Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Windows startup programs - Database search

If you're frustrated with the time it takes your Windows 10/8/7/Vista/XP PC to boot and then it seems to be running slowly you may have too many programs running at start-up - and you have come to the right place to identify them. This is the original start-up programs (as opposed to processes/tasks) list - one of the most accurate and comprehensive. Services are not included - see below. For further information on this and how to identify and disable start-up programs please visit the Introduction page.

See here for further information on random entries - which are typically added by viruses and other malware or unwanted programs.

Last database update :- 31st May, 2017
51499 listed

You can search for any of the following terms to find and display entries in the start-up programs database but the minimum search is 3 characters and you must click on the "Search" button. Results are sorted by the Startup Item/Name field.

Alternatively, you can browse the full database (without the search facility) over a number of pages or you can use the alphabetical index below to list the entries for that letter by the Command/Data field, but the results may take longer to appear due to the number of them:

A | B | C | D | E | F | G | H | I | J | K | L | B | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

NOTE: Searching for common words (i.e. "the" or "where") will mean the results take longer to appear due to the number of them.

Please click on the Search button

1049 results found for H

Startup Item or Name Status Command or Data Description Tested
GoogleXh**p://advgoogle.blogspot.com/Detected by Intel Security/McAfee as W32/Yahlover.worm.gen.k and by Malwarebytes as Worm.SohanadNo
ZYXh**p://qq.qqqqqq.cn/zDetected by Intel Security/McAfee as RDN/Generic.bfr!fg and by Malwarebytes as Trojan.StartPage. Note that we've modified the target URL to replace the http with h**pNo
gghXh.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!hw and by Malwarebytes as Backdoor.Agent.DCENo
Synchronization loader lokdXh2m6w5s.exeAdded by the SDBOT.ACG WORM!No
MW2TI786ZDYHMXh2Z56SfbC.exe.lnkDetected by Intel Security/McAfee as RDN/Generic.bfg!c and by Malwarebytes as Backdoor.Agent.ENo
WINDOWS SYSTEM CleanerXh3.exeAdded by the MYTOB.EQ WORM!No
MicroSoft sys3s1Xh4ckn3t.exeDetected by Trend Micro as WORM_RBOT.GHF. The file is located in %System%No
h4te Service DriversXh4te.exeAdded by a variant of Backdoor:Win32/RbotNo
h7uvy4y8ucXh7uvy4y8uc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%No
h8k9vwcv9.exeXh8k9vwcv9.exeDetected by Malwarebytes as Trojan.Downloader. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
protectionXHabbo Crédits Gratuits.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Backdoor.BotNo
protection2XHabbo Crédits Gratuits.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.Injector.SMNo
HKLMXHabboScripting.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\MicrosoftNo
PoliciesXHabboScripting.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\MicrosoftNo
HKCUXHabboScripting.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\MicrosoftNo
3-habibieXhabibie.exeDetected by Sophos as W32/Brontok-CRNo
hachimitsu-lemonXhachimitsu-lemon.exeAdded by the HACHILEM TROJAN!No
hack poolXhack pool.exeDetected by Dr.Web as Trojan.Siggen6.16423 and by Malwarebytes as Backdoor.Agent.ENo
hack pool.exeXhack pool.exeDetected by Dr.Web as Trojan.Siggen6.16423 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
hack-lol.exeXhack-lol.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Backdoor.Agent.CRPNo
sistemXHack.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %System%\System32 - see hereNo
HacKamas.exeXHacKamas.exeDetected by Intel Security/McAfee as RDN/Downloader.a!nl and by Malwarebytes as Trojan.Agent.HC. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
CORPSOFTXHacked.exeDetected by Intel Security/McAfee as RDN/Downloader.gen.a and by Malwarebytes as Trojan.Downloader.CPNo
HaCkeR FaCeBooK V1.0.exeXHaCkeR FaCeBooK V1.0.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Hacker.exeXHacker.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Backdoor.Agent.HCNo
hacker--JACKXhacker.exeDetected by Dr.Web as Trojan.Siggen6.33430 and by Malwarebytes as HackTool.Agent.ENo
HKLMXhacker.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\InstallDirNo
HKCUXhacker.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\InstallDirNo
hackjo#.exeXhackjo#.exeDetected by Malwarebytes as Trojan.Downloader.E - where # represents a digit. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts - see an example hereNo
UnHackMe MonitorUhackmon.exeUnHackMe by Greatis Software - "allows you to detect and remove any types of malicious software: Rootkits, Trojans, Backdoors, Viruses, Worm, Spyware, Adware, Google Search Redirects, Unwanted Programs, etc."No
HackMuFptXHackMuFpt.exeDetected by Sophos as Troj/SCLog-AGNo
loadXHACKO.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yj and by Malwarebytes as Backdoor.Agent.E. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "HACKO.exe" (which is located in %Windir%\WIN 7) and also adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" entry pointing to the same fileNo
svchostXHACKO.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yj and by Malwarebytes as Trojan.AgentNo
HKLMXHACKO.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yj and by Malwarebytes as Backdoor.HMCPol.GenNo
HKCUXHACKO.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yj and by Malwarebytes as Backdoor.HMCPol.GenNo
Hack_KRDXHack_KRD.exeDetected by Dr.Web as BackDoor.Tdss.10766 and by Malwarebytes as Backdoor.Agent.HKNo
hacugibcehaXhacugibceha.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!vg and by Malwarebytes as Trojan.Agent.USNo
Hades.exeXHades.exeDetected by Malwarebytes as Spyware.OnlineGames. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HaiDiXHaiDi.exeDetected by Intel Security/McAfee as RDN/Qhost-Gen!y and by Malwarebytes as Trojan.Agent.HDINo
haisoodXhaisood.exeAdded by the VB-FQS TROJAN!No
YJT3qWKc7iXhajabuly.exeAdded by the FAKEALER.IO TROJAN!No
hajuigirothaXhajuigirotha.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!va and by Malwarebytes as Trojan.Agent.USNo
Ultra Hal Assistant [version] StartupNHalAsst.exeUltra Hal Assistant by Zabaware, Inc. - artificial intelligence conversation simulator. It is capable of being your digital secretary and companionNo
Ultra Hal StartupNHalAsst.exeUltra Hal Assistant by Zabaware, Inc. - artificial intelligence conversation simulator. It is capable of being your digital secretary and companionNo
HalflifeXhalflife2.exeDetected by Sophos as W32/Agobot-OC. Note - this file is not associated with Valve Corporation's Half-Life 2 gameNo
HalloweenDesktopUHalloweenDesktop.exeAnimated desktop gadget included with the Halloween theme for MyColors from Stardock CorporationNo
yeahdude.exeXhallowelt.exeDetected by Symantec as W32.HLLW.Gaobot.RS or W32.Gaobot.SANo
LogMeIn Hamachi UiUhamachi-2-ui.exeLogMeIn Hamachi remote control and VPN software - "is a hosted VPN service that lets you securely extend LAN-like networks to distributed teams, mobile workers and your gamer friends alike"No
hamachiUhamachi.exeLogMeIn Hamachi remote control and VPN software - "is a hosted VPN service that lets you securely extend LAN-like networks to distributed teams, mobile workers and your gamer friends alike"No
hamasjotlothXhamasjotloth.exeDetected by Intel Security/McAfee as RDN/Ransom!ej and by Malwarebytes as Trojan.Agent.USNo
HaMFrontPanelUhampanel.exeDisplays a panel simulating modem lights for the Intel HaM internal modem. The lights are useful as a reminder to disconnect from the net if you are likely to forget, but otherwise pointlessNo
HAMPUSXhampus2.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!eq and by Malwarebytes as Backdoor.Agent.HMPNo
JOVOXhampus2.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!eq and by Malwarebytes as Backdoor.Agent.HMPNo
hamxomhuzwobXhamxomhuzwob.exeDetected by Intel Security/McAfee as RDN/Generic Downloader.x!hu and by Malwarebytes as Trojan.Agent.USNo
handlerfix70700en00.exeXhandlerfix70700en00.exeDetected by Intel Security/McAfee as FakeAlert-MalDoctor and by Malwarebytes as Trojan.FakeAlertNo
AndyNHandyAndy.exeAndy Android OS emulator which "breaks down the barrier between desktop and mobile computing, while keeping a user up to date with the latest Android OS feature upgrades"No
Handy UpdaterUHandyUpdater.exeDetected by Malwarebytes as PUP.Optional.Handy. The file is located in %ProgramFiles%\HandyUpdater. If bundled with another installer or not installed by choice then remove itNo
handywareXhandyware_su.exeDetected by Dr.Web as Trojan.DownLoader5.43523No
HanUpdateXhanz.exeDetected by Sophos as W32/Rbot-GLJNo
UpdateXhanz.exeAdded by a variant of the RBOT-GLJ WORM!No
360ÍØÂÇ°²È«Xhaokan.exeDetected by Intel Security/McAfee as Generic.dx!b2c4 and by Malwarebytes as Trojan.FlyStudioNo
winterXhappy.exeDetected by Sophos as W32/Sdbot-YFNo
happy.exeXhappy.exeDetected by Dr.Web as Trojan.Siggen6.21755 and by Malwarebytes as Trojan.Agent.Gen. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Windows svchostXhappy2008.exeDetected by Microsoft as Worm:Win32/Pushbot.AM and by Malwarebytes as Backdoor.IRCBotNo
haqhamxocyqdXhaqhamxocyqd.exeDetected by Malwarebytes as Trojan.Inject. The file is located in %UserProfile%No
(Default)XHard Disk.exeDetected by Dr.Web as Trojan.Siggen6.20726 and by Malwarebytes as Backdoor.Agent.E. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %Windir%\SystemNo
HardBoanXHardBoan.exeHardBoan rogue security software - not recommended, removal instructions hereNo
HardcoreVideos_grXhardcorevideos_gr.exeDetected by Malwarebytes as Riskware.Dialer. The file is located in %ProgramFiles%\dialers\hardcorevideos_grNo
HardInstallsilentXhardinstall-silent.exeDetected by Malwarebytes as Trojan.Agent.UKN. The file is located in %LocalAppData%\InstallNo
HardInstall-silentXhardinstall-silent.exeDetected by Malwarebytes as Trojan.Agent.UKN. The file is located in %LocalAppData%\InstallNo
hardisk.exeXhardisk.exeDetected by Dr.Web as Trojan.DownLoader10.653 and by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
hardscanSXhardscanU.exeHardScan rogue security software - not recommended. One of the OneScan family of rogue scanner programsNo
Hardware.exeXHardware.exeDetected by Intel Security/McAfee as Generic.bfr!cz and by Malwarebytes as Trojan.Banker.GenNo
HareUhare.exeHare - improve and optimize performance of desktop/laptop PCsNo
Logitech Harmony RemoteUHarmonyClient.exeLogitech Harmony advanced universal remoteNo
Logitech Harmony Remote Software 7UHARMON~1.EXELogitech Harmony Advanced Universal Remote controller softwareNo
HAHAHAXhartlell.batDetected by Dr.Web as Trojan.MulDrop3.51061 and by Malwarebytes as Trojan.AgentNo
startAPIXhartlell.batDetected by Dr.Web as Trojan.MulDrop3.51061 and by Malwarebytes as Trojan.AgentNo
PROCES1Xhasd.exeDetected by Intel Security/McAfee as RDN/Ransom!do and by Malwarebytes as Backdoor.Agent.ENo
hauxiatqe.exeXhauxiatqe.exeDetected by Malwarebytes as Trojan.Agent.BP. The file is located in %UserStartup%No
HawkLoggerXHawkLoggerClient.exeDetected by Sophos as Troj/MSIL-IJA and by Malwarebytes as Spyware.HawkEyeKeyLoggerNo
HawkEye IV Control PanelUHAWK_32.EXEControl Panel application for the old Number Nine graphics cards to change resolution, colour depth, etc.No
HawkEyeUHAWK_95.EXEControl Panel application for the old Number Nine graphics cards to change resolution, colour depth, etc.No
hollanXhaxer.vbsDetected by Dr.Web as Trojan.MulDrop5.2453 and by Malwarebytes as Trojan.Agent.ENo
haxor#.vbsXhaxor#.vbsDetected by Malwarebytes as Trojan.Agent.VBS - where # represents a digit. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts - see examples hereNo
hazqondibxaxXhazqondibxax.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile% - see hereNo
Handy BackupUhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 3.0Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 3.5Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 3.9Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 4,1Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 4.0Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 4.1Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 5.3Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 5.4Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 5.7Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup 6.0Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
Handy Backup Pro 1.1Uhbagent.exeHandy Backup - automatic backup of your critical data to virtually any type of storage media including CD-RW devices and remote FTP serversNo
GBDN SecurityXHBDN.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %Temp%No
HBServiceXHBInject.exeAdded by the ONLINEG.CRJ TROJAN!No
HbinstXHbinst.exeHotbar adware. The file is typically located in %ProgramFiles%\Hotbar\Bin\[version]No
HotbarXHbinst.exeHotbar adware. The file is typically located in %ProgramFiles%\Hotbar\Bin\[version]No
WINDOWS SYSTEM DNSPOOLXhbmail.exeAdded by the MYTOB.FW WORM!No
HbmhlyXHbmhly.exeAdded by unidentified malware. The file is located in %System%No
HotbarXHbOEAddOn.exeHotbar adware. The file is typically located in %ProgramFiles%\Hotbar\Bin\[version]No
Windows SoftwareXhbsppe.exeDetected by Sophos as W32/Rbot-GLLNo
HbToolsXHbtOEAddOn.exeHotbar adware - detected by Malwarebytes as Adware.HotBar. The file is typically located in %ProgramFiles%\HbTools\Bin\[version]No
WeatherOnTrayXHbtWeatherOnTray.exeHotbar adware - detected by Malwarebytes as Adware.HotBar. The file is typically located in %ProgramFiles%\HbTools\Bin\[version]No
HC ReminderNhc.exeFor Compaq PC's. Help Compiler, crunches help database, will run without being in startup when neededNo
HCDetectNHCDetect.exeMS HomeClick Network - simple home network setup and configuration program included with 3Com HomeConnect home networking products. Runs in the background for network printer notification, detection, and Internet Connection Sharing (ICS) taskbar icon. Not required - network can be set-up manually, also has a known memory leak problemNo
HCEmployeeUHce.exeHiddenCamera surveillance software. Uninstall this software unless you put it there yourselfNo
hcenXhcen.exeDetected by Kaspersky as Trojan-Dropper.Win32.Small.lr. The file is located in %System%No
tgcmdUhcenter.exeBellsouth (now AT&T) help center. Part of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"No
hcenterUhcenter.exeBellsouth (now AT&T) help center. Part of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"No
sampleXhchos.exeDetected by Sophos as Troj/Banker-EZUNo
hchosXhchos.exeDetected by Dr.Web as Trojan.DownLoader9.51117No
hclean32.exeXhclean32.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
spc_wNhcm.exeNetZero, BlueLight Interent and Juno Search Enhancements related by United Online, Inc. The file is located in %ProgramFiles%\**Search where ** represents NZ, BL and JU respectivelyNo
ATKHOTKEYUhcontrol.exeHotkeys on an ASUS Notebook. Only required if you use the additional keysNo
HcontrolUhcontrol.exeHotkeys on an ASUS Notebook. Only required if you use the additional keysNo
hcontrol32.exeXhcontrol32.exeAdded by the VB-EUF WORM!No
HControlUserUHControlUser.exeHotkeys on an ASUS Notebook. Only required if you use the additional keysNo
HiberMonitor?HCount.exeThe file is located in %Windir%No
HYLW32Xhcwn.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!m and by Malwarebytes as Backdoor.AgentNo
HCLW32Xhcwn.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %AppData%\iexplorerNo
hcsystrayNhc_tray.exeKuma Notifier for the Shootout! game from the History Channel. "It lets you know whenever there's a new episode that's been released or an announcement from the Kuma team. Just click it to get up-to-the-minute game and event information"No
hd audioXhd audio.exeDetected by Malwarebytes as Trojan.MSIL.MK. The file is located in %AppData%\hd audioNo
HD Audio.vbsXHD Audio.vbsDetected by Malwarebytes as Trojan.Dropper. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
BlueStacks AgentNHD-Agent.exeBlueStacks App Player Android OS emulator which "lets you run your favorite mobile apps fast and fullscreen in your browser and on PC"No
BlueStacks App PlayerNHD-FrontEnd.exeBlueStacks App Player Android OS emulator which "lets you run your favorite mobile apps fast and fullscreen in your browser and on PC"No
TaskmanXhd1.exeDetected by Trend Micro as WORM_PALEVO.SMFA and by Malwarebytes as Worm.Palevo. Note - this entry adds a HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Taskman" entry which loads the file "hd1.exe" (which is located in %Recycled%\{SID})No
HDAudioXhda.exeDetected by Total Defense as Win32.Tactslay.U. The file is located in %Windir%No
SRSHDAudioLabNHDAL.exeSRS HD Audio Lab (which became SRS Audio Essentials) from SRS Labs - "audio enhancement software for your PC. It features: sleek interface design with energized light pulses, surround sound-even from 2 speakers, using SRS Labs audio enhancement technology"No
Raccourci vers la page des propriétés de High Definition AudioNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. French versionNo
High Definition Audio Özellik Sayfası KısayoluNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. Turkish versionNo
High Definition Audio -ominaisuussivun pikakuvakeNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. Finnish versionNo
High Definition Audio Property Page ShortcutNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not requiredNo
HDAShCutNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not requiredNo
Snarvei til egenskapsside for High Definition AudioNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. Norwegian versionNo
Verknüpfung mit der High Definition Audio-EigenschaftenseiteNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. German versionNo
Genväg till egenskapssida för High Definition AudioNHDAShCut.exeHigh definition audio page shortcut for Realtek audio devices - not required. Swedish versionNo
High Definition Audio Function DriverXHdAudio.exeDetected by Dr.Web as Trojan.DownLoader10.16850 and by Malwarebytes as Trojan.AgentNo
HDAudioXHDAudio.exeDetected by Dr.Web as Trojan.MulDrop4.51987 and by Malwarebytes as PUP.HackTool.FlooderNo
AudioXhdaudio.exeDetected by Trend Micro as TSPY_BAMKRO.C and by Malwarebytes as Trojan.ZBAgent.ENo
HDAudDeckUHDAudioCPL.exeVista control panel for VIA Vinyl HD Audio Codecs from VIA Technologies, Inc - such as the VT1708BNo
Realtek High Definition Audio DriverXHDAudioDriver.exeDetected by Malwarebytes as Backdoor.NanoCore. The file is located in %AppData%No
hdaudio_driverXhdaudio_driver.exeDetected by ESET as Win32/Spy.Bizzana.A and by Malwarebytes as Trojan.AgentNo
Atalho para a Página de Propriedades do High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Portuguese versionNo
Raccourci vers la page des propriétés de High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. French versionNo
High Definition Audio Özellik Sayfası KısayoluUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Turkish versionNo
High Definition Audio 屬性頁捷徑UHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Chinese versionNo
High Definition Audio Property Page ShortcutUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be requiredNo
Snelkoppeling naar eigenschappenvenster voor High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Dutch versionNo
Skrót do strony właściwości High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Polish versionNo
Συντόμευση σελίδας ιδιοτήτων του High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Greek versionNo
Verknüpfung mit der High Definition Audio-EigenschaftenseiteUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. German versionNo
Genväg till egenskapssida för High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Swedish versionNo
Genvej til egenskabsside for High Definition AudioUHDAudPropShortcut.exeRealtek audio card related. Probably adds the odd feature to one of the "Sounds" Control Panel applet tabs - doesn't appear to be required. Danish versionNo
RealtekXHDCltp.exeDetected by Intel Security/McAfee as Backdoor-CEP.gen.ad. Note that this is not a valid Realtek processNo
hdcmdXhdcmd.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!ue and by Malwarebytes as Backdoor.Agent.DCENo
Hard drive ControllerXhdcontroller.exeAdded by the KIMAN.B WORM!No
RSD_HDDThermoNHDD Thermometer.exeFreeware hard disk thermometer from RSD Software that constantly monitors the temperature of the hard disk and takes the necessary measures to avoid overheating by providing warnings with alarm tones or switching off the computer or entering hibernation mode. No longer supportedNo
HSSDXhdd.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %ProgramFiles%\windowsNo
PoliciesXhdd.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\windowsNo
hdd.exeXhdd.exeDetected by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HDDAgentXHDDAgent.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %AppData%No
Ashampoo HDD Control GuardUHDDControlGuard.exePart of Ashampoo® HDD Control - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray accessYes
HDDControlGuardUHDDControlGuard.exePart of Ashampoo® HDD Control - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray accessYes
HDDControlGuard.exeUHDDControlGuard.exePart of Ashampoo® HDD Control - a hard drive monitoring utility which also incorporates defragmentation and cleaners for browsing history and unnecessary files. This entry loads the Ashampoo HDD Control Guard component on startup which runs in the background and monitors the hard drives and provides System Tray accessYes
HDDHealthUhddhealth.exeHDD Health is a "full-featured failure-prediction agent for machines using Windows 95, 98, NT, Me, 2000 and XP. Sitting in the system tray, it monitors hard disks and alerts you to impending failure"No
HDDlifeUHDDlife.exeHDDlife checks the health of your hard drives at regular intervals and informs you about the results of these checksNo
Icon AnimationNHDE.EXEPart of the old McAfee Utilities suite (based upon Nuts & Bolts). Provides entertaining animation of your desktop iconsNo
HDAudDeckUHDeck.exeControl panel for VIA Vinyl HD Audio Codecs from VIA Technologies, Inc - such as the VT1708BNo
HDeck MFC ApplicationUHDeck.exeControl panel for VIA Vinyl HD Audio Codecs from VIA Technologies, Inc - such as the VT1708BNo
System HelpXhdesk.exeDetected by Dr.Web as Trojan.DownLoader5.60373 and by Malwarebytes as Trojan.BankerNo
gdhdhdjhXhdfgfhfhd.exeDetected by Intel Security/McAfee as RDN/Ransom and by Malwarebytes as Trojan.Agent.RNDNo
hsgsgsgXhdhdgdg.exeDetected by Malwarebytes as Trojan.Agent.SBFGen. The file is located in %AppData%\subfolderNo
hdhehsahshXhdhehsahsh.exeDetected by Malwarebytes as Trojan.Banker.HDH. The file is located in %Windir% - see hereNo
serverXhdhhhr.exeDetected by Intel Security/McAfee as Generic.dx!bhrc and by Malwarebytes as Backdoor.AgentNo
HDInspector.exeNHDInspector.exeHard Drive Inspector by Altrixsoft - is "a powerful, effective and easy-to-use program that monitors hard drive health. In many cases it is able to warn the user about forthcoming disk failure in advance, thus preventing information loss"No
Hercules DJ SeriesNHDJSeriesCPL.exeControl Panel for the Hercules DJ Console SeriesNo
BUFFALO Power Save Utility for HDUHDManage.exePower Save utility for Buffalo backup hard discsNo
HDMICtrlMan?HDMICtrlMan.exeRelated to HD video support on some Toshiba laptops. What does it do and is it required?No
HDriveSweeperXHDriveSweeper.exeHDriveSweeper rogue privacy program - not recommended, removal instructions hereNo
Hard Disk SentinelNHDSentinel.exeHard Disk Sentinel - a multi-OS hard disk drive monitoring application. Its goal is to find, test, diagnose and repair hard disk drive problems, display hard disk health, performance degradations and failuresNo
HP Service DriversXhdsys.exeDetected by Sophos as W32/Sdbot-ZENo
YRWZCVSSXhdtegdgddsaxv.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!zt and by Malwarebytes as Backdoor.Agent.RNDNo
SystemUp HARDDISK GUARDNhdtray.exePart of SystemUp 2009 by Zonelink - HARDDISK Guard "monitors your local drives and gives detailed recommendations and performance reports regarding Health, Performance and Temperature of your drives." The file is located in %ProgramFiles%\zoneLINK\SystemUp 2009\HarddiskNo
HDtrayNHDtray.exeSystem tray access for the Philips Edge series soundcards - available via Windows Control Panel. The file# is located in %Windir%No
Gcodec MiniXhdupdater.exeDetected by Intel Security/McAfee as Generic.tfr!rNo
Bcvsrv32Xhe3.exeDetected by Trend Micro as WORM_AGOBOT.AKBNo
heahea.exeXheahea.exeDetected by Malwarebytes as Backdoor.Bot. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
heaulXheaul.exeAdded by the SILLYFDC-GI WORM!No
heavy_rotationXheavy_rotation.scrDetected by Intel Security/McAfee as Generic Dropper and by Malwarebytes as Trojan.Agent.ENo
Microsoft(R) Delayed LauncherXHeciServer.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.Agent.MSGen. Note - this is note the Intel(R) Capability Licensing Service Interface service which uses the same filename and is located in %ProgramFiles%\Intel\iCLS Client. This one is located in %AppData%\MicrosoftNo
ShellXHeciServer.exe,explorer.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.FakeAlert. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "HeciServer.exe" (which is located in %AppData%\Microsoft)No
HKLMXHedara.exeDetected by Dr.Web as Trojan.Siggen6.8122 and by Malwarebytes as Backdoor.HMCPol.GenNo
HKCUXHedara.exeDetected by Dr.Web as Trojan.Siggen6.8122 and by Malwarebytes as Backdoor.HMCPol.GenNo
hefcndyXhefcndy.exeDetected by Microsoft as PWS:Win32/Frethog.APNo
LoadersXHeIp.exeDetected by Sophos as W32/Sdbot-ADBNo
LoadersXHeIp.pifAdded by the SDBOT-ACS WORM!No
Microsoft Security Monitor ProcessXhel.exeDetected by Kaspersky as Backdoor.Win32.EggDrop.v and by Malwarebytes as Trojan.Downloader. The file is located in %Windir%No
HelioBarXPNHelioBarXP.exeHelioBar XP by Sycory renders the Windows Taskbar (the strip at the bottom on the screen) transparent, revealing the whole desktop and associated background image. The purpose seems irrelevant as you can right-click on the Taskbar and select Properties → Auto-hide the taskbar anywayNo
systhreadXHELLO.EXEDetected by Trend Micro as BKDR_WINKER.FNo
PicasaNetNHello.exeHello by Google's Picasa was an application that allowed Blogger users to post digital photos and captions directly to their personal weblogs, or blogsNo
helloservXhelloserv.exeDetected by Trend Micro as WORM_ZHELATI.BHANo
BadxXHELLRAIDER.EXEDetected by Trend Micro as BKDR_MINDCTRL.ANo
FhzepgyiXHELLRAIDER.EXEDetected by Trend Micro as BKDR_MINDCTRL.ANo
(Default)Xhelmi1.exeDetected by Malwarebytes as Trojan.Agent. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %LocalAppData%No
help windows.vbsXhelp windows.vbsDetected by Intel Security/McAfee as RDN/Generic.dx!czc and by Malwarebytes as Backdoor.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
helpXhelp.exeDetected by Intel Security/McAfee as PWS-FAHB!CB20D8190AFF and by Malwarebytes as Backdoor.Agent.HLPGen. The file is located in %AppData%\InstallDirNo
helpXhelp.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %AppData%\MicrosoftNo
helpXhelp.exeDetected by Dr.Web as Trojan.Siggen6.21985 and by Malwarebytes as Backdoor.Bot. The file is located in %AppData%\Microsoft\Windows\IEUpdateNo
helpXhelp.exeDetected by Trend Micro as TSPY_BANKER-2.001 and by Malwarebytes as Backdoor.Bot. The file is located in %ProgramFiles%No
help WindowsXhelp.exeDetected by Kaspersky as Worm.Win32.Bybz.erd and by Malwarebytes as Backdoor.Messa. The file is located in %AppData%\MicrosoftNo
cvost.exeXhelp.exeDetected by Malwarebytes as Backdoor.Agent.HLPGen. The file is located in %AppData%\InstallDir - see hereNo
helperXhelp.exeDetected by Malwarebytes as Backdoor.Agent.HLPGen. The file is located in %AppData%\InstallDirNo
helpthisXhelp.exeDetected by Malwarebytes as Backdoor.Agent.HLPGen. The file is located in %AppData%\InstallDirNo
RunXhelp.exeIESearchToolbar parasite. Identified by Ewido Security Suite (Ewido is now part of AVG Technologies) as the DELF.LF TROJAN!No
helpthsXhelp.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!g and by Malwarebytes as Backdoor.Agent.HLPGenNo
svchostesXhelp.exeDetected by Malwarebytes as Backdoor.Bot.E. The file is located in %AppData%\windowsNo
Windows HelpXhelp.exeDetected by Dr.Web as BackDoor.IRC.Bot.1758 and by Malwarebytes as Backdoor.IRCBot.GenNo
MSDNNXhelp.exeAdded by the AGENT-GBK TROJAN!No
svchostXhelp.exeDetected by Intel Security/McAfee as PWS-FAHB!F5EC22B04FF2 and by Malwarebytes as Backdoor.Bot.ENo
java.exeXhelp.exeDetected by Malwarebytes as Backdoor.Agent.HLPGen. The file is located in %AppData%\InstallDir - see hereNo
VMware process ToolXHelp.exeDetected by Dr.Web as Trojan.DownLoader6.3051 and by Malwarebytes as Trojan.DownloaderNo
hostXhelp.exeIESearchToolbar parasite. Identified by Ewido Security Suite (Ewido is now part of AVG Technologies) as the DELF.LF TROJAN!No
ISHelpUhelp.exeISpy is a security risk that logs keystrokes and captures screenshots. If you didn't install this yourself uninstall itNo
SysDirXhelp.exeDetected by Dr.Web as Trojan.DownLoader10.42864 and by Malwarebytes as Trojan.Downloader.THNo
olabisiXhelp.exeDetected by Malwarebytes as Backdoor.Agent.DCGen. The file is located in %UserTemp%No
onceXhelp.exeIESearchToolbar parasite. Identified by Ewido Security Suite (Ewido is now part of AVG Technologies) as the DELF.LF TROJAN!No
TEMPXhelp.exeDetected by Sophos as Troj/Bdoor-BDW and by Malwarebytes as Trojan.DownloaderNo
BERKEXhelp.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.DCENo
Windows Help EngineXHelp.pifDetected by Trend Micro as TROJ_AIDER.ANo
helpXhelp.scrDetected by Sophos as Troj/Bancos-BBU and by Malwarebytes as Backdoor.BotNo
WinInitXhelp01.hlpDetected by Malwarebytes as Trojan.Agent.WNT. The file is located in %Windir% - see hereNo
WinAppXhelpar.exeDetected by Malwarebytes as Spyware.Imminent.E. The file is located in %AppData%\WindowsNo
MyXhelpc.exeDetected by Dr.Web as Trojan.DownLoader10.51779 and by Malwarebytes as Trojan.Agent.MNo
IMJPMIG6.1XHelpCat.exeAdded by the BESVERIT WORM!No
helpcccXhelpccc.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
\helpctrl.exeXhelpctrl.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.8189 and by Malwarebytes as Trojan.Agent.MVONo
HDAUDIOUPDATESERVICEXhelpdeck.exeDetected by Intel Security/McAfee as Generic.dx!bht4 and by Malwarebytes as Backdoor.AgentNo
HelpDeskXHelpDesk.exeDetected by Kaspersky as Trojan-Spy.Win32.Banker.ciy. The file is located in %AllUsersProfile%No
HelpDeskXHelpDesk.exeDetected by Trend Micro as TSPY_BANKER-2.001. The file is located in %Windir%No
avastXHelpDesk.exeDetected by Dr.Web as Trojan.Siggen5.19676 and by Malwarebytes as Trojan.AgentNo
helpeXhelpe.exeDetected by Malwarebytes as Trojan.Inject. The file is located in %AppData%\MyDocumentNo
NetXhelpe.exeDetected by Malwarebytes as Trojan.Inject. The file is located in %AppData%\MyDocumentNo
helpXhelpe.scrDetected by Dr.Web as Trojan.Inject1.28001 and by Malwarebytes as Trojan.VBKryptNo
Computern HelperXhelpefr.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %Root%\[6 digits]No
Chrome.exeXHelper.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
HelperXHelper.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!uz and by Malwarebytes as Backdoor.Agent.DCEGenNo
Helper.exeXHelper.exeDetected by Dr.Web as Trojan.DownLoader10.3790 and by Malwarebytes as Trojan.Backdoor.KSNo
winlogon.exeXhelper.exeDetected by Sophos as Troj/Fakespy-ANo
ServicesPack2XHelper.exeDetected by Trend Micro as TSPY_BANKER-2.001No
Computer HelperXhelper.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %Root%\[6 digits]No
PRHelperXhelper.exeDetected by Malwarebytes as Trojan.Dropper. The file is located in %LocalAppData%No
helper.exe.pifXhelper.exe.pifDetected by Dr.Web as Win32.HLLO.Blop.163 and by Malwarebytes as Worm.Agent.HPF. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
loadXHelpere.exeDetected by Malwarebytes as Backdoor.Agent.E. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "Helpere.exe" (which is located in %UserTemp%\Steam Helper)No
Helpere.exeXHelpere.exeDetected by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
LOGITECHSXhelperfile.exeDetected by Intel Security/McAfee as PWS-Zbot.gen.aru and by Malwarebytes as Backdoor.MessaNo
ml34Xhelpermlm4.exeDetected by Sophos as Troj/Mailbot-BHNo
jon315Xhelperssrvc.exeDetected by Sophos as Troj/Mailbot-BINo
Helpex32Xhelpex32.exeDetected by Trend Micro as TROJ_CRYPTER.ANo
HELPEXP.EXEXHelpExp.exeAveo Attune automated helpdesk software - regarded as adwareNo
HelpInfoXHelpInfo.exeHelpInfo rogue security software - not recommended, removal instructions hereNo
Microsoft Security Monitor ProcessXHelpMe.exeDetected by Kaspersky as Trojan.Win32.VB.bjo and by Malwarebytes as Trojan.Downloader. The file is located in %Windir%No
helpoXhelpo.exeDetected by Sophos as Troj/Banloa-BUNo
helppane.exeXhelppane.exeDetected by Malwarebytes as Backdoor.Agent.HP. The file is located in %AppData%\[folder] - see examples here and hereNo
HelpPrivacyXHelpPrivacy.exeHelpPrivacy rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HelpPrivacyNo
helpXhelps.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\adobe - see hereNo
helpsXhelps.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\adobeNo
sck121Xhelpsyss.exeAdded by a variant of the MAILBOT TROJAN!No
helpwXhelpw.exeAdware downloaderNo
HELP_DECRYPT.HTMLXHELP_DECRYPT.HTMLDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HELP_DECRYPT.PNGXHELP_DECRYPT.PNGDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HELP_DECRYPT.PNG.zzzXHELP_DECRYPT.PNG.zzzDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HELP_DECRYPT.TXTXHELP_DECRYPT.TXTDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HELP_DECRYPT.TXT.zzzXHELP_DECRYPT.TXT.zzzDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HELP_DECRYPT.URLXHELP_DECRYPT.URLDetected by Malwarebytes as CryptoWall.Trace. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
DriverabXhelz.exeAdded by the RBOT-ABH WORM! Note - the file is a hidden, read-only, system fileNo
SecurityCenterXhemp.exeDetected by Malwarebytes as Trojan.Banker.E. The file is located in %AppData%\ActiveP - see hereNo
Intel(R) Graphics 3D DriversXHemsworth.exeDetected by Sophos as Troj/Agent-AFVH and by Malwarebytes as Trojan.Agent.GDGenNo
Multi media EncoderXhemxccape.exeDetected by Malwarebytes as Trojan.MSIL.Agent. The file is located in %CommonAppData%\Media EncoderNo
soundconfigXhemxccape.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %CommonAppData%\audiofilteringNo
henqisaknifkXhenqisaknifk.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
heomstoolXheomstool.exeAdded by the HEOMS TROJAN!No
haaepawmdjXhepwin.exeDetected by Dr.Web as Trojan.DownLoader11.32617 and by Malwarebytes as Trojan.Downloader.HPWNo
Internet History EraserUHERASER.exeInternet History Eraser - deletes your browsing tracksNo
herjekXherjek.exeAdded by the NUWAR.APJ WORM!No
cdoosoftXherss.exeDetected by Symantec as W32.SillyFDC.BCT and by Malwarebytes as Spyware.OnlineGamesNo
wzserviceXhess.exeAdded by the HACKARMY.W TROJAN!No
hewlpXhewlp.exeDetected by Malwarebytes as Spyware.Password. The file is located in %Cookies%\InstallDiwrNo
MqrtcXhexdump.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %Windir%No
MKbtcXhexdump.exeDetected by Intel Security/McAfee as ErtFor.b and by Malwarebytes as Trojan.DownloaderNo
hexgaxxahapvXhexgaxxahapv.exeDetected by Intel Security/McAfee as RDN/Generic.tfr!dm and by Malwarebytes as Trojan.InjectNo
hey.exeXhey.exeDetected by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
sdfgsdfgXhey.exeDetected by Sophos as W32/Agobot-ORNo
HeypPtdMGKlWjXHeypPtdMGKlWj.exeAdded by the FAKEAV-DVM TROJAN!No
He_Fuckin_GooD.exeXHe_Fuckin_GooD.exeDetected by Malwarebytes as Backdoor.Agent.RDL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HfUHf.exeHide Folders - hide your folders so only you can view themNo
hffsrvYhffsrv.exeHide Files & Folders - "great easy-to-use password-protected security utility working at Windows kernel level you can use to password-protect certain files and folders, or to hide them securely from viewing and searching just with a click of mouse". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
hffsrv.exeYhffsrv.exeHide Files & Folders - "great easy-to-use password-protected security utility working at Windows kernel level you can use to password-protect certain files and folders, or to hide them securely from viewing and searching just with a click of mouse". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
uxxWbaxpqVfsiXHFFVI0Uas9.exeDetected by Dr.Web as Trojan.DownLoader6.6080No
EFI Hot FoldersUhffw.exe"EFI Hot Folders improves productivity by simplifying the printing of PostScript and PDF files into a select, drag, and drop process. Once users create Hot Folders with different printing and finishing parameters, files are printed without opening an application or print driver menu." Part of EFI's high-end printing solutionsNo
gdhdhdgXhfgfjddh.exeDetected by Intel Security/McAfee as RDN/Spybot.bfr!h and by Malwarebytes as Trojan.Agent.LMTNo
HfmIgycfXhfmigycf.exeDetected by Malwarebytes as Trojan.Backdoor. The file is located in %AppData%\yyusvysrNo
Windows Media CenterXhfs player install makers.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!sc and by Malwarebytes as Trojan.KBayi.FLANo
HF SecurityXhfsecure.exeDetected by Sophos as W32/Agobot-TINo
AdobeFlashXhfs_player.exeDetected by Intel Security/McAfee as RDN/Generic.tfr and by Malwarebytes as Trojan.KBayi.FLANo
ME AUDIOXHFT.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.DCENo
MIANITEXHFT.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.DCENo
KUPYCCPMURJRKTCBPJGLPRNOGIEVKGHPXhfTHAFXtgiiNwGDMqORAQGvsQonsoTaJ.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ez and by Malwarebytes as Backdoor.Agent.RNDNo
hfxpUhfxp.exeHide Folders XP - hide your folders so only you can view themNo
HF_G_JulUHF_G_Jul.exeSupports the AVG Secure Search box feature added on new browser tabs which is powered by Yahoo!. Added with the latest versions of AVG security softwareNo
Meeting ConnectionXhgakdl32.exeLooks like a variant of the PPDOOR-E TROJAN!No
ColorificNHgcctl95.exeColorific® from E-Color - "delivers accurate gamma and color temperature across your entire system - monitor to printer and digital camera to monitor." Now superseded by ColorWizzard™No
Colorific Control PanelNHGCCTL95.EXEColorific® from E-Color - "delivers accurate gamma and color temperature across your entire system - monitor to printer and digital camera to monitor." Now superseded by ColorWizzard™No
Matrox Color ControlNhgcctl95.exeFor Matrox video cards. Quick access to changing colorsNo
hghggtffXhgffhgfhf.exeDetected by Intel Security/McAfee as RDN/Spybot.bfr!h and by Malwarebytes as Backdoor.Agent.ENo
hjgfhXhgfgdc.exeDetected by Malwarebytes as Trojan.Agent.SBFGen. The file is located in %AppData%\subfolderNo
fjhngXhgjj.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
king_hgXhgking.exeDetected by Sophos as W32/Autorun-BMQ and by Malwarebytes as Spyware.OnlineGames.KinggenNo
Microsoft® Windows® Operating SystemXhglinp.exeDetected by Dr.Web as Trojan.MulDrop5.15342 and by Malwarebytes as Trojan.Agent.MSWGenNo
hgqhp.exeXhgqhp.exeAdded by the FLUSH.F TROJAN!No
huigeziXHgzServer.exeDetected by Symantec as Backdoor.Graybird.C and by Malwarebytes as Backdoor.AgentNo
Genius Auto AttacherNHG_Watcher.exeHoldem Genius - "Play all of your Texas Holdem hands like a pro with Holdem Genius - the most advanced Texas Holdem odds calculator and the ultimate weapon for playing technically perfect Texas Holdem hands"No
hh.exeXhh.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%\[random] - see examples here and hereNo
StartupXhh.exeDetected by Dr.Web as Trojan.DownLoader8.62222 and by Malwarebytes as Trojan.Ransom.FMSNo
%ProgramFiles%\hhhhh.exeXhhhhh.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!st and by Malwarebytes as Trojan.Agent.HHNo
MSAgentXhhnt.exeDetected by Trend Micro as TSPY_AGENT.JINo
HTML Help SystemXhhs.pifAdded by the RBOT-ATB WORM!No
HTML32 Help SystemXhhs32.pifDetected by Sophos as W32/Rbot-ATENo
HibernationUhib32.exeReduces the power consumption when the laptop isn't being used to preserve battery power. Similar programs on other laptops reduce the processor clock rate, etc. Required if you run of battery regularlyNo
hiberfilXhiberfil.exeDetected by Intel Security/McAfee as RDN/Generic Dropper and by Malwarebytes as Trojan.Banker.BCKNo
hiclynkirsahXhiclynkirsah.exeDetected by Intel Security/McAfee as RDN/Downloader.gen.a and by Malwarebytes as Trojan.MSILNo
Hid.exeXhid.exeDetected by Symantec as Backdoor.IRC.Ratsou.BNo
MonitorControlXHIDDEN.exeDetected by Intel Security/McAfee as RDN/Downloader.a!ol and by Malwarebytes as Trojan.Agent.MNRNo
system332Xhidden32.exe service.exeDetected by Malwarebytes as Backdoor.Agent. Both files are located in %System%\MUI\DISPSPEC\0401No
ServicewinXHide32.exeDetected by Sophos as W32/MSNVB-DNo
Hide IPUhideip.exeHide IP - the forerunner to Hide IP NG by Hide IP Software which is a utility to hide your IP address and therefore improve your privacyNo
Hide IP EasyUHideIPEasy.exeHide IP Easy utility which allows you to "hide your real IP with a fake one, surf anonymously, prevent hackers from monitoring your activity, and provide full encryption of your online activity, all with the click of a button"No
Hide IP NGUhideipng.exeHide IP NG by Hide IP Software - a utility to hide your IP address and therefore improve your privacyNo
Hide IPUhideippla.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Platinum is the software you are looking for! Keeping your privacy is simple and easy: the only thing you need to do is open Hide IP Platinum." Superseded by Hide IP SpeedYes
Hide IP PlatinumUhideippla.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Platinum is the software you are looking for! Keeping your privacy is simple and easy: the only thing you need to do is open Hide IP Platinum." Superseded by Hide IP SpeedYes
Hide your IP when surfingUhideippla.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Platinum is the software you are looking for! Keeping your privacy is simple and easy: the only thing you need to do is open Hide IP Platinum." Superseded by Hide IP SpeedYes
Hide IPUhideipsp.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Speed is the software you are looking for. Keeping your privacy is simple and easy: just launch Hide IP Speed!"Yes
Hide IP SpeedUhideipsp.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Speed is the software you are looking for. Keeping your privacy is simple and easy: just launch Hide IP Speed!"Yes
Hide your IP address and protect your privacyUhideipsp.exe"Concerned about Internet privacy? Want to hide your IP address? Hide IP Speed is the software you are looking for. Keeping your privacy is simple and easy: just launch Hide IP Speed!"Yes
VistaXHiden.exeDetected by Dr.Web as Trojan.MulDrop4.55547 and by Malwarebytes as Trojan.Agent.ENo
hidenXhiden.exeDetected by Sophos as Troj/Agent-IWNo
HideOEUHideOE.exeHideOE - allows you to 'hide' Outlook Express or minimize it to the System TrayNo
cpytXhidep.exeDetected by Sophos as Troj/Mirjack-ANo
HideRun.exeXHiderun.exe svhost.exe pro.gifDetected by Symantec as BAT.Boohoo.WormNo
hidisk_infoXhidisk_info.exeDetected by Intel Security/McAfee as Generic.dxNo
drv_st_keyXhidn.exeDetected by Symantec as W32.Beagle.FF@mm and by Malwarebytes as Worm.BagleNo
drvsyskitXhidr.exeDetected by F-Secure as Email-Worm:W32/Bagle.HR and by Malwarebytes as Worm.BagleNo
Windows Update SystemXhidserv.exeDetected by Sophos as Mal/QuickFake-A and by Malwarebytes as Trojan.Agent.WUGenNo
hidservUhidserv.exeThis is the Human Interface Device Server for WinXP/Me/2000/98SE, it is required only if you are using USB Audio Devices you can disable via Msconfig. Typical examples are USB multimedia keyboards with volume control and web-ready keyboards. For example - loaded by default with MS DSS80 Speakers because they have Volume, Mute and Bass controls on the speaker. Some users may experience problems disabling this - if this is the case then re-enable it. Equivalent to MMHid in Win98. On HP Computers, HIDSERV is the controller for the keyboard sound controls on the USB and PS/2 keyboardsNo
hidv.exeXhidv.exeDetected by Malwarebytes as Trojan.Banker.Gen. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts - see hereNo
hidv2.exeXhidv2.exeDetected by Intel Security/McAfee as RDN/PWS-Banker and by Malwarebytes as Trojan.Banker.Gen. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HighKey1XHighKey1.exeDetected by AVG as GENERIC12.LHE - see hereNo
hihotrun.jseXhihotrun.jseDetected by Dr.Web as Trojan.DownLoader2.45503 and by Malwarebytes as Trojan.VBS. Note - the file is located in %AllUsersStartup% and its presence there ensures it runs when Windows startsNo
HijackThisUHijackThis.exe"HijackThis free utility that generates an in depth report of registry and file settings from your computer. HijackThis scan results make no separation between safe and unsafe settings, which gives you the ability to selectively remove items from your machine." This option is added when you select Config → "Run HijackThis scan at startup..." once a scan has been performedNo
HijackThis startup scanUHijackThis.exe"HijackThis free utility that generates an in depth report of registry and file settings from your computer. HijackThis scan results make no separation between safe and unsafe settings, which gives you the ability to selectively remove items from your machine." This option is added when you select Config → "Run HijackThis scan at startup..." once a scan has been performedNo
HijSrv32Xhijsrv.exeDetected by Sophos as Troj/Bankgerm-DNo
BT00003*Xhiklmnop27.exeDetected by Sophos as Troj/VB-VT - where * = 2,3 or 4No
Memory managerXhimem32.exeAdded by the MANCSYN TROJAN!No
Windows File Migration WizardXHIMENSYST.EXEAdded by the RBOT-EMO WORM!No
load=Xhint.exeAdded by the ATAK WORM!No
HipChatNHipChat.exeHipChat by Atlassian - "is hosted group chat and video chat built for teams. Supercharge real- time collaboration with persistent chat rooms, file sharing, and screen sharing"Yes
HipChat ApplicationNHipChat.exeHipChat by Atlassian - "is hosted group chat and video chat built for teams. Supercharge real- time collaboration with persistent chat rooms, file sharing, and screen sharing"Yes
Petit Larousse 2001UHIPL2000Popup.exePopup dictionary toolNo
Petit Larousse 2001UHiPL2002popup.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2001 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
Petit Larousse 2002UHIPL2002Popup.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2002 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
HyperappelPLUHIPL2002Popup.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2005 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
HyperappelPL2003UHiPL2002popup.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2003/4 versions of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
HiprotectXHiprotect.exeHiprotect rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HiProtectNo
delolXhiquooc.exeDetected by Sophos as Troj/Bdoor-AMPNo
hisearch3Xhisearch2.exeDetected by Malwarebytes as Adware.Korad. The file is located in %AppData%\tempNo
SlipStreamYhispeedcore.exeBasicISP HiSpeed customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pix. The file is located in %ProgramFiles%\BasicISP HiSpeedNo
SlipStreamYHiSpeedcore.exeECR HiSpeed customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pix. The file is located in %ProgramFiles%\ECR HiSpeedNo
BasicISP HiSpeedYhispeedgui.exeBasicISP HiSpeed customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
ECR HiSpeedYHiSpeedgui.exeECR HiSpeed customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
HistoryKillNhistkill.exeHistoryKill by TrustSoft - protects your internet browsers and Windows by cleaning all traces of your computer activity. This privacy eraser includes many tools you can use to remove the data you view on the internet and in Windows beyond recoveryNo
historicoaa09.exeXhistoricoaa09.exeDetected by Dr.Web as Trojan.Siggen6.6262 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HistoryFeeds.exeXHistoryFeeds.exeDetected by Malwarebytes as Trojan.Banker. Note that the Command field can be either blank or the same as the Name field and located in a sub-folder of %LocalAppData% - see here and hereNo
ccctpXHistoryJMTi.exeAdded by the GANBATE.A WORM!No
HistorySweepNHistorySweep.exeHistorySweep - protects your Internet privacy by cleaning up all Internet history tracks and past computer activitiesNo
DiskstartXhit.exeStartportal - Switch dialer and hijacker variant, see here. Also detected by Sophos as Troj/Delf-JENo
hitlink.exeXhitlink.exeDetected by Microsoft as Adware:Win32/HitLink and by Malwarebytes as Adware.KoradNo
HitmanPro3Yhitmanpro3.exeHitman Pro on-demand scanner by Sophos (was by SurfRight) - which "is designed to run alongside your antivirus, using its behavioral deep scanning to find and eliminate zero-day, next-gen malware that has avoided detection"No
HitmanPro35YHitmanPro35.exeHitman Pro on-demand scanner by Sophos (was by SurfRight) - which "is designed to run alongside your antivirus, using its behavioral deep scanning to find and eliminate zero-day, next-gen malware that has avoided detection"No
hitNzo20gkQ.exeXhitNzo20gkQ.exeDetected by Dr.Web as Trojan.Carberp.800 and by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HitQXHitQ.exeHijacker, for more information see hereNo
HitwarePKLiteUHitwarePKLite.exeHitware Popup Killer Lite by Giant Matrix - "is an intelligent pop-up- and pop-under-ad killer. Running in the system tray, it quietly eliminates all unwanted ads even before they appear and prevents them from stealing bandwidth or locking up your browser." No longer supportedNo
HitwarePKLiteUHITWAR~1.EXEHitware Popup Killer LiteNo
HIVXHIV.exeAdded by the HIVA TROJAN!No
hiwacborcothXhiwacborcoth.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!va and by Malwarebytes as Trojan.Agent.USNo
fghgfdXhjhgfd.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!zk and by Malwarebytes as Backdoor.Agent.ENo
hkllhXhjkgg.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Password.Stealer.ENo
hjklam.exeXhjklam.exeDetected by Malwarebytes as Trojan.Downloader.DFL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HJKU AgentXHJKU.exeDetected by Dr.Web as Trojan.KeyLogger.21603 and by Malwarebytes as Trojan.KeyLoggerNo
beihfmXhjnwtud.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
hkUhk.exeKeyLoggerExp keystroke logger/monitoring program - remove unless you installed it yourself!No
Hook99startupUhk2re.exe"Hook99 enables the user to customize the start button. You can change or remove the text and replace the Windows flag on button with icon of your choice. Supports Windows icons, bitmaps and can extract icons from executables and libraries. Hook99 can also make the background of desktop icons captions transparent"No
Intel CorporationXhkccmd.exeDetected by Malwarebytes as Backdoor.SpyNet. The file is located in %System%\Systema de Inicializa\e7\e3oNo
Interl(R) Common User InterfaceXhkccmd.exeDetected by Malwarebytes as Backdoor.SpyNet. The file is located in %System%\Systema de Inicializa\e7\e3oNo
HotKeysCmdsUhkcmd.exeHot Key handler for Intel desktop and mobile motherboard chipsets with integrated graphics. With this enabled, you can access settings like graphics properties and screen rotation via pre-programmed key combinations - such as CTRL+ALT+F12 which displays the graphics properties (otherwise available via a right-click on the desktop or the Control Panel). Different chipset versions may have different pre-programmed settings and in some cases these may be programmableYes
igfxhkcmdUhkcmd.exeHot Key handler for Intel desktop and mobile motherboard chipsets with integrated graphics. With this enabled, you can access settings like graphics properties and screen rotation via pre-programmed key combinations - such as CTRL+ALT+F12 which displays the graphics properties (otherwise available via a right-click on the desktop or the Control Panel). Different chipset versions may have different pre-programmed settings and in some cases these may be programmableYes
HKLMXHKCMD.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Windir%\InstallDirNo
Intel(R) Common User InterfaceUhkcmd.exeHot Key handler for Intel desktop and mobile motherboard chipsets with integrated graphics. With this enabled, you can access settings like graphics properties and screen rotation via pre-programmed key combinations - such as CTRL+ALT+F12 which displays the graphics properties (otherwise available via a right-click on the desktop or the Control Panel). Different chipset versions may have different pre-programmed settings and in some cases these may be programmableYes
Intel(R) Common User SystemXhkcmd.exeDetected by Malwarebytes as Backdoor.Agent.DCEGen. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Windir%\systemNo
HKCUXHKCMD.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Windir%\InstallDirNo
MicroUpdateXhkcmd.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Backdoor.Agent.DCEGen. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %MyDocuments%\MSDCSCNo
hkcmdXhkcmd.exeDetected by Dr.Web as Trojan.DownLoader6.48510. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %AppData%No
hkcmdXhkcmd.exeDetected by Malwarebytes as Trojan.Agent.E. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %AppData%\InstallNo
hkcmdXhkcmd.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Backdoor.Agent.E. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %AppData%\MicrosoftNo
HKCMDXhkcmd.exeDetected by Kaspersky as Trojan-PSW.Win32.Small.pq. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %CommonAppData%\HKCMDNo
hkcmdUhkcmd.exeHot Key handler for Intel desktop and mobile motherboard chipsets with integrated graphics. With this enabled, you can access settings like graphics properties and screen rotation via pre-programmed key combinations - such as CTRL+ALT+F12 which displays the graphics properties (otherwise available via a right-click on the desktop or the Control Panel). Different chipset versions may have different pre-programmed settings and in some cases these may be programmableYes
hkcmdXhkcmd.exeDetected by Malwarebytes as Backdoor.Bot. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Windir%No
HKCMDXHKCMD.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Backdoor.Agent.E. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Windir%\InstallDirNo
hkcmd ModuleUhkcmd.exeHot Key handler for Intel desktop and mobile motherboard chipsets with integrated graphics. With this enabled, you can access settings like graphics properties and screen rotation via pre-programmed key combinations - such as CTRL+ALT+F12 which displays the graphics properties (otherwise available via a right-click on the desktop or the Control Panel). Different chipset versions may have different pre-programmed settings and in some cases these may be programmableYes
hkcmd ModuleXhkcmd.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!er and by Malwarebytes as Backdoor.Agent. Note - this is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%. This one is located in %Temp%No
ShellXhkcmd.exe,explorer.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCE. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "hkcmd.exe" (which is located in %Temp%\SYSTEM32 and is not the Hot Key handler (same filename) for Intel graphics chipsets which is normally located in %System%)No
FGSBSIHGSBXhkcmde.exe.lnkDetected by Intel Security/McAfee as RDN/Generic.bfr!fy and by Malwarebytes as Trojan.Agent.WDFNo
windows messengersXhkcmds.exeDetected by Sophos as Troj/Agent-CRXNo
hkcmdsXhkcmds.exeDetected by Dr.Web as Win32.HLLW.Autohit.14817. The file is located in %Root%\Intel Core\Extreme\Graphics\Sample\Music\Basebrd\ShellBrdNo
HkcmdsXhkcmds.exeDetected by Dr.Web as Win32.HLLW.Autoruner.62474. The file is located in %System%No
HKCMDS.EXEXHkcmds.exeDetected by Malwarebytes as Trojan.Banker.HWR. The file is located in %AppDFata%\[digits] - see an example hereNo
HKCU.exeXHKCU.exeDetected by Dr.Web as Trojan.Siggen6.8122 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HotKeysCommandsXHKCwin32.exeDetected by Trend Micro as BKDR_VB.AZI and by Malwarebytes as Backdoor.IRCBotNo
windowsXhkey.exeAdded by the GAOBOT.AFW WORM!No
Panasonic HotKey ManagerUHKEYAPP.EXEHotKey management for Panasonic rugged mobile PCsNo
voipsoftXhkicmd.exeAdded by the AGENT-QVJ TROJAN!No
hkmsvcXhkmsvc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %LocalAppData% (10/8/7/Vista) or %UserProfile%\Local Settings (XP)No
HKRUN.exeXHKRUN.exeDetected by Malwarebytes as Trojan.Agent.HKR. The file is located in %AppData%\Microsoft - see hereNo
RegEdit1XHKRUN.exeDetected by Malwarebytes as Trojan.Agent.HKR. The file is located in %AppData%\MicrosoftNo
ProLog~~XHKRUN.exeDetected by Dr.Web as Adware.Toolbar.619 and by Malwarebytes as Trojan.Agent.HKRNo
ProLogsXHKRUN.exeDetected by Sophos as Troj/MSIL-DJW and by Malwarebytes as Trojan.Agent.HKRNo
hkservUHKserv.exeKeyboard manager program required to use programmable power and function keys on some laptops such as the Sony PCG R505TSNo
HKSERV.EXEUHKserv.exeKeyboard manager program required to use programmable power and function keys on some laptops such as the Sony PCG R505TSNo
hkssUhkss.exeCompaq HotKey Support - multimedia keyboard supportNo
HkwkwrXHkwkwr.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %AppData%\MicrosoftNo
xsiduXhl0vjr.exeDetected by Intel Security/McAfee as Generic BackDoor!djj and by Malwarebytes as Trojan.DownloaderNo
hldrrrXhldrrr.exeDetected by Sophos as W32/Bagle-KFNo
drvsyskitXhldrrr.exeDetected by Trend Micro as TROJ_BAGLE.QU and by Malwarebytes as Worm.BagleNo
hlhtxoXhlhtxo.exeDetected by Intel Security/McAfee as QLowZones-27No
HLL Data ParameterXhllcxpa.exeDetected by Trend Micro as WORM_RBOT.AFGNo
auto__hloader__keyXhloader_exe.exeDetected by Trend Micro as TROJ_BAGLE.AB and by Malwarebytes as Trojan.AgentNo
VSMPXhlojsnigc.exeDetected by Sophos as W32/Rbot-GQSNo
downXhlp32.exeAdded by an unidentified VIRUS, WORM or TROJAN!No
HLcleanupXhlsetup2.exeDetected by Emsisoft as Adware.Win32.Themexp.orgNo
GYLW32Xhlwn.exeDetected by Malwarebytes as Trojan.Agent.WNL. The file is located in %AppData%\DenverNo
FYLW32Xhlwne.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %AppData%\AtlantisNo
HostsManUhm.exe"HostsMan is a freeware application that lets you manage your Hosts file with ease". It is mainly intended to block specific domains (mostly advertising servers) by redirecting them to localhost, but can also be used to add any other domain/Ip combination that you want to be included in the HOSTS fileNo
HMA Pro VPN 2.0UHMA! Pro VPN.exeSystem Tray access to, and notifications for the HMA! Pro VPN client which uses the OpenVPN open-source VPN client to provide Wi-Fi hotspot protection, anonymous web surfing, security from hackers and snoops and access to region blocked websites when travellingYes
hmemmsXhmemmsa.exeDetected by Intel Security/McAfee as RDN/Spybot.worm!s and by Malwarebytes as Trojan.Downloader.MSOGenNo
hmemmsXhmemmsi.exeDetected by Dr.Web as Trojan.DownLoader11.9242 and by Malwarebytes as Trojan.Downloader.MSOGenNo
HMI PowerSystemXhmisvc32.exeAdded by the RANDEX.CZZ WORM!No
HML PowerSourceXhmlsvc32.exeDetected by Sophos as W32/Sdbot-XLNo
HPl ServicesXhmlsvc32.exeDetected by Sophos as W32/Agobot-SINo
hmonitorUHmonitor.exeHardware Sensors Monitor by AB Software - "utilizes sensor chips on smart motherboards to track system and CPU core temperatures, voltages and cooling fans." Only required if you overclock your system or live in a hot environment and want to monitor the status or execute tasks such as sounding audio alarms are shutting down the computerNo
Hardware Sensors MonitorUhmonitor.exeHardware Sensors Monitor by AB Software - "utilizes sensor chips on smart motherboards to track system and CPU core temperatures, voltages and cooling fans." Only required if you overclock your system or live in a hot environment and want to monitor the status or execute tasks such as sounding audio alarms are shutting down the computerNo
AvastXhmu8399.exeDetected by Sophos as Troj/VB-ECZNo
HMV PowerSourceXhmusvc32.exeDetected by Sophos as W32/Sdbot-YWNo
HMV PowerSourceXhmvsvc32.exeDetected by Sophos as W32/Sdbot-YWNo
Home Malware CleanerXHM[random].exeHome Malware Cleaner rogue security software - not recommended, removal instructions hereNo
Sync DataUHndsync.exePocket Real Estate - mobile synchronization managerNo
Hekio StartupsXHnksvc32.exeDetected by Sophos as W32/Agobot-QENo
HELLO1XHNpoDRkz.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!bbt and by Malwarebytes as Trojan.Agent.ENo
ho2stdll.exeXho2stdll.exeDetected by Sophos as Troj/Banker-HONo
Windows Management InstrumentationXhoedoa.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\MicrosoftNo
hoffinipehofXhoffinipehof.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!vc and by Malwarebytes as Trojan.Agent.USNo
hofwuxoxuahoXhofwuxoxuaho.exeDetected by Intel Security/McAfee as RDN/Spybot.bfr!n and by Malwarebytes as Trojan.Agent.USNo
hogame SupporterXhogameSupporter.exeDetected by Malwarebytes as Adware.Kraddare. The file is located in %ProgramFiles%\hogame SupporterNo
hohoskivosuzXhohoskivosuz.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile%No
Windows DefenderXHOIC.exeDetected by Malwarebytes as Trojan.Agent.Gen. The file is located in %AppData% - see hereNo
holaUhola.exeHolaSearch or Hola Hola ToolbarNo
ADMXholiaa.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!fs and by Malwarebytes as Backdoor.Agent.BYONo
ADMIXholiaa.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!fs and by Malwarebytes as Backdoor.Agent.BYONo
Holiday LightsNHoliday Lights.exeHoliday Lights from Tiger Technologies. Festive desktop enhancement that adds lights - no longer supportedNo
HolidayCalendarUHolidayCalendar.exeCalendar gadget included with a theme for MyColors from Stardock CorporationNo
WinReg32 serviceXholqdnoxpmeu.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
HOI ServicesXholsvc32.exeDetected by Sophos as W32/Agobot-SFNo
hom.exeXhom.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Trojan.Downloader. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HomeAlarmUHomeAlarm.exeChameleon Clock - system tray clock replacementNo
HomeAntivirus 2009XHomeAntivirus2009.exeHomeAntivirus 2009 rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HomeAntiVirusNo
Home Antivirus 2010XHomeAntivirus2010.exeHome Antivirus 2010 rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HomeAntiVirusNo
HomeAVXhomeav.exeHome Personal Antivirus rogue security software - not recommended, removal instructions hereNo
HomeCleanXHomeCleanLaunch.exeHomeClean rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HomeCleanNo
Homeland NetworkXHomelandNetwork.exeHomeland Network Notifier - pops adsNo
homepXhomep.exeDetected by Kaspersky as Worm.Win32.VBNA.jku and by Malwarebytes as Worm.SFDC. The file is located in %UserProfile% - see hereNo
ScanRegistryXHOMEPAGE.exeDetected by Dr.Web as Trojan.Siggen6.20010 and by Malwarebytes as Trojan.Agent.RCNo
TomTomHOME.exeNHOMERunner.exeTomTom HOME - free management program for your PC to look after their GPS navigation productsNo
winUhomesec.exeRelated to the Sentry Parental Controls softwareNo
HomeTaskUHomeTask.exeDetected by Malwarebytes as PUP.Optional.HomeTask. The file is located in %AllUsersProfile%. If bundled with another installer or not installed by choice then remove itNo
HondaHelperUHondaHelper.exePart of Honda Music Link which allows you to use your Honda's audio system's controls to play and search for music on your iPod® in you carNo
honiqsogoqkiXhoniqsogoqki.exeDetected by Malwarebytes as Spyware.Zbot. The file is located in %UserProfile%No
HonorbuddyCrack.exeXHonorbuddyCrack.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserTemp%No
honorzoneXhonorzone.exeDetected by Malwarebytes as Trojan.Clicker. The file is located in %AppData%\honorzoneNo
Intel system toolXhookdump.exeDetected by Sophos as Troj/Spyre-HNo
HookSysUHookSys.exeSurfinGuard Pro from Finjan - internet protection software, protects against all malicious code delivered through executables, scripting files, ActiveX and JavaNo
NetMeterUHooNetMeter.exe"Net Meter is a powerful and easy-to-use bandwidth meter. It monitors traffic of all network connections and displays real-time graphical and numerical data transfer rates. Net Meter can display details of multiple network connections at the same time. It records all network traffic and includes extensive logging (daily, weekly and monthly) and traffic events. Net Meter works with virtually all types of network connections including phone modems, DSL, cable modem, LAN, satellite and more."No
EechXhoor.exeDetected by Symantec as Adware.PurityScan - also see the archived version of Andrew Clover's pageNo
NetWireXHosstt.exeDetected by Malwarebytes as Backdoor.NetWiredRC. The file is located in %AppData%No
HKLMXHost de servicio: Servicio de red.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%No
PoliciesXHost de servicio: Servicio de red.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%No
HKCUXHost de servicio: Servicio de red.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%No
Host Process for Windows Taskes.exeXHost Process for Windows Taskes.exeDetected by Malwarebytes as Trojan.Agent. Note - this entry loads from HKLM\Run and HKCU\Run and the file is located in %AppData%No
Host Process for Windows Taskes.exeXHost Process for Windows Taskes.exeDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ipadXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
[random]XHost.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %ProgramFiles%\SysNo
vhostXhost.exePeppi adwareNo
(Default)XHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %AppData%\InstallNo
Google ChromeXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
STUDYXHost.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!rp and by Malwarebytes as Trojan.Agent.IHGenNo
ActiveDirXhost.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.Agent.ENo
firefoxXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
Jusched (TM)XHost.exeDetected by Malwarebytes as Backdoor.NetWiredRC. The file is located in %AppData%\InstallsNo
AviraXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
Sub7Xhost.exeDetected by Dr.Web as Trojan.Inject1.43352 and by Malwarebytes as Trojan.Agent.SBNo
AdobeFlashUpdateManagerXhost.exeDetected by Intel Security/McAfee as RDN/Sdbot.worm!bp and by Malwarebytes as Backdoor.Agent.ADBNo
Windows-NetworkXHost.exeAdded by the ESION BACKDOOR!No
MicrosoftXHost.exeDetected by SonicWALL as Androm.BDNA and by Malwarebytes as Trojan.Agent.IHGenNo
MicrosoftXHOST.EXEDetected by Dr.Web as Trojan.MulDrop4.38010 and by Malwarebytes as Trojan.Agent.MSGenNo
MssnXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
NetWireXHost.exeDetected by Dr.Web as Trojan.DownLoader11.8211 and by Malwarebytes as Backdoor.NetWiredRC. The file is located in %AppData%\FileHostsNo
NetWireXHost.exeDetected by Dr.Web as Trojan.Packed.23472 and by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
WindoswXHost.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y and by Malwarebytes as Trojan.Agent.IHGenNo
MSNXHost.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!d and by Malwarebytes as Trojan.Agent.IHGenNo
MediaXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
svchostXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
javaXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
VLC PlayerXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
HKLMXhost.exeDetected by Intel Security/McAfee as Generic.bfr!ev and by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\Windows Media Player\installNo
HKLMXhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Root%\InstallNo
HKLMXhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\driversNo
HKLMXHost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\Internet ExplorerNo
Windows Host ServiceXhost.exeAdded by the KELVIR.AN WORM!No
WinlogonsXHost.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!b2z and by Malwarebytes as Trojan.Agent.IHGenNo
secureXHost.exeDetected by Malwarebytes as Trojan.PasswordStealer. The file is located in %AppData%\SecurityNo
SoundXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
NetXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\Install - see hereNo
ConhostsXHost.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yp and by Malwarebytes as Trojan.Agent.IHGenNo
PoliciesXhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Root%\InstallNo
system32Xhost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%\MicrosoftNo
UpdaterXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
PoliciesXhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\driversNo
avastXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
hostXhost.exeDetected by Intel Security/McAfee as RDN/Generic.dx!d2r and by Malwarebytes as Trojan.Agent.ADBNo
hostXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
hostXhost.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%\Microsoft - see hereNo
hostXhost.exeDetected by Symantec as Trojan.ExponnyNo
HostXHost.exeDetected by Malwarebytes as Trojan.Backdoor. The file is located in %Windir%No
Java (TM)XHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
StartKeyXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
StartKeyXHost.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %AppData%\SubFolderNo
AdminXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
windowsXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\Install - see hereNo
windowsXHost.exeDetected by Malwarebytes as Backdoor.NetWiredRC. The file is located in %AppData%\windowsNo
systemXHost.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!bbq and by Malwarebytes as Trojan.Agent.IHGenNo
HostconectXHost.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
System MonitorXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
hostidXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
ThrfileXHost.exeDetected by Intel Security/McAfee as RDN/Generic.dx!dhk and by Malwarebytes as Backdoor.Agent.HSTNo
HKCUXhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Root%\InstallNo
HKCUXhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\driversNo
foxitreaderXHost.exeDetected by Dr.Web as Trojan.PWS.Stealer.13199 and by Malwarebytes as Trojan.Agent.IHGenNo
SoundsXHost.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ff and by Malwarebytes as Trojan.Agent.IHGenNo
Installation NetXHost.exeDetected by Dr.Web as Trojan.DownLoader10.35934 and by Malwarebytes as Trojan.Agent.ENo
AdobeXHost.exeDetected by Avira as TR/NetCoot.A and by Malwarebytes as Trojan.Agent.IHGenNo
systemrepairXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
PRESENCEXHost.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y and by Malwarebytes as Trojan.Agent.IHGenNo
HostwindowXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\Install - see hereNo
chromeXhost.exeDetected by Malwarebytes as Backdoor.Agent.CH. The file is located in %Windir%\MicrosoftNo
java updateXhost.exeDetected by Malwarebytes as Trojan.Agent.Gen. The file is located in %Windir%\MicrosoftNo
startupXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\InstallNo
COCOCHECKERXHost.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.Agent.IHGenNo
OutlookXHost.exeDetected by Malwarebytes as Trojan.Agent.IHGen. The file is located in %AppData%\InstallNo
AnyNameXHost.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\Install - see hereNo
Windows FirewallXhost.exeDetected by Intel Security/McAfee as Generic.bfr and by Malwarebytes as Trojan.Zbot.AINo
host0601Xhost0601.exeDetected by Intel Security/McAfee as RDN/Generic Dropper and by Malwarebytes as Backdoor.Agent.SSPNo
NetWireXhost2.exeDetected by Malwarebytes as Trojan.Dropper.VB. The file is located in %AppData%\InstallNo
Sygate Personal FirewallXhost32.exeDetected by Total Defense as Win32.Rbot.ALD. The file is located in %System%No
Windows UpdateXhost32.exeDetected by Sophos as W32/Rbot-GUNo
ControlPanelXhost32.exe internat.dll,LoadKeyboardProfileDetected by Trend Micro as TROJ_DELF.DWNo
Hostname Manager ServerXhost32srv.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%\inetsrvNo
Windows Host BooterXhostbooter.exeAdded by an unidentified WORM or TROJAN! See hereNo
Configuration hostXhostc.exeDetected by Dr.Web as Trojan.PWS.Siggen.32370 and by Malwarebytes as Backdoor.AgentNo
hostconf.exeXhostconf.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!hy and by Malwarebytes as Backdoor.Agent.TRJE. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ServicingXhostd.exeDetected by Trend Micro as WORM_SDBOT.BUINo
hostdelXhostdel.cplDetected by Malwarebytes as Trojan.BanLoad. The file is located in %Windir%No
OdysseusXhostdl.exeDetected by Malwarebytes as RiskWare.Agent.E. The file is located in %AppData%\ConfigNo
HelpToolXhostdl.exeDetected by Malwarebytes as RiskWare.BitCoinMiner.E. The file is located in %AppData%\ConfigNo
hostdll.exeXhostdll.exeDetected by Sophos as Troj/Banker-BONo
NETWIREEXHostear.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!um and by Malwarebytes as Backdoor.Agent.ENo
WinServiceXhosth.exeDetected by Sophos as Troj/DwnLdr-FUXNo
Microsoft InvisibleXhostmng.exeDetected by Dr.Web as Trojan.DownLoader7.8922 and by Malwarebytes as Trojan.AgentNo
loadXhostms.exe.lnkDetected by Malwarebytes as Backdoor.Agent.Generic. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "hostms.exe.lnk" (which is located in %AppData%\Skype Corporations)No
ServiceToolsXHostName.exeDetected by Intel Security/McAfee as PWS-Banker and by Malwarebytes as Trojan.Banker.ENo
hostnetXhostnet.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
layersldmXhostplsrvc.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
HostProSNAMEXHostPro1337.exeDetected by Malwarebytes as Trojan.Agent.HSP. The file is located in %AppData%\Tasks1337No
HostProcessXHostProcessForWindowsTask.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %LocalAppData%\TasksNo
hostr.exeXhostr.exeDetected by Malwarebytes as Trojan.VBAgent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
avgntXhostr.exeDetected by Malwarebytes as Trojan.VBAgent. The file is located in %System%\installNo
Hostren.exeXHostren.exeAdded by the BANCOS.BJS TROJAN!No
Microsoft DNS Host ResolutionXhostres.exeDetected by Sophos as W32/Agobot-MKNo
Windows HostXhosts.exeAdded by the KELVIR.U WORM!No
Windows HostsXhosts.exeDetected by Sophos as Troj/Kelvir-ONo
HostSecurePluginUHostSecure.exeDetected by Malwarebytes as PUP.Optional.HostSecure. Note - this entry loads from the Windows Startup folder and the file is located in %ProgramFiles%\Host Secure. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
HostSecurePluginUHostSecure.exeDetected by Malwarebytes as PUP.Optional.HostSecure. The file is located in %ProgramFiles%\Host Secure. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
HostSecurePlugin3UHostSecure.exeDetected by Malwarebytes as PUP.Optional.HostSecure. The file is located in %ProgramFiles%\Host Secure. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
HostSecuritySystem.exeXHostSecuritySystem.exeDetected by Malwarebytes as Trojan.Agent.HSC. The file is located in %Windir% - see hereNo
SVHOST-DATAXHostser.exeDetected by Malwarebytes as Backdoor.NetWiredRC. The file is located in %AppData%\Install - see hereNo
Sygate Personal FirewallXhostserv.exeDetected by Trend Micro as WORM_RBOT.BKONo
Windows Host32 StarterXhostserv.exeDetected by Sophos as W32/Sdbot-WUNo
hostservXhostserv.exeDetected by Trend Micro as WORM_RBOT.BPZNo
HostServiceXHostService.exeDetected by Dr.Web as Trojan.MulDrop7.14002 and by Malwarebytes as Spyware.KeyLoggerNo
HostServicesXHostServices6.exeDetected by Malwarebytes as Trojan.Dropper. The file is located in %AppData%No
data32Xhostspool.exeDetected by Malwarebytes as Backdoor.Agent.DTA. The file is located in %System%No
HKLMSSEXhostsrv.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.HKIGenNo
HKCUSSDXhostsrv.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.HKIGenNo
PoliciesXhostsrv.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.PgenNo
Windows Live MessengingXhostsrv.exeDetected by Dr.Web as BackDoor.IRC.Sdbot.18336 and by Malwarebytes as Backdoor.IRCBot.ENo
winndowsXhostss.exeDetected by Dr.Web as Trojan.DownLoader10.54246 and by Malwarebytes as Worm.AutoRunNo
hostss.exeXhostss.exeDetected by Dr.Web as Trojan.DownLoader10.54246 and by Malwarebytes as Trojan.Downloader.E. Note - the file is located in %UserStartup% and its presence here ensures it runs when Windows startsNo
HostssoonXHostssoon.exeDetected by Malwarebytes as Trojan.Hosts. The file is located in %System% - see hereNo
Windows Host DeviceXhostsvc.exeDetected by Sophos as W32/Zooty-ANo
SystemXhostsvc.exeDetected by Dr.Web as Win32.HLLW.Autoruner2.5761 and by Malwarebytes as Backdoor.BotNo
HostSVC syseXHostSVC.exeDetected by Sophos as W32/Rbot-ANZNo
Windows Update SystemXhostsys.exeDetected by Sophos as Troj/VB-FMO and by Malwarebytes as Trojan.Agent.WUGenNo
HOstVs.vbsXHOstVs.vbsDetected by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HostWi31XHostWi.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %System%\HostWi32No
HostWi33XHostWi.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %System%\HostWi32No
Java UpdateXhostwww.exe.exeDetected by Sophos as Troj/Agent-MFH and by Malwarebytes as Backdoor.BifroseNo
Host_de_Servico_vinill.exeXHost_de_Servico_vinill.exeDetected by Dr.Web as Trojan.Siggen6.7136 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HOST_SYSTEM_233.carl.06.02.2014.exeXHOST_SYSTEM_233.carl.06.02.2014.exeDetected by Malwarebytes as Password.Stealer.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts - see hereNo
stagioXhot.exeDetected by Sophos as Troj/Agent-NZS and by Malwarebytes as Trojan.AgentNo
Hot 8.0 LiveXhot.exeDetected by Trend Micro as TROJ_BANKER.EIENo
HotAction_hrXhotaction_hr.exeDetected by Sophos as Dial/SiteIcon-B. An uninstall option can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "HotAction_hr"No
HotbarSAXHotbarSA.exeHotbar adware - detected by Malwarebytes as Adware.HotBar. The file is typically located in %ProgramFiles%\Hotbar\bin\[version]No
Hot CornersUHotc.exeHot Corners - "lets you quickly activate or disable your screen saver by moving the mouse into a given corner of the screen"No
hotclipalertXhotclipalertcheck.exeDetected by Sophos as Troj/DwnLdr-IJP and by Malwarebytes as Adware.HotClipNo
hotfile.exeXhotfile.exeDetected by Dr.Web as Trojan.DownLoader11.55898 and by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ShellXhotfix.exeDetected by Sophos as Mal/FakeAV-HG and by Malwarebytes as Trojan.Agent. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "hotfix.exe" (which is located in %AppData%)No
PLFFAPUHotfixQ0306270.exeUSB flash disk driver by Prolific Technology Inc. and used by a number of USB flash drive suppliers (such as Corsair) in their supporting software. Depending upon the OS and flash drive used this entry may or may not be required for it to work correctlyNo
HOTFOON2Uhotfoon4.exeRelated to Hotfoon - a developer and provider of Internet Telephony technology based on LTP (Lightweight Telephony Protocol)No
HotIDEUhotide.exeHotIDE allows Acer TravelMate owners to hot-swap external drives without switching of their notebooksNo
HotkeyUHotkey.exeHotkey utility for notebooks manufactured by CLEVO CO. The file is located in %ProgramFiles%\HotkeyYes
HotKey Driver?HotKey.exeRelared to the Solo 5300 display driver for Win2K on some Gateway laptops. The file is located in %ProgramFiles%\HotKey2No
KeybdUtility?HotKey.exeLocated in a LG Software\LG OSD directory. Related to function keys on and LG Electronics system?No
jmekeyUhotkey.exeMultimedia/function key manager for some IBM/Lenovo computers with JME keyboards. The file is located in %Windir%\jmesoftNo
Toshiba Hotkey UtilityUHotkey.exeMultimedia/function key manager for Toshiba laptops. The file is located in %ProgramFiles%\Toshiba\Windows UtilitiesNo
zOSD?HotKey.exeLocated in a LG Software\LG OSD directory. Related to function keys on an LG Electronics system?No
HotkeyAppUHotkeyApp.exeProgrammable keys on Acer, Fujitsu and other laptopsNo
LManagerUHotkeyApp.exeProgrammable keys on Acer, Fujitsu and other laptopsNo
Hot KeyboardUHotKeyb.exeHot Keyboard by Imposant - "is a personal productivity tool for Windows operating system. Whether you are working, or just having fun, Hot Keyboard helps you make computer tasks faster. Create macros, assign them to hotkeys and forget repetitive tasks!"No
HotkeyMonUHotKeyMon.exeSupport the Fn hotkeys on Asus laptops and netbooksNo
HotkeyServiceUHotkeyService.exeSupport the Fn hotkeys on Asus laptops and netbooksNo
CPQHotKeysXhotkeysvc.exeAdded by the RBOT-XA WORM!No
Hotkey UtilityUHotkeyUtility.exeKeyboard management utility required to use programmable function and special keys on some laptops from suppliers such as Acer, Gateway, Packard Bell and eMachinesNo
HotKeyz.exe StartupUHotKeyz.exeHotKeyz from Skynergy - "lets you easily create and maintain a categorized list of your hotkeys. Each hotkey, a key combination on your keyboard, will launch a command. You decide which commands go with which hotkeys"No
HKLMXhotmail.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %AppData%\InstallDirNo
HKCUXhotmail.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %AppData%\InstallDirNo
HotPixXhotpix.exeAdult content dialerNo
hotplugXhotplug.exeHotplug malwareNo
hotqipemavodXhotqipemavod.exeDetected by Intel Security/McAfee as RDN/Downloader.gen.a and by Malwarebytes as Trojan.Agent.USNo
hotroXhotro.exeDetected by Intel Security/McAfee as RDN/Generic Downloader.x!kd and by Malwarebytes as Trojan.Agent.HTGenNo
hotromasterXhotromaster.exeDetected by Intel Security/McAfee as RDN/Generic Downloader.x!kd and by Malwarebytes as Trojan.Agent.HTGenNo
HotSync ManagerNhotsync.exeInstalled when connecting a Palm HotSync cradle up to a USB port. The Blue and Red Arrow Icon that enables Palm / Handspring Synchronizing. Available via Start → ProgramsNo
Hot InsideXHottest Story Ever.exeAdded by the BHARAT.A WORM!No
eFax Tray MenuNHotTray.exeSystem Tray access to eFax Messenger from j2 Global Communications, Inc. - which "is a free software that can be used to enhance your eFax service. The software allows you to create and edit faxes, complete with text notes, highlights, and signatures." Older versionNo
eFax.com Tray MenuNHotTray.exeSystem Tray access to eFax Messenger from j2 Global Communications, Inc. - which "is a free software that can be used to enhance your eFax service. The software allows you to create and edit faxes, complete with text notes, highlights, and signatures." Older versionNo
j2 Tray MenuNHotTray.exeSystem Tray access to eFax Messenger from j2 Global Communications, Inc. - which "is a free software that can be used to enhance your eFax service. The software allows you to create and edit faxes, complete with text notes, highlights, and signatures." Older versionNo
Hotwells.exeXHotwells.exeDetected by Intel Security/McAfee as PWS-Banker and by Malwarebytes as Trojan.BankerNo
hotwetloveXhotwetlove.exeAdult content dialer. Will not uninstall - components have to be manually deletedNo
Hot_KissXHot_Kiss.exeDetected by Dr.Web as Dialer.Adultchat.88 and by Malwarebytes as Trojan.Dialer.HKNo
HotplugUhot_plug.exeRelated to the SiS_Hot_Plug_Application. Enables automated driver loading for hotpluggable devices. If this service is stopped, hotplug devices will no longer functionNo
Hot_TartsXHot_Tarts.exeAdult content dialerNo
Hot_Tarts_**XHot_Tarts_**.exePremium rate adult content dialer (where * is a random char)No
Hot_Tarts_AuXHot_Tarts_Au.exePremium rate Adult content dialerNo
Hot_Tarts_mcXHot_Tarts_mc.exeHotTarts adult content dialerNo
houdini victi.vbsXhoudini victi.vbsDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
houtor.exeXhoutor.exeDetected by Microsoft as Worm:Win32/Vobfus.VNo
HoverDeskUHoverDesk.exeHoverDesk - desktop replacement softwareNo
how ar u.exeXhow ar u.exeDetected by Dr.Web as Trojan.Siggen5.61175 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
howcodecopenXhowcodecopen.exeDetected by Intel Security/McAfee as Generic.bfr and by Malwarebytes as Trojan.AgentNo
howcodecXhowcodec_update.exeDetected by Intel Security/McAfee as Generic.bfr and by Malwarebytes as Trojan.AgentNo
hpWirelessAssistantUHP Wireless Assistant.exeWireless management utility for HP computers that allows the user to enable individual wireless devices (such as Bluetooth or WLAN devices) and shows the state of the radios for those devicesNo
File Mapping ServicesXhp-1003.exeDetected by Trend Micro as WORM_SDBOT.EJNNo
hp32_nwordXhp32_nword.exeDetected by Malwarebytes as Trojan.Agent. Note - this entry loads from HKLM\Run and the file is located in %System%No
hp32_nwordXhp32_nword.exeDetected by Malwarebytes as Trojan.Agent. Note - this entry loads from HKCU\Run and the file is located in %UserProfile%No
HPAdvisorUHPAdvisor.exeHP Advisor - services and support utility on HP machines providing "a single access point for the things you need most", including security status, alerts and othersNo
HPAdvisorDockUHPAdvisorDock.exeHP Advisor Dock - custom toolbar for program shortcuts with built-in search facility. Part of the HP Advisor services and support utility on HP machinesNo
HP Update AssistantXHPAware.exeAdded by the MRO TROJAN!No
hpbdfawepUhpbdfawep.exeCore file for HP CarePack - which is installed with some HP products or purchased separately and is involved with warranty and services of the products. Options available for both personal computers/printers (HP Care Pack Central) and businesses/enterprises (now known as Support Services Central)No
HP Mobile PrintingUHPBMOBIL.EXEHP Mobile Printing allows you to print to your wireless HP printer from your mobile device via Bluetooth wireless technologyNo
HP Mobile Printing DriverUHPBMOBIL.EXEHP Mobile Printing allows you to print to your wireless HP printer from your mobile device via Bluetooth wireless technologyNo
HP Status ServerUhpboid.exeInstalled with some HP laser printers, this detects whether the printer is networked or locally connected and automatically reflects the printer's physical configuration in the Windows printer configuration screens. It can, for example, detect and display that an envelope feeder has been attached to the printer. Runs as a service on an NT based OS (such as Windows 10/8/7/Vista/XP)No
HPBootOpUHPBootOp.exe"HP Boot Optimizer intelligently and dynamically launches software during startup, based on available resources, to improve startup performance"No
HP Port ResolverYhpbpro.exeDetects when an application sends a job to the printer and ensures that the necessary printer communication port is kept open. Runs as a service on an NT based OS (such as Windows 10/8/7/Vista/XP)No
TomcatStartup?hpbpsttp.exeApache Tomcat web server, part of HP LaserJet "Printer Tools" software. What does it do and is it required?No
TomcatStartup 2.5?hpbpsttp.exeApache Tomcat web server, part of HP LaserJet "Printer Tools" software. What does it do and is it required?No
HP BTW Detect ProgramNHPBTWD.exePart of HP's utilities preinstalled on certain HP computers - auto-detects Bluetooth WirelessNo
HP CD-DVDNhpcdtray.exeSystem Tray access to a HP CD-DVD's functions. Available via Start → All ProgramsNo
HP CD-WriterNhpcdtray.exeSystem Tray access to a HP CD-Writer's functions. Available via Start → All ProgramsNo
HPCDTrayNhpcdtray.exeSystem Tray access to a HP CD-Writer's or CD-DVD's functions. Available via Start → All ProgramsNo
HP Component ManagerNhpcmpmgr.exeChecks the internet for updated drivers/utilities for your HP product - update manually. Disabling will remove the error "Windows can't shutdown the computer because hpcmpmgr.exe can't be ended"No
hpcmpmgrNhpcmpmgr.exeChecks the internet for updated drivers/utilities for your HP product - update manually. Disabling will remove the error "Windows can't shutdown the computer because hpcmpmgr.exe can't be ended"No
HP Simple TraxNHpcron.exeSupplied with HP CD-RW drives - stores information about CD contents on your hard driveNo
Hide and Protect any Drives for Win95/98/Me/2k/XPUHPDAgent.exeLoads Hide and Protect any Drives - which allows you to "Protect Hard drive, CD, DVD, floppy and flash, and deny access to partitions of your hard drives. Stop unauthorized software installations and data leak by removable media". If disabled, hidden and locked drives still retain their original status so the user will only be able to change their status them via the main UIYes
HPDAgentUHPDAgent.exeLoads Hide and Protect any Drives - which allows you to "Protect Hard drive, CD, DVD, floppy and flash, and deny access to partitions of your hard drives. Stop unauthorized software installations and data leak by removable media". If disabled, hidden and locked drives still retain their original status so the user will only be able to change their status them via the main UIYes
hpdeskjetXhpdeskjet.exeDetected by Dr.Web as Trojan.Click2.25825 and by Malwarebytes as Trojan.BankerNo
KnexStarterUHPDeviceService.exeHP Device Communications Services (also known as Knex) - installed with HP Easy Printer Care software. "The HP Device Communication Services software carries product-specific plug-ins that are installed whenever HP Device Communications Services is installed"No
HP Download and Install AssistantNHPDIA.exePart of the HP Support Assistant and installed with the HP Support Solutions Framework. "HP Support Assistant is a software program designed to help you keep your computer in working order, prevent potential problems from arising, and resolve problems quickly and easily. The program also provides valuable system information that you need when troubleshooting computer problems"No
HP Display SettingsUhpdisply.exeSets default display settings. Unchecking this item has been reported to cure a "Problem sending command to keyboard" error messageNo
HPNTXhpdll.exeMalware downloader - detected by Kaspersky as the VB.KU TROJAN!No
000hpdllhosXhpdllhost.exeLZIO.com adware downloaderNo
Windows HP DriversXhpdmws.exeDetected by Trend Micro as WORM_SDBOT.AQUNo
HP Envy Guides AutoPlayNhpdocstart.exeRelated to the HP Envy series of laptops. Based upon the entry name, we assume this automatically launches the product guides and isn't required - can a user confirm this?No
1:Nhpdrv.exeHP utility for monitoring when and how many recoveries have been doneNo
run=NhpfschedHPFSCHED is a small TSR that will remind you to clean the cartridges in your DeskJet from time to time in order to keep print quality high. It can be removed from the run line in win.ini if you do not want that featureNo
hpfschedNhpfsched.exeHPFSCHED is a small TSR that will remind you to clean the cartridges in your DeskJet from time to time in order to keep print quality high. It can be removed from the run line in win.ini if you do not want that featureNo
Share-to-Web Namespace DaemonNhpgs2wnd.exeShare-to-Web - HP-created software and Internet-based application that enables easy uploading and sharing of photos via affiliated photo-sharing Web sites. No longer in useNo
hpgs2wndNhpgs2wnd.exeShare-to-Web - HP-created software and Internet-based application that enables easy uploading and sharing of photos via affiliated photo-sharing Web sites. No longer in useNo
HPHA1MONUHPHA1MON.EXESupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. This verison is applicable for version 2.0 to 2.3 drivers - see here. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HPHA2MONUHpha2mon.exeSupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. This verison is applicable for version 3.1 to 3.2 drivers - see here. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HP Health Check SchedulerUHPHC_Scheduler.exeHP Health Check Scheduler from Hewlett-PackardNo
HPHmon03Uhphmon03.exeSupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HPHmon04Uhphmon04.exeSupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HPHmon05Uhphmon05.exeSupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HPHmon06Uhphmon06.exeSupports the memory card reader on some HP Photosmart and AIO (all-in-one) printers - displaying a System Tray icon for the drive and allowing you to transfer files directly via the SAVE button. Known to cause 100% CPU load in some cases. Only needed if you use this featureNo
HphomeXhphome.jsHomepage hijackerNo
PreloadAppNhphprld.exe setup.exeHP Deskjet/PhotoSmart printer related - printers function normally without itNo
setupNhphprld.exe setup.exeHP Deskjet/PhotoSmart printer related - printers function normally without itNo
HPHUPD04Nhphupd04.exeHP software update checker and wizard launcher. Available via Start → ProgramsNo
HPHUPD05Nhphupd05.exeHP software update checker and wizard launcher. Available via Start → ProgramsNo
HPHUPD06Nhphupd06.exeHP software update checker and wizard launcher. Available via the Start menuNo
HPHUPD07Nhphupd07.exeHP software update checker and wizard launcher. Available via Start → ProgramsNo
HPHUPD08Nhphupd08.exeHP software update checker and wizard launcher. Available via Start → ProgramsNo
AppLaunch VariablesXHpIconMan.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %AppData%\Macromedia - see hereNo
HPID SchedulerUhpidschd.exeHP Instant Delivery Scheduler - helps you control and manage programs that will start up when Windows bootsNo
hpidschd.exe -log -- -logUhpidschd.exeHP Instant Delivery Scheduler - helps you control and manage programs that will start up when Windows bootsNo
XyrenlXHpiurvl.exeDetected by Sophos as Troj/Bredo-AGZ and by Malwarebytes as Password.StealerNo
CXMonNHpi_Monitor.exeAutodetects when a HP camera is attached to the computer and launches the "HP Photoimaging Software"No
HP JetDiscoveryYHPJETDSC.EXEHP JetAdmin software for HP JetDirect Print Servers. HPJETDSC.EXE is the file necessary for the JetAdmin Discovery Indicator (paper airplane in the taskbar). It gets launched automatically through the registry, and remains active to control the Discovery IndicatorNo
hpjsiroute[IP address]?hpjsira.exeRelated to HP laserjet printers and IP addresses. An IP address is appended to the name field - ie "hpjsiroute192.168.1.2"No
HP KEYBOARDUHPKEYBOARD.EXE"Application software for the keyboard set. Displays message when battery level is low." For HP systems - see hereNo
HP KEYBOARDxUHPKEYBOARDx.EXEOn-screen display (OSD) applet for the HP Desktop KeyboardNo
HP LampYHPLamp.exeHP Scanner Utility that controls your scanners light bulb. Needed if it's switched onNo
HPLampYHPLamp.exeHP Scanner Utility that controls your scanners light bulb. Needed if it's switched onNo
hplampcUhplampc.exeHP Scanner Lamp Utility - fixes an issue with the scanner lamp not going offNo
Automatic Media UpdateXHPLNT32.RVDAdded by unidentified malware. The file is located in %System%No
HpM3UtilXHpM3Util.exeDetected by Dr.Web as Trojan.Siggen5.60586 and by Malwarebytes as Backdoor.Agent.HPE. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Hewlett Packard ManagerXhpmanager.exeAdded by the MYTOB.KE WORM! Note - this is not a valid Hewlett-Packard programNo
DrvStartXHPMedia.exeDetected by Sophos as Troj/Bancban-QE and by Malwarebytes as Trojan.AgentNo
HpMmKbdUHpMmKbd.exeHP's multimedia keyboard driver which enables the end-user to use the automation features of the HP multimedia keyboardNo
VMware hptrayXhpmon.exeTrojan that is typically bundled with rogue security programs (such as Virus Trigger and AntivirusTrigger) and fake codecs. Note - this is not a legitimate VMware entry and is detected by Malwarebytes as Trojan.ZlobNo
HP Quick LaunchUHPMSGSVC.exeSupports the Quick Launch buttons on some HP Notebooks which enable you to quickly access the programs that you use most frequently - see here for more informationNo
HPMVTrayUHPMVTray.exeHP Media Vault Networked Storage Device - System Tray management utilityNo
HP Network Registry AgentUhpnra.exeInstalled with the drivers for many HP printers since 2002 - for more information see here under "HPNRA.exe"No
HPAiODevice(hp officejet 5100 series) - #Nhpoant07.exeInstalled with a HP Officejet 5100 Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpoant07.exe" works just fine if you need to use the scannerNo
HPAiODevice(hp officejet v series) - #Nhpoant07.exeInstalled with a HP Officejet V Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpoant07.exe" works just fine if you need to use the scannerNo
HPAiODevice(hp officejet g series) - #Nhpoavn07.exeInstalled with a HP Officejet G Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpobrt07.exe" works just fine if you need to use the scannerNo
hp psc 2000 SeriesUhpobnz08.exeInstalled with a HP PSC 2000 Series all-in-one printer. System Tray icon indicating when the printer is ready. Can be started manually with HP Director but takes time to startNo
HPAiODevice(hp psc 700 series) - #Nhpobrt07.exeInstalled with a HP PSC 700 Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpobrt07.exe" works just fine if you need to use the scannerNo
HPAiODevice(hp psc 900 series) - #Nhpobrt07.exeInstalled with a HP PSC 900 Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpobrt07.exe" works just fine if you need to use the scannerNo
HPAiODevice(hp officejet 5100 series) - #Nhpocyp07.exeInstalled with a HP Officejet 5100 Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpocyp07.exe" works just fine if you need to use the scannerNo
HPAiODeviceNhpodev07.exeDirect from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation)'. Related to various HP all-in-one printer/scanner/copier devices. They print and copy fine with those files disabled, and the icon installed on the desktop that points to "hpodir07.exe" works just fine if you need to use the scannerNo
HP ODLB08Nhpodlb08.exeHP OfficeJet Scan Button Monitor on a multi-function printer/copier/scanner. Start your scanning software manuallyNo
HPAiODevice(hp officejet 7100 series) - #Nhpogrp07.exeInstalled with a HP Officejet 7100 Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpogrp07.exe" works just fine if you need to use the scannerNo
hp psc 1000 seriesUhpohmr08.exeInstalled with a HP PSC 1000 Series all-in-one printer. System Tray icon indicating when the printer is ready. Can be started manually with HP Director but takes time to startNo
OfficeJet Manager?HPOmnu05.exeHP Officejet All-in-One Printer related. What does it do and it it required?No
HPAiODevice(hp officejet d series) - #Nhpoojd07.exeInstalled with a HP Officejet D Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpoojd07.exe" works just fine if you need to use the scannerNo
HPAIO_PrintFolderMgrNhpoopm07.exeDirectly from HP: "This process has one purpose - detects if the device moves to a different port, and notifies other processes to look on the new port." For various HP all-in-one printer/scanner/copier devices. They print and copy fine with those files disabled, and the HP icon installed on the desktop that points to "hpodir07.exe" works just fine if you need to use the scannerNo
HPAiODevice(hp officejet k series) - #Nhpoorn07.exeInstalled with a HP Officejet K Series all-in-one printer - where # represents a digit. Assumed to perform an identical function to the HPAiODevice (hpodev07.exe) entry:- Direct from HP - 'Device Objects Server - detects all device events and handles all ongoing communication on the device. Loads in the Startup group (except when "portable" is chosen during installation).' The print and copy functions should function properly with this disabled and the icon installed on the desktop that points to "hpoorn07.exe" works just fine if you need to use the scannerNo
hpOQBlGcuNj.exeXhpOQBlGcuNj.exeDetected by Malwarebytes as Rogue.Agent.SA. The file is located in %CommonAppData%No
HPOSDUHPOSD.exeOSD (on-screen-display) utility for HP computers - displays notifications such as Caps Lock being pressed, volume being increased, playback being paused, etcNo
officejet 6100?hposol08.exeHP Officejet 6100 All-in-One Printer related. What does it do and is it required?No
HP OfficeJet Series 700 StartUp?HPOstr03.exeHP Officejet 700 All-in-One Printer related. What does it do and it it required?No
HP OfficeJet Series 500 Startup?HPOstr05.exeHP Officejet 500 All-in-One Printer related. What does it do and it it required?No
HP OfficeJet Series 700 Startup?HPOstr05.exeHP Officejet 700 All-in-One Printer related. What does it do and it it required?No
HP OfficeJet Startup?HPOstr05.exeHP Officejet 600 All-in-One Printer related. What does it do and it it required?No
HP OfficeJet T Series Startup?HPOstr05.exeHP Officejet T Series All-in-One Printer related. What does it do and it it required?No
DeviceDiscoveryUhpotdd01.exeDetection of new imaging, printing and other peripherals on HP machines such as USB printers, cameras and Bluetooth productsNo
hpoddt01.exeNhpotdd01.exeDetection of new imaging, printing and other peripherals on HP machines such as USB printers, cameras and Bluetooth productsNo
hpoddt01.exe.lnkNhpotdd01.exeDetection of new imaging, printing and other peripherals on HP machines such as USB printers, cameras and Bluetooth productsNo
hpotdd01Uhpotdd01.exeDetection of new imaging, printing and other peripherals on HP machines such as USB printers, cameras and Bluetooth productsNo
HP AutoIndexerUhppautoindexer.exeInstalled by HP multi-function printer driver software, related to PC faxing. If you are not using the PC faxing feature you can go ahead and disable these services from the startupNo
HPPA_MainUHPPA_Main.exe"HP Power Assistant provides an easy method for changing operating system and device configuration settings in order to manage power consumption". Used to manage many peripherals on an HP laptop (ie, Wi-fi, Bluetooth and ambient light sensor)No
HPPowerAssistantUHPPA_Main.exe"HP Power Assistant provides an easy method for changing operating system and device configuration settings in order to manage power consumption". Used to manage many peripherals on an HP laptop (ie, Wi-fi, Bluetooth and ambient light sensor)No
HP LaserJet DirectorUhppdirector.exeSystem Tray icon that opens various functions such as copy, fax, email, scan, copy plus, etc. Right-click on it and you see a few options such as the preceding bar plus About, Help, ToolBox, Exit, etcNo
HP Photo ManagerXHPPhotoManager.exeDetected by Trend Micro as WORM_SDBOT.AXUNo
Status Monitor CLJ1500UHPPOUMUI.exeStatus monitor for the HP Color LaserJet 1500 printer - for monitoring printer status, checking ink levels, etcNo
hppptNhpppt.exeHP ScanJet scanner Parallel Port Test UtilityNo
HppptaYhpppta.exeHP parallel port driver for certain hardwareNo
Win USB 2.0 USB DriverXHPPrint.exeAdded by the SPYBOT.DNB WORM!No
Print Hp TrayXhpprint.exeDetected by Sophos as W32/Rbot-GWENo
KIT3Xhpprintqueue.exeAdded by unidentified malware. The file is located in %System%\spoolNo
HP LaserJet ToolBoxNHPPROPTY.EXEHP LaserJet Toolbox - allows customizations such as changing the Quick Copy settings, configuring properties for the Document Assistant and configuring properties for the HP LaserJet Document desktopNo
HPPROPTYNHPPROPTY.EXEHP LaserJet Toolbox - allows customizations such as changing the Quick Copy settings, configuring properties for the Document Assistant and configuring properties for the HP LaserJet Document desktopNo
RunTasktrayUHPPRun.exeSystem Tray access to HP Easy Printer Care softwareNo
HP SchedIndexerUhppschedindexer.exeInstalled by HP multi-function printer driver software, related to PC faxing. If you are not using the PC faxing feature you can go ahead and disable these services from the startupNo
HP Parallel Port TestNhppt.exeHP ScanJet scanner Parallel Port Test UtilityNo
{adws-sdws-asgt-bet9}Xhppupdate.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Trojan.Agent.NattlyNo
HPUsageTrackingNhppusg.exePart of the HP Customer Participation Program and can cause memory leaks - see here. Similar to the equivalent Microsoft Customer Participation Program, it sends back statistics on how you use their productsNo
HPPWRSAVUHPPWRSAV.EXEPower save related for HP Scanners. Many users have complained of system freezes with it running but it stops the light from remaining on all the time. Try www.hp.com, pick your OS option under the SUPPORT tab, follow the instructions and you will find an updated lamp control patchNo
hpqcmon?hpqcmon.exeFrom HP and related to digital imagingNo
CamMonitor?hpqcmon.exeFrom HP and related to digital imagingNo
Winsat UpdateXhpqprotect.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Trojan.Agent.NattlyNo
hpqSRMon?hpqSRMon.exeRelated to HP Digital Imaging products. What does it do and is it required?No
HP Image Zone Fast StartNhpqthb08.exeImproves the startup time of HP Image Zone. If you disable it, HP Image Zone takes a long time to start up only the first time you run it. Subsequent startups are much faster than the first timeNo
HP Photosmart Premier Fast StartNhpqthb08.exeImproves the startup time of HP Image Zone. If you disable it, HP Image Zone takes a long time to start up only the first time you run it. Subsequent startups are much faster than the first timeNo
HP Digital Imaging MonitorUhpqtra08.exeSystem Tray access to HP Director. Required if you prefer to use the all-in-one buttons to manually scan documents or transfer photos froma camera, for exampleNo
Codec ReaderXhpqwgetdrvinfo.exeDetected by Malwarebytes as Trojan.Ransom. The file is located in %AppData% - see hereNo
HPQuickWebProxyUhpqwutils.exeSupports the "HP QuickWeb feature in some HP notebook PCs - that "is an innovative suite of applications that can be accessed within seconds of powering on the notebook. HP QuickWeb resides outside of the notebook's Windows operating system, allowing you to quickly check e-mail, surf the web, chat via instant messenger and Skype, listen to music, and view pictures"No
HP ScanPatchUHPScanFix.exeProgram that starts up and automatically fixes earlier versions of the Scanjet 5100c software. If a Scanjet 5100C scanner is not going to be used, then it is safe to remove or prevent from startingNo
IPOT USB Service DRV32Xhpsebc08.exeDetected by Sophos as W32/Sdbot-WHNo
IPOT USB Service DRIVERXhpsebc087.exeDetected by Sophos as W32/Sdbot-WANo
HpPrinterXhpserver.exeDetected by Sophos as Troj/CmjSpy-WNo
hpsjbmgrNhpsjbmgr.exeHP ScanJet Button Manager. It allows users of the HPScanJet scanners to indicate what the buttons on the scanner will do automatically if pushed. Not required at startup, unless the scanner is used every day, such as in a business environmentNo
HPSCANMonitorUhpsjvxd.exeHP scanning software that enables you to scan images from your scanner. Needed if you're using the scannerNo
WinlogXhpsmartprint.exeDetected by Intel Security/McAfee as RDN/PWS-Banker!dn and by Malwarebytes as Trojan.Banker.WLGenNo
HP ScanPictureNhpsplmwa.exeHP multifunction scanner software. Available from HP Office Jet R Toolbox so not requiredNo
NetBiosSrvcXHPSrvPrt.exeDetected by Sophos as W32/Sdbot-COLNo
hp Silent Service?HpSrvUI.exeHP Silent Service application user interface. What does it do and is it required?No
HPStartNhpstart.wsfThis a script used by HP that runs the first time one of their computers is started. Can't imagine why it would be starting up after the first bootNo
HP StatusNhpstatus.exeHP Printer Status and AlertsNo
Monitor Ink Alerts - HP Deskjet 1010 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 1010 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 1050 J410 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 1050 J410 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 1510 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 1510 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 2510 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 2510 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 2540 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 2540 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 2540 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Deskjet 2540 series AIO printer on a networkNo
Monitor Ink Alerts - HP Deskjet 3050A J611 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 3050A J611 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Deskjet 3050A J611 series AIO printer on a networkNo
Monitor Ink Alerts - HP Deskjet 3510 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 3510 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 3510 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Deskjet 3510 series AIO printer on a networkNo
Monitor Ink Alerts - HP Deskjet 4620 seriesUHPStatusBL.dllMonitors ink levels for the HP Deskjet 4620 series AIO printerNo
Monitor Ink Alerts - HP Deskjet 4620 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Deskjet 4620 series AIO printer on a networkNo
Monitor Ink Alerts - HP ENVY 110 seriesUHPStatusBL.dllMonitors ink levels for the HP ENVY 110 series AIO printerNo
Monitor Ink Alerts - HP ENVY 110 series (Network)UHPStatusBL.dllMonitors ink levels for the HP ENVY 110 series AIO printer on a networkNo
Monitor Ink Alerts - HP ENVY 4500 seriesUHPStatusBL.dllMonitors ink levels for the HP ENVY 4500 series AIO printerNo
Monitor Ink Alerts - HP ENVY 4500 series (Network)UHPStatusBL.dllMonitors ink levels for the HP ENVY 4500 series AIO printer on a networkNo
Monitor Ink Alerts - HP Officejet 4620 seriesUHPStatusBL.dllMonitors ink levels for the HP Officejet 4620 series AIO printerNo
Monitor Ink Alerts - HP Officejet 4620 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Officejet 4620 series AIO printer on a networkNo
Monitor Ink Alerts - HP Officejet 6500 E710n-zUHPStatusBL.dllMonitors ink levels for the HP Officejet 6500 E710n-z AIO printerNo
Monitor Ink Alerts - HP Officejet 6500 E710n-z (Network)UHPStatusBL.dllMonitors ink levels for the HP Officejet 6500 E710n-z AIO printer on a networkNo
Monitor Ink Alerts - HP Officejet 6700UHPStatusBL.dllMonitors ink levels for the HP Officejet 6700 AIO printerNo
Monitor Ink Alerts - HP Officejet 6700 (Network)UHPStatusBL.dllMonitors ink levels for the HP Officejet 6700 AIO printer on a networkNo
Monitor Ink Alerts - HP Officejet Pro 8600UHPStatusBL.dllMonitors ink levels for the HP Officejet Pro 8600 AIO printerNo
Monitor Ink Alerts - HP Officejet Pro 8600 (Network)UHPStatusBL.dllMonitors ink levels for the HP Officejet Pro 8600 AIO printer on a networkNo
Monitor Ink Alerts - HP Photosmart 5510d seriesUHPStatusBL.dllMonitors ink levels for the HP Photosmart 5510d series AIO printerNo
Monitor Ink Alerts - HP Photosmart 5510d series (Network)UHPStatusBL.dllMonitors ink levels for the HP Photosmart 5510d series AIO printer on a networkNo
Monitor Ink Alerts - HP Photosmart 5520 seriesUHPStatusBL.dllMonitors ink levels for the HP Photosmart 5520 series AIO printerNo
Monitor Ink Alerts - HP Photosmart 5520 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Photosmart 5520 series AIO printer on a networkNo
Monitor Ink Alerts - HP Photosmart 6520 seriesUHPStatusBL.dllMonitors ink levels for the HP Photosmart 6520 series AIO printerNo
Monitor Ink Alerts - HP Photosmart 6520 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Photosmart 6520 series AIO printer on a networkNo
Monitor Ink Alerts - HP Photosmart 7510 seriesUHPStatusBL.dllMonitors ink levels for the HP Photosmart 7510 series AIO printerNo
Monitor Ink Alerts - HP Photosmart 7510 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Photosmart 7510 series AIO printer on a networkNo
Monitor Ink Alerts - HP Photosmart 7520 seriesUHPStatusBL.dllMonitors ink levels for the HP Photosmart 7520 series AIO printerNo
Monitor Ink Alerts - HP Photosmart 7520 series (Network)UHPStatusBL.dllMonitors ink levels for the HP Photosmart 7520 series AIO printer on a networkNo
SyBot v2.1 By Sky-DancerXHPSV.exeDetected by Trend Micro as WORM_ZOTOB.INo
susseXhpsw.exeLinkMaker adwareNo
hpsysdrvUhpsysdrv.exeThis item keeps track of how many times the system has been recovered and the times of the first and last recoveries done on the system. Leaving unchecked will sometimes prevent the Keyboard Manager program from detecting that the computer is an HP. Since this program/driver was only made to run on HP, if it can't tell that it is an HP it will not run. If unchecked, it can prevent the running of the Application Recovery CDs, the use of the multimedia keys, and the HP Instant Support. Also seen that without it running, the Riptide Sound card that was installed on some older HP computers stops workingNo
Display SettingsNhptasks.exeAllows for the adjustment of the display for LCD screen, CRT Monitor and TV output on HP computersNo
ToolBoxFXUHPTLBXFX.exeHP ToolBoxFX - "provides desktop configuration, status and support for every feature". Supplied with some HP multifunction printersNo
hptoolsXhptools.exeAdded by a variant of W32/Sdbot.worm. The file is located in %Windir%\MediaNo
HP TV NowUHpTvNow.exeApplication supplied with HP notebooks. It activates the S-Video port and is said to improve the quality of the output signal (resolution/timeouts)No
HP Visualize Init?HpVisIni.exeHP Visualize software related. What does it do and is it required?No
WirelessAssistantUHPWAMain.exeWireless management utility for HP computers that allows the user to enable individual wireless devices (such as Bluetooth or WLAN devices) and shows the state of the radios for those devicesNo
hpWirelessAssistantUHPWAMain.exeWireless management utility for HP computers that allows the user to enable individual wireless devices (such as Bluetooth or WLAN devices) and shows the state of the radios for those devicesNo
loadNHPWHRC.EXELoads the Status Window software for the HP Laserjet printers. Note - this entry loads from the "load=" section of WIN.INI (in %Windir%) on Win9x/Me and the file is located in %Root%\HP_XTRA\REGISTERNo
Win Drivers SSLXhpws.exeDetected by AhnLab as Win32/IRCBot.worm.67098No
Win Drivers SSL32Xhpwsnnsbc.exeDetected by Trend Micro as WORM_SPYBOT.MARNo
HP Software Updater#XHPWuSchd#.exeDetected by Malwarebytes as Worm.Prolaco.Gen - where # represents a digit. The file is located in %System% - see examples here and hereNo
HP software updateNHPWuSchd.exeHP software updates. If a shortcut doesn't exist, create your own and run it manuallyNo
HP software updateNHPWuSchd2.exeHP software updates. If a shortcut doesn't exist, create your own and run it manuallyNo
HPWuSchd2.exeXHPWuSchd2.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.Agent.AI. Note - this is not the legitimate HP software updates file of the same name which loads from HKLM\Run and is typically located in %ProgramFiles%\HP\HP Software Update. This one is located in %AllUsersStartup% and its presence there ensures it runs when Windows startsNo
HP Software UpdateXHPWuSchd3.exeDetected by Intel Security/McAfee as virusgen and by Malwarebytes as Worm.Prolaco.GenNo
HP Software UpdaterXHPWuSchd4.exeDetected by Intel Security/McAfee as Generic.bfr and by Malwarebytes as Worm.Prolaco.GenNo
HP Software Updater v1.1XHPWuSchdb.exeDetected by Sophos as Troj/VB-EUV and by Malwarebytes as Worm.Prolaco.GenNo
HP Software Updater IIXHPWuSchde.exeDetected by Intel Security/McAfee as Generic.dx!tjv and by Malwarebytes as Worm.Prolaco.GenNo
HP Software Updater v1.6XHPWuSchdp.exeDetected by Sophos as Troj/Mdrop-CVT and by Malwarebytes as Worm.Prolaco.GenNo
HP Software Updater v1.2XHPWuSchdq.exeDetected by Sophos as Troj/Agent-OKC and by Malwarebytes as Worm.Prolaco.GenNo
HP Software Updater v2.7XHPWuSchedv.exeDetected by Sophos as W32/AutoRun-BHY and by Malwarebytes as Worm.Prolaco.GenNo
HPZTS04Nhpzts04.exeHewlett Packard printer toolbox shortcut that resides in the system trayNo
HPDJ Taskbar UtilityUhpztsb01.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
Windows UpdateXhpztsb02.exeDetected by Sophos as Troj/Bancd-C. Note - this is not the legitimate HP Deskjet series printer utility with the same filename located in %System%\spool\drivers\w32x86\3. This one is located in %Windir%No
HPDJ Taskbar UtilityUhpztsb02.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsb02Uhpztsb02.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb03.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb04.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsb04Uhpztsb04.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb05.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsb05Uhpztsb05.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb06.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb07.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsb07Uhpztsb07.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb08.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb09.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsb09Uhpztsb09.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb10.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb11.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb12.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HPDJ Taskbar UtilityUhpztsb13.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
hpztsbolUhpztsbol.exeHP System Tray utility which allows diagnostic and maintainance of your HP Deskjet series printerNo
HP DeskjetXHP_DeskJet_500.exeDetected by Sophos as W32/Forbot-DANo
HPLogiFinderUhp_finder.exeHP LogiFinder helps detect and allows the use of the centre button for the Logitech mouse. Can be disabled if not usedNo
HP Remote SolutionUHP_Remote_Solution.exeProvides support for the remote control handset available for some HP computersNo
hp_service.vbsXhp_service.vbsDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HKEYCMDXhqghu.exeDetected by Intel Security/McAfee as W32/Autorun.worm.bc and by Malwarebytes as Worm.AutoRunNo
hqghumeaylnlfUhqghumeaylnlf.exeSuper Optimizer optimization utility by Super PC Tools. Detected by Malwarebytes as PUP.Optional.SuperOptimizer. Note - this entry loads from the Windows Startup folder and the file is located in %CommonAppData%\{GUID}. If bundled with another installer or not installed by choice then remove itNo
hqiecbntXhqiecbnt.exeDetected by Microsoft as Backdoor:Win32/Unskal.C and by Malwarebytes as Trojan.Agent.HQ. Note that there are two entries here - one loading via HKLM\Run with the file located in %System% and the other loading via HKCU\Run with the file located in %UserProfile%No
HQI ServicesXhqisvc32.exeDetected by Sophos as W32/Agobot-RONo
HQI ServicesXhqlsvc32.exeDetected by Sophos as W32/Agobot-RPNo
lk43totfzg33o1fc40bsbxpvXhqoxauaufjga3z1ohggzgu1e.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!zl and by Malwarebytes as Backdoor.Agent.ENo
hqtrayNhqtray.exeVMware Host Network Access Status Tray Application - part of both VMware Player (from version 2.0) and Workstation (until version 6.5) - which allow you to "run multiple operating systems simultaneously on a single PC." It's function is unknown at present and it displays no tray icon as the name suggests. Can be disabled without affecting the operation of either productYes
VMware hqtrayNhqtray.exeVMware Host Network Access Status Tray Application - part of both VMware Player (from version 2.0) and Workstation (until version 6.5) - which allow you to "run multiple operating systems simultaneously on a single PC." It's function is unknown at present and it displays no tray icon as the name suggests. Can be disabled without affecting the operation of either productYes
VMware WorkstationNhqtray.exeVMware Host Network Access Status Tray Application - part of both VMware Player (from version 2.0) and Workstation (until version 6.5) - which allow you to "run multiple operating systems simultaneously on a single PC." It's function is unknown at present and it displays no tray icon as the name suggests. Can be disabled without affecting the operation of either productYes
HRUHr.exeHiddenRecorder periodically takes screenshots of the computer. If you didn't install this yourself remove itNo
HrbVsqerXhrbvsqer.exeDetected by Malwarebytes as Trojan.InfoStealer. The file is located in %LocalAppData%\yojjiqubNo
hrbvsqer.exeXhrbvsqer.exeDetected by Malwarebytes as Trojan.InfoStealer. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Hrn_qtvXhrnsvc32.exeDetected by Sophos as W32/Sdbot-AETNo
SlipStreamYHSClient_core.exeNeopets Accelerator customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
HSF StartXHSF.exeDetected by Dr.Web as Trojan.KeyLogger.11004 and by Malwarebytes as Trojan.Agent.GenNo
Virus-ProductsXHsIdir.exeDetected by Dr.Web as BackDoor.Beizhu.3425 and by Malwarebytes as Backdoor.AgentNo
Hslodrjwjshdkqwg.exeXHslodrjwjshdkqwg.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %AppData%No
HEProtectYHSockPE.exePart of the AntiSpam function of the HAURI ViRobot Desktop internet security suiteNo
HSONUHSON.exeToshiba HotStart button support for instant-on entertainment on their laptopsNo
TOSHIBA Button SupportUHSON.exeToshiba HotStart button support for instant-on entertainment on their laptopsNo
Windows hSox ServerXhSox.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.HONo
hsproXhspro.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!uf and by Malwarebytes as Backdoor.Messa.ENo
XIYLHKXHspvzck.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!wz and by Malwarebytes as Trojan.Agent.RNDNo
HKLMXhss.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%No
PoliciesXhss.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Windir%No
HKCUXhss.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Root%\dir\install\windowsNo
HKCUXhss.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%No
HSSDXhssd.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %ProgramFiles%\hssNo
HSSDXhssd.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %ProgramFiles%\windowsNo
hssd.exeXhssd.exeDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
PoliciesXhssd.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\hssNo
PoliciesXhssd.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\windowsNo
HiSchXHSSearch.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Adware.KraddareNo
hsswdiXhsswd.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.AgentNo
ihsswdXhsswd.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.AgentNo
SYSTEMRECOVERYXhsswd.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.ANDNo
cohostUhstart.exeDetected by Malwarebytes as PUP.BitCoinMiner and associated with Bitcoin. The file is located in %Root%\drivers. If not installed by choice then remove itNo
PowerMgrXhstart.exe PowerMgr.exeDetected by Intel Security/McAfee as Generic.dx!bajkNo
HSTransUhstrans.exeHomescan Internet Transporter - part of ACNielson Homescan. Recognizes when the ACNielsen Homescan Scanner is attached to the computer and allows it to transmit scanner information to ACNielsenNo
MegaPanelUHSTrans.exeHomescan Internet Transporter - part of ACNielson Homescan. Recognizes when the ACNielsen Homescan Scanner is attached to the computer and allows it to transmit scanner information to ACNielsenNo
HsuGuiControl?HsuGuiControl.exePart of the now defunct Starband satellite internet client. What does it do and is it required?No
NotePadXhswdc.exeDetected by Dr.Web as Trojan.Proxy.18457 and by Malwarebytes as Worm.AutoRunNo
hsysUHSYS.EXEKeylogger Express keystroke logger/monitoring program - remove unless you installed it yourself!No
Home Safety EssentialsXHS[random].exeHome Safety Essentials rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.HomeSafetyEssentialsNo
Home Security SolutionsXHS[random].exeHome Security Solutions rogue security software - not recommended, removal instructions hereNo
htcmdXhtcmd.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Backdoor.Agent.DCENo
HTCryptor.exeXHTCryptor.exeDetected by Malwarebytes as Ransom.HiddenTear. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
CryptXHTCryptor.exeDetected by Malwarebytes as Ransom.HiddenTear. The file is located in %UserStartup%No
DORAMIZXhtdschk.exeDetected by Intel Security/McAfee as Generic.tfr!cb and by Malwarebytes as Trojan.Agent.DMNo
Windows UpdateXhtdschk.exeDetected by Malwarebytes as Backdoor.IRCBot. The file is located in %System% - see hereNo
run=Xhtmlsync.exeSearchforfree.info browser hijackerNo
HTpatchUhtpatch.exeHTpatch.exe is part of the SiS AGP patch - BUT unless your processor (and motherboard) supports HyperThreading (HT) and this feature is enabled it will actually SLOW your graphics card by around 6%No
sys_Runtt1Xhtroot.exeDetected by Kaspersky as Trojan-GameThief.Win32.Nilage.fy. The file is located in %System%No
htssv32.exeXhtssv32.exeAdded by a variant of the SDBOT BACKDOOR!No
Internet ExplorerXhttp.exeParty of a potential CoolWebSearch infection and part of a suite of programs that installs a web server, php, ftp server, socks, and mail server on your computer without your knowledge. These files are known to be part of an infection that transmits information about your bank accounts, passwords, and other financial information. Delete immediately, enable your firewall and contact your financial services in order to report the issue and to have your passwords changed. The file is located in %ProgramFiles%\Internet Explorer\shttpsNo
HTTP.sysXhttp.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCNo
Search PageXhttp://find.naupoint.comNaupoint browser hijackerNo
Local PageXhttp://find.naupoint.comNaupoint browser hijackerNo
Start PageXhttp://find.naupoint.comNaupoint browser hijackerNo
First Home PageXhttp://find.naupoint.comNaupoint browser hijackerNo
Default_Page_URLXhttp://find.naupoint.comNaupoint browser hijackerNo
Default_Search_URLXhttp://find.naupoint.comNaupoint browser hijackerNo
https-sslXhttps.exeDetected by Symantec as W32.HLLW.Moega.DNo
afpupdateXHttpSrv.exeDetected by Malwarebytes as Trojan.Agent.CTMen. The file is located in %AppData% - see hereNo
NortonDownloadManagerXHttp_t.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%\WindowsUpdate\WindowsUpdate.exe - see hereNo
Microsoft Security UpdatesXhuafea.exeDetected by Malwarebytes as Trojan.FakeMS.MSIL. The file is located in %AppData%\MicrosoftNo
Huai.exeXHuai.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!tk and by Malwarebytes as Trojan.Backdoor.ZE. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
huanorsuklezXhuanorsuklez.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!vi and by Malwarebytes as Trojan.Agent.USNo
HuAnYcAXHuAnYcA.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %LocalAppData%No
RDSoundXHuawei3g.exeDetected by Sophos as Troj/Luiha-AD and by Malwarebytes as Trojan.AgentNo
RDSoundXHuawei3gConect.exeDetected by Sophos as Troj/Agent-UXN and by Malwarebytes as Trojan.AgentNo
RDSoundXHuaweiDrive.exeDetected by Dr.Web as Trojan.DownLoader4.63519 and by Malwarebytes as Trojan.BankerNo
Log Policy Input Video Connection Network TPXhuazljabrp.exeDetected by Malwarebytes as Trojan.Agent.CLU. The file is located in %AppData%\vzbrdbozpvu - see hereNo
HubHelperUpdate.exeXHubHelperUpdate.exeDetected by Malwarebytes as Adware.KorAd. The file is located in %AppData%\HubHelperNo
GIGABYTE Gamer HUDUHUD.exeGigabyte's Gamer HUD graphics card utility. Primarily used for overclocking to adjust the voltage and working frequency of the GPU, Shader, and video memoryNo
GIGABYTE Gamer HUD LiteUHUD.exeLite version of Gigabyte's Gamer HUD graphics card utility. Primarily used for overclocking to adjust the voltage and working frequency of the GPU, Shader, and video memoryNo
Huelar Services 2.0Xhuelar.exeDetected by Symantec as W32.Heular and by Malwarebytes as Worm.HuelarNo
hufeacebzedyXhufeacebzedy.exeDetected by Sophos as Troj/Cutwail-AJ and by Malwarebytes as Trojan.Agent.USNo
huifitcXhuifitc.exeAdded by the ONLINEGAMES.ABGW trojan. The file is located in %Windir%No
hum.vbs_EMad.vbeXhum.vbs_EMad.vbeDetected by Intel Security/McAfee as RDN/Autorun.worm!dl and by Malwarebytes as Worm.AutoRun.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
humakilxydeqXhumakilxydeq.exeDetected by Malwarebytes as Trojan.Agent.KB. The file is located in %UserProfile% - see hereNo
human.exeXhuman.exeDetected by Kaspersky as Trojan-Dropper.Win32.Agent.akap. Note - the file is located in %AllUsersStartup% and its presence there ensures it runs when Windows startsNo
UwezigXhumom.exeDetected by Sophos as Troj/Multidr-CRNo
hunteremail.exeXhunteremail.exeDetected by Intel Security/McAfee as Generic Downloader.x!ecn and by Malwarebytes as Trojan.BankerNo
huntermails.exeXhuntermails.exeDetected by Intel Security/McAfee as Generic Downloader.x!eop and by Malwarebytes as Trojan.BankerNo
hunvaxeabawyXhunvaxeabawy.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
hupbXGtblaxktVFXhupbXGtblaxktVF.exeDetected by Malwarebytes as Rogue.Agent.SA. The file is located in %CommonAppData% - see hereNo
Handy UpdaterUHUpdater.exeDetected by Malwarebytes as PUP.Optional.HandyUpdater. The file is located in %ProgramFiles%\HandyUpdater. If bundled with another installer or not installed by choice then remove itNo
huvrgscqXhuvrgscq.exeDetected by Intel Security/McAfee as Generic Downloader.x and by Malwarebytes as Trojan.Downloader.BRNo
myhuyXhuy.exeDetected by Sophos as W32/Blaster-CNo
myhuyXhuy2.exeDetected by Sophos as W32/Blaster-LNo
huySosatXhuysosat.exeDetected by Sophos as Troj/Mdrop-RGNo
WinFix serviceXhuzafknd.exeDetected by Kaspersky as Net-Worm.Win32.Kolab.gsv. The file is located in %System%No
huzeaxunyqosXhuzeaxunyqos.exeDetected by Intel Security/McAfee as RDN/Generic.tfr!dr and by Malwarebytes as Trojan.Agent.USNo
HvG9fZmLR.exeXHvG9fZmLR.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!rl and by Malwarebytes as Trojan.Agent.RNSNo
HvidXHvid.exeDetected by Symantec as Trojan.GemaNo
EAYFBMXhvRTcm.exeDetected by Intel Security/McAfee as RDN/Generic.grp!gg and by Malwarebytes as Backdoor.Agent.DCENo
ProfileXhvt489.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!wl and by Malwarebytes as Trojan.Agent.PRFNo
DRam prosessorXHWAPI.exeDetected by Kaspersky as Backdoor.Win32.Rbot.aeu and by Malwarebytes as Trojan.Agent. Note - this is not the McAfee HackerWatch process which has the same filename. The file is located in %System%No
hwdetectXhwdetect.exeDetected by Sophos as Troj/MancSyn-BNo
Hardware DoctorUHwdoctor.exeWinbond Hardware Doctor - as included on some motherboard using Winbond's hardware monitoring chips. Displays fan speeds, voltages, temperatures. Only required if you're concerned about your system temperature - typically for "overclocked" systemsNo
ToolHelpXhwpv.exeAdded by a variant of the INFOSTEALER TROJAN!No
hwsXhws.exeDetected by Sophos as Troj/StartPa-CTNo
HWSetupUHWSetup.exe hwSetUP"Toshiba Hardware Setup is the Toshiba configuration management tool available through Windows." Allows the user to change BIOS, hard disk, memory, boot disk priority and other settingsNo
Hawking HWU54G UtilityUHWU54G.exeWireless management utility for the HWU54G Mini Wireless-G USB Adapter from Hawking Technologies, IncNo
Hawking Wireless UtilityUHWU8DD.exeWireless management utility for the HWU8DD Hi-Gain™ USB Wireless-G Dish Adapter from Hawking Technologies, IncNo
Hardware ProfileXhxdef.exeDetected by Symantec as W32.Lovgate.AB@mmNo
Soft Profile IncXhxdef.exeDetected by Trend Micro as WORM_LOVGATE.ENo
Hardware ProfileXhxdef.exe...Detected by Symantec as W32.Lovgate.Z@mmNo
Soft Profile IncXhxdef.exe...Added by the LOVGATE.AO WORM!No
HXDL.EXEXHXDL.EXEAveo Attune automated helpdesk software - regarded as adwareNo
HXIUL.EXEXHXIUL.EXEAveo Attune automated helpdesk software - regarded as adwareNo
ExplorerXhxpf.exeDetected by Sophos as Troj/Delf-DMZ and by Malwarebytes as Trojan.AgentNo
JAVATEMP279XHYAAOoMv.exeDetected by Intel Security/McAfee as RDN/Generic.dx!dfz and by Malwarebytes as Backdoor.Agent.JVNo
[various names]Xhyandex.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
ATI Technologies Inc. HydraVision Desktop ManagerUHydraDM.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is the HYDRAVISION Desktop Manager - which "customizes the behaviour of windows and dialog boxes, allows you to set up Hotkeys for navigation in multiple display configurations and applies special effects like transparency and shadows to you desktop"Yes
HydraDMUHydraDM.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is the HYDRAVISION Desktop Manager - which "customizes the behaviour of windows and dialog boxes, allows you to set up Hotkeys for navigation in multiple display configurations and applies special effects like transparency and shadows to you desktop"Yes
HydraVisionDesktopManagerUHydraDM.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is the HYDRAVISION Desktop Manager - which "customizes the behaviour of windows and dialog boxes, allows you to set up Hotkeys for navigation in multiple display configurations and applies special effects like transparency and shadows to you desktop"Yes
ATI Technologies Inc. HydraVision ViewportUHydraMD.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is HYDRAVISION MultiDesk - which "creates, organizes and arranges up to nine active multi-monitor desktop combinations and allows you to cycle between them with a mouse." There is an optional System Tray icon or a hotkey can be configured to cycle through the desktopsYes
HydraMDUHydraMD.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is HYDRAVISION MultiDesk - which "creates, organizes and arranges up to nine active multi-monitor desktop combinations and allows you to cycle between them with a mouse." There is an optional System Tray icon or a hotkey can be configured to cycle through the desktopsYes
HydraVisionViewPortUHydraMD.exePart of HYDRAVISION - ATI's software for managing mutliple displays and virtual desktops. This is HYDRAVISION MultiDesk - which "creates, organizes and arranges up to nine active multi-monitor desktop combinations and allows you to cycle between them with a mouse." There is an optional System Tray icon or a hotkey can be configured to cycle through the desktopsYes
Razer Hydra DriverUHydraSysTray.exeRazer Hydra gaming controller driver - required if you use the additional features and programmed keys/macrosNo
larrylarrytmonedsXhyeessosose.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!b2i and by Malwarebytes as Trojan.Agent.MSNo
hyfpyxhutsizXhyfpyxhutsiz.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!g and by Malwarebytes as Trojan.Agent.USNo
Communication PanelXhynzeingafr.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir% - see hereNo
Communications PanelXhynzeingafr.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%No
hrhyrXhyper.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %System%\microsoftNo
yryrhXhyper.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %System%\microsoftNo
Hyperappel du Petit Larousse 2007UHyperappel.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2007 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
Hyperappel du Petit Larousse 2008UHyperappel.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2008 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
Hyperappel du Petit Larousse 2009UHyperappel.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2009 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
Hyperappel du Petit Larousse 2010UHyperappel.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the 2010 version of the "Petit Larousse" French dictionary/encyclopaedia from Larousse PublishersNo
MS Unix BinaryXhypertrm.exeAdded by a variant of Backdoor:Win32/RbotNo
RUNHYPERXhyperx.exeDetected by Symantec as Adware.PurityScan - also see the archived version of Andrew Clover's page. The file is located in %Root%No
Prauge DVDRam Version 2.3AXhypinit32.exeAdded by the BUZUS.POV TROJAN!No
*Prauge DVDRam Version 2.3A*Xhypinit32.exeAdded by the BUZUS.POV TROJAN!No
hzinoXhzino.exeDetected by Intel Security/McAfee as RDN/Generic Proxy!j and by Malwarebytes as Trojan.Banker.ENo

Notes & Warnings

If you can help identify new entries and verify/identify those entries with a "?" status (especially hardware specific - such as laptops and motherboards) then please E-mail us (startups_at_pacs-portal_dot_co_dot_uk).

"Status" key:

Variables:

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. We will not be held responsible if changes you make cause a system failure.

WARNING: This is NOT a list of tasks/processes taken from the Task Manager (CTRL+SHIFT+ESC) "Processes" tab. This displays some startup programs AND other background tasks and "Services". These pages are concerned with startup programs from the common startup locations shown above ONLY. Please do not submit entries collected from this method as they will not be used. For a list of tasks/processes you should try the list at PC Pitstop, the Process Library from Uniblue or one of the many others now available.

Therefore, before ending a task/process via CTRL+SHIFT+ESC just because it has an "X" recommendation, please check whether it's in the registry or common startup locations first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+SHIFT+ESC. If in doubt, don't do anything.

To avoid the database becoming too large, all malware entries are only shown using the registry version which is common to all Windows versions. Otherwise there would be multiple entries for popular filenames that viruses often use - such as "svchost.exe" above for example. Multiple malware can also use the same start-up entries, in this case only those with significant differences (such as file location) are repeated in this database.

As more than 25K entries in this database related to malware you should use a quality internet security package. Which ever you choose, keep it updated and get the latest version at least every two years.

There are a number of virus and malware entries listed in this database where specific removal instructions haven't been given. If this is the case then you could try ComboFix, a program written by sUBs that can remove many different types of Trojans and Worms. See here for a tutorial on how to use the program.

NOTE: A number of entries are repeated due to the way that different operating systems display startup items. For example, WinMe lists "POPROXY.EXE" as "Norton eMail Protect" in both MSCONFIG and the registry whereas WinXP lists it as "Poproxy" in MSCONFIG and "Norton eMail Protect" in the registry.

SERVICES: "Services" from the Windows 8/7/Vista/XP/2K/NT operating systems are not included. We fully understand that some programs with these OS's use "Services" as an alternative to load their component parts at startup but these are handled in a different way. We recommend you try BlackViper for information on services for the relevant operating systems.

Copyright

Presentation, format & comments Copyright © 2001 - 2017 Pacman's Portal
Portions Copyright © Peter Forrest, Denny Denham, Sylvain Prevost, Tony Klein, CastleCops & Bleeping Computer
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home