Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Windows startup programs - Database search

If you're frustrated with the time it takes your Windows 10/8/7/Vista/XP PC to boot and then it seems to be running slowly you may have too many programs running at start-up - and you have come to the right place to identify them. This is the original start-up programs (as opposed to processes/tasks) list - one of the most accurate and comprehensive. Services are not included - see below. For further information on this and how to identify and disable start-up programs please visit the Introduction page.

See here for further information on random entries - which are typically added by viruses and other malware or unwanted programs.

Last database update :- 31st January, 2017
50984 listed

You can search for any of the following terms to find and display entries in the start-up programs database but the minimum search is 3 characters and you must click on the "Search" button. Results are sorted by the Startup Item/Name field.

Alternatively, you can browse the full database (without the search facility) over a number of pages or you can use the alphabetical index below to list the entries for that letter by the Command/Data field, but the results may take longer to appear due to the number of them:

A | B | C | D | E | F | G | H | I | J | K | L | B | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

NOTE: Searching for common words (i.e. "the" or "where") will mean the results take longer to appear due to the number of them.

Please click on the Search button

849 results found for G

Startup Item or Name Status Command or Data Description Tested
VGAUtilUG-VGA.exeGigabyte VGA Utility - access card options (application needs to be run at startup, but is not system critical)No
g.exeXg.exeAdded by the GRAYBIRD.Q TROJAN!No
Gadu-GaduXg.g.exeDetected by Malwarebytes as Trojan.Agent.GG. Note - do not confuse with the legitimate Polish language Instant Messaging client who's filename is "gg.exe" and the file is located in %Temp%No
G0mezXG0mez.vbsDetected by Symantec as VBS.Gormlez@mmNo
GoToAssist Express CustomerUg2ax_service.exeCitrix GotoAssist Express - "provides you with live-support capability. Easily view and control your customers' computers online to quickly resolve their technical issues." End customer's versionNo
GoToAssist Express ExpertUg2ax_start.exeCitrix GotoAssist Express - "provides you with live-support capability. Easily view and control your customers' computers online to quickly resolve their technical issues." Support expert's versionNo
GoToMeetingUg2mstart.exeCitrix GotoMeeting - web conferencing and online meeting tool which "allows you to host an online meeting with up to 15 people - so you can do more and travel less"No
GoToMyPCUg2svc.exeCitrix GoToMyPc - web-based remote-access solution that allows individuals and companies to register their computers online and then securely access those computers from any web browserNo
USB-G31 UtilityUG31UI.exeAsus USB-G31 802.11g Wireless USB Adapter configuration utilityNo
EasyPhotoEdit EPM SupportUg3medint.exeEasyPhotoEdit toolbar - powered by the MyWebSearch or Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\EasyPhotoEdit_g3\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove it, removal instructions hereYes
WindowsStartXG54MGQOYKC.exeDetected by Kaspersky as Trojan.Win32.VBKrypt.cjbj. The file is located in %AppData%No
aetgrshjtyjdXg58het6h.exeDetected by Intel Security/McAfee as RDN/Spybot.bfr!a and by Malwarebytes as Backdoor.AgentNo
BPServerNG6FTPSrv.exeBulletProof FTP ServerNo
G6FTP Server Tray MonitorUG6FTPTray.exeSystem Tray monitoring tool for Gene6 FTP Server - "an advanced FTP server software for Windows developed specifically for security and high performance requirements"No
WindowsXG9DjT9Dj.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserTemp%No
d5jxXg9wsxg.exeAdded by the AGENT-REO TROJAN!No
ga6pcwXga6pcw.exePart of the AVSystemCare rogue security software and other members of this family. See here for more examplesNo
[various names]Xgabber.exeFake startup entry created by the Wareout rogue spyware and dialer remover - not recommended, removal instructions here. Archived version of Andrew Clover's original pageNo
gacXgac.exePart of VirusVakt, Swedish rogue security software - not recommended. A member of the AVSystemCare familyNo
GACService?GACService.exeRelated to a Gemplus (now Gemalto) product. The file is located in %ProgramFiles%\Gemplus\GAC. What does it do and is it required?No
gadcomXgadcom.exeDetected by Sophos as Troj/Agent-HICNo
hpSdwxmarkXGaddw.exeAdded by the SDBOT-RB WORM!No
Wins Loader5XGadu-Gadu.exeAdded by a variant of the IRCBOT TROJAN! Note - doe not confuse with the Polish language Instant Messaging client also called Gadu-GaduNo
Gadu-GaduXgadu-gadu.exeDetected by Dr.Web as Trojan.MulDrop5.48437 and by Malwarebytes as Trojan.Agent.GG. Note - do not confuse with the Polish language Instant Messaging client also called Gadu-Gadu which has the filename "gg.exe"No
System32RootXGadu-Gadu.exeAdded by a variant of the IRCBOT TROJAN! Note - doe not confuse with the Polish language Instant Messaging client also called Gadu-GaduNo
gaf.batXgaf.batDetected by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
gah95on6Xgah95on6.exeShopAtHome/SAHagent adwareNo
gaimUgaim.exeGaim (now Pidgin) "is a chat program which lets you log in to accounts on multiple chat networks simultaneously. This means that you can be chatting with friends on MSN, talking to a friend on Google Talk, and sitting in a Yahoo chat room all at the same time"No
Windows Firewall ManagerXgalaxy.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.46412 and by Malwarebytes as Backdoor.AgentNo
GalleryPlayerCM?GalleryPlayerCM.exeRelated to GalleryPlayer by RGB Labs - "Discover the easiest way to acquire, organize and display the world's finest art and photography: with GalleryPlayer you can own high definition art and photography from the world's finest museums and galleries." No longer available - is it required?No
GalleryPlayerDM?GalleryPlayerDM.exeRelated to GalleryPlayer by RGB Labs - "Discover the easiest way to acquire, organize and display the world's finest art and photography: with GalleryPlayer you can own high definition art and photography from the world's finest museums and galleries." No longer available - is it required?No
USBHWDRVXgam.exeAdded by a variant of the LOWZONE-I TROJAN!No
adobeXgam.exeAdded by unidentified malware. The file is located in %Windir%No
GamaxXgamax.exeDetected by Malwarebytes as Spyware.Password. The file is located in %AppData%\RuavxNo
MS-ConnectXgame.exeMS-Connect - Switch dialer and hijacker variant, see here. Also detected by Kaspersky as Trojan.Win32.Dialer.ddNo
MicrosoftXGame.exeDetected by Dr.Web as Trojan.DownLoader7.11541 and by Malwarebytes as Trojan.Agent.MSGenNo
Microsoft Security Monitor ProcessXgame.exeDetected by Kaspersky as Net-Worm.Win32.Kolab.c and by Malwarebytes as Trojan.Downloader. The file is located in %Windir%No
Win32XGame.exe.vbsAdded by the SCAFENE WORM!No
WT GameChannelNGameChannel.exeWildTangent GameChannel - notification of new games, quick access to games and fast and easy game downloads. Note that WildTanget's privacy policy used to state that they also collect and share individuals information but this is no longer the caseNo
GameChannelNGameChannel.exeWildTangent GameChannel - notification of new games, quick access to games and fast and easy game downloads. Note that WildTanget's privacy policy used to state that they also collect and share individuals information but this is no longer the caseNo
GamecomSoundUGameCom780.exeSupport for the Plantronics GameCom 788 and GameCom 780 USB gaming headset which "transforms standard audio into a stunning 7.1 surround sound experience"No
WildTangent CDA?GameDrvr.exe [path] cdaEngine0500.dllPart of the WildTangent on-line games system. What does it do and is it required?No
gameflakeSAXgameflakeSA.exeDetected by Malwarebytes as Adware.HotBar.CP. The file is located in %AppData%\gameflakeSA\bin\[version]No
GameforgeLiveXGameforgeLive.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!tn and by Malwarebytes as Backdoor.Agent.DCE. Note - this is not the legitimate Gameforge Live online gaming platform - which is normally located in %ProgramFiles%\GameforgeLive. This one is located in %LocalAppData%No
GameforgeLiveNGameforgeLive.exeGameforge Live online gaming platform. "With it, all of your games will be just a click away. Gameforge Live will keep you up to date with automatic updates and current news"No
Game HouseXGameHouse.exeDetected by Sophos as W32/Delf-DRANo
GameHug ArcadeUGameHugArcade.exeGameHug Arcade. Detected by Malwarebytes as PUP.Optional.GameHugArcade. The file is located in %AppData%\GameHugArcade\GameHug Arcade. If bundled with another installer or not installed by choice then remove itNo
GameHugArcadeAppUGameHugArcadeApp.exeGameHug Arcade. Detected by Malwarebytes as PUP.Optional.GameHugArcade. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%\GameHugArcade\GameHug Arcade. If bundled with another installer or not installed by choice then remove itNo
MaplomUGameJackal.exeOlder version of Game Jackal Pro from SlySoft, Inc - the latest version runs the Game Jackal Server (GJService) service instead. Game Jackal Pro allows users to play PC games without the need for the original media inserted into the optical drive. It works in a similar way to other utilities which use virtual drives and need large disc images - but it uses a proprietary format which takes up considerable less spaceNo
Microsoft GamesXgamemanager.exeDetected by Trend Micro as WORM_SPYBOT.AHQNo
GameoUgameo.exe gameo.datDetected by Malwarebytes as PUP.Optional.Gameo. Both files are located in %AppData%\Gameo. If bundled with another installer or not installed by choice then remove itNo
FakeUpXgamer.exeDetected by Dr.Web as Trojan.KillProc.22445 and by Malwarebytes as Trojan.AgentNo
Gamer @mail.ruXgamer.exeDetected by Dr.Web as Trojan.KillProc.22445 and by Malwarebytes as Trojan.AgentNo
ASUSGamerOSDNGamerOSD.exeGamerOSD by ASUS - for "real-time overclocking, benchmarking and video capturing in any PC game". Free for ASUS graphics cards, 30-day trial for non-ASUS graphics cardsNo
GameShadowNGameShadow.exeGameShadow is "an advertising-supported software utility that keeps PC gamers up-to-date with patches, game demos, trailers, mods and other content"No
gamesleapSAXgamesleapSA.exeDetected by Malwarebytes as Adware.HotBar.CP. The file is located in %LocalAppData%\gamesleapSA\bin\[version]No
MicrosoftXgamesms.exeDetected by Malwarebytes as Trojan.Agent.MSGen. The file is located in %UserTemp%\driverupdaterNo
gameutil.exeUgameutil.exePart of Redline RegTweak as supplied with Sapphire ATI graphics cards. You can configure different overlclocking settings on a per game basis and this sets those conditions following a re-bootNo
GamevanceXgamevance32.exeDetected by Symantec as GameVance and by Malwarebytes as Adware.Gamevance. Online gaming software that collects anonymous usage information and displays adsNo
GameXLUgamexl.exeGame Accelerator by DefendGate Inc - "is a highly-developed, intelligent program that will assess your PC's hardware and operating environment and optimize it to provide a faster, more stable gaming experience"No
GameXNNGameXNGO.exe"GameXN is dedicated to providing a world class Game channel to the expanding global Skype community"No
GameXN (news)NGameXNGO.exe"GameXN is dedicated to providing a world class Game channel to the expanding global Skype community"No
GameXN (update)NGameXNGO.exe"GameXN is dedicated to providing a world class Game channel to the expanding global Skype community"No
GameXN GONGameXNGO.exeGameXN GO from GameXN AS - is a "FREE app for Windows that allows you to play with Skype friends, play GO games when you don't have an Internet connection, and much more"No
Windows ASN4 ServicesXgamo.exeAdded by the RBOT-EHK WORM!No
system updaterXgampsk.exeDetected by Intel Security/McAfee as RDN/Generic Downloader.xNo
gamuxinpuwuxXgamuxinpuwux.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
gangstaXgangsta.exeDetected by Kaspersky as Backdoor.Win32.Rima.a. The file is located in %System%No
JavaUpdateIsbs##Xgansh.vbsDetected by Malwarebytes as Trojan.Banker.JV - where # represents a digit. The file is located in %Root%\programsystem##No
ganukdyxypyxXganukdyxypyx.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!qi and by Malwarebytes as Trojan.Agent.USNo
ShellXgapp.exeDetected by Malwarebytes as Hijack.Shell. Note - this entry modifies the legitimate HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" value data to point to the file "gapp.exe" (which is located in %MyDocuments%\Userdata)No
UserinitXgapp.exeDetected by Malwarebytes as Hijack.Userinit. Note - this entry modifies the legitimate HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Userinit" value data to point the file "gapp.exe" (which is located in %MyDocuments%\Userdata)No
ScannerXgarant64.exeDetected by Malwarebytes as Ransom.Crysis. The file is located in %AppData%No
Garmin Lifetime UpdaterNGarminLifetime.exeSystem Tray access to the Garmin Lifetime Updater (now superseded by Garmin Express) utility for their range of sat navs which is used to download new maps, update device software, back-up & restore, etcYes
GarminLifetimeNGarminLifetime.exeSystem Tray access to the Garmin Lifetime Updater (now superseded by Garmin Express) utility for their range of sat navs which is used to download new maps, update device software, back-up & restore, etcYes
GartedXGarted.exeDetected by Malwarebytes as Backdoor.Messa. The file is located in %AppData%\GartedNo
windows updaterXgaspci.exeDetected by Dr.Web as Trojan.Siggen2.44523No
gaSrvXgaSrv.exeAdware downloader. Detected by Panda as Downloader.ALQNo
gaSrveXgaSrve.exeAdware downloader. Detected by Panda as Downloader.ALQNo
gataXgata.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!yz and by Malwarebytes as Trojan.Agent.GTNo
HKCUXGating.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\InstallDirNo
HKLMXGating.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\InstallDirNo
GatorXgator.exeGator eWallet password utility. Contains GAIN adware by Claria CorporationNo
Gator eWalletXgator.exeGator eWallet password utility. Contains GAIN adware by Claria CorporationNo
GStartupXGatorRes.dllPart of Gator adware - see here for removal instructions. Gator Corporation later became Claria Corporation, who distributed GAIN adwareNo
Microsoft Windows Vagina ServiceXgavno.exeDetected by Trend Micro as TROJ_COINMINE.YZ and by Malwarebytes as Trojan.MWF.Gen. The file is located in %AppData%\VaginaNo
Google UpdateXgaxpaupdate.exeDetected by Dr.Web as Trojan.StartPage.39196 and by Malwarebytes as Trojan.Agent.ENo
pvieverXGay-Lesbian-Photo.exeDetected by Sophos as Troj/Delf-EYLNo
ShellXGaytor.exe,explorer.exeDetected by Malwarebytes as Hijack.Shell.Generic. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "Gaytor.exe" (which is located in %UserTemp%\Gaytor)No
COM ServiceXgayZZ.exeDetected by Microsoft as Worm:Win32/Randex.FI and by Malwarebytes as Backdoor.BeastDoorNo
Gay_Sexy_**XGay_Sexy_**.exePremium rate adult content dialler (where * is a random char)No
ChromeupdateXGB.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
AdministratorXgbbd.exeDetected by Intel Security/McAfee as RDN/Ransom!eb and by Malwarebytes as Trojan.Agent.GLNo
GbExpBnXGbExpBn.exeDetected by Intel Security/McAfee as RDN/PWS-Banker and by Malwarebytes as Trojan.Banker.MPBNo
UpdateXgbgbgbg.exeDetected by Malwarebytes as Trojan.Injector. The file is located in %AppData%\Microsoft\Windows\Recent\TGTGT - see hereNo
Microsoft Update MachineXgbhglj.exeDetected by Sophos as Troj/IRCBot-ZJ and by Malwarebytes as Backdoor.BotNo
E20124C476AF69Xgbhost.exeDetected by Malwarebytes as Trojan.Banload. The file is located in %LocalAppData%No
GBMPro8AgentYGBMAgent.exeGenie Backup Manager Pro 8 - backup softwareNo
GBMPro9AgentYGBMAgent.exeGenie Backup Manager Pro 9 - backup softwareNo
GBMHome7AgentYGBMAgent.exeGenie Backup Manager Home 7 - backup softwareNo
GBMHome9AgentYGBMAgent.exeGenie Backup Manager Home 9 - backup softwareNo
GBMLite7AgentYGBMAgent.exeGenie Backup Manager Lite 7 - backup softwareNo
GBMLite8AgentLaCieYGBMAgent.exeGenie Backup Manager Lite 8 (LaCie version) - backup softwareNo
GBMPro7AgentYGBMAgent.exeGenie Backup Manager Pro 7 - backup softwareNo
Windows DefenderXGBMCZQPGTT.exeDetected by Intel Security/McAfee as Generic.dx!bgcv and by Malwarebytes as Trojan.Agent.GenNo
GoBackUGBMenu.exeSystem Tray access to Roxio's GoBack system restoration software (before it became Norton GoBack) - which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty, performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag and not required for WinMe/XP users - but recommended for Win9x/NT/2K users. Previously released by Adaptec and Wild FileNo
DriverXgbot.exeAdded by the JUNTADOR.K TROJAN!No
GbPluginSXGbpk.exeDetected by Intel Security/McAfee as RDN/Generic.dx!cqkNo
GbpluginXGbplugin.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %UserProfile%\DesktopNo
(Default)Xgbpm.exeDetected by Trend Micro as TROJ_DLOADR.ZZD. Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blankNo
GoBack Polling ServiceYGBPoll.exePart of Symantec's Norton GoBack system restoration software - which allows you to revert back to a previously working state on your hard drive if you install a new program and your system goes faulty, performing the same functions with extra features as System Restore on XP/Me systems. Provides essential background support services for GoBack. Disable before running Scandisk or Defrag and not required for XP/Me users - but recommended for 2K/NT/9x users. Previously released by Roxio, Adaptec and Wild File. Runs as a service on an NT based OS (such as Windows 10/8/7/Vista/XP)No
(Default)XGbpSv.exeDetected by Dr.Web as Trojan.KillProc.22757 and by Malwarebytes as Trojan.Banker.Gen. Note - this malware actually changes the value data of the "(Default)" key in HKLM\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %ProgramFiles%No
GbPluginKXGbpSvk.exeDetected by Intel Security/McAfee as RDN/Generic.dx!cqkNo
Gbpsv_WibaXGbpsv_Wiba.exeDetected by Sophos as Mal/DelpInj-E and by Malwarebytes as Trojan.Banker.GenNo
Gbpsv_WinBXGbpsv_WinB.exeDetected by Dr.Web as Trojan.DownLoader7.28867 and by Malwarebytes as Trojan.Banker.GenNo
Gbps_dmXGbps_dm.exeDetected by Dr.Web as Trojan.DownLoader7.25733 and by Malwarebytes as Trojan.Banker.GenNo
Gbps_dmrXGbps_dmr.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root%No
Gbps_prmXGbps_prm.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root%No
Gbps_rgXGbps_rg.exeDetected by Sophos as Troj/Banker-FSV and by Malwarebytes as Trojan.Banker.GenNo
Gbps_st2XGbps_st2.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root%No
Gbps_stvXGbps_stv.exeDetected by Intel Security/McAfee as BackDoor-DOQ.gen.w and by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root%No
Gbps_swXGbps_sw.exeDetected by Dr.Web as Trojan.DownLoader7.15273 and by Malwarebytes as Trojan.Banker.GenNo
Gbps_wcontXGbps_wcont.exeDetected by Sophos as Mal/DelpInj-E and by Malwarebytes as Trojan.BankerNo
Gbps_WinBXGbps_WinB.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!fs and by Malwarebytes as Trojan.Banker.GenNo
Gbps_WinB.exeXGbps_WinB.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root%No
Gbps_win_bXGbps_win_b.exeDetected by Malwarebytes as Trojan.Banker.Gen. The file is located in %Root% - see hereNo
gbspsvsXgbspsvs.exeDetected by Malwarebytes as Malware.Tool. The file is located in %Root%\ProgramDataNo
Gbs_gerXGbs_ger.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %Root%No
Gbs_Win08XGbs_Win08.exeDetected by Dr.Web as Trojan.PWS.Banker1.4864 and by Malwarebytes as Trojan.BankerNo
Gbs_WisXGbs_Wis.exeDetected by Dr.Web as Trojan.DownLoader6.12766 and by Malwarebytes as Trojan.BankerNo
GoBackUGBTray.exeSystem Tray access to Roxio's GoBack system restoration software (before it became Norton GoBack) - which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty, performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag and not required for WinMe/XP users - but recommended for Win9x/NT/2K users. Previously released by Adaptec and Wild FileNo
Norton GoBackUGBTray.exeSystem Tray access to Symantec's Norton GoBack system restoration software - which allows you to revert back to a previously working state on you hard drive if you install a new program and your system goes faulty, performing the same functions with extra features as System Restore on WinMe/XP systems. Disable before running Scandisk or Defrag and not required for WinMe/XP users - but recommended for Win9x/NT/2K users. Previously released by Roxio, Adaptec and Wild FileYes
fBvhieXlS2XgBvhieXlS2.exeDetected by Sophos as Troj/Wonton-RP and by Malwarebytes as Trojan.Agent.EDNo
backupXgbywrt.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %LocalAppData%No
GB_Net_ProtectXGB_Net_Protect.exeDetected by Sophos as Troj/Banker-FBZNo
GB_SOURCEXGB_SOURCE.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %Root%No
gCacXgcac.exeDetected by Total Defense as Win32.Tactslay.U. The file is located in %Windir%No
Windows Console MonitorXgcasAV32.exeAdded by the KEDEBE-A WORM!No
MicrosoftAntiSpywareCleanerYgcASCleaner.exeMicrosoft Antipsyware - now superseded by Windows DefenderNo
gcasDtServXgcasDtServ.exeAdded by an unidentified WORM or TROJAN. Note - this is not related to Microsoft Antispyware which has a process bearing the same name which doesn't appear as a startupNo
gcasServYgcasServ.exeGiant Antipsyware - now superseded by Microsoft's Windows DefenderNo
ccAppXgcasServ.exeAdded by a variant of Backdoor:Win32/Rbot. Note - do not confuse with the legitimate Giant Antipsyware (gcasServ.exe) which has now been superseded by Microsoft's Windows Defender. The file is located in %Windir%No
WeatherBlink Browser Plugin LoaderUgcbrmon.exeWeatherBlink toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\WeatherBlink\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
WeatherBlink Browser Plugin Loader 64Ugcbrmon64.exeWeatherBlink toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\WeatherBlink\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
Wireless-G Notebook AdapterYGcc.exeDriver for the Linksys Wireless-G Notebook AdapterNo
GCC Reminder Program?gccrem.exeAssociated with AcraMax Greeting Card Creator. Is it a registration reminder?No
buohxqtfswbXgcjydr.exeDetected by Sophos as Troj/Agent-NRCNo
vmtunerXgclib.exeHijacker - detected by Kaspersky as the SMALL.FH TROJAN!No
Microsoft Update MachineXgcm.exeDetected by Trend Micro as WORM_SPYBOT.ABO and by Malwarebytes as Backdoor.BotNo
WeatherBlink EPM SupportUgcmedint.exeWeatherBlink toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\WeatherBlink\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
gcodec_update.exeXgcodec_update.exeDetected by Emsisoft as AdWare.Kraddare!IK. The file is located in %ProgramFiles%\gCodecNo
gcsligxhtqglpbpbpwbXgcsligxhtqglpbpbpwb.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %AppData%No
WeatherBlink Search Scope MonitorUgcsrchmn.exeWeatherBlink toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\WeatherBlink\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
gcwXgcw.exePart of members of the AVSystemCare family of rogue security software suites. See here for examplesNo
sws.exeXgd-dial.exeDetected by Symantec as Dialer.GlobalDialer and by Malwarebytes as Trojan.GlobalDialerNo
GoogleXGD.exeDetected by Dr.Web as Trojan.DownLoader7.30910 and by Malwarebytes as Trojan.AgentNo
GoogleXGD1.exeDetected by Dr.Web as Trojan.DownLoader10.32551 and by Malwarebytes as Trojan.DownloaderNo
FestplattenReinigerXGDC.exeFestplattenReiniger, German rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
PC Drive ToolXGDC.exePC Drive Tool rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
NoCompromaatXGDC.exeNoCompromaat Dutch rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
ProtectionDeDriverXGDC.exeProtectionDeDriver rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
OnlineHelpmateXGDC.exeOnlineHelpmate rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
HistoriaLout.XGDC.exeHistoriaLout. rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
OczyszczaczKomputerzaXGDC.exeOczyszczaczKomputerza Polish rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
PrivacyConductorXGDC.exePrivacyConductor rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool family. Detected by Malwarebytes as Rogue.PrivacyConductorNo
NetSurfageAssureXGDC.exeNetSurfageAssure French rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
MenaceFighterXGDC.exeMenaceFighter rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
SchijfControleurXGDC.exeSchijfControleur Dutch rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
NettordinateurXGDC.exeNettordinateur rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
NettoyeurDePCXGDC.exeNettoyeurDePC French rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
YourPrivacyGuardXGDC.exeYourPrivacyGuard rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool familyNo
PrivacyWarriorXGDC.exePrivacyWarrior rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
SanitarDiskaXGDC.exeSanitarDiska Romanian rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
FilterProgramXGDC.exeFilterProgram rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool familyNo
ContentEraserXGDC.exeContentEraser rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool familyNo
SecurePCCleanerXGDC.exeSecurePCCleaner rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool family. Detected by Malwarebytes as Rogue.SecurePCCleanerNo
ConducteurPriveXGDC.exeConducteurPrive rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
DefenseNetSurfageXGDC.exeDefenseNetSurfage rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
ConfidentSurfXGDC.exeConfidentSurf rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
DriveDefenderXGDC.exeDriveDefender rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
PCPrivacyToolXGDC.exePCPrivacyTool rogue privacy tool - not recommended. There are number of variants in this family sharing the same filename and user interface - see hereNo
MonContenuassistantXGDC.exeMonContenuassistant French rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
WinAnonymousXGDC.exeWinAnonymous rogue privacy tool - not recommended, removal instructions here. A member of the PCPrivacyTool family. Detected by Malwarebytes as Rogue.WinAnonymousNo
TemizSurucuXGDC.exeTemizSurucu Turkish rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
SuspenzorPCXGDC.exeSuspenzorPC Czech rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
Dist-FBGeneveXGDC.exeNettoyeurDePC French rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
TurvaPCXGDC.exeTurvaPC Finnish rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
MyContentAssistantXGDC.exeMyContentAssistant rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
MistikotitaTuIpologistiXGDC.exeMistikotitaTuIpologisti Greek rogue privacy tool - not recommended. A member of the PCPrivacyTool familyNo
gdcwXGDCW.exePart of the PCPrivacyTool rogue privacy tool and other members of this family. See here for more examplesNo
gdeskXgdesk.exeDetected by Intel Security/McAfee as RDN/Generic.tfr!ea and by Malwarebytes as Trojan.Proxy.AGNo
GDFirewallTrayYGDFirewallTray.exePart of the firewall included with the NotebookSecurity, TotalSecurity and InternetSecurity internet security products from G Data Software AG. Access to the firewall options is included in the main "G Data AntiVirus Tray Application" (AVKTray.exe) entry and although the name would suggest this adds a further tray icon it doesn't. Although the exact purpose is therefore unknown it's recommended you leave it running. Also used by versions of Lavasoft's Ad-Aware Total SecurityYes
Ad-Aware Personal FirewallYGDFirewallTray.exePart of the firewall included with Lavasoft's Ad-Aware Total Security internet security product (which is based upon TotalSecurity from G Data Software AG). Access to the firewall options is included in the main "G Data AntiVirus Tray Application" (AVKTray.exe) entry and although the name would suggest this adds a further tray icon it doesn't. Although the exact purpose is therefore unknown it's recommended you leave it runningYes
G Data Personal FirewallYGDFirewallTray.exePart of the firewall included with the NotebookSecurity, TotalSecurity and InternetSecurity internet security products from G Data Software AG. Access to the firewall options is included in the main "G Data AntiVirus Tray Application" (AVKTray.exe) entry and although the name would suggest this adds a further tray icon it doesn't. Although the exact purpose is therefore unknown it's recommended you leave it running. Also used by versions of Lavasoft's Ad-Aware Total SecurityYes
bdcfdfxXgdhdfe.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\subfolderNo
MKbMcXgdi32.exeDetected by Intel Security/McAfee as Generic.dx!zbk and by Malwarebytes as Trojan.DownloaderNo
LocinxXgdicli.exeDetected by Sophos as Troj/Agent-PAWNo
gdien32Xgdien32.exeDetected by Sophos as Troj/Singu-P and by Malwarebytes as Backdoor.AgentNo
mfcSXXgdim2bxn.cmdDetected by Malwarebytes as Ransom.Agent.E. The file is located in %ProgramFiles%No
gdimxXgdimx.exeMPB-D dialer. Note - provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "gdimx"No
GDMgr.exeUgdmgr.exeGuardMon is a commercial surveillance software program designed to monitor all forms of user activity on a computerNo
GDR driverXgdrhost.exeAdded by the RBOT.YIZ BACKDOOR!No
GDRIVENGDRIVE.EXEFound on IBM systems. All it does is set the CDROM drive letter to G:. Set your drive letter manually via "Device Manager" in Control PanelNo
GameDriveNGDTask.exeGameDrive from FarStone - virtual CD/DVD drive emulator that allows you to run your PC games without the disc, now superseded by VirtualDrive. Available via Start → ProgramsNo
hyeiesssaaaXgdtevxgsse.exeDetected by Intel Security/McAfee as PWSZbot-FXD and by Malwarebytes as Backdoor.Agent.ENo
GSFFHJJDGDGXDXgdtuwuwgsgdDD.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!ul and by Malwarebytes as Backdoor.Agent.ENo
ASDPLUGINXgeaccess.exeAsdPlug premium rate adult content dialerNo
geafajysezazXgeafajysezaz.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
AS00_Gear311TUGear311T.exeNetgear WG311T/WG311TSU 108 Mbps Wireless PCI Adapter configuration utilityNo
AS00 Gear511UGear511.exeNetgear WG511SCU wireless adapter configuration utilityNo
Ai Gear HelpUGearHelp.exeIncluded with some ASUS motherboards (such as the Maximus Extreme & Striker II Extreme), AI Gear "is a utility designed to configure and support all ASUS EPU (Energy Processing Unit) features." Provides system performance profiles to adjust CPU frequency and voltage for different computing needs. Part of AI SuiteNo
GEARsecNgearsec.exeInstalled by Apple Quicktime package - iPod®/iTunes® CDRW support. Can be disabled if you only require Quicktime playerNo
WindowsXgearsec.exeAdded by the STUBBOT-B WORM!No
Windows Sound ManagerXgearsec.exeDetected by Microsoft as Worm:Win32/Pushbot.DFNo
systemrXgedit.exeDetected by Sophos as Troj/AdClick-AQNo
GEDZACXGEDZAC.exeDetected by Symantec as W32.HLLW.GemelNo
geedmpleXgeedmple.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!rk and by Malwarebytes as Backdoor.Agent.LMTNo
tvncontrolUGeekBuddyRSP.exePart of the COMODO GeekBuddy PC support service. Detected by Malwarebytes as PUP.Optional.GeekBuddy. The file is located in %CommonFiles%\COMODO. If bundled with another installer or not installed by choice then remove itNo
GeforcesXGeforce.exeDetected by Malwarebytes as Trojan.Agent.GFJ. The file is located in %AppData%\geforcesNo
geledenorgeXgeledenorge.exeDetected by Intel Security/McAfee as Generic.tfr and by Malwarebytes as Trojan.Agent.USNo
gemaXgema.exeDetected by Sophos as Troj/Ransom-DJ and by Malwarebytes as Ransom.FileCryptorNo
AMD PowerNow!UGemBack.exeAMD PowerNow! - "an innovative solution available on all AMD mobile processor-based notebooks that can effectively increase notebook battery life, while delivering performance on demand"No
GemisXGemis.exeDetected by Malwarebytes as Trojan.FakeJava. The file is located in %AppData%\MicrosoftNo
gemstrmwNgemstrmw.exeFor a GemPlus (now Gemalto) smart card reader. If it doesn't start automatically when you insert the smart card, start it manuallyNo
General AntivirusXGenAvir.exeGeneral Antivirus rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.GeneralAntiVirusNo
gencrootXgencroot.exeDetected by Sophos as W32/Sdbot-AEDNo
Tweak SystemXGenderowo.exeDetected by Symantec as W32.SillyFDC. The file is located in %System%No
General Napoleon.exeXGeneral Napoleon.exeDetected by Malwarebytes as Trojan.Inject. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
general lptt01Xgeneral.exeRapidBlaster variant (in a "general" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
general ml097eXgeneral.exeRapidBlaster variant (in a "general" folder in Program Files). A dedicated "RapidBlaster Killer" removal tool used to be available but quality anti-malware tools will now remove itNo
SERVICEXgenerator_helper.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!fs and by Malwarebytes as Backdoor.Agent.ENo
genericXgeneric.exeDetected by Dr.Web as Trojan.Siggen6.19257 and by Malwarebytes as Malware.Trace.E. Note - this entry loads from the Windows Startup folder and the file is located in %Temp%\RarSFX0No
genesis_[8 digits]Ugenesis_[8 digits].exeGenesisOffers - "A smart selection of relevant offers, precisely targeted and presented to you at the perfect moment." Detected by Malwarebytes as PUP.Optional.GenesisOffers. Note - this entry loads from HKCU\Run and the file is located in %LocalAppData%\genesis_[8 digits]. If bundled with another installer or not installed by choice then remove itNo
genesis_[8 digits]Ugenesis_[8 digits].exeGenesisOffers - "A smart selection of relevant offers, precisely targeted and presented to you at the perfect moment." Detected by Malwarebytes as PUP.Optional.GenesisOffers. Note - this entry loads from the Windows Startup folder and the file is located in %LocalAppData%\genesis_[8 digits]. If bundled with another installer or not installed by choice then remove itNo
geniv.exeXgeniv.exeDetected by Malwarebytes as Trojan.Agent.AI. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
GenProtectXGenProtect.exeDetected by Trend Micro as TROJ_ONLINEG.JZT and by Malwarebytes as Spyware.OnLineGamesNo
GenieoSystemTrayUgentray.exeSystem Tray access to Genieo - which "is a new personalized web information management application, designed to automatically retrieve and filter information items from across the web, based on your specific individual interests, and display them on a personal Homepage created exclusively for you." Detected by Malwarebytes as PUP.Optional.Genieo. The file is located in %AppData%\Genieo\Application\TrayUi\bin. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
Genuine Windows WatchXgenuine.exeDetected by Dr.Web as Win32.HLLW.Autoruner1.25020 and by Malwarebytes as Worm.AutoRunNo
GenieoUpdaterServiceUgenupdater.exeUpdater for Genieo - which "is a new personalized web information management application, designed to automatically retrieve and filter information items from across the web, based on your specific individual interests, and display them on a personal Homepage created exclusively for you." Detected by Malwarebytes as PUP.Optional.Genieo. The file is located in %AppData%\Genieo\Application\TrayUi\bin. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
RjlEQTc3N0IxQkM3RUM4QjXGeoCthaw.exeDetected by Dr.Web as Trojan.Siggen.65180 and by Malwarebytes as Backdoor.Agent. The file is located in %UserProfile%No
georgia.jpg.exeXgeorgia.jpg.exeDetected by Intel Security/McAfee as RDN/Downloader.a!no and by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
geqgumoxpagaXgeqgumoxpaga.exeDetected by Intel Security/McAfee as RDN/Downloader.a!nm and by Malwarebytes as Trojan.Agent.USNo
WindowssystemrecoveryXGerichtsdokumente.exeDetected by Malwarebytes as Trojan.VBInject. The file is located in %AppData%No
gescwXgescw.exePart of BeschermingsTool, SysDepannage and other members of the ErrClean rogue system error and cleaning utility and other members of this family. See here for more examplesNo
Microsoft NetviewXgesfm32.exeDetected by Symantec as W32.Randex.CNo
WOOKIT?GestMaj.exe EspaceWanadoo.exeWanadoo (which was rebranded as Orange and is now part of EE) broadband ISP related. What does it do and is it required?No
WOOKIT?GestMaj.exe GestionnaireInternet.exeWanadoo (which was rebranded as Orange and is now part of EE) broadband ISP related. What does it do and is it required?No
MOBTASKBARICONNGestMaj.exe TaskBarIcon.exeMobistar (which was rebranded as Orange and is now part of EE) broadband ISP taskbar iconNo
WOOTASKBARICONNGestMaj.exe TaskBarIcon.exeWanadoo (which was rebranded as Orange and is now part of EE) broadband ISP taskbar iconNo
GetBooksXGetBooks.exeDetected by Sophos as Troj/DwnLdr-KIR and by Malwarebytes as PUP.Adware.DownloaderNo
JavaUpdateXGetCold Ultimate V 3.0.EXEDetected by Malwarebytes as Backdoor.Agent. The file is located in %Windir%No
GetITUGetIT.exe"HP GET-IT (Graduate Entrepreneurship Training through Information Technologies) empowers under- or unemployed young people with business and IT skills - helping them find a job or start their own businesses"No
REMOTE MESSENGERXgetmnnt$.exeDetected by Malwarebytes as Backdoor.Agent.RMGen. The file is located in %System%No
GetModule18XGetModule18.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule19XGetModule19.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule20XGetModule20.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule21XGetModule21.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule23XGetModule23.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModuleNo
GetModule24XGetModule24.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule25XGetModule25.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule26XGetModule26.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule27XGetModule27.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule29XGetModule29.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule30XGetModule30.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule31XGetModule31.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModuleNo
GetModule32XGetModule32.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModuleNo
GetModule33XGetModule33.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule34XGetModule34.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModuleNo
GetModule35XGetModule35.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule36XGetModule36.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModuleNo
GetModule37XGetModule37.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetModule38XGetModule38.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetModule - see hereNo
GetNowUpdaterUGetNowUpdater.exeDetected by Malwarebytes as PUP.Optional.GetNowUpdater. The file is located in %AppData%\GetNowUpdater\bin. If bundled with another installer or not installed by choice then remove itNo
GetPack18XGetPack18.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack19XGetPack19.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack20XGetPack20.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack21XGetPack21.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack22XGetPack22.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack23XGetPack23.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack24XGetPack24.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPack - see hereNo
GetPack25XGetPack25.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPack26XGetPack26.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPack27XGetPack27.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPack28XGetPack28.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPack29XGetPack29.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPack30XGetPack30.exeAdware.ISMonitor/Adware.Adsponsor variant - detected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%\GetPackNo
GetPrivateUGetPrivate.exeDetected by Malwarebytes as PUP.Optional.GetPrivate. The file is located in %ProgramFiles%\GetPrivate. If bundled with another installer or not installed by choice then remove itNo
Start GetrightNgetright.exeEntry added with older versions of the GetRight download manager from Headlight Software, Inc. Start it manually unless you want to intercept download links from your browserNo
GetRightUGetRight.exeGetRight from Headlight Software - shareware download manager for resuming downloads and choosing multiple download locations. The Pro version adds uploading and other features. Earlier 4.x versions included ads, which could be disabled if you chose not to install the Aureate/Radiate software in the registered version - see here. Start it manually unless you want to intercept download links from your browserYes
GetRight - Tray IconUgetright.exeEntry added with older versions of the GetRight download manager from Headlight Software, Inc. Start it manually unless you want to intercept download links from your browserYes
GetSmileNgetsmile.exeGetSmile - "Smileys for email, forums and MySpace, Animated MSN Emoticons for your messenger"No
SymmTimeUGeTTime.exeSymmTime from Symmetricon - freeware utility that "synchronizes your PC clock to Coordinated Universal Time (UTC), the high precision atomic time standard"Yes
SymmTime ApplicationUGeTTime.exeSymmTime from Symmetricon - freeware utility that "synchronizes your PC clock to Coordinated Universal Time (UTC), the high precision atomic time standard"Yes
Critical Error Safe32XGetWaylayer32.exeAdded by a variant of W32/Sdbot.worm. The file is located in %System%No
getxemplXgetxempl.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ezNo
getxempl2Xgetxempl2.exeDetected by Dr.Web as Trojan.Siggen5.52694 and by Malwarebytes as Trojan.AutoitNo
getxempl23Xgetxempl23.exeDetected by Dr.Web as Trojan.Inject1.29439 and by Malwarebytes as Trojan.AutoitNo
ewrgetujXgeurge.exeDetected by Sophos as W32/Autoinf-AK and by Malwarebytes as Worm.Prolaco.MNo
gewavatjimuzXgewavatjimuz.exeDetected by Intel Security/McAfee as Generic Downloader.x and by Malwarebytes as Trojan.Agent.USNo
gewosaqfujynXgewosaqfujyn.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.PushdoNo
wowXgewow.exeDetected by Sophos as Troj/WowPWS-KANo
Windows DefenderXGFAXSKra.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!zd and by Malwarebytes as Trojan.Agent.GenNo
uyhfgvcxbXgfcvxze.exeDetected by Intel Security/McAfee as RDN/Generic.dx!dgn and by Malwarebytes as Backdoor.Agent.ENo
McsoftXgfeqzvq.exeAdded by the SDBOT-NV WORM!No
gFKanCSDwTtXgFKanCSDwTt.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!ti and by Malwarebytes as Backdoor.Agent.DCENo
Gameforge LiveNgfl_client.exeSystem Tray access to the Gameforge Live online gaming platform. "With it, all of your games will be just a click away. Gameforge Live will keep you up to date with automatic updates and current news"Yes
GameforgeLiveNgfl_client.exeSystem Tray access to the Gameforge Live online gaming platform. "With it, all of your games will be just a click away. Gameforge Live will keep you up to date with automatic updates and current news"Yes
gfl_clientNgfl_client.exeSystem Tray access to the Gameforge Live online gaming platform. "With it, all of your games will be just a click away. Gameforge Live will keep you up to date with automatic updates and current news"Yes
AVPPROTECTXGFORCEUDP.EXEDetected by Intel Security/McAfee as RDN/Generic Dropper and by Malwarebytes as Trojan.Agent.TCAGenNo
UpdaterLogTeckXGFORCEUDP.EXEDetected by Dr.Web as Trojan.DownLoader10.49163 and by Malwarebytes as Trojan.Agent.TCAGenNo
GFManagerXGFORCEUDP.EXEDetected by Dr.Web as Trojan.Bankfraud.1053 and by Malwarebytes as Trojan.Agent.TCAGenNo
conimeXgfwz.exeDetected by Malwarebytes as Backdoor.Small. The file is located in %System%\configNo
3Dfx AccXGFXACC.EXEDetected by Symantec as W32.Gibe@mmNo
GFX SessionRequestXgfxdata.exeDetected by Malwarebytes as Trojan.Agent.GF. The file is located in %AppData% - see hereNo
Microsoft Device ManagerXgfxdrive.exeDetected by Dr.Web as Trojan.Click2.57391 and by Malwarebytes as Trojan.AgentNo
Intel GPUXGfxUI.exeDetected by Dr.Web as Trojan.DownLoader23.51876 and by Malwarebytes as Trojan.CryptNo
gg-unitXgg-unit.exeDetected by Malwarebytes as Trojan.KeyLogger. The file is located in %System%No
Nowe Gadu-GaduNgg.exePolish language Instant Messaging clientNo
Gadu-GaduNgg.exePolish language Instant Messaging clientNo
Gadu-Gadu 10Ngg.exePolish language Instant Messaging clientNo
Microsoft Driver SetupXggdrive32.exeDetected by Sophos as Troj/Agent-QGS and by Malwarebytes as Worm.PalevoNo
ggePSKfpxtPXggePSKfpxtP.exeAdded by the FAKEAV-DVV TROJAN!No
gf1.0.0.2Xggf.exeDetected by Total Defense as Eddfon A. The file is located in %System%No
StratasXggfig.exeDetected by Trend Micro as WORM_OPANKI.WNo
bdfgerXgggasw.exeAdded by the SDBOT-RT WORM!No
vmtunerXgglib.exeDetected by Sophos as Troj/QLowZon-DNo
gtydfXggrrgg.exeDetected by Sophos as Troj/Dloadr-AZKNo
google toolbarXggtb32.exeDetected by Sophos as W32/Agobot-RRNo
gH46Dt3XgH46Dt3.ExeDetected by Malwarebytes as Trojan.MSIL. The file is located in %Temp%No
Microsoft Driver SetupXghdrive32.exeDetected by Sophos as Troj/DwnLdr-IXK and by Malwarebytes as Worm.PalevoNo
[random]Xghgfjrs.exeDetected by Sophos as W32/Sdbot-IJNo
CyberLink PowerStarterXghgrd.exeDetected by Malwarebytes as Spyware.Pony. Note - this is not a legitimate entry for CyberLink PowerStarter and the file is located in %UserTemp%No
G_HostXgHost.exeDetected by Sophos as W32/Autoit-BP and by Malwarebytes as Trojan.FakeFolderNo
Sys_RunXghost.exeDetected by Sophos as Troj/Lineage-NNo
Ghost AntivirusXGhostAV.exeGhost Antivirus rogue security software - not recommended, removal instructions hereNo
GhostStartServiceYGhostStartService.exeInstalled with older versions of Symantec's Norton Ghost backup software (either as a standalone product or as part of Norton SystemWorks). This is the background process required for Ghost to work in Windows - when you use the Ghost Explorer (browse/extract files from archives) or start Ghost tasks such as backup and restore. Runs as a service on an NT based OS (such as Windows 10/8/7/Vista/XP)No
GhostStartTrayAppNGhostStartTrayApp.exeSystem Tray access to older versions of Symantec's Norton Ghost backup software (either as a standalone product or as part of Norton SystemWorks)Yes
Norton Ghost 10.0NGhostTray.exeSystem Tray access to version 10.0 of Symantec's Norton Ghost backup software (either as a standalone product or as part of Norton SystemWorks 2006 Premier)No
Norton Ghost 9.0NGhostTray.exeSystem Tray access to version 9.0 of Symantec's Norton Ghost backup software (either as a standalone product or as part of Norton SystemWorks 2005 Premier)No
GhostVaccineXGhostVaccine.exeGhostVaccine rogue security software - not recommended, removal instructions hereNo
systenXGhrome.exeDetected by Malwarebytes as Backdoor.Agent.EXP. The file is located in %ProgramFiles%\ExploreNo
iujhdkjjXGhrome.exeDetected by Malwarebytes as Backdoor.Agent.EXP. The file is located in %ProgramFiles%\ExploreNo
kjhioksXGhrome.exeDetected by Malwarebytes as Backdoor.Agent.EXP. The file is located in %ProgramFiles%\ExploreNo
giailium32Xgiaiy64.exeDetected by Dr.Web as Trojan.DownLoader10.20432 and by Malwarebytes as Trojan.Agent.ENo
gicuiguabigiXgicuiguabigi.exeDetected by Intel Security/McAfee as Generic Dropper and by Malwarebytes as Trojan.Agent.USNo
ApplicationXGIDEON.exeDetected by Malwarebytes as Trojan.Crypt. The file is located in %AppData%No
Gift2.exeXGift.exeDetected by Dr.Web as Trojan.Siggen5.41790 and by Malwarebytes as Backdoor.Agent.ENo
gigabit.exeXgigabit.exeAdded by the BEAGLE.U WORM!No
CheatleXGigaByte.exeAdded by the SHODI.B VIRUS!No
Giganews AcceleratorUGiganewsAccelerator.exeGiganews Accelerator from Giganews, Inc. - "a software-based news proxy which will allow you to compress headers and enable 256-bit SSL encryption, regardless of whether or not SSL is supported natively by your news client"No
gihibzonigiXgihibzonigi.exeDetected by Intel Security/McAfee as RDN/Generic Dropper and by Malwarebytes as Trojan.Agent.USNo
LG Intelligent UpdateUgiljabistart.exeRelated to LG Electronics system updatesNo
MicrosoftXGiljabiStart.exeDetected by Dr.Web as Trojan.DownLoader10.35863 and by Malwarebytes as Trojan.Agent.MSGenNo
gimmysmileysXgimmysmileys.exeGimmySmileys adwareNo
gipychagcaspXgipychagcasp.exeDetected by Dr.Web as BackDoor.Bulknet.1048 and by Malwarebytes as Trojan.Agent.USNo
giqhrhdhldbhyywmetdXgiqhrhdhldbhyywmetd.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
Girder4Ugirder.exeGirder from Promixis - "is the award winning home and industrial automation software that allows users of all skill level to make advanced scripts and macros to automate many functions both on the computer and around the house or office"No
GisdnLog?gisdnlog.exeRelated to BT Digital Access USBNo
LANDRIVE32Xgismon.exeDetected by Intel Security/McAfee as RDN/Generic.dx!cq3 and by Malwarebytes as Trojan.Agent.ENo
giuolopXgiuolop.exeDetected by Malwarebytes as Trojan.Agent.AI. The file is located in %AppData%\giuoplNo
fixerXgixer.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %Temp%No
PrjBetaXGizem.exeDetected by Intel Security/McAfee as W32/Neklace.genNo
GizmoNgizmo.exeGizmo Central set of utilities by Arainia Solutions - which includes virtual disk image mounting, hex and syntax editors, mouse and keyboard automation and database toolsNo
GizmoDriveDelegateNgizmo.exePart of the Gizmo Central set of utilities by Arainia Solutions enabling you to "mount ISO, VHD, and BIN images to a virtual CD-ROM device"No
gjhax_16.exeXgjhax_16.exeDetected by Malwarebytes as Ransom.Locky. The file is located in %AppData%\[8 characters]No
gjhax_32.exeXgjhax_32.exeDetected by Malwarebytes as Trojan.Agent.Generic. The file is located in %AppData%\[8 characters]No
(Default)XGJHKKT263453.exeDetected by Dr.Web as Trojan.Siggen4.38789 and by Malwarebytes as Trojan.MSIL. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %AppData%No
gjmtXgjmt.exeDetected by Trend Micro as TROJ_DELF.DWNo
TaskmanXgjyxgn.exeDetected by Intel Security/McAfee as W32/Rimecud.gen.di and by Malwarebytes as Worm.Palevo. Note - this entry adds a HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Taskman" entry which loads the file "gjyxgn.exe" (which is located in %UserProfile%)No
GkwkwqXGkwkwq.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %AppData%No
MMLQMTXGkxwNQ.exeDetected by Intel Security/McAfee as RDN/Generic.grp!fy and by Malwarebytes as Backdoor.Agent.ENo
Popup TerminatorUGLADManager.exePopup Terminator - pop-up killerNo
Glass2kUGlass2k.exe"Glass2k is a small little program that allows Win2K/XP users to make any window transparent"No
Glassy Calculator IIUGlassy Calculator II.exeGlassy Calculator II widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calculator II.exe loads a file called "DXWidget.exe" and exitsYes
DesktopX WidgetUGlassy Calculator II.exeGlassy Calculator II widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calculator II.exe loads a file called "DXWidget.exe" and exits. This is the Windows Defender entryYes
Glassy CalendarUGlassy Calendar.exeGlassy Calendar widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calendar.exe loads a file called "DXWidget.exe" and exitsYes
DesktopX WidgetUGlassy Calendar.exeGlassy Calendar widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calendar.exe loads a file called "DXWidget.exe" and exits. This is the Windows Defender entryYes
Glassy Calculator IIUGLASSY~1.EXEGlassy Calculator II widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calculator II.exe loads a file called "DXWidget.exe" and exits. This is the XP MSConfig entry where "Glassy Calculator II.exe" is shown as "GLASSY~1.EXE"Yes
DesktopX WidgetUGLASSY~1.EXEGlassy Calculator II widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calculator II.exe loads a file called "DXWidget.exe" and exits. This is the 7/Vista MSConfig entry where "Glassy Calculator II.exe" is shown as "GLASSY~1.EXE"Yes
Glassy CalendarUGLASSY~2.EXEGlassy Calendar widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calendar.exe loads a file called "DXWidget.exe" and exits. This is the XP MSConfig entry where "Glassy Calendar.exe" is shown as "GLASSY~2.EXE"Yes
DesktopX WidgetUGLASSY~2.EXEGlassy Calendar widget for the DesktopX desktop utility from Stardock Corporation. Once started, Glassy Calendar.exe loads a file called "DXWidget.exe" and exits. This is the 7/Vista MSConfig entry where "Glassy Calendar.exe" is shown as "GLASSY~2.EXE"Yes
SpyBlocsXGLF*.exe [* = random chars]SpyBlocs rogue spyware remover - not recommended, removal instructions hereNo
GlideYGlidew32.exeCirque touchpad driverNo
RUNTIME SYSTEMXglm.exeDetected by Intel Security/McAfee as Generic BackDoor!fq3 and by Malwarebytes as Backdoor.AgentNo
GLO StartXGLO.exeDetected by Dr.Web as Trojan.MulDrop2.40626 and by Malwarebytes as Trojan.Agent.GenNo
PoliciesXGlobal Loader.exeDetected by Malwarebytes as Backdoor.Agent.PGen. The file is located in %System%\installNo
Microsoft System ServiceXglobalpatch.exeDetected by Intel Security/McAfee as Generic.dx!b2tp and by Malwarebytes as Backdoor.BotNo
globalxXglobalx.exeDetected by Intel Security/McAfee as Generic.bfr!db and by Malwarebytes as Trojan.AgentNo
GlobeTrotter ConnectUglobetrotter connect.exeGlobeTrotter Connect - easy-to-use software application that "simplifies the management of Windows-based broadband Internet connections to WWAN networks, worldwide, automatically configuring connection to the service provider according to the SIM card inserted"No
Glock Suite 1.1Xglock32.exeDetected by Trend Micro as TROJ_TINY.GVNo
MiniphoneNglophone.exeVoiceGlo Glophone - "an affordable and convenient way to call friends and family throughout the world using a dial-up or broadband Internet connection on your computer" using the VoIP (Voice over Internet Protocol). No longer availableNo
RBot v2 with NetAPI exploit traded with billgates I gave my mother Greetz - OG - Bluehell Irc ServerXglossary.exeDetected by Sophos as W32/Vanebot-JNo
gluon?gluon.exeThe file is located in %Windir%\gluon\binNo
ShellXgluudsUpdate.exe,explorer.exeDetected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "gluudsUpdate.exe" (which is located in %AppData%\gluuds)No
glvXglv.exeDetected by Sophos as Troj/Dloader-NGNo
GM4IEUgm4ie.exeGreasemonkey for IE is an Internet Explorer extension which lets you add bits of DHTML ("user scripts") to any web page to change its behavior. No longer supportedNo
Gmail CheckerUGmail Checker.exeGmail Checker widget for the DesktopX desktop utility from Stardock Corporation. Checks for new E-mail on Google via their Atom feed. Once started, Gmail Checker.exe loads a file called "DXWidget.exe" and exitsYes
DesktopX WidgetUGmail Checker.exeGmail Checker widget for the DesktopX desktop utility from Stardock Corporation. Checks for new E-mail on Google via their Atom feed. Once started, Gmail Checker.exe loads a file called "DXWidget.exe" and exits. This is the Windows Defender entryYes
Gmail Notifier PlusUGmail Notifier Plus.exeGmail Notifier Plus email notification utilityNo
Gmail Notifier.exeUGmail Notifier.exeGmail Notifier email notification utilityNo
LOKXgmail.exeDetected by Intel Security/McAfee as RDN/PWS-Banker!cw and by Malwarebytes as Trojan.Banker.ENo
hotdlllXgmail.exeDetected by Malwarebytes as Trojan.Banker.ASD. The file is located in %System%No
Gmail CheckerUGMAILC~1.EXEGmail Checker widget for the DesktopX desktop utility from Stardock Corporation. Checks for new E-mail on Google via their Atom feed. Once started, Gmail Checker.exe loads a file called "DXWidget.exe" and exits. This is the XP MSConfig entry where "Gmail Checker.exe" is shown as "GMAILC~1.EXE"Yes
DesktopX WidgetUGMAILC~1.EXEGmail Checker widget for the DesktopX desktop utility from Stardock Corporation. Checks for new E-mail on Google via their Atom feed. Once started, Gmail Checker.exe loads a file called "DXWidget.exe" and exits. This is the 7/Vista MSConfig entry where "Gmail Checker.exe" is shown as "GMAILC~1.EXE"Yes
SymantecFilterCheckXgmilogof.exeDetected by Sophos as Troj/Banker-EKC and by Malwarebytes as Trojan.AgentNo
GmodXgmod.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %CommonAppData%\MyAppsNo
MouseMate98Ygmouse.exeMouse driver - required if you use non-standard Windows driver featuresNo
gmouseYgmouse.exeMouse driver - required if you use non-standard Windows driver featuresNo
GsAdsXgms2.exePacerD Media/Pacimedia.com adwareNo
gmsd_**_#Ugmsd_**_#.exeDetected by Malwarebytes as PUP.Optional.GamesDesktop - where ** represents a 2 letter country code (ie, us, ca, jp, pl) and # represents one or more digits. The file is located in %ProgramFiles%\gmsd_**_#. If bundled with another installer or not installed by choice then remove itNo
Gmsvc32Xgmsvc32.exeAdded by the AGOBOT.ABN WORM!No
GStartupXGMT.exePart of Gator adware - see here for removal instructions. Gator Corporation later became Claria Corporation, who distributed GAIN adwareNo
gmtXgmt.exePart of Gator adware - see here for removal instructions. Gator Corporation later became Claria Corporation, who distributed GAIN adwareNo
Microsoft Internet Firewall ManagerXGMT16.exeAdded by the RANDEX.AT WORM!No
BharatayudaXGNB.exeAdded by the BHARAT.A WORM!No
GnetmousUgnetmous.exeGenius mouse driver - required if you use non-standard Windows driver featuresNo
Scroll Mouse DriversUGNETMOUS.EXEGenius mouse driver - required if you use non-standard Windows driver featuresNo
iOhvXCFgKA5YwN58Ybt1yVRcgtGb4GXgngfgfgfhnfg.exeDetected by Malwarebytes as Trojan.Exploitdrop. The file is located in %AppData%No
gngfgfgfhnfg.exeXgngfgfgfhnfg.exeDetected by Dr.Web as BackDoor.IRC.Bot.1919 and by Malwarebytes as Trojan.ExploitdropNo
TaskmanXgnja.exeDetected by Malwarebytes as Worm.Palevo. Note - this entry adds a HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Taskman" entry which loads the file "gnja.exe" (which is located in %AppData%)No
Gekio StartupsXgnksvc32.exeDetected by Trend Micro as WORM_AGOBOT.AFJNo
{0228e555-4f9c-4e35-a3ec-b109a192b4c2}Ugnotify.exeGoogle "Gmail Notifier" - alerts you when you have new Gmail messages. No longer supported - see hereNo
msi system tuneXgnstvn.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Trojan.AgentNo
GNUXGNU.exeDetected by Malwarebytes as Trojan.FakeMS. The file is located in %AppData%\GNUNo
GNUB?GNUB.exeThe file is located in %Windir%No
Go My MediaUGo-My-Media.exeDetected by Malwarebytes as PUP.Optional.Privoxy. The file is located in %ProgramFiles%\SecuredNet. If bundled with another installer or not installed by choice then remove it, removal instructions hereNo
WinDriver InstallerXgo.exeDetected by Malwarebytes as Trojan.InfoStealer.E. The file is located in %Root%\WindriverNo
Go!Zilla Monster DownloadsXGo.exeDownload manager for resuming downloads and choosing multiple download locations. Advertising spywareNo
Google Service FRXGO0GLEFREE.EXEAdded by a variant of the SPYBOT WORM!No
OutlookExpressXgoawv.exeAdded by the RBOT-CC WORM!No
gobalanjogoXgobalanjogo.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!vc and by Malwarebytes as Trojan.Agent.USNo
GoogleContactSyncUGOContactSync.exeGO Contact Sync by WebGear - "is an open source tool that synchronizes your contacts between Microsoft Outlook and Google Mail, it removes the hassle of entering details more than once"No
updateXGod Is Good.exeDetected by Malwarebytes as Trojan.Injector.MSIL. The file is located in %AppData%\scvhostNo
GOGXGOG.exeAdded by the PHILIS.B VIRUS!No
ShellXgog.exeDetected by Trend Micro as TROJ_FAKEAV.SM23 and by Malwarebytes as Worm.Palevo. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "gog.exe" (which is located in %AppData%)No
Philips GoGear OPUS Device ManagerNGoGear_OPUS_DeviceManager.exeManagement utility for the Philips GoGear OPUS MP3 video playerNo
RUNGogoToolsXGoGoLaunch.exeGoGoTools adwareNo
goidrXgoidr.exeGoidr adwareNo
GolddigaXGolddiga.exeDetected by Intel Security/McAfee as Generic Dropper and by Malwarebytes as Trojan.Agent.MNRNo
GoldenWatchXGoldenWatch.exeDetected by Dr.Web as Trojan.Siggen2.24612No
ExplorerXgoldexc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
Microsoft Gold ExchangeXgoldexc.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
GoldTachYGoldTach.exeGoldTech personal firewall from Matinsoft Inc - "is a powerful and easy-to-use internet security software that integrates four functions: Personal Firewall, Process Communication Control, E-mail Protection and Webpage Content Filtration"No
golenXgolen.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%No
LMBH9X0SKWAUTHLGCXgom.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Messa.ENo
gomepXgomep.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %UserProfile% - see hereNo
HD AudioXGomplayer.exeDetected by Malwarebytes as Backdoor.Orcus. The file is located in %ProgramFiles%\Gomplayer - see hereNo
gomrXgomr.exeDetected by Intel Security/McAfee as RDN/Generic.dx!djf and by Malwarebytes as Backdoor.Agent.IMNNo
mdr procceXgona.exeAdded by the SPYBOT.AUU WORM!No
IMDXgood.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%No
adobeXgood.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %ProgramFiles%No
IDMMXgood.exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %AppData%No
GoodMEMNGoodMEM.exeGoodMEM from MSI "automatically releases the system memory space, reducing the risk of system hang-up"No
GoodScanMainXGoodScan.exeGoodScan rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.K.GoodScanNo
GoodSyncUGoodSync.exeGoodSync file synchronization and backup utility from Siber Systems, Inc - required if you have enabled the automatic optionYes
GoodSync SyncrhronizerUGoodSync.exeGoodSync file synchronization and backup utility from Siber Systems, Inc - required if you have enabled the automatic optionYes
goodvaccine mainXgoodvaccineu.exeDetected by Malwarebytes as Rogue.K.GoodVaccine. The file is located in %ProgramFiles%\goodvaccineNo
Googl.e Chrome.exeXGoogl.e Chrome.exeDetected by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Google chormeXGoogle chorme.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Trojan.Banker. The file is located in %Windir%No
PoliciesXGoogle chrome.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.PGenNo
Google ChromeXGoogle Chrome.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
google chromeXgoogle chrome.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %LocalAppData% - see hereNo
Google chromeXGoogle chrome.exeDetected by Intel Security/McAfee as RDN/Generic.bfr. The file is located in %System%\Google chromeNo
Google Chrome.vbeXGoogle Chrome.vbeDetected by Dr.Web as Trojan.DownLoader11.10197 and by Malwarebytes as Trojan.Agent.VBS. Note - this entry loads from HKLM\Run and HKCU\Run and the file is located in %Temp%No
Google Chrome.vbeXGoogle Chrome.vbeDetected by Dr.Web as Trojan.DownLoader11.10197 and by Malwarebytes as Trojan.Agent.VBS. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ComponentUpdateXGoogle Component Update.lnkDetected by Symantec as Trojan.Tzeebot and by Malwarebytes as KeyLogger.Agent.MGCNo
Google Services.exeXGoogle Services.exeDetected by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
google update.exeXgoogle update.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not a valid Google process and it is located in %Temp%No
Adobe ReaderXGoogle Update.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not a valid Google process and it is located in %ProgramFiles%\Google ChromeNo
GoogleUpdateXGoogle Update.exeDetected by Symantec as Trojan.Backtar. Note - this is not a valid Google process and it is located in %ProgramFiles%\GoogleNo
UpdateXGoogle Update.exeDetected by Dr.Web as Trojan.DownLoader6.22370 and by Malwarebytes as Trojan.Agent. Note - this is not a valid Google process and it is located in %AppData%\GoogleNo
Java UpdaterXGoogle Update.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not a valid Google process and it is located in %ProgramFiles%\Google ChromeNo
PoliciesXGoogle Update.exeDetected by Malwarebytes as Backdoor.Agent.PGen. Note - this is not a valid Google process and it is located in %ProgramFiles%\Google ChromeNo
Google UpdateXGoogle Update.exeDetected by Sophos as Troj/DwnLdr-KNN and by Malwarebytes as Trojan.MSIL. Note - this is not a valid Google process and it is located in %AppData%No
Google UpdateXGoogle Update.exeDetected by Dr.Web as Trojan.MulDrop4.6456. Note - this is not a valid Google process and it is located in %ProgramFiles%\GoogleNo
Google UpdateXGoogle Update.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not a valid Google process and it is located in %UserTemp%No
Google UpdaterXGoogle Updater.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %AppData%\MicrosoftNo
Google+Boster+V1.01.rarXGoogle+Boster+V1.01.rarDetected by Dr.Web as Trojan.DownLoader10.52119 and by Malwarebytes as Trojan.Agent.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Google ChromeXgoogle.comDetected by Malwarebytes as Trojan.Banker.ACFGen. Note - this is not a legitimate Google Chrome browser entry and the file is located in %System%No
SOFTWARE\Microsoft\Windows\CurrentVersion\RunXgoogle.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%No
google.comXGoogle.exeDetected by Malwarebytes as Rogue.TechSupportScam. The file is located in %ProgramFiles%\GoogleNo
Google.exeXGoogle.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp%No
google.exeXgoogle.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!wr and by Malwarebytes as Trojan.Agent.Gen. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HKCUXGoogle.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ew and by Malwarebytes as Backdoor.HMCPol.GenNo
HKCUXGoogle.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\ChromeNo
gogleXgoogle.exeDetected by Dr.Web as Trojan.DownLoader6.45746 and by Malwarebytes as Trojan.Agent. The file is located in %System%No
Adobe Reader V10Xgoogle.exeDetected by Intel Security/McAfee as W32/Sdbot.bfr and by Malwarebytes as Backdoor.IRCBot.ENo
GoogleXGoogle.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
googleXgoogle.exeDetected by Intel Security/McAfee as Generic.dx. The file is located in %AppData%\GoogleNo
googleXgoogle.exeDetected by Sophos as W32/Rbot-AMW and by Malwarebytes as Trojan.Agent. The file is located in %System%No
googleXgoogle.exeDetected by Malwarebytes as Trojan.Agent.GG. The file is located in %System%\googleNo
GoogleXGoogle.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Windir%\GoogleNo
loadXGoogle.exeDetected by Malwarebytes as Trojan.Agent. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "Google.exe" (which is located in %AppData%)No
skypeXgoogle.exeDetected by Malwarebytes as Trojan.Agent.GG. The file is located in %System%\googleNo
Update GoogleXgoogle.exeDetected by Kaspersky as Trojan-Spy.Win32.Webmoner.aueNo
GOOGLE TOOLSXGOOGLE.exeDetected by Dr.Web as Trojan.Siggen6.7268 and by Malwarebytes as Backdoor.Agent.GenNo
GOOGLE TOOSXGOOGLE.exeDetected by Dr.Web as Trojan.Siggen6.8607 and by Malwarebytes as Backdoor.Agent.ENo
HKLMXGoogle.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ew and by Malwarebytes as Backdoor.HMCPol.GenNo
HKLMXGoogle.exeDetected by Malwarebytes as Backdoor.HMCPol.Gen. The file is located in %Windir%\ChromeNo
Google UpdateXGoogle.exeDetected by Intel Security/McAfee as PWS-Zbot.gen.ke and by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
Google UpdateXGoogle.exeDetected by Intel Security/McAfee as PWS-Zbot.gen.ke and by Malwarebytes as Trojan.Agent. The file is located in %AppData%\GoogleNo
google Intrenet ExplorerXgoogle.pifDetected by Sophos as W32/Rbot-ARANo
Google.vbsXGoogle.vbsDetected by Malwarebytes as Trojan.Agent.Script. The file is located in %AppData%No
GoogleAppXGoogleApp.exeDetected by Dr.Web as Win32.HLLW.Autoruner.49527 and by Malwarebytes as Trojan.AgentNo
Chrome AppXGoogleApp.exeDetected by Intel Security/McAfee as RDN/Generic.grp and by Malwarebytes as Trojan.Downloader.JKNo
Google One SecureXGoogleApp.exeDetected by Malwarebytes as Trojan.Clicker.DF. The file is located in %ProgramFiles%\GoogleAppNo
Google Secure SurfingXGoogleApp.exeDetected by Sophos as Troj/Sisron-K and by Malwarebytes as Trojan.ClickerNo
GoogleBot.exeXGoogleBot.exeDetected by Total Defense as Downloader GB. The file is located in %System%No
GoogleXgooglebpw.exeDetected by Dr.Web as Trojan.DownLoader6.6258 and by Malwarebytes as Trojan.AgentNo
Google Calendar SyncUGoogleCalendarSync.exe"Google Calendar Sync allows you to sync events between Google Calendar and Microsoft Outlook Calendar. You'll be able to determine the direction of information flow, as well as the sync frequency"No
GoogleChromeXGoogleChrome.exeDetected by Malwarebytes as Trojan.FakeAlert. The file is located in %AppData%No
googlechromeXgooglechrome.exeDetected by Malwarebytes as Trojan.VBInject. Note - this is not the legitimate Google Chrome browser and the file is located in %AppData%\{1O5FE9-874ZZ-82311B-40456F8-2`266A5}No
GoogleChrome.exeXGoogleChrome.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %CommonFiles%No
GoogleChrome.exeXGoogleChrome.exeDetected by Malwarebytes as Trojan.Banker.DF. The file is located in %Root%\ProgramDataNo
GoogleChrome.exeXGoogleChrome.exeDetected by Malwarebytes as Trojan.FakeChrome. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
AdopeFlashXGoogleChrome.exe /AutoIt3ExecuteScript GoogleChrome.a3xDetected by Dr.Web as Win32.HLLW.Autoruner2.18430 and by Malwarebytes as Worm.Rowmanti.E. Both files are located in %Root%\GoogleChromeNo
NewJavaInstallXGoogleChrome.exe /AutoIt3ExecuteScript GoogleChrome.a3xDetected by Dr.Web as Win32.HLLW.Autoruner2.18430 and by Malwarebytes as Worm.Rowmanti.E. Both files are located in %Root%\GoogleChromeNo
loadXGoogleCompany.exeDetected by Malwarebytes as Trojan.Agent. Note - this entry modifies the legitimate HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" value data to include the file "GoogleCompany.exe" (which is located in %LocalAppData%)No
IE Per-User Initialization utilityXGoogleCompany.exeDetected by Malwarebytes as Backdoor.Agent.Gen. The file is located in %LocalAppData%No
GoogleCrashHandlerXGoogleCrashHandler.exeDetected by Sophos as Troj/Agent-SUP and by Malwarebytes as Trojan.Agent.G. The file is located in %AppData%No
GupdateXGoogleCrashHandler.exeDetected by Sophos as Troj/Buzus-HBNo
PRINTER_STAMPXGoogleCrashHandlerdll.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
PRINTER_STAMPXGoogleCrashHandlerdlls.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
PRINTER_STAMPSXGoogleCrashHandlersdll.exeDetected by Intel Security/McAfee as RDN/Generic.grp and by Malwarebytes as Backdoor.Agent.ANDNo
PRINTER_STAMPSXGoogleCrashHandlersdlls.exeDetected by Intel Security/McAfee as RDN/Generic.grp and by Malwarebytes as Backdoor.Agent.ANDNo
GoogleCrashler.exeXGoogleCrashler.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Trojan.Agent.SFRNo
GoogleDCClientNGoogleDCC.exeGoogle Compute Client - only present if you installed the Google Toolbar with "Google Compute" client active. Does complex calculations in the background when idle. If you want to turn it off go to your browser, click on the little double-helix on the Google Toolbar, and click "Stop Computing". No longer supportedNo
GoogleDesktopUGoogleDesktop.exeThe Google Desktop utility integrated Google's search capabilities for files on the user's system and allowed users to include gadgets such as clocks, weather and meters in a sidebar on the user's desktop - like that included with Windows 7 and Vista. Now discontinued and no longer availableYes
Google DesktopUGoogleDesktop.exeThe Google Desktop utility integrated Google's search capabilities for files on the user's system and allowed users to include gadgets such as clocks, weather and meters in a sidebar on the user's desktop - like that included with Windows 7 and Vista. Now discontinued and no longer availableYes
Google Desktop SearchUGoogleDesktop.exeThe Google Desktop utility integrated Google's search capabilities for files on the user's system and allowed users to include gadgets such as clocks, weather and meters in a sidebar on the user's desktop - like that included with Windows 7 and Vista. Now discontinued and no longer availableYes
WinsysMonXgoogledownload.exeDetected by Dr.Web as Trojan.DownLoader7.15392 and by Malwarebytes as Trojan.AgentNo
GoogleDriveSyncUgoogledrivesync.exeGoogle Drive syncing feature to make sure all documents are up-to-dateNo
GoogleEarthXGoogleEarth.exeDetected by Malwarebytes as MSIL.LockScreen. Note - this is not the legitimate Google Earth process which is normally located in %ProgramFiles%\Google\Google Earth\client. This one is located in %Appdata%No
GOOGLEMAP_CHROMEXGoogleHandledll.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.Agent.ENo
GoogleUpdateXGoogleInstaller.exeDetected by Dr.Web as Trojan.DownLoader11.43649 and by Malwarebytes as Trojan.Agent.IGenNo
GoogleXgoogleire.exeDetected by Dr.Web as Trojan.DownLoader4.29049 and by Malwarebytes as Trojan.AgentNo
GoogleXgooglejtg.exeDetected by Malwarebytes as Adware.Bundle. The file is located in %AppData%No
GoogleUpdater#XGoogleMapper.exeDetected by Malwarebytes as Worm.Prolaco.M - where # represents a digit. The file is located in %System% - see an example hereNo
googlemaps.exeXgooglemaps.exeDetected by Malwarebytes as Trojan.SpyEyes. The file is located in %Root%\googlemaps.exeNo
Google Earth ViewerNGOOGLEMAPS.EXEGoogle Earth "combines satellite imagery, maps and the power of Google Search to put the world's geographic information at your fingertips"No
GoogleMgrXGoogleMgr.exeDetected by Malwarebytes as Trojan.Agent.GGL. The file is located in %CommonAppData%\GoogleNo
GoogleNotifierXGoogleNotifier.exeDetected by Dr.Web as Trojan.MulDrop3.10724No
GoogleUpdaterc4XGoogleo.exeDetected by Kaspersky as Trojan.Win32.VB.adcz and by Malwarebytes as Worm.Prolaco.M. The file is located in %System%No
svcXGoogleon.exeDetected by Symantec as W32.Ogleon.ANo
GoogleUpdater##XGoogleOverlay.exeDetected by Malwarebytes as Worm.Prolaco.M - where # represents a digit. The file is located in %System% - see an example hereNo
Google IME AutoupdaterUGooglePinyinDaemon.exeGoogle Pinyin Input Method Editor (IME) - allows a user to input Chinese characters by entering the pinyin of a Chinese character (with or without tone, depending on the system) and then presenting the user with a list of possible characters with that pronunciationNo
Google Pinyin 2 AutoupdaterUGooglePinyinDaemon.exeGoogle Pinyin Input Method Editor (IME) - allows a user to input Chinese characters by entering the pinyin of a Chinese character (with or without tone, depending on the system) and then presenting the user with a list of possible characters with that pronunciationNo
GoogleUpdaterv2Xgoogleplex.exeDetected by Kaspersky as P2P-Worm.Win32.Agent.yo and by Malwarebytes as Worm.Prolaco.M. The file is located in %System%No
GoogleQuickSearchBoxUGoogleQuickSearchBox.exePart of Google Toolbar (from version 6 onwards) for IE. The Quick Search Box sits between the "Start" button and Quick Launch toolbar and "lets you easily search both your computer and the Web from a slick-looking search box that comes up only when you need it"Yes
Google Quick Search BoxUGoogleQuickSearchBox.exePart of Google Toolbar (from version 6 onwards) for IE. The Quick Search Box sits between the "Start" button and Quick Launch toolbar and "lets you easily search both your computer and the Web from a slick-looking search box that comes up only when you need it"Yes
GoogleRuntimeUpdateXGoogleRuntimeUpdate.exeDetected by Malwarebytes as Trojan.BitcoinMiner. The file is located in %UserTemp%No
GoogleservicesXGoogleservices64up.exeDetected by Malwarebytes as Backdoor.Bot.Delf. The file is located in %LocalAppData%\GoogleNo
Google serviceXGooglesetup.exeDetected by Sophos as W32/IRCBot-RJNo
Google Smart UpdaterXGoogleSmartUpdater.exeDetected by Sophos as Troj/Agent-XIC and by Malwarebytes as Trojan.MSILNo
googletalkXGoogletalk.exeDetected by Symantec as Trojan.Gatak and by Malwarebytes as Trojan.Agent. Note - this is not the legitimate Google Talk (now replaced by Hangouts) process which is normally located in %ProgramFiles%\Google\Google Talk. This one is located in %AppData%\Google TalkNo
googletalkUgoogletalk.exeGoogle Talk (now replaced by Hangouts) "enables you to call or send instant messages to your friends for free-anytime, anywhere in the world"No
GoogleTalkPluginXGoogleTalkPlugin.exeDetected by Intel Security/McAfee as Generic Dropper and by Malwarebytes as Trojan.AgentNo
KeyboardXGoogleTask.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Trojan.Agent.DPTNo
GoogleXGoogletemp.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!vr and by Malwarebytes as Backdoor.Agent.DCENo
swgUGoogleToolbarNotifier.exePart of Google Toolbar (from version 4 onwards) for IE. "Google Toolbar Notifier allows you to set Google as your default search engine and prevents your search settings from being changed without your consent. An icon in your system tray blinks if the Notifier identifies an attempt to change your default search engine. You can click the icon to get more details and allow the change". There was a bug in earlier versions where disabling the option resulted in the entry still running at startup but this has now been resolvedYes
Barra de Busca do GoogleXGoogleToolbarNotifier.exeDetected by Dr.Web as Trojan.DownLoad3.22059 and by Malwarebytes as Trojan.Sasfis. Note - this is not the legitimate Google Toolbar file of the same name which is normally located in %ProgramFiles%\Google\GoogleToolbarNotifier. This one is located in %ProgramFiles%\Windows Media PlayerNo
GoogleToolbarNotifierUGoogleToolbarNotifier.exePart of Google Toolbar (from version 4 onwards) for IE. "Google Toolbar Notifier allows you to set Google as your default search engine and prevents your search settings from being changed without your consent. An icon in your system tray blinks if the Notifier identifies an attempt to change your default search engine. You can click the icon to get more details and allow the change". There was a bug in earlier versions where disabling the option resulted in the entry still running at startup but this has now been resolvedYes
Google Update ToolsXGoogleTools.exeDetected by Intel Security/McAfee as Generic Downloader.x!gh3No
Google Updating ToolsXGoogleTools.exeDetected by Dr.Web as Trojan.Click.64675 and by Malwarebytes as Trojan.AgentNo
Google ToolsXgoogletools.exeDetected by Kaspersky as Backdoor.Win32.Curioso.ame. The file is located in %AppData%\testNo
GoogleUXGoogleU.exeDetected by Malwarebytes as Trojan.Agent.GG. The file is located in %CommonAppData%\GoogleNo
[blank]XGoogleUp-date.wxeDetected by Symantec as Backdoor.Breut. Note - this entry loads from the Windows Startup folder via a "[blank].lnk" shortcut and the file is located in %Temp%No
GoogleUp.exeXGoogleUp.exeDetected by Dr.Web as Trojan.Siggen4.10027 and by Malwarebytes as Trojan.Fakegoogle. The file is located in %AppData%No
GoogleUp.exeXGoogleUp.exeDetected by Dr.Web as Trojan.DownLoader6.10673. The file is located in %Temp%No
GoogleXGoogleup.exeDetected by Dr.Web as Trojan.DownLoader6.10673No
Windows UpdateXGoogleUpdat.exeDetected by Malwarebytes as Trojan.LLAC. The file is located in %Windir%\GoogleNo
java updateXGoogleUpdat.exeDetected by Malwarebytes as Trojan.LLAC. The file is located in %Windir%\GoogleNo
microsoftXGoogleUpdat.exeDetected by Malwarebytes as Trojan.LLAC. The file is located in %Windir%\GoogleNo
GoogleUpdata.lnkXGoogleUpdata.lnkDetected by Intel Security/McAfee as Generic Dropper and by Malwarebytes as Trojan.Agent.GU. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Google UpdaterXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.AI. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\Google\ChromeNo
GooglelUpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.RNS. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\GoogleUpdaterNo
Proxifier Standard EditionXGoogleUpdate.exeDetected by Malwarebytes as Trojan.MSIL.Injector. The file is located in %UserTemp%No
WinsysMonXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%\MicrosoftNo
GoogleTaskXgoogleupdate.exeDetected by Dr.Web as Trojan.MulDrop4.3133. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %LocalAppData%\GoogleNo
BrowserMeXGoogleUpdate.exeDetected by Malwarebytes as Trojan.BrowserMe. The file is located in %AppData%\BrowserMeNo
GoogleUpdXGoogleUpdate.exeDetected by Trend Micro as BKDR_FYNLOS.A and by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%No
BrowserUpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.BrowserMe. The file is located in %AppData%\BrowserMeNo
NetWireXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.WNA. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\WinAppNo
GoogleUpdateXGoogleUpdate.exeDetected by Microsoft as Backdoor:Win32/Fynloski.A and by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%No
GoogleUpdateXGoogleUpdate.exeDetected by Dr.Web as Trojan.Packed.23322 and by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\ApproamNo
GoogleUpdateXGoogleUpdate.exeDetected by Symantec as Trojan.Fleercivet and by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\FrameworkUpdateNo
GoogleUpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\FrameworkUpdate7No
GoogleUpdateXGoogleUpdate.exeDetected by Sophos as Troj/Mdrop-GHJ and by Malwarebytes as Trojan.Agent.IGenNo
GoogleUpdateXgoogleupdate.exeDetected by Malwarebytes as Trojan.RemoteAccess. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\UpdateNo
GoogleUpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.IGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\UpdatesNo
GoogleUpdateXGoogleUpdate.exeDetected by Symantec as Backdoor.Banechant. Note - this entry loads from the Windows Startup folder and is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %CommonAppData%\Google2No
GoogleUpdateNGoogleUpdate.exeUpdate manager for the range of tools available from Google - such as the Chrome web browser and Picasa photo manager. Located in %LocalAppData%\Google\UpdateNo
GoogleUpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Root%\SetupNo
GoogleUpdateXGoogleUpdate.exeDetected by Intel Security/McAfee as Generic.bfr!ex and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Temp%No
GoogleUpdate.exeXGoogleUpdate.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!qs and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%No
googleupdate.exeXgoogleupdate.exeDetected by Dr.Web as Win32.HLLW.Autoruner2.12874 and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %System%\googleNo
GoogleUpdate.exeXGoogleUpdate.exeDetected by Dr.Web as Trojan.Siggen3.35698 and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %WinTemp%No
UpdateXGoogleupdate.exeDetected by Symantec as Backdoor.Boda and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%No
GoogleupdaterXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Temp%No
GoogleUpdater.exeXGoogleUpdate.exeDetected by Intel Security/McAfee as W32/Autorun.bfr!d and by Malwarebytes as Spyware.Passwords.XGen. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\GoogleToolbarNo
ChromeXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Temp%No
Chrome Automatic UpdaterXGoogleUpdate.exeDetected by Intel Security/McAfee as Generic.dx!bbt4. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %AppData%\Google\Update\TemporaryNo
Google InstallerNGoogleUpdate.exeUpdate manager for the range of tools available from Google - such as the Chrome web browser and Picasa photo manager. Located in %LocalAppData%\Google\UpdateNo
AcroreadXGoogleUpdate.exeDetected by Sophos as Troj/Agent-JGI and by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Temp%No
Google UpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent.DF. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in a sub-folder of %LocalAppData%\Google\Desktop\InstallNo
Google UpdateNGoogleUpdate.exeUpdate manager for the range of tools available from Google - such as the Chrome web browser and Picasa photo manager. Located in %LocalAppData%\Google\UpdateNo
Google UpdateXGoogleUpdate.exeDetected by Kaspersky as Trojan.Win32.Buzus.dbfm. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %System%No
Google UpdateXGoogleUpdate.exeDetected by Malwarebytes as Trojan.Agent. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %Templates%No
GOOGLE UPDATEXgoogleupdate.exeDetected by Malwarebytes as Trojan.Zbot.EC. Note - this is not the valid Google program which is normally located in %LocalAppData%\Google\Update. This one is located in %UserProfile%No
ShellXGoogleUpdate.exe,explorer.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!b2d and by Malwarebytes as Backdoor.Agent.E. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "GoogleUpdate.exe" (which is located in %AppData%\WinApp)No
GoogleUpdateXGoogleUpdate.exe.lnkDetected by Intel Security/McAfee as RDN/Generic Dropper!uz and by Malwarebytes as Trojan.Agent.IGenNo
JavaUpdateXGoogleUpdate.lnkDetected by Trend Micro as WORM_IPPEDO.B and by Malwarebytes as Worm.Rowmanti.E. The file is located in %Root%\GoogleNo
JavaUpdateXGoogleUpdate.lnkDetected by Dr.Web as Win32.HLLW.Autoruner2.18430 and by Malwarebytes as Worm.Rowmanti.E. The file is located in %Root%\GoogleChromeNo
GoogleUpdate.lnkXGoogleUpdate.lnkDetected by Dr.Web as Win32.HLLW.Autoruner2.18430. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
AdopeUpdateXGoogleUpdate.lnkDetected by Trend Micro as WORM_IPPEDO.B and by Malwarebytes as Worm.Rowmanti.E. The file is located in %Root%\GoogleNo
AdopeUpdateXGoogleUpdate.lnkDetected by Dr.Web as Win32.HLLW.Autoruner2.18430 and by Malwarebytes as Worm.Rowmanti.E. The file is located in %Root%\GoogleChromeNo
GoogleUpdatee.exeXGoogleUpdatee.exeDetected by Dr.Web as Trojan.MulDrop5.47783 and by Malwarebytes as Trojan.Agent.GUNo
GoogleUpdater by GoogleCorp.XGoogleUpdater by GoogleCorp..exeDetected by Malwarebytes as Backdoor.Agent. The file is located in %AppData%\Microsoft\System\Services - see hereNo
Google UpdaterNGoogleUpdater.exeDownloads and installs updates for Google applications (Google Earth, Picasa, etc.). The file is located in %ProgramFiles%\Google\Google UpdaterNo
UpdaterXGoogleUpdater.exeDetected by Malwarebytes as Trojan.FakeGoogle. Note - this is not the updater for the popular Google tools which has the same filename and is normally located in %ProgramFiles%\Google\Google Updater. This one is located in %AppData%No
Office MonitorsXGoogleUpdater.exeDetected by Sophos as W32~Rbot-GKZ and by Malwarebytes as Trojan.Agent. Note - this is not the updater for the popular Google tools which has the same filename and is normally located in %ProgramFiles%\Google\Google Updater. This one is located in %System%No
Offices MonitorsXGoogleUpdater.exeDetected by Sophos as W32/Rbot-GKO. Note - this is not the updater for the popular Google tools which has the same filename and is normally located in %ProgramFiles%\Google\Google Updater. This one is located in %System%No
Offices MonitorseXGoogleUpdater.exeDetected by Sophos as W32/Rbot-GKO. Note - this is not the updater for the popular Google tools which has the same filename and is normally located in %ProgramFiles%\Google\Google Updater. This one is located in %System%No
GoogleUpdaterXGoogleUpdaterc.exeDetected by Intel Security/McAfee as RDN/Generic PWS.bfr!e and by Malwarebytes as Backdoor.Agent.DCENo
GoogleUpdateXgoogleupdaterr.exeDetected by Symantec as Infostealer.Dyre and by Malwarebytes as Trojan.Agent.IGenNo
GoogleTaskXgoogleupdates.exeDetected by Dr.Web as Trojan.Inject1.27492 and by Malwarebytes as Backdoor.Agent.GLNo
googleupdatesXgoogleupdates.exeDetected by Intel Security/McAfee as Generic PWS.y and by Malwarebytes as Backdoor.Agent.GGenNo
GoogleUpdatesXGoogleUpdates.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y and by Malwarebytes as Backdoor.Agent.DCENo
googleupdates.exeXgoogleupdates.exeDetected by Kaspersky as Worm.Win32.Bybz.dkpNo
NVIDIA StereoscopicXgoogleupdates_install.exeDetected by Dr.Web as Trojan.Inject1.29402 and by Malwarebytes as Backdoor.Agent.GLNo
GoogleUpdateTaskXGoogleUpdateTask.exeDetected by Intel Security/McAfee as RDN/Ransom and by Malwarebytes as Trojan.AgentNo
GoogleUpdaterv3Xgoogleupdtr.exeDetected by Kaspersky as Trojan.Win32.VBKrypt.fp. The file is located in %System%No
GoogleUploadXGoogleUpload.exeDetected by Malwarebytes as Trojan.Delf. The file is located in %Windir%No
Google Updater 5XGoogleuy.exeDetected by Microsoft as Worm:Win32/Prolaco.gen!E and by Malwarebytes as Worm.Prolaco.MNo
Run Google Web AcceleratorUGoogleWebAccWarden.exeGoogle Web AcceleratorNo
Google ChromeXGoogle_Chrome.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%\Google ChromeNo
Google_Patch.exeXGoogle_Patch.exeDetected by Dr.Web as Trojan.DownLoader6.3060 and by Malwarebytes as Trojan.AgentNo
GoogleHelperXGoogle_updata.exeDetected by Malwarebytes as Trojan.Agent.E. The file is located in %Root%\tmpNo
Google_UpdateXGoogle_Update.exeDetected by Intel Security/McAfee as Generic BackDoor!fgw. Note - this is not a valid Google process and it is located in %Templates%No
Google UpdateXGoogle_Update.exeDetected by Intel Security/McAfee as Generic BackDoor!fgw. Note - this is not a valid Google process and it is located in %Templates%No
GoogleZxXgoogle_zx.exeDetected by Malwarebytes as Backdoor.Messa. The file is located in %AppData%\GoogleZxNo
Google UpdaterNGOOGLE~1.EXEDownloads and installs updates for Google applications (Google Earth, Picasa, etc.)No
Google EnterpriseV6XGooglghk.exeDetected by Intel Security/McAfee as IRC/Flood.ff and by Malwarebytes as Worm.ProlacoNo
Google EnterpriseV2XGooglxe.exeDetected by Intel Security/McAfee as W32/Kolab and by Malwarebytes as Worm.ProlacoNo
Google ToolsXgoolge.exeDetected by Microsoft as Worm:Win32/Cambot.ANo
Gooogle_Videoos50.exeXGooogle_Videoos50.exeDetected by Dr.Web as Trojan.DownLoader10.57587 and by Malwarebytes as Trojan.Agent.GL. Note - the file is located in %UserStartup% and its presence here ensures it runs when Windows startsNo
IEXPLORE.EXEXgoot.exeDetected by Sophos as Troj/Bifrose-CNo
GoPro ImporterNGoPro Importer.exeAutomatic import feature of GoPro Studio for the GoPro Hero range of camerasNo
GorillaPriceUGorillaPrice.exeDetected by Malwarebytes as PUP.Optional.GorillaPrice. The file is located in %ProgramFiles%\GorillaPrice. If bundled with another installer or not installed by choice then remove itNo
GOSTOSAS_VIDEOS.exeXGOSTOSAS_VIDEOS.exeDetected by Dr.Web as Trojan.Click3.10095 and by Malwarebytes as Trojan.Agent.VDGen. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
HOT FIXXGothic.exeDetected by Trend Micro as WORM_SDBOT.FIR. The file is located in %System%No
WINDOWS SYSTEMXgothica.exeDetected by Trend Micro as WORM_MYTOB.HU and by Malwarebytes as Backdoor.AgentNo
CommandXGotit.exeDetected by Symantec as W32.Titog.WormNo
gotnewupdate###.exeXgotnewupdate###.exeDetected by Malwarebytes as Rogue.AntiMalwareDoctor - where # represents a digit. The file is located in %AppData%\[32 hex characters] - see an example hereNo
GoTrustedUGoTrusted Secure Tunnel.exe"GoTrusted is the fast, easy way to secure your PC's Internet data and protect your privacy"No
GotSmileyXGotSmiley.exeGotSmiley - E-mail utility. Contains GAIN adware by Claria CorporationNo
Go!ZillaXgozilla.exeDownload manager for resuming downloads and choosing multiple download locations. Advertising spywareNo
UdhmoeahXgpapi3.exeDetected by Malwarebytes as Adware.SanctionedMedia. The file is located in %System%No
gpbsvXgpbsv.exeDetected by Malwarebytes as Backdoor.Bot. The file is located in %Windir%No
autoupdateXgpedit.exeDetected by Malwarebytes as Trojan.Agent.AU. The file is located in %Temp%No
Windows Printing DriverXgpedits.exeDetected by Total Defense as Win32/DCKeyg.A. The file is located in %System%No
SUPPORT GFXXGpers.exeDetected by Intel Security/McAfee as Generic BackDoor!fqp and by Malwarebytes as Backdoor.Agent.DCNo
wacultXgpesndr.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%No
GPgYYyxvXSYePL.exeXGPgYYyxvXSYePL.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
Yahoo MessenggerXgphone.exeDetected by Sophos as Troj/Tiotua-W and by Malwarebytes as Backdoor.BotNo
gplyraUgplyra.exeDetected by Malwarebytes as PUP.Optional.BitCoinMiner. The file is located in %AppData%\gplyra\gplyra. If bundled with another installer or not installed by choice then remove itNo
MyMapsWizard EPM SupportUgpmedint.exeMyMapsWizard toolbar - powered by the MyWebSearch or Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\MyMapsWizard_gp\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove it, removal instructions hereYes
TaskmanXgpp3g.exeDetected by Intel Security/McAfee as Generic Dropper!dns and by Malwarebytes as Worm.Palevo. Note - this entry adds a HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Taskman" entry which loads the file "gpp3g.exe" (which is located in %Recycled%\{SID})No
ShellXgpp3g.exeDetected by Intel Security/McAfee as Generic Dropper!dns and by Malwarebytes as Worm.Palevo. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "gpp3g.exe" (which is located in %Recycled%\{SID})No
Tpp3Xgpp3g.exeDetected by Intel Security/McAfee as Generic Dropper!dns and by Malwarebytes as Worm.AutoRun.BNo
gpresultXgpresult.exeDetected by Malwarebytes as Trojan.Agent.GPGen. The file is located in %AppData%No
Windows Host ProcessorXgpresultl.exeDetected by Dr.Web as Trojan.DownLoader6.1998 and by Malwarebytes as Trojan.AgentNo
gpresultlXgpresultl.exeDetected by Dr.Web as Trojan.DownLoader6.1998 and by Malwarebytes as Trojan.AgentNo
gpudriver.exeXgpudriver.exeDetected by Malwarebytes as Trojan.BitCoinMiner.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Windows DriversXGPUdrivers.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor!wl and by Malwarebytes as Backdoor.Agent.ENo
GPUpdate © Microsoft CorporationXgpupdate.exeDetected by Intel Security/McAfee as RDN/Generic PUP.x and by Malwarebytes as Trojan.AgentNo
GP UpdaterXgpupdater.exeAdded by a variant of the IRCBOT BACKDOOR! See hereNo
safepauseXgpupdatewts.exeDetected by Malwarebytes as Trojan.Banker.SPGen. The file is located in %LocalAppData%No
MaxsizedXgqasqs.exeDetected by Total Defense as Win32.Lioten.IR. The file is located in %System%No
gqgqqgerXgqgeqegl.exeAdded by the SDBOT-CLJ WORM!No
Windows LoL LayerXgqwdcr.exeDetected by Sophos as W32/Agobot-AHS and by Malwarebytes as Backdoor.BotNo
GRANGRA.EXEGateway System Resource Monitor utility - looks at system resources at startup and warns you if they have dropped. Contains links to the Disk Clean Up, Defrag and Start Up Menu. It does have a link to a startup configuration utility. Similar to MSConfig but can keep a list of disabled apps. Only appears if you load the Gateway Startup UtilityNo
GrabassXgrab.exeDetected by Dr.Web as Trojan.Click3.4962 and by Malwarebytes as Trojan.ClickerNo
GCSNGrabClipSave.exe"GrabClipSave is a simple screen capture tool that will automatically save the screenshot to a specified directory, either in Windows .bmp, .png or in .jpg format"No
graka.exeXgraka.exeDetected by Malwarebytes as Spyware.Password. The file is located in %AppData%\windowsupdateNo
Adobe Reader UpdateXGraphicsAccelerator.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %Temp%No
3D AcceleratorXGraphicsAcelerator3D.exeDetected by Intel Security/McAfee as Generic.dx!twlNo
GraphicsDriverXGraphicsDriver.exeDetected by Malwarebytes as Trojan.Agent.E. Note - this entry loads from the Windows Startup folder and the file is located in %CommonAppData%\GraphicsDriver, see hereNo
GraphicsXGraphicsHDDriver.exeDetected by Dr.Web as Trojan.DownLoader10.58354 and by Malwarebytes as Backdoor.Agent.ENo
GraphicsIntel.exeXGraphicsIntel.exeDetected by Intel Security/McAfee as PWS-Banker!h2w and by Malwarebytes as Backdoor.AgentNo
DarkDevil.Grasiele.BRXGrasiele.VBSDetected by Symantec as VBS.Lembra@mmNo
GRC V2 HyperappelUGRCHA.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the "Le Grand Robert & Collins" French/English dictionary from Le Robert. See here for more informationNo
GrdingeXGrdinge.exeDetected by Intel Security/McAfee as RDN/Generic Dropper!vj and by Malwarebytes as Backdoor.IRCBot.ENo
GrdSys32?GrdSys32.exeX-Stream ISP software - later acquired by LibertySurf. Offers free Net access funded by on-screen ads. Is it required or can you create your own dial-up networking connection to use on demand?No
GreasyPalmUpdateXGreasyPalmUpdate.exeSearchFast adwareNo
GreatDefenderXGreatDefender.exeGreatDefender rogue security software - not recommended, removal instructions here. A member of the AntiAID familyNo
GreatDefender.exeXGreatDefender.exeGreatDefender rogue security software - not recommended, removal instructions here. A member of the AntiAID familyNo
GreatDocs.exeXGreatDocs.exeDetected by Intel Security/McAfee as Generic.dx and by Malwarebytes as Backdoor.Agent.MSC. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
ShellXgred.exe,explorer.exeDetected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "gred.exe" (which is located in %AppData%\gred)No
HELPERXgreece_nm.exeAsdPlug premium rate adult content dialer variantNo
Verbatim GREEN BUTTONUGREEN BUTTON.exeGREEN BUTTON utility for the Verbatim Store 'n' Go range of portable hard drives - which "reduces energy consumption and extends the drive's life expectancy by automatically placing the Verbatim Store 'n' Go into sleep mode after a programmed period of time or by the user manually clicking on the GREEN BUTTON on the desktop"No
AliUSBfix?GREENMK.exeMay be related to a USB 2.0 PCI card - the IOgear GIC220OU?No
greenopenXgreenopenuper.exeDetected by Dr.Web as Trojan.DownLoader4.21714 and by Malwarebytes as Adware.GreenOpen. The file is located in %ProgramFiles%\intothemap CPNo
GreenshotNGreenshot.exeGreenshot light-weight screenshot capture utilityNo
Screen_SaverXGreen_Flower.scrDetected by Dr.Web as Trojan.MulDrop3.48888No
55278Xgrepclient1.exeDetected by Sophos as Troj/Lineage-SNo
grfm.exeXgrfm.exeDetected by Malwarebytes as Backdoor.Agent.DCE. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows starts - see hereNo
GrfsfyXGrfsfy.exeDetected by Sophos as Mal/DorkBot-ANo
GridspotUGridspot.exe"Gridspot combines the resources of idle computers all over the world and makes them available to companies and researchers working on big problems"No
grindersXgrinders.exeAdded by a variant of the Storm/Nuwar/Zhelatin WORM! See here for an exampleNo
GroksterNGrokster.exeGrokster peer-to-peer (P2P) file-sharing client - now defunctNo
Groove Virtual OfficeYGroove.exe"Groove Virtual Office uses a peer-to-peer networking model to connect users in Groove Workspaces. In these workspaces geographically dispersed coworkers can do almost everything they could do in the same office. They can hold online meetings, store files and folders, save threaded discussions, scribble on whiteboards, share calendars, and track project information and timelines." Formerly by Groove Networks - now owned by Microsoft and part of MS OfficeNo
Microsoft Office GrooveUGROOVE.EXESystem Tray access to, and alerts for MS Office Groove - a stand-alone product or included with the Enterprise/Ultimate versions of MS Office 2007. "A collaboration software program that helps teams work together dynamically and effectively, even if team members work for different organizations, work remotely, or work offline". Users can create workspaces and invite other Groove users to share the workspace and when a document is edited within the workspace the changes made become available to all other users in the workspace when they come online - synchronized using LAN, WAN and the InternetYes
GrooveMonitorUGrooveMonitor.exePart of MS Office Groove - a stand-alone product or included with the Enterprise/Ultimate versions of MS Office 2007. "A collaboration software program that helps teams work together dynamically and effectively, even if team members work for different organizations, work remotely, or work offline". GrooveMonitor is responsible for synchronizing the Groove workspaces between the users PC and those of other workspace participants. If you don't use Groove to collaborate with co-workers you can safely disable this entryYes
GrooveMonitor UtilityUGrooveMonitor.exePart of MS Office Groove - a stand-alone product or included with the Enterprise/Ultimate versions of MS Office 2007. "A collaboration software program that helps teams work together dynamically and effectively, even if team members work for different organizations, work remotely, or work offline". GrooveMonitor is responsible for synchronizing the Groove workspaces between the users PC and those of other workspace participants. If you don't use Groove to collaborate with co-workers you can safely disable this entryYes
GroupsPolicyXGroupsPolicy.exeDetected by Malwarebytes as Trojan.Injector. The file is located in %AppData% - see hereNo
GrpConvNgrpconv.exeMicrosoft Windows Program Group Converter - used by installers in the RunOnce keys. Provides the translation of groups and group items to folders and links. Also see this MS Knowledge Base articleNo
Virtual CD v6Xgrplscd.exeDetected by Sophos as W32/Rbot-AXV and by Malwarebytes as Backdoor.BotNo
System UpdateXgrtbdwmc.exeDetected by Intel Security/McAfee as W32/Pate.b and by Malwarebytes as Backdoor.BotNo
grwinHyperUgrwinHyper.exeAllows you to select a word or phrase within a document, application, web-page, etc and search for it within the "Le Grand Robert" French dictionary from Le Robert. See here for more informationNo
Gravis Xperience Driver SupportUGrxp4exe.exeDriver for Gravis game controllers such as the Eliminator Aftershock. Must be loaded if you run the supplied application software for the controller to be recognized. Start it manually via a shortcut if not usedNo
WIN USB SUPPORTXgrxsrv.exeAdded by a variant of Backdoor:Win32/RbotNo
Gs2317phpQfXGs2317phpQf.exeDetected by Intel Security/McAfee as RDN/Generic.bfr!ez and by Malwarebytes as Backdoor.Agent.DCENo
LoadAgent?Gscbc.exe??No
W1LDPAD3ATQEM6YS768QCOCXEXgsd.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.DCENo
DOGStartXGSDOGST.EXEAdded by an unidentified VIRUS, WORM or TROJAN! A possibility is a trojan known as PENISNo
gserverXgserver.exeDetected by Dr.Web as BackDoor.IRC.NgrBot.189 and by Malwarebytes as Trojan.AgentNo
Realtek Sound ManagersXgsfttmhq.exeDetected by Intel Security/McAfee as W32/Sdbot.worm.gen.ca and by Malwarebytes as Backdoor.IRCBotNo
zzgshpXgshp.vbsHomepage hi-jacker that re-defines your IE or Netscape start pageNo
GSICONEXENGsicon.exeADSL modem monitor from Eicon Networks (now Dialogic). Can safely be disabled without affecting the connection - all this does is give an indication of connectivity and access to the diagnostic facilitiesNo
GSISETUP?GsiInst.exeRelated to a BT Voyager ADSL modem. What does it do and is it required?No
GMedia2XGSM2.exeMalware downloader - detected by Kaspersky as the VB.UX TROJAN!No
GMedia2XGSMedia3.exeMalware downloader - detected by Kaspersky as the VB.UX TROJAN!No
G3XGSMedia3.exeMalware downloader - detected by Kaspersky as the VB.UX TROJAN!No
VideoDriverXgspotbot.exeDetected by Symantec as Backdoor.Spigot.C and by Malwarebytes as Trojan.Agent.DFNo
GhostSecuritySuiteUgss.exeGhost Security Suite - "protect the registry from unauthorized reading and modification and other tools." No longer available or supportedNo
gssomaticXgssomatic.exeSearchcentrix hijackerNo
gStartYgStart.exeGarmin Training Center® software for their sports GPS devices. "Track and analyze your fitness activities with Garmin Training Center. Use it to review activity history as well as create workouts and send them to your Garmin fitness device"No
Genie TimeLine TrayUGSTimeLineAgent.exeSystem Tray access to the Genie Timeline backup utility from Genie9 CorporationNo
RIWHPPXgStQcq.exeDetected by Intel Security/McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.DCENo
NESDLLXgStQcq.exeDetected by Intel Security/McAfee as RDN/Generic.bfr and by Malwarebytes as Backdoor.Agent.ENo
gsvXgsv.exeAdded by the ROBAL 1.0 backdoor TROJAN!No
gsyima.exeXgsyima.exeDetected by Microsoft as PWS:Win32/Gastig.A and by Malwarebytes as Trojan.PasswordStealer.MCRNo
gSyncitUgsyncit.exegSyncit by Fieldston Software - "is a Microsoft Outlook add-in that allows for the synchronization of Outlook calendars, contacts, notes, and tasks with your Google account. In addition, gSyncit also supports synchronization between Outlook and Toodledo, Pocket Informant Online, Evernote, Dropbox, Simplenote and Nozbe"No
GazelDisplayUgsyno.exeRelated to BT Digital Access USB - Gazel ISDN installation System Tray iconNo
GotSmileyXGSYUpdater.exeGotSmiley - E-mail utility. Contains GAIN adware by Claria CorporationNo
TaskmanXgsyzq.exeDetected by Sophos as W32/Palevo-BG and by Malwarebytes as Worm.Palevo. Note - this entry adds a HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Taskman" entry which loads the file "gsyzq.exe" (which is located in %MyDocuments%)No
GT###.exeXGT###.exeDetected by Malwarebytes as Trojan.MSIL - where # represents a digit. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
GTXGT.EXEDetected by Sophos as W32/Sdbot-AJNo
Microsoft Windows WKS ServiceXgt.exeDetected by Trend Micro as BKDR_SDBOT.IRNo
rdclipXGT613U1T.cplDetected by Malwarebytes as Trojan.Agent.CPL. The file is located in %Windir%\SoftwareDistribution\DataStoreNo
GTA5recoveryToolsXGTA5recoveryTools.exeDetected by Malwarebytes as Trojan.Injector.AI. The file is located in %AppData%No
ECenterUgtb.exeDell E-Center/Google Toolbar relatedNo
GamingWonderland Browser Plugin LoaderUgtbrmon.exeGamingWonderland toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\GamingWonderland\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
GamingWonderland Browser Plugin Loader 64Ugtbrmon64.exeGamingWonderland toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\GamingWonderland\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
GtiXGti.exeDetected by Malwarebytes as Spyware.Password. The file is located in %AppData%No
GameTrackerNGTLite.exeGameTracker - "Keep track of and launch all your games from one application with the Game Tracker Client. Instantly announce on your profile and to your friends what game and on which server you are playing!"No
GamingWonderland EPM SupportUgtmedint.exeGamingWonderland toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\GamingWonderland\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
(Default)XGTOP###.exeDetected by Malwarebytes as Trojan.Agent - where # represents a digit. Note - this malware actually changes the value data of the "(Default)" key in HKCU\Run in order to force Windows to launch it at boot. The name field in MSConfig may be blank and the file is located in %AppData%No
GTOP###.exeXGTOP###.exeDetected by Malwarebytes as Trojan.MSIL - where # represents a digit. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
GreedyTorrentNGTor.exeGreedyTorrent by Alex N J - "is a freeware software program that can boost your BitTorrent upload ratio." As BitTorrent is a peer-to-peer (P2P) file-sharing client used to distribute large amounts of data between multiple users make sure you have good, up-to-date virus protection and check any downloadsNo
GamingWonderland Search Scope MonitorUgtsrchmn.exeGamingWonderland toolbar - powered by the Ask Partner Network toolbars by IAC Applications (was Mindspark). Detected by Malwarebytes as PUP.Optional.MindSpark. The file is located in %ProgramFiles%\GamingWonderland\bar\*.bin - where * represents a number or letter. If bundled with another installer or not installed by choice then remove itNo
PFTEMMXgTtQdr.exeDetected by Intel Security/McAfee as RDN/Ransom!dr and by Malwarebytes as Backdoor.Agent.WNLNo
GTVEpgUGTVEpg.exePart of Got All Media - control your TV tuner and other utilities from your PCNo
GTVRecUGTVRec.exePart of Got All Media - control your TV tuner and other utilities from your PCNo
GtwatchNgtwatch.exeAssociated with a Mustec scanner and not requiredNo
GU55bookXgu55book.exeDetected by Malwarebytes as Trojan.Inject. The file is located in %AppData%\GUBOOKNo
guapuobegnugXguapuobegnug.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!b2r and by Malwarebytes as Trojan.Agent.USNo
GuarXGuar.exeDetected by Intel Security/McAfee as RDN/Downloader.a!nb and by Malwarebytes as Trojan.Agent.GRNo
GuardSoftwareXguard-dxla.exeWindows Efficiency Console rogue security software - not recommended, removal instructions hereNo
ShellXguard-gemt.exeWindows Accelerator Pro rogue security software - not recommended, removal instructions here. Note - this rogue adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "guard-gemt.exe" which is located in %AppData%No
GuardSoftwareXguard-iruo.exeWindows Warding Module rogue security software - not recommended, removal instructions hereNo
GuardSoftwareXguard-oyml.exeDetected by Malwarebytes as Rogue.WindowsCleanTK. The file is located in %AppData%No
GuardUGuard.exeDetected by Malwarebytes as PUP.Optional.Guard. The file is located in %LocalAppData%\Guard. If bundled with another installer or not installed by choice then remove itNo
GuardUGuard.exeRelated to Phoenix Technologies Core Managed Environment (cME) Integration and Certification programNo
MicrosoftXguard.exeDetected by Malwarebytes as Trojan.Agent.MSGen. The file is located in %System%No
GuardCenterXGuardCenter.exeGuardCenter rogue security software - not recommendedNo
GuardSupportXGuardConvert.exeDetected by Malwarebytes as Adware.KorAd. The file is located in %AppData%\GuardSupportNo
GuardGui ApplicationYGuardGui.exeSystem Tray access to the main user interface for Ashampoo® AntiVirusYes
Ashampoo AntiVirus ServiceYGuardGui.exeSystem Tray access to the main user interface for Ashampoo® AntiVirusYes
backupXguardian2013.exeDetected by Malwarebytes as Trojan.Banker. The file is located in %LocalAppData%No
Guard.Mail.ru.guiYGuardMailRu.exeAssociated with Mail.Ru - "the largest free e-mail service of the Runet". Guard Mail.Ru - is "a multifunctional safety management programs to protect your PC from unwanted user actions"No
kernel32dllXguardpc.exeDetected by Sophos as W32/Forbot-CU and by Malwarebytes as Trojan.AgentNo
GuardPcs.exeXGuardPcs.exeGuardPcs rogue security software - not recommended, removal instructions here. Detected by Malwarebytes as Rogue.GuardPcs. A member of the AntiAID familyNo
GuardWWWXGuardWWW.exeGuardWWW rogue security software - not recommended, removal instructions here. A member of the AntiAID familyNo
guarnsetXguarnset.exeAdlogix adwareNo
GuArPyuXGuArPyu.exeDetected by Sophos as Troj/Banker-FZU and by Malwarebytes as Trojan.BankerNo
guataportemgXguataportemg.exeDetected by Intel Security/McAfee as RDN/Generic PWS.y!b2q and by Malwarebytes as Trojan.Agent.USNo
gubqiqnyxlafXgubqiqnyxlaf.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile%No
gudacxazteahXgudacxazteah.exeDetected by Intel Security/McAfee as Downloader.a!dcl and by Malwarebytes as Trojan.Agent.USNo
wsdpa64Xgudio32.exeDetected by Dr.Web as Trojan.MulDrop4.26419 and by Malwarebytes as Trojan.AgentNo
guefaeXguefae.exeDetected by Malwarebytes as Worm.AutoRun. The file is located in %UserProfile%No
guegaeXguegae.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %UserProfile%No
gufxadycvyptXgufxadycvypt.exeDetected by Intel Security/McAfee as BackDoor-FAFP!B25E94A7C875 and by Malwarebytes as Trojan.Agent.USNo
guiXgui.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %AppData%No
EasyTuneVUGUI.exeEasyTune 5 for Gigabyte motherboards. A "simple and easy-to-use interface that allows users to fine-tune their system settings or do overclock/overvoltage in Windows environment"No
GuideOnXGuideOn.exeDetected by Microsoft as Adware:Win32/PinGuide and by Malwarebytes as Adware.GuideOnNo
GraphicsXguifx.exeDetected by Malwarebytes as Trojan.Agent.TRYO. The file is located in %CommonAppData%\GraphicsNo
GraphicsXguifx.exeDetected by Symantec as Backdoor.Rifelku and by Malwarebytes as Trojan.Agent.TRYO. The file is located in %CommonFiles%\GraphicsNo
gulxullixhofXgulxullixhof.exeDetected by Intel Security/McAfee as RDN/Generic.tfr!eb and by Malwarebytes as Trojan.Agent.USNo
gummyXgummy.exeDetected by Sophos as W32/Vanebot-AQNo
gtalkupdateXgupd.exeDetected by Microsoft as Worm:Win32/Enosch.ANo
gupdateXgupdate.exeDetected by Microsoft as TrojanProxy:BAT/Dafterdod.A and by Malwarebytes as Backdoor.Agent.XN. The file is located in %ProgramFiles%\Company\gupdateNo
gupdateUgupdate.exeDetected by Malwarebytes as PUP.Optional.FakeChrome. The file is located in %ProgramFiles%\xtex\gupdate. If bundled with another installer or not installed by choice then remove itNo
Google UpdateXgupdate.exeDetected by Malwarebytes as Trojan.Agent. The file is located in %LocalAppData%\Google\Update - see examples here and hereNo
Google Update ServiceXgupdate.exeDetected by Intel Security/McAfee as Generic BackDoor and by Malwarebytes as Backdoor.Agent.GUNo
updateXgupdater.exeDetected by Malwarebytes as Trojan.Agent.ED. The file is located in %AppData%\Microsoft\Windows - see hereNo
GURLXgurl.exeGURLWatcher spywareNo
WinTOTAL SchedulerNguru.exeWinTOTAL Real estate appraisal software relatedNo
GuruNetUGuruNet.exeGuruNet (now replaced by Answers.com) was a utility that let you click on any word on your screen to get the relevant information you wantNo
keyloggerXgusanito.exeDetected by Intel Security/McAfee as AFXrootkit.gen and by Malwarebytes as Trojan.PasswordStealerNo
4-gusdurXgusdur.exeAdded by the BRONTOK-CR WORM!No
GuUnacEXGuUnacE.exeDetected by Dr.Web as Trojan.Bankfraud.1131 and by Malwarebytes as Trojan.BankerNo
guvufapegnykXguvufapegnyk.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
guyik45hbhXguyik45hbh.exeDetected by Kaspersky as Virus.Win32.Virut.ce and by Malwarebytes as Trojan.Agent. The file is located in %System%No
guyik45hbhxXguyik45hbhx.exeDetected by Kaspersky as Trojan.Win32.Scar.dheq and by Malwarebytes as Trojan.Agent. The file is located in %System%No
guzsicfylnahXguzsicfylnah.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %AppData%\hzvfmstrmyhymt - see hereNo
gvaccinestart.exeXgvaccinestart.exeDetected by Malwarebytes as Rogue.K.Vaccine. The file is located in %ProgramFiles%\gvaccineNo
GVb72t6bIXtKRzH.exeXGVb72t6bIXtKRzH.exeDetected by Malwarebytes as Trojan.Agent. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
GvCXGVC.exeAdded by the RBOT.CB WORM!No
MicrosoftXgvt.exeDetected by Intel Security/McAfee as RDN/Generic.hra and by Malwarebytes as Trojan.Agent.MSGen. The file is located in %UserStartup%No
gvt.exeXgvt.exeDetected by Intel Security/McAfee as RDN/Generic.hra and by Malwarebytes as Trojan.Banker. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
Gateway Extended WarrantyNGWCares.exeGateway Extended Warranty reminderNo
Microsoft Driver SetupXgwdrive32.exeDetected by Sophos as Troj/VB-FBT and by Malwarebytes as Worm.PalevoNo
Multi-function keyboardUGWHotkey.exeSoftware that sets up the Gateway AnyKey keyboard shortcuts (a series of buttons that allow one-click access to e-mail, browser, volume and CD/DVD controls, etc)No
GWInkMonitorNGWInkMonitor.exeInk level monitor for Gateway branded printersNo
Gateway Ink MonitorNGWInkMonitor.exeInk level monitor for Gateway branded printersNo
GWMDMMSGNGWMDMMSG.exeUsed with internal modems on Gateway and vprMatrix PCs. This is the "GTW modem messaging applet" and is not required for the modem to work correctlyNo
GWMDMpiUGWMDMpi.exePatch for internal modems on Gateway 450 and 500 series laptops. Required for audio settings to be maintained and does not remain in memory once runNo
SourcePathNgwreg.exeUsed to update Gateway registry settings for System Restoration Kit and Web update programsNo
Greetings Workshop RemindersNGWREMIND.EXEYou really want to be reminded about somebody's birthday at the expense of resources?No
oxbvpenXgwthtis.exeDetected by Sophos as W32/SillyFDC-AHNo
GWUMUgwum.exeGigabyte utility manager. Loads if you have a Gigabyte motherboard and got a full bundle of utilities installed. Monitors CPU, fans, BIOS etc. Only used by system "tweakers"No
fGQEGqHOMEXgwwgtp.exeAdded by the RANKY.J TROJAN!No
GWX updateXGWXX.exeDetected by Malwarebytes as Backdoor.Agent.E. The file is located in %AppData%No
vmcleanerXgxlib.exeDetected by Sophos as Troj/Small-HSNo
Codded By h1dd3nXgxserv23.exeDetected by Intel Security/McAfee as RDN/Generic BackDoor and by Malwarebytes as Backdoor.VanBotNo
SnaSystemXGY68r78.exeDetected by Dr.Web as Trojan.DownLoader8.31722 and by Malwarebytes as Backdoor.Agent.SVRNo
gycnakajahyzXgycnakajahyz.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile%No
gydufbeawungzapXgydufbeawung.exeDetected by Sophos as Troj/DwnLdr-KMO and by Malwarebytes as Trojan.Agent.USNo
gydwixicuzcaXgydwixicuzca.exeDetected by Intel Security/McAfee as RDN/Downloader.a!pi and by Malwarebytes as Trojan.Agent.USNo
gymnasium.exeXgymnasium.exeDetected by Malwarebytes as Trojan.Agent.AI. The file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
gyplanileahoXgyplanileaho.exeDetected by Malwarebytes as Trojan.Agent.US. The file is located in %UserProfile% - see hereNo
RDBXGywua.exeDetected by Malwarebytes as Trojan.Agent.DF. The file is located in %ProgramFiles%\OjuoNo
G-ZapperUGZapper [version].EXEG-Zapper is a powerful software utility to block Google cookies, clean Google cookies, and help you stay anonymous while searching online. Using two powerful protection methods, G-Zapper automatically detects and cleans the Google cookie each time you use your web browser"No
hid_startXgzmrotate.dllAdRotator/IconAds adwareNo
G_Server.exeXG_Server.exeDetected by Sophos as Troj/Feutel-C and by Malwarebytes as Trojan.BackdoorNo
G_Server1.2.exeXG_Server1.2.exeDetected by Sophos as Troj/GrayBird-ZNo
G_Serverla.exeXG_Serverla.exeDetected by Dr.Web as Trojan.DownLoader9.19196 and by Malwarebytes as Trojan.Agent.GSNo

Notes & Warnings

If you can help identify new entries and verify/identify those entries with a "?" status (especially hardware specific - such as laptops and motherboards) then please E-mail us (startups_at_pacs-portal_dot_co_dot_uk).

"Status" key:

Variables:

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. We will not be held responsible if changes you make cause a system failure.

WARNING: This is NOT a list of tasks/processes taken from the Task Manager (CTRL+SHIFT+ESC) "Processes" tab. This displays some startup programs AND other background tasks and "Services". These pages are concerned with startup programs from the common startup locations shown above ONLY. Please do not submit entries collected from this method as they will not be used. For a list of tasks/processes you should try the list at PC Pitstop, the Process Library from Uniblue or one of the many others now available.

Therefore, before ending a task/process via CTRL+SHIFT+ESC just because it has an "X" recommendation, please check whether it's in the registry or common startup locations first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+SHIFT+ESC. If in doubt, don't do anything.

To avoid the database becoming too large, all malware entries are only shown using the registry version which is common to all Windows versions. Otherwise there would be multiple entries for popular filenames that viruses often use - such as "svchost.exe" above for example. Multiple malware can also use the same start-up entries, in this case only those with significant differences (such as file location) are repeated in this database.

As more than 25K entries in this database related to malware you should use a quality internet security package. Which ever you choose, keep it updated and get the latest version at least every two years.

There are a number of virus and malware entries listed in this database where specific removal instructions haven't been given. If this is the case then you could try ComboFix, a program written by sUBs that can remove many different types of Trojans and Worms. See here for a tutorial on how to use the program.

NOTE: A number of entries are repeated due to the way that different operating systems display startup items. For example, WinMe lists "POPROXY.EXE" as "Norton eMail Protect" in both MSCONFIG and the registry whereas WinXP lists it as "Poproxy" in MSCONFIG and "Norton eMail Protect" in the registry.

SERVICES: "Services" from the Windows 8/7/Vista/XP/2K/NT operating systems are not included. We fully understand that some programs with these OS's use "Services" as an alternative to load their component parts at startup but these are handled in a different way. We recommend you try BlackViper for information on services for the relevant operating systems.

Copyright

Presentation, format & comments Copyright © 2001 - 2017 Pacman's Portal
Portions Copyright © Peter Forrest, Denny Denham, Sylvain Prevost, Tony Klein, CastleCops & Bleeping Computer
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home