support.exe - This is aprocess from Dell's support assistant, this comes installed on dell computers, this is non essential.



issch.exe

issch.exe - This is a service that updates your computer it is similar to the install sheild utility this is non essential, but should be terminated if causing problems.



webshots.scr

webshots.scr - This utility downloads pistures daily for your computer it makes changes to your computers appearance settings intermittantly this is non essential.



diagent.exe

diagent.exe - This is a system shortcut that gives you easy acces to soudblasting configurations, this is non essential.



KAVSVC.EXE

KAVSVC.EXE - This process is with Kaspersky anti virus application this process should not be removed to ensure your computers safety.



TASKBARICON.EXE

TASKBARICON.EXE - This process is with the Wanadoo internet connection it gives the user instant accessto settings and tasks online.



ZAPRO.EXE

ZAPRO.EXE - This progam is from Zone Labs it is or your persoal firewall it protects your privacy and personal data from? Network intrusion this should not be removed for your computers safety.



PSIMSVC.EXE

PSIMSVC.EXE - This program is from Panda Anti-Virus Titanium suite it should not be removed to keep your computer safe.



APVXDWIN.EXE

APVXDWIN.EXE - This is part of the Panda anti-virus suite this program monitors internet connection and is essentiel to your computers running.



WEBPROXY.EXE

WEBPROXY.EXE - This process is with the Panda antivirus suite it shouls not be removed to ensure your computers safety.



Updater.exe

Updater.exe - This is a program associated with AGOBOT-OT Worm this program is a registered risk of your computers security if found should be removed immediatley.



AOLServiceHost.exe

AOLServiceHost.exe - This is a part of AOL connection it's an assistant with automatic dialing this is a non essential program.



SMax4PNP.exe

SMax4PNP.exe - This is installed with analouge devices range of audio products this process is non essential.



Smax4.exe

Smax4.exe - This process is from soundmax control center which is installed beside soundmax audio this is non essential.



Tmntsrv.exe

Tmntsrv.exe - This process is from soundmax control center it is installed beside soundmax audio hardware, this is non essential.



DUMeter.exe

DUMeter.exe - This is an internet activity monitor it monitors information such as used bandwidth.



PcCtlCom.exe

PcCtlCom.exe - This is a program from Trend Micro Internet Secuity Suite it offers safety for your computer from things such as trojans and spyware this is very important for a secure computer.



TmPfw.exe

TmPfw.exe - This is a program with Network Security software from Trend Micro Inc thisprogram should not be removed.



wfxsnt40.exe

wfxsnt40.exe - This is an executable that deals with WinFax communication progam this is non essential, but should only be terminated if causing problems.



DSAgnt.exe

DSAgnt.exe - This process is from Dell Support it offers additional support and update features for your Dell computer this is non essential for your computer only terminate if causing problems.



FINDFAST.EXE

FINDFAST.EXE - Indexing process by microsoft office used to index documents in the office to make things faster.



update.exe

update.exe - This is a process is similar to numerous of different adwares and security threats,this process should be removed immediatley.



hptskmgr.exe

hptskmgr.exe - This program is with the Task Managment Component that comes with coretech software from HP.



ap9h4qmo.exe

ap9h4qmo.exe - This is a program related with the ShopAtHomeSelect Spyware the process monitors everything you do and sends the data to a remote server, this should be removed to protect your privacy.



pavprsrv.exe

pavprsrv.exe - This is a Panda Antivirus software owned process it protects your computer from internet boud threats this program is very important for the security of your computer.



pavsrv51.exe

pavsrv51.exe - This is a process owned by Panda Antivirus software it is used to protect you from internet bound threats this is important for a stable computer.



Omniserv.exe

Omniserv.exe - This is a process from Softex OmniPass security it handles passwords on your computer this program is important for a secure computer.



OPXPApp.exe

OPXPApp.exe - This process is from Softex OmniPass this non essential.



mim.exe

mim.exe - This process is from Musicmatch Jukebox software it is a multimedia application supporting known medi formats? this is non essential.



compaq-rba.exe

compaq-rba.exe - This is from Compaq message server, this provides Compaq with feedback on how people are using their product, this automatically opens a network connection so it could be used to breach your systems security.



qbupdate.exe

qbupdate.exe - This is a program from Intuit that looks for software updates related to quickbooks, this is non essential, only terminate if causing problems.



te.exe

te.exe - This is a web surfing accelerator made specifically for internet explorer it achieves a faster internet approach you only need this if it makes internet surfing faster.



TabUserW.exe

TabUserW.exe - This is a process installed with Wacom Pen Tablet devices it provides more configuration options for this type of device, this is non essential, only terminate if causing problems.



MOUSE32A.EXE

MOUSE32A.EXE - This is a mouse driver that controls mouse functions.



ca.exe

ca.exe - This process is from ETrust EZ firewall this is vital for keeping your computer safe from internet bound threats, this process is important for the security of your computer.



imapi.exe

imapi.exe - This program is from Microsoft Windows operating system, this is used for recording CD's, this program is important for your computers security.



VetMsg.exe

VetMsg.exe - This process is from eTrust EZ Antivirus Computer Associates, this process is important for a secure computer.



VetTray.exe

VetTray.exe - This process is from? eTrust EZ Antivirus Internet Security suite, this protects your computer from threats that are internet bound, this process is important for your computers security.?



Logi_MwX.Exe

Logi_MwX.Exe - This is a process with Logictech MouseWare this loads software for mouse buttons that are non standard, this should not be touched during the use of these buttons.



Keyhook.exe

Keyhook.exe - This process is from? Acer Launch manager, this process is non essential, only terminate if causing problems.



AdskScSrv.exe

AdskScSrv.exe - This process is is a licensing service from Autodesk only terminate if causing problems.



sol.exe

sol.exe - This process is from Microsofts computer game soitare it comes with Microsoft windows, this is non essential.



SCardSvr.exe

SCardSvr.exe - This is a process from Microsoft Windows operation system, this provides authorization facilities for smart cards on local systems.



PCCClient.exe

PCCClient.exe - This process is from PC-cillin anti virus suite it monitors virus threats that are being installed on your computer, this process is impotant for your computers safety.



Pop3trap.exe

Pop3trap.exe - This process is from? PC-cillin anti virus suite it monitors e-mail scanning, this process is important for your computers security.



mnyexpr.exe

mnyexpr.exe - This process is from Microsoft Money it's a personal and business accounting application, this is non essential only terminate if causing problems.



hposol08.exe

hposol08.exe - This is installed with Hewlett Packard multi-function printers this permits access for configuration and diagnostic, and utility modules are also given access.



AMOUMAIN.EXE

AMOUMAIN.EXE - This is a process installed with hardware drivers for the A4Tech wireless mouse, this process is non essential only terminate if causing problems.



userinit.exe

userinit.exe - This is a process that is fro m Windows operation system, during bootup it manages different startup sequences it establishes network connection, and starting up Windows shell.



AHQTB.EXE

AHQTB.EXE - This is a process on the traybar for your creative soundcard, which provides easy access to your soundcard, this process can be terminated to free up system resources.



WksSb.exe

WksSb.exe - This is a process related to Portfolio Tool this allows files and images to be organized, this is a non essential process only terminate if causing problems.



dslmon.exe

dslmon.exe - This is a process with Sagem DSL Modem this is used for recognizing the modem and should not be terminated.



Watch.exe

Watch.exe - This is a process from Lavasoft for Ad ware this monitors your system and entries for spyware that tries to changeyour system, for Ad ware to work this should not be removed.



CAVTray.exe

CAVTray.exe - This process is with eTrust EZ antivirus suite for computer associates, for a safe computer this should not be removed.



LimeWire.exe

LimeWire.exe - This is a process with LimeWire peer to peer file sharing client.



nsvsvc.exe

nsvsvc.exe - This is a hijacker this means that it will intermittenly change your computer settings, this is usually installed with content because it is diguised as another product, it is a registered security risk so you should remove it immediately.



awhost32.exev

awhost32.exe - This process is from Symantec pcanywhere range of remote control products it's responsible for arranging host services for this product using this a computer can remote control your pc from across the local network area, this program is non essential, only terminate if causing problems.



Ltmoh.exe

Ltmoh.exe - Thius was authorized by Lucent Technologies it takes care of incoming and outgoing calls, this is non essential only terminate if causing problems.



toscdspd.exe

toscdspd.exe - This process is with Toshiba laptop CD/DVD drivers, this is non essential.



ICMON.EXE

ICMON.EXE - This is antivirus software.



FSMA32.EXE

FSMA32.EXE - This is with F-secure antivirus application, this is important for a secure computer.



AsusProb.exe

AsusProb.exe - only needed if you overclock your card or live in a hot area.



TpScrex.exe

TpScrex.exe - This process is installed with IBM's Thinkpad device it offers configuration and diagnostic for ultrazoom products, this is non essential only terminate if causing problems.



FSM32.EXE

FSM32.EXE - This is part of the F-secure Antivirus application, it automatically takes care of the scheduled virus scans on your computer, for a secure computer this process should not be removed.



IPMon32.exe

IPMon32.exe - This is from Verizon, it provides the user with diagnostic tools on the monitor, it knows to consume large amounts of resources.



00THotkey.exe

00THotkey.exe - This process is installed with Toshiba hardware it allows more support and configuration access to keyboard setting and special keys, this is non essential only terminate if causing problems.



UPnPFramework.exe

UPnPFramework.exe - This is aprocess with VAIO media video server from Sony.



PDSched.exe

PDSched.exe - This is a sevice from Windows created and used by Perfectdisk from Rasco it performs defragmentation at scheduled dates and times.



KB891711.EXE

KB891711.EXE - This process was installed mainly in Windows 98 it is a Windows security update process it keeps your computer safe from internet bound threats, this is important for a secure computer.



REALEVENT.EXE

REALEVENT.EXE - This process is from Real Network it provides information within the products GUI, this is non essential only terminate if causing problems.



MEDIAACCESS.EXE

MEDIAACCESS.EXE - This is an advertisment program from Windupdate, this program monitors everything you do online and sends the data back to the main server, advertisments are also promted to popup, this should be removed immediately it is a registered security risk.



hpztsb07.exe

hpztsb07.exe - This is a HP utility that allows diagnostic and maintainence on your HP series printer, this is a non essential process.



PavFires.exe

PavFires.exe - This is a process from Panda Antivirus software it helps keep your computer safe from internet? bound threats, this is essential for a secure computer.



AgentSvr.exe

AgentSvr.exe - This is an ActiveX control that is used by multimedia applications, this program is non essential only terminate if causing problems.



digstream.exe

digstream.exe - This is a process from ESPN, this is non essential.



drwtsn32.exe

drwtsn32.exe - This is a process from Microsoft's Dr.Watson program error debug utility, for technical support purposes this utlity can be important only terminate if causing problems.



sstray.exe

sstray.exe - This is a process from NVida that gives access to confiuration and diagnostic for their range nForce2 products, this is a non essentialprocess only terminate if causing problems.



MAPISP32.EXE

MAPISP32.EXE - This is a program loaded with Microsoft, and Outlook it mainly takes care of MAPI messages, this is essentialfor a smooth computer only terminate if causing problems.



GoogleDesktopOE.exe

GoogleDesktopOE.exe - This is a process from Google Desktop Search utility it integrates with your Windows desktop, this is non essential.



SonyTray.exe

SonyTray.exe - This tray bar process belongs to Sony it's with the software package bundles with digital cameras from Sony.



mainserv.exe

mainserv.exe - This process is from Powerchute it allows shutting down your computer to be safe, this is non essential only terminate if causing problems.



kpf4gui.exe

kpf4gui.exe - This is a process from Kerio Personal firewall this process should not be removed for your systems safety.



MXTask.exe

MXTask.exe - This is with V communications fix-it utilities and is essential backround process, this process is non essential only terminate if causing problems.



TPONSCR.exe

TPONSCR.exe - This is installed with Thinkpad laptops, and cofiguration is allowed for the Thinkpads special "hotkeys", this is non essential only terminate if causing problems.



btdownloadgui.exe

btdownloadgui.exe - it is attempting to transmit e-mail messages.



RunDLL.exe

RunDLL.exe - This is a system from Windows 95,-98 range of Microsoft Windows products, this system is important you should not terminate it.



gsicon.exe

gsicon.exe - This makes a shortcut icon to the Eicon modem connection monitoring tool, this is non essential.



NSMdtr.exe

NSMdtr.exe - This process is from Norton Antivirus it protects your computer from internet bound threats, this is important for a secure computer.



AVENGINE.EXE

AVENGINE.EXE - This process is from Panda AntiVirus Internet security suite this is esential for keeping your computer safe also important for a stable computer.



jucheck.exe

jucheck.exe - This is produced by the sun, it checks for Java updates.



IPClient.exe

IPClient.exe - This is from Verizon, it gives the user monitor diagnostic tools, it knows to consume large amounts of resources.



CFSvcs.exe

CFSvcs.exe - This is a process installed with Toshiba Notebooks it provides configuration options for these devices, this is non essential only terminate if causing problems.



reminder.exe

reminder.exe - This is a process from Microsoft Money this piece of software reminds you to pay your bills, this is non essential.



SM1BG.EXE

SM1BG.EXE - This is a process from Cypress USB Mass Storage Adapter, it's installed with iTunes napster and USB devices, this is non essential only terminate if causing problems.



SETI@home.exe

SETI@home.exe - This is a one of a kind screensaver offered by SETI program which lets home and office users contribute to SETI by offering CPU processing time when your computer is idleing, this is non essential.



Wuser32.exe

Wuser32.exe - This process addresses a problem related to remote system starting.



awhost32.exe

awhost32.exe - This process is from Symantec pcAnywhere this can control your pc from accross the local network, it also setts up host services for this product, this is non essential only terminate if causing problems.



llssrv.exe

llssrv.exe - Microsoft Windows Server Suite is a license logging service this should not be removed for any reason.



ALCWZRD.EXE

ALCWZRD.EXE - This is a process with the audio drivers from RealTek, this is used for detection of new devices, only remove if causing problems.



QCWLICON.EXE

QCWLICON.EXE - This process belongs to IBM, it allows the user to see the wireless connection, and also to be able to turn it on or off, this is non essential only terminate if causing problems.



AirPlus.exe

AirPlus.exe - This is part of the D-link drivers this gives you monitoring functions, to ensure that Wlan works correctly this should not be removed.



EzEjMnAp.Exe

EzEjMnAp.exe - This is part of thinkpad easyeject utility, it takes care of devices connected to your thinkpad it makes it easy to remove devices from your computer.



vmnat.exe

vmnat.exe - This program is for the VMware NAT running service, while this is running do not remove.



mqtgsvc.exe

mqtgsvc.exe - This is from Microsoft Windows Operating System, that was incorporated as a service into MSMQ version 2.0, for a secure computer this is important.



TaskPanl.exe

TaskPanl.exe - This is with Earthlink Total access 2003 internet, this is an internet access provider.



TpKmpSVC.exe

TpKmpSVC.exe - This process is with the Utility Pack for IBM thinkpads, this takes care of keyboard mapping functions.



InstallStub.exe

InstallStub.exe - This is Plaxo's core program, this checks for new or updated information from Plaxo Network, they interact with Outlook also.



Monitor.exe

Monitor.exe - This is a sevice that is part of Microsoft Operating System, this is specifically associated with monitoring hardware componets for performance bottlenecks.



PRINTRAY.EXE

PRINTRAY.EXE - This is often set to load during bootup this puts an icon on the taskbar this allows access to Lexmark printers consloe, this allows a few different types of tune up for your computer, removing this will remove your shortcut from the taskbar.



CSINSM32.EXE

CSINSM32.EXE - This is a portion of Norton Cleansweep it is mandatory for the correct functioning of this program, this monitors the systems local configuration file for changes made by programs, this is non essential only terminate if causing problems.



mssysmgr.exe

mssysmgr.exe - This process is with photoshow Deluxe, this is for media manager within Photoshow Deluxe, this is non essential.



ehtray.exe

ehtray.exe - This is the traybar process for Microsoft Media, this provides easy access to the digital media manager, this is non essential.



ehmsas.exe

ehmsas.exe - This is a process from Microsoft Windows Media Center, this is? descibed as the Windows Media Center Aggregator Service, this is important for a secure system.



BitComet.exe

BitComet.exe - This can be launched from start menu.



Residence.exe

Residence.exe - This is from the software by Sony Digital Camcorders this connects camcorder via USB, and allows burning directly to a cd.



PGPtray.exe

PGPtray.exe - This is installed with Network Associated Gp isa computer tray bar application, functions are provided such as desktop encryptions to your system.



HKserv.exe

HKserv.exe - This deals with Sony Hotkey configuration and access, do not remove while in use.



ofcdog.exe

ofcdog.exe - This is from Trend Micro internet security, it offers assistance to the office client, this is important for a secure system.



pinger.exe

pinger.exe - This brlongs to Toshiba it checks for software updates, this is non essential only terminate if causing problems.



dlbkbmon.exe

dlbkbmon.exe - This is installed with your Dell printer and this offers additional diagnostic and cofiuration for Dell printers, this is non essential only terminate if causing problems.



BLACKD.EXE

BLACKD.EXE - This is from BlackICE it is an Intrusion Detection system, for a secure computer do not remove.



dlbkbmgr.exe

dlbkbmgr.exe - This is installed with your Dell printer it provides additional diagnostic and configuration to Dell printers, this is non essential only terminate if causing problems.



hpnra.exe

hpnra.exe - This is installed with Hewlwtt Packard printers it offers network support, this is non essential only terminate if causing problems.



aspnet_admin.exe

aspnet_admin.exe - This is the Microsoft ASP .NET Administration service for the Microsoft .NET framework, for a secure computer do not remove.



DELLMMKB.EXE

DELLMMKB.EXE - This process allows the configuration of additional keys on Dell keyboards, this is non essential only terminate if causing problems.



rdpclip.exe

rdpclip.exe - This is for file copy it offers function for terminal services server, this allows copying nad pasting between server and client, for a secure computer this is important.



hndlrsvc.exe

hndlrsvc.exe - This process is with Intel Alert handler, this tells you when you get e-mails and other options, this is non essential.



wwDisp.exe

wwDisp.exe - This is a program associated with Webroot Window Washer it is an online security cleaner it deletes online history adware and some malicious websites use it.



fsguiexe.exe

fsguiexe.exe - This is aprocess with F-secure internet secuity suite, this is part of the graphical user interface components, for a secure system this should not be removed.



DadTray.exe

DadTray.exe - This piece of software produced by Dell corperation allows configuration options for your Dell laptop, without this there are some keys that will not work, this is non essential only terminate if causing problems.



CeEKey.exe

CeEKey.exe - This is a program with the satelite E-Key software from Toshiba, this is non essential.



TPTray.exe

TPTray.exe - This is a process from the traybar for Toshiba laptops, it provides easy access to the configurations on the touchpad.



ICO.EXE

ICO.EXE - This is installed with drivers for certain mouse brands, allows extra functionality and configuration, this is non essential only terminate if causing problems.



IRMON.EXE

IRMON.EXE - This process is installed with default Window drivers for an Intrared port, most of the time it's installed on laptops, this monitors for Infrared devices for example mobile phones, and starts the file transfer Wizard, for a secure system do not remove.



MXOALDR.EXE





DrvLsnr.exe

DrvLsnr.exe - This is installed with Compaq SoundMAX integrated digital audio controller range, this is non essential only terminate if causing problems.



prevsrv.exe

prevsrv.exe - This proces is with Panda Titanium anti-virus suite, for a secure computer do not remove.



PadExe.exe

PadExe.exe - This is installed with Toshiba laptops, this provides additional configuration devices for tochpad, this is non essential only terminate if causing problems.



swupdtmr.exe

swupdtmr.exe - This is installed on Toshiba systems this provides additional configuration options for devices, this is non essential only terminate if causing problems.



runservice.exe

runservice.exe - This is a portion of license licensing system incorporated with common software and games, only terminate if causing problems.



xfr.exe

xfr.exe - This process is with Intel LANDesk management suite, this is used for communication between the core server and managed clients.



ZANDA.EXE

ZANDA.EXE - This is a portion of Norman Virus control, this acts as a general agent, this takes care of communication, installatios, and starts NVC modules, for a secure computer this is important.



CPQINET.EXE

CPQINET.EXE - This provides easy internet access for AOL and copuserver users, this process is running in the backround this is also non essential.



CePMTray.exe

CePMTray.exe - This is installed with sysrem drivers for Toshiba laptops, this allows access to advanced power management, this is non essential only terminate if causing problems.



mscifapp.exe

mscifapp.exe - This process is related to McAFee privacy service, this is a solution to keeping personal information safe while online also while blocking advertisments.



atievxx.exe

atievxx.exe - This is installed with ATI graphics hardware this also assists with graphics handling, this is non essential only terminate if causing problems.



NDSTray.exe

NDSTray.exe - This is a process from the Configfree traybar utility on Toshiba laptops, this allows you to be able to click between network devices by clicking an icon.



PavProt.exe

PavProt.exe - This process is from Panda anti-virus software this protects your computer from online threats, fo0r a secure computer do not remove.



NclTray.exe

NclTray.exe - This process is from Nokia connection manager for there mobile phones, this is non essential only terminate if causing problems.



LTSMMSG.exe

LTSMMSG.exe - This utility is installed on many laptops with XirCom and Lucent internal modems this deals with additional messaging facilities, this is non essential only terminate if causing problems.



ZLH.EXE

ZLH.EXE - This is from Norman Virus Controls internet security software, (Zanda's Little Helper) supporting the Norman Virus Control general agent named Zanda, for a secure system this is important.



NJEEVES.EXE

NJEEVES.EXE - This is from Norman Jeeves Component this manages mesaging between different Norman Virus Control modules, Also responsible for Quarantine folder and messaging within a Network, for a secure system do not remove.



R_SERVER.EXE

R_SERVER.EXE - This is a portion of a remote administrator this allows a user to work on more than one computer, this has features such as file transfer, NT security and Telnet.



zHotkey.exe

zHotkey.exe - This is with the drivers for Chicony keyboards, it manages special key functions.



companion.exe

companion.exe - This is a portion of AOL connection suite this installs an icon on the computer tray, this makes easy access to AOL's utilities and functions, this is non essential.



ibmmessages.exe

ibmmessages.exe - This process is with IBM message center, this process tells people when latest product news from IBM.



CSINJECT.EXE

CSINJECT.EXE - This process is from Norton Cleansweep, this is mandatory for the correct functioning of this product, this monitors your systems local cofiguration file to find changes made by programs, this is non essential only terminate if causing problems.



mssearch.exe

mssearch.exe - This process is associated with Microsoft Server suite, this programs job is to catalog indexes for exchange server and SQL server, this is important for a stable computer.



NkbMonitor.exe

NkbMonitor.exe - This is a process with Pictureproject software from Nikon.



ssonsvr.exe

ssonsvr.exe - This is a portion of the Citrix MetaFrame client remote tool, this makes an important part in initiating a terminal service, only terminate if causing problems.



NVCSCHED.EXE

NVCSCHED.EXE - This process is from Norman Virus control Scheduler, this runs scheduled scan tasks, for a secure system this is important.



SYSDOC32.EXE

SYSDOC32.EXE - This is installed with Norton System Utilities, this allows system dianostics, this is non essential.



MssSrv.exe

MssSrv.exe - This is from McAfee Antispyware this allows protection against adware, hijackers and other malware, for a secure computer this is important.



CreateCD.exe

CreateCD.exe - This is a portion of Adaptec Roxio easy CD/DVD creator, this is often installed on default into the bootup folder this puts an icon on the taskbar, this is non essential.



wintask.exe

wintask.exe - This is a virus worm it is distibuted through e-mails if you open the attachment this worm gets into your computer and takes e-mails, then it re-distributes itself to other systems this is a registered security risk remove immediately do not mistake as Wintasks.exe.



PELMICED.EXE

PELMICED.EXE - This is installed with IBM mice, this allows your scroll bar to work, this is non essential.



MssCli.exe

MssCli.exe - This process is with McAfee Antispyware, for a secure computer this should not be removed.



cclaw.exe

cclaw.exe - This process is associated with Norman Virus Control, this is a grabbing component of Norman Virus Control On-Access Scanner, for a secure computer do not remove



TPPALDR.EXE

TPPALDR.EXE - This process is installed with hardware drivers for Datastor's USB 2.0 external cases for CD/DVD drives, this allows essential assistant packet writing software such as InCD, this is non essential only terminate if causing problems.



CPD.EXE

CPD.EXE - This is from McAfee personal firewall, this is running in the backround and is used to implement different security features, for a secure system do not remove.



srvany.exe

srvany.exe - This is from Microsoft Windows, this provides an executable to be ran as a service, this is non essential only terminate if causing problems.



VAServ.exe

VAServ.exe - This process belongs to Sony, this automatically launches a selected program when to user connects a digital camera.



shwiconem.exe

shwiconem.exe - This is installed with Digital Media USB reader and provides configuration options for these devices, this is non essential only terminate if causing problems.



OfcPfwSvc.exe

OfcPfwSvc.exe - This is from Office scan client from Micro Trend, for a secure computer do not remove.



mstsc.exe

mstsc.exe - This allows you to start terminal Services commands via the command line, this makes an important portion of Windows service, this is non essential only terminate if causing problems.



AVGCTRL.EXE

AVGCTRL.EXE - This is a portion of Grisoft Internet Security Suite, this is essential for a safe operation of your system, this keeps you safe from viruses, spyware, worms,and trojans, for a secure system do not remove.



nalntsrv.exe

nalntsrv.exe - This process is from Novell client for Windows, only terminate if causing problems.



TpShocks.exe

TpShocks.exe - This process is with hard driver active protection on IBM thinkpads, in case of rapid actions the hard drive is protected so no damage is done to your data.



fpdisp5a.exe

fpdisp5a.exe - This process is from Fineprint printers this handles print jobs, this is non essential only terminate if causing problems.



Pavkre.exe

Pavkre.exe - This process is from Panda Antivirus software, this keeps your system safe from online virus threats, for a secure system do not terminate.



TPSMain.exe

TPSMain.exe - This process is fro mToshiba laptops/desktops, this takes care of saving power when your system is not in use it saves power, this is non essential.



SK9910DM.EXE

SK9910DM.EXE - This is installed mainly on Gateway Pc's, this provides configurtation for programable keys on Gateway keyboard, this is non essential only terminate if causing problems.



ifrmewrk.exe

ifrmewrk.exe - This is a process with Intel/Pro wireless software.



DEVLDR16.EXE

DEVLDR16.EXE - This is installed with creative Labs Soundblaster 16 driver software, this is very important for a secure system.



avgserv.exe

avgserv.exe - This process is from AVG Antivirus internet security suite, this takes care of security for your system in real-time, for a secure computer do not remove.



essspk.exe

essspk.exe - This is installed with ESS V92 modems, this tells you if someone is calling while your online, this is non essential.



nvcoas.exe

nvcoas.exe - This process is associated with Norman Virus Control this is short for (Norman Virus Control On Access Scanner) this takes care of On Access Scanning file scanning, backround scanning, for a secure system this is important.



NIP.EXE

NIP.EXE - This process is from Norman Virus Control, this takes care of real-time POP3, SMTP, and NNTP virus scanning, for a secure system this is important.



helpctr.exe

helpctr.exe - This is a process with Microsoft Windows Operating System, when help is requested in Windows 2000 or a newer version this process is started, this is non essential.



conime.exe

conime.exe - This process is registered as the BFghost 1.0 remote administration backdoor tool, this allows hackers to be able to get into your system and take your information, this should be removed imediately it is a registered security risk.



Acrobat.exe

Acrobat.exe - This is from Adobe Acrobat Writer, this creates and prints PDF documents, this is non essential only terminate if causing problems.



VPC32.EXE

VPC32.EXE - This is a portion of Symantec Antivirus Corperate Edition internet security suite, this keeps your system safe from online threats, for a secure system do not remove.



SERVICELAYER.EXE

SERVICELAYER.EXE - This process is with Nokia connectivity library software, this is needed for running the Nokia connection manager.



avpcc.exe

avpcc.exe - This is a portion of Kaspersky labs antivirus suite, this makes an important part of your systems internet security against viruses, and worms, this is important do not remove.



CcmExec.exe

CcmExec.exe - This is from Microsoft SMS Operating System Service, this needs another service the SMS Agent Host, for a secure system this is important.



OpwareSE2.exe

OpwareSE2.exe - This process is with Omnipage from Scansoft, this is a document conversion software this helps you convert documents between formats.



ATICWD32.EXE

ATICWD32.EXE - This is part of your ATI graphic card drivers this enhances the driver capabilities.



SWNETSUP.EXE

SWNETSUP.EXE - This is related to Sophos Anti-virus network support service, for a secure computer this should not be removed.



ehRecvr.exe

ehRecvr.exe - This is from Microsoft Windows Media Center, this allows additional support for Microsoft Operating System, this is non essential.



CTDetect.exe

CTDetect.exe - This is from Creative Labs Soundblaster CD/DVD alerter, this is non essential, and can be removed safely



mad.exe

mad.exe - This process deals with important Microsoft Exchange functions for example it loads DLL's and loggs messaging, for a secure system do not remove.



FIH32.EXE

FIH32.EXE - This is the installation launcher process for F-secure anti-virus, this only runs during installation.



FNRB32.EXE

FNRB32.EXE - This is with F-secure Anti-virus software, for a secure system this should not be removed.



WLService.exe

WLService.exe - This is installed with BELKIN USB wireless, this alows configuration options for these devicesm, this is non essential only terminate if causing problems.



nipsvc.exe

nipsvc.exe - This is from Norman Internet protection service, this intercepts POP3, SMTP, and NNTP traffic so it can scan for viruses, for a secure system do not remove.



mrtMngr.EXE

mrtMngr.EXE - This is with Intuit Quickbooks software, do not remove so that this program works properly.



hphmon06.exe

hphmon06.exe - This process is associated with Hewlett Packard software HP photosmart, this allows easy access to flash card functions, this is non essential only terminate if causing problems.



QOELOADER.EXE

QOELOADER.EXE - This process is from Qurb antivirus for Outlook Express this blocks un-solicited advertising e-mails, this is non esential only terminate if causing problems.



OdHost.exe

OdHost.exe - This process is with wireless-G notebook adapter from Linksys, for this to work correctly do not remove.



TpKmapMn.exe

TpKmapMn.exe - This process is from IBM thinkpad laptops, it allows additional support for setting extra keys, this is non esential only terminate if causing problems.



SmoothView.exe

SmoothView.exe - This is from Toshiba it is a zooming utility, it offers a zoom function in common applications for example MS office, this is non essential.



WPC54CFG.EXE

WPC54CFG.EXE - This process is from Linksys wireless-G USB wireless network monitor this allows additional configuration options for this kind of network hardware, this is non essential only terminate if causing problems.



BacsTray.exe

BacsTray.exe - This is installed with broadcom box modems, this allows access to configuration and diagnostic options, this is non essential only terminate if causing problems.



WFXSVC.EXE

WFXSVC.EXE - This process is from Symantec Winfax and runs the core service for this operation, this is non essential only terminate if causing problems.



PSNGive.exe

PSNGive.exe - This process is with the lite version of post it note from 3M.



USBMONIT.EXE

USBMONIT.EXE - This is the main process for the Gene USB monitor software, it's running in the backround checking if USB flashdrives are connected.



AvpM.exe

AvpM.exe - This is a portion of Kaspersky Labs Anti-virus suite, this makes an important part of your systems online security protecting you fromiruses and worms, this should not be terminated.



WLKeeper.exe

WLKeeper.exe - This process is with wireless plan application from Intel, only remove if causing problems.



sapisvr.exe

sapisvr.exe - This process is from Windows XP, this allows functionability for speech recognition, this is non essential only terminate if causing problems.



termsrv.exe

termsrv.exe - This process is from Windows terminal server, this allows support for terminal based remote control of your system, this is non essential only terminate if causing problems.



ybrowser.exe

ybrowser.exe - This process belongs to Yahoo, this offers additional functioning to internet explorer, this is non essential.



HKWnd.exe

HKWnd.exe - This process is found on Sony notebooks, it provides configuration for special keys on these laptops, this is non essential.



LaunchAp.exe

LaunchAp.exe - This gives you tools for your Acer prouct, this is non esential.



EnterNet.exe

EnterNet.exe - This is th connection manager for Internet ISP, this assist people to connect them to the internet, this is non essential.



WFXMOD32.EXE

WFXMOD32.EXE - This is from Symantec Winfax, this is non essential only terminate if causing problems.



kavmm.exe

kavmm.exe - This process is with Kaspersky Anti-virus personal pro 5, for a secure system do not remove.



pccntupd.exe

pccntupd.exe - This is a portion of PC-cillin anti-virus suite, this updates your anti-virus software to keep you aware of the viruses that are going around, for a secure system do not remove.



DataLayer.exe

DataLayer.exe - This process is with Nokia PC suite, this is a set of tools used to manage your data and settings over the phone with your PC.



DvzMsgr.exe

DvzMsgr.exe - This is from dataviz, it provides use of office documents on your handheld device, this is non essential.



PTSsvc.exe

PTSsvc.exe - This is installed with drivers for kodak's digital cameras, this assist moving files, and photo's from camera to a USB.



eraser.exe

eraser.exe - This is the main process for erase software from Heidi systems, this provides the ability to move sensitive data from your hard drive by overwriting it a few times.



Wbutton.exe

Wbutton.exe - This is installed with acer notebooks and adds extra functions to your acer product, this is non essential only terminate if causing problems.



SSSvr.exe

SSSvr.exe - This process is with VAIO media music server from Sony.



shwicon.exe

shwicon.exe - This is installed with drivers for Allnet USB 6 in 1 card reader, this is non essential only terminate if causing problems.



rrpcsb.exe

rrpcsb.exe - This process is with Rapid Restore from XPoint, this i a backup and recovery solution providing IT administrators access to protect important data.



QCTRAY.EXE

QCTRAY.EXE - This traybar process is for IBM laptops, it allows quick access to IBM network connection settings, this is non essential.



ALOGSERV.EXE

ALOGSERV.EXE - This is from McAfee virus scan, it's used to log all activities by using virus scan, it is not recommended to remove this process.



msn.exe

msn.exe - This process is from MSN explorer this adds new features to your internet explorer, this is non essential.



USRshutA.exe

USRshutA.exe - This process is from US Robotics communications hardware family, this allow more support to US robotics modems, this is non essential only terminate if causing problems.



fts.exe

fts.exe - This process is with Broadband access from friendly technologies.



ntmulti.exe

ntmulti.exe - This is a portion of IBM lotus product site, this is an advanced contact management system.



HelpSvc.exe

HelpSvc.exe - This process helps Windows 2000 and newer, this starts a popup screen whenever you hit the help button.



nvraidservice.exe

nvraidservice.exe - This process is with Vidia NVRaid, it's a hard disk that is required if you are using the RAID system.



bdoesrv.exe

bdoesrv.exe - This process is with Bitdefender 8 anti-virus, for a secure computer do not remove.



HotkeyApp.exe

HotkeyApp.exe - This is a portion of Acer launch manager, this allows access to configurable options of Acer multimedia keyboards additional keys, this is non essential only terminate if causing problems.



SchSvr.exe

SchSvr.exe - This process is from Winscheduler, this is installed with Winvideo WinDVD this also offers support for WinDVD home theater remote control, this is non essential only terminate if causing problems.



BRMFRSMG.EXE

BRMFRSMG.EXE - This process used by Brother Print Processor, terminating this will end in the loss og communication from your PC to the Brother device if it is connected to the parrallel USB, this is non essential only terminate if causing problems.



PopUpKiller.EXE

PopUpKiller.EXE - This is a popup stopper belonging to xfx Jumpstart, this stops un-solicited popups while your on the web, this is non essential.



logonui.exe

logonui.exe - This is a process associated with Microsoft Windows XP user switching screen, for a secure system do not remove.



TosHKCW.exe

TosHKCW.exe - This is installed on Toshiba laptops, this allows additional diagnostic and configuration for wireless capabilities, this is non essential only terminate if causing problems.



wlancfg5.exe

wlancfg5.exe - This process is from Netgear smart configuration module, this allows additional configuration options for these devices, this is non essential only terminate if causing problems.



msole32.exe

msole32.exe - This is an advertising program by adclicker, this monitors everything youdo online, and sends the data back to it's main server, advertisments are also promt to pop up, this is a registered security risk get rid of it imediately.



ibserver.exe

ibserver.exe - This is with Interbase server from boreland, this a cross-platform embedded datbase.



unsecapp.exe

unsecapp.exe - This is from Microsoft Windows server, this gives support to compatable issues.



IreIKE.exe

IreIKE.exe - This is for Microsoft virtue private network client, it allows remote access connections across public networks, such as the internet.



WZCSLDR.exe

WZCSLDR.exe - This is with WLAN service launcher software, from alpha networks.



SetPoint.exe

SetPoint.exe - This is with logitech setpoint event manager, this is non essential.



hpztsb06.exe

hpztsb06.exe - This is from Hewlett Packard, this provides diagnostin and maintainance of your HP printer, this is non essential only terminate if causing problems.



tbctray.exe

tbctray.exe - This is installed with hardware for Voyetra Turtle beach sound cards, an icon for a shortcut appears on your task bar this will take you to the dianostic program for these cards, this is non essential.



tp4serv.exe

tp4serv.exe - This is from IBM and provides functionality for a pointer stick, as a substitute for a mouse, on an IBM thinkpad laptop system.



LAUNCH32.EXE

LAUNCH32.EXE - This is a program that is SMSS this allows remote deployment of program and security installs, for a secure system this is important.



PropelAC.exe

PropelAC.exe - This is with Propel accelerator from propel software, this program accelerates the internet.



ATITASK.EXE

ATITASK.EXE - This is a driver suppliment to the ATI graphics device driver, t5his provides advanced configuration to a range of their graphics cards, this is non essential only terminate if causing problems.



ibmprc.exe

ibmprc.exe - This is from ibmprc, this is non essential only termnate if causing problems.



wpabaln.exe

wpabaln.exe - This is a portion of Microsoft Windows operating system, this takes care of licensing issues on your system, this is non essential only terminate if causing problems.



MPSERVIC.EXE

MPSERVIC.EXE - This is installed with Multipass printers, this assist local network printing, this is non essential only terminate if causing problems.



pchbutton.exe

pchbutton.exe - This is from Hewlett Packard, it's used by instant support software, this is non essential.



ibguard.exe

ibguard.exe - This process is with Interbase server software from Borland, only remove if causing problems.



sessmgr.exe

sessmgr.exe - This is from Microsoft remote assistance Windows plugin, this allows an end user to call for assistance when a remote asistance network service is in place, if the fore mentioned service is in place in your local area network you should not terminate this process.



GameDrvr.exe

GameDrvr.exe - This is from Wildtangent online gaming, this is non essential.



Elogerr.exe

Elogerr.exe - This is with Symbian connect from Symbian, this is a tool that allows you to connect a Symbian OS phone to your system for organization.



CtrlVol.exe

CtrlVol.exe - This is installed on most Acer systems, it provides you with control of the volume, this is non essential only terminate if causing problems.



savedump.exe

savedump.exe - This is the process for the NT memory dump, this writes the memory paging file, after booting back up this memory is saved in a file called memory, for a secure system do not remove.



stacmon.exe

stacmon.exe - This is installed with sigmatels range of audio hardware this allows extra diagnostics functionability for this range of products, this is non essential only terminate if causing problems.



cusrvc.exe


stacmon.exe - This is installed with sigmatels range of audio hardware this allows extra diagnostics functionability for this range of products, this is non essential only terminate if causing problems.



mshta.exe

mshta.exe - This is a portion of Microsoft Windows Operating System, this is needed to get rid of HTA files, this is non essential only terminate if causing problems.



rsvp.exe

rsvp.exe - This takes care of quality of services between server and client for audio and video streaming applications, this is non essential only terminate if causing problems.



Monwow.exe

Monwow.exe - This belongs to Symantec, it watches the installation process for new software so that it can help you uninstall these programs safely.



wweb32.exe

wweb32.exe - This process is from WordWeb thesaurus/dictionary, this is non esential only terminate if causing problems.



BABYLON.EXE

BABYLON.EXE - This proces is from Babylon transfer software, this allows you to get translations and information for selected words imediately.



shnlog.exe

shnlog.exe - This process is added by a Trojan it is a registered security risk and should be removed imediately if you find this you should download your latest updated antivirus program.



Cpqdfwag.exe

Cpqdfwag.exe - This process is with Compaq diagnostics, it works automatically during system bootup, this is non essential.



intmon.exe

intmon.exe - This is regitered as the Puper-D Trojan, it provides hackers the access to your system, so they can steal data, this should be removed imediately.



vmss.exe

vmss.exe - This is a portion of the Delfin Media Viewer, this acts as adware displaying ads on your desktop, this should be removed to protect your privacy.



wwSecure.exe

wwSecure.exe - This process is from Webroot Washer Security, this keeps you safe from internet bound threats, for a secure system do not remove.



msxct.exe

msxct.exe - This is an advertising process by Bargainbuddy, this watches what you do online and then sends it back to the main server, this prompts popup also, this needs to be removed imediately.



putty.exe

putty.exe - This is a free sample of Telnet and SSH for your system, this is non essential.



fdm.exe

fdm.exe - This is the main process for the free Download manager software, this is a manager application and download accelerator.



sm56hlpr.exe

sm56hlpr.exe - This gets installed with the sm56 modem driver, this allows functions for the diagnostic and configuration for this device.



PCTVOICE.EXE

PCTVOICE.EXE - This process is with the backround task installed PCTEL modem, for a secure computer do not remove.



Eudora.exe

Eudora.exe - This is a mail client from Qualcomm, this provides you the ability to recieve and send e-mails, this is non essential only terminate if causing problems.



SRVLOAD.EXE

SRVLOAD.EXE - This process is with Panda Platinum Internet Security Suite, for a secure system do not remove.



Hcontrol.exe

Hcontrol.exe - This is from Asus, it provides the configuration of the keyboards special keys, for a secure system do not remove.



iwctrl.exe

iwctrl.exe - This is a portion of Novadisk InsertWrite, this lets you use the packet of writing facilities of this CD writing suite, this way a person can burn files to a CD as if using Windows explorer, this is non essential.



ACCAgnt.exe

ACCAgnt.exe - This process is with AOL computer check up, it can find and fix AOL problems.



avgw.exe

avgw.exe - This is a portion of Grisoft Internet Security Suite, it's essential for the safe operation of your system, this protects against viruses,and spyware, for a secure system this is important.



BSCLIP.exe

BSCLIP.exe - This is from B's clip tools, this is non essential only terminate if causing problems.



ATKOSD.exe

ATKOSD.exe - This process is with ACPI control driver from ASUS.



AUTOCHK.EXE

AUTOCHK.EXE - This is a portion of Microsoft Windows Operating System, this lets the settings revert back to their origional state, this is non essential only terminate if causing problems.



USBMMKBD.EXE

USBMMKBD.EXE - This is a backround proces belonging to Hewlett Packard, this is mandatory for the special keys on their USB keyboards to work.



CLISVCL.EXE

CLISVCL.EXE - This is a portion Microsoft Windows Operating System, this starts the SMSS process on your computer, this scans for software.



smsmon32.exe

smsmon32.exe - This is a portion of Microsoft Windows Operating System, it watches advertising programs, for a secure system do not remove.



vcssecs.exe

vcssecs.exe - This process is with Virtual CD software from H+H software, it is the leading CD/DVD emulator, do not remove during operation of this program.



DELLDMI.EXE

DELLDMI.EXE - This is an impotant process to Dell's Openmanagment software, this is non essential only terminate if causing problems.



WScript.exe

WScript.exe - This process is associated with Microsoft Windows Operating System, it provides additional functions to scripting, this is non essential only terminate if causing problems.



sqlagent.exe

sqlagent.exe - This process is from Microsoft SQL agent, this is used to get rid of scheduled jobs.



MSWorks.exe

MSWorks.exe - This process is from Microsoft Works, this allows an easy access icon to spreadsheet and word processing functions, this is non essential.



AUpdate.exe

AUpdate.exe - This process is a liveupdate for Symantec products, this automatically checks for updates online for your Symantec product it tells you when these updates are available, if you want to keep getting updates then do not terminate.



SCRFS.exe

SCRFS.exe - This process is with Symbian Connect, this provides a simple way for developers to write Windows applications that use the proceses by Symbian Connect.



winmysqladmin.exe

winmysqladmin.exe - This is a process from MySQL database administration tool, this lets you manage databases, configure enviornment and make reports.



anvshell.exe

anvshell.exe - This is installed with hardware drivers for the ASUS video card range, this also puts in an icon on your system, this gives access to diagnostics for this device, this is non essential only terminate if causing problems.



MMTray.exe

MMTray.exe - This process is from MusicMatch Jukebox, this audio player allows you to play your mp3 file, this is non essential only terminate if causing problems.



POPUPER.EXE

POPUPER.EXE - This is a portion of undefined spyware, it displays ads in the form of popups, to protect your privacy this should be removed.



ntaskldr.EXE

ntaskldr.EXE - This is a portion of IBM Lotus product site, this is an advanced contact managment system.



PasSrv.exe

PasSrv.exe - This process is with Panda antispam module, this is from Panda Platinum Internet Security Suite, for a secure system do not remove.



tp4mon.exe

tp4mon.exe - This backround program comes with the IBM thinkpad, trackpoint monitor uses this.



mswsock.dll

mswsock.dll - This is a module, this allows extentions for Winsock services.



MSG32.EXE

MSG32.EXE - This is a process with Gigastudio, and Gigasampler music testing software.



naPrdMgr.exe

naPrdMgr.exe - This process is from McAfee policy orchestrator, this takes care of the product managment, for a secure system do not remove.



Profiler.exe

Profiler.exe - This is from Saitek this lets the user launch applications from the system tray bar.



3CDMINIC.EXE

3CDMINIC.EXE - This is a backround task for 3Com DMI this is associated with 3Com network cards.



AVSCHED32.EXE

AVSCHED32.EXE - This is the scheduler for H+BEDV antivirus, for this to work correctly do not remove.



WFXSWTCH.exe

WFXSWTCH.exe - This process is from Winfax fax managment software for Symantec Corp, terminating this will disable your Winfax software.



Launch Application 2.exe

Launch Application 2.exe - This is a portion of Vantarakis launch process, thishelps internet users, upload their privacy by clearing out history files, this is non esential.



nls.exe

nls.exe - This is a n advertising process by Webrebates, this watches what you do online, and sends it back to it's main server, advertisments are also prompt to popup, if you find this get rid of it imediately.



omtsreco.exe

omtsreco.exe - This is from Oracle SQL database, this is an important process where connectivity to your oracle database is envolved, this shouldn't be terminated.



ewidoctrl.exe

Part of Ewido security suite which is an anti spyware product.



SERVIC~1.EXE

SERVIC~1.EXE is short for a process starting with servic and is generally service.exe or services.exe please google those.



kpf4ss.exe

kpf4ss.exe is a part of Kerio Personal Firewall Service.



HijackThis1991.exe

HijackThis1991.exe is just a renamed filename for Hijackthis. If you're finding this you should know what it is ;)



WinVNC4.exe

WinVNC4.exe is a part of WinVNC which is a remote desktop type application.



POPROXY.EXE

POPROXY.EXE - This is a portion of Norton Antivirus suite, it watches for incoming mail and virus threats, for a secure system this is important.



AOLHOS~1.EXE

AOLHOS~1.EXE is probably a part of AOL and is generally under AOL Common files since it is used by a number of AOL applications.



SV_Httpd.exe

SV_Httpd.exe is a Sony Vaio application.



intmonp.exe

intmonp.exe - This is registered as the Puper-D trojan, this allows people to access your system and steal important information, if found remove imediately.



DvzIncMsgr.exe

DvzIncMsgr.exe - This is a process with documents to go from dataviz, this is a document managment in place for Symbian and Palm OS.



ewidoguard.exe

Part of Ewido security suite which is an anti spyware product.



OSE.EXE

OSE.EXE - This is from Microsoft Office Suite, this adds more installation support during CD install and web updates, for a secure system do not remove.



iTunes.exe

iTunes.exe is generally Apples Itunes but there are a few viruses that run as this process name.



HijackThis[1].exe

HijackThis[1].exe is another renamed version of the incredibly popular software hijackthis!



NSCTOP.EXE

NSCTOP.EXE - This is from Symantec system Center, this search AV servers on the network.



MOTMON.EXE

MOTMON.EXE - This process is from Motive Communications, this lets a user submit files to the internet, this is non essential.



setup.exe

setup.exe - This is a setup process for many programs, during installation of software this process will appear, this should not be terminated unless it has crashed for a good amount of time.



minilog.exe

minilog.exe - This is with Zone Alarm Internet Firewall and updates to the logfile for potential security breaches, for a secure system do not terminate.



HPBPRO.EXE

HPBPRO.EXE - This is installed with Hewlett Packard printers, this offers local hardware and network support, this is non essential only terminate if causing problems.



RaMaint.exe

RaMaint.exe - This process is from remotely Anywhere from 3am Labs, this is a remote administration software for desktops and servers.



NCLAUNCH.EXe

NCLAUNCH.EXe - This is a portion of SWF studio, an extension to flash, this is often bundled when you install a self-installing screen saver, this is non essential.



vidctrl.exe

vidctrl.exe - This is with Delfin Adware, for your personal privacy this should be removed.



WLTRAY.exe

WLTRAY.exe - this is installed with dell wireless WLAN card, and allows additional configuration options for these devices, this is non essential only terminate if causing problems.



atwtusb.exe

atwtusb.exe - This is installed with drivers for Aiptek USB grapgics tablet, this is non essential only terminate if causing problems.



QAGENT.EXE

QAGENT.EXE - This process is from Intruit Quicken suite.



TBPanel.exe

TBPanel.exe - This is a portion of the drivers for the Gainward graphics cards, this allows use with an interface to configure graphic card settings, and configurations.



tlntsvr.exe

tlntsvr.exe - This process is from Microsoft Telnet, it is a terminal emulation program TCP/IP networks.



Freedom.exe

Freedom.exe - This is the process for Freedom, this blocks advertisments, this keeps your personal information safe, this is non essential.



wmexe.exe

wmexe.exe - This is installed with 3com modems it's important for this modem to work, this is non essential only termi9nate if causing problems.



Client.exe

Client.exe - This is belonging to GipsyMedia Ltd, it allows people to search for offline Media Guides, this is non essential.



MSGLOOP.EXE

MSGLOOP.EXE - This process is with Crystal and Conexant Audio hardware, this takes care of Audio streaming, this is non essential.



qbdagent2002.exe

qbdagent2002.exe - This process looks for Quickbooks software updates, this is non essential.



NICCONFIGSVC.exe

NICCONFIGSVC.exe - This process is with Power Managment settings, for network adapters on Dell computers.



inetd32.exe

inetd32.exe - This process is with Hummingbird?Inetd application, this looks for connection requests, and launches server daemons.



loadwc.exe

loadwc.exe - This is a portion of Microsoft Internet Explorer, this alters settings in Explorer and is important if you use the content advisor, this is non essential only terminate if causing problems.



nslsvice.exe

nslsvice.exe - This is a process with Lotus notes software from IBM, it takes care of logon services.



SNDVOL32.EXE

SNDVOL32.EXE - This is the process for Microsoft Windows Volume Control, this comes with all 32 versions of Windows to date, this lets you change the volume of your radio channels on your system, this is accessible by default on the system tray bar, this is non essential only terminate if causing problems.



NVSVC.EXE

NVSVC.EXE - This is a portion of the graphic card drivers from NVIDIA, this is non essential.



slrundll.exe

slrundll.exe - This is installed with the driver for smart Link's range of communications hardware, do not remove where internet connection stability are concerned, even though not an important process.



DIALER.EXE

DIALER.EXE - This process is from Microsofts phone dialer, this gives support for active voice conferenceing through TAPI, this is non essential.



casclient.exe

casclient.exe - This process is with Casinoclient adware, to protect your privacy this remove this imediately.



wpctrl.exe

wpctrl.exe - This process is from Winportrait, a desktop manipulation tool, this is non essential only terminate if causing problems.



ww.exe

ww.exe - This provides you with features to get weather reports, this is non essential.



WinStat.exe

WinStat.exe - This is from Kodorjan Trojan,? this is a backdoor worm that steals personal data, this is a risk it should be removed imediately.



WinStatKeep.exe

WinStatKeep.exe - This is an advertising program, it watches what you do online and sends it back to it's main server, this is a security risk remove imediately.



IAM.exe

IAM.exe - This process is with the internet answering machine Callwave, it takes care of your incoming phone calls while you are online.



SXGTKBAR.EXE

SXGTKBAR.EXE - this is installed with drivers from SXG soundcard, this allows easy access to the system tray bar for diagnostic and configuration, this is non essential only terminate if causing problems.



DATALA~1.EXE

What is it?

datalayer.exe is associated with Nokia PC suite application.

What does it do?

Nokia PC Suite 5 - "A collection of powerful tools that you can use to manage your phone features and data." Synchronize the phone with, for example Outlook. You can also use it to browse your phone, edit the phone list and so on.

More info:

found [http://startup.iamnotageek.com/srch-DataLayer.exe.html]here[/url].



aspnet_wp.exe

aspnet_wp.exe - This is from Microsoft .net, it takes care of most services dealing with this tecnology suite, this is non essential only terminate if causing problems.



ENCMONTR.EXE

ENCMONTR.EXE - This is a browser belonging to Yahoo, this is usually installed by system vendors, this causes problems with Winsock, this is non essential.



iao.exe

iao.exe - This process is from Symantec Internet Security Suite, for a secure system do not remove.



PowerKey.exe

PowerKey.exe - This is found on Acer travelmate laptops, for smooth and efficent running this is nessecary.



exmgmt.exe

exmgmt.exe - This is from Microsoft Exchange Console, this allows configuration of this e-mail server product, this is non essential only terminate if causing problems.



csinsmnt.exe

csinsmnt.exe - This is a portion of Norton Cleansweep and is mandatory for the correct operation of this process, this monitors local configuration file for changes made by programs, this is non essential only terminate if causing problems.



DLT.EXE

DLT.EXE - This is from Dell Openmanage System managment software, this is important for running Dell Openmanage.



WMIADAP.EXE

WMIADAP.EXE - This makes part of Microsoft Windows Operating System, the ADAP transfers performance libraries to WMI repository, for a secure system do not remove.



DMXLauncher.exe

DMXLauncher.exe - This is from Dell Media Experience, this offers function to organize and play music and video files, this is non essential only terminate if causing problems.



scheduler.exe

scheduler.exe - This is from Leader Technologies, this reminds a person to register a product, this is non essential



BTSTAC~1.EXE

What is it?

btstack.exe is associated with BidComm Bluetooth connection software.

What does it do?

Provides communication between bluetooth devices and computers.

More info:



btstack.exe

What is it?

btstack.exe is associated with BidComm Bluetooth connection software.

What does it do?

Provides communication between bluetooth devices and computers.

More info:



Plauto.exe

Plauto.exe - This is for casie photo loader software, it watches for connection between the system and a digital camera and starts photo loader software, that works the transfer and? viewing of images.



netscape.exe

netscape.exe - This is the process for Netscape suite, it comes with Netscape navigator web browser, mail, news, and Netscape messenger.



Plguni.exe

Plguni.exe - This is the main process of McAfee's Quickclean application, it monitors changes during bootup, it also allows you to undo changes made that are causing problems.



3CMLINK.EXE

3CMLINK.EXE - This is a support file for 3com Winmodem driver.



INSTANTACCESS.EXE

INSTANTACCESS.EXE - This process is from Xerox's Textbridge OCR software, this is non essential.



WFXCTL32.EXE

WFXCTL32.EXE - This process is associated with WinFax, it shows a yellow telephone utility icon on the tray bar, this is non essential.



ACTIONAGENT.EXE

ACTIONAGENT.EXE - this is a portion of Dell Openmanager client intramentation, this is COM server allowing remote administrators with easy access to your system for support assistance.



LUALL.EXE

LUALL.EXE - This process is from Symantec liveupdate, this keeps your Symantec product up to date, this is non essential only terminate if causing problems.



MMTrayLSI.exe

MMTrayLSI.exe - This is from Morgan Multimedia code set, it's a graphic modification tool, this is non essential only terminate if causing problems.



pavProxy.exe

What is it?

pavProxy.exe is associated with Panda Antivirus application

What does it do?

Intercepts known viruses attached to emails.

More info:

For?more info about Panda Anti-Virus software visit: www.pandasoftware.com



Photoshop.exe

Photoshop.exe - This is an industry standard image rendering tool, this is non essential only terminate if causing problems.



ALUNOTIFY.EXE

ALUNOTIFY.EXE - This is a liveupdate program of Norton Antivirus, this watches for updates online, if you want to be informed about updates do not remove.



w3dbsmgr.exe

w3dbsmgr.exe - This is the database service manager for Pervasive SQL, it is an important part and should only be terminated while not in use.



MMTray2k.exe

MMTray2k.exe - This is from Morgan Multimedia code set, a graphic modification tool, this is non essential only terminate if causing problems.



IXApplet.exe

IXApplet.exe - This is a process that shows images stored in digital cameras, it is provided by the camera manufacturer.



wintasks.exe

wintasks.exe - This is the main process for Wintasks, from Uniblue systems Ltd, this gives you complete control over all processes running on your system.



vmware-authd.exe

What is it?

vmware-authd.exe is associated with the vmware authorization service.

What does it do?

Validates either local or non local?users.

More info:



MOSEARCH.EXE

MOSEARCH.EXE - This process is from Fast search by Microsoft Office, this is non essential only terminate if causing problems.



MSACCESS.EXE

MSACCESS.EXE - This is the process for Microsoft Access, a database included in Microsoft Office, this is non essential only terminate if causing problems, if you terminate it could damage any open databases.



hpztsb03.exe

hpztsb03.exe - This is from HP deskjet task bar, it is installed with HP deskjet printers, this is non essential only terminate if causing problems.



Notify.exe

Notify.exe - This process is from Novell Group Wise, it tells you of any recieved e-mails or mesages, this is non essential.



PRISMSTA.EXE

PRISMSTA.EXE - This is packaged with multimedia and some communications, this gives access to Intersil Silicon, this is non essential only terminate if causing problems.



Remoterm.exe

Remoterm.exe - This process is with Pinnacle PCTV pro card, it's used by remote control software.



vmnetdhcp.exe

What is it?

vmnetdhcp.exe is associated with the VMware DHCP service.

What does it do?

Used for dynamic IP address configuration as related to vmware.

More info:



pruttct.exe

pruttct.exe - This process is from prutect Malware, it tries to disable anti-spyware, it is? a risk remove imediately if found make sure you downloaded your most recent update of antispyware.?



nddeagnt.exe

nddeagnt.exe - This is a portion of the Network Dynamic Data Exchange, this takes care od network requests DDE services, for a secure system do not remove.



clipsrv.exe

clipsrv.exe - This process is from Microsoft Windows Operating System, it takes care of all clip board activity, for a secure system do not remove.



FLashKsk.exe

FLashKsk.exe - this is installed with smartmedia card readers, this is important for a card reading device, this is non esential only terminate if causing problems.



VCDDaemon.exe

VCDDaemon.exe - This process is from Elaborate Bytes virtual clonedrive, offers a virtual CD system that can mount CD images, this is non essential only terminate if causing problems.



KHost.exe

KHost.exe - This is a delivery proces by Kontiki, it delivers data such as images and files so that secure servers can share them, this is non essential.



vssvc.exe

vssvc.exe - This is from Shadow Copy Service implemented towards Windows XP and onwards, this allows modified files to be backed up automatically by the system, for a secure system do not remove.



LogitechDesktopMessenger.exe

What is it?

LogitechDesktopMessenger.exe is associated with the software included with some logitech devices.

What does it do?

Runs in the background to periodically check?for logitech software updates.

Uses backweb 8876480

More info:

read more about backweb 8876480 [url=http://www.iamnotageek.com/a/backweb-8876480.exe.php]here[/url].

backweb?listens to?certain ports on the local computers internet connection.

backweb software is a potential security risk.



vsnpstd.exe

vsnpstd.exe - This is packaged with Olidata webcam and LG USB webcams, this is non essential only terminate if causing problems.



hpztsb11.exe

hpztsb11.exe - This is from Hewlett Packard, this allows diagnostic and maintainance of your HP deskjet printer, this is non esential only terminate if causing problems.



pg2.exe

pg2.exe: PeerGuardian 2 is an IP blocker for Windows. Used to protect privacy on P2P networks by blocking IP addresses specified in blocklists. Features support for multiple lists, a list editor, automatic blocklist updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc).



TPSBattM.exe

The process belongs to the software TOSHIBA Power Saver by TOSHIBA Corporation (www.toshiba.com). Description: TPSBattM.exe is located in the folder C:WindowsSystem32. Known file sizes on Windows XP are 45056 bytes (69% of all occurrence), 40960 bytes, 36864 bytes.
File TPSBattM.exe is a file without information about the maker of this file. The program has no visible window. The file is not a Windows core file. File TPSBattM.exe is located in the Windows folder, but it is not a Windows core file. Therefore the technical security rating is 6% dangerous, however also read the users reviews.

Important: Some malware can camouflage themselves as TPSBattM.exe, particularly if they are located in c:windows or c:windowssystem32 folder. Thus check the TPSBattM.exe process on your pc whether it is pest.



Konfabulator.exe

Konfabulator.exe

Konfabulator is a JavaScript runtime engine for Windows and Mac OS X that lets you run little files called Widgets that can do pretty much whatever you want them to. Widgets can be alarm clocks, calculators, can tell you your WiFi signal strength, will fetch the latest stock quotes for your preferred symbols, and even give your current local weather.
**Seems to be legit, but eats up alot of memory**
see here :http://google.blognewschannel.com/in...yahoo-widgets/



PavFnSvr.exe

PavFnSvr.exe - Part of Panda Titanium Antivirus - file path C:WindowsSystem32



apcsystray.exe

The process PowerChute system tray power icon belongs to the software APC PowerChute Personal Edition by American Power Conversion Corporation (www.apcc.com).
Description: File apcsystray.exe is located in a subfolder of "C:Program Files". The file size on Windows XP is 413816 bytes.
There is an icon for this program on the taskbar next to the clock. The file is not a Windows system file. Therefore the technical security rating is 6% dangerous, however also read the users reviews.

Important: Some malware can camouflage themselves as apcsystray.exe, particularly if they are located in c:windows or c:windowssystem32 folder. Thus check the apcsystray.exe process on your pc whether it is pest.



HPHipm11.exe

HPHipm11.exe - is one of the many variants of HP printer management software. I'm sick of having to add entries for them LOL



CapFax.EXE

CapFax.EXE - This process is for BVRP softyware, thi is from Capfax, this is a piece of software that simplifies phone and fax usage from your system, this is non essential.



RM_SV.exe

RM_SV.exe - This is from Sony Gigapocket multimedia entertainment, this is non essential only terminate if causing problems.



floater.exe

floater.exe - This is from WinPortrait Pivot enabled monitors, this is non essential only terminate if causing problems.



nero.exe

nero.exe - This is from Ahead Nero's CD and DVD writing, this lets the creation of music and movie media, this is non essential only terminate if causing problems.



VzFw.exe

VzFw.exe - This process is from Sony GigaPocket multimedia entertainment center, this is non essential only terminate if causing problems.



ICSMGR.EXE

ICSMGR.EXE - This is an important process, it relays all DNS and DCHP requests when Microsoft online connection sharing is turned on, for a secure system do not remove.



GoogleDesktopDisplay.exe

GoogleDesktopDisplay.exe is a part of Google Desktop (desktop.google.com/)



StyleXP.exe

Belongs to the StyleXP software which applies a theme/skin to your Windows GUI (user interface).
This process should not be terminated. To disable the StyleXP theme, do it from the application's settings.



PhotoshopElementsFileAgent.exe

PhotoshopElementsFileAgent.exe is a process belonging to Adobe Photoshop elements, a popular graphics rendering tool. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems.



CnxDslTb.exe

Connexant DSL Taskbar as used on Acess Runner and Samsung AHT-E310 ADSL modems



Shareaza.exe

Shareaza P2P client



PhotoshopElementsDeviceConnect.exe

PhotoshopElementsDeviceConnect.exe is a process belonging to Adobe Photoshop elements, a popular graphics rendering tool. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems.



lxbbbmgr.exe

Lexmark X74/X75 Button Manager, also called "Lexmark Scan & Copy Control Program".? System Tray icon for the Lexmark X74/X75 multifunction printer/scanner/copier.? Through that icon you can access from your PC all the functions available on the control pad of your Lexmark X74/X75?:? scan, scan to e-mail, scan and fax, scan to OCR, copy, scanning resolution settings



lxbbbmon.exe

Lexmark X74/X75 Button Monitor.? Background task installed by the drivers for the Lexmark X74 or X75 multifunction printer/scanner/copier.? This background task monitors the X74/X75 for activity and interacts with LXBBBMGR above for operations involving the PC (e.g. scan to e-mail).? Also, for large copy jobs it relays the current copy count back to LXBBBMGR so you can view it on your PC.



avgcc32.exe

avgcc32.exe is a part of the Grisoft Internet security suite and is essential for the secure and safe operation of your computer. It Protects against viruses, spywares, worms and trojans. This program is important for the stable and secure running of your computer and should not be terminated



fpavupdm.exe

F-Prot Antivirus Update Monitor is part of the F-Prot Antivirus software package. This component monitors the update server for product and defintion updates.
? ?
Frisk Software www.f-prot.com



nLNotes.exe

The actual executable of Lotus Notes Client. It is usually launched by Notes.exe



eBayTBDaemon.exe

eBay toolabar related - also contains eBay account Guard which monitors for fraudulent eBay sites.



DCPlusPlus.exe

DC++ is a file sharing program used to connect to Direct Connect hubs where people can exchange files, similar to a network.
There are cases in which this process name is used by worms, such as W32.Ogid.



ObjectDock.exe

ObjectDock is a program that lets you organize your short-cuts and running tasks onto an extremely customizable dock that sits on your desktop.



MSBNTray.exe

The process Microsoft Broadband Networking Tray Application belongs to the software Microsoft Broadband Networking Software by Microsoft Corporation (www.microsoft.com). Description: MSBNTray.exe is located in a subfolder of "C:Program Files". The file size on Windows XP is 466944 bytes.
There is an icon for this program on the taskbar next to the clock. The program has a visible window. You can uninstall this program in the control panel. File MSBNTray.exe is not a Windows core file.



cpqeaksystemtray.exe

he process CpqEAKSystemTray MFC Application belongs to the software CpqEAKSystemTray Application by Compaq

Description: File cpqeaksystemtray.exe is located in a subfolder of "C:Program Files" (e.g. C:Program FilesCompaqEasy Access Button Support). The file size on Windows XP is 212992 bytes.
There is an icon for this program on the taskbar next to the clock. The program has a visible window. Program has no file description. cpqeaksystemtray.exe is not a Windows core file. Therefore the technical security rating is 6% dangerous.



TiVoBeacon.exe

The process TiVo Beacon or TiVo Beacon Service belongs to the software TiVo Desktop by TiVo Inc (www.tivo.com). Description: TiVoBeacon.exe is located in a subfolder of "C:Program FilesCommon Files". Known file sizes on Windows XP are 928768 bytes (57% of all occurrence), 853504 bytes, 844288 bytes.
The program is not visible. It is not a Windows core file. The application uses ports to connect to LAN or Internet. TiVoBeacon.exe is able to connect to Internet, record inputs, hide itself.



Rainlendar.exe

Rainlendar is a customizable calendar that displays the current month.



DUC20.exe

Part of http://www.no-ip.com?provided service. Keeps No-IP's dynamic nameserver (DNS) updated if and when your computer's (network's) dynamic IP-address changes so that you can run servers on computers with dynamic IP. Shortcut available



Hpi_Monitor.exe

Autodetects when a HP camera is attached to the computer and launches the "HP Photoimaging Software". Available via Start -> Programs



speedfan.exe

SpeedFan monitors temperatures, through available hardware monitor chips. You can even change a fan speed according to the temperature of your hard disk.



wrapper.exe

wrapper.exe is a part of the Maya accouting program and provides a help service to aid troubleshooting. This program is known to implemented into version 5.0 and later and is a non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems.



PcfMgr.exe

pcfmgr.exe is a tray bar process for the Power Schemes Manager from Phoenix Technologies. It is used on laptops which have a Phoenix BIOS to manage the power and battery settings. This program is important for the stable and secure running of your computer and should not be terminated, since this feature is not available in the standard Windows Power Saving panel.



Printkey2000.exe

Screen grabber that intercepts the pressing of the Print Screen (Prn Scrn) key. Start manually when required



pppoeservice.exe


Application used by ISP connectivity software



CAMTRAY.EXE

Creative WebCam tray control - can be started manually



lwbwheel.exe

Mouse driver - required if you use non-standard Windows driver features



raid_tool.exe

VIA motherboard RAID tool.



J2GDllCmd.exe

eFax_Messenger fax software



PGPsdkServ.exe

PGPsdkServ.exe is the new SDK service which is responsible for performing all PGP key management and cryptographic functions. This functionality was moved into a service to allow multiple modules simultaneous read/write access to the keyrings, among other things. As you can imagine, it is necessary for PGPsdkServ to be running in order to perform practically any PGP functionality



MSN6.EXE

     MSN6.EXE - MSN Explorer



dlbabmgr.exe

Dell AIO Printer A*** related (*** = model). Not Required at Startu



DLBABMON.EXE

Dell AIO Printer A940 Button Monitor



PicAppSrv.exe

The process Photo Application Server belongs to the software Photo Application Server?



TRAYAP~1.EXE

What is it?

TRAYAP~1.EXE is?short for?trayapplication.exe?a ?file included with nokia suite phone software.

What does it do?

trayap provides a system tray?icon for the application that handles syncronization and configuration of nokia phones.

More info:

TRAYAP~1.EXE is short for [url=http://startup.iamnotageek.com/srch-PCSuiteTrayApplication.html]trayapplication.exe[/url]



acs.exe

What is it?

acs.exe is associated with the Atheros configuration service.

What does it do?

used for configuring wireless network connections.

More info:



fspex.exe

What is it?

fspex.exe is associated with F-secure Antivirus software.

What does it do?

Handles automatic updates for f-secure Antivirus application.

More info:



LUCOMS~1.EXE

What is it?

LUCOMS~1.EXE is?short for lucomserver.exe, a file associated with Norton internet security suite.

What does it do?

lucomserver.exe handles automatic updates for norton internet security suite.

More info:



lucomserver.exe

What is it?

lucomserver.exe, a file associated with Norton internet security suite.

What does it do?

lucomserver.exe handles automatic updates for norton internet security suite.

More info:



MSN6.EXE

What is it?

MSN6.EXE is associated with MSN explorer.

What does it do?

MSN explorer is an application used?when?accessing the MSN dialup service?to:?Read?and send mail, browse the internet etc...

More info:



GWHotKey.exe

What is it?

GWHotKey.exe is associated with Gatway multifunction keyboard configuration software.

What does it do?

"sets up the Gateway AnyKey keyboard shortcuts"

More info:

Found [url=http://startup.iamnotageek.com/srch-GWHotkey.exe.html]here[/url] in our Startup DB.



audevicemgr.exe

What is it?

audevicemgr.exe?associated with sony ericsson mobile phone?software.

What does it do?

unknown or audio device manager.

More info:



IPSecMon.exe

"Microsoft L2TP/IPSec VPN Client for Win98/Me/NT. Secure technology for making remote access virtual private network (VPN) connections across public networks such as the Internet"



Brmfrmps.exe

Brother Popup Suspend service for Resource manager



ivpsvmgr.exe

Toshiba IVP Service Manager application which appears as a red satellite dish icon in the System Tray.? This is Toshiba?s equivalent to the Windows Automatic Update feature as, whenever you are connected to the Internet, it will check for Windows updates and Toshiba updates.



hpwebjetd.exe

Hewlett-Packard Web JetAdmin Service



TotRecSched.exe

Scheduler for Total Recorder - allows automatic recording of a show at a given time for later playback or you can use the scheduler as an alarm



mRouterRuntime.exe

mRouterRuntime using Port 1045 TCP to comunicate between Smartphone and Computer for Data transfere and syncronisation. Used by Datassuite Software from Nokia / Siemens Sybian-Based. (Serial 60)



DVDTray.exe

HP CD/DVD Tray icon installed with the DVD writer software. Periodically checks for new drive firmware
Required: No



smsapm32.exe

The process SMS 2.0 Client - Advertised Programs Manager (Win32) belongs to the software Systems Management Server by Microsoft Corporation (www.microsoft.com).
File smsapm32.exe is located in a subfolder of C:Windows (common is C:WINDOWSMSSMSclicompapaBin)



PXAgent.exe

Prevx Agent
Manufacturer:Prevx Ltd.
Product:Prevx Home
Background antiviral,worm,trojan, etc.intrusion protection.



HPLamp.exe

"HP Scanner Utility that controls your scanner?s light bulb. Needed if it's switched on. Also refer here for troubleshooting"



mnmsrvc.exe

Remote Desktop Sharing service part of Microsoft's Netmeeting allowing users to share items on their screens across remote locations



ComComp.exe

Common Components? (ComComp.EXE) is a prerequisite for any VisualTax? program?

It MUST be downloaded and installed once by first time users of any VisualTax product (T1, T2, T3, T4, FP).?There is no need to download again for each product.



a2guard.exe


a-Squared antitrojan - can be run on demand but necessary in Startup if you prefer the a? 'Background Guard' real time protection feature



F-Sched.exe

"Scheduler for F-Prot anitvirus software. Leave enabled unless you scan manually on a regular basis"



KAVPF.exe

Kaspersky Anti-Hacker firewall



Xfire.exe

Terratec DMXFire 1024 soundcard controlpanel



LXBABMGR.EXE

System Tray application that enables scan or fax functions to run directly from the printer via the buttons. Can be launched from a desktop shortcut



LXBABMON.EXE

Related to Lexmark X5100 series printers



SafeCfg.exe

NetScreen_Remote VPN Client Software



BARTSHEL.EXE

It is installed in the folder structure created by the remote dialup software from the? PeoplePC? ISP,?



KbdAp32A.exe

Keyboard utility for a Trust brand keyboard



J2GTray.exe


eFax_Messenger fax software tray menu



hpobrt07.exe

"Installed with a Hewlett Packard 900 series colour printer



C:WINDOWSsystem32svchost.exe

Same as C:WindowsSystem32svchost.exe



ONETOUCHMON.EXE

Finds the Visioneer scanner to see if it's on then loads it in the tray for quick access which delays the initial boot to desktop process. According to the Windows_Startup_Online_Repository



PsnLite.exe

Post-it? Software Notes - Lite. "You can use this digital version of the famous canary yellow? note to remind you to do something, to capture an idea or to organize all those important phone numbers -- all from your computer desktop."



CNXMON.EXE

Wanadoo ISP software related - not required



miranda32.exe

Miranda Instant Messaging client



Autolaunch.exe

"Iomega HotBurn - CD-RW burning software"



MPAPI3s.exe

Part of Nokia SmartPhone PC Suite 6



Tovtransfer.exe

TiVo Transfer Service belongs to the software TiVo Desktop by TiVo Inc (www.tivo.com).



VM_STI.EXE


This is a valid program that is bundled with many digital cameras that use a USB connection. It is unknown at this time whether or not it is needed to run.



Proxomitron.exe

HTML proxy



TivoTransfer.exe

The process TiVo Transfer Service belongs to the software TiVo Desktop by TiVo Inc (www.tivo.com).



ACMonitor_X73.exe

The process ACMonitor belongs to the software ACMonitor by Silitek Corp.



AcBtnMgr_X73.exe

Lexmark X73 Button Manager-needs to run at startup.



cpqalert.exe

Compaq's Insight Manager Agent - a tool that allows for "fault, performance, and configuration management". Recommended for corporate users only. It's best removed if installed but not wanted, rather than disabled at startup.?



AddInMon.exe

The process Monitors Outlook to connect Add-Ins belongs to the software Micro Eye AddIn Monitor by Micro Eye, Inc.



fspc.exe

F-Secure Parental Control



e_s4i2h1.exe

The process EPSON Status Monitor belongs to the software EPSON Status Monitor by SEIKO EPSON CORPORATION (www.epson.com).



Cacheman.exe

"Freeware disk cache tweaker from Outer Technologies. Should only be run once and not loaded at start-up"



SAGUI.exe

Name: PrevxHome

Description: PrevX Home intrusion prevention software

Recommendation: Normally leave to run at start-up



abc.exe

ABC is an improved client for the Bittorrent peer-to-peer file distribution solution. ABC is based on BitTornado 0.3.10 which extended from from Original Bittorrent Core System , coded by Bram Cohen.



cookie.exe

"CookieWall from Analog X. Allows you to decide which internet sites can add "cookies" related to their sites for the next time you return"



WinPPPoverEthernet.exe

"WinPoET is the industry's first Windows-based PPP over Ethernet client. Developed by iVasion



E_S4I2H1.EXE

The process EPSON Status Monitor belongs to the software EPSON Status Monitor by SEIKO EPSON CORPORATION (www.epson.com).



NaturalColorLoad.exe

Samsung monitor program to adjust colors.



Ikeymain.exe

"A4Tech wireless keyboard driver and utility"



DevDetect.exe

"Watches for external digital imaging products being connected from ACD Systems"



VSACCESS.EXE

VistaAccess gives you quick and easy access to scanning functions right from your desktop



cpqdmi.exe

Compaq version of the Desktop Management Interface



PrintScreen.exe

"Gadwin PrintScreen - utility to capture



LogMeIn.exe

The process LogMeIn belongs to the software LogMeIn by 3am Labs, Inc.



mctskshd.exe

McAfee Task Scheduler Service



MagicKey.exe

A program that allows you to map certain button on the Labtec keyboard to certain functions.



HpSrvUI.exe

The process hp UI Service belongs to the software hp Service Application by Hewlett-Packard Co (www.hp.com).



ONENOTEM.EXE

ONENOTEM.EXE is a part of the note taking program that ships with Microsoft Office 2003. It's required for the side note windows to work



WZCSLDR2.exe

ALPHA_Networks wireless driver



swtrayv4.exe

MS SideWinder game controller system tray icon. This is specific to version 4 of the software. Available via Start -> Programs



WFWIZ.exe

Leadtek WinFast TV tuner scheduler



tca.exe

"Part of The Cleaner from MooSoft - stops virus trojans before they can do any damage"



PmProxy.exe

Associated with Analog Devices "SoundMAX" audio chipset - often built-in to motherboards.



SR_WatchDog.exe

The process belongs to the software desktop by Check Point Software Technologies (www.checkpoint.com).



ACMonitor_X83.exe

Lexmark X83 Button Monitor



GUARDDOG.EXE

The process McAfee Internet Security Service Application or McAfee Privacy Service Application belongs to the software McAfee Internet Security or McAfee Privacy Service by Network Associates, Inc (nai.com).

Located in C:Program Files



LMonitor.exe

"MSI Live Update2 - auto-detects and suggests the latest BIOS/Driver/Utilities information"



ACLIENT.exe

Altiris Client Service



nSvcLog.exe

The process nSvcLog belongs to the software NVIDIA ForceWare Network Access Manager or NVIDIA nSvcLog by NVIDIA Corporation (www.nvidia.com).



dvd43_tray.exe

DVD43 is "a small tool that integrates into Windows and overrides CSS copy-protection found on DVD movies"



ssoftsrv.exe

Ssoftsrv.exe is a system service used for file encryption.
Manufacturer: Cypherix - A Business Division of Secure-Soft (India) Pvt Ltd.



PcSync2.exe

The process PC Sync belongs to the software PC Sync by Time Information Services Ltd.

Part of Nokie PC Suite 6



SaiSmart.exe

""Smart Button Special Sauce" - included with the latest software for Saitek game controllers. Related to the "S"



HijackThis19802.exe

Same thing as Hijack This version 1.98.2



bpcable.exe


Telstra Bigpond Cable login software - can be started manually



MFINDEXER.EXE

Part of CorelDraw bundles for indexing media files - similar to "fast find" in MS Office



lmgrd.exe

lmgrd.exe is a process associated with the Macrovision application-generic license server.



CMMON32.EXE

Added by the SMALL.CL TROJAN!



nSvcIp.exe

The process nSvcIp belongs to the software NVIDIA ForceWare Network Access Manager or NVIDIA nSvcIp by NVIDIA Corporation (www.nvidia.com).



tcm.exe

Part of The Cleaner from MooSoft - warns of changes to the registry



spystopper.exe

SpyStopper - blocks intrusive spyware, Web bugs, worms, scripts, advertisements, and cookies. Protects you from being profiled and tracked



CoreCenter.exe

MSI Core Center - motherboard utility for monitoring CPU speed, voltages, temperatures and fans speeds as well as overclocking



GWInkMonitor.exe

"Gateway ink monitor - makes an annoying popup that says your printer may be running out of ink



AirPlusCFG.exe

The process D-Link Wireless LAN Monitor belongs to the software Wireless LAN Monitor by D-Link (www.dlink.com).



webdmi.EXE

Compaq DMI Web Agent



QtZgAcer.EXE

QtZgAcer.EXE - This is installed mainly on Acer laptops this gives access to a configuration tool, this is non essential.



IncMail.exe

IncMail.exe - This is the main process for Incredimail e-mail, this gives personal e-mails and other features, this is non essential.



InfoMyCa.exe

InfoMyCa.exe - This process is with wireless G Network from Linksys, for good connections do not remove.



WtSrv.exe

WtSrv.exe - This process is from Microsoft Windows Operating System, it is the Tablet service driver, for a secure system do not remove.



ngserver.exe

ngserver.exe - This process is from Symantec Ghost, this offers additional functioning to this imaging software, this is non essential only terminate if causing problems.



SymSPort.exe

SymSPort.exe - This process is from Symantec Internet Security Suite, this keeps your computer safe from getting? viruses and spyware, for a secure system do not remove.



taskman.exe

taskman.exe - This process is from Microsoft Windows Operating System, this provides your basic monitoring hardware, and also links to system maintainance tasks, this is non essential only terminate if causing problems.



SpamSubtract.exe

SpamSubtract.exe - This tells you whem you get junk mail, this also has a removal process from Intermute this integrates with your e-mail program, this is non essential only terminate if causing problems.



DragDrop.exe

DragDrop.exe - This is from DigiOn, installed on a lot of Sony Vaio notebooks, this is a CD/DVD burner, this is non essential only terminate if causing problems.



store.exe

store.exe - This is with Outlook Exchange from Microsoft, this allows RAM memory for Microsoft Exchange for optimization purposes, this may cause problems on some servers.



WPC11CFG.EXE

WPC11CFG.EXE - This is from Linksys wireless G USB network, this allows more configuration options for this hardware, this is non esential only terminate if causing problems.



NoAds.exe

NoAds.exe - This blocks advertisments on Yahoo Messenger, this is non essential.



SPMgr.exe

SPMgr.exe - This is installed on most Sony Vaio laptops, it gives more configuration options for these devices, this is non essential only terminate if causing problems.



HelpHost.exe

HelpHost.exe - This is with Microsoft Windows Operating System, when requested in Windows 2000 or newer this is initiated.



TabTip.exe

TabTip.exe - This is from Microsoft Windows Operating System, it gives more support for tablet Pc's, for a secure system do not remove.



APTEZBP.EXE

APTEZBP.EXE - This lets the user customize rapid access buttons, on rapid access keyboard.



PPWebCap.exe

PPWebCap.exe - This is installed on the system tray bar, it allows access to Visioneer scansoft software, this is non essential.



WinAce.exe

WinAce.exe - This can achieve upto a 60% compression ratio with your personal files, this is non essential only terminate if causing problems.



npssvc.exe

npssvc.exe - This is from Norton anti virus, this schedules Norton anti virus scans, for a secure system do not remove.



NILaunch.exe

NILaunch.exe - This is from Net it Launcher, it publishes software from the Informative graphic Corp.



LMPDPSRV.EXE

LMPDPSRV.EXE - This is a Lexmark printer and scanner, this allows the sharing of a printer on a network.



RSRCMTR.EXE

RSRCMTR.EXE - This is from Microsoft Windows Operating System, it monitors resources for bottlenecks and usage, this is non essential only terminate if causing problems.



command.exe

command.exe - This is added to the system as a result of the BUDDY virus, this is a registered risk and should be removed imediately, if you find this make sure you download your lastest updated virus program.



BTStackServer.exe

BTStackServer.exe - This is from Bluetooth stack COM server from Widcom, for a smooth running system do not remove.



DavCData.exe

DavCData.exe - This is from Microsoft Internet Information Services, this offers server based functionality to your personal system, this is non essential only terminate if causing problems.



AlarmApp.exe

AlarmApp.exe - This is from Palm desktop software, this takes care of synchronising alarms on a Palm Pocket product, this is non essential only terminate if causing problems.



TCServer.exe

TCServer.exe - This is from Microsoft Tablet PC Windows Operating System, for a secure system this is important.



msafd.dll

msafd.dll - This is a module for Microsoft Windows sockets transport service.



SOINTGR.EXE

SOINTGR.EXE - This is on Sun MicroSystems starOffice, this offers word processing, this is non essential only terminate if causing problems.



LaunchApplication.exe

LaunchApplication.exe - This is from Nokia PC suite, this integrates your mobile phone to your PC, this is non essential.



SCCENTER.EXE

SCCENTER.EXE - This is installed on your Compaq laptop, this looks for updates for your laptop, this is non essential.



swagent.exe

swagent.exe - This is from Sonicwall Internet firewall protection, for a secure system do not remove.



vpngui.exe

vpngui.exe - This is with VPN client from Cisco Systems, it sets up IPSec communications VPN clients.



GRPWISE.EXE

GRPWISE.EXE - This is from Novell Groupwise's e-mail client, it offers e-mail functionality in a Novell network, this is non essential only terminate if causing problems.?



beremote.exe

beremote.exe - This is from backup Exec from Veritas, for a smooth system do not remove.



HPSJVXD.EXE

HPSJVXD.EXE - This belongs to HP, it provides functionability for scanners, for scanning this is required, only terminate if causing problems.



rk.exe

rk.exe - This is from a software from Marketscore, this monitors what youdo online and also diplays surveys in popup windows, for your personal privacy this should be removed.



lssas.exe

lssas.exe - This is registered as a trojan, this lets attackers get into your system and steal personal information, this should be removed for your systems security.



AdSub.exe

AdSub.exe - this blocks popups and removes ads from Intermute, this works automatically while online.



TCAUDIAG.exe

TCAUDIAG.exe - This is from 3Com Corp, it gives you diagnostic features for network cards.



tblmouse.exe

tblmouse.exe - This is installed with Aiptek mouse devices, this is non essential only terminate if causing problems.



WMENCAGT.EXE

WMENCAGT.EXE - This lets people access Windows Media Encoder from a network, this is not used very much.



trcboot.exe

trcboot.exe - This is with IBM personal communications, it is essential you should not terminate.



msvcmm32.exe

msvcmm32.exe - This is from movielink, it provides automatic updates.



pts.exe

pts.exe - This is installed with driversa for Kodak cameras, it helps detect connection and Media insertion.



flashfxp.exe

flashfxp.exe - This is from FlashFXP, it lets you transfer files online, this is non essential only terminate if causing problems.



ee.exe

ee.exe - This is for Evidence Eliminator, this removes all deleted files.



alertsvc.exe

alertsvc.exe - This is from Norton anti-virus, it tells you when new security updates are available, for a secure system do not remove.



FireDaemon.EXE

FireDaemon.EXE - This application is running in the backround, it lets the user install and use programs such as Windows NT or Windows 2000 services.



msnladmin.exe

msnladmin.exe - This is from MSN toolbar, this is a plugin for internet explorer, it is non essential.



regsvr32.exe

regsvr32.exe - This is from Windows OS it registers dynamic link libraries and activeX controls, for a secure system this is important.



SAcc.exe

SAcc.exe - This is from Surf accuracy, it watches what you do online and sends the information back to it's main server, it also prompts popups, it's a risk you should get rid of it.



YServer.exe

YServer.exe - This is from Yahoo instant messenger, it takes care of file transfering, this is non essential.



devenv.exe

devenv.exe - This is from Microsoft Visual Studio, it's a development from Microsoft, it is non essential only terminate if causing problems.



szntsvc.exe

szntsvc.exe - This is from STOpzilla, this protects you from spyware,malware,and adware, for a secure system do not remove.



The Weather Channel.exe

The Weather Channel.exe - This is installed with Weather.com instant messaging, this is non essential.



TMEEJME.EXE

TMEEJME.EXE - This is with Toshiba laptops, not sure exactly what it does yet.



zstatus.exe

zstatus.exe - This process is for Hewlett Packard Laserjet printers, it makes quick access to settings and configurations it shows the printer status in the tray bar.



wp.exe

wp.exe - This process is with FlashTrack Adware, for your privacy this should be removed.



sixtypopsix.exe

sixtypopsix.exe - This process is with unidentified spyware, it watches what you do online and sends it back to it's main server, for your privacy this should be removed.



faxsvc.exe

faxsvc.exe - This process is related to Microsoft Fax service, it lets the user create and send faxes in Microsoft office, while running other devices, this is non essential only terminate if causing problems.



emsmta.exe

emsmta.exe - This is related to Microsoft Exchange Message Transfer Agent, for a smooth running server do not remove.



DeskAdServ.exe

DeskAdServ.exe - This is from Exact advertising.com, this watches what you do online, and then sends the information back to it's main server, this also prompts advertisments, this is a registered security risk it should be removed as soon as it's found.



WeatherEye.exe

WeatherEye.exe - This is from Weather Network, weather alerter, this is non essential only terminate if causing problems.



DWHeartbeatMonitor.exe

DWHeartbeatMonitor.exe - This is installed with weather.com instant messaging, this is non essential.



SCARDS32.EXE

SCARDS32.EXE - This is instlled with Towitoko Smart Card Reader Driver, it gives more support for these devices, this is non essential.



gnetmous.exe

gnetmous.exe - This is installed with hardware drivers for Genius Netscroll+ mouse series, it gives you program user preferences, this is non essential.



oasclnt.exe

oasclnt.exe - This is from McAfee virus scan client service.



TP98TRAY.EXE

TP98TRAY.EXE - This process is related to the IBM Thinkpad.



LogMeInSystray.exe

LogMeInSystray.exe - This is a remote administration for Windows, it gives access to the host system in the network.



StarWindService.exe

StarWindService.exe - This is from alchohol 120% and gives drive sharing capabilities, this is non essential only terminate if causing problems.



MediaGateway.exe

MediaGateway.exe - This advertising program is from Winupdate, this watches what you do online and sends the information back to it's main server, this prompts advertisments, this is a risk it should be removed as soon as it is found.



WebTrap.EXE

WebTrap.EXE - This is from PC cillin antivirus, it watches for malicious and activeX elements.



MemOptimizer.exe

MemOptimizer.exe - This is from TuneUp utilities mainly for the 2003 version, this cleans RAM and lets you clean your clipboard.



ClamTray.exe

ClamTray.exe - This is an antivirus program.



CTMIX32.EXE

CTMIX32.EXE - This is a soundcard traybar access, not required unless you change your settings.



EVENTAGT.EXE

EVENTAGT.EXE - DEvent agent module client, it's from dell openmanagment.



WDBtnMgr.exe

WDBtnMgr.exe - This is installed with a western digital external drive, it lets you back up your system with one click.



CopernicDesktopSearch.exe

CopernicDesktopSearch.exe - This lets you search your entire harddrive in a second to pinpoint the right that your looking for.



ISATRAY.EXE

ISATRAY.EXE - This is internet security and a server accelorator.



LWEMON.EXE

LWEMON.EXE - This is required to operate joysticks, and gamepads, unless you play games a lot it is best to leave unchecked.



ePrompter.exe

ePrompter.exe - This notifies you if you have an e-mail.



NetMeter.exe

NetMeter.exe - This measures how much you use the intertnet, it is reported that this downloads and installs automatically, this should be avoided.



DEVGULP.EXE

DEVGULP.EXE - This is for Compaq systems, it loads digital dashboard options.



sbdl.exe

Spyblocker Proxy Agent



mcdetect.exe

mcdetect.exe is a legitimate component of the McAfee Security Center.



AcBtnMgr_X83.exe

Lexmark X83 Button Manager



TiVoServer.exe

TiVo Server is installed with the TiVo Home Media Option. It streams audio files to your television/home theater from your PC.



SWUPDATE.EXE

Sophos Anti-Virus Update
or
Sweep for Windows NT Update



LSSrvc.exe

The process belongs to the software LightScribe by Hewlett-Packard Company (www.hp.com).



BackWeb-1940576.exe

"BACKWEB is Backweb, AKA Compaq Service Connection. This is a subject of
much debate. Backweb connects to a Compaq server when you login to the 'net,
and if there are updates for your system it will download those updates to
your computer. If there are no updates to download, then nothing will be
downloaded. The downside of this program is that it uses a significant
amount of resources.?



PCLEScheduler.exe

Start up program for the remote control for the pinnacle PCT Rave TV/Radio internal card



SR_Service.exe

The process SecureClient Service belongs to the software desktop or VPN-1 SecuRemote/SecureClient by Check Point Software Technologies (www.checkpoint.com).



slsk.exe

The process SoulSeek Client belongs to the software SoulSeek Network Client or UI4 Application by SoulSeek.
It's a Peer to Peer file sharing program.



NALDESK.EXE

Novell Zenworks Application Explorer Executable; ""For almost all users the Novell ZENworks agent (either Application Launcher or Application Explorer) will be run via the user's login script on each successful login. ZENworks is used to periodically deliver software updates and is also used to install the remote management components.



MemTurbo.exe

MemTurbo.exe - This is a memory optimizer, it is recommended not to use this with Win98/SE/ME.



RFAGENT.EXE

RFAGENT.EXE - This looks through the Windows registy for orphan file/folder references, it finds the files or folders that might have been moved from there origional locations, then it corrects the entries and matches them with the located files.



E_S4I2G1.EXE

E_S4I2G1.EXE - This is associated with the Epson Stylus CX5400 printer/scanner/copier.



aol.exe

aol.exe - This is added by W32/Agobot-FN it's a backdoor trojan.



pokapoka62.exe

pokapoka62.exe - This is an Elitebar toolbar program, this is not visible in normal mode it uses rootkit technology to hide itself, you must reboot into safe mode to delete it.



speedkey.exe

speedkey.exe - This is more shortcuts on MS programable keyboard.



CTLTray.exe

CTLTray.exe - This is installed with soundblaster audigy range of soundcards, this lets you set EAX settings from the Sound blaster Audigy system icon.



uGuru.exe

uGuru.exe - This gives you quick access to several Abit motherboard utilities, it watches CPU tempeture, fan speeds, overclocking, and flashing of BIOS.



PopupStopper.exe

PopupStopper.exe - This is a system popup stopper.



secretmaker.exe

secretmaker.exe - This makes up a combination of eight privacy defending programs.



WG511WLU.exe

WG511WLU.exe - This is a Netgear configuration program for 54g wireless lan card, this is required to watch and manage the lan card.



Save.exe

Save.exe - This advertising program is from whenU.com, it watches what you do online and records it then sends the information back to it's main server, this also prompts advertising popups, this is a risk it should be removed imediately.



IDMan.exe

IDMan.exe - This is the manager for internet downloading, it downloads files very fast.



DevDtct2.exe

DevDtct2.exe - This is instlled by different Olympus products, it finds active connections of speech devices, then it runs specific software to access that device, this has a high priority and can negatively impact system resources.



CTLTask.exe

CTLTask.exe - This is a creative soundblaster Audigy Taskbar, this lets you choose between different EAX effects, this is non essential.



ZenRem32.exe

ZenRem32.exe - This is from Novell Windows client, it's service name is Remote managment agent.



XoftSpy.exe

XoftSpy.exe - This is a tool for removing spyware.



DNTUS26.EXEDNTUS26.EXE

DNTUS26.EXE - This gives remote access and control of a computer, hackers install this program a lot to get control of your system so if you did not install it you should remove it if found.



imonitor.exe

imonitor.exe - This gives you remote access to your system so that you can update your system when a new update is found.



dbserv.exe

dbserv.exe - This is a server for Norton Ghost on Win2k pro, this works good when it is diabled.



AirGCFG.exe

AirGCFG.exe - This is a D-link Airplus wireless router.



RealOneMessageCenter.exe

RealOneMessageCenter.exe - This is real player related, it will not effect your system if you disable this.



WATCHDOG.EXE

WATCHDOG.EXE - This is from Kwakkelflap watch dog o-matic, it watches critical processes and handles crashing, this should only be terminated if causing problems.



SetIcon.exe

SetIcon.exe - This is installed by a six in one device, this is always updating icons for four media card slots.



Adobelmsvc.exe

Adobelmsvc.exe - This is Adobe's license managment service, it takes care of not using a pirated copy of there software, every time you use an Adobe product the reinstalls itself.



g2svc.exe

g2svc.exe - This lets any individuale or companies register there systems online, and then safely access those same systems from any computer online.



pcbooster.exe

pcbooster.exe - This is from Inkline Global, this is an easy to use system optimizer it allows your system extra speed and stability that you want while keeping your system clean.



ATIX10.exe

ATIX10.exe - This is a PC wireless remote control.



E_S4I2F1.EXE

E_S4I2F1.EXE - This is an Epson status monitor, it monitors the status of a print job spooled to that printer.



D066UUTY.EXE

D066UUTY.EXE - This is the TWAIN driver for the canoscan flatbed printer.



Opware14.exe

Opware14.exe - If this is running a person can call Omniscan and ask it to scan somthing from inside of word.



mouseutils.exe

mouseutils.exe - This is an infection that connects to an IRC server on startup then it waits for commands to execute.



lxbtbmgr.exe

lxbtbmgr.exe - This is a Lexmark system Tray process, it lets you scan or fax functions directly from the printer buttons, this can be launched from a desktop.



PCLETray.exe

PCLETray.exe - This is instant CD/DVD disc creation, this lets you get any CD/DVD tool with one click instantly.



TrayIcon.exe

TrayIcon.exe - This is from Cacheboost, it a system performance boost.



bpumTray.exe

bpumTray.exe - This is from Telstra Bigpond Toolbar, it makes internet use a whole lot easier.



razertra.exe

razertra.exe - Thisis a diamondback mouse driver.



pokapoka63.exe

pokapoka63.exe - This is an adware component.



ATDIALLER1.EXE

ATDIALLER1.EXE - This is from Freeserve connection Kit, this changes dial up for freeserve anytime if problems are encountered.



QuickTV.exe

QuickTV.exe - This is an Infra red remote control driver for AverTV Studio, this is essential if you use remote control.



hppwrsav.exe

hppwrsav.exe - This is a? power save related process, some people complain because it freezes up your system while it's running,? but this keeps your light from staying all the time.



HPCDTRAY.EXE

HPCDTRAY.EXE - This allows system tray access to HP's writers functions.



REGPROT.EXE

REGPROT.EXE - This is from Diamond Computer systems, it keeps your system registry safe from changes.



NVATray.exe

NVATray.exe - This is from Nvidia nforce audio processing, it gives you 3D positional audio and DirectX 8.0 capability, it also encodes and decodes Dolby digital 5.1 audio in real time.



anbmServ.exe

Acer Notebook Manager Service (anbmService)



tlen.exe

tlen.exe - This is from Tlen, it is a polish language instant messaging client.



PGPserv.exe

Related to PGP Corporation. Deals with Encryption



Scheduler daemon.exe

Scheduler daemon.exe - This is from Tenebril Ghostsurf, you can schedule anytime for cleanings.



srhelper.exe

Hitman Pro
A free program that uses several spyware programs (spybot, webroot, lavasoft, spy blaster, pc tools, cw shredder), which are run one after the other to clean up and prevent spyware. Works automatically--start to finish. A great timesaver.?



iconoid.exe

iconoid.exe - This is a desktop icon manager.



skinkers.exe

skinkers.exe - This is a election of desktop messaging/marketing tools with celebrity tie ins, leave enabled if you would still like to recieve messages.



DeltTray.exe

This is the driver for the M-Audio Delta 1010 recording system (e.g. Midiman)



FD.exe

FD.exe - This is a Genicom SAP printer driver.



TeamSpeak.exe

The process The TeamSpeak 2 client belongs to the software TeamSpeak 2 Client by Dominating Bytes Design.

It's Team Speak Software... Voice comunication for multiplayer games.



PDEXPLO.EXE

"PowerDesk Pro by Ontrack. Enhanced desktop and file manager. Available via Start -> Programs"



ZoomingHook.exe

ZoomingHook.exe - This is assiciated with Toshiba zooming utility for Tablet PC.



DWRCST.exe

This program file is as part of DameWare utilities and Dameware Mini Remote Control Client Agent Service (DWRCS.EXE). These programs are related and is used for remote control, normally as businesses to help support the desktop systems. This is a remote control program but is not considered spyware or adware



spamihilator.exe

spamihilator.exe - This is a spam filter.



dpcnav.exe

dpcnav.exe - This is from DirectTv it is high speed internet.



wlanutil.exe

wlanutil.exe - This is a wireless LAN configuration utility.



lxbfbmon.exe

Lexmark X6100 Button Monitor.? Background task installed by the drivers for the Lexmark X6100 multifunction printer/scanner/copier.? This background task monitors the X6100 for activity and interacts with? LXBFBMGR? above for operations involving the PC (e.g. scan to e-mail).? Also, for large copy jobs it relays the current copy count back to? LXBFBMGR? so you can view it on your PC.



ATI2CWXX.EXE

Used for ATI Video Cards



ProtoWall.exe

he process ProtoWall belongs to the software ProtoWall

this is a ndis packet filtering app that will block ip addesss's



SATARaid.exe

SATARaid.exe - This is a RAID driver for serial ATA discs on motherboards.



THUNDE~1.EXE

Mozilla Thunderbird Email Client



BitLord.exe

The process BitLord belongs to the software BitLord by www.BitLord.com.

p2p file sharing program based on BitTorrent technology. not dangerous



HPOGRP07.EXE

Monitor and control software for HP 7110 OfficeJet



yop.exe

yop.exe - This process is related to SBC Yahoo online protection, this makes sure your system is protected completely.



USBDETECTOR.EXE

USBDETECTOR.EXE - This USB detector sets up an icon on the system tray, this is intended to be used as a tool for ejecting or unpluging hardware.



dumprep.exe

dumprep.exe - This is from Microsoft Windows XP in built fault logging software, if there are serious errors with this program it will write the details to a text file and ask that the information will be sent to Microsoft, this is non essential.



hddhealth.exe

hddhealth.exe - This is a full featured failure prediction agent, this is for Windows 95, 98, NT, ME, 2000, and XP, this watches hard disks and tells you when impending failure.



Stinger.exe

Stinger.exe - This process is for McAfee stinger, it's a stand alone utility, this detects and removes worms, for a secure system do not remove.



SCAN32.EXE

SCAN32.EXE - This is from McAfee virus scan Enterprise, this keeps your system safe from internet bound threats, for a secure system do not remove.



NWRECMSG.EXE

NWRECMSG.EXE - This process gives you messages from your server and printer, it can cause crashes.



msnindex.exe

msnindex.exe - This is from Google desktop search, it integrates with your Windows desktop, this is non essential.



DeskAdKeep.exe

DeskAdKeep.exe - This is from Exact advertising.com, this records what you do online and sends the information back to it's main server, this prompts popups, this is a risk you should remove imediately.



ADC.exe

ADC.exe - This is from Xemicomputers, this is a calendar that shows up on your computer screen that you can put reminders on, this is non essential.



hookdump.exe

hookdump.exe - This is from Hookdump trojan, it lets attackers get into your system and steal information, it is a risk it should be removed.



lserver.exe

lserver.exe - This is from Microsoft Windows Server, it takes care of terminal server licensing, for a secure system this is important.



AOM.exe

AOM.exe - This is from Adobe's range of products, this is interacts with the web on behalf of all of Adobe's creative suite, this is non essential.



gwum.exe

gwum.exe - This is related to the suite with Gigabyte Motherboards, it gives the user information on hardware such as CPU tempeture, and fan speeds.



uzqkst.exe

uzqkst.exe - This is from Popular Freeware, the ultimate zip file compression tool, this is non essential.



SPOOLSRV32.EXE

SPOOLSRV32.EXE - This is related to Top antispyware Malware, for the safety of your personal privacy this should be removed.



cygrunsrv.exe

cygrunsrv.exe - This is from Cygwin redhat, it offers well known GNU tool for Windows, this is non essetial only terminate if causing problems.



D4.exe

D4.exe - This is a time sychronization utility for Windows 9x, this is non essential.



answers.exe

answers.exe - This process is related to 1 click answers from answers.com, it gives instant access to answers.com database of facts related to a word.



LiveUpdate.exe

LiveUpdate.exe - This is related to AceGain LiveUpdate, this is used by games to inform the user when new updates and patches are available.



paytime.exe

paytime.exe - This is a hijacker, this means it will change your internet Explorer settings every so often, this is usually installed with your consent disguised as something else, it's a risk you should remove it.



xferwan.exe

xferwan.exe - This is related to Centennial Discovery, this is non essential.



ofps.exe

ofps.exe - This is related to Omniform from Scansoft, this is non essential.



lic98rmt.exe

lic98rmt.exe - This is related to license client software from computer associates, only remove this if causing problems.



PortAOL.exe

PortAOL.exe - This process is from Port Magic by Pure Networks, this comes with AOL used to configure and optimize online settings and speed, this is non essential.



CMMPU.EXE

CMMPU.EXE - This is installed with C-media audio card drivers, this is a MIDI emulator usally on C-media on board audio cards.



EXSHOW95.EXE

EXSHOW95.EXE - This is related with Kensington products, this improves the features for your Kensington products, for a secure system do not remove.



monitr32.exe

monitr32.exe - This is installed with the drivers for Cannon Multipass printer series, this is non essential only terminate if causing problems.



pull.exe

pull.exe - This is used by Microsoft for Web casts, this is non essential only terminate if causing problems.



upssrv.exe

upssrv.exe - This is Power panel plus software, during a power outrage this automatically saves and closes all open files, and shuts down the system in an orderly manner.



cleanmgr.exe

cleanmgr.exe - This is from Diskspace cleanup manager, this is bundled with Microsoft Windows, this is non essential only terminate if causing problems.



gtwatch.exe

gtwatch.exe - This is installed with drivers for Mustek scanner, this is non essential.



sshd.exe

sshd.exe - This is from Cygwin openSSH secure shell daemon, this offers encrypted secure shell across the internet, if you don't know why this is on your system you should get rid of it, this can be used to bypass security.



PeerGuardian_1.99b_pr14.exe

PeerGuardian_1.99b_pr14.exe - This is a tiny firewall program designed for P2P software users, this blocks connection for configured IP ranges and logs the blocked connections.



w3wp.exe

w3wp.exe - This process is related to pool in ISS, this usually locates all large amounts of resources, this should not be terminated.



DVDRegionFree.exe

DVDRegionFree.exe - This is from Fengtao's DVD region free software, it lets you play movies reguardless of region, this is non essential.



QuickTouch.exe

QuickTouch.exe - This maps the keys on Fujitsu process panel to varion programs and functions.



CManager.exe

CManager.exe - This process is related to copylog and faxlog workstations, it collects data and sends the information the the system above.



WinCtlAd.exe

WinCtlAd.exe - This is from Winupdates adware, this displays advertisments on your desktop, for your privacy this should be removed.



warez.exe

warez.exe - This is from Warez peer-to-peer file sharing, this is non essential only terminate if causing problems.



swstrtr.exe

swstrtr.exe- This is related to Cold Fusion server from Macromedia.



Svhost.exe

Svhost.exe - This is registered as W32.MYdoom.I@mmworm, this is distributed through e-mails in hopes that you will open the attachment, it has it's own SMPT engine so that it can gather e-mail from your local computer, this can allow attckers to access your system and steal information, this is a risk you should get rid of it.



PrecisionTime.exe

PrecisionTime.exe - This advertising program is from Gator, it records what you do online and sends the information back to it's main server, this also prompts popups, this is a risk you should remove it.



wtta.exe

wtta.exe - This is from Purityscan/clickspring, this records what you do online and then sends the information back to it's main server, this also prompts popups, this is a risk you should remove it.



rteng7.exe

rteng7.exe - tThis is from adaptive server anywhere, this is a core process of this products database engine, this is non essential only terminate if causing problems.



CONNMN~1.EXE

What is it?

CONNMN~1.EXE is associated with the sony ericsson mobile phone suite software.

What does it do?

May be responsible for monitoring the usb connection for phone/bluetooth sync.

More info:

CONNMN~1.EXE is a trunkated file name, it may be "SHORT" for connmntr.exe or connmngr.exe



INSTAN~1.EXE

What is it?

INSTAN~1.EXE is associated with TextBridge Pro 9.0 OCR scanner software.

What does it do?

Gives access to the OCR textBridge software directly through the file menu's in some word processing applications.

More info:

Found [url=http://startup.iamnotageek.com/srch-INSTAN~1.EXE.html]here[/url] in our Startup DB.

Available via Start -> Programs

Microsoft Knowlege base notes there is a [url=http://support.microsoft.com/kb/q139727/]problem[/url] caused by instant access where currently running applications may not appear on the taskbar. This issue is being reported as only a problem for windows 95 and 98 users...



AOLHOSTMANAGER.EXE

What is it?

AOLHOSTMANAGER.EXE is associated with?america online?dialup internet service.

What does it do?

May be necessary for?AOL?dialup service and software.

More info:

Do you have AOL DIALUP? if so?keep it.



connmngmntbox.exe

What is it?

connmngmntbox.exe or CONNMN~1.EXE is associated with the sony ericsson mobile phone suite software.

What does it do?

May be responsible for monitoring the usb connection for phone/bluetooth sync.

More info:

CONNMN~1.EXE is a trunkated file name, it is short for connmngmntbox.exe



sh.exe

What is it?

sh.exe ?? Not alot of info about sh.exe, other than; t may be associated with?GNU utilities native to windows 32 mscvrt

What does it do?

probly a shell prompt like bash.

More info:

sh.exe is a target of many trojan horse downloaders that?attempt to end?processes.



INTEGRATOR.EXE

What is it?

INTEGRATOR.EXE?is associated with Dachshund software applications.

What does it do?

Integrator?is used?to bring up a main menu?to?launch or customise?other dachshund applications.

More info:

Problems with windows xp and window?shades 3, workaround available.

Read more about?anti-crash and other applications at duchshundsoftware.com



tabbtnu.exe

Tablet PC Buttons Service (Microsoft)



VAIOUpdt.exe

The process belongs to the software VAIO Update by Sony Corporation (www.sony.com).



WMRUNDLL.EXE

The process ZEN for Desktops Helper DLL Processor belongs to the software ZEN for Desktops by Novell, INC.



s3hotkey.exe

Hotkey system tray icon to enable switching between monitors. Found on laptops with an S3 Twister integrated graphics card



resetservice.exe

Disables Windows XP Product Registration



MSWHEEL.EXE

"Microsoft Intellipoint software for their Intellimouse series of mice - required if you use non-standard Windows driver features"



PPSHARED.EXE

The process PPShared Module belongs to the software PPShared Module by PeoplePC (www.peoplepc.com).



NICServ.exe

Related to Linksys config utility.



HPOVDX05.EXE

The process VDI Manager belongs to the software HP OfficeJet T Series by Hewlett-Packard Co (www.hp.com).



ActivityDisk.exe

DescriptionActivityDisk Iomega Corporation SmartSoft ActivityDisk



PCAlert4.exe

This is a system monitoring utility provided by MSI for their motherboards.



POWERPNT.EXE

POWERPNT.EXE - This is from Microsoft Publisher Product, this allows the production of personal and commercial slide shows, this is non essential only terminate if causing problems.



Tmas.exe

Tmas.exe - This is required when using real time monitoring.



umonit.exe

umonit.exe - This is related to a USB monitor, it tells you when the USB units are available.



atitray.exe

atitray.exe - This gives you quick access to ATI graphic card settings.



webcheck.dll

webcheck.dll - This contains COM interfaces used for site monitoring.



Cyb2k.exe

Cyb2k.exe - This is from CYBERsitter product from solid Oak Software, this is a ponography filter while your online, this is non essential only terminate if causing problems.



I8kfanGUI.exe

I8kfanGUI.exe - This is a portion of Dell laptops fan control mechanism, this helps you get efficent use of Dell laptops fan control system, this is non essential.



archive.exe

archive.exe - This is a hijacker it will intermitenly change your internet explorer settings, this is usually installed with consent diguised as something else, it is a risk you should remove it.



Xhrmy.exe

Xhrmy.exe - This is related to an adware application, it automatically downloads and displays advertisments on your desktop, for your privacy this should be removed.



WlanUtility.exe

WlanUtility.exe - This is installed with Microstar WLANUtility, it gives you more configuration options for these devices, this is non essential only terminate if causing problems.



HPZTSB01.EXE

HPZTSB01.EXE - This is from HP deskjet Taskbar Utility, it's installed with HP deskjet printers, this is non essential only terminate if causing problems.



Opware12.exe

Opware12.exe - This belongs to Scansoft Omnipage, it lets you scan documents into Miocrosoft Office, this is non essential only terminate if causing problems.



ConnectionManager.exe

ConnectionManager.exe - This creates and connects your SBC Yahoo,and DSL, it's been reported to cause problems for some people, if causing problems you should remove.



kernels32.exe

kernels32.exe - This is related to DLOADER-FC trojan, it is a risk you should remove it, if found you should download your latest updated antivirus program.



svshost.exe

svshost.exe - This is registered as the P2spybot.gen virus, this spreads on P2P sharing tools, also on locally via network shares, it is a risk you should remove it.



fxredir.exe

fxredir.exe - This is related to Canon MultiPASS fax redirector.



airsvcu.exe

airsvcu.exe - This is the Windows Media Manager, this automatically loads at startup, it indexes files and folders from your drive.



CTLAUNCHER.EXE

CTLAUNCHER.EXE - This is for creative soundblaster live, it adds a quick launch bar at the top of the display, and a system tray icon.



seeve.exe

seeve.exe - This is related to an adware application from media motors.net, it displays popups and other adds, for your privacy this should be removed.



ngctw32.exe

ngctw32.exe - This is related to Symantec ghost server, this transfers data over a network, this should not be removed for it to work properly.



PNTIOMON.exe

PNTIOMON.exe - This is the main process for PC-cillin antivirus software, this lets you keep your system safe from the latest virus, and security threats, it automatically updates itself, for a secure system this is important.



TrayServer.exe

TrayServer.exe - This is related to Macvision program for monitoring tray icons, this is non essential.



WinCtlAdAlt.exe

WinCtlAdAlt.exe - This is from WinUpdates adware, it displays advertisments on your desktop, for your privacy this should be removed.



TAUMON.EXE

TAUMON.EXE - This is a pwerful trojan horse detection and removal engine, capable of catching every known backdoor virus that can threaten your system.



PSSVC.EXE

PSSVC.EXE - This is from Microsoft, it addresses problems in Outlook 2000, this is non essential only terminate if causing problems.



naimas32.exe

naimas32.exe - This is from Network Associates antivirus protection suite, this checks for updates on local servers, it will initate security policies in the Policy Ochestrator, for a secure system do not remove.



naimag32.exe

naimag32.exe - This is from Network Associates antivirus protection suite, it ckecks for updates on the local server it will also initiate security policies in the Policy Orchestrator, for a secure system do not remove.



Sysocmgr.exe

Sysocmgr.exe - This is related to System Optional Component Manager from Microsoft.



wsInspector.exe

wsInspector.exe - This is related to Windows Startup inspector, it shows all the startup entries on the system, and gives you the option to remove programs from your auto start list.



bagent.exe

bagent.exe - This is for Quicken Software from Intuit Inc, it takes care of the scheduled update feature, telling you when new updates are released.



kbdtray.exe

kbdtray.exe - This is for logitech itouch keyboards, it gives you easy access to tools and settings related to the keyboard, this is non essential.



MtdAcq.EXE

MtdAcq.EXE - This is from MediaSniffer application, it scans and monitors directories for media files, this is non essential.



E_S0HIC1.EXE

E_S0HIC1.EXE - This is from Epson Stylus printer drivers, it ensures fonts are printed correctly, for a secure system this should not be removed.



hh.exe

hh.exe - This is from Microsoft Windows, it helps you when the button is pressed, this is non essential.



RFTray.exe

RFTray.exe - This is for Logitech Quickcam system video camera, it gives easy access to Quickcam software and settings, this is non essential.



amgrsrvc.exe

amgrsrvc.exe - This is from McAfee internet security, it takes care of alert managment, for a secure system this is important.



BPK.EXE

BPK.EXE - This is from Perfect Keylogger, it works in stealth mode to all records all keystrokes made on your system, this is a risk you should remove it.



Pavsrv50.exe

Pavsrv50.exe - This is from Panda antivirus software, it protects your system from online threats such as worms, and trojans, for a secure system ths is important.



Money Express.exe

Money Express.exe - This is the process for MP3.com plus express player, it is a media manager this lets you create play lists, burn custom CD's, and transfer songs to MP3, this is non essential.



conf.exe

conf.exe - This is from Microsoft Netmeeting, this allows the configuration and initialization for this internet chat facility, this is non essential.



iKernel.exe

iKernel.exe - This is from installshield installation engine, this is triggered during program setup, it is a risk you should remove it.



igfxpers.exe

igfxpers.exe - This is related to Common user Interface module from Intel.



AD2KClient.exe

AD2KClient.exe - This is from Iomega Zip drive drivers, it automatically launches application on insertion of the disk.



LxrJD31s.exe

Lexar Jump Drive driver



spnsrvnt.exe

Part of the Rainbow Drivers or Rainbow Toolkit for their Superpro USB security device



usbsircs.exe

This is a Sony driver for the remote control USB device to control the Giga Pocket TV software.



C:WINDOWSExplorer.EXE

Same thing as C:WindowsExplorer.exe



drst.exe

Dr. SpeedTouch is some sort of diagnostics software which sends out information to a server which then relays the information back to the program to test the network to see if the SpeedTouch ADSL modem connection is working properly. Not required if connected via Ethernet (and probably USB). Can cause a slow down in Win2K



msmdsrv.exe

The process Analysis server belongs to the software Microsoft SQL Server Analysis Services by Microsoft Corporation (www.microsoft.com).



brctrcen.exe

Brother scanner 'Control Center' application; can be started manually



HPOstr05.exe

Deals with HP Office Jet Series Printers



eetu.exe

Part of Purityscan



Stopzilla.exe

Stopzilla Popup Blocker



GPVSvr.exe

Sony VAIO Media Video Server




dlbtbmgr.exe


dell photo aio printer 922



matlabserver.exe

MATLAB Server



jrun.exe

Macromedia JRun Application Server



ATI2PLAB.EXE

ATI2PLAB.EXE - This is a portion of the display drivers, for your display driver to work properly you should not remove this.



navapp.exe

navapp.exe - This is related to NavExcel adware, this can record your online activities as well as show you advertisments on your desktop, for your privacy this should not be removed.



DESK98.EXE

DESK98.EXE - This is from ATI's Hydravision desktop manager, this gives the user functionality for setting up desktop behavior in multi-monitor environments.



TSC.exe

TSC.exe - This is from the Trend Micro Damage Cleanup engine, for a secure system do not remove.



HP_FINDER.EXE

HP_FINDER.EXE - This detects and allows the use of Centre button for the logitech mouse, this can be disabled if not used.



siMailProxyServer.exe

siMailProxyServer.exe - This is from Giant Spam Inspector, it is a junk e-mail detector keeping your system safe from mass e-mailing, for a secure system? this is important.



TClock.exe

TClock.exe - This gives the user a feature to synchronize the system clock with internet time servers.



kxmixer.exe

kxmixer.exe - This gives mixer and control functionality to Kxproject Audio driver for EMU10K based soundcards.



WorkFlowTray.exeWorkFlowTray.exe

WorkFlowTray.exe - This is from scansoft Omnipage it offers a traybar assistant for this software, this is non essential only terminate if causing problems.



WUSB54Gv4.exe

WUSB54Gv4.exe - This is from Linksys wireless-G USB network monitor, this gives you more configuration options for this range of hardware, this is non essential only terminate if causing problems.



msniasvc.exe

msniasvc.exe - This is installed with MSN version 9, this takes care of first time configuration for this product, this is non essential.



REALPOPUP.EXE

REALPOPUP.EXE - This is from Real Popup Utility, it comes with realplayer, it also belongs to RealPopup a network messaging tool, in both cases it is non essential only terminate if causing problems.



ADSTATSERV.EXE

ADSTATSERV.EXE - This is a hijacker that means it will every so often change your internet Explorer settings, it is usually installed through consent in diguise as something else, this is a risk you should remove it.



Slave.exe

Slave.exe - This is fromn Remote Anything, it is software by TWD industries, it gives you remote desktop administration over a TCP/IP network, this is non essential only terminate if causing problems.



nTrayFw.exe

nTrayFw.exe - This is a system tray icon for Nvidia Firewall, during startup this is important.



Zboard.exe

Zboard.exe - This third party application doesn't appear to be harmfull, currentely not sure what it does.



dlbtbmon.exe

dlbtbmon.exe - This is a Dell Button monitor application for Dell photo printers.



WlanMonitor.exe

WlanMonitor.exe - This is installed with driver for SMC2632W wireless PCMCIA NIC.



BTNtService.exe

BTNtService.exe - This third party application seems to be harmless, currentely not sure what it does.



myAgtSvc.exe

myAgtSvc.exe - This is a McAfee virus scan agent service, ususally leave to run during startup.



ACUMon.Exe

ACUMon.Exe - This third party application seems to be harmless, currentely not sure what it does.



RDSHOST.exe

RDSHOST.exe - This third party application seems to be harmless, currentely not sure what it does.



pcsws.exe

pcsws.exe - This third party application seems to be harmless, currentely not sure what it does.



CM_camera.exe

CM_camera.exe - This third party application seems to be harmless, currentely not sure what it does.



RCSCHEDULER.EXE

RCSCHEDULER.EXE - This third party application seems to be harmless, currentely not sure what it does.



pdfSaver.exe

pdfSaver.exe - This third party application seems to be harmless, currentely not sure what it does.



WMP11CFG.exe

WMP11CFG.exe - This is used by Linksys wireless PCI card, it tells you when a wireless access connection is made by a screen color change, this can be used for configuration also.



DOPUS.EXE

DOPUS.EXE - This is a file manager from GPSoft.



DNTUS26.EXE

DNTUS26.EXE - This provides remote access and control of a system, this is common for hackers to install on a system, so if you did not install it you should remove it.



SSScsiSV.exe

SSScsiSV.exe - This third party application seems to be harmless, currentely not sure what it does.



AVKService.exe

AVKService.exe - This is located in a subfolder, this program is not visible, this program has a 6% danger.



NetMDSB.exe

NetMDSB.exe - This third party application does not seem to be harmful, currently not sure what it does.



ssmmgr.exe

ssmmgr.exe - This is a Samsung printer monitor, it checks ink levels.



strokeit.exe

strokeit.exe - This third party application seems to be harmless, currentely not sure what it does.



g2tray.exe

g2tray.exe - This third party application seems to be harmless, currentely not sure what it does.



IoctlSvc.exe

IoctlSvc.exe - This third party application seems to be harmless, currentely not sure what it does.



TICIcon.exe

TICIcon.exe - This third party application seems to be harmless, currentely not sure what it does.



CurtainsSysSvcNt.exe

CurtainsSysSvcNt.exe - This is a security suite from Comcast.



NPFSVICE.EXE

NPFSVICE.EXE - This third party application seems to be harmless, currentely not sure what it does.



PCCMAIN.EXE

PCCMAIN.EXE - This is a worm that uses it's own SMTP engine to send itself as an e-mail attachment.



lxbtbmon.exe

lxbtbmon.exe - This third party application seems to be harmless, currentely not sure what it does.



RegManServ.exe

RegManServ.exe - This third party application seems to be harmless, currentely not sure what it does.



E_S4I2D1.EXE

E_S4I2D1.EXE - This third party application seems to be harmless, currentely not sure what it does.



WG111CFG.exe

WG111CFG.exe - This third party application seems to be harmless, currentely not sure what it does.



Rambooster.exe

Rambooster.exe - This is a process that frees up RAM, it forces Windows to remove data that is not needed for memory.



WINCMD32.EXE

WINCMD32.EXE - This third party application seems to be harmless, currentely not sure what it does.



WolSerNT.exe

WolSerNT.exe - This is located in a subfolder, it is not visible, it can be uninstalled in the control panel, this has a 6% danger.



cpuidle.exe

cpuidle.exe - This manages the cool CPU, by putting it in sleep mode when it's not in use.



DesktopWeather.exe

DesktopWeather.exe - This is the weather channels desktop program.



npfmsg2.exe

npfmsg2.exe - This is a Norman antivirus messenger.



SymSCUI.exe

SymSCUI.exe - This is a Norton Security Center Interface helper.



ReserveModule.exe

ReserveModule.exe - This is used for Sony computers with giga pocket tv tuner, it is a tray bar process it lets you manage your tv programs from start to stop.



rsvpsp.dll

rsvpsp.dll - This is from Windows Rsvp sevice provider used on Windows 2000 and later.



TNOTIFY.EXE

TNOTIFY.EXE - Timbuktu Pro for Windows.



YzDock.exe

YzDock.exe - This is a program launcher like the dock in MacOS X. Freeware.



OSDMenu.EXE

OSDMenu.EXE - This is a creative Mediasource Remote Control Service system on screen menu application.



stickies.exe

stickies.exe - This lets you put messages on your desktop for reminders.



RoamSvc.exe

RoamSvc.exe - This is an Intel Adapter.



nipalsm.exe

nipalsm.exe - These are National Instraments NI-PAL service manager for Windows.



razerhid.exe

razerhid.exe - This third party application seems to be harmless, currentely not sure what it does.



kavss.exe

kavss.exe - Kaspersky antivirus single scanner.



uvmserv.exe

uvmserv.exe - This is an IBM user verification manager server.



TSCHelp.exe

TSCHelp.exe - This is related to Snagit from TechSmith, it is an advanced screen capture utility.



ldlcserv.exe

ldlcserv.exe - This is related to IBM Corp.



Wfcrun32.exe

Wfcrun32.exe - This is related to ICA client from Citrix, Should not remove unless you have to.



ClipMate.exe

ClipMate.exe - This is a Clipmate clipboard Extender.



EDEXTER.EXE

EDEXTER.EXE - This is an older small free web filtering program produced by Edexter, it filters out ads.



GemServ.exe

GemServ.exe - This is related to advanced Micro devices Inc.



ibackup.exe

ibackup.exe - This is an automatic backup for use with Iomega portable HDD.



spydoctor.exe

spydoctor.exe - This is a spyware remover.



iemaximizer.exe

iemaximizer.exe - This automatically maximizes new internet explorer and outlook express windows.



ALMon.exe

ALMon.exe - This monitors and configures Sohos update activity.



avp.exe

avp.exe - This third party application seems to be harmless, currentely not sure what it does.



SAgent4.exe

SAgent4.exe - This is a communication module for your printers status monitor utility, it searches for printers in the local network and checks their status.



Prism.exe

Prism.exe - This is a security suite provided by the Comcast ISP.



SysCheckBop32.exe

SysCheckBop32.exe - This is a WINBO adware component.



AcBtnMgr_X63.exe

AcBtnMgr_X63.exe - This is a manager file for Lexmark x63 printer/fax/copier machine.



InkMonitor.exe

InkMonitor.exe - This is related to Epson printers, it tells you when your ink is running low and asks if you want to buy another cartridge on-line.



lcfep.exe

lcfep.exe - This diplays statistics about the endpoint, it is supposed to stop and remove the process, but it does not have an effect.



fs20.exefs20.exe

fs20.exe - This is the process for free surfer Companion, it includes a popup stopper, complete cache cleaning and managment for other related features.



FSScrCtl.exe

FSScrCtl.exe - This gives you a control applet for screen savers used by stardust screen saver toolkit, this is non essential.



pwmgr.exe

pwmgr.exe - This is an IBM password manager.



pow.exe

pow.exe - This is a popup stopper from analogX Pow, it prevents un-solicited popups during your surfing experience, this is non essential.



BbDevMgr.exe

BbDevMgr.exe - This is a RIM handheld device manager.



dcfssvc.exe

dcfssvc.exe - This is installed with Kodak Digital Cameras, it lets transfer pictures to and from the camera.



UmxCfg.exe

UmxCfg.exe - This is a tiny firewall.



lxbvbmon.exe

lxbvbmon.exe - This is used for Lexmark 2200 series printers.



dbsnmp.exe

dbsnmp.exe - This is related to oracle products.



UMonit2K.exe

UMonit2K.exe - This is usually installed with drivers for certain USB devices, such as card readers, do not terminate if you use a USB card.



acrobat_sl.exe

acrobat_sl.exe - This is an Adobe Acrobat Speedlauncher.



TosBtMng.exe

TosBtMng.exe - This is a Toshiba Bluetooth stack for Windows.



fbguard.exefbguard.exe

fbguard.exe - This is a firebird gaurdian.



fbserver.exe

fbserver.exe - This is a firebird database server.



UmxPol.exe

UmxPol.exe - This is a tiny firewall.



vpexrt.exe

vpexrt.exe - This is a Norton antivirus application component.



schscnt.exe

schscnt.exe - This is a command antivirus for Windows component.



PrcView.exePrcView.exe

PrcView.exe - When this process is started it waits for a remote command then it can log a key stroke, list or terminate services and processes.



dlbfbmgr.exe

dlbfbmgr.exe - This is related to the Dell A960, all in one printer drivers and software.



dlbfbmon.exe

dlbfbmon.exe - This is the Dell AIO printer A960 button monitor.



E_S0EIC1.EXE

E_S0EIC1.EXE - This is the Epson Stylus Photo 820 printer monitor.



UmxTray.exe

UmxTray.exe - This is a tiny firewall tray icon.



E_S4I2L1.EXE

E_S4I2L1.EXE - This is a system tray program for Epson Stylus CX6400 multifunction printer, required for best operation of printer, but not for system.



AgentSrv.EXE

AgentSrv.EXE - This is related to Connected corp.



BTHelpNotifier.exe

BTHelpNotifier.exe - This is the system tray icon for virtual assistant from BT broadband.



StatBar.exe

StatBar.exe - This lets you quickly overview your systems condition.



icsrv.exe

icsrv.exe - This is related to Eicon networks corp.



EasyZapperMonitor.exe

EasyZapperMonitor.exe - This detects harmony brand remote controls, it does not need to be run all the time, you should use when your uploading a remote.



ElinkAcc.exe

ElinkAcc.exe - This speeds up your surfing process.



a2start.exe

a2start.exe - This is a malware remover.



WeirdOnTheWeb.exe

WeirdOnTheWeb.exe - This process is added by adware, this is something that you do not want, if you find this you should remove it.



swn2.exe

swn2.exe - This is a spyware removal program and it is being heavily advertised through junk mail.



WLANCFG.EXE

WLANCFG.EXE - This is Inventel wireless router related, is required to automatically connect to the net at bootup.



VProperty.exe

VProperty.exe - This is a Philips web camera model.



HPWITBX.exe

HPWITBX.exe - This is a toolbox for HP printing system for Windows, used by deskjet 9600 series.



spooler.exe

spooler.exe - This is added by Variant.



LiveJournalU.exe

LiveJournalU.exe - This tool lets users compose posts to live journals, as well as manage the information on the site.



spykiller.exe

spykiller.exe - This is a spyware remover, there are better alternatives that are freeware to boot.



stobject.dll

stobject.dll - This is a library file that contains resources such as icons.



SpeedswitchXP.exe

SpeedswitchXP.exe - This is a CPU frequency control for notebooks running Windows XP.



QServer.exe

QServer.exe - This is related to Norton Internet security suite, it takes care of communication of quarantined files.



sysnet.exe

sysnet.exe - This is added by the banker.MW worm.



NetCfgSv.EXE

NetCfgSv.EXE - This is related to At&T.



sbrowser.exe

sbrowser.exe - This is a free tabbed web browser.



mm_director.exe

mm_director.exe - This is part of Musicmatch Jukebox software package.



iclient.exe

iclient.exe - This is used by Zone Labs Enterprise version of zoneAlarm, do not remove if using enterprise version of zoneAlarm.



ncupdatesvc.exe

ncupdatesvc.exe - This is a Netscape communications Corporation updater.



MsgSvr.exe

MsgSvr.exe - This is related to promise technology, it's a RAID message server.



hpoojd07.exe

hpoojd07.exe - This is an officejet D145 multi-function printer program.



SMARTSCAPS.EXE

SMARTSCAPS.EXE - This is a platform for integrating security functions with mobile services.



cpqek.exe

cpqek.exe - This is Compaqs easy access button software, it gives the user access to sponsored sites, it gives the user ability to customize keys.



DPFUSMgr.exe

DPFUSMgr.exe - This is related to digital personal.



HPQWMI.exe

HPQWMI.exe - This is associated with Hewlett Packard.



AeXNSAgent.exe

AeXNSAgent.exe - This is associated with Alteris services.



FAH502-Console.exe

FAH502-Console.exe - This is associated with Stanford University.



spd.exe

spd.exe - This is an internet accelerator.



AlbumDB2.exe

AlbumDB2.exe - This is the Logitech quickcam Album database.



SOFTMON.EXE

SOFTMON.EXE - This is part of the LANDesk managment suite.



ltcm000c.exe

ltcm000c.exe - This process is installed with drivers for XirCom and Lucent internel problems, this is non essential only terminate if causing problems.



WinScheduler.exe

WinScheduler.exe - This is installed with DVD remote control for WinDVD from Intervideo, to schedule recordings you will need this.



SDSTAT.EXE

SDSTAT.EXE - This process is from Toshiba, it informs you of your battery status, this is non essential.



IconMgr.exe

IconMgr.exe - This setts the color of your monitor if you play games a lot this can be useful.



Hello.exe

Hello.exe - This lets blogger users post digital photos and captions on their personal web logs or blogs.



FMSTART.EXE

FMSTART.EXE - This is a native fax connector for microsoft exchange server or for networks, it lets the user send and recieve faxes from their desktop.



MACVNTFY.EXE

MACVNTFY.EXE - This lets you use an apple ipod didgital music player with a PC running Windows, if not used regularly then manaually start before connecting the ipod.



AcroRd32Info.exe

AcroRd32Info.exe - This is an Adobe Reader PDF info applet, part of Adobe acrobat reader.



VzCdbSvc.exe

VzCdbSvc.exe - This is from VAIO entertainment studio, this is non essential only terminate if causing problems.



dvpapi.exe

dvpapi.exe - This is related to Authentium antivirus application, for a secure system do not remove.



dnar.exe

dnar.exe - This is installed on most Dell workstations, not sure what this does, this is non essential only terminate if causing problems.



WinAdCtl.exe

WinAdCtl.exe - This is an advertising program, it watches what you do online then sends the information back to it's main server, it also prompts popups, this is a risk you should remove it .



prtg4.exe

prtg4.exe - This associated with Paessler router traffic grapher.



issimsvc.exe

issimsvc.exe - This is associated with IBM global services.



ErrorNuker.exe

ErrorNuker.exe - This is a register cleaner it is only required if you want to run a scan process during startup, it can be started manually if required.



ADSTATKEEP.EXE

ADSTATKEEP.EXE - This is associated with Adstatus service, it hijacks your brouser settings, it records your habits and prompts advertisments, it should be removed.



WinServAd.exe

WinServAd.exe - This is related to an unidentified adware, it shows unsolicited advertisments on your desktop, this should be removed.



almxptray.exe

almxptray.exe - This is a traybar process for your Acer notebook, it allows easy access to sysem settings, it can be removed to free up space.



mrmlnc32.exe

mrmlnc32.exe - This connects your Canon image runner or your document scanner to your companies e-mail.



clipc.exe

clipc.exe - This makes the clipboard useful, it saves an unlimited amount of data, it is easy to use.?



RXMON9X.EXE

RXMON9X.EXE - This is a Dell resolution assistant.



BCMDMMSG.EXE

BCMDMMSG.EXE - This is a BCM voicemodem driver, it is mandatory for dial up if you have one of these modems.



InetCntrl.exe

InetCntrl.exe - This is a Bsafe internet filter.



DELAYRUN.EXE

DELAYRUN.EXE - This is made by Hewlett packard, it prevents conflicts on HP Pavillion computer, for a secure system it is important.



scureapp.exe

scureapp.exe - This is? related to Omnipass from Softex Inc, it is a password managment software.



Girder.exe

Girder.exe - This is a utility for programing remote controls, hotkeys, and automation.



SA3DSRV.EXE

SA3DSRV.EXE - This is a 3d sound extension for Windows.



AVKPOP.EXE

AVKPOP.EXE - This is a AVK antivirus e-mail checker.



NeroStartSmart.exe

NeroStartSmart.exe - This is a CD ROM/DVD burning software.



WinServSuit.exe

WinServSuit.exe - This is related to an unidentified software, it shows unsolicited advertisments on your desktop, for your personal privacy you should remove this.



agquickp.exe

agquickp.exe - This is a smart card based authentication, and digital signature client software.



sp_SWIns.exe

sp_SWIns.exe - This is a secure software platform, for the creation and managment of advanced IP services.



AccessMgr.exe

AccessMgr.exe - This allows rapid turnup and enhanced administration of VPNs, it makes the tasks for VPN design and policy managment easier.



ELSBLaunch.exe

ELSBLaunch.exe - This is an earthlink spamblocker.



sdpasvc.exe

sdpasvc.exe - This is a Matsushita Electrical Industry co.



mdms.exe

mdms.exe - This is a back door worm, when the infection starts it connects to an IRC server where it waits for remote commands to execute.



umxlu.exe

umxlu.exe - This is a tiny firewall.



PWSTRAY.EXE

PWSTRAY.EXE - This is Microsofts personal web server, it lets PCs behave as web servers.



G6FTPSrv.exe

G6FTPSrv.exe - This is a bullet proof PTF server.



HijackThis .exe

HijackThis .exe - This is fro merijn hijackthis, it monitors your browsers configurations ,and plugins, modifications and restores can be made when necessary, this is non essential only terminate if causing problems.



FirefoxPreloader.exe

FirefoxPreloader.exe - This is used by firefox to load portions of the program into memory so it's launched quicker.



Linksts.exe

Linksts.exe - This is installed when you install drivers for Asuscom internal ISDN modem cards, it lets you monitor or configure your ISDN card.



SUITEST.EXE

SUITEST.EXE - This puts indivdual lotus components on the system taskbar when you start Windows.



hkss.exe

hkss.exe - This is from compaq it provides hot key support for compaq multimedia keyboards.



DJSNETCN.exe

DJSNETCN.exe - This is a Symantec licesing detect internet connection, it is part of Norton antivirus.



IMNOTFY.EXE

IMNOTFY.EXE - This is an Incredimail e-mail notification application.



IWatch.exe

IWatch.exe - This is a dialing filter for more security and control on the ISDN PC, it is doubly protected agaist dialer programs, it lets the user block calls from both individual numbers and whole number blocks.



RivaTuner.exe

RivaTuner.exe - This is for tweaking Nvidia graphic cards, mandatory if you make any changes.



vplus.exe

vplus.exe - This is a freeware utility, it makes your ICQ skinnable.



NDETECT.EXE

NDETECT.EXE - This is part of Symantec internet security suite, it is installed into the registry as a hidden startup application it verifies internet connection to Symantec servers, after successful verification it will initiate liveupdate to seek updates, for a secure system this is important.



TFUNCKEY.EXE

TFUNCKEY.EXE - This deals with the function key combinations on a Toshiba laptop.



Fmctrl.EXE

Fmctrl.EXE - This is a live control panel, it enhances audio output through genius sound cards.



PowerS.exe

PowerS.exe - This is from the University of Ottawa, it is part of Biomech Planar motion analysis system for power analysis and graphing, this is non essential only terminate if causing problems.



MWProEng.exe

MWProEng.exe - This is Logitech mouseware pro software, only mandatory when using specific functions.



DoScan.exe

DoScan.exe - This is from Symantec antivirus corperate edition, it protects your system from internet bound threats, for a secure system this is important.



icserv.exe

icserv.exe - This is an internet cleaning utility issued by varios ISPs for their customers use.



NetPerSec.exe

NetPerSec.exe - This measures real time speed of your internet connection.



lsburnwatcher.exe

lsburnwatcher.exe - This is related to lightscride from HP, it supports lightscribe discs from your CD/DVD burner.



shicoxp.exe

shicoxp.exe - This is installed with drivers for card reader of various brands, this assigns and loads drive icons for various card slots that are displayed in Windows Explorer.



POPPeeper.exe

POPPeeper.exe - This lets you read your multi account hotmail and other server e-mails.



SBInst.exe

SBInst.exe - This is hotbar related.



VC5SecS.exe

VC5SecS.exe - This is from virtual CD it gives support for CD's and CD images, this is non essential only terminate if causing problems.



RocketTime.exe

RocketTime.exe - This synchronizes time software from rocket software.



ud_7174683.exe

ud_7174683.exe - This is used to install grid MP platform for United devices, this processes data for life science research projects.



SpyHunter.exe

SpyHunter.exe - This is a spyware remover of somewhat dubious repute.



WSCommCntr1.exe

WSCommCntr1.exe - This is an autodesk communication center.



EOUWiz.exe

EOUWiz.exe - This process is not visible it can be uninstalled in the control panel, this starts when Windows starts but is is not A Windows core program, this is able to record inputs, the danger with this process is 6%.



wkgdcach.exe

wkgdcach.exe - This is a Microsoft Works font cache.



CpRmtKey.EXE

CpRmtKey.EXE - This is a Dritek multimedia hotkey program.



MCUPDUI.EXE

MCUPDUI.EXE - This is a McAfee security center update UI.



TangoService.exe

TangoService.exe - There is not any information about this files maker, this is not visible,and it is not a Windows system file, this process is able to hide itself its danger is 6%.



TRIGGAG.EXE

TRIGGAG.EXE - This is not visible, and it is not a Windows system file, this listens for or sends data on open ports to LAN or internet, this can hide itself, monitor other programs, and manipulate other programs, the danger of this is 6%.



OLRegCap.EXE

OLRegCap.EXE - This is related to Intuit INC.



VCSW.exe

VCSW.exe - This is from Sony VAIO systems.



niSvcLoc.exe

niSvcLoc.exe - This is related to National instruments Corp.



msqdevl.exe

msqdevl.exe - This is easy search adware.?



spnpinst.exe

spnpinst.exe - This is Microsoft peer to peer custom setup.



SsAAD.exe

SsAAD.exe - This is related to Sonic Stage from Sony, it is advanced music managment software.



SayTime.exe

SayTime.exe - This process has audio cues for the system clock in male and female voices, it customizes the appearance of the system clock, this can sychronize to a time server.



Help.exe

Help.exe - This is added by the backdoor AntiLAM.20.



NALWIN32.EXE

NALWIN32.EXE - This is part of Novell's Zenworks.



easyclip6.exe

easyclip6.exe - This is a Lotus organizer easyclip.



Aware.exe

Aware.exe - This is an adware scanner and remover from Lavasoft, it should not be stopped while running.



VVSN.exe

VVSN.exe - This advertising program is from WhenU, it watches what you do online then sends the information back to its amin server, it also prompts advertisments, this is a risk you should remove it.



Skdaemon.exe

Skdaemon.exe - This is a multi functon keyboard driver, it provides the use of programable keys on multimedia keyboards, mandatory if you use the additional keys.



WhatPulse.exe

WhatPulse.exe - This sends statistics on how much you type on your computer and ranks you based on that, it doesn't log your key strokes it only counts them.



ESB.exe

ESB.exe - This provides functionality on certain laptops that have addtional keys, not mandatory unless you have extra keys.



PCCWIN97.EXE

PCCWIN97.EXE - This is from Trend Micro antivirus.



MSDEV.EXE

MSDEV.EXE - This is added by the variant of the WIN32.RBOT worm.



AdmilliServ.exe

AdmilliServ.exe - This is part of Admilli service adware, it gathers information about your surfing habits, it is a risk you should remove it.



CAgent32.exe

CAgent32.exe - This is from Centenial Discovery, it monitors software licenses on the local machine for analysis, this way records can be kept of company software assets, this is non essential only terminate if causing problems.



IEPrivacyKeeper.exe

IEPrivacyKeeper.exe - This keeps your browser safe from browser hijacks from spyware and stuff like that.



services32.exe

services32.exe - This is added by RBOT-MB worm.



ChkMail.exe

ChkMail.exe - All Asus notebooks have this preinstalled.



IDriverT.exe

IDriverT.exe - This is related to Macrovision Corporation.



BACKWEB.EXE

BACKWEB.EXE - This is related to an application from Backweb technologies, it comes with a large number of desktops it is used to detect downloaded available updates.



WINKEY.EXE

WINKEY.EXE - This is from Copernic technologies, it maps out Windows hotkey combinations, this is non essential.



PIDUNHK.EXE

PIDUNHK.EXE - This is part of Prodigy internet software, it is part of the dialer DUN it is needed for users of that service otherwise you may not be able to connect, although you might try creating your own shortcut.



untray.exe

untray.exe - THis is part of Command antivirus.



sysdxvid.exe

sysdxvid.exe - This is a premium rate adult content dialer.



jconfigdNT.exe

jconfigdNT.exe - This is related to Hummingbird Ltd.



SearchUpgrader.exe

SearchUpgrader.exe - This is a hijacker this means it will intermittently change your internet explorer settings, this is usually installed with your consent diguised as something else, it is a risk you should remove it.



pddlghlp.exe

pddlghlp.exe - This is a dialog helper from powerdesk pro by Ontrack, it helps open and save as dialog boxes by showing recently used files and folders.



BestPopupKiller.exe

BestPopupKiller.exe - This is a popup killer by dubious repute by Swanksoft.



BullGuard.exe

BullGuard.exe - This is an antivirus program and a firewall.



AdmilliKeep.exe

AdmilliKeep.exe - This is part of the Admilli service adware, it gathers information about your surfing habits, it is a risk you should remove it.



atnthost.exe

atnthost.exe - This is related to WebEx.



sfmsvc.exe

sfmsvc.exe - This is a Windows NT Macintosh file server service.



JSFMAN.EXE

JSFMAN.EXE - This is a Jetfax Manfax32 application.



RAMpage.exe

RAMpage.exe - This is a small Windows utility it displays the amount of available memory in an icon in the system tray, it can also free memory by double clicking the tray icon, or by setting a threshhold that activates the program automatically, or by having it run automatically when an application exits.?



VMISrv.exe

VMISrv.exe - This is from Sony VAIO computers.



dnetc.exe

dnetc.exe - This is part of the distributed net application, it shares projects over networks, and the intertnet, this is non essential.



WinPatrolEx.exe

WinPatrolEx.exe - This watches your stsartup, BHO's, services, scheduled tasks, file types, internet explorer-start page and hosts file for any charges, it allerts these changes and asks if you want to restore.



maxmem.exe

maxmem.exe - This is one of the many utilities from AnalogX, it is a freeware memory manager and a defragger.



WinAdAlt.exe

WinAdAlt.exe - This is an advertising program, it watches what you do online then sends the information back to its main server, it also prompts advertisments, it is a risk you should remove it.



ServUTray.exe

ServUTray.exe - This is a system tray icon for serve U FTP server.



pphidpad.exe

pphidpad.exe - This is Penpower chinese handwriting recognition software.



OLSYSTRAY.EXE

OLSYSTRAY.EXE - This is an internet based data back up system, when you shut off your computer you are prompted as to wether you want to back up your data then automatically shut down, otherwise you have to remember to do the back up.



AudioDeck.exe

AudioDeck.exe - This is a VIA system soundcard tray access to, for example, volume slider controls as normaly provided by the speaker icon, also configures speaker positioning, not required unless you adjust your settings, otherwise available on the standard icon.



mssearchnet.exe

What is it?

mssearchnet.exe is associated with the Trojan virus zlob.D

What does it do?

From semantec:

"When Trojan.Zlob.D is executed, it performs the following actions:

  1. Attempts to copy itself as the following file:

    %System%mssearchnet.exe

    Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).

  2. Drops the following file, which is a Windows type library:

    %System% compat.tlb

  3. Adds the value:

    "kernel32.dll" = "[TROJAN FILE NAME]"

    to the registry subkey:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerRun

    in an attempt to ensure that it runs every time Windows starts... ..."

More info and removal:

Read more about Trojan.zlob.D and how to remove it [url=http://securityresponse.symantec.com/avcenter/venc/data/trojan.zlob.d.html]@ Symantec[/url]



WindowsSearch.exe

What is it?

WindowsSearch.exe is associated with the Microsoft Network search toolbar application.

What does it do?

"The helps you browmsn toolbar se smarter and use the web more efficiently."

More info:

Read more about msn search toolbar at [url=http://toolbar.msn.com/]msn.com[/url]



Shell=Explorer.exe

What is it?

Shell=Explorer.exe is associated with windows registry settings.

What does it do?

The Shell=Explorer.exe setting is usually followed by another .exe filename so that the file loads with windows explorer.

Windows explorer.exe is a valid windows file however the additional file is usually associated with/or is a file infected with malware.

More info:

For windows 9x/ME

There should be a line in system.ini that reads "shell=exlorer.exe" with nothing else!

If there is a file following the shell=exlorer.exe comment search for a discription of that filename our [url=http://service.iamnotageek.com/search.php]services[/url] and [url=startup.iamnotageek.com]startup[/url] database.

For windows NT, XP and windows 2k

You will find the shell=explorer.exe line in the following registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsNTCurrentVersionWinlogon



WindowsSearchIndexer.exe

What is it?

WindowsSearchIndexer.exe is associated with the MSN search toolbar.

What does it do?

From MSN:

"MSN Search Toolbar with Windows Desktop Search includes three toolbars that will change the way you search your PC and the Web. You can search from: Internet Explorer, Windows Explorer, Outlook and Your desktop."

More info:

Read more about msn search toolbar at [url=http://toolbar.msn.com/]msn.com[/url]



nvctrl.exe

What is it?

nvctrl.exe is associated with several variants of the Trojan.zlob browser hijacker.

What does it do?

From Symantec:

"When Trojan.Zlob.E is executed, it perfroms the following actions:


Drops the following files:


%System% compat.tlb
%System%msvol.tlb
%System%hp[RANDOM].tmp

Notes:
%System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
The variable [RANDOM] refers to a sequence of 4 randomly generated numbers or letters.


Adds the value:

"nvctrl.exe" = "nvctrl.exe"

to the registry subkey:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerRun

in an attempt to ensure that it runs every time Windows starts... ..."


More info and removal:

Read more about trojan.zlob's hijacker variants and how to remove them [url=http://securityresponse.symantec.com/avcenter/venc/data/trojan.zlob.e.html]@ Symantec[/url]



sdhelp.exe

What is it?

sdhelp.exe is associtated with pctools spyware doctor application.

What does it do?

From pctools.com:

"Spyware Doctor is a top-rated malware & spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, trojans, keyloggers, spybots and tracking threats."

More info:

Read more about Spyware Doctor at [url=http://www.pctools.com/]pctools.com[/url]



mDNSResponder.exe

What is it?

mDNSResponder.exe is associated with Apple Itunes.

What does it do?

Component needed for music sharing.

More info:

For more info about Apple Itunes vissit [url=htt://www.apple.com/itunes/]apple.com[/url]

Not necessary for windows to run, if you use Itunes frequently you should keep it installed.



googletalk.exe

What is it?

googletalk.exe is associated with the Google Talk application

What does it do?

Google Talk enables you to call or send instant messages to your friends for free–anytime, anywhere in the world. Google Talk offers you:

  • Choice: Get in touch over email, IM or a call

  • Quality: Talk through your computer but hear your friends as if they were in the same room

  • Convenience: Your Gmail contacts are pre-loaded into Google Talk so inviting or talking to your friends is just a click away

More info:

For more info about googletalk vissit [url=http://www.google.com/talk/]google.com[/url]



fsbwsys.exe

What is it?

fsbwsys.exe is associated with F-secure antivirus application

What does it do?

Needed for F-secure, if you installed f-secure keep it.

More info:

For more info about F-secure Antivirus and other F-Secure app's visit: [url=http://www.f-secure.com/]F-secure.com[/url]



HPWirelessMgr.exe

What is it?

HPWirelessMgr.exe Is associated with Hewllet-Packard Wireless communications software.

What does it do?

Required for propper opperation of the wireless hardware built into some HP notebooks.

More info:



apdproxy.exe

What is it?

apdproxy.exe is associated with the Adobe Photoshop Album starter 3.0 software.

What does it do?

From Adobe:

"Quickly share your photos with family and friends, fix flaws in seconds, and view all your photos in one convenient place."

More info:

Read more about adobe photoshop album [url=http://www.adobe.com/products/photoshopalbum/overview.html]@ adobe.com[/url]



NSCSrvce.exe

What is it?

NSCSrvce.exe is associated with the Norton Internet Security Suite application.

What does it do?

Norton Internet Security software; it's your firewall and antivirus protection, needed to protect against all those nasties.

More info:

Read more about Norton internet security software [url=http://www.symantec.com/home_homeoffice/products/internet_security/index.html]@ semantec.com[/url]



aolsoftware.exe

What is it?

The general concensus on the net is that aolsoftware.exe belongs to a legitimate 3rd party application from AOL, however there may be a virus infection related to aolsoftware.exe

What does it do?

aolsoftware.exe may be an infected file associated with the internet worm SDBOT.COV

The worm targets the registry to ensure that the code is executed each time windows loads. WORM_SDBOT.COV may also be associated with the startpage-IH virus.

More info and removal:

[url=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.COV]here[/url] is info at trendmicro.com regarding worm_sdbot.cov



NMBgMonitor.exe

What is it?

NMBgMonitor.exe is associated with Nero Vision; Nero Home and Nero Scout multimedia applications.

What does it do?

The word is that NMBgMonitor.exe is Nero Media Background Monitor. Although that title is just speculation,
there is a notion that the file is part of Nero Scout media monitor. This app constantly checks for new
media files such as .mp3, .avi and .mpeg etc... so that it can create a database of available media files for easy access.

This might create bottlenecks or use up system resources. If you don't use the Nero Media database you might free up
some cpu cycles and memory a little by turning it off.

More info:

Read more about Nero software @ nero.com



GetFlash.exe

What is it?

GetFlash.exe is associated with Macromedia Flash plugins

What does it do?

Manages updates for flashplayer /shockwave.

More info:

Find more info about Shockwave and flashplayer @ macromedia.com



HP Wireless Assistant.exe

What is it?

HP Wireless Assistant.exe is software included with some HP notebooks and PC's

What does it do?

The wireless assistant handles communication and configuration for different wifi devices
such as bluetooth wlan etc...

More info:

Find out more regarding HP wireless solutions @ hp.com



BROADC~1.EXE

What is it?

BROADC~1.EXE is associated with Nokia pc suite software.

What does it do?

PC suite provides a number of features for sharing and updating information between your pc and various nokia phones.
The features vary according to each phone model.

More info:

For more info about Nokia PC Suite Software vissit Nokia.com



sunprotectionserver.exe

What is it?

sunprotectionserver.exe is associated with Sunbelt software's Counterspy application

What does it do?

From Sunbelt:

"CounterSpy detects, deletes and protects you against spyware."

More info:

Read more about Counterspy @ http://www.sunbelt-software.com/



sunThreatEngine.exe

What is it?

sunThreatEngine.exe is associated with Sunbelt Software's CounterSpy application.

What does it do?

From Sunbelt:

"CounterSpy detects, deletes and protects you against spyware."

More info:

Read more about counterspy @ http://www.sunbelt-software.com



SecuritySuite.exe

What is it?
SecuritySuite.exe is associated with Ewido SecuritySuite ~ anti-malware software.

What does it do?

Protects yourr PC from malware, trojans and viruses. Able to scan any file or the whole hard drive.

Search for already installed and active Trojans etc... The purchased product "PLUS" version includes an active gaurd that monitors and scans files before they are accessed and or executed.

Even the free version of ewido "anti-malware" ~(formerly known as "Security-Suite") protects you from over 230,000 individual Mal-ware entities.

More info:

Read more about Ewido Anti-Malware @ http://www.ewido.net



sunserver.exe

What is it?

sunserver.exe is associated with Sunbelt Software's CounterSpy.

What does it do?

From Sunbelt:

"CounterSpy detects, deletes and protects you against spyware."

More info:

Read more about Sunbelt Software's Counterspy @ http://www.sunbelt-software.com



GoogleDesktopMail.exe

What is it?

GoogleDesktopMail.exe is associated with Google desktop software.

What does it do?

Provides a desktop interface for Gmail.

More info:

Read more about Google Desktop software @ google.com



SR_GUI.exe

What is it?

SR_GUI.exe is associated with CheckPoint Software's Secure Remote application.

What does it do?

Provides secure file attachments and communications incryption for secure remote correspondence via the net or direct dialup.

More info:

Read more about Secure Remote software @ Checkpoint.com



ALUSchedulerSvc.exe

What is it?

ALUSchedulerSvc.exe or "Live Update" is associated with Symantec's security software.

What does it do?

Symantec Live Update Scheduler handles regularly scheduled automatic software and virus definition updates.

More info:

Read more about Symantec's applications @ symantec.com



DEVDET~1.EXE

What is it?

DEVDET~1.EXE is a truncation of devdetect.exe, this file is associated with ACD System's image managment software.

What does it do?

Monitors the system for devices, if one is connected and devdetect.exe is running, ACD systems Image managment software can open and view, download or otherwise "manage" images and media from the device.

From ACD Systems:
"
The first time you connect a device to your computer, if there are files on your device, the Device Synchronization Wizard will work in conjunction with ACDSee's Device Detector to configure and profile your device. To perform the initial configuration, Device Detector needs to be active. If you choose not to use Device Detector, you can acquire your images using the Acquire Wizard"

More info:

Read more about ACD System's image management software @ ACDsystems.com



EspaceWanadoo.exe

What is it?

EspaceWanadoo.exe is software associated with an internet provider called Wanadoo.

What does it do?

Wanadoo's software provides connection configuration and other "kit" for their Internet Services.

More info:

Check out this google search for more info about Wanadoo Internet services.



CeEPwrSvc.exe

What is it?

CeEPwrSvc.exe is associated with Toshiba power management software.

What does it do?

must have something to do with a laptops battery and how it's power is managed.
Hopefully so that the battery lasts longer, because we all know a laptop's battery needs to last longer ;)

More info:

Since not much is known about this file at this time, keep an eye on this google search for any association with malware.



winstall.exe

What is it?

winstall.exe is associated with a trojan horse downloader and several internet worms.

What does it do?

The worm that dropped winstall.exe on your drive also added reg settings to ensure that winstall.exe ran at windows startup.

Winstall.exe adds a popup to your desktop exclaiming that your computer is infected while offering purchasable software to remove the infection.

Do not buy into this! go to www.trendmicro.com and run "housecall free online scan" Also review their recommendations for removing the related "Grayware" infection.

More info:

Check out this google search for more info about winstall.exe

See what trend micro has to say about winstall.exe



FreeRAM XP Pro.exe

What is it?

(FreeRam XP Pro.exe) is a freeware Memory Management application for windows XP.

What does it do?

From Yourwaresolutions:
Freeware application to free and optimize your computer's RAM (Random Access Memory), resulting in an increase in system performance and productivity.

More info:

Read more about (FreeRam XP Pro.exe) @ yourwaresolutions.com



nSvcAppFlt.exe

What is it?

nSvcAppFlt.exe is associated with Nvidia Forceware.

What does it do?

Active armor? some kinda popup for the firewall. Keep it unless there are conflicts with your windows firewall.

More info:



epm-dm.exe

What is it?

epm-dm.exe is associated with Acer Labs Empowering Technology applications.

What does it do?

From Acer Labs:

"Acer Empowering Technology is exlusive to the Acer notebook range and integrates frequently used functions into a single easy to use interface."

More info:

Read more about Acer Labs Empowering Technology @ acer.com



TMERzCtl.EXE

What is it?

TMERzCtl.EXE associated with Toshiba mobile extensions.

What does it do?

More info:

Found in Toshiba laptop Mobile extension folder ToshibaTME3.



WinRemote.exe

What is it?

WinRemote.exe is associated with InterVideo's WINDVD application.

What does it do?

Needed for the WIN DVD remote control.

More info:

Read more about windvd's remote control @ intervideo.com



TvsTray.exe

What is it?

TvsTray.exe is associated with Toshiba laptop software.

What does it do?

Toshiba sound system's windows tasbar tray icon.

More info:



OProtSvc.exe

What is it?

OProtSvc.exe is associated with Intel Proset wireless software.

What does it do?

More info:



YahooWidgetEngine.exe

What is it?

YahooWidgetEngine.exe is associated with the cross platform Yahoo desktop accessories application.

What does it do?

From yahoo:
The Yahoo! Widget Engine (formerly known as Konfabulator) is a JavaScript runtime engine for Windows and Mac OS X that lets you run little files called Widgets that can do pretty much whatever you want them to. Widgets can be alarm clocks, calculators, can tell you your WiFi signal strength, will fetch the latest stock quotes for your preferred symbols, and even give your current local weather.

More info:

Read more about yahoo widgets @ widgets.yahoo.com



SPAMPAL.EXE

What is it?

SPAMPAL.EXE is associated with a mail classification program called spampal.

What does it do?

SpamPal sits between your email program and your mailbox, checking your email as you retrieve it. Any email messages that SpamPal considers to be spam will be "tagged" with a special header; you simply configure your email client to filter anything with this header into a separate folder and your spam won't be mixed up with the rest of your email anymore!

More info:

Read more about spampal @ spampal.org



IR.EXE

What is it?

IR.EXE is associated with Infrared communications software for various hardware accessories such as lego mindstorm and HP 200LX.

What does it do?

Probly the protocol and driver for the IR trasnceiver.

More info:

There are many reports linking IR.EXE with several viruses and trojans. This is because the viruses attempt to terminate processes including IR.EXE
It is not currently "at the time of this writing" associated with malware.



ashSimpl.exe

What is it?

ashSimpl.exe is associated with Avast antivirus software.

What does it do?

Avast Antivirus "is designed to protect your system and valuable data against computer viruses."

More info:

Read more about Avast antivirus software @ avast.com



TPHDEXLG.EXE

What is it?

TPHDEXLG.EXE is associated with IBM thinkvantage active protection software.

What does it do?

From IBM: "air-bag like protection for your hard drive"

More info:

Read more about ThinkActive protection software @ IBM.com



SmartUI.exe

What is it?

SmartUI.exe is associated with Nuance ~formerly (Scansoft) applications for imaging devices.

What does it do?

User interface for scanner

More info:

Read more about scansoft's applications @ scansoft.com



KKMAN.exe

We're not completely sure what this is right now. It appears to be a freeware application from a company based out of Taiwan. None of the HJT related threads I've found have called this out as a "bad" item so we are going to list this as safe until otherwise noted by our staff members.



razerofa.exe

What is it?

razerofa.exe is associated with Razer mouse drivers.

What does it do?

Drivers are software required to run hardware devices.

More info:



rapimgr.exe

What is it?

rapimgr.exe is part of microsoft ActiveSync synchronisation software.

What does it do?

Synchronisation software is used to transfer and update data between a pc and mobile device such as a pda or mobile phone.

More info:



Tmesbs32.exe

Tmesbs32.exe is a part of Toshiba laptop software that belongs to your CD/DVD writer.



nost_LM.exe

nost_LM.exe is the Manager for the Belkin Nostromo n50 SpeedPad game controller. This file will allow you to edit a number of settings related to your controller.



wmonitor.exe

wmonitor.exe belongs to a wifi monitor that is commonly distributed by earthlink. A number of configuration settings related to your wireless adapter.



Updates from HP.exe

Updates from HP.exe is something similiar to backweb.exe which provides updates and might provide HP with additional information.



newsLeecher.exe

newsLeecher.exe About NewsLeecher:
NewsLeecher is a tool made for fetching and managing articles from the Usenet. It downloads Usenet articles in a snap, and uses it's inline engine to assemble and decode all the downloads. The powerful featureset and state-of-the-art user interface makes it an application "you simply can't live without" if you are a serious Usenet user.

More information



BrMfcWnd.exe

BrMfcWnd.exe is installed alongside brother printer software and allows for a number of configuration changes.



KeyboardSurrogate.exe

KeyboardSurrogate.exe is a Tablet PC component. If you do not have a tablet PC or a similiar writing device installed you should disable this process.



shwserv.exe

shwserv.exe is a process belonging to Sony's gigapocket

Sony’s Giga PocketTM personal video recording application revolutionizes the way you watch television by turning your PC into a multimedia entertainment center. Using this software, you can watch live TV, record shows onto the hard drive for viewing at a later time, even plan future recording with an Internet TV programming guide. To top it all off, this last feature also enables you to watch television while video is being recorded on your PC.

More information



ventrilo.exe

What is it?

ventrilo.exe is associated with Audio communications software

What does it do?

Ventrilo 2.3.0 is the next evolutionary step of Voice over IP (VoIP) group communications software. Ventrilo is also the industry standard by which all others measure them selves as they attempt to imitate it's features. ~think, QuakeCON Team Chat and VIOP..

More info:

Read more about ventrilo at www.ventrilo.com



g2comm.exe

What is it?

g2comm.exe is associated with Citrix GoToMyPC remote access software.

What does it do?

GoToMyPC Personal allows you to remotely access your computer from any other Internet-connected computer in the world with almost any operating system through a secure, private connection.

More info:

Read more about GoToMyPC @ www.gotomypc.com



hprblog.exe

What is it?

hprblog.exe is associated with HP digital imaging device software.

What does it do?

provides additional configuration options for hp digital imaging devices.



boincmgr.exe

What is it?

boincmgr.exe is associated with distributed computing software such as Seti at home.

What does it do?

Manages work units, communications and result presentation.

More info:

Read more about seti at home here



PlaxoHelper.exe

Plaxo doesn't appear to do anything behind the scenes that you need to know about.

Here is a quote from the product page:

Plaxo Basic is Plaxo's core service and is free to everyone who joins. You update your info, your friends update theirs, and everyone stays in touch! Download any of the toolbars below to access a single up-to-date address book across all of the applications you use.

  - Update your address book when friends change their contact info
  - Update friends' address books when your contact info changes
  - Sync your contacts, calendar, tasks, notes across Plaxo-enabled applications
  - Get reminded of a friend's birthday just a few days before
  - Receive a Plaxo alert whenever a contact's info has changed

More information can be found here



MsMpEng.exe

MsMpEng.exe is one of the core files to windows defender which is the microsoft anti spyware software.



MSASCui.exe

MSASCui.exe is a part of the windows defender program which runs in the background to protect you from spyware.



SCHED.EXE

SCHED.EXE is the scheduler process for F-Prot anitvirus. If you use manual scans you really don't need this.



igfxsrvc.exe

igfxsrvc.exe is the process for igfxsrvc Module which belongs to the software Intel(R) Common User Interface



dcomcfg.exe

dcomcfg.exe is a trojan. If you have this please head over to our forum for help removing this



HPQSTE08.EXE

HPQSTE08.EXE is yet another HP process related to your camera or printer which is used for extra configuration options.



atmclk.exe

atmclk.exe belongs to an advertising application that logs your browsing habits and reports back to a central server. This will also create popups while you're browsing. Get over to our forum right away for help removing this one.



RTHDCPL.EXE

RTHDCPL.EXE belongs to Realtek HD Audio Control Panel. You don't need this process running but it will allow you to configure your sound through a taskbar icon. If you're trying to free up resources I'd kill this one from your startup.



livesrv.exe

livesrv.exe is a part of BitDefender Security update service. There are some reports of a trojan using this file name so you will want to double check this.



OFFPROV.EXE

OFFPROV.EXE is a part of Microsoft Office and it is used to help share files between the various office applications.



SMSystemAnalyzer.exe

SMSystemAnalyzer.exe is part of System Mechanic Professional from iolo.com. "Whether you are looking to find and fix stubborn computer problems; clean-up, compact, and defragment your registry; defragment your hard drive and memory; speed up Windows and the Internet; protect your e-mail and computer from viruses, worms, spyware, and hackers; secure your PC; or perform a variety of critical system maintenance tasks; the award-winning System Mechanic Product Family has the right tools for the job."



stsystra.exe

stsystra.exe is the SigmaTel audio system tray application and isn't needed unless you frequently change your audio settings.



verclsid.exe

verclsid.exe first started popping up around April 11th 2006 with MS update KB 908531

• This security update introduces a new file, Verclsid.exe. Verclsid.exe is used to verify a COM object before it is instantiated by Windows Explorer.

• This security update includes a Defense in Depth change which ensures that prompting occurs consistently in Internet zone drag and drop scenarios.



PNMSRV.EXE

PNMSRV.EXE is a process belonging to panda platinum internet security Quote: "The new Panda Platinum 2006 Internet Security offers the most effective protection against viruses, spyware, hackers, phishing, spam and other Internet threats , so you enjoy the Internet with peace of mind. To guarantee your security, it offers a double layer of protection against unknown viruses and intruders through its TruPrevent™ Technologies."



TPSrv.exe

TPSrv.exe is a part of Panda Platinum. QUOTE: "The new Panda Platinum 2006 Internet Security offers the most effective protection against viruses, spyware, hackers, phishing, spam and other Internet threats , so you enjoy the Internet with peace of mind. To guarantee your security, it offers a double layer of protection against unknown viruses and intruders through its"



DLLML.exe

DLLML.exe is a DLL loader installed when you install the creative software. You really don't need it so if your trimming resource usage go ahead and remove this one too.



Netmon.exe

We Don't know! Please post a comment with information about this file



utorrent.exe

We Don't know! Please post a comment with information about this file



CALMAIN.exe

We Don't know! Please post a comment with information about this file



hpqimzone.exe

Yet another HP configuration tool. Its rediculous how many different processes HP installs. This one is not needed.



CTXFISPI.EXE

Creative Audio hardware configuration



ATKKBService.exe

We Don't know! Please post a comment with information about this file



aim6.exe

We Don't know! Please post a comment with information about this file



fsrw.exe

We Don't know! Please post a comment with information about this file



TosA2dp.exe

We Don't know! Please post a comment with information about this file



boinc.exe

We Don't know! Please post a comment with information about this file



CTXFIHLP.EXE

We Don't know! Please post a comment with information about this file



fsguidll.exe

We Don't know! Please post a comment with information about this file



fsaw.exe

We Don't know! Please post a comment with information about this file



vmount2.exe

We Don't know! Please post a comment with information about this file



ventc.exe

We Don't know! Please post a comment with information about this file



VProSvc.exe

We Don't know! Please post a comment with information about this file



RoxMediaDB.exe

We Don't know! Please post a comment with information about this file



RoxWatch.exe

We Don't know! Please post a comment with information about this file



WLanCfgG.exe

This is a wireless LAN configuration tool that has caused various error messages for some people. If you are having problems with it uninstall the wireless configuration tool and download the latest version from the manufacturers site and try again.



ApacheMonitor.exe

We Don'