Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Windows startup programs - Database search

If you're frustrated with the time it takes your Windows 10/8/7/Vista/XP PC to boot and then it seems to be running slowly you may have too many programs running at start-up - and you have come to the right place to identify them. This is the original start-up programs (as opposed to processes/tasks) list - one of the most accurate and comprehensive. Services are not included - see below. For further information on this and how to identify and disable start-up programs please visit the Introduction page.

See here for further information on random entries - which are typically added by viruses and other malware or unwanted programs.

Last database update :- 29th September, 2017
52090 listed

You can search for any of the following terms to find and display entries in the start-up programs database but the minimum search is 3 characters and you must click on the "Search" button. Results are sorted by the Startup Item/Name field.

Alternatively, you can browse the full database (without the search facility) over a number of pages or you can use the alphabetical index below to list the entries for that letter by the Command/Data field, but the results may take longer to appear due to the number of them:

A | B | C | D | E | F | G | H | I | J | K | L | B | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

NOTE: Searching for common words (i.e. "the" or "where") will mean the results take longer to appear due to the number of them.

Please click on the Search button

1650 results found for T

Startup Item or Name Status Command or Data Description Tested
tcomantidialerrunUT-Com Antidialer.exeAntidialer utility from internet provider T-Com which monitors whether you're trying to dial a new connection. It basically asks you do you want to dial the shown number or not. Protects against dialer malwareNo
PostUpdateXt.exeDetected by Malwarebytes as Trojan.Injector.MSIL. The file is located in %AppData%\MicrosoftNo
tXt.exeDetected by Dr.Web as Trojan.DownLoader9.25592 and by Malwarebytes as Trojan.Agent.TNo
Sygate Personal FirewallXt1ktik.exeDetected by Sophos as W32/Rbot-VPNo
micrososotXt2.exeDetected by Dr.Web as Trojan.DownLoader2.45503 and by Malwarebytes as Trojan.AgentNo
t2servXt2serv.exeDetected by McAfee as W32/Stration.drNo
T3ConsoleUT3Console.exeRelated to T3 Security Suite - prevents unauthorized or inappropriate access to your PC and dataNo
WINTASKXt4skgmr.exeAdded by the MYTOB.CM WORM!No
WINTASKXt4skmgr.exeDetected by Sophos as W32/Mytob-AKNo
Taakj2005100XTaakj2005.exeDetected by Dr.Web as Trojan.BtcMine.507 and by Malwarebytes as Trojan.Agent.MNRNo
TabbtnExXTabbtnEx.exeDetected by Sophos as Troj/Agent-ABMG and by Malwarebytes as Trojan.Banker.H. The file is located in %LocalAppData%\AppServerNo
TabbtnExXTabbtnEx.exeDetected by Malwarebytes as Trojan.Banker.H. The file is located in %LocalAppData%\Microsoft\Windows\[numbers]No
tabchoiceXtabchoiceu.exeDetected by Malwarebytes as Adware.Winggo.K. The file is located in %ProgramFiles%\TabChoiceNo
TablacusAppXTablacusApp.exeDetected by Malwarebytes as Trojan.Zbot.Generic. The file is located in %AppData%\TablacusApp - see hereNo
TabletNTablet.exeLoads the drivers for a Wacom Graphics Tablet on older OS's. Can be unchecked in MSConfig without problems if you don't need the tablet functional all the time - create your own shortcut if you need to run it ad hoc. If you forget to run it before running Paint Shop Pro & Adobe Photo Shop you may find the following: (1) Paint Shop Pro (version 7.04) - (a) Browse function will NOT work (program freezes) (b) On program exit, PSP does not terminate (you have to CTRL+ALT+DEL to close it) (2) Photo Shop (version 6.01) - (a) Program functions slowdown (d) On program exit it takes noticeably longer to shut down (like 30-45 seconds)No
Microsoft Text Input ProcessorXTableTextService.exeDetected by Microsoft as TrojanDropper:Win32/Duberath.A. The file is located in %CommonFiles%\SystemNo
Microsoft Text Input ProcessorXTableTextService.exeDetected by Dr.Web as Trojan.DownLoader4.43977. The file is located in %ProgramFiles%\Windows NT\TableTextServiceNo
Tablet TaskXtabletsk32.exeDetected by Sophos as W32/Rbot-AJBNo
tabloc.exeXtabloc.exeDetected by McAfee as RDN/Generic.tfr!dz and by Malwarebytes as Trojan.Agent.TBL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
tabsyncXtabsyncu.exeDetected by McAfee as Generic PUP.x and by Malwarebytes as Adware.Winggo.KNo
TabletTipUtabtip.exeThis is the Tablet PC Input Panel for Windows XP Tablet PC Edition. This utility allows you to use a pen (in conjunction with a touchscreen or tablet) to enter text into a document or input field (such as a URL in a browser) using either handwriting or the on-screen keyboard. This utility is also included with Windows 7 and Vista but only appears to run at startup if using the XP Tablet PC version. This cannot be confirmed at presentNo
TabUserW.exeYTabUserW.exeWacom pen tablet driverNo
Tacawcxlkorxopzk.exeXTacawcxlkorxopzk.exeDetected by Malwarebytes as Trojan.PWS.IRCBot. The file is located in %AppData%No
TAcelMgrUTAcelMgr.exeTOSHIBA Accelerometer Utilities - hardware utilities that work with the motion sensors built into their Tablet PCs. Detect the way you are holding it at any given moment, you can set the machine to perform a specific function when the unit is quickly tilted to the left or right, or to the front or back and you can also take control of the cursor in some applications and make it move by leaning the PC in a certain directionNo
TadNtad.exeFrom Turtle Beach's Santa Cruz on a Dell WinME system. Not required - works fine without it including keyboard hot controls for volume and muteNo
HKEYokXtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
Rundil32Xtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
Rundli32Xtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
sdsrXtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
Rnudll32Xtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
RegexitXtadxtr.exeDetected by Sophos as Troj/QQPass-ONo
Windows TagmsngerXtagmr.exeAdded by the MYTOB-G WORM!No
Tahni DeskmateNTahni.exeTahni Deskmate - "Interactive cartoon character that lives on your Windows desktop"No
LoadFontsXTahoma.vbsHomepage hijacker that changes your homepage to an adult content siteNo
taiakXtaiak.exeAdded by the AUTORUN-BTP WORM!No
MicrosofontsXTaiwanfnt.exeDetected by McAfee as RDN/PWS-Banker!dp and by Malwarebytes as Trojan.Agent.MSFNo
winhlpXtaketoken.exeDetected by Symantec as Backdoor.Ginwui.DNo
takhosts.exeXtakhosts.exeDetected by McAfee as RDN/Generic BackDoor!tx and by Malwarebytes as Backdoor.Agent.E. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
GoogleUpdateXTakisESD.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp%No
Realtek Voice ManageXtakshost.exeDetected by McAfee as RDN/Generic Dropper!tm and by Malwarebytes as Trojan.Agent.MNRNo
Media SDKXtakshost.exeDetected by Malwarebytes as Backdoor.Agent.SDK.Generic. The file is located in %AppData%\msconfNo
Start UppingXtaksmgr.exeAdded by the RBOT-QK WORM!No
WinXPServiceXtaksmgr.exeDetected by Trend Micro as BKDR_KIRSUN.A and by Malwarebytes as Backdoor.Bot. The file is located in %Root%No
WinXPServiceXtaksmgr.exeDetected by Trend Micro as BKDR_KIRSUN.A and by Malwarebytes as Backdoor.Bot. The file is located in %System%No
WinXPServiceXtaksmgr.exeDetected by Microsoft as Backdoor:Win32/Kirsun.A and by Malwarebytes as Backdoor.Bot. The file is located in %Windir%\FontsNo
Windows Service Controller AgentXtaksmgr.exeAdded by a variant of W32.IRCBot. The file is located in %Windir% - see hereNo
Windows UDP Control CenterXtaksmrg.exeDetected by Kaspersky as Trojan.Win32.Agent.woh and by Malwarebytes as Backdoor.Bot. The file is located in %Windir%No
talkXtalk.batDetected by Sophos as W32/Tiotua-GNo
TalkHostXtalkhost.exeDetected by Malwarebytes as Trojan.Downloader.TK. The file is located in %LocalAppData%No
TalkingReminderNTalkingReminder.exeTalking Reminder from Software River Solutions - talking calendar reminderNo
Talk Now!Ntalknow.exeTalk Now (now uTalk) language learning utility by EuroTalk InteractiveNo
OLFMLS4SJ0M7XTALXROU8.exeDetected by McAfee as RDN/Generic Dropper!rp and by Malwarebytes as Backdoor.Agent.RNDNo
tamioXtamio.exeDetected by Malwarebytes as Trojan.Ransom.BL. The file is located in %AppData%No
*TampMon?tampmon.exePart of the Norton Family parental control systemNo
Service aresXtanga.exeDetected by Sophos as Troj/IRCbot-AHO and by Malwarebytes as Trojan.AgentNo
TangoManager?TangoManager.exeTango Broadband access software. Is it required?No
taobetXtaobet.exeAdded by the VB-FGV WORM!No
[foreign characters]XTaoLiSrv.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %System%No
TAPNETXtap.exeDetected by McAfee as PWS-Zbot.gen.aru and by Malwarebytes as Backdoor.Agent.DCNo
TapicfgXTapicfg.exeCoolWebSearch Tapicfg parasite variantNo
Tapicfg.exeXtapicfg.exeMalware installed by different rogue security software including SpyKillerProNo
TapiSysprepXTapiSysprep.exeDetected by Sophos as Troj/Ransom-GUNo
WahlhilfeUTapiTNA.exeTelephony Location Selector allowing mobile users to change dialling locations - part of the Win95 Power ToysNo
TapiUnattendXTapiUnattend.exeDetected by Malwarebytes as Ransom.FileCryptor. The file is located in %AppData%\{GUID}No
GoogleChromeAutoLaunch_[ID]Utaplika.exeDetected by Malwarebytes as PUP.Optional.Taplika. The file is located in %LocalAppData%\Taplika\Application. If bundled with another installer or not installed by choice then remove itNo
Internet Security ServicesXTaquito.exeDetected by Malwarebytes as Worm.AutoRun. The file is located in %Root%\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013No
TardisUTardis.exeTardis - time synchronization softwareNo
Target Manager.exeXTarget Manager.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
HKLMXTarget Manager.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.HMCPol.GenNo
PoliciesXTarget Manager.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.PGenNo
HKCUXTarget Manager.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.HMCPol.GenNo
Wnd32Xtarhost.exeDetected by Dr.Web as Win32.HLLW.Autoruner2.12874 and by Malwarebytes as Worm.AutoRun.WNGenNo
taschost.exeUtaschost.exeDetected by Malwarebytes as PUP.Optional.Clicker. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\MicrosoftExch. If bundled with another installer or not installed by choice then remove itNo
tascmgrUtascmgr.exeDetected by Malwarebytes as PUP.Optional.PCFixer. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\Pccleaner\Pccleaner\background. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
tascmgrUtascmgr.exeDetected by Malwarebytes as PUP.Optional.PCFixer. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\Pcfixer\Pcfixer\background. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
tascmgr.exeXtascmgr.exeDetected by Malwarebytes as Trojan.TechSupportScam. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\MicrosoftExchNo
Taesk managersXtase.pifDetected by Sophos as W32/Rbot-AYKNo
Host Process for Windows TasksXtashost.exeDetected by McAfee as Generic PWS.y and by Malwarebytes as Trojan.KeyLogger.TSNo
Task Scheduler EngineXTask Scheduler Engine .exeDetected by McAfee as Generic Dropper.gqNo
taskeng.exeXTask Scheduler Engine.exeDetected by Malwarebytes as Backdoor.PasswordStealer. The file is located in %UserTemp%No
Task SchedulerXtask scheduler.exeDetected by Microsoft as Trojan:Win32/RevetonNo
SPLASHSCREENSTARTERXTask Service.exeDetected by McAfee as RDN/Generic.dx!cwd and by Malwarebytes as Backdoor.Messa.ENo
Windows BootupXtask-mngr.exeDetected by Sophos as W32/Rbot-AWPNo
igfxtrayXtask.exeDetected by McAfee as Generic.bfr!dgNo
WindowsXtask.exeDetected by Malwarebytes as Trojan.Injector.MSIL. The file is located in %LocalAppData%\UsersNo
taskXtask.exeDetected by Dr.Web as Trojan.Siggen4.26128. The file is located in %Windir%No
taskXtask.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %Windir%\taskNo
AVIXtask.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %Windir%\taskNo
PCXtask.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %System%No
HKLMXtask.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\installNo
HKLMXtask.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\System32No
yahooXtask.exeDetected by Malwarebytes as Spyware.Password. The file is located in %LocalAppData%\Local (10/8/7/Vista) or %UserProfile%\Local Settings (XP)No
PoliciesXtask.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\installNo
HKCUXtask.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\installNo
HKCUXtask.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\System32No
TaskManagerXTask.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
jv16PT - Privacy ProtectorUTask.jvbjv16 PowerTools Privacy Protector - "allows you to protect your privacy by automatically clearing out all the unwanted history items and cookies from you computer, every time you start your computer"No
run32dllXtask32.exeAdded by an unidentified VIRUS, WORM or TROJAN!No
MS taskbar WXtask32w.exeDetected by Trend Micro as WORM_RBOT.CCKNo
task32Xtask32x.exeDetected by Malwarebytes as Trojan.Banker.VB. The file is located in %Windir%No
KasperskyXtask64mlt.exeDetected by Dr.Web as Trojan.PWS.Tibia.2468 and by Malwarebytes as Trojan.PWS.TibiaNo
Auto SwitchUTASKBAR.exeRelated to 2-port Bitronics AutoSwitch kit from BelkinNo
Task BarXTASKBAR.EXEDetected by Trend Micro as WORM_FRETHEM.JNo
TaskbarXTaskbar.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %AppData%\TaskbarNo
TaskbarNTaskbar.exeTaskbar icon for the Redline RegTweak overclocking program as supplied with Sapphire ATI graphics cards. The file is located in %ProgramFiles%\RedLineNo
taskbarXtaskbar.exeDetected by Dr.Web as Trojan.DownLoader6.35426. The file is located in %System%No
Taskbar.exeXTaskbar.exeDetected by Malwarebytes as Trojan.MSIL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
CFOUTaskbar.exeConverter Free Online - which "can help its users to convert their audio/video files to the format that they desire." Detected by Malwarebytes as PUP.Optional.ConverterFreeOnline. The file is located in %ProgramFiles%\Converter Free Online. If bundled with another installer or not installed by choice then remove itNo
Redline TaskbarNTaskbar.exeTaskbar icon for the Redline RegTweak overclocking program as supplied with Sapphire ATI graphics cardsNo
MicrosoftXtaskbar.exeDetected by Malwarebytes as Trojan.Agent.MSGen. The file is located in %System%No
Search BarXtaskbar.exeDetected by Sophos as W32/Opanki-FNo
Taskbar ServiceXtaskbar.svcUnidentified adwareNo
Task BarClient?TaskBarClient.exeResponsible for creating the System Tray icon and associated display system for the now defunct Starband satellite internet clientNo
WOOTASKBARICONNTaskbarIcon.exeWanadoo (which was rebranded as Orange and is now part of EE) broadband ISP taskbar iconNo
Taskbar++NTaskbarPP.exeTaskbar++ is a software that allows you to sort (move) the buttons of the Windows taskbar by Drag & DropNo
MS taskbarXtaskbars.exeDetected by Trend Micro as WORM_RBOT.BRWNo
MS TaskbarsXtaskbars.exeDetected by Sophos as W32/Sdbot-ACVNo
Taskbar ShuffleYtaskbarshuffle.exe"Taskbar Shuffle is a simple, small, free utility that lets you drag and drop your Windows taskbar buttons to rearrange them"No
taskbarshuffleYtaskbarshuffle.exe"Taskbar Shuffle is a simple, small, free utility that lets you drag and drop your Windows taskbar buttons to rearrange them"No
LogTeckXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.49163 and by Malwarebytes as Trojan.Agent.TCAGenNo
ROTECTIONXXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.36469 and by Malwarebytes as Trojan.Agent.TCAGenNo
NNVIDEA MANAGERXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.29615 and by Malwarebytes as Trojan.Agent.TCAGenNo
FILTERXTaskcall.EXEDetected by Malwarebytes as Trojan.Agent.TCAGen. The file is located in %System%No
SKYDMZXTaskcall.EXEDetected by McAfee as RDN/PWS-Banker and by Malwarebytes as Trojan.Agent.TCAGenNo
GerenciadorXTaskcall.EXEDetected by Dr.Web as Trojan.Bankfraud.1053 and by Malwarebytes as Trojan.Agent.TCAGenNo
SYSTEM PROTECTXTaskcall.EXEDetected by McAfee as RDN/Generic Dropper and by Malwarebytes as Trojan.Agent.TCAGenNo
AMDXTaskcall.EXEDetected by McAfee as RDN/Generic Dropper and by Malwarebytes as Trojan.Agent.TCAGenNo
TSBAR AMDXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.2504 and by Malwarebytes as Trojan.Agent.TCAGenNo
TSBAR SMDXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.13218 and by Malwarebytes as Trojan.Agent.TCAGenNo
TSBAX AMDXTaskcall.EXEDetected by Dr.Web as BackDoor.Infector.71 and by Malwarebytes as Trojan.Agent.TCAGenNo
Analizador FragmentosXTaskcall.EXEDetected by Dr.Web as Trojan.DownLoader10.12688 and by Malwarebytes as Trojan.Agent.TCAGenNo
MSNVIEWXTaskcall.exeDetected by McAfee as RDN/Generic Dropper!re and by Malwarebytes as Trojan.Agent.TCAGenNo
taskdirXtaskdir.exeAdded by the ABWIZ.F TROJAN!No
Task managerXtaskemngr.exeDetected by Sophos as W32/Rbot-AGANo
Microsoft Windows Task SchedulerXtaskeng.exeDetected by Malwarebytes as Trojan.MWF.Gen. The file is located in %System%\en-us\enusNo
Task Scheduler EngineXtaskeng.exeDetected by Dr.Web as Trojan.DownLoader10.24272No
HControlUserXtaskeng.exeDetected by Dr.Web as Trojan.Inject1.27492 and by Malwarebytes as Backdoor.Agent.GL. The file is located in %AppData%\MicrosoftNo
TaskengXtaskeng.exeDetected by Malwarebytes as Backdoor.Agent.DCEGen. The file is located in %System%\MSDCSCNo
taskeng.exeXtaskeng.exeDetected by Kaspersky as Trojan-Dropper.MSIL.Agent.qpm. The file is located in %AppData%\MicrosoftNo
taskeng.exeXtaskeng.exeDetected by Dr.Web as Trojan.DownLoader4.38221. The file is located in %System%No
taskeng.exeXtaskeng.exeDetected by McAfee as Generic Dropper. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
MicrosoftUpdateXtaskeng.exeDetected by Kaspersky as Trojan.Win32.Buzus.brrj and by Malwarebytes as Trojan.Agent.MUGen. The file is located in %AppData%No
Windows Update SystemXtaskeng.exeDetected by Trend Micro as WORM_IRCBOT.MC and by Malwarebytes as Trojan.Agent.WUGenNo
Firefox UpdaterXtaskeng.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\MozillaNo
systemXtaskeng.exeDetected by McAfee as Generic DropperNo
taskeng.exeXtaskeng.exe.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %LocalAppData%No
ULEADVIDEOXtaskengine.exeDetected by McAfee as RDN/Spybot.bfr!h and by Malwarebytes as Trojan.Agent.MNRNo
DefaultXtaskengine.exeDetected by Malwarebytes as Trojan.BitcoinMiner. The file is located in %AppData%\drCkkNo
DefaultXtaskengine.exeDetected by Malwarebytes as Trojan.BitMiner. The file is located in %AppData%\uqfzpNo
Policies32 ODBCXtaskengine.exeDetected by McAfee as RDN/Generic.tfr and by Malwarebytes as Trojan.Agent.MNRNo
ComputerXtaskengine.exeDetected by Dr.Web as Trojan.DownLoader10.50449 and by Malwarebytes as Trojan.Agent.MNRNo
NotepadXtaskengine.exeDetected by Dr.Web as Trojan.DownLoader10.53782 and by Malwarebytes as Trojan.Agent.MNRNo
[5 letters]Xtaskengine.exeDetected by Malwarebytes as Trojan.Agent.MNRGen. The file is located in %AppData%\[5 letters]No
JavaXtaskengine.exeDetected by Malwarebytes as Trojan.MSIL.Gen. The file is located in %AppData%\yujEtNo
Microsoft Desktop ManagerXtaskengine.exeDetected by Dr.Web as Trojan.DownLoader9.54256No
UPDATEXtaskengine.exeDetected by McAfee as RDN/Generic.tfr!dh and by Malwarebytes as Trojan.Agent.MNRNo
taskengnXtaskengn.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %System%\taskengnNo
taskengnXtaskengnc.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %System%\taskengnNo
syscleanXtaskenv.exeDetected by McAfee as Generic.grp!mq and by Malwarebytes as Trojan.AgentNo
TaskXtasker.exeDetected by Symantec as W32.Mydoom.R@mmNo
Tasksubr32XTasker32.exeDetected by McAfee as RDN/Generic.bfr!fi and by Malwarebytes as Backdoor.Agent.WDWGenNo
Tarefas do WindowsXtaskexec.exeDetected by Sophos as Troj/Agent-LSDNo
WINTASKXtaskfile.exeAdded by the MYTOB.EF WORM!No
WINTASKXtaskgamr.exeAdded by the MYTOB.AU WORM!No
WINTASKXtaskgm.exeDetected by Sophos as W32/Mytob-AONo
WINMGRXtaskgmgr.exeAdded by the MYTOB.AN WORM!No
WINTASKXtaskgmr.exeDetected by Symantec as W32.Mytob.I@mmNo
Windows ShellXtaskgmr.exeDetected by ESET as Win32/Mytob.BVNo
WINTASKMANAGERXtaskgmr.exeDetected by Sophos as W32/Mytob-AFNo
WINTASKSXtaskgmr.exeAdded by the MYTOB.BO WORM!No
Windows Task ManagerXtaskgmr.exeAdded by the MYTOB.BJ WORM!No
SVCHOSTXtaskgmr.exeDetected by Symantec as W32.Mytob.F@mm and by Malwarebytes as Backdoor.Bot.ENo
WINRUNXtaskgmr.exeDetected by Sophos as W32/Mytob-BX and by Malwarebytes as Worm.MytobNo
WINTASKXtaskgmr32.exeDetected by Symantec as W32.Mytob.BU@mm and by Malwarebytes as Worm.MytobNo
WINTASK32Xtaskgmr32.exeDetected by Symantec as W32.Mytob.BN@mmNo
WINRUNXtaskgmr32.exeDetected by Symantec as W32.Mytob.AP@mm and by Malwarebytes as Worm.MytobNo
WINTASK32Xtaskgmrr.exeAdded by the MYTOB.FX WORM!No
WINTASKXtaskgmrs.exeAdded by the MYTOB.DH WORM!No
WINDRUNXtaskgmrs.exeDetected by Sophos as W32/Mytob-BTNo
IntelDriverXtaskhelp.exeDetected by Dr.Web as Trojan.DownLoader10.42864 and by Malwarebytes as Trojan.Downloader.THNo
BeeCryptXtaskhost.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %UserTemp%No
WindowsXTaskhost.exeDetected by Malwarebytes as Backdoor.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Processo de Host para Tarefas do Windows" sub-folderNo
Windows UpdateXtaskhost.exeDetected by Malwarebytes as Backdoor.Messa.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
Win32XTaskhost.exeDetected by Malwarebytes as Backdoor.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Processo de Host para Tarefas do Windows" sub-folderNo
JavauptaderXtaskhost.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in an "install" sub-folderNo
BLABLAXtaskhost.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.Agent.ABL. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %CommonAppData%No
GrooveMonitorXtaskhost.exeDetected by Malwarebytes as Trojan.Banker. Note - this is not a legitimate MS Office Groove utility entry and is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\MediaNo
AvgntXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\Microsoft - see hereNo
Windows Task HostXtaskhost.exeDetected by Sophos as W32/AutoRun-BML and by Malwarebytes as Worm.AutoRun.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
ChromeXtaskhost.exeDetected by Malwarebytes as Worm.Ainslot. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\WindowsNo
Windows Task ManagerXtaskhost.exeDetected by McAfee as Generic.dx!ukw and by Malwarebytes as Backdoor.IRCBot. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
{GUID}Xtaskhost.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %LocalAppData%No
aaWZ7TjBQ5640pXtaskhost.exeDetected by Dr.Web as Trojan.Packed.25565 and by Malwarebytes as Trojan.AgentNo
RealtekSoundXtaskhost.exeDetected by McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.Agent.DCE. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Temp%No
MicroUpdateXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.DCGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %UserTemp%\WindowsNo
Intel(R) Common User WindownsXtaskhost.exeDetected by Malwarebytes as Trojan.Agent.IUW. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\systemNo
PolXtaskhost.exeDetected by Malwarebytes as Backdoor.SpyNet. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Root%\dir\System\WinNo
Intel(R) Common User WindowsXtaskhost.exeDetected by Malwarebytes as Trojan.Dropper.MSIL. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\systemNo
flashXtaskhost.exeDetected by Sophos as Troj/VB-IJP and by Malwarebytes as Trojan.Agent.RND. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\Microsoft\InvoiceNo
HKLMXtaskhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Windowns" sub-folderNo
HKLMXtaskhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\InstallDirNo
chrome.exeXtaskhost.exeDetected by McAfee as RDN/Generic PWS.bfr!e and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in the "drivers" sub-folderNo
Host Process for Windows TasksXtaskhost.exeDetected by Sophos as W32/Bredo-AI and by Malwarebytes as Worm.Ainslot. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%No
Security EssentialXTaskhost.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.PDLNo
TaskhostXtaskhost.exeDetected by Dr.Web as BackDoor.Butirat.91 and by Malwarebytes as Backdoor.Bot. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
taskhostXtaskhost.exeDetected by McAfee as Generic.tfr!d and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\Microsoft\System\ServicesNo
WinXtaskhost.exeDetected by Malwarebytes as Backdoor.Messa.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
TaskhostXTaskhost.exeDetected by McAfee as RDN/Generic Dropper!sj and by Malwarebytes as Trojan.Agent.AI. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %CommonAppData%\TaskhostNo
taskhostXtaskhost.exeDetected by Malwarebytes as Trojan.Agent.TSK.Generic. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %UserTemp%\Windows\programsNo
taskhost.exeXtaskhost.exeDetected by Malwarebytes as Trojan.Agent.Generic. Note - the file is located in %AllUsersStartUp% and its presence there ensures it runs when Windows starts and is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%No
taskhost.exeXtaskhost.exeDetected by Dr.Web as BackDoor.Poison.16195 and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %LocalAppData%No
taskhost.exeXtaskhost.exeDetected by McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.Agent.TSK. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %MyDocument%\WindowsNo
taskhost.exeXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.TSK. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %MyDocuments%\Znr0dfW5tm1H\TASKHOST - see hereNo
taskhost32Xtaskhost.exeDetected by Kaspersky as Trojan.Win32.Autoit.ahy and by Malwarebytes as Backdoor.Messa.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
AvirntXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\Microsoft - see hereNo
PoliciesXtaskhost.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in an "install" sub-folderNo
PoliciesXTaskhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Processo de Host para Tarefas do Windows" sub-folderNo
PoliciesXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Windowns" sub-folderNo
PoliciesXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\FontsNo
PoliciesXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\Microsoft - see hereNo
Microsoft RemoteXtaskhost.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\Microsoft\ConfigNo
ChromeUpdaterXtaskhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\FontsNo
%WinTemp%\taskhost.exeXtaskhost.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %WinTemp%No
ExploreruptadeXtaskhost.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in an "install" sub-folderNo
Rundll32Xtaskhost.exeDetected by Malwarebytes as Backdoor.Bot. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
WinStartXtaskhost.exeDetected by Dr.Web as Trojan.DownLoader23.31759 and by Malwarebytes as Trojan.Agent.E. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %LocalAppData%\Microsoft WindowsNo
HKCUXtaskhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in a "Windowns" sub-folderNo
HKCUXtaskhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Windir%\InstallDirNo
SynTPEnhXtaskhost.exeDetected by McAfee as RDN/Generic.tfr!dz and by Malwarebytes as Trojan.Clicker. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\MicrosoftNo
Microsoft System UpdateXtaskhost.exeDetected by McAfee as Generic Dropper.ags and by Malwarebytes as Trojan.Agent.AI. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %LocalAppData%\Mozilla TaskhostNo
Microsoft System UpdateXtaskhost.exeDetected by Dr.Web as Trojan.KillProc.26625 and by Malwarebytes as Trojan.Downloader. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %LocalAppData%\Mozilla ThunderbirdNo
skypeXtaskhost.exeDetected by Malwarebytes as Trojan.Injector.CRP. Note - this is not a legitimate entry for the popular Skype VOIP software and also it is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located %Windir%\skypeNo
WindowsStartXtaskhost.exeDetected by Malwarebytes as Trojan.Agent.KS. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%\Microsoft - see hereNo
WindowsStartXtaskhost.exeDetected by Malwarebytes as Trojan.Agent.KS. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %Temp%\Microsoft - see hereNo
HandlerRequiredXtaskhost.exeDetected by Dr.Web as Trojan.DownLoader10.43197 and by Malwarebytes as Trojan.Downloader.Gen. Note - this is not the legitimate Windows 10/8/7 process which has the same filename and is always located in %System%. This one is located in %AppData%No
taskhost.exe -startUtaskhost.exe -startDetected by Malwarebytes as PUP.Optional.TaskHost. Note - this is not the Windows 10/8/7 process which has the same filename and is always located in %System%, this one is located in %UserTemp%. If bundled with another installer or not installed by choice then remove itNo
ShellXTaskhost.exe,explorer.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Messa.E. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "Taskhost.exe" (which is located in %AppData%\MasterKey)No
ShellXtaskhost.exe,explorer.exeDetected by McAfee as Generic.dx and by Malwarebytes as Backdoor.Agent.RND. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "taskhost.exe" (which is located in %AppData%\Microsoft.NET)No
taskhost.exeXtaskhost.exe.exeDetected by McAfee as Downloader.a!dcf and by Malwarebytes as Backdoor.Agent.TSK. The file is located in %AppData%No
taskhost.exeXtaskhost.exe.exeDetected by Dr.Web as Trojan.MulDrop4.32783 and by Malwarebytes as Backdoor.Agent.TSK. The file is located in %Root%\System32No
Task ProcessXtaskhost.exe.lnkDetected by McAfee as RDN/Generic.dx!dbq and by Malwarebytes as Backdoor.Agent.ENo
taskhost.vbsXtaskhost.vbsDetected by Malwarebytes as Trojan.Agent.Script. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ContainerXtaskhost32.exeDetected by Dr.Web as Trojan.AVKill.18125 and by Malwarebytes as Trojan.Agent.AVKNo
MyServerXTaskhost32.exeDetected by Malwarebytes as Trojan.Agent.INJ. The file is located in %LocalAppData%\SbmsftwVpNo
MyServerXTaskhost32.exeDetected by McAfee as RDN/Generic.bfr!fl and by Malwarebytes as Backdoor.Agent.WDWGen. The file is located in %LocalAppData%\WindwUpdateNo
qlchrXtaskhost32.exeDetected by Malwarebytes as Trojan.Agent.MLBGen. The file is located in %AppData%\Microsoft\[3 letters] - see examples here and hereNo
Microsoft .NET FrameworkXtaskhost32.exeDetected by Dr.Web as Trojan.Siggen3.61467No
AppWupdateXtaskhoster.exeDetected by Malwarebytes as Trojan.PasswordStealer. The file is located in %AppData%\InstallNo
Hostproces voor Windows-takenXtaskhostex.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %CommonAppData%No
8747H94NNBMUROOEBMMXtaskhostn.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.PDLNo
IconCacheONXtaskhostpjg.comDetected by Malwarebytes as Trojan.SelfDelete.E. The file is located in %AppData%No
KlassXtaskhosts.exeDetected by Dr.Web as Trojan.DownLoader12.20897 and by Malwarebytes as Trojan.Agent.KLGenNo
TaskhostXTaskhosts.exeDetected by Dr.Web as Trojan.DownLoader10.44709. The file is located in %CommonAppData%\TaskhostNo
taskhostsXtaskhosts.exeDetected by Malwarebytes as Trojan.Agent.TSKGen. The file is located in %AppData%\taskhosts - see hereNo
taskhostsXtaskhosts.exeDetected by Dr.Web as Trojan.DownLoader4.11854 and by Malwarebytes as Trojan.Agent.TSKGen. The file is located in %AppData%\Windows\Files\Updates\filesNo
taskhostsXtaskhosts.exeDetected by Dr.Web as Trojan.DownLoader6.30120 and by Malwarebytes as Trojan.Agent.TSKGen. The file is located in %LocalAppData%\PluginsNo
TaskhostsXtaskhosts.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.TSK. The file is located in %Root%\Win\SystemNo
taskhostsXtaskhosts.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Root%\WinSoft\WRInfo\Contents\PerfLogs\Documentation\Sample\ClosedNo
TaskHostsXtaskhosts.exeDetected by Malwarebytes as Backdoor.Agent.DCRSAGen. The file is located in %Windir%\taskhosts - see hereNo
TaskhostshelperXTaskhosts.exeDetected by Dr.Web as Trojan.MulDrop5.331No
HKPMBVolumeWatcherXtaskhosts.exeDetected by Dr.Web as Trojan.MulDrop3.10724 and by Malwarebytes as Trojan.AgentNo
systemuiXtaskhostsys.exeDetected by Dr.Web as Trojan.DownLoader10.5731 and by Malwarebytes as Trojan.Downloader.GenNo
ntdriverXtaskhostsys.exeDetected by Malwarebytes as Trojan.Agent.HLNGen. The file is located in %AppData%\Microsoft\SysWOW_amd64 - see hereNo
Host Process for Windows TasksXtaskhostw.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\SystemNo
MicrosoftXtaskhot.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %AppData%\MicrosoftNo
taskhotepXtaskhotep.exeDetected by McAfee as RDN/Generic Dropper!vi and by Malwarebytes as Password.Stealer.ENo
Office2000_appXTaskies.ExeDetected by Dr.Web as Trojan.MulDrop5.7244 and by Malwarebytes as Trojan.DownloaderNo
sysmsnXtaskimg.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %System%No
taskmrg.exeXtaskimg.exeDetected by Sophos as Troj/Dloader-QZ and by Malwarebytes as Trojan.BankerNo
CentralProcessorXtaskimgr.exeDetected by Symantec as Infostealer.Bancos.JNo
WallPaperXtaskimgr.exeDetected by Sophos as Troj/Banker-GXNo
TaskingServiceXtasking .exeDetected by Dr.Web as Trojan.Siggen3.4306No
UShellXtaskinit.exeDetected by Sophos as Troj/Ransom-EXNo
kernel44.dllXtaskkill /f /fi "PID ge 0" /im *Added by the VBS.LIDO WORM!No
gpresult.exeXtaskkill.exeDetected by Malwarebytes as Trojan.Agent.GPGen. The file is located in %AppData%\FreeFileSyncNo
Erorr ReportingXtaskkost.exeDetected by McAfee as RDN/Generic Dropper and by Malwarebytes as Backdoor.Messa.ENo
Malware Protection UtliityXtasklist.exeDetected by McAfee as RDN/Generic.bfr!fh and by Malwarebytes as Backdoor.Agent.ENo
TasklistXtasklist.exeDetected by McAfee as Generic.dx. The file is located in %AppData%No
TasklistXtasklist.exeDetected by Malwarebytes as Trojan.TDref.Gen. The file is located in %Windir%No
Keyzel ServiceXtasklist.exeDetected by Malwarebytes as Backdoor.IRCBot.Gen. The file is located in %Windir%No
TaskListXtasklist32.exeDetected by Sophos as Troj/Bancos-DX and by Malwarebytes as Trojan.BankerNo
Keyzel ServiceXtasklist32.exeDetected by McAfee as RDN/PWS-Banker!da and by Malwarebytes as Backdoor.IRCBot.GenNo
TaskListXtasklists32.exeDetected by Dr.Web as Trojan.DownLoader4.28774No
tasklistWin32XtasklistWin32.exeDetected by Dr.Web as Trojan.DownLoader6.38759 and by Malwarebytes as Trojan.AgentNo
Windows pack Control CenterXtaskmam.exeDetected by Sophos as Troj/Tometa-JNo
ShellXtaskmam.exeDetected by Sophos as Troj/Bancban-OL and by Malwarebytes as Backdoor.Agent.SHLNo
TASKMANXTASKMAN-.exeDetected by Kaspersky as Trojan-Downloader.Win32.Banload.bej. The file is located in %Windir%No
System Update2Xtaskman.exeDetected by Sophos as Troj/Autotroj-CNo
Task ManagerXtaskman.exeDetected by Sophos as W32/Forbot-TNo
System3264Xtaskman.exeDetected by Malwarebytes as Backdoor.Masasa. The file is located in %LocalAppData%\SYSTEM 1No
taskmanXtaskman.exeAdded by the SILLYFDC.BBB WORM!No
taskman.exeXtaskman.exeDetected by Malwarebytes as Trojan.Agent.TSKGen. The file is located in %AppData%\[folder]No
Task Manager SettingsXtaskman32.exeDetected by Trend Micro as WORM_RBOT.ALMNo
Win Drivers SSLXTASKMAN4.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
Microsoft Update MachineXTASKMAN4.EXEDetected by Malwarebytes as Backdoor.Bot. The file is located in %System%No
NAVXTaskManager.exeAdded by the SYGINRE TROJAN!No
Windows UpdateXtaskmanager.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
Task ManagerXTaskManager.ExeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
SysResXTASKMANAGER.exeDetected by Symantec as W32.Elitper.A@mmNo
(Default)Xtaskmanager.exeDetected by Malwarebytes as Trojan.GamesThief. Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %AppData%No
TaskManagerXTaskManager.exeDetected by Malwarebytes as Trojan.Agent.SV. The file is located in %LocalAppData%\JkAlabriaNo
taskmanagerXtaskmanager.exeDetected by Sophos as W32/Agobot-TF. The file is located in %System%No
svcXtaskmanager.exeDetected by McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.Agent.SVCNo
ivHostXtaskManager.exeAdded by a variant of the SPYBOT WORM! See hereNo
taskmgrXtaskmanager.exeDetected by Sophos as Troj/Bckdr-QHTNo
Microsoft Windows Task ManagerXtaskmanagr.exeDetected by Trend Micro as WORM_SDBOT.CM and by Malwarebytes as Trojan.MWF.GenNo
taskmandb.exeXtaskmandb.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %UserTemp%No
taskmangerXtaskmanger.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
Task managerXtaskmangr.exeDetected by Sophos as W32/Spybot-CHNo
Microsoft Update 32XtaskMangr.exeDetected by Kaspersky as Backdoor.Win32.Rbot.aie and by Malwarebytes as Backdoor.Bot. The file is located in %System%No
DatBassXTaskMask.exeDetected by Dr.Web as Trojan.DownLoader11.23436 and by Malwarebytes as Backdoor.Agent.WDWGenNo
taskmgraXtaskmde.youtube.superpop.http.www.youtube.comDetected by McAfee as Generic.bfr!y and by Malwarebytes as Trojan.BankerNo
Mirsoft sdcEXtaskmegr.exeDetected by Sophos as W32/Rbot-AWYNo
Task managebrkbXtaskmg.exeAdded by a variant of the SPYBOT WORM! See hereNo
ctmonXtaskmg.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.AutoitNo
Windows Task ManagerXtaskmg.exeBrowser hijacker - identified by DrWeb antivirus as "Trojan.StartPage.601"No
MicroUpdateXtaskmg.exeDetected by Malwarebytes as Backdoor.Agent.DCEGen. The file is located in %MyDocuments%\MSDCSCNo
Adobe ReaderXtaskmg.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.AgentNo
cftmonXtaskmg.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.AgentNo
SvchostXtaskmg.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Bot.ENo
taskmgXtaskmg.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Root% - see hereNo
taskmgXtaskmg.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%No
taskmgbXtaskmgb.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %System%No
Winsock2 driverXtaskmger.exeDetected by Trend Micro as WORM_SPYBOT.GEN and by Malwarebytes as Backdoor.BotNo
MSEXtaskmger.exeDetected by McAfee as RDN/Generic Dropper!tt and by Malwarebytes as Trojan.Agent.SMENo
taskmggXtaskmgg.exeDetected by Malwarebytes as Trojan.Agent.RRUN. The file is located in %AppData%\SkypeNo
Windows Task ManagerXtaskmgn.exeDetected by Sophos as Troj/Agent-CIP and by Malwarebytes as Trojan.AgentNo
cftmon32Xtaskmgr#.exeDetected by Symantec as W32.Sowsat.C@mm - where # represents a digitNo
TasmgrXTaskmgr.batAdded by the YPSAN.G WORM!No
taskmanagerXtaskmgr.comDetected by Symantec as W32.HLLW.BerebNo
REALSXtaskmgr.exeDetected by McAfee as RDN/Generic.bfr!h and by Malwarebytes as Trojan.Agent.TMGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\MicrosoftNo
Secgut SystemXtaskmgr.exeDetected by Dr.Web as Trojan.MulDrop4.49028 and by Malwarebytes as Trojan.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserProfile%No
NETCERXtaskmgr.exeDetected by McAfee as RDN/Generic.bfr!h and by Malwarebytes as Trojan.Agent.TMGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\MicrosoftNo
Google UpdateXtaskmgr.exeDetected by McAfee as Generic.bfr!dq and by Malwarebytes as Backdoor.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %ProgramFiles%\Google Update\Google UpdateNo
Microsft managrXtaskmgr.exeDetected by Dr.Web as Adware.Qucp.6 and by Malwarebytes as Trojan.Agent.ENo
programaXtaskmgr.exeDetected by Dr.Web as Trojan.MulDrop5.4118 and by Malwarebytes as Trojan.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%No
Intel(R) 3.0 USBMonitorXtaskmgr.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%No
WinAuthXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "Microsoft" sub-folderNo
Windows Task ManagerXtaskmgr.exeDetected by Malwarebytes as Trojan.Downloader. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserTemp%No
HKLMXtaskmgr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\install\installNo
HKLMXtaskmgr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\Windows Task ManagerNo
ValueNameXtaskmgr.exeDetected by Dr.Web as Trojan.DownLoader11.28794 and by Malwarebytes as Trojan.Downloader. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserTemp%No
Configuracion Del SistemaXtaskmgr.exeDetected by Sophos as Troj/Agent-SWD and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%No
Security ManagerXtaskmgr.exeDetected by McAfee as RDN/FakeAV-M.bfr and by Malwarebytes as Trojan.Agent.TSK. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AllUsersProfile%No
KasperSky EndPoint MonitorXtaskmgr.exeDetected by Dr.Web as Trojan.Siggen5.55067 and by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserProfile%\AppData\Roaming\MicrosoftNo
(INTEL-R)MICROSOFTC++Xtaskmgr.exeDetected by McAfee as RDN/Generic BackDoor!bbn and by Malwarebytes as Backdoor.XTRat.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\MicrosoftNo
(INTEL-R)MICROSOFTCUPADATEXtaskmgr.exeDetected by McAfee as RDN/Generic BackDoor!bbn and by Malwarebytes as Backdoor.XTRat.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\MicrosoftNo
(INTEL-R)MICROSOFTMUNITORXtaskmgr.exeDetected by McAfee as RDN/Generic BackDoor!bbn and by Malwarebytes as Backdoor.XTRat.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\MicrosoftNo
PoliciesXtaskmgr.exeDetected by McAfee as Generic.bfr!dq and by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %ProgramFiles%\Google Update\Google UpdateNo
PoliciesXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\install\installNo
PoliciesXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\Windows Task ManagerNo
redeXtaskmgr.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %System%\WindowsNo
PoliciesXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "Microsoft" sub-folderNo
PoliciesXtaskmgr.exeDetected by McAfee as Generic.dx!bdtb and by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\taskmgrNo
JavaMachRXtaskmgr.exeDetected by Dr.Web as Trojan.Hosts.28548 and by Malwarebytes as Trojan.Agent.JV. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %CommonDocuments%No
MSEXtaskmgr.exeDetected by Dr.Web as Trojan.DownLoader5.54207 and by Malwarebytes as Trojan.Agent.SME. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Temp%No
Gerenciador de Tarefas do WindowsXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%No
windows updatXtaskmgr.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\Real TekNo
windows updat45Xtaskmgr.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\www.google.comNo
Microsoft SecurityXTaskmgr.exeDetected by Malwarebytes as Trojan.Sombra. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\MicrosoftNo
HKCUXtaskmgr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\install\installNo
HKCUXtaskmgr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Root%\Windows Task ManagerNo
HKCUXtaskmgr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "Microsoft" sub-folderNo
MicrosoftXtaskmgr.exeDetected by Sophos as Troj/Agent-VUT and by Malwarebytes as Trojan.Agent.E.Generic. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserTemp%No
Windows Service ManagerXtaskmgr.exeDetected by Kaspersky as the IAMBIGBROTHER.91 TROJAN! Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "fonts\svc" sub-folderNo
MqurbXtaskmgr.exeDetected by Malwarebytes as Trojan.Downloader. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%No
CriticalProcessesXtaskmgr.exeDetected by McAfee as RDN/Generic PWS.y and by Malwarebytes as Backdoor.Agent.IMN. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\CriticalProcesses\Win32No
SkypeXtaskmgr.exeDetected by Malwarebytes as Backdoor.Bot. Note - this is not a legitimate entry for the popular Skype VOIP software and also it is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%No
SkypeXtaskmgr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "Microsoft" sub-folderNo
skypeXtaskmgr.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %System%\WindowsNo
Windows Dump ErrorXtaskmgr.exeDetected by Sophos as W32/Palevo-X and by Malwarebytes as Worm.Palevo. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%No
adobeXtaskmgr.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.ADB. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%No
TaskMgrXtaskmgr.exeDetected by Dr.Web as Trojan.DownLoader6.51056. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\MicrosoftNo
taskmgrXtaskmgr.exeDetected by McAfee as RDN/Generic.bfr!l and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\taskmgrNo
TaskmgrXTaskmgr.exeSystem1060 homepage hi-jacker. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in a "1060" sub-folderNo
taskmgrXtaskmgr.exeDetected by McAfee as Generic.bfr!cp. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\taskmgrNo
taskmgrXtaskmgr.exeDetected by Symantec as Trojan.StartPage.G. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\systemNo
taskmgrXtaskmgr.exeDetected by McAfee as Generic.dx!bdtb. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\taskmgrNo
taskmgr.exeXtaskmgr.exeDetected by Sophos as W32/Ainslot-AK and by Malwarebytes as Trojan.FkTech. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %AppData%\WindowsNo
taskmgr.exeXtaskmgr.exeDetected by Dr.Web as Trojan.DownLoader6.64429 and by Malwarebytes as Trojan.Agent.TSK. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %ProgramFiles%\JavaNo
taskmgr.exeNtaskmgr.exeWindows Task Manager. If run from the Windows Startup folder, the tray icon will be put to the system tray after boot. Useful to check if delayed services are running after bootNo
taskmgr.exeXtaskmgr.exeDetected by Dr.Web as Trojan.MulDrop3.37564 and by Malwarebytes as Trojan.Backdoor.VB. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %System%\krsrNo
taskmgr.exeXtaskmgr.exeDetected by Dr.Web as Trojan.Siggen5.55067 and by Malwarebytes as Backdoor.Agent.E. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
taskmgr2Xtaskmgr.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the legitimate taskmgr.exe process which is always located in %System%. This one is located in %Windir%\www.google.comNo
Microsoft System ServiceXtaskmgr1.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %System% - see hereNo
MACROMEDIAFLASHUPDATESERVICEXtaskmgr16.exeDetected by McAfee as RDN/Spybot.bfr!d and by Malwarebytes as Backdoor.AgentNo
Task managerXtaskmgr2.exeDetected by Sophos as W32/Rbot-GVDNo
ctfmon32Xtaskmgr32*.exe [* = digit]Detected by Trend Micro as WORM_SOWSAT.CNo
ctfmonXtaskmgr32*.exe [* = digit]Detected by Symantec as W32.Sowsat.B@mmNo
Microsoft UpdateXtaskmgr32.exeDetected by Sophos as W32/Rbot-CV and by Malwarebytes as Backdoor.BotNo
Windows Service AgentXtaskmgr32.exeDetected by Sophos as W32/Rbot-GMN and by Malwarebytes as Backdoor.BotNo
WINRUNXTASKMGR32.exeDetected by Trend Micro as WORM_MYTOB.AXNo
Microsoft Task32 ProtocolXtaskmgr32.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
TaskmgrDllXTaskmgrDll.exeDetected by Malwarebytes as Backdoor.Agent.TSKGen. The file is located in %AppData%No
CCleaner.exeXtaskmgre.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %UserTemp%No
Service Registry NT SaveXtaskmgrnt.exeDetected by Sophos as Troj/Bancos-BYNo
TaskS managerXtaskmgrs.exeDetected by Trend Micro as WORM_AGOBOT.QUNo
Windows ManagerXtaskmgrs.exeAdded by the SILLYFDC.BBZ WORM!No
Adobe Flash Player InstallerXtaskmgrse.exeDetected by McAfee as RDN/Generic.bfr!fs and by Malwarebytes as Trojan.Agent.FLPNo
TaskmgrTrayXTaskmgrTray.exeDetected by Malwarebytes as Backdoor.Agent.TSKGen. The file is located in %AppData%No
TASKMGRUXTASKMGRU.EXEDetected by Sophos as Troj/CWS-MNo
taskmgsXtaskmgs.exeDetected by Malwarebytes as Trojan.FiviGen. The file is located in %AppData%No
Task serviceXtaskmgs.exeDetected by Trend Micro as WORM_RBOT.CCPNo
Microsoft Task Messenger ConfigXtaskmgsr.exeDetected by Sophos as W32/SdBot-JKNo
SvchostXtaskmmgr.EXEDetected by Sophos as W32/Autorun-F and by Malwarebytes as Backdoor.Bot.ENo
TasKmgrXtaskmmgr.EXEDetected by Sophos as W32/Autorun-FNo
Microsoft sddcE ContolXtaskmn.exeAdded by the RBOT-BJZ WORM!No
Microsoft sddcE ContolXtaskmnegr.exeAdded by the RBOT-AUM WORM!No
Microsoft sdDDE ControlXtaskmnegr.exeAdded by the RBOT-AVU WORM!No
WindowsDriversXtaskmng.exeDetected by Kaspersky as Trojan.Hosts.26418. The file is located in %System%No
Microsoft Windows Tasks ManagementXtaskmng.exeDetected by Sophos as W32/Rbot-FXK and by Malwarebytes as Trojan.MWF.GenNo
Task ManagerXtaskmng.exeDetected by Sophos as Troj/Tiotua-E and by Malwarebytes as Trojan.AgentNo
AdslTaskBarsXtaskmng.exeDetected by Sophos as W32/Rbot-AXZNo
Task ManagerXtaskmnger.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
taskmngrXtaskmngr.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %System%No
taskmngrXtaskmngr.exeDetected by Malwarebytes as Trojan.Agent.TSK. The file is located in %Windir%No
WindowsXtaskmngr.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
taskmngr lptt01Xtaskmngr.exeRapidBlaster variant (in a "taskmngr" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
taskmngr ml097eXtaskmngr.exeRapidBlaster variant (in a "taskmngr" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
taskmngr.exeXtaskmngr.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.4691 and by Malwarebytes as Worm.AutoRunNo
Windows modez VerifierXtaskmngr.exeAdded by a variant of Backdoor:Win32/RbotNo
[random]Xtaskmngr.exeDetected by Sophos as W32/Agobot-CBNo
Task ManagerXtaskmngr.exeDetected by Trend Micro as WORM_RBOT.Y and by Malwarebytes as Trojan.Agent. The file is located in %System%No
Task ManagerXtaskmngr.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %UserTemp%No
Windows Task ManagerXtaskmngr.exeDetected by Sophos as W32/Rbot-ANM and by Malwarebytes as Trojan.AgentNo
Win32 NT Adv ServicesXtaskmngr.exeDetected by Sophos as W32/Rbot-ADE and by Malwarebytes as Trojan.AgentNo
Windows TaskmanagerXtaskmngr.exeDetected by Dr.Web as BackDoor.Bifrost.27618 and by Malwarebytes as Trojan.AgentNo
VITAL BOOT PROCESSXtaskmngr.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
OperaXtaskmngr.exeDetected by McAfee as Generic PWS.xy and by Malwarebytes as Backdoor.AgentNo
Task Manager Win32Xtaskmngr32.exeDetected by Sophos as Troj/Ranck-EXNo
MICROSFT MX UPDATE SUPPORTXtaskmngrs.exeDetected by Sophos as W32/Rbot-AUZNo
Microsoft Update MachineXtaskmngrs.exeDetected by Sophos as W32/Rbot-CR and by Malwarebytes as Backdoor.BotNo
VITAL BOOT PROCESSXtaskmnsgr.exeDetected by Sophos as W32/Rbot-VYNo
TaskSysStartBBXTASKMOAN.EXEDetected by Kaspersky as Email-Worm.Win32.Batzback.j and by Malwarebytes as Trojan.Agent.E. The file is located in %Windir%No
TaskMonXtaskmon.exeDetected by Symantec as W32.Mydoom.A@mm. Note - this is not the legitimate Win98/Me file of the same name which is located in %Windir% as this one is located in %System%. It is not normally found on a WinXP or later systemNo
TaskMonitorUtaskmon.exeThe Task Monitor checks the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful. Note: for Norton Anti-Virus 2002 users, loading TaskMonitor will typically solve many, if not most, of those annoying IE scripting errors (per Symantec's Knowledgebase)No
System Update2Xtaskmon.exeDetected by Sophos as Troj/Autotroj-C. Note - this is not the legitimate Win98/Me file of the same name which is located in %Windir% as this one is located in %System%. It is not normally found on a WinXP systemNo
Job-oversigtUtaskmon.exeTask Monitor (on Danish language versions of Windows) - checks the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful. Note: for Norton Anti-Virus 2002 users, loading TaskMonitor will typically solve many, if not most, of those annoying IE scripting errors (per Symantec's Knowledgebase)No
TaakcontroleUtaskmon.exeTask Monitor (on Dutch language versions of Windows) - checks the disk-access patterns of programs when they are started and stores this information in log files in the Applog folder. Task Monitor also records the number of times you use a program. The Disk Defragmenter tool uses this information to optimize your hard disk so that programs that you use frequently are loaded faster. Not required - but can be useful. Note: for Norton Anti-Virus 2002 users, loading TaskMonitor will typically solve many, if not most, of those annoying IE scripting errors (per Symantec's Knowledgebase)No
taskmoneXtaskmone.exeDetected by Sophos as Troj/Singu-SNo
File SystemXtaskmqr.exeDetected by Trend Micro as WORM_RBOT.BWQNo
File SystemXtaskmqrs.exeAdded by a variant of the TOXBOT WORM!No
Windows UpdateXtaskmr.exeDetected by Sophos as W32/Mytob-GZNo
TAKSMGNXtaskmr.exeDetected by Sophos as W32/Rbot-AHSNo
Auto WinUpdateXtaskmrg.exeDetected by Sophos as W32/Rbot-AFA and by Malwarebytes as Trojan.DownloaderNo
taskmrgXtaskmrg.exeDetected by Sophos as Troj/Banker-BZZ and by Malwarebytes as Trojan.DownloaderNo
task managerXtaskmrg.exeDetected by Trend Micro as WORM_SDBOT.CCD and by Malwarebytes as Trojan.DownloaderNo
Start UppingXtaskmrg.exeDetected by Sophos as W32/Rbot-MA and by Malwarebytes as Trojan.DownloaderNo
Task Manager for PluginsXtaskmrg.exeDetected by Malwarebytes as Trojan.Agent.TKM. The file is located in %Windir%No
Windows Task ManagerXtaskmrg.exeDetected by Symantec as W32.Mytob.AV@mm and by Malwarebytes as Trojan.DownloaderNo
Microsoft Configuration WizardXtaskmrg.exeDetected by Sophos as Troj/Sdbot-BMX and by Malwarebytes as Trojan.DownloaderNo
Windows TaskmagerXtaskmrg.exeDetected by Symantec as Trojan.Dropper and by Malwarebytes as Trojan.Downloader. The file is located in %System%No
Z8GamesXTaskmrg.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\Root_32No
PoliciesXTaskmrg.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\Root_32No
ShellXtaskmrg.exeDetected by Sophos as Troj/Bancban-FT and by Malwarebytes as Backdoor.Agent.SHLNo
System Task ManagerXtaskmrg.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %System%No
HKLMXtaskmrr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Root%\directory\CyberGate\wordexpresNo
PoliciesXtaskmrr.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Root%\directory\CyberGate\wordexpresNo
HKCUXtaskmrr.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Root%\directory\CyberGate\wordexpresNo
candynetXTaskmsg.exeDetected by Sophos as W32/Rbot-NANo
taskmsgrXtaskmsgr.exeDetected by Malwarebytes as Spyware.KeyLogger. The file is located in %System%\WINDOWSYSNo
MyMyXTaskMy.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.WDWGenNo
[name].exeXtasknetwork.exeDetected by Dr.Web as Trojan.DownLoader7.28571No
taskngrXtaskngr.exeDetected by McAfee as RDN/Generic Dropper and by Malwarebytes as Backdoor.Agent.DCE. The file is located in %AppData%No
taskngrXtaskngr.exeDetected by Dr.Web as Trojan.DownLoader10.11750 and by Malwarebytes as Backdoor.Agent.DCE. The file is located in %AppData%\taskngrNo
Windows UpdateXtaskngr.exeDetected by Malwarebytes as Backdoor.IRCBot. The file is located in %CommonFiles%\SystemNo
taskngrXtaskngr.exeDetected by Dr.Web as Trojan.DownLoader6.10424 and by Malwarebytes as Backdoor.Agent.DCE. The file is located in %LocalAppData%No
taskngrXtaskngr.exeDetected by Sophos as Troj/Bancos-AWX and by Malwarebytes as Backdoor.LuminosityLink. The file is located in %System%No
taskngrXtaskngr.exeDetected by Malwarebytes as Backdoor.Agent.DCE. The file is located in %WinTemp%No
taskngr.exeXtaskngr.exeDetected by Malwarebytes as Backdoor.LuminosityLink. The file is located in %System% - see hereNo
taskngr.exeXtaskngr.exeDetected by Dr.Web as Trojan.DownLoader10.10942 and by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Windows TaskmanagerXtaskngr.exeAdded by a variant of the IRCBOT BACKDOOR!No
MSNXtaskngr.exeAdded by a variant of the IRCBOT BACKDOOR! See hereNo
taskopen.exeXtaskopen.exeAdded by the HIDD.C TROJAN!No
E6TaskPanelNTaskPanl.exeEarthlink Task Panel - part of Earthlink TotalAccess 2003 internet access software. Quick access to internet, E-mail and web-spaceNo
Ashampoo WinOptimizer Platinum Suite 2 TaskPlanerUTaskPlaner.exePart of Ashampoo® WinOptimizer Platinum Suite 2 tweaking suite. The Taskplaner automates this system optimization according to the user defined schedule and gives System Tray access to the main programNo
TaskPlusNTASKPLUS0.EXETask and calendar management software available as freeware or as a "Professional" version for sharing over a LANNo
TaskPlusNTASKPL~1.EXETask and calendar management software available as freeware or as a "Professional" version for sharing over a LANNo
taskrundllXtaskrundll.exeDetected by Dr.Web as Trojan.DownLoader11.29019 and by Malwarebytes as Trojan.Agent.ENo
TaskSchedulerUTaskSch.exeScheduler for Intuit ProSeries tax softwareNo
ProTaskSchedulerUTaskSch.exeScheduler for Intuit ProSeries tax softwareNo
taskschdXtaskschd.exeDetected by McAfee as RDN/Downloader.a!re and by Malwarebytes as Trojan.Agent.TKNo
HKLMXtasksearchh.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
PoliciesXtasksearchh.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Windir%\installNo
HKCUXtasksearchh.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
TaskServ.exeXTaskServ.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %AppData%No
task serviceXtaskservices.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
HDWallPaperUTaskSetter.exeDetected by Malwarebytes as PUP.Optional.HDWallPaper. The file is located in %ProgramFiles%\HDWallPaper. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
TASK SETUPXtasksetup.exeDetected by Sophos as W32/Rbot-YRNo
Tasksgr?Xtasksgr.exeDetected by McAfee as RDN/Generic.dx!crt and by Malwarebytes as Backdoor.Agent.JVNo
taskshell.exeXtaskshell.exeDetected by Dr.Web as Trojan.DownLoader7.6647 and by Malwarebytes as Trojan.VBLoggerNo
Windows Registry ManagerXtasksmanagers.exeAdded by the MYTOB.ER WORM!No
tasksmgr.exeXtasksmgr.exeDetected by McAfee as Generic Downloader.x!edjNo
tasksrvc.exeXtasksrvc.exeDetected by Malwarebytes as Trojan.Agent.Gen. The file is located in %UserTemp% - see hereNo
taskswitchUtaskswitch.exeALT+TAB replacement Powertoy for Windows XP - enhances the graphics displayed when you want to switch between programs running full-screenNo
CoolSwitchUtaskswitch.exeALT+TAB replacement Powertoy for Windows XP - enhances the graphics displayed when you want to switch between programs running full-screenNo
BONZI Task SwitcherXTaskswitch.exeDetected by Trend Micro as WORM_SPYBOT.DTRNo
TaskSwitchXPUTaskSwitchXP.exe"TaskSwitchXP from NTWind Software. Advanced task management utility that picks up where the standard Windows Alt Tab switcher leaves off. It provides the same functionality, and adds visual styles to the dialog and also enhances it by displaying thumbnail preview of the application that will be switched to"No
Windows Task Service (32-bits)Xtasksys.exeDetected by Trend Micro as WORM_DREFIR.DNo
Taskbar SystemXtasksys.exeAdded by a variant of W32/Sdbot.wormNo
Windows Taskbar SystemXtasksys.exeAdded by a variant of the SDBOT BACKDOOR!No
tasksysXtasksys.vbsDetected by Symantec as VBS.Bryon@mmNo
WinSysStartUpWKbLwXTaskSystemDll.ExeDetected by Symantec as W32.HLLW.Backzat.GNo
Task CatcherUtasktrap.exeReal-time monitor for Task Catcher from BillP Studios - which "allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. Task Catcher will block unwanted programs from running and restart your favorite programs if they are disabled or crash". If the program isn't registered the monitor will initially load and then close at start-up. If registered it will continue to run and optional System Tray access will also be availableNo
Task Catcher MonitorUtasktrap.exeReal-time monitor for Task Catcher from BillP Studios - which "allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. Task Catcher will block unwanted programs from running and restart your favorite programs if they are disabled or crash". If the program isn't registered the monitor will initially load and then close at start-up. If registered it will continue to run and optional System Tray access will also be availableYes
Task Catcher Real-Time DetectorUtasktrap.exeReal-time monitor for Task Catcher from BillP Studios - which "allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. Task Catcher will block unwanted programs from running and restart your favorite programs if they are disabled or crash". If the program isn't registered the monitor will initially load and then close at start-up. If registered it will continue to run and optional System Tray access will also be availableNo
tasktrapUtasktrap.exeReal-time monitor for Task Catcher from BillP Studios - which "allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. Task Catcher will block unwanted programs from running and restart your favorite programs if they are disabled or crash". If the program isn't registered the monitor will initially load and then close at start-up. If registered it will continue to run and optional System Tray access will also be availableYes
TaskTrayXTaskTray.exeTask scheduler for the DriverDoc driver update utility by Driver-Soft - which "is designed to quickly locate the latest drivers specific to your PC through its access to an extensive database of 16,000,000+ drivers." Not recommended as multiple anti-virus scanners have detected possible malware in related products, see here and here. The file is located in %ProgramFiles%\DriverDoc\DriverDocNo
TaskTrayXTaskTray.exeTask scheduler for the Driver Genius driver update utility by Driver-Soft - which "improves PC performance with the powerful driver manager for Windows that backs up, restores, and updates your device drivers automatically with just a few clicks of your mouse. Driver Genius, updates the drivers of your system can't find on its own." Not recommended as multiple anti-virus scanners have detected possible malware, see here and here. The file is located in %ProgramFiles%\Driver-Soft\DriverGeniusNo
TaskTrayXTaskTray.exeTask scheduler for the Hardware Helper driver update utility by Driver-Soft - which "locates updates for your devices automatically, backs up your drivers for quick reinstall, and automatically notifies you when new updates are released for your drivers, bringing true convenience to keeping your devices up-to-date." Not recommended as multiple anti-virus scanners have detected possible malware, see here. The file is located in %ProgramFiles%\Driver-Soft\HardwareHelperNo
All Sea screen saverXTaskTray.exeFree screensaver, installs lots of foistware - remove itNo
taskung.exeXtaskung.exeDetected by Dr.Web as Trojan.PWS.Siggen.40456 and by Malwarebytes as Worm.AutoRun. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ConfigXTaskUpdate.exeDetected by Sophos as Troj/Mdrop-BRONo
Windows TaskmanagerXtaskxphost.exeDetected by Microsoft as Worm:Win32/Pushbot.BINo
Iolo Task AgentUTask_Agent.exePart of an older version of the iolo's System Mechanic or System Mechanic Professional utility suitesNo
tasmgrXtasmgr.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %ProgramFiles%\Internet ExplorerNo
Windows Task ManagerXtasmgr.exeDetected by Malwarebytes as Trojan.Autoit. The file is located in %AppData%No
WinXPServiceXtasmgr.exeDetected by Microsoft as Backdoor:Win32/Kirsun.A and by Malwarebytes as Backdoor.Bot. The file is located in %System%No
tasmoxomotasXtasmoxomotas.exeDetected by McAfee as RDN/Generic Downloader.x!lw and by Malwarebytes as Trojan.Agent.USNo
tasskXtassk.exeDetected by Malwarebytes as Trojan.Injector. The file is located in %UserStartup%\helpNo
DESKTOP2Xtassk2.exeDetected by McAfee as RDN/PWS-Banker!da and by Malwarebytes as Trojan.Banker.DSNo
tasskhost.exeXtasskhost.exeDetected by Malwarebytes as Trojan.Dropper.TSK. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
tasskillXtasskill.exeDetected by Dr.Web as Trojan.MulDrop5.3989 and by Malwarebytes as Trojan.Agent.TSKNo
tasthost.exeXtasthost.exeDetected by McAfee as RDN/BackDoor-CEP!bu and by Malwarebytes as Backdoor.Agent.DCENo
tastylbojoztXtastylbojozt.exeDetected by Malwarebytes as Trojan.Gen. The file is located in %UserProfile%No
taswexuahoftXtaswexuahoft.exeDetected by Malwarebytes as Adware.Agent. The file is located in %UserProfile% - see hereNo
tasworudbuotXtasworudbuot.exeDetected by McAfee as RDN/Generic Dropper!vd and by Malwarebytes as Trojan.Agent.USNo
ttaaXtata.exeDetected by Sophos as Troj/Lineage-TNo
tatXtatss.exeDelfin PromulGate adwareNo
TAudEffectUTAudEff.exeTOSHIBA Notebook related - provides additional functions and features for the on-board audioNo
Tau monitorYTaumon.exe"Tauscan is a powerful Trojan Horse detection and removal engine capable of catching every known type of backdoor that can threaten your system." Now discontinuedNo
tauoceyXtauocey.exeDetected by McAfee as VBObfus.b and by Malwarebytes as Trojan.AgentNo
tavaXtavo.exeDetected by Bitdefender as Trojan.Crypt.DE and by Malwarebytes as Spyware.OnlineGamesNo
Trend Micro AntiVirus 2007Ytavui.exePart of Trend Micro AntiVirus 2007No
officeXtawisys.iniDetected by Dr.Web as Trojan.Hitpop.4296. Note - this entry loads from the Windows Startup folder and the file is located in %Windir%No
Taxie InformationXtaxie.exeAdded by the SDBOT.BIB WORM!No
TaxiSystem.exeXTaxiSystem.exeDetected by McAfee as PWS-Banker!gzm and by Malwarebytes as Trojan.AgentNo
aldefr ere serviceXtay0x.exeDetected by Sophos as W32/Rbot-XSNo
blah serviceXtazkmgr.exeDetected by Trend Micro as WORM_RBOT.UANo
TazTaz!!XTazz.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.37485 and by Malwarebytes as Worm.AutoRun.ENo
Total Anti Malware ProtectionXTA[random].exeTotal Anti Malware Protection rogue security software - not recommended, removal instructions hereNo
TLogonPathUtb2logon.exeTimbuktu Pro - remote desktop access softwareNo
TB2PROEXEUtb2start.exeTimbuktu Pro - remote desktop access softwareNo
tbbMeterUtbbmeter.exetbbMeter - bandwidth meter developed by thinkbroadband.com "to help you monitor your Internet usage. It allows you to see how much your computer is sending to and receiving from the Internet in real time. It also shows you how your Internet usage varies at different times of the day"Yes
REMOVE MEXtbbzxzxcxxcx.exeDetected by Sophos as W32/Sdbot-TANo
TBC.exeUTBC.exeTitleBarClock Pro - displays Day, Time, Date, Month, Year, FreeMem, and FreeDriveSpace on the right side of the title bar in any main window that has the mouse or keyboard focusNo
msnmsgXTBC.exeAdded by an unidentified TROJAN!No
TBC ProUtbcpro.exeTitleBarClock Pro - displays Day, Time, Date, Month, Year, FreeMem, and FreeDriveSpace on the right side of the title bar in any main window that has the mouse or keyboard focusNo
tbctrayNtbctray.exeProvides quick access via a System Tray icon to the control panel for Turtle Beach's Santa Cruz or VideoLogic's SonicFury soundcards. Available via Start → Settings → Control PanelNo
TraySantaCruzNtbctray.exeProvides quick access via a System Tray icon to the control panel for Turtle Beach's Santa Cruz or VideoLogic's SonicFury soundcards. Available via Start → Settings → Control PanelNo
nsildinvXtbgfjdinv.exeDetected by McAfee as RDN/Generic.dx!dgf and by Malwarebytes as Trojan.Agent.ENo
HDhelp?tbhdhelp.exeAssociated with Philips Edge series soundcards. What does it do and is it required?No
tbiXtbi.exeDetected by McAfee as RDN/Downloader.a!mr and by Malwarebytes as Backdoor.Agent.BITNo
dgt5Xtbimqabx.exeDetected by Malwarebytes as Trojan.VBAgent. The file is located in %System%No
tblfuncYtblmouse.exeAiptek (Waltop) graphics tablet driverNo
tblmouseYtblmouse.exeWaltop/Aiptek graphics tablet driverNo
Taskbar Button ManagerYtbm.exeTaskbar Button Manager from Innovative Solutions - "is a simple utility that helps you arrange the buttons on your Windows taskbar in any way you want by using drag and drop"No
tbmYtbm.exeTaskbar Button Manager from Innovative Solutions - "is a simple utility that helps you arrange the buttons on your Windows taskbar in any way you want by using drag and drop"No
Textbridge Instant Access OCRNTBMenu.exePart of the now discontinued TextBridge OCR (optical character recognition) software from Nuance (was Scansoft) - for scanning documents into popular editing applications. Available via Start → ProgramsNo
Network Associates Error Reporting ServiceUTBMon.exeNetwork Associates Error Reporting Tool - tool traps errors and requests submission to NAI for the purpose of betatesting new softwareNo
TURBONOTENtbnote.exeTurboNote developed by WebCentre Ltd - Post-It's on your desktopNo
TBNotifierUTBNotifier.exeUpdater for the main Ask Toolbar - which is also installed by members of the Ask Partner Network. Detected by Malwarebytes as PUP.Optional.APNToolBar.Gen. The file is located in %ProgramFiles%\AskPartnerNetwork\Toolbar\Updater. If bundled with another installer or not installed by choice then remove itYes
ApnTBMonUTBNotifier.exeUpdater for the main Ask Toolbar - which is also installed by members of the Ask Partner Network. Detected by Malwarebytes as PUP.Optional.APNToolBar.Gen. The file is located in %ProgramFiles%\AskPartnerNetwork\Toolbar\Updater. If bundled with another installer or not installed by choice then remove itYes
Ask TBNotifierUTBNotifier.exeUpdater for the main Ask Toolbar - which is also installed by members of the Ask Partner Network. Detected by Malwarebytes as PUP.Optional.APNToolBar.Gen. The file is located in %ProgramFiles%\AskPartnerNetwork\Toolbar\Updater. If bundled with another installer or not installed by choice then remove itYes
tbonXtbon.exeBestOffers adwareNo
TBPanelUTBPanel.exeConfiguration utility for Palit Microsystems (and their Gainward subsidiary) graphics cards. Not required unless you use non-default settings. Available via Start → Settings → Control PanelNo
GainwardUTBPanel.exeConfiguration utility for Gainward (a Palit Microsystems subsidiary) graphics cards. Not required unless you use non-default settings. Available via Start → Settings → Control PanelNo
TBPSXTBPS.exeWebSearch Toolbar - HuntBar hijacker, toolbar installer variantNo
avs updaterXtbsnm.exeDetected by McAfee as RDN/Generic Downloader.xNo
MSTaskbar 32Xtbsvc32.exeDetected by Trend Micro as WORM_RBOT.BQZNo
TB-TrayNtbtray.exeVLSI/QSound ThunderBird PCI Control Panel. System Tray access to the settings for this and related soundcards. Available via Control PanelNo
Uninstall_TBPSXTBuninst.exeWebSearch Toolbar - HuntBar hijacker, toolbar installer variantNo
Bayswap2UTbUpdate.exeHot-swappable drive management on Compaq Notebooks which allows you to swap drives without closing down Windows. Only required if you frequently swap bay devicesNo
TB_setup?TB_ANI~1.EXETrackBack Adware. The file is located in %Temp%No
TB_setupXtb_setup.exeHuntBar hijacker, toolbar installerNo
TimeCalendarUtc.exeTimeCalendar digital plannerNo
tcactiveYtca.exePart of The Cleaner from MooSoft - stops malware before it can do any damageNo
TCASUTIEXENTCASUTI.exeAssociated with the 3COM diagnostic module (3COM NIC Doctor). No further information is availableNo
TCASUTIEXENTCAUDIAG -off3Com NIC Installation/Diagnostic MFC application. Diagnostics may be run from the Start → ProgramsNo
TCASUTIEXENTCAUDIAG.exe -on3Com NIC Installation/Diagnostic MFC application. Diagnostics may be run from the Start → ProgramsNo
SlipStreamYtccore.exeProvide.Net Turbo Connect customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
TCDPbtn?TCDPbtn.exeFound on a Toshiba laptop. The file is located in %System%. Related to the DVD/CD player?No
TCDPlay?TCDPlay.drvFound on a Toshiba laptop. The file is located in %System%. Driver for the DVD/CD player?No
Trojancheck 6 GuardUtcguard.exeTrojanCheck anti-trojan softwareNo
Provide.Net Turbo ConnectYtcgui.exeProvide.Net Turbo Connect customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
tciocp64Xtciocp64.exeDetected by Trend Micro as BKDR_HUPIGON.CFVNo
tcjavacplXtcjavacpl.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\Java\jre1.6.0_07\binNo
tclmwbXtclmwb.exeDetected by McAfee as RDN/Generic.bfr!fj and by Malwarebytes as Trojan.Agent.ENo
TClockUTCLOCK.EXEKazubon TClock. Utility that amongst other things synchronizes your system clock with Internet time servers. Available via Start → ProgramsNo
TClockExUTCLOCKEX.EXETClockEx by Dale Nurden - "enhances the standard Windows taskbar clock, adding the ability to display the date, time and lots of other information in any format you like. TClockEx is highly customizable, from the format to the font and colour, and even the tooltip information. Many people have wondered why this wasn't built into the standard clock to begin with"No
TClock.exeXtclock_install.exeTClock - distributed and installed without user permission by other rogue software or malware. TClock contains no uninstall facility through Windows. As TClock is of dubious origin and usefulness, it should be terminated and removed if detectedNo
tcmonitorYtcm.exePart of The Cleaner from MooSoft - warns of changes to the registryNo
TCOYFReminderUtcoyftray.exeMy ParenTime Fertility Planner Reminder. The calendar provides a quick overview of the status of your fertilityNo
Adobe Update SystemXtcp.exeAdded by an unidentified VIRUS, WORM or TROJAN! See hereNo
tcp checkerXtcpcheck.exeDetected by Sophos as Troj/Vbbot-ANo
tcpipmonXtcpipmon.exeDetected by Sophos as Troj/Clicker-EFNo
tcpippuiXtcpippui.exeDetected by Sophos as W32/Rbot-APSNo
tcpippui32Xtcpippui32.exeDetected by Sophos as W32/Rbot-ARTNo
tcpipsvc.exeXtcpipsvc.exeDetected by Sophos as W32/Agobot-PGNo
Winsock driverXtcpmngr.exeDetected by Sophos as W32/Spybot-CKNo
TCPServerXTCPServer.exeAdded by a variant of W32/Sdbot.wormNo
Adware.AdmessXtcpservice2.exeAdmess adwareNo
Run Services as ApplicationXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Services AdministratorXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Spooler SubSystem ApplicationXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Windows .Net ManagerXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Windows Web ServicesXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Windows Local ServicesXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Tcp Application ManagerXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
Windows Service ManagerXtcpsvc.exeDetected by Sophos as Troj/Dloader-NYNo
TCP Internet ServicesXTCPSVC32.EXEDetected by Trend Micro as BKDR_SPYBOT.XNo
TCPXP UpdateXtcpxp.exeDetected by Sophos as W32/Rbot-ULNo
00TCrdMainYTCrdMain.exeRelated to the flash card slot on a Toshiba laptop. Ending this process will disable access to the flash cardsNo
TOSHIBA Flash CardsYTCrdMain.exeRelated to the flash card slot on a Toshiba laptop. Ending this process will disable access to the flash cardsNo
Adv_TopCXTCSearch.exeDetected by Dr.Web as Trojan.DownLoader7.18341 and by Malwarebytes as Adware.K.AdvTopNo
TCtrlIOHookUTCtrlIOHook.exeTOSHIBA Control Utility Hotkey Hook - hotkey configuration process unique to Toshiba laptops. Required if you want the hotkeys to work properlyNo
TCtrlIOHook.exeUTCtrlIOHook.exeTOSHIBA Control Utility Hotkey Hook - hotkey configuration process unique to Toshiba laptops. Required if you want the hotkeys to work properlyNo
TCtryIOHookUTCtrlIOHook.exeTOSHIBA Control Utility Hotkey Hook - hotkey configuration process unique to Toshiba laptops. Required if you want the hotkeys to work properlyNo
tcupdaterXtcupdater.exeTopconverting.com/180Search adware updaterNo
Windows UpdateXTcuz2.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %UserStartup%No
Tcuz2.exeXTcuz2.exeDetected by Malwarebytes as Trojan.MSIL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
IEDriverXTD.exeIeDriver adware variantNo
TD813SNIA02O.exeXTD813SNIA02O.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %UserProfile%No
TDAlertUTDAlert.exePart of Trust Delete from EgisTec Inc - which "is a remote data deletion software to protect your confidential data and prevent them from falling into the wrong hands when your PC is stolen or missing"Yes
TRUST DELETEUTDAlert.exePart of Trust Delete from EgisTec Inc - which "is a remote data deletion software to protect your confidential data and prevent them from falling into the wrong hands when your PC is stolen or missing"Yes
TrustDelete AlertUTDAlert.exePart of Trust Delete from EgisTec Inc - which "is a remote data deletion software to protect your confidential data and prevent them from falling into the wrong hands when your PC is stolen or missing"Yes
Internet SecurityXtdefender.exeDetected by Malwarebytes as Trojan.Fakealert. The file is located in %CommonAppData%No
WinDirectoriesXtdirs.exeDetected by Sophos as W32/VB-EPBNo
TDispVolUTDispVol.exeUsed on Toshiba computers to make the Fn key have control over the volume on/offNo
TDKSTARTUTDKSTART.EXESets the spindown timeout and access speeds at startup and displays a splash screen for CD-RWNo
TDKTASKNTDKTASK.EXETaskbar utility for a "control panel" for a CD-RWNo
TDS3YTDS-3.exeDiamondCS TDS-3 antitrojan. Can be used to scan on demand, but required in startup if you prefer real time protection. No longer availableNo
TDspOff?Tdspoff.exeFound on a Toshiba laptop. The file is located in %System%No
Tracks EraserUte.exeTracks Eraser from Acesoft - "Erases all tracks of your internet activity"No
Tracks Eraser ProUte.exeTracks Eraser Pro from Acesoft - "Erases all tracks of your internet activity"No
MJXte32.exeAdded by the AGENT.HAA TROJANNo
bs_ealxXtealth.exeDetected by Dr.Web as Trojan.DownLoader10.20432 and by Malwarebytes as Trojan.Agent.ENo
team viewer.vbsXteam viewer.vbsDetected by Malwarebytes as Spyware.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
WGAAXteam.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %System%No
teamciXteamci.exeDetected by Dr.Web as Trojan.DownLoader8.46912 and by Malwarebytes as Trojan.Agent.TCNo
MicrosoftXTeamspeak.exeDetected by Malwarebytes as Trojan.Agent.E.Generic. The file is located in %AppData%\TS3ClientNo
tvXTeamViewer.exeDetected by Malwarebytes as Trojan.Crypt. The file is located in %AppData%\tvNo
SteamXTeamviewer.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not a valid entry for either the Steam game distribution software or TeamViewer remote support tool. The file is located in %MyDocuments%\ServicesNo
MILFKDEKAJGMOAGXTeamViewer.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.Agent.WDA. Note - this is not a valid entry for the TeamViewer remote support tool and the file is located in %Temp%No
teamviewerXteamviewer.exeDetected by Malwarebytes as Backdoor.Agent.E. Note - this is not a valid entry for the TeamViewer remote support tool and the file is located in %AppData%\Install - see hereNo
TeamViewer ServiceXteamviewer.exeDetected by Malwarebytes as Trojan.Crypt. Note - this is not a valid entry for the TeamViewer remote support tool and the file is located in %UserTemp%\teamviewerNo
teamviewer.vbsXteamviewer.vbsDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
winblogXTeamViewerQS.exeDetected by Dr.Web as Trojan.DownLoader9.18536No
GoogleUpdata.lnkXTeamviwer.exeDetected by McAfee as Generic Dropper and by Malwarebytes as Trojan.Agent.GUNo
Spybot - Search & DestroyYTeaTimer.exePart of the popular Spybot - Search & Destroy spyware removal tool from Safer Networking Limited. "Resident TeaTimer Resident TeaTimer is a tool of Spybot-S&D which constantly monitors the processes called/initiated. It immediately detects known malicious processes trying to start and terminates them giving you some options on how to deal with this process in the future." Also provides System Tray access to Spybot S&D and detects when processes want to change critical registry settings such as the startup entries - giving the user the option to allow/deny the changeYes
SpybotSD TeaTimerYTeaTimer.exePart of the popular Spybot - Search & Destroy spyware removal tool from Safer Networking Limited. "Resident TeaTimer Resident TeaTimer is a tool of Spybot-S&D which constantly monitors the processes called/initiated. It immediately detects known malicious processes trying to start and terminates them giving you some options on how to deal with this process in the future." Also provides System Tray access to Spybot S&D and detects when processes want to change critical registry settings such as the startup entries - giving the user the option to allow/deny the changeYes
TeaTimerYTeaTimer.exePart of the popular Spybot - Search & Destroy spyware removal tool from Safer Networking Limited. "Resident TeaTimer Resident TeaTimer is a tool of Spybot-S&D which constantly monitors the processes called/initiated. It immediately detects known malicious processes trying to start and terminates them giving you some options on how to deal with this process in the future." Also provides System Tray access to Spybot S&D and detects when processes want to change critical registry settings such as the startup entries - giving the user the option to allow/deny the changeYes
teavamefqehuXteavamefqehu.exeDetected by McAfee as RDN/Generic Downloader.x!o and by Malwarebytes as Trojan.Agent.USNo
safepauseXtecgbplung.exeDetected by Malwarebytes as Trojan.Banker.SPGen. The file is located in %LocalAppData%No
Tech-In-A-BoxYtechbox.exeTech-in-a-Box "provides easy-to-use tools for various system maintenance tasks. From backup and restore to diagnostics and repairs, Tech-in-a-Box is your tool to stay up and running"No
ATI Technology StartupXtechstart.exeDetected by Sophos as W32/Rbot-AEUNo
CNET TechTrackerNTechTracker.exe"CNET TechTracker is a free application from CNET that helps keep the software on your computer up-to-date and secure. TechTracker works by scanning the software installed on your computer and alerting you when updates are available"No
Teclado.exeXTeclado.exeDetected by Sophos as Troj/DwnLdr-KUN and by Malwarebytes as Trojan.BankerNo
TOSHIBA eco UtilityUTeco.exeToshiba Eco Utility that offers "improved energy management. With a single click you can switch to a pre-configured power plan that will not only let you go green, but let you see the measurable savings too"No
TecoUTeco.exeToshiba Eco Utility that offers "improved energy management. With a single click you can switch to a pre-configured power plan that will not only let you go green, but let you see the measurable savings too"No
Realtek Sound ManagerXTecompntwx.exeAdded by a variant of the IRCBOT BACKDOOR!No
TecoResidentUTecoResident.exeToshiba Eco Utility that offers "improved energy management. With a single click you can switch to a pre-configured power plan that will not only let you go green, but let you see the measurable savings too"No
DpUtilUTEDTray.exeMain executable for TOSHIBA DualPoint Utility Main Module. It is a system tray icon program that provides configuration options for dual pointing deviceNo
Microsoft Inet Xp..Xteekids.exeDetected by Symantec as W32.Blaster.C.WormNo
teeveewatchSAXteeveewatchSA.exeDetected by Malwarebytes as Adware.HotBar.CP. The file is located in %AppData%\teeveewatchSA\bin\[version]No
teiteqXteiteq.exeDetected by Sophos as Mal/VB-WCNo
TDockNUndock?TEject.drvFound on a Toshiba laptop. The file is located in %System%. Driver for the hotswap bay?No
Winsock32 driverXtekno.scrDetected by McAfee as MultiDropper-DCNo
tekurXtekur.exeAdded by the SILLYFDC-GI WORM!No
ovyriwiXtelace.exeDetected by Trend Micro as WORM_SDBOT.BVSNo
Microsoft Telecoms CenterXtelcoms.exeDetected by Trend Micro as WORM_AGOBOT.GJNo
Microsoft Lsass CenterXtelecomes.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System% - see hereNo
Telemeter 3.0Ntelemeter3.exeInternet connection bandwidth meter from a user ISPNo
TelepathYtelepath.exeDrivers for the WinModem versions of the US Robotics "Telepath" series - as supplied to Gateway for instance. WinModems use software rather than hardware - hence putting a load on the CPU. Needed if you have it for loading the drivers. See here for more WinModem informationNo
television_expressXtelevision-behave.exeDetected by Dr.Web as Trojan.DownLoader11.48152 and by Malwarebytes as Backdoor.Agent.STLNo
television_expressXtelevision-release.exeDetected by Dr.Web as Trojan.Siggen6.25972 and by Malwarebytes as Backdoor.Agent.STLNo
television_expressXtelevision_inform.exeDetected by Dr.Web as Trojan.Siggen6.25975 and by Malwarebytes as Backdoor.Agent.STLNo
television_expressXtelevision_matter.exeDetected by Dr.Web as Trojan.Siggen6.25936 and by Malwarebytes as Backdoor.Agent.STLNo
television_expressXtelevision_style.exeDetected by Dr.Web as Trojan.DownLoader11.47071 and by Malwarebytes as Backdoor.Agent.STLNo
KernelFaultCheckXtell32.exeDetected by Sophos as Troj/LegMir-BFNo
Microsoft Telecoma CenterXtellcoma.exeAdded by the RBOT-AWX WORM!No
Microsoft Telecom CenterXtellecom.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
TelnetXTelnet.exeDetected by Sophos as W32/Voumit-A. Note - this is not the legitimate telnet.exe application which is always located in %System%. This file is located in %Root%\mirc32No
BigPondWirelessBroadbandCMYTelstraUCM.exeTelstra wireless broadband managerNo
AmdAgentXtemp##.exeDetected by Malwarebytes as Trojan.Agent - where # represents a digit. The file is located in %WinTemp%No
NetworkSaverXtemp#.exeDetected by Malwarebytes as Trojan.Agent.NWS - where # represents one or more digits. The file is located in %Temp% - see examples here and hereNo
System Backup ManagerXTemp.exeDetected by McAfee as RDN/Generic PWS.y!gs and by Malwarebytes as Trojan.AgentNo
Google UpdaterXTemp.exeDetected by Dr.Web as Trojan.DownLoader7.30660 and by Malwarebytes as Trojan.AgentNo
Google Updator32XTemp.exeDetected by Dr.Web as Trojan.MulDrop4.54015 and by Malwarebytes as Trojan.Agent.GLNo
MessengerXtemp.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %CommonAppData%No
HKLMXtemp.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Temp%No
(Default)XTemp.exeDetected by Malwarebytes as Backdoor.Agent.DCEGen. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %MyDocuments%\MSDCSCNo
csrssXtemp.exeDetected by Microsoft as Trojan:Win32/Delf.KJ and by Malwarebytes as Trojan.AgentNo
VBCXtemp.exeDetected by McAfee as RDN/Generic.dx!d2iNo
PoliciesXtemp.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Temp%No
SystemRegistryRepairXtemp.exeAdded by the NOKPUDA WORM!No
driveresXtemp.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %System%\DriveresNo
HKCUXtemp.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Temp%No
TempXTemp.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
TempXTemp.exeDetected by Sophos as Troj/MSIL-EM and by Malwarebytes as Trojan.Agent. The file is located in %AppData%\MicrosoftNo
Microsoft MachineXtemp.exeDetected by Sophos as W32/Rbot-FSQNo
Temp.exeXTemp.exeDetected by Sophos as Troj/MSIL-EM and by Malwarebytes as Trojan.Agent.LMT. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
windows media serviceXtemp.exeDetected by McAfee as Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
UpdateXTemp.exeDetected by Malwarebytes as Trojan.GameHack. The file is located in %UserTemp%No
StartupXtemp.jsDetected by Kaspersky as Trojan.Win32.FakeAV.afyz and by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
temp32Xtemp32.exeDetected by McAfee as Generic.dx. The file is located in %System%No
temp32Xtemp32.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%No
IEACCESSXtemp532.exeAsdPlug premium rate adult content dialer variantNo
ASDPLUGINXtemp532.exeAsdPlug premium rate adult content dialerNo
HELPERXtemp532.exeAsdPlug premium rate adult content dialer variantNo
IntelAgentXtemp68.exeDetected by Microsoft as Backdoor:Win32/Kelihos.F and by Malwarebytes as Trojan.AgentNo
winupdXTemp:winupd.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %LocalAppData%No
Windows Live MessengerXTempbak.exeDetected by Dr.Web as Trojan.MulDrop5.1717 and by Malwarebytes as Trojan.PasswordStealer. The file is located in %LocalAppData% (10/8/7/Vista) or %UserProfile%\Local Settings (XP)No
Tempchrome.vbsXTempchrome.vbsDetected by McAfee as Generic PUP.z and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Microsoft MachineUpdateseXtempes.exeDetected by Kaspersky as Backdoor.Win32.Rbot.awf. The file is located in %System%No
duchuvaxrrXtempfile.exeDetected by McAfee as Generic Dropper!dwgNo
ETZFRXOLWWXtempfile.exeDetected by Malwarebytes as Backdoor.Agent.DC. The file is located in %Temp%No
GAnZPmGNIIXtempfile.exeDetected by Dr.Web as Trojan.Siggen4.3525No
TempReaderXTempFile.exeDetected by Dr.Web as Trojan.MulDrop3.55199 and by Malwarebytes as Trojan.FakeMSNo
suicideXtempfile2.batPersonal Protector rogue security software - not recommended, removal instructions hereNo
KeyXTempFiles.exeDetected by Malwarebytes as Backdoor.Bot.E. The file is located in %AppData%No
injeciwmpXtempinj.exeDetected by McAfee as Generic BackDoor.xa. The file is located in %CommonAppData%\Microsoft\Windows\Start Menu\Programs\tempinj (10/8/7/Vista) or %AllUsersProfile%\Start Menu\Programs\tempinj (XP)No
notepadXtemplate.exeDetected by McAfee as RDN/Generic Dropper!wb and by Malwarebytes as Trojan.Agent.NTPGenNo
javasXtemplate.exeDetected by McAfee as RDN/Generic Dropper!wb and by Malwarebytes as Trojan.Agent.MTANo
Windows System (x32)XTemplate.exeDetected by Malwarebytes as Backdoor.Agent.Generic. The file is located in %Templates%No
template.exeXtemplate.exeDetected by McAfee as RDN/Generic.dx!dgz. Note - this entry loads from the HKLM\Run and HKCU\Run keys and the file is located in %Temp%No
template.exeXtemplate.exeDetected by McAfee as RDN/Generic.dx!dgz and by Malwarebytes as Trojan.Agent.INJ. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
IntelXTemplate.exeDetected by Malwarebytes as Trojan.Agent.Generic. The file is located in %Templates%No
[various names]XTemplateDongle.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
DLLLSDDZXtemplosra.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Messa.ENo
TempMgrXTempMgr.exeDetected by Malwarebytes as Trojan.Agent.TMP. The file is located in %CommonAppData%\TempNo
WinCheckXtempo.ExeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp%No
injeciwmpXtempoinj.exeDetected by Malwarebytes as Trojan.FakeMS. The file is located in %CommonAppData%\Microsoft\Windows\Start Menu\Programs\tempoinj (10/8/7/Vista) or %AllUsersProfile%\Start Menu\Programs\tempoinj (XP)No
SDFJJSXtempp.exeDetected by McAfee as Generic.dx and by Malwarebytes as Backdoor.Agent.ENo
temps32Xtemps32.exeDetected by Dr.Web as Trojan.DownLoader6.45820 and by Malwarebytes as Trojan.AgentNo
ServerXtempserver.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %LocalAppData%No
uTorrentXTempserver.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %LocalAppData%No
TempSystem.vbsXTempSystem.vbsDetected by McAfee as RDN/Generic.dx!dfl and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
jv16 PT TempFileToolUTempTool.exejv16 PowerTools File Cleaner - "allows you to find obsolete and left-over temporary files"No
tempxXtempx.exeAdded by the TEMPEX.A TROJAN!No
NetworkUpdaterXtemp[10 digits].exeDetected by Malwarebytes as Trojan.Agent.MP. The file is located in %UserTemp% - see examples here and hereNo
CrashReportCheckerXtemp[5 or more digits].exeDetected by Malwarebytes as Trojan.Trustezeb. The file is located in %Temp%No
CrashReportVerifyerXtemp[5 or more digits].exeDetected by Malwarebytes as Trojan.Agent.KH. The file is located in %UserTemp% - see an example hereNo
NetworkInformerXtemp[5 or more digits].exeDetected by Malwarebytes as Trojan.Agent.LGN. The file is located in %Temp%No
AARCXtemsc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %MyDocuments%\SYSNo
54rkXTencentl00.exeDetected by Malwarebytes as Spyware.OnLineGames. The file is located in %System%No
54rkXTencentl6c.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
54rkXTencethw.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
TenClipsUTenClips.exe"TenClips is a lightweight and must have multiple clipboards for software developers. It is fast and very easy to use. There is no superfluous window or manipulation"No
teOuLarXteOuLar.exeDetected by Malwarebytes as Trojan.MSIL.JBN. The file is located in %LocalAppData%\kfSqeTkwcNo
TEPA.exeYTEPA.exeTELUS eProtect Advisor tool installed when you choose to install their internet security suite - sourced by Radialpoint. Apart from downloading the suite installation files, the exact purpose is unknown at this time but it may be used to source critical updates and alerts so should therefore be left enabledNo
[various names]Xteqq32.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
TE_RegProtectUTERegPct.exeRegistry repair utility part of the Anti Trojan Elite (ATE) anti-malware toolNo
Cao360XTerms.exeDetected by McAfee as RDN/Generic BackDoor!b2k and by Malwarebytes as Trojan.Agent.UPXNo
SuperProServerXTerms.EXEDetected by Malwarebytes as Trojan.Agent.NTS. The file is located in %Windir% - see hereNo
Microsoft Windows RDP Service v19Xtermsvc.exeDetected by Trend Micro as TROJ_DISCPER.A and by Malwarebytes as Trojan.MWF.Gen. The file is located in %AppData%\RDPServicev19No
TernateXTernate.exeDetected by Dr.Web as Trojan.MulDrop2.37769No
terrapoint700x0main.exeXterrapoint700x0main.exeDetected by Malwarebytes as Trojan.FakeAlert. The file is located in %AppData%\[32 hex characters] - see examples here and hereNo
terrapoint700x0main.exeXterrapoint700x0main.exeDetected by McAfee as VBObfus.b and by Malwarebytes as Trojan.FakeAlert. The file is located in %Temp%No
testXtes.exeDetected by Malwarebytes as Spyware/KeyBase. The file is located in %AppData%No
(Default)Xtes.exeDetected by Dr.Web as Trojan.AVKill.31471 and by Malwarebytes as Trojan.Agent.E. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blankNo
MSNXtesakmger.exeAdded by the SPYBOT.AVJ WORM!No
Windeows NetStart Service2Xtesakrmger.exeDetected by Sophos as W32/Rbot-AMYNo
TEscKeyUTEscKey.exeToshiba Escape Key handler. Enables you to program and use the <Fn><Esc> key combination to perform a specific functionNo
Microsoft sddcE ContolXteskmangr.exeAdded by a variant of the RBOT-AUM WORM!No
System ServiceXteskmangr.exeDetected by Sophos as W32/Rbot-AUVNo
Microsoft Windows Live MessengerXteskmgrs.exeDetected by McAfee as PWS-Banker!gsm and by Malwarebytes as Trojan.MWF.GenNo
Tesla?TESLA.EXEThe file is located in %ProgramFiles%\Tesla. What does it do and is it required?No
Tesseract-OCRNtesseract.exeTesseract OCR (Optical Character Recognition) open source software for scanning and converting documentsNo
test (2).exeXtest (2).exeDetected by Malwarebytes as Trojan.Agent.AI. The file is located in %UserProfile%\DesktopNo
Test##XTest##.exeDetected by Malwarebytes as Trojan.Agent.MNR - where # represents a digit. The file is located in %Temp%\Test## - see an example hereNo
MSIEXEC.EXEXtest.exeDetected by Malwarebytes as Trojan.Agent.TPGen. The file is located in %Temp%No
testXtest.exeDetected by Malwarebytes as IPH.Trojan.FakeAlert.Gen. The file is located in %Windir%No
Test*XTest.exeDetected by Sophos as W32/Autorun-SG - where * represent a number. If, for example, you have four physical hard drive partitions and one removable drive, the file "Test.exe" will be present in the root of the partition (ie, C:\, D:\) with startup entries of "Test1" through "Test5"No
LoadWatcher?Test.exeReportedly part of a webcam surveillance program that's supposed to test SMTP dialling in the event of an alert? Is this correct?No
myfile.exeXTest.exeDetected by Dr.Web as Trojan.KillFiles.7943 and by Malwarebytes as Trojan.Agent.MFNo
HKLMXtest.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\Commonn FilesNo
(Default)Xtest.exeDetected by Malwarebytes as Trojan.Agent. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %UserProfile%\DesktopNo
WinUpdateXtest.exeDetected by Malwarebytes as Spyware.PasswordStealer. The file is located in %UserTemp%No
PoliciesXtest.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\Commonn FilesNo
PoliciesXTest.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\TestNo
GoogleUpdateXtest.exeDetected by Malwarebytes as Trojan.Agent.IGen. The file is located in %AppData%No
HKCUXtest.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\Commonn FilesNo
CHECKXtest.exeDetected by McAfee as PWS-Banker and by Malwarebytes as Trojan.Agent.CKNo
WINDOWS SYSTEMXtest.exeDetected by Symantec as W32.Mytob.DJ@mm and by Malwarebytes as Backdoor.AgentNo
MS-GRT32Xtest.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %Temp%\IXP000.TMPNo
test.hr.exeXtest.hr.exeDetected by McAfee as RDN/Generic PWS.y!up and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
WINDOWS SYSTEMXtest2.exeDetected by Symantec as W32.Mytob.DJ@mm and by Malwarebytes as Backdoor.AgentNo
WINDOWS SYSTEMXtest3.exeDetected by Symantec as W32.Mytob.DV@mm and by Malwarebytes as Backdoor.AgentNo
me1XTestApp.exeDetected by Dr.Web as Trojan.SMSSend.2969 and by Malwarebytes as Trojan.AgentNo
DHFUIDHFUISDOFJIEOJFIOJISDOJIOJEFIOJSDOFXTestbuild 0.8.4.exeDetected by McAfee as RDN/Generic Dropper!uz and by Malwarebytes as Backdoor.Agent.IMNNo
mstwain32Xteste.exeDetected by McAfee as Generic Dropper.f and by Malwarebytes as Trojan.AgentNo
[various names]XTestimonials.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
Winsock32 driverXTESTING.EXEDetected by Sophos as W32/Spybot-BNo
WindowsXTestingSHitwithhost.exeDetected by Malwarebytes as Trojan.FakeFlash. The file is located in %AppData%No
JavaMIXXtestlr.exeDetected by Sophos as Troj/Xtrat-BF and by Malwarebytes as Trojan.Agent.JVNo
WindowsDefenderXTestsst.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserTemp%No
TESTTXtesttDetected by Malwarebytes as Backdoor.Agent.DC. The file is located in %Temp%No
testtestXtesttest.exeDetected by McAfee as RDN/Generic BackDoor!th and by Malwarebytes as Backdoor.Agent.ENo
SystemToolsXtesttestt.exeDetected by Sophos as Troj/Dwnldr-ZLCNo
SystemXtesttestt.exeDetected by Sophos as Troj/Dwnldr-ZLCNo
TTS SyncXtesttts.exeAdded by the SDBOT.BVA WORM!No
TestWinLockXTestWinLock.exeDetected by Malwarebytes as Ransom.Winlock. The file is located in %Root%No
AlienAutopsyNTest_BS.exeAlienware computer technical support softwareNo
JuliaPerezXTetek_Gede_Julia_Perez.exeDetected by Sophos as W32/Autorun-BSNo
TExBUtil?TExBUtil.exeThe file is located in %System%No
texe32.exeXtexe32.exeDetected by Dr.Web as Trojan.Siggen4.27324 and by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Link Human Video Bus Extender CNG DCOMXtexeokatr.exeDetected by McAfee as Generic.dx!bcwjNo
Text.vbsXText.vbsDetected by Dr.Web as Trojan.MulDrop4.49986. The file is located in %Root%\Booting\ShelNo
Text.vbsXText.vbsDetected by Malwarebytes as Trojan.Agent. The file is located in %Root%\NewNo
TextAloudNTextAloudMP3.exeTextAloud MP3 - convert text into spoken words and MP3sNo
Java Runtime EnvironmentXtextasy.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %AppData% - see hereNo
Text Monkey PRONTextMonkeyPRO.exeText Monkey PRO by Boxer Software - "has dozens of useful text processing functions that were designed to save you time and effort on all types of editing tasks. Because Text Monkey operates on text while it resides on the Windows clipboard, it extends the functionality of every program you use"No
TF2mnr.exeXTF2mnr.exeDetected by Dr.Web as Trojan.DownLoader4.29615No
p8F5lCgBkpXTFCvRNf.exe.lnkDetected by Sophos as Troj/MSIL-FE and by Malwarebytes as Backdoor.Agent.DCENo
GWLVEEXTFgDPd.exeDetected by McAfee as Generic BackDoor and by Malwarebytes as Backdoor.Agent.ENo
RIWHPPXtfHdpE.exeDetected by McAfee as RDN/Generic BackDoor!tl and by Malwarebytes as Backdoor.Agent.DCENo
Memory+Utfimemsr.exeMemory+ memory optimizerNo
TFncKyUTFncky.exeDeals with the <Fn> - <Function> key combinations on a Toshiba laptopNo
TFNF5UTFNF5.exeToshiba Hotkey Utility for Display Devices. By pressing <Fn> + <F5>, a window appears showing the displays that can be chosen - LCD, LCD + CRT, CRT, TVNo
[various names]XTForm1.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
tfswctrlYtfswctrl.exeDrive letter access to a UDF packet writer for CD-RW - from HP, Veritas (now Symantec) and others. Similar to Roxio's DirectCD and does the same thing. From HP - "This is a needed file as it controls the readability of the Combo drives. Without this file loading the end user will be able to burn CD's but won't be able to read them. The drive itself will be able to read store bought master Cd's without the file but not burnt ones"Yes
tfswctrl.exeYtfswctrl.exeDrive letter access to a UDF packet writer for CD-RW - from HP, Veritas (now Symantec) and others. Similar to Roxio's DirectCD and does the same thing. From HP - "This is a needed file as it controls the readability of the Combo drives. Without this file loading the end user will be able to burn CD's but won't be able to read them. The drive itself will be able to read store bought master Cd's without the file but not burnt ones"Yes
dlaYtfswctrl.exeDrive letter access to a UDF packet writer for CD-RW - from HP, Veritas (now Symantec) and others. Similar to Roxio's DirectCD and does the same thing. From HP - "This is a needed file as it controls the readability of the Combo drives. Without this file loading the end user will be able to burn CD's but won't be able to read them. The drive itself will be able to read store bought master Cd's without the file but not burnt ones"Yes
TFTP***Xtftp***Added by a variant of the SPYBOT WORM! where *** can be any numberNo
TFTrayYTFTray.exeSystem Tray access to ThreatFire no-signature anti-malware from PC Tools by Symantec (now discontinued) - which "features innovative real-time behavioral technology that provides powerful protection against both known and unknown viruses, worms, trojans, rootkits, buffer overflows, spyware, adware and other malware"Yes
ThreatFireYTFTray.exeSystem Tray access to ThreatFire no-signature anti-malware from PC Tools by Symantec (now discontinued) - which "features innovative real-time behavioral technology that provides powerful protection against both known and unknown viruses, worms, trojans, rootkits, buffer overflows, spyware, adware and other malware"Yes
TFunckeyUTFuncKey.exeDeals with the <Fn> - <Function> key combinations on a Toshiba laptopNo
Windows Manager Update IncXtgb.exeDetected by Sophos as W32/Sdbot-ACMNo
hcenterUtgcmd.exePart of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"No
tgcmdUtgcmd.exePart of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"Yes
tgcmdprovidersbcUtgcmd.exePart of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"No
Support.com Scheduler and Command DispatcherUtgcmd.exePart of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox. Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendation"Yes
TGDC IE PluginXtgdc.exeShopForGood spyware - see hereNo
TgAddServerNtgfixSoftware from Support.com (aka SupportSoft or Tioga) provided to manufacturers (such as Sony (Vaio Support Agent) and Toshiba (Virtual Tech) and ISPs (such as Comcast, Cox and Charter (Pipeline Support Agent)) that allows them to offer on-line support - to update drivers, fix faults, etc. Can potentially cause deterioration in a PC's performance. This part looks after the protection and "self-healing". Uninstallation is recommended by most people - especially for System Restore users (WinXP/Me). If not available via Add/Remove try hereNo
TgAddServerNtgfix.exeSoftware from Support.com (aka SupportSoft or Tioga) provided to manufacturers (such as Sony (Vaio Support Agent) and Toshiba (Virtual Tech) and ISPs (such as Comcast, Cox and Charter (Pipeline Support Agent)) that allows them to offer on-line support - to update drivers, fix faults, etc. Can potentially cause deterioration in a PC's performance. This part looks after the protection and "self-healing". Uninstallation is recommended by most people - especially for System Restore users (WinXP/Me). If not available via Add/Remove try hereNo
TgsetsiteUtgfix.exeAlso see the "TgAddServer" entry. This part ensures the software is installed correctly (similar to an installation wizard) as reported by Cox Regarded as spyware by some as it has the ability to retrieve user information. Whether it does so depends upon the provider. One Toshiba user reports problems with hibernate on his laptop if disabled - hence the "U" recommendationNo
tgkillNtgkill.exeComcast struck a deal with Tioga to provide an "enhanced" support and self-repairing tool. This "beta" release was made available to download by mistake and should be removed via Start → Control Panel → Add/Remove ProgramsNo
ComcastSUPPORTNtgkill.exeComcast struck a deal with Tioga to provide an "enhanced" support and self-repairing tool. This "beta" release was made available to download by mistake and should be removed via Start → Control Panel → Add/Remove ProgramsNo
TgstatFix?tgstat.exePart of software from Support.com (aka SupportSoft or Tioga) provided to manufacturers and ISPs that allows them to offer on-line support - to update drivers, fix faults, etc. Also see the "TgAddServer" entryNo
hchgkgotXtgtelcvc.exeDetected by Malwarebytes as Trojan.Asprox. The file is located in %LocalAppData%No
SFjKBASIXTgvpyVFE.exeDetected by Malwarebytes as Backdoor.Bot.E. The file is located in %LocalAppData%\MicrosoftNo
thn4nXth7dg2h.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %MyDocuments%\ServicesNo
JavaXthanksbrogame.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %AppData%No
FirefoxXTHBPvirus.exeDetected by McAfee as RDN/Generic BackDoor!xi and by Malwarebytes as Backdoor.XTRat.ENo
Thdetrf?thdetr32.exeAppears to be related to Lycos advertisingNo
The Registry SentinelXThe Registry Sentinel.exeThe Registry Sentinel rogue security software - not recommended, removal instructions hereNo
Desktop WeatherNThe Weather Channel.exeDesktop Weather by The Weather Channel - provides current temperature, conditions, alerts, etcNo
Desktop Weather 3NThe Weather Channel.exeDesktop Weather 3 by The Weather Channel - provides current temperature, conditions, alerts, etcNo
The Web SentinelXThe Web Sentinel.exeThe Web Sentinel rogue security software - not recommended, removal instructions hereNo
TheAnswerFinderUTheAnswerFinder.exeDetected by Malwarebytes as PUP.Optional.TheAnswerFinder. The file is located in %AppData%\TheAnswerFinder. If bundled with another installer or not installed by choice then remove itNo
$peerXTheBat.batDetected by Dr.Web as Trojan.KillFiles.10020 and by Malwarebytes as Trojan.AgentNo
TheClawUTheClaw.exeSupport for the now discontinued TerraTec Mystify Claw (originally by Ferraro Design and just called "The Claw") gaming input deviceNo
thesdatsfXthedasfsrs.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\MicrosoftNo
TheDefend.exeXTheDefend.exeTheDefend rogue security software - not recommended, removal instructions here. A member of the AntiAID family. Detected by Malwarebytes as Rogue.TheDefendNo
fuckunigXthedicklover.exeDetected by Dr.Web as Trojan.DownLoader11.20140 and by Malwarebytes as Trojan.Agent.FCNo
TheefriiResAppXTheefriiResApp.exeDetected by Dr.Web as Trojan.DownLoader11.11110 and by Malwarebytes as Trojan.Downloader.IINo
microsoftsecurityXthegame.exeDetected by Malwarebytes as Backdoor.Messa. The file is located in %Windir% - see hereNo
Windows GuardianUthehel1iawgrd32.exePart of First Aid by Cybermedia who were subsequently bought by McAfee (Network Associates). Protects your Windows system from application failure and crashesNo
them windows7.exeXthem windows7.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
cleanerXtheme.exeDetected by Dr.Web as Trojan.MulDrop4.63439 and by Malwarebytes as Trojan.Agent.ENo
Windows ThemesXThemes.comDetected by McAfee as Generic BackDoor and by Malwarebytes as Backdoor.IRCBot.ENo
Windows Theme EngineXthemes.exeDetected by Dr.Web as Trojan.DownLoader9.22002 and by Malwarebytes as Trojan.Agent.WTENo
Thermal ControllerUThermalController.exePart of the Alienware Command Center utility for the Dell Alienware range of gaming computers. "Thermal Controls featured in selected Alienware Desktop systems give you access to your Alienware's management thermal system controls so you can monitor thermal status, adjust thermal control of system fans, and change the status of active venting"No
TheSpyBotXTheSpyBot.exeTheSpyBot rogue security software - not recommended, removal instructions hereNo
Desktop Weather 3NTHEWEA~1.EXEDesktop Weather 3 by The Weather Channel - provides current temperature, conditions, alerts, etcNo
SkyrimXThe_Elder_Scrolls_Skyrim.exeDetected by McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.Agent.DCENo
displayUThe_Eye.exeComSpySysSvr surveillance software. Uninstall this software unless you put it there yourselfNo
GalleryXthG.exeDetected by Sophos as W32/Autorun-JRNo
THGuardUTHGuard.exeResident memory scanning for TrojanHunterNo
Think Green WeatherUThink Green Weather.exeWeather gadget included with the free Think Green theme for MyColors from Stardock Corporation. Displays the current and forecasted weather for the selected location from AccuWeather.comYes
Think Green Weather.exeUThink Green Weather.exeWeather gadget included with the free Think Green theme for MyColors from Stardock Corporation. Displays the current and forecasted weather for the selected location from AccuWeather.comYes
Think Green WeatherUTHINKG~1.EXEWeather gadget included with the free Think Green theme for MyColors from Stardock Corporation. Displays the current and forecasted weather for the selected location from AccuWeather.comYes
thisXthis.exeDetected by Malwarebytes as Trojan.Agent.KR. The file is located in %AppData%\Microsoft\ThisNo
pop06apeltXthiselt.exeZenoSearch adware variantNo
loadXthisistest.lnkDetected by Malwarebytes as Backdoor.Agent.PDL. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "thisistest.lnk" (which is located in %AppData%\Microsoft\Windows\WdiService)No
KeynameXThisRockzz.exeDetected by Dr.Web as Trojan.DownLoader4.34802 and by Malwarebytes as Trojan.AgentNo
THKemUTHKem.exeToshiba Hot Key emulation for their laptopsNo
Thumbs Plus *.*Xthmbplus**.exeDetected by Sophos as W32/Agobot-AAF where ** is a combination of a random digit and characterNo
TsystemXTHole.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.56153 and by Malwarebytes as Trojan.TWorm.vbNo
thom.cplXthom.cplDetected by Malwarebytes as Trojan.Banker.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Thoosje Vista SidebarUThoosje Vista Sidebar.exeThoosje's Vista Sidebar - sidebar and skins for microsoft Windows XP and VistaNo
THOTKEYUTHotkey.exeAssociated with the Fn+ keys on Toshiba laptops. When disabled some keys still worked, like the one that regulates the volume of the system beep, but others didn't, like the one that immediately blackens your screenNo
ThpSrvYthpsrvToshiba Hard Drive Protection Utility - moves the Hard Drive head to a safe position in case of shock or vibration to reduce the risk of damage that could be caused by head-to-disk contactNo
TOSHIBA HDD ProtectionYthpsrvToshiba Hard Drive Protection Utility - moves the Hard Drive head to a safe position in case of shock or vibration to reduce the risk of damage that could be caused by head-to-disk contactNo
EleFunAnimatedWallpaperUThree Windmills.exeThree Windmills animated wallpaper fromNo
imPlayokXthsc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserTemp%No
T_H_S_MYTHSM.EXEPart of The Hacker Anti-malware from Peruvian company Hacksoft S.R.L.No
thuderXthuder.exeDetected by Malwarebytes as Trojan.Agent.THU. The file is located in %ProgramFiles%\SSFKLJNo
CacheClearXThumbsdb.batDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%No
32-bit Thunking serviceXthunk32.exeDetected by Symantec as W32.Derdero.A@mmNo
Microsoft Update MachineXthvfyq.exeDetected by Kaspersky as Backdoor.Win32.Rbot.aea and by Malwarebytes as Backdoor.Bot. The file is located in %System%No
THX Audio Control PanelUTHXAudio.exeControl Panel for Creative's THX TruStudio - which "is specially designed to bring the same great audio experience found in live performances, films, and recording studios - to the PC"No
THX TruStudio NB SettingsUTHXAudNB.exePart of Creative's THX TruStudio - which "is specially designed to bring the same great audio experience found in live performances, films, and recording studios - to the PC"No
THGuardUTH_Guard.exeResident memory scanning for TrojanHunterNo
tibhibtemlanXtibhibtemlan.exeDetected by Sophos as Troj/Upatre-DO and by Malwarebytes as Trojan.Agent.USNo
tibs3Xtibs3.exePremium rate Adult content dialer - see hereNo
tibs5Xtibs5.exePremium rate adult content dialer. The file is located in %System%No
True Internet Color IconUTICIcon.exePart of 3Deep® from E-Color (superseded by 3DxWizzard™) - "With True Internet Color PCs can display the best color possible over the web. Enabled web sites will know how connected monitors display color and will send them color corrected images"No
ticismsXticisms.exeAdded by the PWSDLB-B TROJAN!No
TIxDSLUtidslmon.exeActiontec DSL modem. Associated with High Speed AOL DSL. Used to get line sync with the Actiontec DSL USB Modem. Available via Start → ProgramsNo
HKLMXtifergxt.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
PoliciesXtifergxt.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Windir%\installNo
HKCUXtifergxt.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
tiffaXtiffe.exeDetected by Malwarebytes as Trojan.Injector.AI. The file is located in %AppData%No
tigixbakydqyXtigixbakydqy.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
tiisignupXtiisignup.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %ProgramFiles%\Internet Explorer\Connection Wizard - see hereNo
TiKLUtikl.exeTinyKeylogger keystroke logger/monitoring program - remove unless you installed it yourself!No
Task managerXTikTo.exeDetected by Trend Micro as WORM_RBOT.LVNo
TilerunXTilecom32.comAdded by a variant of W32/Sdbot.wormNo
TileFreeXTilecomfree.comAdded by the RBOT.CQE WORM!No
Top TilecomXTilecomtop.comDetected by Trend Micro as WORM_RBOT.BXDNo
Topic SoftXTilesoft.comDetected by Trend Micro as WORM_RBOT.GDH. The file is located in %System%No
Topic TilesysXTilesys.comAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
timberXtimber.exeDetected by Malwarebytes as Spyware.Password. The file is located in %AppData%\timberNo
Microsoft DirectXXtime123.exeDetected by Trend Micro as WORM_SDBOT.MDNo
timestampXtimeapr32.exeDetected by Sophos as Troj/Agent-DRUNo
ImMsnXtimed.exeDetected by Trend Micro as BKDR_WEBDOR.AKNo
TimerXtimed.exeDetected by Sophos as Troj/Bdoor-LVNo
TimeDateMUICallbackXTimeDateMUICallback.exeDetected by Malwarebytes as Trojan.Ransom. The file is located in %AppData%\Microsoft\Windows\[4 numbers]No
TimeDateMUICallbackXTimeDateMUICallback.exeDetected by Symantec as Trojan.Ransomcrypt.C and by Malwarebytes as Trojan.Ransom.Gen. The file is located in %AppData%\SQL Server Compact EditionNo
HKLMXTimegate.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\installNo
PoliciesXTimegate.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\installNo
HKCUXTimegate.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\installNo
TimeLeftUTimeLeft.exeTimeLeft by NesterSoft Inc. - "countdown, reminder, clock, alarm clock, tray clock, stopwatch, timer, sticker, auction watch, web countdown and time synchronization utility"No
Time ManagerXTimeManager.exeDetected by Sophos as W32/Mytob-BVNo
Timemanager.exeUTimemanager.exeTime Manager will let you track billable and non-billable time by customer, by category and by associate and then integrate directly to our custom billing packageNo
MacDrive7.0.#TimeOutPatch?TimeOutPatch.EXEPart of MacDrive 7 (where # represents the version number) from Mediafour Corporation - "enables anyone using Windows Vista, XP, and 2003 Server to seamlessly access Mac disks (HFS/HFS+) of all types, including CDs, DVDs, hard drives, floppy, Zip, Jaz, and more!" Interim patch for an older version? Is it no longer required?No
TIMERXTIMER.EXEDetected by Symantec as W32.Timese.AGNo
HKLMXtimergat.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
PoliciesXtimergat.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %Windir%\installNo
HKCUXtimergat.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\installNo
Timesheets LiteNtimesheets.exeTimesheets Lite by Timesheets MTS Software - "allows you to record, track, and report accurately on the time that your employees spend on projects. It does this quickly, with low overheads, accurately, and reduces your time to invoicing, and improves your accuracy of invoicing"No
Windows Time ServerXTimeSRV.exeDetected by Symantec as W32.Spybot.DNCNo
timessquareXtimessquare.exeMediaMotor.IEMonitor malware!No
w32timesyncXtimesync.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%\javacacheNo
Atomic Time SynchronizerUTimeSync.exeTimeSync - lets you synchronize your computer's clock with any internet atomic clockNo
TimeSyncAppXTimeSynchronize.exeDealHelper adwareNo
TimestasksXtimetasks.exeDetected by Dr.Web as Trojan.DownLoader12.1418 and by Malwarebytes as Trojan.Downloader.TimeTasksNo
TimeUpNTimeup.exeTimeUp - internet online timerNo
Windows Registry ScanXtimeupdate.exeAdded by the SPYBOT.JE WORM!No
MS TimeXtimezone.exeDetected by Trend Micro as WORM_AGOBOT.ADYNo
TimezoneUTimeZone.exeMicrosoft Daylight Saving Time Update Utility - see hereNo
TIMHostXTIMHost.exeDetected by Sophos as Troj/PWS-ANTNo
froodyXtimoty.exeDetected by Trend Micro as WORM_NUCRP.GEN. The file is located in %System%No
versionXtimoty.exeDetected by Trend Micro as WORM_NUCRP.GEN. The file is located in %System%No
Acronis True ImageUTimounterMonitor.exePart of the Acronis True Image range of backup software, with which you can create backups of individual directories, partitions (ie, C:, D:) or a whole hard drive - and mount those images onto a drive/partition with sufficient space. If you mount an image in "Read Only" you cannot change any contents. In "Read & Modify" mode you can change the contents and in this mode TimounterMonitor ensures that any changes made to the mounted image will not allow it to grow larger than the disk on where the backup image is stored. Required if you mount partitions or disk images in "Read & Modify" mode and are concerned about disk space in the partition/disk where the backup images are storedYes
AcronisTimounterMonitorUTimounterMonitor.exePart of the Acronis True Image range of backup software, with which you can create backups of individual directories, partitions (ie, C:, D:) or a whole hard drive - and mount those images onto a drive/partition with sufficient space. If you mount an image in "Read Only" you cannot change any contents. In "Read & Modify" mode you can change the contents and in this mode TimounterMonitor ensures that any changes made to the mounted image will not allow it to grow larger than the disk on where the backup image is stored. Required if you mount partitions or disk images in "Read & Modify" mode and are concerned about disk space in the partition/disk where the backup images are stored. Also included in the Seagate DiscWizard, Seagate BlackArmor Backup, Maxtor (now Seagate) MaxBlast and Apricorn EZ Gig II implementations of True ImageYes
TimounterMonitorUTimounterMonitor.exePart of the Acronis True Image range of backup software, with which you can create backups of individual directories, partitions (ie, C:, D:) or a whole hard drive - and mount those images onto a drive/partition with sufficient space. If you mount an image in "Read Only" you cannot change any contents. In "Read & Modify" mode you can change the contents and in this mode TimounterMonitor ensures that any changes made to the mounted image will not allow it to grow larger than the disk on where the backup image is stored. Required if you mount partitions or disk images in "Read & Modify" mode and are concerned about disk space in the partition/disk where the backup images are stored. Also included in the Seagate DiscWizard, Seagate BlackArmor Backup, Maxtor (now Seagate) MaxBlast and Apricorn EZ Gig II implementations of True ImageYes
FantasyXtimp.exeDetected by Malwarebytes as Trojan.Banker.IM. The file is located in %AppData%\MediaxNo
PHIME2002AUTINTSETP.EXEMicrosoft's Input Method Editor for Asian languages which is used to both display and enable the input of characters in e-mails, documents and other files - should you need to. Found on PCs where Asian languages (e.g. Chinese, Hindi, Japanese, etc) have been installed through the Regional and Language options icon in the Control PanelYes
PHIME2002ASyncUTINTSETP.EXEMicrosoft's Input Method Editor for Asian languages which is used to both display and enable the input of characters in e-mails, documents and other files - should you need to. Found on PCs where Asian languages (e.g. Chinese, Hindi, Japanese, etc) have been installed through the Regional and Language options icon in the Control PanelYes
TINTSETPUTINTSETP.EXEMicrosoft's Input Method Editor for Asian languages which is used to both display and enable the input of characters in e-mails, documents and other files - should you need to. Found on PCs where Asian languages (e.g. Chinese, Hindi, Japanese, etc) have been installed through the Regional and Language options icon in the Control PanelYes
TinueXTinue.exeAdded by the SILLYFDC.BCO WORM!No
soulXTiny Brain.exeDetected by Dr.Web as Trojan.DownLoader11.11093 and by Malwarebytes as Trojan.Agent.ENo
Tiny download managerNTinyDM.exeTiny Download Manager - "installs ultra-fast with a light footprint on your computer and runs super-efficiently" and "accelerates your downloads and avoids hogging valuable system resources at the same time"No
tinySpellUtinyspell.exeTinyspell - "allows you to easily and quickly check the spelling of words in any Windows application. Monitors your typing on the fly, alerts you whenever it detects a misspelled word, and checks the spelling of every word you copy to the clipboard"No
TinyTake by MangoAppsNTinyTake by MangoApps.exeTinyTake by MangoApps - "is a free screen capture & video recording software for Microsoft Windows & Mac. With TinyTake, you can capture images and videos of your computer screen, add comments and share them with others in minutes"No
TiomanExeUTioman.ExeAgate Tioman - warm and hot swap removable bay device managerNo
tipguard.exeXtipguard.exePrivacy Commander rogue privacy program - not recommended, removal instructions hereNo
TipsNtips.exeSuggests tips on using your mouseNo
Track-It! Workstation Manager Service MonitorYTIServiceMonitor.exeTrack-It! by BMC Software, Inc. (was Numara Software) - "is a fully integrated IT help desk and asset management solution for small to mid-sized organizations that is affordable, easy to use, and rapid to deploy"No
Titan BackupUTitanBackup.exeTitan Backup by Neobyte Solutions - "is an easy-to-use, flexible and affordable solution, designed for secure backups of your important data. It can make automatic backups of your priceless files and documents, emails and rules, registry, settings, virtually on any type of storage media including CD/DVD-RW, removable devices, network drives, and remote FTP servers." No longer supportedNo
Titan BackupUTITANB~2.EXETitan Backup by Neobyte Solutions - "is an easy-to-use, flexible and affordable solution, designed for secure backups of your important data. It can make automatic backups of your priceless files and documents, emails and rules, registry, settings, virtually on any type of storage media including CD/DVD-RW, removable devices, network drives, and remote FTP servers." No longer supportedNo
TitleTimeUTiTime.exe"TitleTime adds the current date and/or time to the Caption of the currently active application window. Additional options are a second clock (with a different time), week number, GMT/UTC time, Swatch Internet Time and Sounds at each full, half or quarter hour"No
TitleXTitle.exeDetected by McAfee as RDN/Generic Dropper!ty and by Malwarebytes as Backdoor.Agent.IDNo
Titlebar DateUTitlebar Date.exeTitlebar Date by Titlebar Software - displays the day of the week and date and time in the active window's tile bar. For example, open Notepad and the day and date will appear at the top of the window. The originator's website is no longer available but you can still download it hereYes
Titlebar TimeUTitlebar Time.exeTitlebar Time by Titlebar Software - displays the day of the week, date and time in the active window's tile bar. For example, open Notepad and the day, date and time will appear at the top of the window. The originator's website is no longer available but you can still download it hereYes
TiTleBarClockUTiTleBarClock.exeTitleBarClock - displays Day, Time, Date, Month, Year, FreeMem, and FreeDriveSpace on the right side of the title bar in any main window that has the mouse or keyboard focusNo
tiuopoXtiuopo.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile% - see hereNo
TivoNotify?TiVoNotify.exeTiVo Notify Service Process - part of Tivo Desktop. What does it do and is it required?No
TivoServerUTiVoServer.exeTivo Server - installed with the TiVo Home Media Option. It streams audio files to your television/home theater from your PCNo
TivoTransferUTivoTransfer.exeTivo Transfer Service. TiVo Desktop is an easy-to-use application that lets you publish and share digital music, photos and TiVo recordings between your networked TiVo Series2 DVR and your computerNo
tiwiXtiwiDetected by Symantec as W32.Rahiwi.A and by Malwarebytes as Worm.TiwiNo
TI WLANUTIWLANCu.exeTexas Instruments TI wireless LAN productsNo
TizzleTalkNTizzleTalk.exeTizzeTalk is a dialect translator for Yahoo, MSN, AOL Instant Messengers. Bundles adware, hence not recommended. From their old EULA : "As a result of installing the Company's Software, you will see occasional banner ads, pop-up or pop-under ads, or other types of ads selected based on your online activities .../... Occasionally, we may automatically or through other remote means, update, upgrade, patch or uninstall the Company's Software, including the Company's advertising-supported software, without further notice to you. These upgrades also may include installation of additional applications from the Company as well as third party applications"No
Anti Trojan EliteYTJEnder.exeAnti Trojan Elite (ATE) anti-malware toolNo
tJeOfxpyoLkuKU.exeXtJeOfxpyoLkuKU.exeDetected by Malwarebytes as Rogue.Fakealert. The file is located in %CommonAppData%No
Windows Service AgentXtjybssd.exeDetected by Kaspersky as Backdoor.Win32.Rbot.wfm and by Malwarebytes as Backdoor.Bot. The file is located in %System%No
WinhelpXTkBellExe.exeDetected by Trend Micro as WORM_LOVGATE.E and by Malwarebytes as Worm.EmailNo
WinhelpXTkBellExe.exe...Detected by Symantec as W32.Lovgate.Z@mm and by Malwarebytes as Worm.EmailNo
TKKL AgentXTKKL.exeDetected by Malwarebytes as ArdamaxKeylogger. The file is located in %System%\28463No
tkonnectNTKONNECT.EXETiscali (now TalkTalk) ISP dialer. Available as a desktop shortcutNo
Ticket API Monitor?tktmon.exeSyntegra Device Identification Logger. What does it do and is it required?No
tlXtl.exeDetected by McAfee as RDN/Generic BackDoor!xp and by Malwarebytes as Backdoor.Agent.DCENo
TurboLaunchUTlaunch.exeTurboLaunch is a tool-bar style application that can be set up to run many programs and perform certain pre-programmed actionsNo
KomunikatorNtlen.exeTlen - adware licensed Polish language instant messaging clientNo
tlfov.exeXtlfov.exeDetected by Dr.Web as Trojan.MulDrop2.30710 and by Malwarebytes as Trojan.Downloader. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
SenXtlii.exeDetected by Kaspersky as PurityScan.ahNo
tljyxiiwXtljyxiiw.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %System%No
tljyxiiwXtljyxiiw.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %UserProfile%No
TLK StartXTLK.exeDetected by McAfee as Generic.bfr and by Malwarebytes as Trojan.Agent.GenNo
Talk Now!NTlknow16.exeTalk Now (now uTalk) language learning utility by EuroTalk InteractiveNo
Print SpoolerXtlmon.exeDetected by McAfee as Generic.dx!tvc and by Malwarebytes as Trojan.DownloaderNo
NBCnCltXTLnbLdr.exeDetected by Dr.Web as Trojan.Siggen5.64381 and by Malwarebytes as Trojan.AgentNo
tlntsvrUtlntsvr.exeMicrosoft program associated with TelnetNo
Password Door LoaderYtlpd.exePassword Door from TopLang software - lets "you add password protection to any software. When software is protected by Password Door, anyone who wants to use that software must enter the correct password in order to launch it"No
TLzULCPZJI.exeXTLzULCPZJI.exeDetected by McAfee as RDN/Generic Dropper and by Malwarebytes as Backdoor.Messa.ENo
Service HostXtm32.exeDetected by Sophos as Troj/Poison-AGNo
Torrent Management ServiceXTMANAGESVC.EXEDetected by Dr.Web as Trojan.DownLoader8.28855No
Trend Micro Anti-SpywareYTmas.exeTrend Micro Anti-Spyware - required when using real time monitoring but now discontinuedNo
OE_OEMYTMAS_OEMon.exeTrend Micro Anti-Spam monitor for Outlook Express. Included with versions of Trend Micro Internet SecurityNo
tmchookXtmchook.exeDetected by Kaspersky as the VB.AA TROJAN!No
TMEEJME.EXEUTMEEJME.EXEToshiba TME (Toshiba Mobile Extension) ControlNo
Microsoft Update MachineXtmemser.exeDetected by Sophos as W32/Rbot-NQ and by Malwarebytes as Backdoor.BotNo
TMERzCtl.EXEUTMERzCtl.EXEToshiba TME (Toshiba Mobile Extension) ControlNo
TSBxLogon?TMESBS2.EXEFound on a Toshiba laptop. May be related to the TMESBS entry?No
TMESBSUTMESBS21.EXEUtility related to inserting and removing the slim bay device (such as a DVD/CD-writer) on Toshiba laptops. You can disable this task if you have no intention of ever taking the device out while the laptop is turned onNo
TMESBS.EXEUTMESBS21.EXEUtility related to inserting and removing the slim bay device (such as a DVD/CD-writer) on Toshiba laptops. You can disable this task if you have no intention of ever taking the device out while the laptop is turned onNo
TMESBS.EXEUTMESBS31.EXEUtility related to inserting and removing the slim bay device (such as a DVD/CD-writer) on Toshiba laptops. You can disable this task if you have no intention of ever taking the device out while the laptop is turned onNo
TMESBS.EXEUTMESBS32.EXEUtility related to inserting and removing the slim bay device (such as a DVD/CD-writer) on Toshiba laptops. You can disable this task if you have no intention of ever taking the device out while the laptop is turned onNo
TMESBS32UTMESBS32.EXEUtility related to inserting and removing the slim bay device (such as a DVD/CD-writer) on Toshiba laptops. You can disable this task if you have no intention of ever taking the device out while the laptop is turned onNo
TMExLogonUTMESRV.EXEToshiba utility related to inserting and removing a laptop from a docking station. Not required if you don't use a docking stationNo
TMESRV.EXEUTMESRV11.EXEToshiba utility related to inserting and removing a laptop from a docking station. Not required if you don't use a docking stationNo
TMESRV.EXEUTMESRV21.EXEToshiba utility related to inserting and removing a laptop from a docking station. Not required if you don't use a docking stationNo
TMESRV.EXEUTMESRV31.EXEToshiba utility related to inserting and removing a laptop from a docking station. Not required if you don't use a docking stationNo
TMESRV31UTMESRV31.EXEToshiba utility related to inserting and removing a laptop from a docking station. Not required if you don't use a docking stationNo
historyXtmhelp.exeDetected by Dr.Web as Trojan.MulDrop4.6401 and by Malwarebytes as Trojan.Agent.HY. The file is located in %System%No
tmivvdcbb.vbsXtmivvdcbb.vbsDetected by McAfee as RDN/Generic Downloader.x and by Malwarebytes as Trojan.Downloader.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Tmmkb?TMMKYSVR.EXEToshiba multi-media keyboard software - possibly including creating keyboard shortcuts?No
TMMonitorNtmmonitor.exeSystem Tray access and sync monitor for TotalMedia from Arcsoft - "an all-in-one multimedia application that allows you to access and work with digital photos, home videos, recorded TV programs, radio and your digital music library right from your TV or home computer." The sync monitor initiates the sync schedule that you have set and once it's time to sync the scheduled files, the program starts automatically. Exiting the sync monitor prevents scheduled sync from occurring until it is restartedYes
Microsoft Windows UpdaterXTMNTSrv.exeDetected by Malwarebytes as Trojan.MWF.Gen. The file is located in %System%No
Tmntsrv32XTmntsrv32.exeAdded by the STARTPAGE.O TROJAN!No
TM Outbreak AgentUTMOAgent.exePart of Trend Micro web-security products - PC-cillin 2004, Virus Buster 2003-2004 and Antivirus. Notifies users of virus outbreaks and offers to update the scannerNo
TMOUSEUtmouse.exeComponent of the Toshiba Mouse Control that allows users with an AccuPoint mouse to scroll MS-scroll-compatible documents by holding CTRL + ALT and moving the AccuPoint up or down. It also allows zooming by holding CTRL + SHIFT and moving the AccuPoint up or down. Disabling this item has no adverse effects, except disabling the scroll/zoom features of the AccuPointNo
MyAccessMediaXtmp**.exe [* = random char/digit]My AccessMedia toolbar related, stealth installed!No
FacbookUpdateXtmp*.exeDetected by Malwarebytes as Worm.Luder. The file is located in %AppData%No
Skype.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
OS.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp% - see examples here and hereNo
javaw.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
tmp3Xtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Java.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
syscontrol.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Adobe IXXtmp*.tmp.exeDetected by Sophos as Troj/MSIL-BS and by Malwarebytes as Backdoor.Agent.TMPNo
WindowsUpdate.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
winprocess.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
[9 or 10 numbers]Xtmp*.tmp.exeDetected by Malwarebytes as Trojan.Agent.TMPGen - where * represents numbers and the file is located in %Temp%No
[9 or 10 numbers].exeXtmp*.tmp.exeDetected by Malwarebytes as Trojan.Agent.TMPGen - where * represents numbers and the file is located in %Temp%No
vbc.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
WindowsUpdates.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Windows Update Center.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Windows OS.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp% - see an example hereNo
explorer.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Windows Defender.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
appdata.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
WinUpdate.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
bbus.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
StartUp..exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Windows Registry.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp% - see an example hereNo
Startup.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Adobe XI.exeXtmp*.tmp.exeDetected by Sophos as Troj/Mdrop-EYH and by Malwarebytes as Backdoor.Agent.TMPGenNo
crss.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
JavaUpdate.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
svchost.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
updates.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Oracle.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp%No
Skype Updater.exeXtmp*.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen - where * represents anything. The file is located in %Temp% - see an example hereNo
SystemErrorlogXtmp.exeDetected by Dr.Web as Win32.HLLW.Autoruner.52303 and by Malwarebytes as Worm.AutoRunNo
tmp.exeXtmp.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Trojan.Agent.TMPNo
tmp.exeXtmp.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp%No
tmp.exeXtmp.exeDetected by McAfee as RDN/Generic PWS.y and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Windows Live Messenger.exeXtmp1.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen. The file is located in %Temp%No
servicesXtmp66.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %AppData%No
Adobe Flash Player Update Service.exeXtmpB1.tmp.exeDetected by McAfee as RDN/Generic BackDoor!b2m and by Malwarebytes as Backdoor.Agent.TMPGenNo
Microsoft Mouse And Keyboard Center.exeXtmpE.tmp.exeDetected by McAfee as RDN/Generic.dx!dp and by Malwarebytes as Backdoor.Agent.TMPGenNo
TMPFXtmpE.tmp.exeDetected by McAfee as Generic BackDoor!fql and by Malwarebytes as Backdoor.Agent.DCNo
defender.exeXtmpE.tmp.exeDetected by McAfee as RDN/Generic.bfr!l and by Malwarebytes as Backdoor.Agent.TMPGenNo
NETSERV32.EXEXtmpE.tmp.exeDetected by McAfee as Generic BackDoor!fqd and by Malwarebytes as Backdoor.Agent.TMPGenNo
[9 to 10 numbers].exeXtmpE.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen. The file is located in %Temp% - see examples here and hereNo
Windows Operating System.exeXtmpE.tmp.exeDetected by McAfee as RDN/Generic BackDoor!g and by Malwarebytes as Backdoor.Agent.TMPGenNo
Javajdk.exeXtmpE.tmp.exeDetected by McAfee as RDN/Generic.dx!q and by Malwarebytes as Backdoor.Agent.TMPGenNo
StartUp..exeXtmpE.tmp.exeDetected by McAfee as RDN/Generic.bfr!ch and by Malwarebytes as Backdoor.Agent.TMPGenNo
tmpF.tmp.exeXtmpF.tmp.exeDetected by Malwarebytes as Backdoor.Agent.TMPGen. The file is located in %Temp%No
tmproxyYtmproxy.exePart of Trend Micro web-security products - Internet Security 2005, PC-cillin 2003, and Virus Buster 2003-2004No
Windows UDP Control CenterXtmps.exeDetected by Kaspersky as Backdoor.Win32.SdBot.eba and by Malwarebytes as Backdoor.Bot. The file is located in %Windir%No
cmmon32Xtmp[random].exeDetected by Malwarebytes as Trojan.Agent.CM - see an example hereNo
TMRUBottedTrayUTMRUBottedTray.exeRUBotted (from Trend Micro) monitors your computer for suspicious activities and regularly checks with an online service to identify behavior associated with Bots. Upon discovering a potential infection, RUBotted prompts you to scan and clean your computerNo
Windows TimeXtmservice.exeDetected by Sophos as W32/Rbot-YKNo
TMTMTSRUTMTMTSR.exeThrustmaster Thrustmapper - "t-mapper - icon sits on your taskbar and automatically detects when the joystick is plugged in and configures it accordingly"No
ThrustTSRUTMTMTSR.exeThrustmaster Thrustmapper - "t-mapper - icon sits on your taskbar and automatically detects when the joystick is plugged in and configures it accordingly"No
TweakMASTERUTMTray.exeSystem Tray access to TweakMASTER by Hagel Technologies - which "is the supreme Internet Optimizer. No matter what version of Windows you have or what type of Internet connection you use, TweakMASTER will provide a faster browsing experience"No
MICROSOFTMDXLSHKCUXTMVll.exeDetected by McAfee as RDN/Generic.bfr!fd and by Malwarebytes as Backdoor.Agent.ENo
PoliciesXTMVll.exeDetected by McAfee as RDN/Generic.bfr!fd and by Malwarebytes as Backdoor.Agent.PGenNo
MICROSOFT_MXLSHKLMXTMVll.exeDetected by McAfee as RDN/Generic.bfr!fd and by Malwarebytes as Backdoor.Agent.ENo
F-Secure TNBYTNBUtil.exePart of an older version of the F-Secure range of internet security products (also used by ISPs such as Charter (now Spectrum) and Shaw Internet)No
TNFQXTNF.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %Windir%No
TOOSNETXTNG.exeDetected by McAfee as RDN/PWS-Banker.dldr and by Malwarebytes as Trojan.Banker.TSNNo
ZCOMSISTEMXTNG.exeDetected by McAfee as RDN/PWS-Banker.dldr and by Malwarebytes as Trojan.Banker.BXNNo
OGRVVKXtnGDZv.exeDetected by McAfee as RDN/Generic FakeAlert!eo and by Malwarebytes as Backdoor.Messa.ENo
TNOD UPXTNODUP.exeDetected by McAfee as Generic.dx and by Malwarebytes as RiskWare.AgentNo
rdclipXTnppd36783.cplDetected by Malwarebytes as Trojan.Agent.CPL. The file is located in %System%\XPSViewerNo
TNTClkUTNTCLK.exeOverclocking program for TNT, TNT2, and other graphics cards. This program can overclock the graphics card manually after startup when needed, especially before starting a gaming session. However, for simplicity, it can be left checked to let it run once at startup to automatically overclock the graphics card. In this case, it doesn't even run in the background after doing its jobNo
MS Update- Client "support" 608XtNWCBsrdy.exeDetected by Sophos as Troj/Mdrop-CWJNo
ToADiMon.exeUToADiMon.exeT-Online ISP software connection assistantNo
SlipStreamYtoastcore.exeTOAST.net Accelerator customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
TOAST.net AcceleratorYtoastgui.exeTOAST.net Accelerator customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
toastpopXtoastpop.exeDetected by Dr.Web as Trojan.KillProc.19830 and by Malwarebytes as Adware.KorAd.GenNo
toastpop3Xtoastpop2.exeDetected by Dr.Web as Trojan.MulDrop4.8014 and by Malwarebytes as Adware.KorAd.GenNo
NortonOnlineBackupReminderNTOBuActivation.exeActivation reminder for the free trial version of TOSHIBA Online Backup (which is a rebranded version of Symantec's Norton Online Backup online storage utility)No
TOSHIBA Online BackupNTOBuActivation.exeActivation reminder for the free trial version of TOSHIBA Online Backup (which is a rebranded version of Symantec's Norton Online Backup online storage utility)No
Pex Sound DriverXToday's Results.vbsDetected by Sophos as W32/Trode-ANo
pex Sound driver 2XToday's Results.vbsDetected by Sophos as W32/Trode-ANo
TodayUToday.exeToday from Xarka Software - "a calendar/event journal based on the Greek Orthodox Church holidays" which displays a panel including a calendar, events, feasts, astronomical data and the photo of the dayYes
XarkaTodayUToday.exeToday from Xarka Software - "a calendar/event journal based on the Greek Orthodox Church holidays" which displays a panel including a calendar, events, feasts, astronomical data and the photo of the dayYes
TodayTab ClientXTodayTab.exeDetected by McAfee as Generic.dx!bbbtNo
toddyXtoddy.exeDetected by Malwarebytes as Trojan.LVBP.IF. The file is located in %UserProfile%No
debugXtodo.exeDetected by McAfee as Ransom!em and by Malwarebytes as Trojan.AgentNo
todoeosodeosuutXtodoeosodeosuut.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %Windir%No
TogglerUtoggler.exe"Toggler allows you to gain control over your Caps Lock, Num Lock, and Insert keys. It prevents you from writing in ALL CAPS when your finger has slipped to accidentally hit the Caps Lock key"No
tokenchanger.exeXtokenchanger.exeDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %AllUsersStartup% and its presence there ensures it runs when Windows startsNo
Registration ServiceXtoker.exeDetected by Sophos as W32/SdBot-BBNo
Tomorrowland Music PlayerXTomorrowLandAlbum.exeDetected by Dr.Web as Trojan.MulDrop5.5889 and by Malwarebytes as Trojan.Agent.TMLNo
TomTomHOME.exeNTomTomHOME.exeTomTom HOME - free management program for your PC to look after their GPS navigation productsNo
TomTomHOME.exeNTomTomHOMERunner.exeTomTom HOME - free management program for your PC to look after their GPS navigation productsNo
sibawerixXtomup.exeDetected by Trend Micro as WORM_SDBOT.AVB and by Malwarebytes as Backdoor.IRCBotNo
firefoxXtonight.exeDetected by McAfee as Generic BackDoorNo
toobarXtoobar.exeDetected by McAfee as RDN/Downloader.gen.a and by Malwarebytes as Trojan.Guara.BRNo
MSNMSGRSXTool.exeDetected by Dr.Web as Trojan.DownLoader4.39809 and by Malwarebytes as Backdoor.BotNo
msresearchXtool3.exeAdded by the SpySheriff rogue spyware remover - not recommended, removal instructions hereNo
AVGTOOLBARXtoolbar.exeDetected by McAfee as RDN/Autorun.worm.bbp!a and by Malwarebytes as Backdoor.Agent. Note - this is not a valid entry for the AVG ToolbarNo
PoliciesXtoolbar.exeDetected by McAfee as RDN/Autorun.worm.bbp!a and by Malwarebytes as Backdoor.AgentNo
SystemScriptXtoolbar.exeDetected by Malwarebytes as Trojan.Agent.MW. The file is located in %LocalAppData%\Microsoft\WindowsNo
SystemScriptXtoolbar.exeDetected by Malwarebytes as Trojan.Agent.STM. The file is located in %ProgramFiles%\VKtoolbarNo
SystemScriptXtoolbar.exeDetected by Malwarebytes as Trojan.Agent.STM. The file is located in %WinTemp%No
hsimXtoolbar.exeAdded by unidentified malwareNo
StartNowToolbarHelperXToolbarHelper.exeDetected by McAfee as Generic.tfr!sNo
GoogleUpdateXToolbarInstaller.exeDetected by Malwarebytes as Trojan.Agent.IGen. The file is located in %UserTemp%No
ToolbarRestoreXToolbarRestore.exeDetected by McAfee as Generic Downloader.x!gfk and by Malwarebytes as Adware.K.ILike. The file is located in %ProgramFiles%\ILikeClickNo
CheckItUToolBox.exeCheckIt Toolbox from WinCheckIt Diagnostic Software. Toolbox automatically backs up critical system files (such as .ini files and the Windows Registry), and performs a check on various system parameters at intervals you specifyNo
HKCUTOOLYXtoolby.exeDetected by McAfee as RDN/Generic.tfr and by Malwarebytes as Trojan.Banker.ENo
HKLMTOOLYXtoolby.exeDetected by McAfee as RDN/Generic.tfr and by Malwarebytes as Trojan.Banker.ENo
PC Spy KeyloggerUToolKeylogger.exePCSpyKeyLogger keystroke logger/monitoring program - remove unless you installed it yourself!No
XP Advanced KeyloggerUToolKeylogger.exeXP Advanced Keylogger surveillance software. Uninstall this software unless you put it there yourselfNo
adobe_System_AppXToolkit.exeAdded by the FAKEAV-ELH TROJAN!No
WinUtilities Memory OptimizerUToolMemoryOptimizer.exe"WinUtilities Memory Optimizer optimizes the memory management of your system and boost-up its performance amazingly!"No
Perfect Memory OptimizerUToolMemoryOptimizer.exePerfect Utilities Memory Optimizer (the same as WinUtilities Memory Optimizer)No
ToolNotifierXToolNotifier.exeDetected by McAfee as Generic.dx!venNo
\tools.exeXtools.exeFastFind adware variantNo
Windows More ChoiceXTopContext.exeZQuest adwareNo
TopDeskUTopDesk.exeTopDesk windows management utility from Otaku Software Pty Ltd which allows you to quickly tile windows (all, application or visible) as well as hiding visible windowsYes
StartnameXtoperas.exeDetected by Malwarebytes as Backdoor.Agent.DCE. The file is located in %ProgramFiles% - see hereNo
topi?topi.exeToshiba Online Product Information. What does it do and is it required?No
TopmostClockUTopMostClock.exeTopMost Clock - transparent analog clock which displays on top of your other windowsNo
TopSearchXTopSearch.exeTopSearch adwareNo
topsearch.exeXtopsearch.exeDetected by Dr.Web as Trojan.DownLoad3.15877 and by Malwarebytes as Adware.KoradNo
TorNtor.exeTor anonymity packageNo
tor anonymous proxyXtor32.exeDetected by Sophos as W32/Sdbot-ADRNo
torchoUtorcho.exeDetected by Malwarebytes as PUP.Optional.PayByAds. The file is located in %AppData%\torcho\torcho\[version]. If bundled with another installer or not installed by choice then remove itNo
TorCPNtorcp.exeTorCP controller for the Tor anonymity package - which "runs in your system's notification area, giving you a way to check on the status of Tor without having to have the console window open all the time"No
HKCUTORNTXTornt.exeDetected by Malwarebytes as Backdoor.Agent.HKPGen. The file is located in %Windir%\InstallDirNo
HKLMTORNTXTornt.exeDetected by Malwarebytes as Backdoor.Agent.HKPGen. The file is located in %Windir%\InstallDirNo
TornTv DownloaderUTorntv Downloader.exeDetected by Malwarebytes as PUP.Optional.TornTV. The file is located in %AppData%\TornTV.com. If bundled with another installer or not installed by choice then remove itNo
TornTvDownloaderUTorntv Downloader.exeDetected by Malwarebytes as PUP.Optional.TornTV. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\TornTV.com. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
[various names]XTorontoMail.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
DadfXtorrent.exeDetected by Malwarebytes as Trojan.VBKrypt. The file is located in %AppData%No
System SupportXtorrent.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
ShellXtorrent.exe,explorer.exeDetected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "torrent.exe" (which is located in %AppData%\torrent)No
TortugaUtortuga.exeDetected by Malwarebytes as PUP.Optional.Clara. The file is located in %LocalAppData%\Tortuga\Application. If bundled with another installer or not installed by choice then remove itNo
TOSCDSPDNtoscdspd.exeRelated to Toshiba laptop CD/DVD drivers. This is a non-essential process. Disabling or enabling this is down to user preferenceNo
Toshiba TEMPONToshiba.Tempo.UI.TrayApplication.exeAdvised you on how to fine-tune the performance of your notebook and keep you informed of the latest Toshiba software and driver updates as soon as they are released. It does this by delivering various types of alerts into a special TEMPO inbox area on your notebook PCNo
Toshiba App PlaceUToshibaAppPlace.exeToshiba AppPlace - cloud based apps "specially designed to work for you and your Toshiba laptop"No
ToshibaAppPlaceUToshibaAppPlace.exeToshiba AppPlace - cloud based apps "specially designed to work for you and your Toshiba laptop"No
Toshiba RegistrationNToshibaRegistration.exeToshiba Registration - available via Start → ProgramsNo
TOSHIBA Service StationNToshibaServiceStation.exeToshiba Service Station "allows your computer to automatically search for TOSHIBA software updates or other alerts from TOSHIBA that are specific to your computer system and its programs"No
ToshibaServiceStationNToshibaServiceStation.exeToshiba Service Station "allows your computer to automatically search for TOSHIBA software updates or other alerts from TOSHIBA that are specific to your computer system and its programs"No
TOSHIBSUUToshibsu.exeReduces the power consumption when the laptop isn't being used to preserve battery power. Hibernate function doesn't work if this is disabled. Similar programs on other laptops reduce the processor clock rate, etc. Required if you run off battery regularlyNo
TosHKCWUTosHKCW.exeToshiba Hot Key Change/Control Wireless. Permits you to use a hot key to activate/deactivate built-in 802.11b wireless transmission on a laptop (if installed)No
TosHKCW.exeUTosHKCW.exeToshiba Hot Key Change/Control Wireless. Permits you to use a hot key to activate/deactivate built-in 802.11b wireless transmission on a laptop (if installed)No
gmailXtoskngr.exeDetected by Trend Micro as TROJ_VB.FPWNo
TosMemYtosmem.exeToshiba laptop related. Win98/Me ACPI system can not hibernate or go on standby if all of the physical memory lower than 640KB is locked. This utility allocates and locks three pages on boot and then releases them on standby/hibernation for ACPI.SYS in order to solve the above problemNo
TosNCUTosNcCore.exePart of Toshiba's Bulletin Board - "a visual tool that uses the PC's touch screen to keep you organized with sticky notes, to-do lists and more". Available on some newer model laptopsNo
SPOLSVXtosnreg.exeDetected by Malwarebytes as Worm.Flooder. The file is located in %System% - see hereNo
TOSHIBA Picture Enhancement Utility?TosPEHK.exeThe Toshiba Picture Enhancement Utility improves the image quality of functions such as watching a DVD movie, viewing information from a video camcorder or recorder, or receiving input from a console such as a PlayStation or X-Box on some laptop modelsNo
TosPEHK?TosPEHK.exeThe Toshiba Picture Enhancement Utility improves the image quality of functions such as watching a DVD movie, viewing information from a video camcorder or recorder, or receiving input from a console such as a PlayStation or X-Box on some laptop modelsNo
TPURegUTosPU.exeTOSHIBA Password Utility adds additional password security to your Toshiba computer. After registering a user password, you will be required to input it when booting the computer or starting the Password Utility"No
TPUReg(x86)UTosPU.exeTOSHIBA Password Utility adds additional password security to your Toshiba computer. After registering a user password, you will be required to input it when booting the computer or starting the Password Utility"No
TOSHIBA Password UtilityUTosPU.exeTOSHIBA Password Utility adds additional password security to your Toshiba computer. After registering a user password, you will be required to input it when booting the computer or starting the Password Utility"No
TosReelTimeMonitorUTosReelTimeMonitor.exeToshiba's ReelTime™ software is a "free app shows you a visual timeline of your recently accessed files using graphic thumbnails like movie frames, so you can get to your files faster". Available on newer modelsNo
TSVUUTosSmartViewCtrl.exeTOSHIBA Display Utility included on some of their laptopsNo
TSVUUTosSmartViewLauncher.exeLauncher for the TOSHIBA Display Utility included on some of their laptopsNo
tostpop.exeXtostpop.exeDetected by Malwarebytes as Adware.K.TostPop. The file is located in %ProgramFiles%\tostpopNo
tostpop_.exeXtostpop_.exeDetected by Malwarebytes as Adware.K.TostPop. The file is located in %ProgramFiles%\tostpopNo
Toshiba Volume RegulatorUTosVolRegulator.exeAutomatically adjusts the volume level up or down depending upon the level of ambient noise on some Toshiba laptopsNo
TosVolRegulatorUTosVolRegulator.exeAutomatically adjusts the volume level up or down depending upon the level of ambient noise on some Toshiba laptopsNo
Toshiba HDD SDD AlertUTosWaitSrv.exePart of Toshiba's Hard Drive Impact Sensor - 'a complex system of hardware and software designed to detect sudden movements (as when your laptop starts to fall off the table) and "park" the heads of your hard drive before damage occurs.' Available on some modelsNo
TosSENotifyUTosWaitSrv.exePart of Toshiba's Hard Drive Impact Sensor - 'a complex system of hardware and software designed to detect sudden movements (as when your laptop starts to fall off the table) and "park" the heads of your hard drive before damage occurs.' Available on some modelsNo
TosWaitSrvUTosWaitSrv.exePart of Toshiba PC Health Monitor - which "takes protection to the next level by proactively checking your machine and alerting you to issues ahead of time"No
totaconXtotacon.exeAdded by a variant of the Storm/Nuwar/Zhelatin WORM! See here for an exampleNo
Total PC Defender 2010XTotal PC Defender 2010.exeTotal PC Defender rogue security software - not recommended, removal instructions hereNo
Total PC DefenderXTotal PC Defender.exeTotal PC Defender rogue security software - not recommended, removal instructions hereNo
[32 random numbers]Xtotal.exeTotal Antivirus rogue security software - not recommended, removal instructions hereNo
bs_stealthXTotallyNotAVirus.exeDetected by McAfee as RDN/Ransom!cd and by Malwarebytes as Backdoor.Agent.BSGenNo
totalvaccineXtotalvaccineu.exeTotalVaccine rogue security software - not recommendedNo
Total Virus ProtectionXTotalVirusProtection.exeTotal Virus Protection rogue security software - not recommended, removal instructions hereNo
Total RecorderUTotRecSched.exeScheduler for Total Recorder from High Criteria Inc - which allows you to schedule playbacks or recordings using either the built-in scheduler or use command line options with an external scheduler, such as Microsoft Task SchedulerYes
TotalRecorderSchedulerUTotRecSched.exeScheduler for Total Recorder from High Criteria Inc - which allows you to schedule playbacks or recordings using either the built-in scheduler or use command line options with an external scheduler, such as Microsoft Task SchedulerYes
TotRecSchedUTotRecSched.exeScheduler for Total Recorder from High Criteria Inc - which allows you to schedule playbacks or recordings using either the built-in scheduler or use command line options with an external scheduler, such as Microsoft Task SchedulerYes
TouchEDUTouchED.exeTouchPad On/Off Utility on a Toshiba laptopNo
TouchFreezeUTouchFreeze.exeTouchFreeze is simple utility for Windows that automatically disables the touchpad on notebooks while you are typing text - so that you can avoid accidentally changing the position of the cursor in your document or clicking on an optionNo
Touch-ItUTouchIt.exeTouch-It virtual keyboard by Chessware - "is a powerful set of tools to build and use on screen keyboards. You can type right away using the preset templates or create your own from scratch using the Designer." Pro versionNo
Touch-ItUTouchItf.exeTouch-It virtual keyboard by Chessware - "is a powerful set of tools to build and use on screen keyboards. You can type right away using the preset templates or create your own from scratch using the Designer." Free versionNo
Intelligent TouchpadUTouchZone.exeEnhances the integrated touchpad driver by Synaptics included with some Lenovo laptops running Windows 8 or higherNo
WinBackupXTower_Defensev2.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
towidfydhiliXtowidfydhili.exeDetected by McAfee as Generic Downloader.x and by Malwarebytes as Trojan.Agent.USNo
Tox.exeXTox.exeDetected by Trend Micro as TROJ_CRYPTOX.SM and by Malwarebytes as Ransom.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
*toxicfreeXtoxicSafe.exeDetected by Dr.Web as Trojan.DownLoader7.27733 and by Malwarebytes as Trojan.AgentNo
ToxicUpdateXToxicUpdate.exeDetected by Dr.Web as Trojan.DownLoader7.27733 and by Malwarebytes as Trojan.AgentNo
Windows RepairXtoxikx.exeDetected by Sophos as W32/Sdbot-ADLNo
TP Loader.exeXTP Loader.exeDetected by Malwarebytes as Backdoor.NJRat. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
TrackPoint Accessibility FeaturesUtp4ex.exeSupports accessibility features for the TrackPoint stick and associated buttons on IBM/Lenovo ThinkPad notebooks. If features such as "Click Sound", "Button Lock" and "Cross Hair cursor" are enabled this entry will run at startup. If none of the accessibility features are used it remains as a startup entry but doesn't runYes
IBM TrackPoint Accessibility FeaturesUtp4ex.exeSupports accessibility features for the TrackPoint stick and associated buttons on IBM/Lenovo ThinkPad notebooks. If features such as "Click Sound", "Button Lock" and "Cross Hair cursor" are enabled this entry will run at startup. If none of the accessibility features are used it remains as a startup entry but doesn't runYes
TP4EXUtp4ex.exeSupports accessibility features for the TrackPoint stick and associated buttons on IBM/Lenovo ThinkPad notebooks. If features such as "Click Sound", "Button Lock" and "Cross Hair cursor" are enabled this entry will run at startup. If none of the accessibility features are used it remains as a startup entry but doesn't runYes
TrackPointSrvUtp4mon.exeSupports the "pointer stick" in lieu of a mouse on an IBM/Lenovp ThinkPad laptop. Necessary for the "scroll" button to workNo
tp4monUtp4mon.exeSupports the "pointer stick" in lieu of a mouse on an IBM/Lenovp ThinkPad laptop. Necessary for the "scroll" button to workNo
TrackpointSrvUtp4serv.exeSupports the "pointer stick" in lieu of a mouse on an IBM/Lenovp ThinkPad laptop. Necessary for the "scroll" button to workNo
tp4servUtp4serv.exeSupports the "pointer stick" in lieu of a mouse on an IBM/Lenovp ThinkPad laptop. Necessary for the "scroll" button to workNo
TP98UTILNTP98.EXEIBM Thinkpad feature setup and configuration utilityNo
TPTRAYNTP98TRAY.EXESystem Tray access to the ThinkPad Configuration utility for IBM/Lenovo ThinkPad notebooks. "The ThinkPad Configuration utility is a control center to configure your ThinkPad hardware. With this utility, you can setup or change your device configurations for ThinkPad hardware and options"Yes
IBM ThinkPad Tray UtilityNTP98TRAY.EXESystem Tray access to the ThinkPad Configuration utility for IBM/Lenovo ThinkPad notebooks. "The ThinkPad Configuration utility is a control center to configure your ThinkPad hardware. With this utility, you can setup or change your device configurations for ThinkPad hardware and options"Yes
ThinkPad Configuration UtilityNTP98TRAY.EXESystem Tray access to the ThinkPad Configuration utility for IBM/Lenovo ThinkPad notebooks. "The ThinkPad Configuration utility is a control center to configure your ThinkPad hardware. With this utility, you can setup or change your device configurations for ThinkPad hardware and options"Yes
TP98TRAYNTP98TRAY.EXESystem Tray access to the ThinkPad Configuration utility for IBM/Lenovo ThinkPad notebooks. "The ThinkPad Configuration utility is a control center to configure your ThinkPad hardware. With this utility, you can setup or change your device configurations for ThinkPad hardware and options"Yes
Tpam.exe?tpam.exeTP Attach Manager - part of IBM Personal Communications. What does it do and is it required?No
TPCHWMsgUTPCHWMsg.exePart of Toshiba PC Health Monitor - which "takes protection to the next level by proactively checking your machine and alerting you to issues ahead of time"No
TOSHIBA PC Health MonitorUTPCHWMsg.exePart of Toshiba PC Health Monitor - which "takes protection to the next level by proactively checking your machine and alerting you to issues ahead of time"No
WindowsXtPDAZRDA.exeAdded by the VBKRYPT.HDQM TROJAN!No
LENOVO.TPFNF6RUTPFNF6R.exeSupports the Fn+F6 hotkey combination on IBM/Lenovo Thinkpad notebooks which mutes the microphoneNo
TPFNF7UTPFNF7SP.exePresentation Director for IBM/Lenovo Thinkpad notebooks - which allows you to create and quickly select between various single and multiple display options via the Fn+F7 key combinationNo
TPFNF7SPUTPFNF7SP.exePresentation Director for IBM/Lenovo Thinkpad notebooks - which allows you to create and quickly select between various single and multiple display options via the Fn+F7 key combinationNo
tpbarXtpframe.exeDetected by Sophos as Troj/Sasfis-SNo
TPHKMGRUTPHKMGR.exeHotkey manager for IBM/Lenovo Thinkpad notebooks. Supports the blue "ThinkVantage" or "Access IBM" help key, Fn+Fx (where x is a number) key combinations (for access to features such as quickly locking the computer, wireless management, EasyEject and full-screen magnifier) and audio buttons (mute and volume up/down)Yes
TPHKMGR.exeUTPHKMGR.exeHotkey manager for IBM/Lenovo Thinkpad notebooks. Supports the blue "ThinkVantage" or "Access IBM" help key, Fn+Fx (where x is a number) key combinations (for access to features such as quickly locking the computer, wireless management, EasyEject and full-screen magnifier) and audio buttons (mute and volume up/down)Yes
TPHOTKEYUTPHKMGR.exeHotkey manager for IBM/Lenovo Thinkpad notebooks. Supports the blue "ThinkVantage" or "Access IBM" help key, Fn+Fx (where x is a number) key combinations (for access to features such as quickly locking the computer, wireless management, EasyEject and full-screen magnifier) and audio buttons (mute and volume up/down)Yes
TpKmapApNTpKmapAp.exePart of the Keyboard Customizer Utility for IBM/Lenovo Thinkpad notebooks. This is the main user interface for the utility but it doesn't normally seem to be running if enabled at startup. Also, it doesn't appear to need to be running for custom key combinations to work (via TpKmapMn.exe)Yes
TPKMAPHELPERNTpKmapAp.exePart of the Keyboard Customizer Utility for IBM/Lenovo Thinkpad notebooks. This is the main user interface for the utility but it doesn't normally seem to be running if enabled at startup. Also, it doesn't appear to need to be running for custom key combinations to work (via TpKmapMn.exe)Yes
Keyboard CustomizerNTpKmapAp.exePart of the Keyboard Customizer Utility for IBM/Lenovo Thinkpad notebooks. This is the main user interface for the utility but it doesn't normally seem to be running if enabled at startup. Also, it doesn't appear to need to be running for custom key combinations to work (via TpKmapMn.exe)Yes
TPKMAPMNUTpKmapMn.exeKeyboard Customizer Utility for IBM/Lenovo Thinkpad notebooks. This startup entry will be enabled if either the default or custom key combinations are selected for use with the built-in keyboard (such as AltGr for the Windows key) or an external keyboard (such as Right Ctrl + Up arrow for volume up)Yes
TpKmapMn.exeUTpKmapMn.exeKeyboard Customizer Utility for IBM/Lenovo Thinkpad notebooks. This startup entry will be enabled if either the default or custom key combinations are selected for use with the built-in keyboard (such as AltGr for the Windows key) or an external keyboard (such as Right Ctrl + Up arrow for volume up)Yes
LENOVO.TPKNRRESNTpKnrres.exeLauncher for the Lenovo Communications Utility - which is used to configure settings for the integrated camera and audio devicesNo
tpopserviceUtpopservice.exeDirecWay two-way satellite internet service enhanced POP proxy server for emailNo
TPHOTKEYUTPOSDSVC.exeSupports the hotkeys on IBM/Lenovo ThinkPad notebooks - displays the result of the using of function keys on the desktop screen. For example, whenever a user changes system speaker volume, this program displays a volume indicator on the desktop screenYes
TPOSDSVCUTPOSDSVC.exeSupports the hotkeys on IBM/Lenovo ThinkPad notebooks - displays the result of the using of function keys on the desktop screen. For example, whenever a user changes system speaker volume, this program displays a volume indicator on the desktop screenYes
TPOSDSVC.exeUTPOSDSVC.exeSupports the hotkeys on IBM/Lenovo ThinkPad notebooks - displays the result of the using of function keys on the desktop screen. For example, whenever a user changes system speaker volume, this program displays a volume indicator on the desktop screenYes
tposdsvc.exeXtposdsvc.exeDetected by Dr.Web as Trojan.DownLoader6.64496 and by Malwarebytes as Trojan.Agent.cn. Note - this is not the legitimate on-screen display for hotkeys on IBM/Lenovo ThinkPad notebooks that is normally found in %ProgramFiles%\Lenovo\HOTKEY. This one is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
On screen displayUTPOSDSVC.exeSupports the hotkeys on IBM/Lenovo ThinkPad notebooks - displays the result of the using of function keys on the desktop screen. For example, whenever a user changes system speaker volume, this program displays a volume indicator on the desktop screenYes
ThinksPowerXTPOSDSVC.exeDetected by Dr.Web as Trojan.DownLoader6.64496 and by Malwarebytes as Trojan.Agent.cn. Note - this is not the legitimate on-screen display for hotkeys on IBM/Lenovo ThinkPad notebooks that is normally found in %ProgramFiles%\Lenovo\HOTKEY. This one is located in %Windir%No
TPP Auto LoaderUTppaldr.exeInstalled with DataStor (and some other manufacturers) USB 2.0 based external DVD, CD-ROM and CD-RW drives. System tray icon allowing the user to disconnect the external drive without an error message being displayedNo
TprtrayUTprtray.exeDisplays the Power icon in the System Tray on a Toshiba laptopNo
TpscrexUTpscrex.exeIBM/Lenovo ThinkPad hotkey related. The file is located in %ProgramFiles%\MSTpscreNo
TpscrexXTpscrex.exeDetected by Trend Micro as TROJ_DLOADE.BEZ. The file is located in %ProgramFiles%\TpScrexNo
TPKBDLEDUTpScrLk.exeIBM Thinkpad utility for displaying the Scroll Lock status on the System Tray - for Thinkpad's that don't have a Scroll Lock LEDYes
TpScrLkUTpScrLk.exeIBM Thinkpad utility for displaying the Scroll Lock status on the System Tray - for Thinkpad's that don't have a Scroll Lock LEDYes
TpScrLk.exeUTpScrLk.exeIBM Thinkpad utility for displaying the Scroll Lock status on the System Tray - for Thinkpad's that don't have a Scroll Lock LEDYes
TpShocksYTpShocks.exePart of the Active Protection System found on some IBM/Lenovo ThinkPad models - including the T, W, X and Z series. This provides airbag-like protection for your hard drive as the system has "an integrated motion sensor that continuously monitors the movement of the notebook, and, if a sudden change in motion is detected, it temporarily stops the hard drive to protect it from a potential crash". The user can also temporarily suspend APS via the Start Menu or (optional) System Tray icon and view the real-time statusYes
ThinkVantage Active Protection SystemYTpShocks.exePart of the Active Protection System found on some IBM/Lenovo ThinkPad models - including the T, W, X and Z series. This provides airbag-like protection for your hard drive as the system has "an integrated motion sensor that continuously monitors the movement of the notebook, and, if a sudden change in motion is detected, it temporarily stops the hard drive to protect it from a potential crash". The user can also temporarily suspend APS via the Start Menu or (optional) System Tray icon and view the real-time statusYes
n/a TpShocksYTpShocks.exePart of the Active Protection System found on some IBM/Lenovo ThinkPad models - including the T, W, X and Z series. This provides airbag-like protection for your hard drive as the system has "an integrated motion sensor that continuously monitors the movement of the notebook, and, if a sudden change in motion is detected, it temporarily stops the hard drive to protect it from a potential crash". The user can also temporarily suspend APS via the Start Menu or (optional) System Tray icon and view the real-time statusYes
TPSmainUTPSMain.exeToshiba Power Saver utility - which "manages the power consumption of various devices on Toshiba notebook computers. Its primary purpose is to extend the amount of time that your machine can run from its battery or batteries"No
TPSODDCtlYTPSODDCtl.exePower saving software on Toshiba laptopsNo
TPNFNTPTray.exeTouchpad configuration tray icon for Toshiba laptops. Available via Start → Settings → Control PanelNo
TPTrayNTPTray.exeTouchpad configuration tray icon for Toshiba laptops. Available via Start → Settings → Control PanelNo
TPWAUDAPUTpWAudAp.exeProvides support for volume changes via hotkeys on IBM/Lenovo Thinkpad notebooksNo
TPwrMainYTPwrMain.EXEPower management software for Toshiba laptopsNo
TPwrMgrYTPwrMgr.exePower management software for Toshiba laptopsNo
TpwrtrayYTPWRTRAY.EXEToshiba laptop's own Advanced Power Management system which disables Windows APM (greyed-out in Control Panel). You can't choose which of the 2 systems to useNo
tqrecvUtqrecv.exeTellique satellite broadcast reception softwareNo
tqslgwXtqslgw.datDetected by Malwarebytes as Trojan.Ransom.DT. The file is located in %CommonAppData%No
Keyboard TracerUTracer.exeKeyboard Tracer by UpClock Software - "is an easy-to-use and practical tool for tracking all keypresses on your computer keyboard"No
tracesweeperXtracesweeper.exeTrace Sweeper rogue privacy tool - not recommendedNo
TrackerNTracker.exePart of MyInvoices & Estimates Deluxe by Avanquest. Launches the Outstanding Invoices dialog of the My Deluxe Invoices software so "you can receive and track payments, evaluate your business with complete reports on sales and invoices, and even manage contacts, vendors, and inventory"No
sys.exeXTrading file.exeDetected by Malwarebytes as Trojan.Injector.MSIL. The file is located in %AppData%No
Windows Start Server 2000Xtraficy.exeDetected by Sophos as W32/Rbot-AHMNo
TrailerTimeUTrailerTime.exeDetected by Malwarebytes as PUP.Optional.TrailerTime. The file is located in %AppData%\TrailerTime. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
TrailerWatchUTrailerWatch.exeDetected by Malwarebytes as PUP.Optional.TrailerWatch. The file is located in %AppData%\TrailerWatch. If bundled with another installer or not installed by choice then remove itNo
Traine.vbsXTraine.vbsDetected by McAfee as RDN/Generic.dx!djh and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
traniconUtranicon.exeComponent from the Tweak-XP optimization utility for Windows XP from Totalidea Software. Makes Desktop icons transparentNo
TransparentIconsUtranicon.exeComponent from the Tweak-XP optimization utility for Windows XP from Totalidea Software. Makes Desktop icons transparentNo
TransBarUtransbar.exeTransbar by AKSoftware "is a little tweaking tool which takes advantage of Alpha Transparency in Windows 2000 and Windows XP. Using TransBar, you can adjust the transparency level of your taskbar meaning that a full screen wallpaper is made partially visible through the taskbar"No
Transcode360NTranscode360Tray.exeDesigned for WinXP Media Center Edition 2005 and the Xbox 360, Transcode360 aims to broaden the support for a wide range of video media including DivX and XviDNo
loadXTransfer1.exeDetected by Malwarebytes as Trojan.Agent.MSIL. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "Transfer1.exe" (which is located in %UserTemp%\Transfer)No
DellTransferAgent?TransferAgent.exeFound on Dell computers. Possibly the Transfer MyPC utility (by Orlogix), which is optionally installed when a user configures a new system and is used to move all your files, applications and settings to the new PC?No
AutoStartTransitionYTransition.exeLenovo Transition (now superseded by Lenovo Yoga Mode Control) - which automatically disable/enables the keyboard and touchpad when the hinge position for Yoga/Flex models is above 190 degrees and enables the soft keyboard when in tent or tablet modeNo
translation3Xtranslation2.exeDetected by Dr.Web as Trojan.MulDrop4.303 and by Malwarebytes as Adware.KorAdNo
transletedXtransleted.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %ProgramFiles%\GoogleNo
HKLMXtransleted.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\GoogleNo
HKCUXtransleted.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\GoogleNo
TransparentB.exeUTransparentB.exeUtility to turn WinNT/9x desktop icon text backgrounds transparent. The last letter defines the icon text color: D = as desktop, W = white, B = black. Available from hereNo
TransparentD.exeUTransparentD.exeUtility to turn WinNT/9x desktop icon text backgrounds transparent. The last letter defines the icon text color: D = as desktop, W = white, B = black. Available from hereNo
TransparentW.exeUTransparentW.exeUtility to turn WinNT/9x desktop icon text backgrounds transparent. The last letter defines the icon text color: D = as desktop, W = white, B = black. Available from hereNo
TransTaskUtranstask.exeComponent from the Tweak-XP optimization utility for Windows XP from Totalidea Software. Makes Taskbar icons transparentNo
IDMXTRASH.exeDetected by Malwarebytes as Backdoor.SpyNet. The file is located in %AppData%\IDM\HISTORY - see hereNo
TrashgrdUTRASHGRD.EXEPart of the old McAfee Utilities and Nuts & Bolts utility suites. Protects all the files you delete, even files deleted in DOS or in 16-bit Windows applications, by sending them to the Recycle BinNo
Microsoft Legacy DeviceXtrass.exeDetected by Sophos as W32/Rbot-AIXNo
Tray DateNTray Date.exeTray Date by Titlebar Software - displays a simple icon in the System Tray (that can't be configured) which shows the current date. The originator's website is no longer available but you can still download it here. Whilst it only uses around 10MB of memory, you can run it via the Start menu - or you can simply move the cursor over the clock time on the System Tray to show the dateYes
Tray FolderUTray Folder.exeTray Folder by Titlebar Software - creates a hidden folder that is only normally accessible by double-clicking on a System Tray icon that shows the current date. You can also hide files and other folders in that hidden folder. The originator's website is no longer available but you can still download it hereYes
TrayFolderUTray Folder.exeTray Folder by Titlebar Software - creates a hidden folder that is only normally accessible by double-clicking on a System Tray icon that shows the current date. You can also hide files and other folders in that hidden folder. The originator's website is no longer available but you can still download it hereYes
System Tray MonitorXtray.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%\inetsrvNo
AdwareKiller_trayXtray.exeEAdwareKiller rogue spyware remover - not recommendedNo
Tray IconsXTray.exeDetected by Sophos as Troj/VB-GMVNo
GarminExpressTrayAppNtray.exeSystem Tray access to Garmin Express - which is software that helps you manage your Garmin devices, such as updating maps, uploading activities to Garmin Connect, uploading golf course maps and registering productsNo
ShellXTray.exeHomepage hijacker re-directing browsers to adult content websitesNo
Vongo TrayNTray.exeSystem Tray access the now discontinued Vongo video-on-demand serviceNo
Traymin900UTray900.exeRelated to the Philips SPC webcam - System Tray manager for Personal 900 series cameraNo
PCSuiteTrayApplicationNTrayApplication.exeSystem Tray access to Nokia PC Suite - which "is a free PC software product that allows you to connect your Nokia device to a PC and access mobile content as if the device and the PC were one." This allows you (amongst other options) to backup your devices contents to your PC, use it to connect to the internet, transfer files and synchronize contacts, etc. Available from the start menuNo
PCSuiteTrayApplicationNTRAYAP~1.EXESystem Tray access to Nokia PC Suite - which "is a free PC software product that allows you to connect your Nokia device to a PC and access mobile content as if the device and the PC were one." This allows you (amongst other options) to backup your devices contents to your PC, use it to connect to the internet, transfer files and synchronize contacts, etc. Available from the start menuNo
Camera Assistant SoftwareUtraybar.exeCamera Assistant Software utility for Toshiba laptops - allows you to take pictures with and control the integrated WebCamNo
MSN Internet AccessNTRAYCLNT.EXEQuick way to connect to MSN internet service - replaces "MSN Quick View" from V5.6 onwardsNo
SarbyxTrayClockUtrayclock.exeSarbyx TrayClock by Sarbyxlabs.com - "is the replacement for standard Windows clock, it builds itself right into the taskbar and doesn't eat any desktop space. It includes numerous useful features that extend standard Windows clock functionality"No
NovaNet-WEB Tray ControlUTrayControl.exeSystem Tray access to Packard Bell EverSafe backup and restore software by NovaStorNo
Packard Bell EverSafe Tray ControlUTrayControl.exeSystem Tray access to Packard Bell EverSafe backup and restore software by NovaStorNo
Propel AcceleratorUtrayctl.exePropel Internet AcceleratorNo
AGEIA PhysX SysTrayNTrayIcon.exeSystem Tray access to display properties for AGEIA PhysX graphics cards (now incorporated into NVIDIA Geforce graphics cards). Unless you change your desktop resolution, etc, regularly use Control Panel → Display Properties or right-click on the desktopNo
DisplayTrayIconNTrayIcon.exeSystem Tray access to display properties for ABIT graphics cards. Unless you change your desktop resolution, etc regularily use Control Panel → DisplayNo
CacheBoostUtrayicon.exeSystem Tray access to, and ntoifications for CacheBoost by Systweak Software - which "optimizes the System Cache-Management of Windows XP/2000/NT and Windows .Net Servers, resulting in a performance boost"No
AXIS Print System TrayIconUTrayIcon.exeSystem Tray access to AXIS Print System from AXIS Communications - "adds printer discovery, printer driver installation printing on Windows platforms. Printing is enabled by AXIS Print Monitor, which is one of the components. Another component in AXIS Print System is AXIS IP Installer." Now discontinuedNo
eScan UpdaterYTrayicos.exeUpdater for an older version of MicroWorld eScan antivirusNo
TrayIt!Utrayit!.exeTrayIt! minimizes open windows to the System Tray as icons instead of the usual taskbarNo
TrayManagerUTRAYMAN.EXETrayManager hides system tray icons (FreeCell won't work when TrayMan is loaded)No
MicrosoftCorpXtraymgr.exeDetected by Malwarebytes as Trojan.Agent.MSGen. The file is located in %System%No
MicrosoftNAPCXtraymgr.exeDetected by Dr.Web as Win32.HLLW.Autoruner2.9726 and by Malwarebytes as Backdoor.BotNo
JavaTrayXtraymgr.exeDetected by Dr.Web as Win32.HLLW.Autoruner2.9726No
TraymonUtraymon.exeNetropa Internet Receiver traymonitor. Will only launch the bar if you are connected to the internet and there's new newsNo
1A:MacVisionTrayMonitorUTrayMonitor.exePart of MacVision by Jeff Bargmann - an discontinued program that makes your PC's desktop look and feel incredibly like that of a Macintosh OS8 computer. Handler that puts the icons that are in your system tray into the MacVision taskbar, beside the clockNo
Tray Pilot LiteUTrayPlt.exeTray Pilot allows you to hide the System Tray window. No longer supported by the authorsNo
AAATraySaverNTraySaver.exeSystem Tray management utility from Mike Lin which allows you to hide, show, restore icons that are lost in an Explorer crash, remove dead tray icons, minimize any window to the System TrayNo
TrayServerYTrayServer.exeFor monitoring tray icons - if disabled icons will not be displayed in ObjectBar or DesktopXNo
1A:Stardock TrayMonitorYTrayServer.exeFor monitoring tray icons - if disabled icons will not be displayed in ObjectBar or DesktopXNo
TrayServer?TrayServer_en.exeRelated to MAGIX Movie Edit Pro MX video editing softwareNo
atimerXtraystrean.exeDetected by Malwarebytes as Trojan.Banker.E. The file is located in %LocalAppData%No
System Icon TrayXtraysys.exeDetected by Trend Micro as WORM_RBOT.GBI. The file is located in %System%No
Tray manager systemXtraysys.exeAdded by a variant of Backdoor.Rizo.A. The file is located in %System%\ComNo
atimerXtraytimer.exeDetected by Malwarebytes as Trojan.Banker.E. The file is located in %LocalAppData%No
EaseUS EPM Tray AgentNTrayTipAgentE.exeSystem Tray access to the EaseUS® Partition Master hard drive partition manager and disk management utilityNo
TaskschdXTRAYWND.EXEDetected by Trend Micro as BKDR_LITMUS.002 and by Malwarebytes as Trojan.Agent.TKNo
[various names]XTrayz.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
IZSoftTrayHelperNtray_helper.exeTray Helper is "a compact, award-winning, Windows application that takes only ONE place next to your tray system clock, 'eats' only a little of memory and CPU power." It can remind you of events, check emails, auto-delete spam, watch browser windows and kill unwanted pop-upsNo
BrctXtrdb.exeDetected by Kaspersky as the PURITYSCAN.Y TROJAN!No
RunSearvicesXtread.exeIESearchToolbar parasite. Identified by Ewido Security Suite (Ewido is now part of AVG Technologies) as the DELF.LF TROJAN!No
Treaem.exeXTreaem.exeDetected by Malwarebytes as Trojan.Zbot.SM. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
TRE AntiVirusXtreav.exeTRE AntiVirus rogue security software - not recommended, removal instructions hereNo
trendXtrend.exeDetected by Sophos as Troj/Bancos-AZNo
Trend Micro AVXtrendav.exeDetected by Sophos as W32/Agobot-OH. Note - this is not a valid Trend Micro antivirus entryNo
OEM Tools 32Xtres32.exeDetected by Trend Micro as WORM_RBOT.QBNo
Windows Update ServiceXtrest.exeDetected by Malwarebytes as Backdoor.IRCBot. The file is located in %Windir%No
Check Point Endpoint SecurityUTrGUI.exeGraphical user interface (GUI) for the VPN service installed with Check Point Endpoint Security solutionsNo
Check Point VPNUTrGUI.exeGraphical user interface (GUI) for the VPN service installed with Check Point Endpoint Security solutionsNo
TridentHTMLEditorXTridentHTMLEditor.exeDetected by Sophos as Troj/Agent-WJANo
TridTray?TridTray.exeSystem Tray access to Trident 4DWave soundcards? The file is located in %System%No
ComponentTRIEDITXtriedittriedit.exeDetected by Sophos as W32/Trite-ANo
SDJobCheck?triggusr.exePart of CA Unicenter Software Delivery - manage software across various systems, from desktops and servers to PDAs and mobile phones, in a controlled and standardized way - is it required at startup?No
MessangerXtrillian.exeDetected by Trend Micro as WORM_RBOT.CKI. Note - this is not the legitimate Trillian instant messaging client which is normally located in %ProgramFiles%\Trillian. This one is located in %System%No
TrillianNtrillian.exeTrillian instant messaging client by Cerulean StudiosNo
trimbuffer11_3Xtrimbuffer11_3.exeDetected by McAfee as Downloader.a!c2a and by Malwarebytes as Trojan.AgentNo
trirotYtrirot.exeTrident Microsystems 3D video driverNo
TRIXXUTRIXX.exeSapphire TRIXX overclocking tool for the X800 GTO graphics card (and possiby others) - "push default clock speeds to 560MHz or better"No
mmnext06Xtrjdwnl.dllMalware installed by different rogue security software including SpyKillerPro and the XP AntiVirus seriesNo
TrojanScannerUTrjscan.exeTrojan Remover from Simply Super Software. Scans for an removes trojan viruses where anti-virus software may have not detected or removedNo
TrkwksXtrkwksvc.exeDetected by Trend Micro as WORM_IRCBOT.AWNo
MS Unix BinaryXtrmupdate.exeDetected by Sophos as W32/Rbot-ACCNo
System32Xtrojan 2.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
System64Xtrojan 2.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
ComStartXTrojan Guarder.exeTrojanGuarder rogue security software - not recommendedNo
Trojan Guarder Gold VersionXTrojan Guarder.exeTrojanGuarder rogue security software - not recommendedNo
AdobeXTrojan.exeDetected by Malwarebytes as Trojan.Agent.MSIL. The file is located in %Temp%No
1RazarXRazarXtrojan.exeDetected by Malwarebytes as Trojan.MSIL. The file is located in %UserTemp%No
Trojan.vbsXTrojan.vbsDetected by McAfee as Generic.dx and by Malwarebytes as Trojan.Agent.VBS. Note - this entry loads from HKLM\Run and HKCU\Run and the file is located in %AppData%No
Trojan.vbsXTrojan.vbsDetected by McAfee as Generic.dx and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Tro3XTrojan3.exeDetected by Malwarebytes as Trojan.AVDis. The file is located in %System%No
Loaris Trojan RemoverUTrojanRemover.exeLoaris Trojan Remover - "aids in the removal of Malware - Trojan Horses, Worms, Adware, Spyware - when standard anti-virus software either fails to detect them or fails to effectively eliminate them"No
TrojanXTrojanS_P.exeDetected by Sophos as Troj/Agent-CQNo
mscsyncXtroll.exeDetected by McAfee as RDN/Generic.dx!dcn and by Malwarebytes as Trojan.Agent.MTFGen. The file is located in %LocalAppData%\MicrosoftTempFilesNo
(Default)Xtroll.exeDetected by Malwarebytes as Trojan.Agent. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %Temp%No
TrooledXTrolled.exe.exeDetected by Dr.Web as Trojan.KillFiles.17904 and by Malwarebytes as Trojan.Agent.ENo
(Default)Xtrolley.exeDetected by Malwarebytes as Trojan.Agent. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %AppData%No
TosRotationUTRot.exeTOSHIBA Rotation Utility - allows users to rotate a notebook's screen image 180 degrees in order to share information on the screen with others seated across a table or deskNo
avastXtroyan.exeDetected by Kaspersky as Backdoor.Win32.Small.cz. The file is located in %Windir%No
[various names]XTRPT.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
trrpugXtrrpug.exeAdded by the MDROP-DLW TROJAN!No
ScannerXtru.exeDetected by Malwarebytes as Ransom.Globe. The file is located in %AppData%No
TrueAssistantNTrueAssistant.exeBrowser toolbar - part of TrueSuite by Esaya, Inc - "a solution that allows users to use the existing tools that came with their PCs and provides new tools to help them take true control of their Internet experience"No
TrueCryptUTrueCrypt.exeTrueCrypt - is "Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux". This entry will run TrueCrypt when Windows starts, prompt for passwords, automount selected volumes and runs the main background task that supports functions such as hot-keys, autodismount, notifications and the System Tray iconYes
TrueCrypterXTrueCrypter.exeDetected by Symantec as Trojan.Ransomcrypt.AL and by Malwarebytes as Ransom.TrueCrypterNo
TrueDownloaderUTrueDownloaderApp.exeDetected by Malwarebytes as PUP.Optional.TrueDownloader. The file is located in %LocalAppData%\TrueDownloader. If bundled with another installer or not installed by choice then remove itNo
Adobe FontsXtruefonts.exeDetected by Dr.Web as Trojan.DownLoader10.20062 and by Malwarebytes as Trojan.Agent.ADBNo
Acronis True ImageNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingYes
Acronis True Image MonitorNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingNo
Acronis*True*Image MonitorNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingNo
AcronisTrueImage MonitorNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingNo
SAOB MonitorNTrueImageMonitor.exePart of an older standalone online backup version of Acronis True Image backup software. Provides the interface between the various tasks for the Online Backup feature. When disabled it appears to have no impact with interactive and scheduled backupsNo
TrueImageMonitorNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingYes
TrueImageMonitor.exeNTrueImageMonitor.exePart of the Acronis True Image range of backup software. Provides the interface between the various tasks. When disabled it appears to have no impact with interactive and scheduled backups and image mountingYes
ClientAppLogonYTrueSuite.ClientAppLogonExe.exeTrueSuite fingerprint recognition utility by AuthenTec (since acquired by Apple) used by some OEM laptops such as Toshiba and Lenovo. "TrueSuite helps make your digital world more secure, more convenient and more personal. AuthenTec TrueSuite is secure, user-friendly, biometric software providing effortless management of your passwords, file and folder locking, and website log-ins"No
ClientAppLogon32YTrueSuite.ClientAppLogonExe.exeTrueSuite fingerprint recognition utility by AuthenTec (since acquired by Apple) used by some OEM laptops such as Toshiba and Lenovo. "TrueSuite helps make your digital world more secure, more convenient and more personal. AuthenTec TrueSuite is secure, user-friendly, biometric software providing effortless management of your passwords, file and folder locking, and website log-ins"No
truetypeXtruetype.exeDetected by Sophos as Troj/Cosiam-INo
TrueAssistantUTrueWizard.exe"TrueSwitch makes changing your Internet Service Provider easy. We copy all your personal data to the new account, notify everyone with the new email address, forward emails sent to your old email address and help you cancel the old account." No longer availableNo
SystemSettingfXTRUG.vbsDetected by Symantec as W97M.Trug.BNo
TimeServiceXtrun.exeTlfLic-A premium rate Adult content dialerNo
trupdatorXtrupdator.exeDetected by McAfee as Generic FakeAlert and by Malwarebytes as Backdoor.Messa.ENo
PonyXTruss.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\Truss CardNo
SGXtrust.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%No
ScannerXtrust.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%No
Trust CleanerXTrustCleaner.exeTrust Cleaner rogue security software - not recommendedNo
ntdll.dllXTrustCleaner.exeTrust Cleaner rogue security software - not recommendedNo
TrustCopXTrustCop.exeTrustCop rogue security software - not recommended, removal instructions here. A member of the WiniGuard familyNo
TrustDoctorXTrustDoctor.exeTrustDoctor rogue security software - not recommended, removal instructions hereNo
application installerXtrustedinstaller.exeDetected by Malwarebytes as Trojan.PasswordStealer. The file is located in %AppData%No
TrustFighterXTrustFighter.exeTrustFighter rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.TrustFighter. A member of the WiniGuard familyNo
TrustIn PopupsXTrustInPopups.exeTrustInPopups adwareNo
JavaSoftXtrustlib.exeDetected by Dr.Web as Trojan.Inject.46880No
TrustNinjaXTrustNinja.exeTrustNinja rogue security software - not recommended, removal instructions here. A member of the WiniGuard familyNo
trustras?trustras.exeTrust ADSL modem relatedNo
TrustSoldierXTrustSoldier.exeTrustSoldier rogue security software - not recommended, removal instructions here. A member of the WiniGuard family. Detected by Malwarebytes as Rogue.TrustSoldier. The file is located in %ProgramFiles%\TrustSoldier Software\TrustSoldierNo
TrustWarriorXTrustWarrior.exeTrustWarrior rogue security software - not recommended, removal instructions here. A member of the WiniGuard familyNo
TrustyHound-TSXTrustyHound-TS.exeTrustyHound spywareNo
tru_info.exeXtru_info.exeDetected by Dr.Web as Trojan.Siggen6.20295 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
[various names]Xtrycrt.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
mp4compXtryme.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\appfolder - see hereNo
INETER MCXtrys.exeDetected by McAfee as RDN/Generic.bfr!ex and by Malwarebytes as Backdoor.AgentNo
T-Com WLAN ManagerUTS154USB.exeWireless management utility for the T-Com Sinus 154 Data II WLAN adapterNo
Tsa.exeYTsa.exeTELUS security advisor tool installed when you choose to install their internet security suite - sourced by Radialpoint. Apart from downloading the suite installation files, the exact purpose is unknown at this time but it may be used to source critical updates and alerts so should therefore be left enabledNo
GGGGXTSAFE_[random].exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp% - see an examplehereNo
recbwuihXtsamcpcx.exeDetected by Malwarebytes as Trojan.Downloader.FW. The file is located in %LocalAppData%No
Threat Support Anti-MalwareUTSAntimalware.exeDetected by Malwarebytes as PUP.Optional.ThreatSupport. The file is located in %ProgramFiles%\Threat Support\Threat Support Anti-Malware. If bundled with another installer or not installed by choice then remove itNo
Video Card Driver (do not remove)Xtsasi.exeDetected by Sophos as W32/Spybot-EFNo
CSXtsc.exeCyber Security rogue security software - not recommended, removal instructions hereNo
[32 random hex numbers]Xtsc.exeTotal Security rogue security software - not recommended, removal instructions hereNo
TSXtsc.exeTotal Security rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.TotalSecurity. The file is located in %ProgramFiles%\TSCNo
TSClientMSIUninstallerUtscuinst.vbsRelated to Terminal Services Client Remote Desktop Connection Software from MicrosoftNo
tservXtserv.exeAdded by the STRATION.AD WORM!No
Task ManagerXtsgmnger.exeDetected by Malwarebytes as Password.Stealer. The file is located in %LocalAppData%\MicrosoftNo
Yahoo MessenggerXtshsnv.vbsDetected by Malwarebytes as Backdoor.Bot. The file is located in %System%No
runner1Xtsitra.exeDetected by Trend Micro as TROJ_AGENT.ABFQNo
Task DebuggerXtskdbg.exeDetected by Sophos as W32/Agobot-KKNo
RVC6PlayerXtskdbg.exeDetected by Sophos as Troj/Zapchas-MNo
WinXPServiceXTskdbg.exeDetected by Sophos as Troj/MDrop-BPQ and by Malwarebytes as Backdoor.BotNo
taskdebugXtskdbg.exeDetected by Symantec as Backdoor.IRC.Flood.ENo
active32Xtskhost.exeDetected by McAfee as RDN/Generic.bfr!er and by Malwarebytes as Backdoor.Agent.DCENo
MNMMSN.EXEXtskhot.exeDetected by McAfee as RDN/Generic Downloader.x!bv and by Malwarebytes as Trojan.BankerNo
TsklistXtsklist32.exeDetected by Kaspersky as the BANCOS.SP TROJAN!No
sysPersonalFirewallXtskm0nitor.exeAdded by the SDBOT.APC WORM!No
DRam Monitor 23Xtskman3.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %Windir% or %System%No
#ozkan#Xtskmanager.exeDetected by Malwarebytes as Backdoor.Bot.WPM. The file is located in %AppData%No
tskmanager.exeXtskmanager.exeAdded by an unidentified VIRUS, WORM or TROJAN! See hereNo
winsockdriverXtskmg.exeDetected by Symantec as W32.HLLW.Warpigs.CNo
Microsoft UpdatersXtskmgr.exeDetected by Malwarebytes as Backdoor.BotNo
Ms task managerXtskmgr.exeDetected by Trend Micro as WORM_SDBOT.CCDNo
MS taskmanagerXtskmgr.exeDetected by Sophos as W32/Rbot-AKANo
tskmgrXtskmgr.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
tskmgr.exeXtskmgr.exeDetected by Dr.Web as Trojan.Siggen6.6902 and by Malwarebytes as Backdoor.Agent.E. Note - the file is located in %AllUsersStartup% and its presence there ensures it runs when Windows startsNo
TaskmgrXtskmgr32.exeHomepage hi-jackerNo
Windows UpdateXtskmngr.exeDetected by Kaspersky as Backdoor.Win32.Agent.aly. The file is located in %CommonFiles%\SystemNo
Task ManagerXtskmngr.exeDetected by Sophos as W32/Rbot-GOUNo
win32 security updates downloaderXtskmngr.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
Windows TaskmanagerXtskmngr.exeDetected by Kaspersky as Backdoor.Win32.IRCBot.dhr. The file is located in %System%No
TaskManager Load ModuleXTSKMNGR32.EXEDetected by Trend Micro as WORM_SPYBOT.INo
Microsoft Video ControlsXtskmsgr.exeDetected by Trend Micro as WORM_RBOT.AICNo
TSkrMainUTSkrMain.exeTOSHIBA Accelerometer Utilities - hardware utilities that work with the motion sensors built into their Tablet PCs. Detect the way you are holding it at any given moment, you can set the machine to perform a specific function when the unit is quickly tilted to the left or right, or to the front or back and you can also take control of the cursor in some applications and make it move by leaning the PC in a certain directionNo
ShellXtsksrv.exe,explorer.exeDetected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "tsksrv.exe" (which is located in %AppData%\WinTaskService)No
TslXtsl.exeUploader-R adwareNo
Tsl2Xtsl2.exeTargetSaver adwareNo
TOSHIBA SleepUTSleepSrv.exeRelated to the USB Sleep-and-Charge feature included on some Toshiba laptops which allows users to charge a USB device whilst the laptop is a sleep modeNo
TSleepSrvUTSleepSrv.exeRelated to the USB Sleep-and-Charge feature included on some Toshiba laptops which allows users to charge a USB device whilst the laptop is a sleep modeNo
tsaXtsm.exeTargetSaver adwareNo
Tsa2Xtsm2.exeTargetSaver adwareNo
TSMAgentNTSMAgent.exeFound on the HP Touchsmart range of all-in-one desktops and tablets. What does it do and is it required?No
TSMsgerNTSMsger.exeEpson scannner software - required for "one-touch" operation. Can be launched manuallyNo
LOCKDOWNXtsnj5jdt5Lj.exeDetected by McAfee as W32/Valla.a. Note - the filename can be randomNo
tsnp2stdUtsnp2std.exeRelated to digital camera related products from SonixNo
tsnpstd3Utsnpstd3.exeRelated to digital camera related products from SonixNo
TSNxG4TrayNTSNxGTray.exePart of the Data Safe feature (also known as TopSecret) included with the NotebookSecurity security product from G Data Software AG - which "is designed for protecting sensitive data and uses powerful encryption algorithms to do so". On the tested version (2012) the file doesn't exist so the exact purpose is therefore unknown and the recommendation is to disable itYes
Internet Firewall LayerXtsqla.exeAdded by a variant of the SPYBOT WORM!No
tsrvXtsrv.exeDetected by Sophos as W32/Stration-SNo
TapisysXtss.exeAdded by the SMALL TROJAN!No
TOSHIBA Service StationNTSS.exeToshiba Service Station "allows your computer to automatically search for TOSHIBA software updates or other alerts from TOSHIBA that are specific to your computer system and its programs"No
ToshibaServiceStationNTSS.exeToshiba Service Station "allows your computer to automatically search for TOSHIBA software updates or other alerts from TOSHIBA that are specific to your computer system and its programs"No
TrojanSimulatorXTSServ.exeTrojan Simulator security risk which simulates a trojan infection and may be used to verify whether a virus scanner can properly detect the fileNo
tssss.exeXtssss.exeDetected by Malwarebytes as Backdoor.Agent.DCE. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts, see hereNo
TrueSync LauncherNtstool.exeStarfish TrueSync - for synchronization between Windows platforms and popular devices, applications and services. Stafish became Intellisync which was acquired by Nokia and is now no longer supportedNo
Text Tray ServiceXtstray.exeAdded by the SILLYFDC.BCC WORM!No
ShellXTsubakirez.exeDetected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "Tsubakirez.exe" (which is located in %AppData%\Tsubaki)No
TSysSMon?tsyssmon.exeFound in a Toshiba\sysstability directoryNo
RealJukeboxSystrayNtsystray.exeSystem Tray icon for RealJukebox by RealNetworks - later integrated into their core media player (RealPlayer)No
INVOICEXTT Copies.exeDetected by McAfee as RDN/Generic Dropper!pf and by Malwarebytes as Backdoor.Agent.TTNo
CHOPXTT Copy.exeDetected by Malwarebytes as Backdoor.Agent.DC. The file is located in %AppData%No
MicrosoftCorpXTT.exeDetected by Kaspersky as Trojan.Win32.VB.ilz and by Malwarebytes as Trojan.Agent.MSGen. The file is located in %Windir%No
MicrosoftNAPCXTT.exeDetected by Kaspersky as Trojan.Win32.VB.ilz and by Malwarebytes as Backdoor.Bot. The file is located in %Windir%No
sysdiag64.exeXTT.exeDetected by Kaspersky as Trojan.Win32.VB.ilz and by Malwarebytes as Trojan.Agent. The file is located in %Windir%No
ttcdattaXttcdatta.exeDetected by McAfee as RDN/Generic BackDoor!wv and by Malwarebytes as Backdoor.Agent.DCENo
tTEvbsKqrbOXLI.exeXtTEvbsKqrbOXLI.exeDetected by Malwarebytes as Trojan.Foury. The file is located in %CommonAppData%No
ttfXttfupdt.exeDetected by Malwarebytes as Spyware.Stealer. The file is located in %Root%\Driver\AdobeNo
NasisoXttgcfdj.exeDetected by Dr.Web as Trojan.DownLoader6.57525 and by Malwarebytes as Trojan.AgentNo
TTravelerx.exeXTTravelerx.exeDetected by Malwarebytes as Spyware.Password.Bro. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
WinServiceXTtt.exeDetected by Sophos as W32/MSNVB-DNo
TttXTtt.exeAdded by the VB.AMX trojan. The file is located in %System%No
TerraTec Remote ControlUTTTVRC.exeRemote Control software for TerraTec Home CinemaNo
ttuptXttupt.exeeZula adwareNo
tuaworzewiptXtuaworzewipt.exeDetected by McAfee as RDN/Generic Dropper!vg and by Malwarebytes as Trojan.Agent.USNo
GELOXtudosdes.exeDetected by Malwarebytes as Trojan.Banker.GLGen. The file is located in %Root% - see hereNo
ISBvmWqfQjOgdtXNXzSrrHHcWkXTUHDl_WpenzfbO.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %System%No
Banyak_KerjaanXTukang.exeDetected by Symantec as W32.SillyFDC.BDM and by Malwarebytes as Worm.SFDCNo
Tukati:[version]?TukatiRedistributor.exeTukati Digital Content Distribution. Is it required?No
Awareness Locator Tracking StudioXtukytxriqunq.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %System%No
TaskMonitorXtune.vbsDetected by McAfee as VBS/Tune@MMNo
ScanRegistryXtune.vbsDetected by McAfee as VBS/Tune@MMNo
tunebiteNtunebite.exe"Audials Tunebite can convert and record Music, Audiobooks, Videos, HD-Movies and DVDs anywhere. Tunebite Platinum displays a record button next to videos and movies from websites in media libraries in all browsers and from VoD services in streaming players"No
tunebite.exeNtunebite.exe"Audials Tunebite can convert and record Music, Audiobooks, Videos, HD-Movies and DVDs anywhere. Tunebite Platinum displays a record button next to videos and movies from websites in media libraries in all browsers and from VoD services in streaming players"No
TuneUp ServiceXTuneUp.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.ENo
Turbine Download Manager Tray IconNTurbineDownloadManagerIcon.exeTurbine Download Manager (TDM) - download manager associated with the game "The Lord of the Rings Online". No longer availableNo
SlipStreamYturbochargercore.exeAustralia On Line Dial-Up Turbocharger customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
Australia On Line Dial-Up TurbochargerYturbochargergui.exeAustralia On Line Dial-Up Turbocharger customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
SlipStreamYturbocore.exeTele2 Turbo Web Accelerator customized core module for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
Tele2 Turbo Web AcceleratorYturbogui.exeTele2 Turbo Web Accelerator customized user interface for Slipstream - internet acceleration through compression/decompression techniques, intelligent cacheing on the server side, and real-time conversion of large/high-bandwidth images to less bulky pixNo
TurboHddUsbUTurboHddUsb.exeLaCie USB Boost or PQI TurboHDD advanced driver for their range of USB hard disks which increases USB performance by up to 53%. Not required unless you use a supported external drive frequentlyNo
UsbBoostUTurboHddUsb.exeLaCie USB Boost advanced driver for their range of USB hard disks which increases USB performance by up to 33%. Not required unless you use a supported external drive frequentlyNo
Turbo KeyUTurboKey.exeSupports the "Turbo Key" on some ASUS motherboards which turns the power button into a physical overclocking buttonNo
TurboMemoryChargerUTurboMemoryCharger.exeTurbo Memory Charger - memory optimizer. No longer supported or available from the authorNo
TurboTopUTurboTop.exeTurboTop - make any window "Always on top"No
turgidkubytwXturgidkubytw.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
ASDPLUGINXturkey.exeAsdPlug premium rate adult content dialerNo
TUSBSleepChargeSrvUTUSBSleepChargeSrv.exeRelated to the USB Sleep-and-Charge feature included on some Toshiba laptops which allows users to charge a USB device whilst the laptop is a sleep modeNo
TOSHIBA USB Sleep and ChargeUTUSBSleepChargeSrv.exeRelated to the USB Sleep-and-Charge feature included on some Toshiba laptops which allows users to charge a USB device whilst the laptop is a sleep modeNo
tutcdchk2Xtutcdchk2.exeAdded by unidentified malware. The file is located in %System%No
Tuto4pcXtuto4pc.exeDetected by Intel Security/McAfee as Adware-Tuto4PC and by Malwarebytes as Adware.EoRezoNo
TutorialsXtuto4pc.exeDetected by Intel Security/McAfee as Adware-Tuto4PC and by Malwarebytes as Adware.EoRezoNo
tuto4pc_fr_39Xtuto4pc_fr_39.exeDetected by Malwarebytes as Adware.Tuto4PC. The file is located in %ProgramFiles%\tuto4pc_fr_39No
LingvoTrainingUTutor.exeABBYY Lingvo Electronic DictionariesNo
tutoriales100_es_12Xtutoriales100_es_12.exeDetected by Malwarebytes as Adware.EoRezo. The file is located in %ProgramFiles%\tutoriales100_es_12No
Tuto4pcXtutorials.exeDetected by Intel Security/McAfee as Adware-Tuto4PC and by Malwarebytes as Adware.EoRezoNo
tuwohibmastuXtuwohibmastu.exeDetected by Dr.Web as Trojan.DownLoader12.43190 and by Malwarebytes as Trojan.Agent.USNo
tuxjogforobrXtuxjogforobr.exeDetected by McAfee as RDN/Generic BackDoor!rf and by Malwarebytes as Trojan.Agent.USNo
tuzeavobxacxXtuzeavobxacx.exeDetected by McAfee as RDN/Generic.grp!fw and by Malwarebytes as Trojan.Agent.KBNo
tuzqodsujakxXtuzqodsujakx.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
tvXTV.exeDetected by Malwarebytes as Rogue.TechSupportScam. The file is located in %ProgramFiles%\PC Cleaner ProNo
TVAgent?TVAgent.exeFound on the HP Touchsmart range of desktops and notebooks. What does it do and is it required?No
tvctrayXtvctray.exeAdded by the VB.QJ TROJAN!No
TVEServiceNTVEService.exePreloads TV related parts of CyberLink's PowerCinema digital home entertainment software to speed up the launch of that feature. Only required on slower/older systems and included with versions of PowerCinema bundled (and re-branded) with systems from Acer, Dell, ASUS and othersYes
CyberLink TV EnhanceNTVEService.exePreloads TV related parts of CyberLink's PowerCinema digital home entertainment software to speed up the launch of that feature. Only required on slower/older systemsYes
TridentTVIconYtvicon.exeTrident Microsystems display driverNo
TV MediaXTvm.exeDetected by McAfee as Adware-TVMediaNo
TVMDXTVMD.EXET.V. Media - adware installed with Memory Meter or Speed Blaster from Total VelocityNo
BJPD HID ControlUTVMon.exeRelated to Canon Photo viewerNo
TV NowUTvNow.exeApplication supplied with HP notebooks. It activates the S-Video port and is said to improve the quality of the output signal (resolution/timeouts)No
TvNowUTvNow.exeApplication supplied with HP notebooks. It activates the S-Video port and is said to improve the quality of the output signal (resolution/timeouts)No
tvncontrolUtvnserver.exePart of TightVNC - "a free remote control software package. With TightVNC, you can see the desktop of a remote machine and control it with your local mouse and keyboard, just like you would do it sitting in the front of that computer." See here for more information on what a VNC isNo
Remote ControllerNTVRMVCR.EXERemote controller support for ProLink PlayTVpro TV tunersNo
TV SchedulerUTVSCHL.EXEProLink PlayTVpro TV tuner software schedulerNo
TvsNTvsTray.exeToshiba Virtual Sound on a notebook. Allows you to change sound settings on the fly - default setting is "build-in speaker". You can also select external speaker, open type headphone, or closed type headphone. Each setting has presets for Bass, Stereo, and Clarity - which can also be changed by user if desired. Can also be launched from Start → Programs → Toshiba → UtilitiesNo
tvs_bXtvs_b.exeDetected by Symantec as Adware.BroadcastpcNo
tvs_bXtvs_ln.exeAdded by a variant of Adware.BroadcastpcNo
tvs_reXtvs_re_inst.exeDetected by Symantec as Adware.BroadcastpcNo
TVTunerLibUTVTLInstTool.exeRelated to Sony installer tool for Sony TV tuner libraryNo
TVTMDXTVTMD.EXET.V. Media - adware installed with Memory Meter or Speed Blaster from Total VelocityNo
tvvclnpm.exeXtvvclnpm.exeDetected by Malwarebytes as Trojan.Inject. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
TVWakeupNtvwakeup.exeMS WebTV for Windows. Used to display TV on your PC via a compatible video card with in-built tuner (such as ATI All-In-Wonder). If you don't use it - uninstall itNo
Tvwatch?tvwatch.exeAssociated with the TV-oOut option on Asus AGP or Intel graphics cards. Is it required?No
Teamviewer 8Xtvwms.exeDetected by Sophos as Troj/Sequida-A and by Malwarebytes as Trojan.Agent.TV. Note - this is not a valid entry for the TeamViewer remote support toolNo
tw!%[UserName]Xtw!%[UserName].exeDetected by Malwarebytes as Trojan.Agent.DEPE. The file is located in %UserTemp%\tw!%[UserName]No
ComPlus ApplicationsXtwain.exeDetected by Kaspersky as Trojan.Win32.Agent.aqo. The file is located in %Windir%No
xeroxXTwain.exeDetected by Kaspersky as Trojan.Win32.Agent.cblx. The file is located in %Windir%No
WindowsUpdateXtwain.exeDetected by Kaspersky as Trojan.Win32.Agent.bea and by Malwarebytes as Backdoor.IRCBot.Gen. The file is located in %Windir%No
microsoft frontpageXtwain.exeAdded by the AGENT.AQO trojan. The file is located in %Windir%No
TwainXTwain.exeDetected by Trend Micro as TROJ_AGENT.QKA. The file is located in %ProgramFiles%\TwainNo
TwainXTwain.exeAdded by the STIRAUT WORM! The file is located in %Windir%No
Windows NTXtwain.exeDetected by Kaspersky as Trojan.Win32.Agent.bea. The file is located in %Windir%No
Online ServicesXtwain.exeDetected by Kaspersky as Trojan.Win32.Agent.bea. The file is located in %Windir%No
Common FilesXtwain.exeDetected by Kaspersky as Trojan.Win32.Agent.bea. The file is located in %Windir%No
MSN Gaming ZoneXTwain.exeDetected by Kaspersky as Trojan.Win32.Agent.bea. The file is located in %Windir%No
Internet ExplorerXtwain.exeDetected by Trend Micro as TROJ_AGENT.ADRWNo
twain_32Xtwain_32.exeDetected by Total Defense as TrojanDownloader.Win32.Agent.am. The file is located in %Root%No
TWarmBay?TWarmBay.drvFound on a Toshiba laptop. The file is located in %System%. Related to hotswap bay management?No
TWarnMsgUtwarnmsg.exeToshiba System Warning Function for Win2K/Me/98 - provides notification dialog when the cooling fan stopsNo
TWBbtn?TWBbtn.exeFound on a Toshiba laptop. The file is located in %System%No
TWBrowse?TWBrowse.drvFound on a Toshiba laptop. The file is located in %System%No
TabletWorksYTWCP.exeTabletworks driver for digitizers from GTCO CalCompNo
TP-LINK Wireless Configuration UtilityUTWCU.exeTP-LINK Wireless configuration utilityNo
TP-LINK Wireless UtilityUTWCU.exeTP-LINK Wireless configuration utilityNo
TWCUUTWCU.exeTP-LINK Wireless configuration utilityNo
Tweak-7UTweak-7.exeTweak-7 optimization utility for Windows 7 from Totalidea SoftwareNo
Tweak-MeUTWEAK-ME.exe3rd party version of Miscrosoft'sTweak UI "powertoy" with many more options and controls (plus full support), designed specifically to take advantage of features in WinMe/2K and above, available from hereNo
Tweak-xpUTweak-xp.exeTweak-XP optimization utility for Windows XP from Totalidea SoftwareNo
Tweak-XP ProUTweak-xp.exeTweak-XP optimization utility for Windows XP from Totalidea SoftwareNo
TweakDUNUtweakdun.exeUtility to optimize your Internet Browser Software. TweakDUN promotes faster Internet data transfer rates and faster downloads by eliminating fragmentation of data packetsNo
TweakIco?tweakico.exeHP related. Program to control their icons?No
TweakRAMUTweakRAM.exeTweakRAM by Elcor Software - which "is a handy memory optimizer tool that will keep your computer running faster and efficiently. It increases your system performance by making more memory available for your applications and the operating system"No
TweakVIUtweakvi.exeTweakVI from Totalidea Software - "Tweak hundreds of hidden features of Windows Vista, optimize your machine and customize it to your needs"No
TweakYC?TweakYC.exeCompro VideoMate TV tuner and capture card relatedNo
TWebCameraUTWebCamera.exeToshiba webcam supportNo
Tweetz DesktopUtweetz.exeTweetz Desktop by Mike Ward "is a Windows twitter client designed to sit comfortably in the corner of your desktop. It can optionally display attached images inline. Tweetz displays your home, mentions and direct messages in a single view reducing the need to switch time lines"No
ControlPanelXtwink64.exe internat.dll,LoadKeyboardProfileDetected by Sophos as Troj/Dloader-BW. Note - the "twink64.exe" file is located in %System%No
twisterUtwister.exeTwister Antivirus by Filseclab CorporationNo
TwitterSubmitterNTwitAheadForPC.exeTwitAhead scheduler for the Twitter micro-blogging serviceNo
Twitter.exeXTwitter.exeDetected by Malwarebytes as Backdoor.Bot.MSIL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Twitter.exe EspanhaXTwitter.exeDetected by McAfee as Generic PWS.y and by Malwarebytes as Trojan.AgentNo
ShellXTwitterCracka.exeDetected by McAfee as RDN/Generic.dx!db3 and by Malwarebytes as Backdoor.Agent.TW. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "TwitterCracka.exe" (which is located in %Temp%)No
systwtrayXtwitty**.exe [** = random digits]Added by the KOOBFACE.C WORM!No
king_twXtwking.exeDetected by McAfee as PWS-LegMir and by Malwarebytes as Spyware.OnlineGames.KinggenNo
Tweaki4PUUtwksup.exe"Tweaki puts several Windows utilities into one easy to use program while adding hundreds of additional tweaks not found in other system tweakers"No
TwonkyMedia ManagerNTwonkyMediaManager.exeMedia manager for Twonky from PacketVideo Corporation - which "links mobile devices and popular home entertainment devices, so users can enjoy your services wherever they are"No
Twonky Tray ControlNtwonkymediaserverconfig.exeSystem Tray access to configure Twonky from PacketVideo Corporation - which "links mobile devices and popular home entertainment devices, so users can enjoy your services wherever they are"No
TwonkyMedia Tray ControlNtwonkymediaserverconfig.exeSystem Tray access to configure Twonky from PacketVideo Corporation - which "links mobile devices and popular home entertainment devices, so users can enjoy your services wherever they are"No
twunkXtwunk.exeDetected by Microsoft as Trojan:Win32/Scar.O and by Malwarebytes as Trojan.AgentNo
twunk serviceXtwunk16.exeDetected by Trend Micro as WORM_RBOT.BATNo
(Default)XTWUNK_16.EXEDetected by Dr.Web as Trojan.PWS.Siggen.37967. Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %Windir%\VOLUMENo
twunk_16.exeXtwunk_16.exeDetected by Malwarebytes as Backdoor.Agent.TW. The file is located in %AppData%\[folder] - see an example hereNo
MS Windows State MonitorXtwunk_16.exeDetected by Dr.Web as Trojan.PWS.Clever.5No
TWUNK_16.EXEXTWUNK_16.EXEDetected by Dr.Web as Trojan.PWS.Siggen.37967. The file is located in %Windir%\VOLUMENo
(Default)Xtwunk_32.exeDetected by Symantec as W32.Blackmal.C@mm. Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blankNo
twunk_32.exeXtwunk_32.exeDetected by Malwarebytes as Trojan.Agent.RNDD. The file is located in %AppData%\[folder] - see examples here and hereNo
Twunk_32exp.exeXTwunk_32exp.exeDetected by Sophos as Troj/FakeAV-BDZNo
twunk_32x.exeXtwunk_32x.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %UserTemp%No
Twunk_64Xtwunk_64.exeDetected by McAfee as Generic.dx. Note - this is not a Windows file and is located in %System%No
Twunk_64Xtwunk_64.exeSystem1060 homepage hijacker. Note - this is not a Windows file and is located in %System%\1060No
WINDOWS SYSTEMXtwunk_65.exeDetected by Sophos as W32/Mytob-EG and by Malwarebytes as Backdoor.AgentNo
HKLMXTxindoki.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\System 32No
PoliciesXTxindoki.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %ProgramFiles%\System 32No
HKCUXTxindoki.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %ProgramFiles%\System 32No
QQ[Chinese characters]XTXOCInstallUserConfigOE.exeDetected by Dr.Web as Trojan.Click2.53612No
ExplorerXTXP1atform.exeDetected by Symantec as W32.Fujacks.CA and by Malwarebytes as Trojan.AgentNo
TXTXTXT.exeDetected by Dr.Web as Trojan.Siggen6.38086 and by Malwarebytes as Backdoor.Agent.ENo
userinitXtxvopvl.exeDetected by McAfee as Generic Malware.dm!ats and by Malwarebytes as Trojan.AgentNo
Microsoft Driver SetupXtxyrm.exeDetected by Sophos as Troj/VB-FDW and by Malwarebytes as Worm.PalevoNo
tyack driveXtyack.pifDetected by Sophos as W32/Rbot-AMTNo
tycciziqfinuXtycciziqfinu.exeDetected by Dr.Web as BackDoor.Bulknet.1132 and by Malwarebytes as Trojan.Agent.USNo
tycipetinywyXtycipetinywy.exeDetected by Malwarebytes as Trojan.Agent.ED. The file is located in %UserProfile%No
tyctumqafcyvXtyctumqafcyv.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile%No
MSN Messenger 6.2Xtyd.exeAdded by a variant of Backdoor:Win32/RbotNo
Plug Function Visual Hardware AutoconnectXtyfddtidiex.exeDetected by McAfee as RDN/Generic Downloader.x and by Malwarebytes as Trojan.AgentNo
WIN UPDAXtyghujdls.exeDetected by McAfee as RDN/Generic PWS.y!zt and by Malwarebytes as Backdoor.Agent.IMLNo
RFVGTYHJUIXTYHGRF.exeDetected by McAfee as RDN/Generic.bfr!fl and by Malwarebytes as Backdoor.Agent.RNDNo
BHYTGRRFGGXTYHGRF.exeDetected by McAfee as RDN/Generic.bfr!fl and by Malwarebytes as Backdoor.Agent.RNDNo
tynixkornaqpXtynixkornaqp.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
Microsoft IntelliType ProUtype32.exeMicrosoft IntelliType Pro utility (up to version 5.4) - required to support the multimedia keys, programmed keys and key macros on Microsoft's range of keyboards. If this entry is disabled, any programmed keys or actions will not be supported and keys will not function as expected in applications with advanced text services enabledYes
IntellitypeUtype32.exeMicrosoft IntelliType Pro utility (up to version 5.4) - required to support the multimedia keys, programmed keys and key macros on Microsoft's range of keyboards. If this entry is disabled, any programmed keys or actions will not be supported and keys will not function as expected in applications with advanced text services enabledNo
type32Utype32.exeMicrosoft IntelliType Pro utility (up to version 5.4) - required to support the multimedia keys, programmed keys and key macros on Microsoft's range of keyboards. If this entry is disabled, any programmed keys or actions will not be supported and keys will not function as expected in applications with advanced text services enabledYes
Microsoft Keyboard SupportXtype32.exeDetected by McAfee as Generic PWS.y and by Malwarebytes as Trojan.KeyLoggerNo
EXEXtype32.EXEDetected by Dr.Web as Trojan.Siggen5.32871 and by Malwarebytes as Backdoor.Agent.ENo
[various names]Xtypeconf.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
Type PilotUTypePlt.exeType Pilot by Two Pilots - "technical support software that types common text for you. Writing business or managing technical support letters may require that you type standard answers over and over again"No
TypeRecorderLUTypeRec.exeTypeRecorder keystroke logger/monitoring program - remove unless you installed it yourself!No
TypeRegChecker?TypeRegChecker.exePart of the Sharpdesk from Sharp Electronics. "A desktop-based, personal document management application that lets users browse, edit, search, compose, process, and forward both scanned and native electronic documents". What does it do and is it required?No
winexplorerXtypesys.exeDetected by Dr.Web as Trojan.DownLoader8.27777 and by Malwarebytes as Backdoor.AgentNo
typetellerUtypeteller.exeTypeTeller keystroke logger/monitoring program - remove unless you installed it yourself!No
Windows Security FixedXtyramgrd.exeDetected by McAfee as RDN/Sdbot.bfr!d and by Malwarebytes as Worm.IRCBotNo
HKLMXtyurhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\WindowsNo
PoliciesXtyurhost.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\WindowsNo
HKCUXtyurhost.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %System%\WindowsNo
GoGoGoRadio TrayUTyV1.exeSystem Tray access to, and notifications for GogogoRadio - which "is a free downloadable radio station application that acts as a search engine for all of radio: songs, artists, shows and stations." Detected by Malwarebytes as PUP.Optional.GoGoGoRadio. The file is located in %ProgramFiles%\GoGoGoRadio. If bundled with another installer or not installed by choice then remove itNo
RadPlayer TrayUTyV1.exeSystem Tray access to, and notifications for Radlayer - which "is a free downloadable radio station application that acts as a search engine for all of radio: songs, artists, shows and stations." Detected by Malwarebytes as PUP.Optional.RadPlayer. The file is located in %ProgramFiles%\RadPlayer. If bundled with another installer or not installed by choice then remove itNo
tyweacumvyqjXtyweacumvyqj.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile%No
tzFkppWc.exeXtzFkppWc.exeDetected by Malwarebytes as Trojan.Zbot.KR. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
tZTEnYzN.exeXtZTEnYzN.exeDetected by McAfee as RDN/Generic.dx!cqv and by Malwarebytes as Backdoor.Agent.DCNo
T_tkfkvXT_tkfkv.exeDetected by McAfee as RDN/Generic.bfr!hs and by Malwarebytes as Backdoor.Agent.ENo

Notes & Warnings

If you can help identify new entries and verify/identify those entries with a "?" status (especially hardware specific - such as laptops and motherboards) then please E-mail us (startups_at_pacs-portal_dot_co_dot_uk).

"Status" key:

Variables:

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. We will not be held responsible if changes you make cause a system failure.

WARNING: This is NOT a list of tasks/processes taken from the Task Manager (CTRL+SHIFT+ESC) "Processes" tab. This displays some startup programs AND other background tasks and "Services". These pages are concerned with startup programs from the common startup locations shown above ONLY. Please do not submit entries collected from this method as they will not be used. For a list of tasks/processes you should try the list at PC Pitstop, the Process Library from Uniblue or one of the many others now available.

Therefore, before ending a task/process via CTRL+SHIFT+ESC just because it has an "X" recommendation, please check whether it's in the registry or common startup locations first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+SHIFT+ESC. If in doubt, don't do anything.

To avoid the database becoming too large, all malware entries are only shown using the registry version which is common to all Windows versions. Otherwise there would be multiple entries for popular filenames that viruses often use - such as "svchost.exe" above for example. Multiple malware can also use the same start-up entries, in this case only those with significant differences (such as file location) are repeated in this database.

As more than 25K entries in this database related to malware you should use a quality internet security package. Which ever you choose, keep it updated and get the latest version at least every two years.

There are a number of virus and malware entries listed in this database where specific removal instructions haven't been given. If this is the case then you could try ComboFix, a program written by sUBs that can remove many different types of Trojans and Worms. See here for a tutorial on how to use the program.

NOTE: A number of entries are repeated due to the way that different operating systems display startup items. For example, WinMe lists "POPROXY.EXE" as "Norton eMail Protect" in both MSCONFIG and the registry whereas WinXP lists it as "Poproxy" in MSCONFIG and "Norton eMail Protect" in the registry.

SERVICES: "Services" from the Windows 8/7/Vista/XP/2K/NT operating systems are not included. We fully understand that some programs with these OS's use "Services" as an alternative to load their component parts at startup but these are handled in a different way. We recommend you try BlackViper for information on services for the relevant operating systems.

Copyright

Presentation, format & comments Copyright © 2001 - 2017 Pacman's Portal
Portions Copyright © Peter Forrest, Denny Denham, Sylvain Prevost, Tony Klein, CastleCops & Bleeping Computer
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home