Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

Key:

  • L = Legit, O = Open to Debate, X = Malware/Bad
Page 0 1 2 3 4 5 6 7 8 9 10 11
Startup Name Process Name Details
L Network Messenger (MStdc ) mstdc.exeRelated to Microsoft Personal Web Server and Microsoft SQL Sever software http://www.2-files.com/pro
X Network Monitor netmon.exeReported by Panda as the Trj/Cicos.H TROJAN! This trojan if found in the Program FilesNetwork Monito
X Network Provision Managing Service (xmlprovman) provsvc.exeAdded by the W32/Sdbot-CRS WORM! Note: This worm rojan is located in C:WindowsSystem (Win9x/Me) C:%W
X Network Security Service randomCoolWebSearch res:// variant
X Network Security Service (NSS) randomCoolWebSearch res:// variant
X Network Station Task Manager (TASKSQ) tasksch.exeAdded by an unknown variant of a backdoor TROJAN! Note: This worm rojan is located in C:%WINDIR%
X Network Station Task Manager (TSKIB) taskib.exeAdded by an unknown variant of a backdoor TROJAN! Note: This worm rojan is located in C:%WINDIR%
X Network Windows Service (MSWindows) urdvxc.exeAdded by the W32/Allaple-B WORM! Note: Located in C:WindowsSystem (Win9x/Me) C:%WINDIR%System32 (XP/
X Network) MSVPN32.exeAdded by the W32/Rbot-AIO WORM!
L NI Service Locator (niSvcLoc) niSvcLoc.exeRelated to National_Instruments corp.
L NICCONFIGSVC NICCONFIGSVC.exeNICCONFIGSVC.exe is a process associated with the power management settings for network adapters on
L NICSer_WMP11 NICServ.exeRelated to Linksys config utility.
X ninsvc ninsvc.exeAdded by the W32/Akbot-AL WORM! Note: This worm rojan is located in C:WindowsSystem (Win9x/Me) C:%WI
L nipxirmu nipalsm.exeRelated to National_Instrument Corp.
L NMap nmapserv.exeNMapWin Port Scanner utility service.
L NMSAccess NMSAccess.exeRelated to Cheetah_DVD_Burner Note Must only be used on NT4/2000/XP
L NNSvc nnsvc.exeNetNanny Internet Filter
L NobleNet Portmapper for TCP portserv.exeActuate_Enterprise Reporting Applications for business intelligence analytic services
X NOD AV service (nodantivir) nodantivir.sysAdded by the Troj/Haxdoor-AK TROJAN! Note: This trojan file is found in the System32 folder. The fil
L NOD32 Kernel Service (NOD32krn) nod32krn.exeNOD32 Antivirus
L Nofeel FTP Server Service nftpdsvc.exeRelated to Nofeel_FTP_Server
L NoIPDUCService DUC20.exeRelated to Vitalwerks Internet Solutions
L Norman API-hooking helper nipsvc.exeNorman Anti-Virus
L Norman NJeeves NJEEVES.EXENorman Anti Virus
L Norman Type-R NPFSVICE.EXENorman Virus Control Service. Made by Norman Data Defense Systems Inc. For more information Click_He
L Norman Virus Control on-access component nvcoas.exeNorman Virus Control on-access component
L Norman Virus Control Scheduler NVCSCHED.EXENorman Virus Control Scheduler
L Norman ZANDA Zanda.exeNorman Anti Virus
L Nortel Networks TunnelGuard (tunnelguardservice) CueAgent_srv.exeRelated to Nortel_Networks_TunnelGuard designed to ease the deployment of very large site-to-site an
X Norton antivirus and Firewall (it) fime.exeBogus Norton Antivirus and Firewall service. Unknown owner.
L Norton AntiVirus Auto-Protect navapsvc.exeNorton AV leave it running.
L Norton AntiVirus Auto-Protect Service (navapsvc) navapsvc.exeRelated to Norton/Symantec AntiVirus.
L Norton AntiVirus Client rtvscan.exeNorton Anti-virus related
L Norton AntiVirus Firewall Monitor Service (NPFMntor) NPFMntor.exeNorton Internet Worm Protection
L Norton Ghost PQV2iSvc.exesymantec Norton Ghost Image related
L Norton Internet Security Accounts Manager NISUM.EXERelated to Norton Internet Security
L Norton Internet Security Proxy Service SymProxySvc.exeRelated to Symantec Corporation
L Norton Internet Security Service NISSERV.EXERelated Symantec Corporation
X Norton Online Anti Virus avll32.exeAdded by the Backdoor.Win32.SdBot.aad reported by Kaspersky TROJAN! Note: This worm rojan is located
L Norton Personal Firewall Proxy Service SymProxySvc.exeRelated to Norton Firewall Proxy service
L Norton Personal Firewall Service NISSERV.EXERelated to Norton Personal Firewall service
L Norton Program Scheduler npssvc.exeRelated to Norton Scheculer
L Norton Protection Center Service (NSCService) NSCSRVCE.EXERelated to Norton Internet Security 2006 and Norton AntiVirus 2006. Made by Symantec_Corporation
L Norton Unerase Protection NPROTECT.EXENorton Protected Recycle Bin
L Notebook Manager Service (anbmService) anbmServ.exeRelated to Acer Notebooks Hardware Monitoring program. Made by OSA_Technologies Inc.
L Novell Application Launcher (NALNTSERVICE) NALNTSRV.EXENovell NAL NT service
L Novell Workstation Manager (WM) wm.exeNovell Workstation Manager
L Novell XTier Agent Services XTAgent.exe
L Novell ZfD Remote Management ZenRem32.exe
L NPDOR File Monitor Service (NFMService) NPDORNT.exeRelated to NPD Online Research.
X NPF npf.sysAdded by the Troj/NtRootK-I TROJAN! Note: This trojan file is found in the System32 folder.
L npkcsvc npkcsvc.exeINCA Internet
X NS (MSLLR) ns.exeW32/Agobot-HS
L NsEngine NSENGINE.exeScheduling engine of NovaSTOR Backup Service
X NT login service (ntlogin32) libsys32.exeAdded by the W32/Sdbot-ACK WORM!
X NT login service - Unknown libsysmgr.exeAdded by the W32/SDBOT-CAF WORM! (Castle Cops)
L NT Online Protection ONLNSVC.EXERelated to AntiVirus_Quick Heal Virus protection. Note: located in C:Program FilesQUICKH~1
X Nt System Kernel ntsyskrnl.exerelated to WORM_AGOBOT.IK
X NTBOOTMGR ntuser.exeFlagged as Backdoor.Iroffer / Backdoor.Noer
L NTCHARGE winlogon.exeRelated to Microsoft Internet Information Services (IIS).
X NTFS Crypto Technology (NTFSCrypt) ntfscrypt.exeAdded by the W32/Spybot-NC WORM! Note: Located in C:WindowsSystem (Win9x/Me) C:%WINDIR%System32 (XP/
X NTFS File Location Service (NTFSFLS) ntfsloc.exeAdded by the W32/Sdbot-CSG WORM! Note: This worm rojan is located in C:WindowsSystem (Win9x/Me) C:%W
X NTFSprotect (ntfsdiscman) ntfsprotect.exeAdded by the SDBOT.CCF WORM! Read the link rootkit type stealth involved.
X Ntlm_Drive_Connect (Ntlm_Drive_Connect) TimerU.sysAdded by the Tuimer TROJAN!
X NTLOAD ntsrv.exeFlagged as Backdoor.Iroffer / Backdoor.Noer
X NTLOAD winlogon.exeOther files in the same directory identified as Win32.Iroffer.b by Kaspersky
X ntmssvc svchost.exe -k ntmssvcAdded by the Fuwudoor TROJAN!
X NTP (Network Time Protocol) winlogon.exeAdded by the Troj/Jtram-D TROJAN! Note: This trojan file is found in the System32Client folder.
L NTRU Hybrid TSS v1.05 TCSD (tcsd_win32.exe) tcsd_win32.exeRelated to NTRU_Cryptosystems Inc. Provider a public key cryptography system (PKCS)
X NTSec(ntsec) (NTSec) ntsec.exeIdentified as Trojan-Dropper.VB.22 by VBA32 Note: located in C:WindowsSystem (Win9x/Me) C:%WINDIR%Sy
O NTSecure srvany1234.exeUnknown owner: Location C:WINDOWSsystem32srvany1234.exe
X NTSVCMGR winlogon.exeOther files in the same directory identified as Win32.Iroffer.b by Kasperksy
O NTSVCMGR winlogon.exeCreates a file win32.dll C:windowssystem32 and the old one is renamed win32.dll.bkup
X NTSVCMGR ntsrv.exeFlagged as Backdoor.Iroffer / Backdoor.Noer
L NTsyslog ntsyslog.exeRelated to Open_Source_Technology Group. An application logging functionality.
L nTune Service (nTuneService) nTuneService.exeRelated to NVIDIA Access Manager. Note: Located in C:Program FilesNVIDIA Corporation Tune
L NuTCRACKER Kernel nutkserv.exeRelated to openUTM from Fujitsu Siemens Computers
L NuTCRACKER Service nutsrv4.exeRelated to Rational Rose MKS Toolkit for Enterprise Developers
X NvCplScan msc32.exeRelated to the W32/FORBOT-DD
X NvCplScan nvsc32.exeanother example added by Forbot_ET.
L Nvedavt ousbehci.sysRelated to OrangeWare Corp.
X nvidGUIv (nvidGUIv2) NVIDGUIV.EXEAdded by the SDBOT.CTQ WORM! Read the link rootkit type stealth involved.
L NVIDIA Display Driver Service nvsvc32.exeNVidia
L NVIDIA Driver Helper Service nvsvc32.exeRelated to NVIDIA drivers.
X NVIDIA Driver ServiceĦĦ (NVSv ) svchost.exeAdded by an unidentified TROJAN! of the Sdbot family. Note: This worm rojan is located in C:%WINDIR%
X Nvidia Graphic Displacement (nvideoGUI) nvideogui.exeAdded by the SDBOT.CQD WORM! Read the link rootkit type stealth involved.
L NVIDIA PVR Schedule Monitor (nvpvrmon) nvpvrmon.exeRelated to NVIDIA ForceWare driver. Note: Located in C:Program FilesNVIDIA CorporationForceWareMulti
X nvsec(nvsec) (NvSec) nvsec.exeAdded by an unidentified TROJAN! of the Sdbot family. Note: This worm rojan is located in C:WindowsS
X nvsvc32.exe wmisp.exeAdded by the Backdoor_Win32_SdBot_aad WORM! - Reported by KASPERSKY ON-LINE SCANNER
L O&O CleverCache Agent (OOCleverCacheAgent) ooccag.exeRelated to O&O_Software Products. Located in folder: OO SoftwareCleverCache
L O&O ComponentInstaller Agent oocinst.exeRelated to O&O software Protection Software
L O&O Defrag oodag.exewww.oo-software.com
L O2Micro Flash Memory (O2Flash) o2flash.exeRelated to O2Micro_Flash Memory Card. Note: Located in C:WINDOWSsystem32
Odyssey Client for Fujitsu Siemens Computers
X OESH (Office Source Engine Help) Program.exeAdded by an unidentified TROJAN! of the Sdbot family. Note: This worm rojan is located in C: folder.
Office Server Extensions Notification Service
L Office Source Engine (ose) OSE.EXEMicrosoft Office Source Engine
L OfficeScanNT Listener tmlisten.exepart of the Trend Micro Anti Virus application (WinTasks Process Library)
L OfficeScanNT Personal Firewall (OfcPfwSvc) OfcPfwSvc.exeRelated to Trend Micro Inc. - http://www.trendmicro.com/
L OfficeScanNT RealTime Scan ntrtscan.exea process associated with the Trend Micro Antivirus application (WinTasks Process Library)
L OlCamSrv OlCamSrv.exeRelated to: Olympus_America Inc. Imaging services
L OM Common Services (omsad) omsad32.exeRelated to Dell Open Management system.
L OmniForm Printer ofps.exeRelated to Nuance_Communications Inc. (Peviously Scansoft Inc.) A leading supplier of imaging speech
L Omniquad MyPrivacy mpsvc.exeRelated to Omniquad Security's MyPrivacy Internet tracks cleaning tool.
L ONC/RPC Portmapper PORTMAP.EXERelated to Bell_and_Howell
L Online Backup Service nts.exeRelated to Online_Backup_Service From Acpana Business Systems. Note: Located in C:Program FilesAcpan
L OpcEnum OpcEnum.exeOPC_Foundation Sets Industry standards in Interoperability of Automation.
X Open GL Drivers openGLD.exeAdded by the SDBOT.CLW WORM! Read the link rootkit type stealth involved.
L OpenAFS Client Service (TransarcAFSDaemon) afsd_service.exeOpenAFS is a distributed filesystem product pioneered at Carnegie Mellon University
X openSSL openSSL32.exeAdded by the W32/Spybot-MY WORM! Note: This worm rojan is located in C:WindowsSystem (Win9x/Me) C:%W
L OpenVPN Service (OpenVPNService) openvpnserv.exeBelongs to Open VPN that seems to be a Linux VPM program that runs under Windows. File found in the
Oracle Forms Server [Forms60Server-OraForm]
L Oracle OLAP 9.0.1.0.1 (OLAPServer) xsolap.exeRelated to Oracle_OLAP an option to Oracle Database 10g Enterprise Edition. Note: located in C:oracl
L Oracle OLAP Agent xsaagent.exeRelated to Oracle_OLAP an option to Oracle Database 10g Enterprise Edition. Note: located in C:oracl
L Oracle Reports Server [Rep60_PDB-LAPTOP-OraDevHome] rwmts60.exeRelated to Oracle products
L Oracle WebDb Listener wdblsnr.exeRelated to Oracle products
L Oracle%ORACLE_HOME_SERVICE%ClientCache80 ONRSD80.EXERelated to Oracle Networking (Net8 Server Executable)
L OracleDBConsoleorcl nmesrvc.exeRelated to Oracle_DB_10g Database. Note: Located in C:...oracle10gin User can install in own folder
L OracleMTSRecoveryService omtsreco.exeRelated to Oracle SQL database application
L OracleOraDb10g_home1iSQL*Plus isqlplussvc.exeRelated to Oracle_DB_10g Database. Note: Located in C:...oracle10gin User can install in a folder o
L OracleOraHome90Agent agntsrvc.exeRelated to Oracle Intelligent Agent used to run on a remote node in the network to make the node OEM
L OracleOraHome92PagingServer pagntsrv.exeRelated to Oracle products
L OracleOraHome92TNSListener TNSLSNR.exeRelated to Oracle products
L OracleOraHomeAgent dbsnmp.exeRelated to Oracle products
L OracleOraHomeClientCache ONRSD.EXERelated to Oracle products
L OracleOraHomeDataGatherer vppdc.exeRelated to Oracle products
L OracleOraHomeHTTPServer Apache.exeRelated to Oracle products
L OracleOraHomeManagementServer OMSNTsrv.exeRelated to Oracle products
L OracleOraHomePagingServer pagntsrv.exeRelated to Oracle products
L OracleOraHomeTNSListener TNSLSNR.exeRelated to Oracle products
L OracleServiceLOCALORA ORACLE.EXERelated to Oracle products
L OracleServiceSECINST ORACLE.EXERelated to Oracle products
L OracleWebAssistant OWASTsvr.exeRelated to Oracle products
L OracleXEClrAgent OraClrAgnt.exeRelated to Related to Oracle products Note: Located in C:oraclexeapporacleproduct10.2.0serverin
X ORAN ORAN.SYSAdded by the TROJ_ROOTKIT.N TROJAN! Read the link rootkit type stealth involved.
X orans (orans) orans.sysAdded by the Troj/Rootkit-AA TROJAN! Read the link rootkit type stealth involved.
L OrbMediaService OrbMediaService.exeOwner:Orb Networks
L ORBPVR OrbPVR.exeOwner: Unkown http://www.orb.com/
L OSCM Utility Service OSCMUtilityService.exeRelated to Novatel Wireless Service from Sprint phones and connectivity cards. Note: Located in C: P
L OTi Card Reader Service OTiReader.exeOTI_Globals contact/contactless smart card reader. Location: Program FilesCardReader2.0 folder.
L Outpost Firewall Services outpost.exeAgnitum Outpost firewall service
L OvEpStatusEngine OvEpStatusEngine.exeHP OpenView Status Engine
L OvMsmAccessManager OvMsmAccessManager.exeHP OpenView Access Manager
L OvSecurityServer OvSecurityServer.exeHP OpenView Security Server
L OwnershipProtocol OProtSvc.exeRelated to PROSet Wireless Software from Intel
X P correction service (msrdr2) msrdr2.sysAdded by the Troj/Haxdoor-AJ TROJAN! Note: This trojan file is found in the System32 folder.
X P-SYS (P-SYS Service) TERMSVRS.EXEAdded by the SDBOT.DEO WORM! Read the link rootkit type stealth involved.
L Pacific Image Comm. Fax Server PICPMON.EXERelated to SuperVoice Specialists in Voice Mail and Fax systems
X Pack 2 Services) servicepack2Added by the SDBOT.COP WORM! Read the link rootkit type stealth involved.
L Packet Scheduler Service.exeRelated to Packet_Scheduler from Microsoft. The packet scheduler decides the order in which packets.
L PACSPTISVR PACSPT~1.EXE PACSPTISVR.exeSony computers
L Panasonic Trap Monitor Service Trapmnnt.exeRelated to Panasocic_Trap_Monitor for printer service. Note: Located in C:PROGRAM FILESPANASONICTRAP
L Panda AdminSecure Administration Server (AdminServer) AdminServer.exeRelated to Panda Security programs.
L Panda AdminSecure Communications Agent (PAVAGENTE) Pagent.exeRelated to Panda Security programs.
L Panda AdminSecure Distribution Server (PadFSvr) PadFSvr.exeRelated to Panda Security programs.
L Panda AdminSecure Scheduler (PavAtScheduler) pavsched.exeRelated to Panda Security programs.
L Panda anti-virus service pavsrv51.exePanda Anti-virus Service
L Panda anti-virus service (PAVSRV) pavsrv50.exeRelated to Panda Security programs.
L Panda Antispam Engine (pmshellsrv) pskmssvc.exeRelated to Panda Platinum 2006 Internet Security.
L Panda Antispam Server Service PaSSrv.exeRelated to Panda Protection Software.
L Panda Antivirus Report Service (PavReport) PavReport.exeRelated to Panda Security programs.
L Panda Firewall PavFires.exePanda Firewall Service
L Panda Firewall Service PavFires.exeRelated to Panda Firewall
L Panda Function Service PavFnSvr.exeRElated to Panda Antovirus software
L Panda Function Service (PAVFNSVR) PavFnSvr.exeRelated to Panda Security programs.
L Panda IManager Service PsImSvc.exeRelated to Panda Titanium Antivirus
L Panda Network Manager (PNMSRV) PNMSRV.EXERelated to Panda Firewall.
L Panda NetworkSecure Service (CPntSrv) CPntSrv.exeRelated to Panda Security programs.
L Panda Pavkre Pavkre.exeRelated to Panda Titanium Antivirus
L Panda PavProt PavProt.exeRelated to Panda Titanium Antivirus
L Panda Preventium+ Service prevsrv.exeRelated to Panda Titanium Antivirus
L Panda Process Protection Service pavprsrv.exeRelated to Panda Software
L Panda Software Controller PSCTRLS.EXERelated to Panda Security programs.
L Panda TPSrv (TPSrv) TPSrv.exeRelated to Panda Platinum 2006 Internet Security and Panda Titanium 2006 Antivirus Antispyware.
L Pantech&Curitel Utility Service PnCUtilityService.exeRelated to Sprint Internet Service Provider.
L PatchLink Update GRAVITIXSERVICE.exePatchlink_Update by Patchlink Corporation
L PATROL for Windows Operating System Monitor (PWKNTMon) pwkntmon.exeRelated BMC Software Inc. - http://www.bmc.com/
L PatrolAgent PatrolAgent.exeRelated BMC Software Inc. - http://www.bmc.com/
L Patrol_Scheduler Patrol_Scheduler.exeRelated BMC Software Inc. - http://www.bmc.com/
L PC Tools Spyware Doctor sdhelp.exeRelated to PC Tools' Spyware_Doctor
L PC-cillin PersonalFirewall PCCPFW.exeRelated to Trend Micro Inc. Firewall
L pcAnywhere Host Service awhost32.exePart of Symantec's pcAnywhere remote PC management software.
L PCHost pchost.exeRelated to PCHost
X pcryptv3X pcryptv3.exeAdded by the W32/Tilebot-AS TROJAN! Note: This worm rojan file is found in the Windows or Winnt fold
L PCS Business Connection Personal Edition Service ConnectionService.exeRelated to sprint.com ISP
L PCTEL Speaker Phone pctspk.exeDiagnostic tool for PCtel modem.
L PDEngine PDEngine.exeRaxco PerfectDisk
L PDFCreatorMessages PDFCreatorMessages.exeRelated to Global_Graphics_Software Ltd. Document and Print Solutions.
L PDScheduler PDSched.exeRaxco PerfectDisk
X PE Sytray Manager ssmc.exeAdded by the Backdoor.SdBot.avk as detected by ewido. More here
L PER Antivirus (pav_service) PERVAC.EXEAntivirus software from PER Systems. http://www.perantivirus.com/antivir.htm
L PER Antivirus Security Service (pav_security) PAVSS.EXEAntivirus software from PER Systems. http://www.perantivirus.com/antivir.htm
X Performance Logs (Perfhmon) Perfhmon.exeAdded by the W32/Codbot-W WORM!
X Performance True Type Fonts (PerfFont) perfont.exeIdentified as Trojan-Downloader.Win32.Agent.acv by ewido security suite.
L Persits Software EmailAgent EmailAgent.exeRelated to AspEmail from Persits Software Inc. A free active server component that enables your ASP
Personal Secure Drive Service
L Pervasive.SQL 2000 (relational) W3SQLMGR.EXEPervasive SQL Server
L Pervasive.SQL 2000 (transactional) NTBTRV.EXEPervasive SQL Server
Copyright 2003-2013 iamnotageek &/or Martin Krohn.