Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Windows startup programs - Database search

If you're frustrated with the time it takes your Windows 7/Vista/XP PC to boot and then it seems to be running slowly you may have too many programs running at start-up - and you have come to the right place to identify them. This is the original start-up programs (as opposed to processes/tasks) list - one of the most accurate and comprehensive. Services are not included - see below. For further information on this and how to identify and disable start-up programs please visit the Introduction page.

See here for further information on random entries - which are typically added by viruses and other malware or unwanted programs.

Last database update :- 29th Apr, 2013
31819 items listed

You can search for any of the following terms to find and display entries in the start-up programs database but the minimum search is 3 characters and you must click on the "Search" button. Results are sorted by the Startup Item/Name field.

Alternatively, you can browse the full database (without the search facility) over a number of pages or you can use the alphabetical index below to list the entries for that letter by the Command/Data field, but the results may take longer to appear due to the number of them:

A | B | C | D | E | F | G | H | I | J | K | L | B | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

NOTE: Searching for common words (i.e. "the" or "where") will mean the results take longer to appear due to the number of them.

Please click on the Search button

694 results found for F

Startup Item or Name Status Command or Data Description Tested
FRISK FP-SchedulerUF-Sched.exeScheduler for F-Prot anitvirus software. Leave enabled unless you scan manually on a regular basisNo
F-Secure Automatic UpdateYF-Secure Automatic Update.exeAutomatically checks for updates for internet security software from F-Secure CorporationNo
F-StopWYF-StopW.exeF-Prot anti-virus background scanner by F-Risk SoftwareNo
f01489ae591474641e456c050c1db1d7Xf01489ae591474641e456c050c1db1d7.exeDetected by Dr.Web as Trojan.DownLoader7.29749 and by Malwarebytes Anti-Malware as Trojan.MSIL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Symantec Antivirus professionalXf0dns.exeAdded by the FORBOT-GT WORM!No
F0E84.exeXF0E84.exeTrustDefender, IronDefender and IronProtector rogue security software - not recommended, removal instructions here, here and hereNo
Start aThx RollXf0mered.exeDetected by Trend Micro as WORM_RBOT.AAVNo
SyZXf1.exeAdded by the MSNDIABLO.A WORM!No
f181b87b5e994ddc44f095ec70fd0f2cXf181b87b5e994ddc44f095ec70fd0f2c.exeDetected by Dr.Web as Trojan.DownLoader7.32065 and by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
jzv9Xf1ku.exeDetected by Kaspersky as Trojan-Downloader.Win32.Genome.cvhd and by Malwarebytes Anti-Malware as Trojan.Downloader. The file is located in %Temp%No
Systam13Xf1r5st83.exeAdded by the IRCBOT-YM WORM!No
Mozilla FirefoxXF1REF0X.EXEAdded by the SDBOT-UP BACKDOOR! Note that the filename has the numbers "1" and "0" in place of upper case "i" and "o" respectivelyNo
Compaq DriversXF1rewalls.exeAdded by the SDBOT-WD WORM!No
f1Tray.exeUF1TRAY.EXESystem Tray icon for FusionOne's MightyPhone software. "MightyPhone is a concept for wirelessly synchronizing the data on your mobile phone with your web-based or PC based organizer"No
fgl23DoubleScreenHooks?f23happ.exeRelated to the now discontinued ATI Fire GL3 graphics card. What does it do and is it required?No
f23mxins?f23mxinsRelated to the now discontinued ATI Fire GL3 graphics card. What does it do and is it required?No
F2DayXf2dupdater.exeDetected by McAfee as Generic.dx!xlzNo
F2DayUpdateXf2dux.exeDetected by McAfee as Generic.dx!xlzNo
f2install.exeXf2install.exeAdded by the IEFEAT-I TROJAN!No
f607Xf607.exeAdded by the URAT.B TROJAN!No
f7035170f3c0d7c8d377059820b859a0Xf7035170f3c0d7c8d377059820b859a0.exeDetected by Dr.Web as Trojan.DownLoader7.26091 and by Malwarebytes Anti-Malware as Backdoor.Agent.TRJ. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
f78ab46e149d2ce1a6b721640ed25616Xf78ab46e149d2ce1a6b721640ed25616.exeDetected by McAfee as RDN/Generic.dx!bcj and by Malwarebytes Anti-Malware as Trojan.MSIL. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
f99a910d3f4e230e93f6f52797fa3578Xf99a910d3f4e230e93f6f52797fa3578.exeDetected by Dr.Web as Trojan.DownLoader8.37173 and by Malwarebytes Anti-Malware as Backdoor.Agent.TRJ. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
fa3c99036e85131dab81f132665aa15aXfa3c99036e85131dab81f132665aa15a.exeDetected by Dr.Web as Trojan.DownLoader7.23039 and by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Fabrik Ultimate Backup StatusUfabrikhomestat.exeStatus monitor for Fabrik Ultimate Backup from Fabrik Inc. "No matter what happens to the drive on your desk - a spilled drink, a curious toddler, a theft or a natural disaster - you know your files are still safe and secure on Fabrik Ultimate Backup's off-site servers"No
FacbookXFacbook.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %AppData%No
FacbookUpdatdefenderXFacbookUpdatdefender.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %AppData%No
FacbookUpdateXFacbookUpdate.exeDetected by Dr.Web as Trojan.MulDrop4.1885 and by Malwarebytes Anti-Malware as Trojan.MSILNo
FacebookUpdateXfaceb00kupdate.exeDetected by Dr.Web as Trojan.Siggen4.24716No
runner1Xfaceback.exeAdded by the DLOADR-BSX TROJAN!No
Facebook güncellemeeXFacebook inc.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %System%\Facebook güncellemeeNo
082094b0627eab42aff3a5cb0627aaebXFacebook.exeDetected by McAfee as RDN/Generic.tfr!t and by Malwarebytes Anti-Malware as Trojan.MSILNo
8d0fa66a7f70d4b92f3da7199f7f9e8dXfacebook.exeDetected by Dr.Web as Trojan.DownLoader6.48102 and by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %Temp%No
1987a5fe40ab41c51efd8ef7582fb9a5XFacebookHack.exeDetected by Dr.Web as Trojan.DownLoader8.24622 and by Malwarebytes Anti-Malware as Trojan.ClickerNo
Facebook MessengerNFacebookMessenger.exeFacebook Messenger chat client for WindowsNo
facebookmsgXfacebookmsg.exeDetected by Malwarebytes Anti-Malware as Trojan.Backdoor. The file is located in %System%\system32No
FacebookSystemsXFacebookSystems.vbsAdded by the AGENT-QLE TROJAN!No
[random].exeXFacebookUpdate.exeDetected by Malwarebytes Anti-Malware as Trojan.Dropper. Note - do not confuse with the legitimate update manager for software installed by the Facebook social networking site which is located in %LocalAppData%\Facebook\Update. This version is located in %AppData%\SystemNo
Facebook UpdateNFacebookUpdate.exeUpdate manager for software installed by the Facebook social networking site - such as Video Calling. The file is located in %LocalAppData%\Facebook\UpdateNo
FacebookUpdateXFacebookUpdate.exeDetected by Dr.Web as Trojan.MulDrop3.29468 and by Malwarebytes Anti-Malware as Trojan.Agent. Note - do not confuse with the legitimate update manager for software installed by the Facebook social networking site which is located in %LocalAppData%\Facebook\Update. This version is located in %AppData%No
FacebookUpdateXFacebookUpdate.exeDetected by McAfee as RDN/Generic.dx!st and by Malwarebytes Anti-Malware as Trojan.MSIL. Note - do not confuse with the legitimate update manager for software installed by the Facebook social networking site which is located in %LocalAppData%\Facebook\Update. This version is located in %AppData%No
FacebookvideochatXfacebookupdate.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes Anti-Malware as Trojan.Agent.DPT. Note - do not confuse with the legitimate update manager for software installed by the Facebook social networking site which is located in %LocalAppData%\Facebook\Update. This version is located in %LocalAppData%\GoogleNo
FacebookvideochatXFacebookVideoCall.exeDetected by Sophos as Troj/Inject-ACI and by Malwarebytes Anti-Malware as Trojan.Agent.FBNo
KuzeKeyXFacebookVideoCall.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.Gen. The file is located on %AppData%No
notepadXFacebookVideoCall.exeDetected by Malwarebytes Anti-Malware as Trojan.Downloader. The file is located in %AppData%No
svchostXFacebookVideoCall.exeDetected by Dr.Web as Trojan.DownLoader6.32956 and by Malwarebytes Anti-Malware as Backdoor.BotNo
SYSTEMENGINEXFacebook_dev.exeDetected by McAfee as RDN/Generic.dx and by Malwarebytes Anti-Malware as Trojan.Agent.DPTNo
(Default)XFacehack.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %ProgramFiles%\FacehackNo
facemoodsUfacemoodssrv.exeSupports the free Facemoods add-on for Facebook Chat that "gives you a huge collection of smileys, winks, text effects and more!" and once loaded it exits. Note - if you install using the default options it will make facemoods.com the default home page, search provider and "new tab" page for your browserYes
facemoodssrvUfacemoodssrv.exeSupports the free Facemoods add-on for Facebook Chat that "gives you a huge collection of smileys, winks, text effects and more!" and once loaded it exits. Note - if you install using the default options it will make facemoods.com the default home page, search provider and "new tab" page for your browserYes
HKCUXFaceUp.exeDetected by Malwarebytes Anti-Malware as Backdoor.HMCPol.Gen. The file is located in %System%\passUpNo
HKLMXFaceUp.exeDetected by Malwarebytes Anti-Malware as Backdoor.HMCPol.Gen. The file is located in %System%\passUpNo
PoliciesXFaceUp.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent.PGen. The file is located in %System%\passUpNo
(Default)Xfada.exeAdded by the VB.HEI TROJAN! Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run, HKLM\RunServices and HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blankNo
Microsoft DriverXfaet.exeAdded by a variant of Win32/RbotNo
boowudoXfafegoubu.exeAdded by the LINEAG-FX TROJAN!No
FS AgentXfagent.exeAdded by the VOLVER-B TROJAN!No
fagyqcoqlemeXfagyqcoqleme.exeDetected by McAfee as RDN/Downloader.a!fd and by Malwarebytes Anti-Malware as Trojan.Agent.USNo
FairPointServicepoint.exeYFairPointServicepoint.exeFairPoint Servicepoint Agent tool installed when you choose to install their internet security suite - sourced by Radialpoint. Apart from downloading the suite installation files, the exact purpose is unknown at this time but it may be used to source critical updates and alerts so should therefore be left enabledNo
faiwekXfaiwek.exeAdded by the VBKRYPT.ABFH TROJAN!No
fajenignyrraXfajenignyrra.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
fakelookfakelook.exeXfakelook.exeDetected by Malwarebytes Anti-Malware as Trojan.Banker. The file is located in %UserProfile%\[numbers]No
fakocanXfakocan.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %Root%No
Windows Sistem UpdaterXfakocan.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %Root%No
Load32XFalckon.exeDetected by Symantec as W32.HLLW.Vicety and by Malwarebytes Anti-Malware as Worm.VicetyNo
windllXFalcon.exeDetected by Malwarebytes Anti-Malware as Trojan.Downloader. The file is located in %AppData%No
blah serviceXFaLeH.exeAdded by the RBOT-AES WORM!No
UCmdXfallfour.exeAdded by the SDBOT-AZA WORM!No
Toshiba FanYfan.exeToshiba untilty to keep the fan on a laptop running if they fail to detect there is too much heatNo
fapmon?fapmon.exeFair Access Policy monitor for DirecPC/DirecWay internet accessNo
Far2XFar2.exeDetected by Dr.Web as BackDoor.Armagedon.22No
farkrishXfarkrish.exeAdded by a variant of the Storm/Nuwar/Zhelatin WORM! See here for an exampleNo
farmmextXfarmmext.exeVX2.Transponder parasite updater/installer relatedNo
FashXFash.exeIBIS Toolbar hijackerNo
fastNfast.exeOptional install from an early release of the Windows XP PowerToys to provide an option for very-fast user switching (allowing a keystoke to switch users instead of using the login screen). It is only used for the hot-key switch and yet it hogs 1.5 megs of memory in two separate processes (one run by the user & one by the system)No
FastUserNfast.exeOptional install from an early release of the Windows XP PowerToys to provide an option for very-fast user switching (allowing a keystoke to switch users instead of using the login screen). It is only used for the hot-key switch and yet it hogs 1.5 megs of memory in two separate processes (one run by the user & one by the system)No
FastUsrNfast.exeOptional install from an early release of the Windows XP PowerToys to provide an option for very-fast user switching (allowing a keystoke to switch users instead of using the login screen). It is only used for the hot-key switch and yet it hogs 1.5 megs of memory in two separate processes (one run by the user & one by the system)No
FAST DefragNFAST2.EXEFastDefrag defragmenting softwareNo
Fast Antivirus 2009XFastAV.exeFast Antivirus rogue security software - not recommended, removal instructions hereNo
Microsoft Office Fast CacheNFastboot.exePart of MS Office 95 (v7.0). According to this it improves the performance. Most likely a predecessor of MS Find Fast and can be disabledNo
FBSearchXFastBrowserSearchProtection.exeFast Browser Search/Search Guard Plus parasite - installed with "Make the Web Better" applications such as My Web Tattoo, My Face LOL and Google Easy Money Kit. See here and here for more informationNo
fastcurestart.exeXfastcurestart.exeFastCure rogue security software - not recommended, removal instructions hereNo
acocashXfastdown.exeAdult content diallerNo
acocashXFASTFOWN.EXEAdult content diallerNo
FastLinkAgentXFastLinkAgent.exeDetected by McAfee as RDN/Generic.bfr!ccNo
fastcsXfastns32.exeDetected by Sophos as Mal/Inject-CYNo
FastScanMainXFastScan.exeFastScan rogue security software - not recommended, removal instructions hereNo
fastsmellXfastsmell.exeAdded by a variant of the Storm/Nuwar/Zhelatin WORM! See here for an exampleNo
FastTVSyncUFastTVSync.exePart of InterVideo (now Corel) DVD Copy - "fast DVD copying and file conversion software. In just three steps, you can copy videos to most DVD formats, or convert them for smooth, flawless viewing on your PSP® or iPod®. With broad format support and unique CopyLater™ technology, DVD Copy saves you time and ensures high-quality output like no other copying software"No
Buttons & OSDs control application gen2UFastUserSwitching.exeAllows for fast user switching between user accounts without logging off via a hotkey on some HP/Compaq machines - see hereNo
Buttons & OSDs control application gen3UFastUserSwitching.exeAllows for fast user switching between user accounts without logging off via a hotkey on some HP/Compaq machines - see hereNo
DellOSDUFastUserSwitching.exeAllows for fast user switching between user accounts without logging off via a hotkey on some Dell machinesNo
HotkeyUFastUserSwitching.exeAllows for fast user switching between user accounts without logging off via a hotkey on some Pegatron machines. Pegatron is an ASUS OEM - see hereNo
UserSwitchUFastUserSwitching.exeAllows for fast user switching between user accounts without logging off via a hotkey on some Dell machines (and maybe others?)No
fastvaccinestart.exeXfastvaccinestart.exeDetected by McAfee as Generic.tfrNo
fastvaccine mainXfastvaccineu.exeDetected by McAfee as Generic.tfrNo
faTXfaT.exeAdded by the BANKER-DFP TROJAN!No
fat.exeXfat.exePart of the WinAntiVirus Pro 2006 and WinAntiVirus Pro 2007 rogue security programs - not recommended, removal instructions here and hereNo
Fat32 MicrosoftXfat32.exeAdded by the RBOT-EL WORM!No
FATrayAlertYFATrayMon.exePart of the FastAccess facial recognition utility by Sensible VisionNo
fatrecovUfatrecov.exeSCKeyLog.j keystroke logger/monitoring program - remove unless you installed it yourself!No
dagoXfault.exeDetected by Sophos as W32/Punya-ANo
favoclipXfavoclips.exeDetected by McAfee as Generic Downloader.x!fyo and by Malwarebytes Anti-Malware as Adware.AgentNo
FavoriteSyncUFavoriteSync.exeFavoriteSync keeps the same set of Internet Explorer Favorites on several computers in syncNo
Windows GuardianUFawgrd32.exePart of First Aid by Cybermedia who were subsequently bought by McAfee (Network Associates). Protects your Windows system from application failure and crashesNo
11Xfaxcomdos.exeAdded by the DLOADER-KF TROJAN!No
RightFAX Print-to-Fax DriverUFaxCtrl.exePart of RightFAX from Captaris - "the proven market leader in fax server and document delivery software"No
WinFax PRONFAXMNG32.EXEWinFax PRO from Symantec - fax management softwareNo
L0adersXfaxneti.exeAdded by a variant of the SDBOT BACKDOOR!No
CstlFaxTrayUFaxTray.ExeSystem Tray access to OpenText Fax Appliance, FaxPress (formerly Castelle FaxPress) - which "offers a combined hardware and software faxing solution, providing every possible computer-based, network fax option"No
Gestionnaire de lancement d'application faxUfaxtray.exeSystem Tray access to Internet Fax software by Alliance MCANo
Lancement Application FaxUfaxtray.exeSystem Tray access to Fax-Internet (by Axmapresse) and SafeFax (by Alliance MCA) internet fax softwareNo
systray for fax applicationsUfaxtray.exeSystem Tray access to Fax-Internet software by AXMANo
FBDirectUFBDirect.exeSoftware that monitors the status of a Visioneer OneTouch scanner button and allows you to scan, fax, copy, print, and easily communicate by simply dragging and dropping scans on your PaperPort Desktop!No
PP****usbNFBDirect.exeSoftware that monitors the status of a Visioneer OneTouch scanner button and allows you to scan, fax, copy, print, and easily communicate by simply dragging and dropping scans on your PaperPort Desktop!. The **** represents the model, 5300, 7600, etc. Available via Start → ProgramsNo
SpeedDownloadXFBDManager.exeDetected by McAfee as Generic PUP.x and by Malwarebytes Anti-Malware as Adware.Korad. The file is located in %AppData%\SpeedDownloadNo
FBI?FBISM.exeCompaq related but what does it do?No
Mount Safe & SoundUFbmount.exeFrom McAfee VirusScan version 5.x. Creates back-up sets of critical files in a separate area of a hard drive. If you make regular back-ups it's not needed and can be painful during system startNo
dvsfssXfbsfsdrs.exeAdded by the SDBOT-QA WORM!No
FacebookUpdateXfbupdate.exeDetected by Sophos as Troj/Sisron-G and by Malwarebytes Anti-Malware as Trojan.QHostsNo
InstallMonXfbx.exeAdded by the MDROP-CZK TROJAN!No
BlazeChangerNFBZPaper.exeEmber graphic file viewer, manager, and touch-up systemNo
System33XFB_PNU.EXEAdded by the NICHELLO-A WORM!No
FastCacheUfc.exeFastCache from AnalogX - speeds up browsing by resolving DNS requests locallyNo
fcabafaaddeafadXfcabafaaddeafad.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %AppData%\{GUID}No
FCACheckUFCACheck.exeFamily Cyber Alert surveillance software. Uninstall this software unless you put it there yourselfNo
FCEngineXFCEngine.exeCASClient adwareNo
FCHelpXFCHelp.exeAdded by either FCHelp adware or a variant of itNo
NTSF MICROSOFT SYSTEMXfck.exe.exeDetected by Malwarebytes Anti-Malware as Backdoor.BotNo
FCleanerUFCleaner.exeFCleaner by FTweak Inc - "is a freeware all-in-one Windows disk and registry cleaning and optimization tool. It removes unused files and invalid registry entries that are eating up your disk space and slowing your system down, tweaks your system and allows your Windows to run faster." Features include removing unused files, cleaning internet history, managing startup programs and a fully featured registry cleanerYes
FTweakFCleanerUFCleaner.exeFCleaner by FTweak Inc - "is a freeware all-in-one Windows disk and registry cleaning and optimization tool. It removes unused files and invalid registry entries that are eating up your disk space and slowing your system down, tweaks your system and allows your Windows to run faster." Features include removing unused files, cleaning internet history, managing startup programs and a fully featured registry cleanerYes
User ManagerXfcllls.exeAdded by the ZAGABAN-B TROJAN!No
FCManXFCMan.exeFCHelp adwareNo
FD_SAPUFD.exeReported to be the autopassword program from the Sony Microvault thumb driveNo
FreshDownloadNFD.EXEFresh Download from Freshdevices.com - "is a download manager for Internet Explorer that helps you downloading files from the Internet, such as your favorite freeware/shareware, mp3 files, movie files, picture collections, etc"Yes
DiomacdXfdafbfd.exeAdded by the MULDROP.F TROJAN!No
Free Downloads Monitor?fdcmon.exe??No
FDD SYSTEMXFdd.exeAdded by the MYTOB-FO WORM!No
Tji771Xfddg.exeAdded by the PALEVO.AVJI WORM!No
msjdqsXfddwqt.exeAdded by the SDBOT-PO WORM!No
wzxzxdsXfdfddad.exeAdded by the RANKY.AB TROJAN!No
Free Download ManagerNfdm.exeFree Download Manager - "a powerful, easy-to-use and absolutely free download accelerator and manager"No
Windows UpdateXfdos.exeDetected by Sophos as W32/Rbot-COG and by Malwarebytes Anti-Malware as Backdoor.IRCBotNo
FdDirXFdPrg.exeDetected by Dr.Web as Trojan.DownLoader6.59063 and by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %CommonAppData%\FdDirNo
FdDirXFdPrg.exeDetected by Dr.Web as Trojan.Siggen4.35733 and by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %AppData%\FdDirNo
WMGILXfdRUP.exeDetected by McAfee as Generic BackDoor and by Malwarebytes Anti-Malware as Trojan.AgentNo
msgsmrsgsXfdxit.exeAdded by the SDBOT-QY WORM!No
ODBC BackUpUfdxxl.exeG Data "PC Spion". PC monitoring and surveilling software, captures all users activity on the PC, see here. Disable/remove if you didn't install it yourself!No
SysPilotUfdxxl.exeG Data "PC Spion". PC monitoring and surveilling software, captures all users activity on the PC, see here. Disable/remove if you didn't install it yourself!No
fe32e6b321a15a20570ae15a1efc1f36Xfe32e6b321a15a20570ae15a1efc1f36.exeDetected by Dr.Web as Trojan.DownLoader7.21667 and by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
MSys32Ufe33c1ae.exeWebentrance adwareNo
FeCPYXfecpy.exeFlashEnhancer adwareNo
Monitor SynManagerXfecwvncd.exeAdded by the SDBOT-IW WORM!No
WABXfeda200219.exeDetected by Dr.Web as Trojan.Siggen5.10954 and by Malwarebytes Anti-Malware as Trojan.AgentNo
FlySkyXfeeba1.exeDetected by Microsoft as TrojanDownloader:Win32/Dofoil.RNo
Agnitum OutpostYfeedback.exePart of the error reporting mechanism for the Outpost range of security products from Agnitum Ltd - including Outpost Firewall Pro, Outpost Antivirus Pro and Outpost Security Suite Pro. Dumps the system information to a log at startup in case it's needed and exits. Located in an "Agnitum" sub-directory of %ProgramFiles%Yes
feedbackYfeedback.exePart of the error reporting mechanism for the Outpost range of security products from Agnitum Ltd - including Outpost Firewall Pro, Outpost Antivirus Pro and Outpost Security Suite Pro. Dumps the system information to a log at startup in case it's needed and exits. Also used by Lavasoft Personal Firewall and located in either "Agnitum" or "Lavasoft" sub-directories of %ProgramFiles%No
Lavasoft Personal FirewallYfeedback.exePart of the error reporting mechanism for Lavasoft Personal Firewall. Dumps the system information to a log at startup in case it's needed and exits. Located in %ProgramFiles%\Lavasoft\Personal Firewall. Based upon the Outpost Firewall by Agnitum LtdYes
lavasoftFeedBackYfeedback.exePart of the error reporting mechanism for Lavasoft Personal Firewall. Dumps the system information to a log at startup in case it's needed and exits. Located in %ProgramFiles%\Lavasoft\Personal Firewall. Based upon the Outpost Firewall by Agnitum LtdYes
OutpostFeedBackYfeedback.exePart of the error reporting mechanism for the Outpost range of security products from Agnitum Ltd - including Outpost Firewall Pro, Outpost Antivirus Pro and Outpost Security Suite Pro. Dumps the system information to a log at startup in case it's needed and exits. Located in an "Agnitum" sub-directory of %ProgramFiles%Yes
feedreader.exeUfeedreader.exe"Feedreader is a freeware Windows application that reads and displays Internet newsfeeds aka ATOM and RSS feeds based on XML"No
FEELitDeviceManagerUfeelitdm.exeAssociated with Immersion TouchSense devices (Logitech Wingman Force Feedback Mouse and possibly other peripherals)No
FELUMMAWAKSUXfelummawaksu.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.US. The file is located in %UserProfile%No
femokybhawamXfemokybhawam.exeDetected by Trend Micro as TROJ_DLOAD.BTNNo
Microsoftf DDEs ControlXFEnR.exeAdded by the RBOT-AIM WORM!No
Fen StartupsXfensvc32.exeAdded by the RANDEX.CCF WORM!No
FerrariWallPaperUFerrariWP.exeCalendar that replaces the default desktop background image. It comes with every Acer Ferrari 3000 laptop. Also downloadable for members of www.ferrari.comNo
NowwwfaaaName-CryptXFeuerzewfaawug.exeDetected by Malwarebytes Anti-Malware as Backdoor.Bot. The file is located in %Temp%No
NowwwName-CryptXFeuerzewwug.exeDetected by Malwarebytes Anti-Malware as Backdoor.Bot. The file is located in %Temp%No
fewapinybeaxXfewapinybeax.exeDetected by McAfee as PWS-Zbot.gen.amv and by Malwarebytes Anti-Malware as Trojan.Agent.USNo
SavasddwqXffasd.exeAdded by the SDBOT-SI WORM!No
Norton Auto-ProtectXffbaqe.exeAdded by the SLINBOT.RF BACKDOOR! Note - this is not a valid Norton productNo
ffisXffisearch.exeDetected by McAfee as Adware-ISearchNo
ffprsrvYffprsrv.exeFile and Folder Privacy - is a "system security utility you can use to password-protect or hide your files and folders with a click of mouse. The program will always prompt to enter your access password when protection is enabled and a user is trying to access a protected file or folder". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
ffprsrv.exeYffprsrv.exeFile and Folder Privacy - is a "system security utility you can use to password-protect or hide your files and folders with a click of mouse. The program will always prompt to enter your access password when protection is enabled and a user is trying to access a protected file or folder". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
ffpsrvYffpsrv.exeFile & Folder Protector - "great easy-to-use password-protected security utility lets you password-protect certain files and folders, or to hide them securely from viewing and searching just with a click of mouse". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
ffpsrv.exeYffpsrv.exeFile & Folder Protector - "great easy-to-use password-protected security utility lets you password-protect certain files and folders, or to hide them securely from viewing and searching just with a click of mouse". If this entry is disabled, any files/folders that are protected/hidden will no longer be accessible without first accessing the main programYes
dS35DLLXffqca.exeAdded by the SDBOT-KV WORM!No
MS32DLLXffqca.exeAdded by the SDBOT-YD WORM!No
Windows Reg ServicesXffservice.exeAdded by the DLOADER-PL or DLOADER-XM TROJANS!No
DfqwSfSXffsqsd.exeAdded by the SDBOT-SH WORM!No
fftJvuYYiwIXfftJvuYYiwI.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
FreeFallProtectionYFF_Protection.exeFound on some Dell laptops (any maybe others which include an STMicroelectronics accelerometer) - provides protection for supported hard disks when a fall or sudden movement is detected by "parking" the drive reading heads to avoid damageNo
MSMSGNERXfgozmox.exeAdded by the AGENT-EBJ BACKDOOR!No
FheSrvXFheSrv32.exeAdded by the DELF.AFH BACKDOOR!No
Windows MS Update 32Xfhm.exeAdded by a variant of the IRCBOT BACKDOOR!No
FhtisxkUfhtisxk.exeXtraKeys keystroke logger/monitoring program - remove unless you installed it yourself!No
fiangedrvXfiangedr.exeDetected by Malwarebytes Anti-Malware as Trojan.Dropper. The file is located in %System%No
akjhskh8hnXFifa.exeDetected by Malwarebytes Anti-Malware as Trojan.Delf. The file is located in %AppData%No
Windows Service Pack Auto UpdateXfiggaz.exeDetected by Kaspersky as the AGENT.BT TROJAN!No
1052b8e9071d5b658c32c84c463014f5Xfile.exeDetected by Dr.Web as Trojan.DownLoader8.11031 and by Malwarebytes Anti-Malware as Spyware.BankerNo
Adobe UpdatesXfile.exeDetected by McAfee as Generic PWS.y!dr3. Note - this is not a legitimate Adobe entryNo
DLLXfile.exeDetected by Malwarebytes Anti-Malware as Backdoor.Bot. The file is located in %UserTemp%No
GoogleUpdateXfile.exeDetected by Malwarebytes Anti-Malware as Backdoor.IRCBot. The file is located in %UserTemp%No
hfghgfXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %UserTemp%No
hhffXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.ZB. The file is located in %UserTemp%No
hsdfghgsssXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Zbot. The file is located in %UserTemp%No
Java RuntimeXfile.exeDetected by Dr.Web as Trojan.DownLoader6.51392 and by Malwarebytes Anti-Malware as Trojan.AgentNo
MessengerXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %Temp%No
Microsoft DLL VerifierXfile.exeAdded by the RBOT-AED WORM!No
MSNXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %UserTemp%No
NEWXfile.exeDetected by Malwarebytes Anti-Malware as Spyware.Zeus. The file is located in %UserTemp%No
Notepad.exeXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Inject. The file is located in %UserTemp%No
rundll32Xfile.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %Temp%No
StartupHelpXfile.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %Temp%No
StartupNameXFile.exeDetected by Dr.Web as Trojan.DownLoader7.16318 and by Malwarebytes Anti-Malware as Backdoor.Agent.DC. The file is located in %AppData%No
StartupNameXFile.exeDetected by Dr.Web as Trojan.DownLoader7.16318 and by Malwarebytes Anti-Malware as Backdoor.Agent.DC. The file is located in %Temp%No
systemXfile.exeDetected by Dr.Web as Trojan.DownLoader8.32017 and by Malwarebytes Anti-Malware as Backdoor.AgentNo
USB ControllerXfile.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %Temp%No
SHOWSTRUCKXFileadhesive.exeDetected by McAfee as RDN/Generic FakeAlert!bg and by Malwarebytes Anti-Malware as Backdoor.MessaNo
FDoumiStartXfiledoumiupgrade.exeDetected by Malwarebytes Anti-Malware as Adware.KorAd. The file is located in %AppData%\filedoumiNo
FDoumiup2StartXfiledoumiuphp.exeDetected by Malwarebytes Anti-Malware as Adware.KorAd. The file is located in %AppData%\filedoumiNo
NTFSS Microsoft SystemXfilees.exeDetected by Trend Micro as WORM_RBOT.GABNo
BSserverXFileKan.exeAdded by the VB.CBW WORM!No
File Protection MonitorXfilemon.exeAdded by a variant of Win32/RbotNo
filenXfilen.exeAdded by the VBNAM-A WORM!No
Service CleanerXfilen.exeAdded by the RBOT.BRH WORM!No
Service MonitorXfilen.exeAdded by a variant of Win32/RbotNo
ADOBEDLLXFileName.exeDetected by McAfee as RDN/Generic.bfr and by Malwarebytes Anti-Malware as Backdoor.Agent.DCNo
ChromeXFileName.exeDetected by Kaspersky as Trojan.Win32.VBKrypt.cghr. Note - this is not a legitimate Google Chrome browser fileNo
Configuration LoaderXFILENAME.EXEAdded by the AGOBOT-DQ WORM!No
filenameXfilename.exeAdded by the VB.FSY TROJAN!No
HOT FIXXfilename.exeAdded by the SDBOT-DKM WORM!No
Key NameXFileName.exeDetected by Dr.Web as Trojan.DownLoader3.22897 and by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %AppData%\DirectoryNo
Key NameXFileName.exeDetected by Dr.Web as Trojan.DownLoader6.9518 and by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %AppData%\FolerNameNo
KeyNameXFilename.exeDetected by McAfee as Generic Dropper and by Malwarebytes Anti-Malware as Trojan.Agent.GenNo
Windows ServicesXfilename.exeDetected by Kaspersky as Backdoor.Win32.SdBot.fsk and by Malwarebytes Anti-Malware as Backdoor.Agent.GenNo
ActiveX File Registration ServiceXfilereg.exeAdded by the RBOT-DVD WORM!No
NTFSS MICROSOFT SYSTEMXfiless.exeAdded by the RBOT.AXZ WORM!No
FileTap_UDControlXFiletap_UDControl.exeDetected by Dr.Web as Trojan.DownLoader6.29826 and by Malwarebytes Anti-Malware as Adware.KoradNo
HKCUXfilewin.exeDetected by McAfee as Generic.bfr!gw and by Malwarebytes Anti-Malware as Backdoor.HMCPol.GenNo
HKLMXfilewin.exeDetected by McAfee as Generic.bfr!gw and by Malwarebytes Anti-Malware as Backdoor.HMCPol.GenNo
PoliciesXfilewin.exeDetected by McAfee as Generic.bfr!gw and by Malwarebytes Anti-Malware as Backdoor.Agent.PgenNo
SystemTasksXfilez.exeAdult content diallerNo
FileZilla Server InterfaceNFileZilla Server Interface.exeFrontend for the free FileZilla FTP serverNo
FILE_77186XFILE_77186.exeAdded by the AUTWRM-E MALWARE!No
FilmLoopUFilmLoopService.exeRelated to FilmLoop - a photocasting network. Share your pictures with your family and friendsNo
FilterGateUfiltergate.exeFiltergate internet filtering software - filters sounds, popup ads, background sound and other unnecessary website itemsNo
FilterguardUFiltrgrd.exeAn icon located in the lower left of the screen and looks like a lifesaver. This icon is a "short-cut" to access the basic features of SOS-Guardian, SOS-KidProof Lite, SOS Best Defense and SOS Pro such as Internet filtering utility. You can access this menu by "right-clicking" on the iconNo
xVgILXFIMVD.exeDetected by Malwarebytes Anti-Malware as Trojan.LVBP. The file is located in %AppData%No
FindXfind.exeAdded by the OPANKI WORM!No
FirstXFinddir.exeAdded by the DELF-EZD TROJAN!No
Find FastNFindfast.exeFrom older versions of MS Office - searches disk drives for Office file types and creates an index to make opening them easier. When indexing is in progress it can use lots of CPU time and memory - especially on slower/older machinesNo
findfastXfindfast.exeAdded by the DLOADER.PFR TROJAN! Note - the is not the legitimate file of the same name installed with older versions of MS OfficeNo
findfast.exeXfindfast.exeIdentified as the RUNDIS.A TROJAN! Note - the is not the legitimate file of the same name installed with older versions of MS OfficeNo
Microsoft Find FastNFindfast.exeFrom older versions of MS Office - searches disk drives for Office file types and creates an index to make opening them easier. When indexing is in progress it can use lots of CPU time and memory - especially on slower/older machinesYes
BrowseProxyXFindService.exeAdvSearch adwareNo
win32KernelXfindx.exeAdded by the BANLOA-EY TROJAN!No
FineTopXFineTop.exeDetected by Microsoft as Adware:Win32/FineTopNo
FineTopUDFXFineTopUDF.exeDetected by Microsoft as Adware:Win32/FineTopNo
ASDPLUGINXFinland.exeAsdPlug premium rate adult content dialerNo
FIREBOXUFIREBOX Control.exeControl panel for the PreSonus FireBox Firewire based personal recording studioNo
FireBox Control PanelUFireBox.exeControl panel for the PreSonus FireBox Firewire based personal recording studioNo
Mozila FirefoxXfirebox.exeAdded by the RBOT-AIP WORM!No
FireExplore UpdateXFireExplore.exeAdded by a variant of Win32/RbotNo
firefox udate.exeXfirefox udate.exeDetected by McAfee as PWS-Zbot.gen.aru and by Malwarebytes Anti-Malware as Backdoor.Agent.DCNo
saodsae1Xfirefox..exeDetected by McAfee as RDN/Generic BackDoor!k and by Malwarebytes Anti-Malware as Backdoor.AgentNo
36d7a02fbca41f608c4baf27f6374668Xfirefox.exeDetected by Dr.Web as Trojan.DownLoader7.6718 and by Malwarebytes Anti-Malware as Trojan.MSIL. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %AppData%No
firefoxXfirefox.exeDetected by Kaspersky as Backdoor.Win32.mIRC-based.p and by Malwarebytes Anti-Malware as Trojan.Downloader. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %WinTemp%\historyNo
firefoxXfirefox.exeDetected by McAfee as Generic Dropper and by Malwarebytes Anti-Malware as Trojan.MSIL. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %AppData%\MozillaNo
FireFoxXfirefox.exeDetected by Sophos as W32/Rbot-ATP and by Malwarebytes Anti-Malware as Backdoor.IRCBot. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %System%No
Firefox helperXfirefox.exeDetected by Microsoft as Trojan:Win32/Ransom.EJ. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %AppData%\mozilla\firefoxNo
firefox.exeXfirefox.exeDetected by Sophos as Troj/Banker-EBO and by Malwarebytes Anti-Malware as Backdoor.IRCBot. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %System%No
MicrosoftXfirefox.exeDetected by Sophos as W32/Rbot-GVJ and by Malwarebytes Anti-Malware as Backdoor.IRCBot. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %System%No
Mozilla FirefoxXfirefox.exeDetected by Kaspersky as Worm.Win32.AutoRun.pom and by Malwarebytes Anti-Malware as Backdoor.IRCBot. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %System%No
Windows Internet Explorer 6Xfirefox.exeDetected by Trend Micro as WORM_SPYBOT.ANA and by Malwarebytes Anti-Malware as Backdoor.IRCBot. Note - this is not the Mozilla Firefox web browser which is normally located in %ProgramFiles%\Mozilla Firefox. This one is located in %System%No
Firefox Plugin ManagerXfirefoxpgm.exeAdded by the MSNPHOTO.E WORM!No
Firefox PreloaderUFirefoxPreloader.exeFirefox Preloader - "a utility that is designed to load parts of Mozilla Firefox into memory before it is used to improve the its startup time". Even on fast machines Firefox can take a while to loadYes
hadespeterXfirefx_.exeAdded by the AGENT-QVT TROJAN!No
EleFunAnimatedWallpaperUFireplace.exeFireplace animated wallpaper fromNo
FirePodYFIREPOD.EXEDriver for the PreSonus FP10 (formerly FirePod) Firewire recording systemNo
McAfee Desktop Firewall TrayYFireTray.exeMcAfee Desktop FirewallNo
McAfeeFireTrayYFiretray.exeMcAfee Desktop FirewallNo
firewalXfirewal.exeAdded by the BANCBAN-QY TROJAN!No
Life FireWall Update1XFireWall-Update1.exeAdded by the RBOT-ARS WORM!No
Personal Firewall V9XFirewall-UpdateV9.exeAdded by the RBOT-BJR WORM!No
FirewallXFirewall.batAdded by the YPSAN.G WORM!No
Ashampoo FireWallYFireWall.exeAshampoo® Firewall FREEYes
Ashampoo FireWall PROYFireWall.exeAshampoo® Firewall PROYes
dwStartNFireWall.exeThe Shield firewall from pcsecurityshield.com. Not recommended by some (see here) and there are better free alternatives out there such as Zone Alarm. Located in %ProgramFiles%\PCSecurityShield\The Shield FirewallNo
firewallXfirewall.exeAdded by the SURO-A TROJAN!No
FireWall.exeYFireWall.exeAshampoo® Firewall FREE and PRO. Located in an Ashampoo related sub-directory of %ProgramFiles%Yes
Firewall.exeXFirewall.exeAdded by the AGENT.AGL BACKDOOR! Located in %System%No
HKCUXfirewall.exeDetected by Malwarebytes Anti-Malware as Backdoor.HMCPol.Gen. The file is located in %System%\system32No
HKLMXfirewall.exeDetected by Malwarebytes Anti-Malware as Backdoor.HMCPol.Gen. The file is located in %System%\system32No
Microsoft Internet FirewallXfirewall.exeAdded by the IRCBOT.MD BACKDOOR! Located in %System%No
Microsoft Security Monitor ProcessXfirewall.exeAdded by a variant of the IRCBOT BACKDOOR! Located in %System%No
Microsoft Service firewall ManagerXfirewall.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
PoliciesXfirewall.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent.PGen. The file is located in %System%\system32No
ProtectionXFirewall.exeAdded by the ELIPTER.A or ELIPTER.B WORMS! Located in %ProgramFiles%\Internet ExplorerNo
Windows Network FirewallXfirewall.exeAdded by the POEBOT-J WORM! Located in %System%No
WindowsDefenderXfirewall.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %MyDocuments%\WindowsNo
00PCTFWYFirewallGUI.exeSystem Tray access to PC Tools Firewall Plus from PC Tools - which "is a powerful personal firewall for Windows that protects your computer from intruders and controls the network traffic in and out of your PC"Yes
FirewallGUIYFirewallGUI.exeSystem Tray access to PC Tools Firewall Plus from PC Tools - which "is a powerful personal firewall for Windows that protects your computer from intruders and controls the network traffic in and out of your PC"Yes
PC Tools Firewall PlusYFirewallGUI.exeSystem Tray access to PC Tools Firewall Plus from PC Tools - which "is a powerful personal firewall for Windows that protects your computer from intruders and controls the network traffic in and out of your PC"Yes
Life Personal FirewallXFirewallingV10.exeAdded by the RBOT-BKF WORM!No
Microsoft FirewallXfirewallsp2.exeAdded by the RBOT-MC WORM!No
FirewallStartupUFirewallstartup.exeInnovative Startup Firewall - "designed to protect your computer from programs that install themselves in the StartUp area of your Windows without asking for your approval. Innovative StartUp Firewall will help you keep your computer clean, fast and in it's best shape"No
FirewallSvrXFirewallSvr.exeAdded by the NETSKY.X or NETSKY.Y WORMS!No
firewall_antiXfirewall_anti.exeAdded by the NETDENY-B TROJAN!No
Microsoft Synchronization ManagerXfirewire.exeAdded by the SDBOT-AFC WORM!No
weboqacucXfiritirol.exeAdded by the SDBOT-UC WORM!No
Systam13Xfirst.exeAdded by the RBOT.GND BACKDOOR!No
HGTXPEINFirstReboot.exeHerucles Audio tool for the Hercules Game Theater XP soundcard. Available via Start → Settings → Control PanelNo
OM_MonitorNFirstStart.exeOlympus Master management tool for their range of digital camerasNo
OM2_MonitorNFirstStart.exeOlympus Master management tool for their range of digital camerasNo
DesktopX WidgetUFishy.exeFishy widget included with the DesktopX desktop utility from Stardock Corporation. Displays a fish swimming on the desktop. Once started, Fishy.exe loads a file called "DXWidget.exe" and exitsYes
FishyUFishy.exeFishy widget included with the DesktopX desktop utility from Stardock Corporation. Displays a fish swimming on the desktop. Once started, Fishy.exe loads a file called "DXWidget.exe" and exitsYes
nnmb4wXfisnmn.exeAdded by the VB-FDF TROJAN!No
Fix ToolXFix-Tool.exeFix Tool rogue system error and cleaning utility - not recommendedNo
SyncMonXfixcomdos.exeAdded by the CLUNKY-B TROJAN!No
MSNXFixdriver.exeAdded by the SILLYFDC.BBY WORM!No
ARCHIVE CONTROLXfixupdattr.exeAdded by the MYTOB.GU WORM!No
Windows has LayerXfixweb.exeAdded by the SPYBOT.AWS WORM!No
fiztumgofuzbXfiztumgofuzb.exeDetected by McAfee as RDN/Downloader.a!bb and by Malwarebytes Anti-Malware as Trojan.Agent.USNo
FJUPDNV_ChitoseNfjdvrupd.exeDriver update for a Fujitsu Siemens Lifebook laptopNo
FjMenuUFjMenu.exeFrom the "Fujitsu Menu" tray icon you have instant access to the Control Panel, Tablet pc keyboard, Tablet and pen settings, Fujitsu display controls, brightness control, sounds and audio devices, capture screen, capture window, organize favorites, power options, printers and faxes, LCD brightness MIN, LCD brightness MAX, Enable/disable Button Panel and the Fujitsu menu settings, which are customizableNo
Fujitsu MenuUFjMnuIco.exeFrom the "Fujitsu Menu" tray icon you have instant access to the Control Panel, Tablet pc keyboard, Tablet and pen settings, Fujitsu display controls, brightness control, sounds and audio devices, capture screen, capture window, organize favorites, power options, printers and faxes, LCD brightness MIN, LCD brightness MAX, Enable/disable Button Panel and the Fujitsu menu settings, which are customizableNo
fjqim4Xfjqim4.exeDetected by Malwarebytes Anti-Malware as Backdoor.Bifrose. The file is located in %ProgramFiles%\BackgroundCMDNo
FJTWAIN SetupUFjtwSetup.exeFujitsu scanner utilityNo
fkSysMonNfksysmon.exefkWrae SysMon - system monitor - "displays the current memory consumption, CPU and resource usage, date, time, Windows uptime, IP address and a lot more"No
FlaCPYXflacpy.exeFlashEnhancer adwareNo
ad4d45303f2237f7bec35a28f3352dd7Xflash player.exeDetected by McAfee as RDN/Generic.tfr!a and by Malwarebytes Anti-Malware as Trojan.AgentNo
Macromedia 8XFlash Player.exeAdded by the JAMBU-A WORM!No
Flash UpdaterXFlash Updater.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.AI. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
FlashXFlash.exeAdded by the BANKER.ETK TROJAN!No
flash.exeXflash.exeDetected by Malwarebytes Anti-Malware as Backdoor.IRCBot. The file is located in %Temp%\..No
Microsoft Security Monitor ProcessXflash.exeAdded by the EGGDROP.EE BACKDOOR!No
microsoftflashXflash.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent.FLA. The file is located in %System% - see hereNo
RegistryKeyXflash.exeAdded by the LOGONINVADER.A TROJAN!No
Flash32XFLASH32.COMAdded by the STARTER-F TROJAN!No
FlashEncUFlashEnc.exeSupplied with EasyDisk USB pen devices. The utility manages the encryption and compressed folders options. It will create these folders if running on the USB key without permission, which is a pain. No need for it if you do not want these featuresNo
.FlashXFlasher.exeDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %AppData%\.FlashNo
FlashgetNFlashGet.exeFlashGet download manager. Located in %ProgramFiles%\FlashGetNo
Flashget Download ManagerXFlashget.exeAdded by the RBOT-AGZ WORM! Located in %System%No
FlashGuardXFlashGuard.exeAdded by the AUTOIT.AL WORM!No
DataCachingNFlashKsk.exeSmartMedia Card management from the installation of a SanDisk reader for a camera's SmartMedia card and also adds the "Unplug and Eject Hardware" System Tray iconNo
FlashMuteUFlashMute.exe"FlashMute is a tool which allows you to mute/unmute Flash Movies loaded in a browser exclusively, or alternatively all sounds produced by the browser"No
flashplayerXflashplayer.exeDetected by McAfee as Generic Dropper!fd3 and by Malwarebytes Anti-Malware as Trojan.AgentNo
Java(TM) UpdaterXFlashPlayer.exeDetected by Malwarebytes Anti-Malware as Trojan.Backdoor. The file is located in %Windir%\Documents and SettingsNo
Shockwave SupportXFlashPlayer.exeAdded by the DELF-DRA WORM!No
flashplayerappXflashplayerapp.exeDetected by Malwarebytes Anti-Malware as Trojan.FakeAdobe. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
FlashPlayerPlug_31014353XFlashPlayerPlug_31014353.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %AppData%\FlashPlayerEditionNo
Macromedia Flash Player AddonXFlashSDK.exeDetected by ESET as Win32/VB.NYTNo
MicrosoftCorpXflashsplayer.exeAdded by a variant of the IRCBOT BACKDOOR! See hereNo
MicrosoftNAPCXflashsplayer.exeAdded by a variant of the IRCBOT BACKDOOR! See hereNo
FlashUpdateXFlashUpdate.exeDetected by Dr.Web as Trojan.Click2.42764 and by Malwarebytes Anti-Malware as Trojan.FakeFlashNo
WindowsXFlashUtil59k.exeDetected by Malwarebytes Anti-Malware as Backdoor.PWin.Gen. The file is located in %AppData%\Adobe Flash FolderNo
meXflashutill.exeDetected by Dr.Web as Trojan.SMSSend.2969 and by Malwarebytes Anti-Malware as Trojan.MSILNo
Flashy BotXFlashy.exeAdded by the GLUPZY.A WORM!No
Adobe Flash PlayerXflash_player.exeDetected by Dr.Web as Trojan.DownLoader5.3979 and by Malwarebytes Anti-Malware as Trojan.Scar. The file is located in %Root%\5fab54f222460aa69cf4d6b8b96e58fbNo
Adobe Flash PlayerXflash_player.exeDetected by Dr.Web as BackDoor.IRC.Sdbot.17537 and by Malwarebytes Anti-Malware as Trojan.Fakesig. The file is located in %LocalAppData%\AdobeNo
PP3100bNflatbed.exeTwain driver for the Visioneer PaperPort 3100b scanner that allows you to scan, fax, copy, print, and easily communicate by simply dragging and dropping scans on your PaperPort DesktopNo
KL AntiFunLoveXflcss.exeAdded by the FUNLOVE.4099 VIRUS!No
mule_st_keyXflec006.exeAdded by the BAGLE.AV TROJAN!No
FlenCPYXflencpy.exeFlashEnhancer adwareNo
Flex2K.exeUFlex2K.exeFlexType 2k from Datecs - a program used to read and write in symbolic writing systems such as Cyrillic, Greek and RussianYes
FlexType 2KUFlex2K.exeFlexType 2k from Datecs - a program used to read and write in symbolic writing systems such as Cyrillic, Greek and RussianYes
FlexicdUFlexicd.exeCD player - part of the Win95 Power ToysNo
FlingRunUfling.exeFling - free FTP software from NCH SoftwareNo
jvdnlssnXfljzsshc.exeFlingstone.com adware - and its Golden Palace Casino programNo
[various names]XFLKPT.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
TrendSecure Remote File LockYFLMain.exeTrendSecure Remote File Lock 'protects your most valuable computer files from theft and loss by enabling you to "lock" them remotely from another computer'No
FlnCPYXflncpy.exeFlashEnhancer adwareNo
Flow Go TV?flogotv.exe??No
Microsoft Update DeviceXflolo.exeAdded by a variant of the SPYBOT WORM! See hereNo
flooder @extremeXflooder @extreme.exeDetected by Malwarebytes Anti-Malware as Backdoor.XTreme. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
FLooDNeTXFLooDeR.exeAdded by the ENDOOL TROJAN!No
Microsoft Memory Flow CycleXflowcycle.exeAdded by the IRCBOT.WAD BACKDOOR!No
Microsoft Memory Flow CycleXflowcycles.exeAdded by the WAREZOV.AAK WORM!No
flpsXflps.vbsAdded by the BYRON WORM!No
FlpycntlXflpycntl.exeAdded by the GEMA TROJAN!No
FlashPath MonitorNFLSHSTAT.EXESystem Tray icon that you can't get rid of - and does not need to run!. Tells you the battery status in the floppy disk adapter for the smartmedia cards. Available via Start → ProgramsNo
FlashPath StatusNFLSHSTAT.EXESystem Tray icon that you can't get rid of - and does not need to run!. Tells you the battery status in the floppy disk adapter for the smartmedia cards. Available via Start → ProgramsNo
FLSVCI?FLSVCI.exe??No
Symantec Antivirus professionalXflushdns.exeAdded by a variant of the FORBOT WORM!No
F.luxUflux.exef.lux "makes the color of your computer's display adapt to the time of day, warm at night and like sunlight during the day"No
1ac3148900aa938c1c20844809bbde8aXflv.exeDetected by Dr.Web as Trojan.DownLoader7.2563 and by Malwarebytes Anti-Malware as Trojan.MSILNo
Ask and Record FLV ServiceUFLVSrvc.exePart of Applian Technologies Replay Media Catcher (streaming video and audio/MP3 downloader) and Freecoder (save video and audio from the web and convert to many popular formats - formally known as Ask & Record Toolbar). "Allows the video history tool to save videos you've played from your computer's cache" - see here. As it's based upon the Ask.com tooblar it sets your default search engine to Ask if not uncheckedNo
Freecorder FLV ServiceUFLVSrvc.exePart of Applian Technologies Freecoder (save video and audio from the web and convert to many popular formats - formally known as ak & Record Toolbar). "Allows the video history tool to save videos you've played from your computer's cache" - see here. As it's based upon the Ask.com toolbar it sets your default search engine to Ask if not uncheckedNo
NotFautXflxper.exeAdded by the SDBOT-AGZ WORM!No
FlyswatDesktopXflydesk.exeAdvertising spywareNo
Dell 968 AIO PrinterUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell 968 AIO printerNo
Dell 968 AIO Printer Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell 968 AIO printerNo
Dell AIO Printer 948Ufm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell AIO Printer 948No
Dell AIO Printer 948 Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell AIO Printer 948No
Dell V310-V510 SeriesUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell V310-V510 Series AIO printersNo
Dell V310-V510 Series FaxServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell V310-V510 Series AIO printersNo
Dell V505Ufm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell V505 AIO printerNo
Dell V505 Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell V505 AIO printerNo
Dell V715w Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Dell V715W AIO printerNo
FaxCenterServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Incorporated into software by Lexmark, MCI, Lotus, My Software, Broderbund, Traffic Software and many othersNo
FaxCenterServer4_in_1Ufm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Incorporated into software by Lexmark, MCI, Lotus, My Software, Broderbund, Traffic Software and many othersNo
Lexmark 4200 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 4200 Series AIO printerNo
Lexmark 5000 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 5000 Series AIO printerNo
Lexmark 5300 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 5300 Series AIO printerNo
Lexmark 5400 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 5400 Series AIO printerNo
Lexmark 5600-6600 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 5600-6600 Series AIO printersNo
Lexmark 6500 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 6500 Series AIO printerNo
Lexmark 7500 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 7500 Series AIO printerNo
Lexmark 7600 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 5400 Series AIO printerNo
Lexmark 9300 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 9300 Series AIO printerNo
Lexmark 9500 SeriesUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 9500 Series AIO printerNo
Lexmark 9500 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark 9500 Series AIO printerNo
Lexmark Pro200-S500 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark Pro200-S500 Series Fax Server AIO printerNo
Lexmark Pro700 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark Pro700 Series AIO printerNo
Lexmark Pro800-Pro900 SeriesUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark X5400 Series AIO printerNo
Lexmark S300-S400 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark S300-S400 Series AIO printerNo
Lexmark S800 SeriesUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark S800 Series AIO printerNo
Lexmark X5400 Series Fax ServerUfm3032.exeFaxMan integrates complete fax send and receive support into Windows applications without requiring additional fax software. Bundled version for the Lexmark X5400 Series AIO printerNo
fmbiostXfmbiost.exeAdded by the ONLINEGAMES.AJTI TROJAN!No
FmctrlTrayUFmctrl.EXEGenius SM-Live Control Panel. Enhances audio output through Genius sound cards (makes a big difference and worth the 3MB Ram used)No
run=Nfmedia.exeFMedia FaxWorks related - can be run manuallyNo
FreeMem ProUfmempro.exeFreeMem Professional - "is the world's most popular memory manager and system optimizer on the market with millions of satisfied users"No
Intel Audio Studio V2.0Xfmideploy.exeAdded by the DELF.AZY TROJAN!No
fmnwebassistXfmnwebassist.exeAdware popup generatorNo
fms440Xfms440.exeDetected by McAfee as PWS-Zbot.gen.aru and byMalwarebytes Anti-Malware as Backdoor.AgentNo
fmsbbqiXfmsbbqi.exeAdded by the ONLINEG.IGG TROJAN!No
fmsiocpsXfmsiocps.exeDetected by Trend Micro as TSPY_ONLINEG.CYUNo
fmsjhifXfmsjhif.exeAdded by the ONLINEG.OZN TROJAN!No
FMStartUFmstart.exeGFI FAXmaker - native fax connector for Microsoft Exchange Server or for networks, allows all users to send and receive faxes right from their desktopNo
FMSZXfmsz.exeAdded by the FMSZ TROJAN!No
Alcom PCL Capture?FMW_PCAP.EXE??No
fndfst32Xfndfst32.exeDetected by McAfee as Comame and by Malwarebytes Anti-Malware as Trojan.ComameNo
Fenio StartupsXfnesvc32.exeAdded by the AGOBOT-OS BACKDOOR!No
TOSHIBA AccessibilityUFnKeyHook.exe"Allows you to use the Fn key to create a hot key combination with one of the function keys without pressing the two keys simultaneously as is usually required. Using Accessibility lets you make the Fn key a sticky key, meaning you can press it once, release it, and then press a function key to activate the hot key function"No
fnmwebassistXfnmwebassist.exeWinPL adwareNo
run=Xfntldr.exeCoolWebSearch Tapicfg parasite variantNo
Focus?Focus.exeISDN configuration wizard?No
fOEqVGtijLGLKaXfOEqVGtijLGLKa.exeAdded by the FAKEAV-DTH TROJAN!No
RealP1ayerXfolder.batAdded by the RPLAY.A TROJAN! Note that the name has a number "1" in place of the second lower case "L"No
RealP1ayerXfolder.exeAdded by the RPLAY.A TROJAN! Note that the name has a number "1" in place of the second lower case "L"No
FolderClone v*.*.*Ufolderclone.exeFolderclone backup and synchronization softwareNo
FolderShareUFolderShare.exe"FolderShare allows you to create a private peer-to-peer network that will help you to synchronize files across multiple devices and access or share files with colleagues and friends"No
fsprYFolderShield.exeFolder Shield - hide personal files and foldersNo
Folder ViewUfolderview.exeFolder View enhances the Windows file Explorer by making all folders you need available in a single clickNo
FoneSyncSystemTrayNFoneSyncSystemTray.exeSystem Tray icon for Nokia FoneSync utility for the 7160/7190 mobiles. Useful to send data from/to the cell phone and the computer. You can use it to backup data or even to input data through the computer keyboard (which naturally is much more comfortable). Run manually when requiredNo
FontFixXfontfix.exeAdded by an unidentified VIRUS, WORM or TROJAN!No
fontnavNFontNav.exeFont Navigator from Bitstream Inc. - a font management utilityNo
sysXFonts.exeAdded by the AUTORUN.BUK WORM!No
AdobeFontsXfonts.htaBrowser hijacker - redirecting to Hugesearch.netNo
TrueFontsXfonts.htaBrowser hijacker - redirecting to Hugesearch.netNo
FONTVIEWXFONTVIEW.EXEAdded by the OPASERV.T WORM!No
Fontview32.XFontview32..exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.AI. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Fontview32XFontview32.exeDetected by Dr.Web as Trojan.StartPage.49351 and by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Font ViewerXfontviewer.exeAdded by a variant of the IRCBOT BACKDOOR! See hereNo
FooBar 1.0UFooBar.exeFooBar - "combines fifteen high-quality productivity tools in a single toolbar that floats on your desktop or runs in the Windows task bar"No
foobin lptt01Xfoobin.exeRapidBlaster variant (in a "foo1" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
foobin ml097eXfoobin.exeRapidBlaster variant (in a "foo1" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
Tiny AVXfooding.exeAdded by the NETSKY.I WORM!No
foolXfool.exeAdded by the SILLYFDC.BCV WORM!No
Symantec Antivirus professionalXfor.exeAdded by a variant of the FORBOT WORM!No
ForbesNForbesAlerts.exeForbes Business News Alerts - displays business news headlines in a little window on the screenNo
deejayXforboo.exeAdded by the FORBOT-AY WORM!No
ForceFieldYForceField.exeZoneAlarm ForceField is designed specifically to protect users while they bank, shop or surf dangerous areas of the Internet by creating a virtual "bubble" around their surfing session, protecting their PCs from fraudulent websites, phishing scams, spyware websites and dangerous downloads. Previously available as a stand-alone product, it's now included in all of the ZoneAlarm security products - including Extreme Security, Internet Security Suite and FirewallYes
ISWYForceField.exeZoneAlarm ForceField is designed specifically to protect users while they bank, shop or surf dangerous areas of the Internet by creating a virtual "bubble" around their surfing session, protecting their PCs from fraudulent websites, phishing scams, spyware websites and dangerous downloads. Previously available as a stand-alone product, it's now included in all of the ZoneAlarm security products - including Extreme Security, Internet Security Suite and FirewallYes
ZoneAlarm Browser SecurityYForceField.exeZoneAlarm ForceField is designed specifically to protect users while they bank, shop or surf dangerous areas of the Internet by creating a virtual "bubble" around their surfing session, protecting their PCs from fraudulent websites, phishing scams, spyware websites and dangerous downloads. Previously available as a stand-alone product, it's now included in all of the ZoneAlarm security products - including Extreme Security, Internet Security Suite and FirewallYes
ZoneAlarm ForceFieldYForceField.exeZoneAlarm ForceField is designed specifically to protect users while they bank, shop or surf dangerous areas of the Internet by creating a virtual "bubble" around their surfing session, protecting their PCs from fraudulent websites, phishing scams, spyware websites and dangerous downloads. Previously available as a stand-alone product, it's now included in all of the ZoneAlarm security products - including Extreme Security, Internet Security Suite and FirewallYes
Intel GraphicsXForceOPV5.9.exeDetected by McAfee as Generic BackDoor and by Malwarebytes Anti-Malware as Trojan.MSILNo
[various names]Xforces_elite.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
Form1XForm1.exeDetected by Malwarebytes Anti-Malware as Password.Stealer.LMIR. The file is located in %Windir%No
avnortXformatsys.exeAdded by the SERFLOG.A WORM!No
ltwobXformatsys.exeAdded by the SERFLOG.A WORM!No
serpeXformatsys.exeAdded by the SERFLOG.A WORM!No
FortiClientYFortiClient.exeFortinet security systems are the new generation of real time network protection systemsNo
ViewpointPhotosDeviceConnectUFotomatDeviceConnect.exeRelated to Viewpoint which is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 according to this article. You can remove it via Start → Settings → Control Panel → Add/Remove Programs list...No
fotosXfotos.exeAdded by the BANKER-FP TROJAN!No
Fotos.exeXFotos.exeAdded by the VB-FNB TROJAN!No
FotoStation Easy AutoLaunchNFotoStation Easy AutoLaunch.exeInstalled with a Nikon digital camera. Used to collect photos uploaded from camera program NkVwMon.exe. If your camera is not connected (via USB port) you do not need this program loaded eitherNo
KlassXFouad.exeDetected by Kaspersky as Trojan.Win32.Scar.cnok and by Malwarebytes Anti-Malware as Trojan.VBAgentNo
Foul PXUFoulPX.exeFoul PX, Optusnet usage stat checkerNo
FourthDayUFourthDay.exeThe Fourth Day - "astronomical clock and almanac for your system tray"No
FoWilCoXfowilco.exeAdded by the WOOTBOT.CR WORM!No
JQ8F3MYAXfox.exeDetected by McAfee as PWS-Zbot.gen.zy and by Malwarebytes Anti-Malware as Backdoor.AgentNo
V224618KR60UXfox.exeDetected by McAfee as PWS-Zbot.gen.zy and by Malwarebytes Anti-Malware as Backdoor.AgentNo
W68D00HY5Q20Xfox.exeDetected by McAfee as PWS-Zbot.gen.zy and by Malwarebytes Anti-Malware as Backdoor.AgentNo
foxdhXfoxdh.exeAdded by the GWGHOST-Q TROJAN!No
foxdhXfoxdhend.exeAdded by the MENGHUAN TROJAN!No
foxrxjhXfoxrxjh.exeAdded by the GWGHOST-T TROJAN!No
scrollerXfpapli.exeCoolWebSearch parasite variantNo
FingerPrintSoftwareUfpapp.exeSupports the fingerprint reader on selected IBM/Lenovo Thinkpad notebooksNo
fpassistNfpassist.exePart of FreePDF (was FreePDF XP) - a utility used to create Adobe compatible PDF files from virtually any Windows application. This executable needs to be running when you want to send a printer output to a PDF file via the FreePDF virtual printerYes
FreePDF AssistantNfpassist.exePart of FreePDF (was FreePDF XP) - a utility used to create Adobe compatible PDF files from virtually any Windows application. This executable needs to be running when you want to send a printer output to a PDF file via the FreePDF virtual printerYes
FreePDF_AssistantNfpassist.exePart of FreePDF (was FreePDF XP) - a utility used to create Adobe compatible PDF files from virtually any Windows application. This executable needs to be running when you want to send a printer output to a PDF file via the FreePDF virtual printerYes
Fatpipe DialerUfpdialer.exeDailler for Fatpipe - software enabling high speed internet browsing (2-4 times faster) and internet connection sharing for up to 5 usersNo
FinePrint Dispatcher v4Ufpdisp4.exeFinePrint Dispatcher - handles the spooling of print jobs to the FinePrint printer. Version 4.x of the software. "FinePrint saves ink, paper, time and money by controlling and enhancing printed output"No
FinePrint Dispatcher v4Ufpdisp4a.exeFinePrint Dispatcher - handles the spooling of print jobs to the FinePrint printer. Version 4.x of the software. "FinePrint saves ink, paper, time and money by controlling and enhancing printed output"No
FinePrint Dispatcher v5Ufpdisp5a.exeFinePrint Dispatcher - handles the spooling of print jobs to the FinePrint printer. Version 5.x of the software. "FinePrint saves ink, paper, time and money by controlling and enhancing printed output"No
First Principle Group?fpg.exeRelated to the E-Players Card from First Principle GroupNo
Form Pilot Home virtual printer agentUfphoagent.exeVirtual printer for Form Pilot Home from Two Pilots - a lite version "for filling out one-page electronic and paper forms"No
ExtensionXFPlay.exeDetected by Malwarebytes Anti-Malware as Trojan.Downloader. The file is located in %CommonAppData%\Vextension - see hereNo
Form Pilot Office virtual printer agentUfpoagent.exeVirtual printer for Form Pilot Office from Two Pilots - form filling utility for filling out paper and electronic forms on your computer instead of using a typewriter. With the Office version "you can create special forms for filling in by your customers and partners"No
Form Pilot Office (demo) printing agentUfpoagenttsd.exeVirtual printer for Form Pilot Office from Two Pilots - form filling utility for filling out paper and electronic forms on your computer instead of using a typewriter. With the Office version "you can create special forms for filling in by your customers and partners." Demo versionNo
Form Pilot Pro Trial virtual printer agentUfppagentd.exeVirtual printer for Form Pilot Pro from Two Pilots - which "is basic Form Pilot software for filling out paper and electronic forms on your computer instead of using a typewriter." Trial versionNo
pdfFactory Pro Dispatcher v1Ufppdis1.exeFinePrint pdfFactory Pro Dispatcher - background task which handles the creation of PDF files when you print to the FinePrint pdfFactory PRO printer. Version 1.x of the software. "pdfFactory products offer a unique approach to PDF creation that is simpler, more effective and less expensive than that offered by other programs"No
pdfFactory Dispatcher v1Ufppdis1a.exeFinePrint pdfFactory Dispatcher - background task which handles the creation of PDF files when you print to the FinePrint pdfFactory printer. Version 1.x of the software. "pdfFactory products offer a unique approach to PDF creation that is simpler, more effective and less expensive than that offered by other programs"No
pdfFactory Dispatcher v2Ufppdis2a.exeFinePrint pdfFactory Dispatcher - background task which handles the creation of PDF files when you print to the FinePrint pdfFactory printer. Version 2.x of the software. "pdfFactory products offer a unique approach to PDF creation that is simpler, more effective and less expensive than that offered by other programs"No
pdfFactory Pro Dispatcher v3Ufppdis3a.exeFinePrint pdfFactory Pro Dispatcher - background task which handles the creation of PDF files when you print to the FinePrint pdfFactory Pro printer. Version 3.x of the software. "pdfFactory products offer a unique approach to PDF creation that is simpler, more effective and less expensive than that offered by other programs"No
Warning: do not remove it!Ufpplock.exePart of Folder Password Expert by ZQS Software Team - "a software program to restrict access to the folders that contain your sensitive data"No
Form Pilot Pro virtual printer agentUfppragent.exeVirtual printer for Form Pilot Pro from Two Pilots - which "is basic Form Pilot software for filling out paper and electronic forms on your computer instead of using a typewriter"No
F-PROT Antivirus Tray applicationUFProtTray.exeSystem Tray access to F-PROT AntivirusNo
Terminate PopupXfpuk.exePopup killer - foistware proven to install the Regsvc32 homepage hijackerNo
FPWGMWZD?FPWGMWZD.exe??No
FoolProofYfpwinldr.exe"FoolProof Security" PC security software from SmartStuff - no longer availableNo
Quick StartupYFquick32.exeFor a Nisis G6 USB Graphics Tablet. Re-enables itself if disabled therefore best left aloneNo
GoOutsideXfqwfeq.exeAdded by the RBOT.CRD WORM!No
Winloader microsoftXfqwsnn.exeDetected by Dr.Web as Trojan.DownLoader6.57884No
FrameWork 2.5XFrameWork.exeAdded by the RBOT-FMW WORM! Note - can terminate AV related processesNo
MSFrameworkXFramework.exeDetected by Malwarebytes Anti-Malware as Backdoor.DarkKomet. The file is located in %Temp%\ServiceFrameworkNo
Syswin32Xframework.exeDetected by Dr.Web as Trojan.DownLoader8.15632 and by Malwarebytes Anti-Malware as Trojan.Agent.AINo
EmpoweringTechnology?Framework.Launcher.exePart of Acer Empowering Technology. What does it do and is it required?No
ASDPLUGINXfrance.exeAsdPlug premium rate adult content dialerNo
HELPERXfrance.exeAsdPlug premium rate adult content dialer variantNo
FrapsNFRAPS.EXEFraps® by Beepa Pty Ltd - is "a universal Windows application that can be used with games using DirectX or OpenGL graphic technology". It can show how many Frames Per Second (FPS) you are getting, allow you to take a screenshot with a single keypress or record a videoYes
APPLEMOBILEDEVICEXfrddd.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.APMGen. The file is located in %AppData%No
sysfbtrayXfreddy70.exeAdded by the KOOBFACE.BVM WORM!No
SAFE2008 File Redirection Starter?fredirstarter.exeOlder (2008) version of the Steganos Safe encryption utilityNo
ead7018df7644215400c46501984d528XFree Book Maker.exeDetected by Malwarebytes Anti-Malware as Trojan.MSIL. The file is located in %UserProfile%No
FreeACUFreeAlarmClock.exeFree Alarm Clock by Comfort Software Group - "allows you to set as many alarms as you want. You can set one-time alarms or repeating alarms - activate only from Monday through Friday and give you a chance to sleep on the weekends"No
Freebie NotesNFreebieNotes.exeFreebie Notes by Power Soft - create electronic notes (stickers)No
FreeCallNFreeCall.exeFreeCall - free internet telephony utility using the VoIP (Voice over Internet Protocol). Call online friends for free and regular phones either for free (limited use) or low rates. One of a number provided by Betamax - the others generally have different rate plans. Similar to the more popular SkypeYes
l44sys**XfreecellAdded by the VBS.LIDO WORM - where ** is a number between 1 and 12No
MonstersoundtrayNFreectrl.exeDiamond Multimedia sound card control panelNo
BellSouth Internet SecurityYFreedom.exeBellSouth Internet Security - sourced by Freedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
FreedomYFreedom.exeFreedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
Internet Security SuiteYFreedom.exeVerizon Internet Security Suite - sourced by Freedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
SafeworldYFreedom.exeSafeworld - sourced by Freedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
TELUS Security serviceYfreedom.exeTELUS Security service - sourced by Freedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
Zero Knowledge FreedomYFreedom.exeFreedom from Zero Knowledge, Inc (now Radialpoint). Provides anti-virus, personal firewall, parental controls and a pop-up blocker. Also safeguards your personal information, encrypts your passwords and much more. No longer availableNo
Free DVD DirectNFreeDVDDirect.exeFree DVD Direct - provides a program to access a peer-to-peer (P2P) file-sharing network (see here)No
FreeGo?FreeGo.exeFreeGo by Julien Palier. Translation: "FreeGo offers Free subscribers the ultimate tool to better manage their account"No
FreeGo?FreeGo3.exeFreeGo by Julien Palier. Translation: "FreeGo offers Free subscribers the ultimate tool to better manage their account"No
Free Hide IPUFreeHideIP.exeFree Hide IP - "hide your real IP address for free, anonymize your web surfing, keep your computer safe from hacker attacks and other risks, all with a single click"No
Free Key LoggerUfreekeylogger.exeFree Key Logger keystroke logger/monitoring program - remove unless you installed it yourself!No
FreeListenNFreeListenUpdate.exeUpdates for the Korean "Free Listen" music player. Detected by Malwarebytes Anti-Malware as PUP.KorAd - remove it unless you installed it yourselfNo
Memory ServiceXfreememory.exeAdded by the RBOT.GEN WORM!No
freemiXfreemiUp.exeDetected by Malwarebytes Anti-Malware as Adware.Nieguide. The file is located in %ProgramFiles%\freemiNo
FreeRAM XPUFreeRAM XP Pro *.exeFreeRAM XP Pro - memory optimizer where * represents the versionNo
FreeRAM XPUFreeRAM XP Pro.exeFreeRAM XP Pro - memory optimizerNo
BySoft FreeRAMUFreeRAM.exe"Bysoft FreeRAM is a program that frees up ram manually or automatically. It shows current memory status, memory load and CPU usage graphically"No
MicroSoft OneCareXFreeS3x.exeAdded by the SDBOT-DJT WORM!No
Spyware BegoneUfreescan.exeSpyware BeGone - spyware remover. Previously not recommended, see hereNo
Spyware VanisherUFreeScanner.exeSpyware Vanisher - spyware remover. Previously not recommended, see hereNo
WinsystemXFreevideo5.EXEAdded by the AGENT.FZS WORM!No
freizerXfreizer.exeDetected by McAfee as RDN/Generic.bfr!cc and by Malwarebytes Anti-Malware as Trojan.AgentNo
Test321Xfresdg.exeAdded by the HAMWEQ.DD WORM! See hereNo
freshclamNfreshclam.exeAuto update agent of the open source Clamwin virus scannerNo
Fresh DesktopUfreshdesktop.exeFresh Desktop is a utility that lets you manage vast collections of wallpapers for your desktop with ease. When run on bootup it changes the desktop wallpaper at startup or at specified intervalsNo
freshUIUfreshui.exePart of Fresh UI from Freshdevices.com - "a fresh solution for configuring and optimizing Windows." This entry is added if you select any of the "on logon" options under "Covering Your Track" for "Clear Explorer History" and "Clear Internet Explorer History" and will have one or more numbers between 0 and 17 appended to the filename depending upon the option(s) selected. Once run it will exitYes
FUIClearHisUfreshui.exePart of Fresh UI from Freshdevices.com - "a fresh solution for configuring and optimizing Windows." This entry is added if you select any of the "on logon" options under "Covering Your Track" for "Clear Explorer History" and "Clear Internet Explorer History" and will have one or more numbers between 0 and 17 appended to the filename depending upon the option(s) selected. Once run it will exitYes
FridaysInHellInstaller?FridaysInHellInstaller.exe??No
What FrenzXFriendEQUALsuX.exeAdded by the BHARAT.A WORM!No
Raymond presentXfriska_w32.exeAdded by the RUBBLE-C WORM!No
Windows FrameworkXfrmwrk.exeAdded by the DWNLDR-GWV TROJAN!No
Framework WindowsXfrmwrk32.exeAdded by the FAKEAV-KS TROJAN!No
Windows Frame WorksXfrmwrks32.exeAdded by the AGOBOT.ACM WORM!No
FG1_00Ufrntgate.exeFrontGate MX - e-mail spam blockerNo
Free Ram OptimizerUfro.exeRam Optimizer "monitors your memory and frees up memory if it falls below a certain minimum level"No
HP_runnerXfront.exeAdded by the SILLYFDC WORM!No
FrostWire On StartupNFrostWire.exeFrostWire peer-to-peer (P2P) file-sharing client. As all peer-to-peer file-sharing clients are used to distribute large amounts of data between multiple users make sure you have good, up-to-date virus protection and check any downloads. Note that by default FrostWire installs the Ask.com toolbar which can be avoided (see here)No
FrskXfrsk.exeUnidentified adware downloader trojanNo
FRW_EXEYFRW.EXEConSeal Signal9 firewall - now McAfee Personal firewallNo
frxmxinsYfrxmxins.exeATI 3D Studio MAX/VIZ driverNo
DepFrezUfrzstate.exeDeep Freeze from Faronics Coporation. "Freezes" the current software configuration so that an a re-boot all changes made refer back to their original settings. Not required for most users - more likely to be used by system administrators, for exampleNo
freesurferUfs20.exeEMS Free Surfer - pop-up stopperNo
FS6519XFS6519.dll.vbsAdded by the SOLOW.B WORM!No
fsaaYfsaa.exeF-Secure antivirus Authentication Agent - creates and stores private keys used by a client to access serversNo
gadkgak12Xfsafsakx12.exeAdded by the ONLINEG-N TROJAN!No
akgkagaksad9Xfsakfask9.exeAdded by the ONLINEG-M TROJAN!No
FSCBossNFSCBoss.exeFree Store Club shop online softwareNo
FSDPSRV?FSDPSRV.exe??No
dasxdadsXfsdqd.exeAdded by the GAOBOT.BIQ WORM!No
Fdaemon securityXfsecur.exeAdded by the SDBOT.KXO WORM!No
fsservUfserv.exeFarsighter Server - monitors a remote computer invisibly by streaming video to a viewer on your computer. You will know exactly what is happening on the remote computer as you see it in real-timeNo
DirectX for Microsoft WindowsXFservice.exeAdded by the PRORAT TROJAN!No
DirectX For Microsoft® WindowsXfservice.exeDetected by Sophos as Troj/Prorat-L and by Malwarebytes Anti-Malware as Backdoor.AgentNo
DirectX For Microsoft® WindowsXfservice.exeAdded by the PRORAT-P TROJAN!No
Windows Reg ServicesXfservice.exeAdded by the PRORAT-D TROJAN!No
afskfask8Xfsfjasj8.exeAdded by the ONLINEG-L TROJAN!No
F-Secure ManagerYFSM32.EXEF-Secure antivirus - carry out scheduled virus scans automaticallyNo
F-Secure Management AgentUFSMA32.EXEF-Secure antivirus - F-Secure Policy Manager provides tools for administering F-Secure software productsNo
fspUfsp.exeFolder Shield - hide entire directories and thus prevent access by anyone else to your personal files and documentsNo
Charter High-Speed Security SuiteYfspex.exeCharter High-Speed Security Suite - security software in collaboration with F-SecureNo
F-Secure 2006Yfspex.exeF-Secure Anti-Virus automatic updaterNo
fspuipUfspuip.exeSupports the Sentelic Finger Sensing Pad (FSP) pointing device used in notebook touchpads, for exampleNo
serjfsdXfsrjsdks.exeAdded by the VBCHEMAN-A MALWARE!No
wificompressorXfsrun.exeAdded by the BANKER-FHY TROJAN!No
Windows LiveXfsrun.exeDetected by Sophos as W32/Stratork-ANo
FSScrCtlNFSScrCtl.exeScreen saver control applet used by the "Stardust Screen Saver Toolkit", SolidWorks and Hubble Space Telescope screen savers (and possibly others). Lets you control your installed screensavers from a System Tray iconNo
Screen Saver ControlNFSScrCtl.exeScreen saver control applet used by the "Stardust Screen Saver Toolkit", SolidWorks and Hubble Space Telescope screen savers (and possibly others). Lets you control your installed screensavers from a System Tray iconNo
Family SafetyXfsssvc.exeDetected by McAfee as Ransom and by Malwarebytes Anti-Malware as Trojan.Agent. Note - this is not the legitmate Windows Live Family Safety Service (fsssvc.exe) which runs a service and is located in %ProgramFiles%\Windows Live\Family Safety. This one is located in %LocalAppData%\GoogleNo
fssuiUfssui.exeSystem Tray access to and notifications from Windows Live OneCare Family Safety - part of the Live OneCare range and now superseded by Windows Live Family Safety which is part of Windows Live Essentials. Allows you to decide how your kids experience the Internet by limiting searches, monitoring and blocking/allowing websites and deciding who your kids can communicate with in Messenger or Hotmail. Note - disabling this entry does not disable Family Safety and prevent it monitoring a users activity or restricting accessYes
Windows Live™ OneCare™ Family SafetyUfssui.exeSystem Tray access to and notifications from Windows Live OneCare Family Safety - part of the Live OneCare range and now superseded by Windows Live Family Safety which is part of Windows Live Essentials. Allows you to decide how your kids experience the Internet by limiting searches, monitoring and blocking/allowing websites and deciding who your kids can communicate with in Messenger or Hotmail. Note - disabling this entry does not disable Family Safety and prevent it monitoring a users activity or restricting accessYes
F-Secure Startup WizardYFSSW.EXEF-Secure antivirusNo
fssuiUfsui.exeSystem Tray access to and notifications from Windows Live Family Safety - optionally installed as part of Windows Live Essentials. "With Family Safety, you decide how your kids experience the Internet. Limit searches, monitor and block or allow websites, and decide who your kids can communicate with in Windows Live Spaces, Messenger, or Hotmail". Note - disabling this entry does not disable Family Safety and prevent it monitoring a user's activity or restricting accessYes
fsuiUfsui.exeSystem Tray access to and notifications from Windows Live Family Safety - optionally installed as part of Windows Live Essentials. "With Family Safety, you decide how your kids experience the Internet. Limit searches, monitor and block or allow websites, and decide who your kids can communicate with in Windows Live Spaces, Messenger, or Hotmail". Note - disabling this entry does not disable Family Safety and prevent it monitoring a user's activity or restricting accessYes
Windows Live Family Safety FilterUfsui.exeSystem Tray access to and notifications from Windows Live Family Safety - optionally installed as part of Windows Live Essentials. "With Family Safety, you decide how your kids experience the Internet. Limit searches, monitor and block or allow websites, and decide who your kids can communicate with in Windows Live Spaces, Messenger, or Hotmail". Note - disabling this entry does not disable Family Safety and prevent it monitoring a user's activity or restricting accessYes
FSWXFSW.exeFreeScratchAndWin parasiteNo
SysDesktopXfswanQQ.exeAdded by the QQSEND-A TROJAN!No
FSWebServerUfsws.exeEasy File Sharing Web Server is a Windows program that allows you to host a secure peer-to-peer and web-based file sharing system without any additional software or servicesNo
[various names]Xftbar.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
Family Tree Builder UpdateNFTBCheckUpdates.exeAutomatic updates for the Family Tree Builder genealogy application from MyHeritageNo
GilatFTCYftc.exeFor Gilat Communications internet satellite systems - associated with SkyBlaster modem. Required if you have this systemNo
FaxTalk CallControl 6.0NFTClCtrl.EXEThis allows the software to handle incoming and outgoing communications without requiring the FaxTalk Communicator application to be loaded into memory. Can be started manuallyNo
CallControlNftctrl32.exeFaxTalk Messenger Pro is a Windows TAPI based 32-bit application. When installed, the software automatically loads FaxTalk CallControl when you start Windows. When FaxTalk CallControl is running, any TAPI compliant application can request to use the modem from WindowsNo
anycom bluetooth?ftflauncher.exeAssociated with an Anycom bluetooth wireless card. What does it do and is it required?No
fXftkclean.exeFlashEnhancer adwareNo
ftkXftkclean.exeFlashEnhancer adwareNo
FtkCPYXftkcpy.exeFlashEnhancer adwareNo
FtLnSOP_setupUFtLnSOP.exeFujitsu scanner utilityNo
FTMSFLT(USB)UFTMSFLTU.EXEFujitsu's Touch Panel Message NotifierNo
NetOnHoldUFTNOHMgr.EXE"FaxTalk NetOnHold 1.5 works with the Modem-On-Hold capabilities found in V.92 modems to provide the ability to place an Internet connection "on hold" and receive incoming calls or place outgoing calls"No
MSFWAVTSMXFTPDev.exeAdded by the RBOT-ACF WORM!No
FTPManagerNFTPDM.exe"Robust FTP is a Windows-based file transfer client application that transfers files between a user's local PC and another, remote computer system connected via a modem and telephone lines or by a local-area network (with upload transfer resume and download transfer resume)". Can be started manuallyNo
ATI Video Driver ControlXftpex.exeAdded by the BZUB.FAS TROJAN!No
FTPGraberXFTPGraber.exeAdded by the DLOADER-DT TROJAN!No
Kernel FaultsXftphost.exeDetected by Trend Micro as WORM_RBOT.BHUNo
irwftpXftpmon.exeAdded by the BANCBAN-BO TROJAN!No
ftpqueueUftpqueue.exeSystem Tray access for managing FTP transfers via an older version of WS_FTP Pro from IpswitchNo
FtpqueueUFtpsched.exeScheduling service for FTP transfers via an older version of WS_FTP Pro from Ipswitch. Runs as a service in Vista/XP/2K and loads via the "RunServices" registry key in WinMe/98No
FtpServer.exe?FtpServer.exePart of the Sharpdesk from Sharp Electronics. "A desktop-based, personal document management application that lets users browse, edit, search, compose, process, and forward both scanned and native electronic documents". What does it do and is it required?No
FTP FOR WINDOWSXftpwin32.exeAdded by a variant of Win32/RbotNo
BMail InstallationNFTP_back.exePart of iMesh - a file sharing system. Reported by Norton AntiVirus as a trojan. Once deleted does not prevent file sharing working. Older versions of iMesh re-instate this but the newer versions do notNo
%FP%012-L2TP fts.exeNfts.exe012.Net.il Israeli ISP software front-endNo
%FP%1776 Internet fts.exeNfts.exe1776 Internet US ISP software ISP software front-endNo
%FP%AIRTEL fts.exeNfts.exeBharti Airtel Broadband - Indian ISP software front-endNo
%FP%Barak013 fts.exeNfts.exeBarak013 Israeli ISP software front-endNo
%FP%Friendly fts.exeNfts.exeFriendly ISP software front-endNo
FlexType 2KUFType2K.exeFlexType 2k from Datecs - a program used to read and write in symbolic writing systems such as Cyrillic, Greek and RussianNo
WINDOWS FUCK BY CLASICXfuck.exeAdded by the ZOTOB.H or ZOTOB.J WORMS!No
fuckXFuck.scrDetected by Malwarebytes Anti-Malware as Backdoor.Agent. The file is located in %Windir%\fuckNo
superXfuckbx.exeAdded by the LINEAGE-H TROJAN!No
FuckD3w4XFuckD3w4.exeAdded by the BRONTOK-DI WORM!No
system32xXfuckeando.exeDetected by Symantec as W32.HLLW.Vicety and by Malwarebytes Anti-Malware as Worm.VicetyNo
FuckerXfucker.vbsAdded by the CATCHER-A WORM!No
.NET.XFUD.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.DF. The file is located in %System%No
Microsoft Windows XP (Versão 5.1)Xfudencio.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %Root%\linziopNo
halitXfuduj.exeAdded by the SDBOT.ATR WORM!No
FUFAXRCVUFUFAXRCV.exeEpson fax utility for some of their AIO printersNo
FUFAXSTMNFUFAXSTM.exeEpson fax utility for some of their AIO printersNo
NTSF MICROSOFT SYSTEMXfufffy.exeDetected by Sophos as W32/Rbot-AEL and by Malwarebytes Anti-Malware as Backdoor.BotNo
TPM Cryptographic Thread UpdateXfuikthalaccp\qpgjiqi.exeDetected by McAfee as RDN/Generic.grp!bg and by Malwarebytes Anti-Malware as Trojan.Agent.FFNNo
fukerserviceXfukerz.exeAdded by the SPYBOT.GD WORM!No
reg_keyXFUKULAMER.exeAdded by the BEAGLE.AH WORM!No
ASDPLUGINXfullgames.exeAsdPlug premium rate adult content dialerNo
JavaSunKitXfullkit.exeDetected by Dr.Web as Trojan.Proxy.24016 and by Malwarebytes Anti-Malware as Trojan.Agent.JVNo
x64proXfullsx.exeAdded by the SMARPIYASA.B TROJAN!No
Microsoft DLLXfumeta.exeAdded by the RBOT-AUG WORM!No
FunXFun.exeDetected by Sophos as W32/VB-DZENo
FunyMallXFunyMallUpdate.exeFunyMall adwareNo
ID-CHANGERXFurv.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.DI. The file is located in %ProgramFiles%\KpteNo
startkeyXfurzi.exeAdded by the BIFROSE-OK TROJAN!No
FusionHdtvTrayNFusionHdtvTray.exeFusionTrayAgent - main executable for DVICO FusionHDTV software. It adds an icon to system tray that allows you to easily access Fusion HDTV softwareNo
FusionTrayAgentNFusionHdtvTray.exeFusionTrayAgent - main executable for DVICO FusionHDTV software. It adds an icon to system tray that allows you to easily access Fusion HDTV softwareNo
FusionRCUFusionRC.exeRemote control manager for DVICO FusionHDTVNo
FusionRemoteUFusionRc.exeRemote control manager for DVICO FusionHDTVNo
Userinterface ReporterXfuuuucktttttt.exeAdded by the MYTOB-DK WORM!No
FUXFUvirus.exeAdded by the VB-EJC TROJAN!No
(Default)Xfvdfb.exeDetected by Malwarebytes Anti-Malware as Trojan.Downloader. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %LocalAppData%No
fvekXfvek.exeAdded by the DRIVOL-A TROJAN!No
FveNotifyYfveNotify.exeWindows Vista - BitLocker Drive Encryption Notification Utility. Available with Enterprise and Ultimate versions of Vista, "BitLocker prevents a thief who boots another operating system or runs a software hacking tool from breaking Windows Vista file and system protections or performing offline viewing of the files stored on the protected drive" - see hereNo
Find Virus Launch ProgramYfvlaunch.exePart of Dr. Solomon's AntivirusNo
Norton Antivirus AVXFVProtect.exeDetected by Symantec as W32.Netsky.P@mm. Note - this is not the popular Norton anti-virus softwareNo
Microsoft Driver SetupXfvrgmt.exeDetected by McAfee as PWS-Spyeye.aj and by Malwarebytes Anti-Malware as Worm.PalevoNo
Microsoft Firewall 2.9XFW-[9 random digits].exeAdded by variants of the AGENT-QWP TROJAN! Example filenames include FW-926056545.exe, FW-241043244.exe, FW-516217385.exe and FW-888349494.exeNo
FW ManagerXfwcheck.exeAdded by the DELBOT-H WORM!No
hp 1000 firmware?fwdl.exeHP LaserJet 1000 related. Is it a driver or automatic firmware update (based upon the filename)?No
UpdateFW?fwdload.exeAppears to be firmware update software for a Network Associates ATMbook OC-3 SMF Interface Module?No
FWDMON.EXEXfwdmon.exeAdded by the PROXY-S TROJAN!No
FRITZ!webProtectUFwebProt.exeFirewall included in FRITZ! ISP DSL softwareNo
fwenc.exeYfwenc.exeCheck Point SecuRemote VPN client - "dynamic and fixed IP addressing for all ISP services - dial-up, cable modem, or DSL - the ideal solution for telecommuters and mobile workers"No
All Sea web linkXFWLink.exeFree screensaver, installs lots of foistware - remove itNo
Dilberttest3 web linkXFWLink.exeFree screensaver, installs lots of foistware - remove itNo
msfirewall32XFWMs32.exeAdded by the PROXY-AA TROJAN!No
%FP%012-L2TP FWPortal.exeUFWPortal.exe012.Net.il Israeli ISP dial-up softwareNo
%FP%1776 Internet FWPortal.exeUFWPortal.exe1776 Internet US ISP dial-up softwareNo
%FP%Barak013 FWPortal.exeUFWPortal.exeBarak013 Israeli ISP dial-up softwareNo
Fwr Command ModuleXfwr.exeAdded by the SDBOT-PP WORM!No
fwrastrcNfwrastrc.exeDial-up software for Friendly Technologies/1NationOnLine free ISPNo
fwserviceUfwservice.exeFirewall function of eAcceleration Stop-Sign security software - previously not recommended (see here). It has now been delisted, so make sure you have the latest version - hence the "U" recommendationNo
LGODDFUUfwupdate.exeAuto firmware update program for LG Electronics CD-ROM/DVD writerNo
firewallXfw_304.exeAdded by the BDOOR-JQ BACKDOOR!No
fxredirUfxredir.exeCanon MultiPASS fax redirectorNo
Microsoft Security ControlersXfxsecues.exeAdded by a variant of W32/Sdbot.wormNo
Windows UDP Control CenterXfxstaller.exeDetected by Sophos as Troj/Agent-IEENo
Windows UDP Control CenterXfxsteller.exeAdded by the IRCBOT-J BACKDOOR!No
testestXfxxxh.exeAdded by the SDBOT-MK WORM!No
NTSF Microsoft SystemXfylez.exeDetected by Malwarebytes Anti-Malware as Backdoor.Bot. The file is located in %System%No
fyncaqigpicqXfyncaqigpicq.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
NasisoXfyowewd.exeDetected by Malwarebytes Anti-Malware as Trojan.FlyStudio. The file is located in %Windir%No
fyruretpubriXfyruretpubri.exeDetected by McAfee as PWS-Zbot.gen.ari and by Malwarebytes Anti-Malware as Trojan.Agent.USNo
fzee7szkXfzee7szk.exeDetected by McAfee as Generic PWS.y and by Malwarebytes Anti-Malware as PasswordStealer.Tibia. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
qfqqzaXfzqw.exeAdded by the SDBOT-EL WORM!No
3feb1dd2ad865b6c315e43e33049579eXfzzh.exeDetected by Malwarebytes Anti-Malware as Trojan.Agent. The file is located in %Temp%No

Notes & Warnings

If you can help identify new entries and verify/identify those entries with a "?" status (especially hardware specific - such as laptops and motherboards) then please E-mail us (startups_at_pacs-portal_dot_co_dot_uk).

"Status" key:

Variables:

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. We will not be held responsible if changes you make cause a system failure.

WARNING: This is NOT a database of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a database of start-up applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at start-up. For a list of tasks/processes you should try the Process Library from Uniblue, the list at PC Pitstop or one of the many others now available. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSConfig or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

To avoid the database becoming too large, all malware entries are only shown using the registry version which is common to all Windows versions. Otherwise there would be multiple entries for popular filenames that viruses often use - such as "svchost.exe" above for example. Multiple malware can also use the same start-up entries, in this case only those with significant differences (such as file location) are repeated in this database.

As more than 15K entries in this database related to malware you should use a quality internet security package. Which ever you choose, keep it updated and get the latest version at least every two years.

There are a number of virus and malware entried listed in this database where specific removal instructions haven't been given. If this is the case then you could try ComboFix, a program written by sUBs that can remove many different types of Trojans and Worms. See here for a tutorial on how to use the program

NOTE: A number of entries are repeated due to the way that different operating systems display startup items. For example, WinMe lists "POPROXY.EXE" as "Norton eMail Protect" in both MSCONFIG and the registry whereas WinXP lists it as "Poproxy" in MSCONFIG and "Norton eMail Protect" in the registry.

SERVICES: "Services" from the NT/2K/XP/Vista/7 operating systems are not included. We fully understand that some programs with these OS's use "Services" as an alternative to load their component parts at startup but these are handled in a different way. We recommend you try BlackViper for information on services for the relevant operating systems.

Copyright

Presentation, format & comments Copyright © 2001 - 2012 Pacman's Portal
Portions Copyright © Peter Forrest, Denny Denham, Sylvain Prevost, Tony Klein, CastleCops & Bleeping Computer
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home