Your Ad Here

Your Ad Here

Your Ad Here



Home Computer Repair Online - Startup Applications List

Home Computer Repair Online Startup Applications List
Home » Welcome to the Startup Applications List
Status Code Key:
  • "Y" - Normally leave to run at start-up
  • "N" - Not required - typically infrequently used tasks that can be started manually if necessary
  • "U" - User's choice - depends whether a user deems it necessary
  • "X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
  • "?" - Unknown

    • To lookup a startup program by file name, click the letter it starts with or use the search feature.

    ABC List: A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z - Other

    Status CodeNameCommand Description
    Yr_serverr_server.exeRadmin - remote admistrator server
    NRxMonrxmon9x.exeDell Resolution Assistant
    XrvdeN/ARelated to li-speed****
    XRVPbpc.exeSpyware included with the latest version of Grokster. Also see here
    XRun_cdRun_cd.exeAdded by the GHOST.23 TROJAN!
    ?RUSBHOLoaderrundll32.exe RUSBHOLoader.dll, AutoRegister??
    XRun[0]syscnfg.exeAdded by an unidentified VIRUS, WORM or TROJAN! "syscnfg.exe" is found in C:windowsfonts (or C:winntfonts) directory where no *.exe files should reside
    XRunWindowsUpdateuptodate.exeBrowserAid/BrowserPal foistware
    Xrunwin32runwin32.exeAdded by the ESEARCH-A TROJAN!
    URunSysd32RunSysd32.exeDesktopShield2000 by St?phane Groleau. Locks the desktop at bootup so that users cannot bypass the Windows screensaver password. Only essential if using the program and is an optional setting. It can be disabled from within
    XRunServicesrunsvc32.exeAdded by the AGOBOT.QJ WORM!
    XRunProgwini.exeAdded by the OPTIX.04.D TROJAN!
    URunOnceRUNONCE.EXEPart of MS Data Access Components - only required if you use these
    XRunProgServer.exeAdded by the OPTIX.04.A TROJAN!
    XRundnmRundnm.exeAdded by the DELF-HA TROJAN!
    XRundllsystem32Rundllsystem32.exeAdded by the NETDEVIL.B TROJAN!
    XRundllSvrRundll.exeAdded by the HUAYU WORM!
    XRundll32_8rundll32.exe inetp60.dll, DllRunServerBrowserAid parasite variant
    Xrundll64[path to worm]Added by the AUTEX WORM!
    XRundll32_7rundll32.exe MSIEFR40.DLL, DllRunServerBrowserAid "Featured Results" hijacker variant
    XRundll32.exeRoot.exeAdded by the GRUEL WORM!
    XRundll32.exeProyecto1.exeAdded by the GRUEL WORM!
    NRundll32 cmicnfgRundll32 cmicnfg.cpl, CMICtrlWndSystem tray control panel for C-Media based soundcards - often included on popular motherboards with in-built audio. Available via Start -> Settings -> Control Panel
    Urundll32RunDLL32.exe irprops.cpl, BluetoothAuthenticationAgentAssociated with BlueTooth software, and registers the "Infrared Port properties" Control Panel applet. Should you get the error message, "Rundll irprops.cpl missing entry Bluetooth authentication agent", click here here for more information. In case you no longer have BlueTooth support installed, and don't need it, simply uncheck the entry in Msconfig > Startup
    Xrundll32csrss.exeAdded by the GUTTA TROJAN! Note - this is not the legitimate csrss.exe process, which should not appear in Msconfig/Startup!
    Xrundll32rundll32.exeAdded by the SANKER WORM! Note that the valid "rundll32.exe" resides in C:WindowsSystem32 wheras this version resides in C:Windows
    ?rundll32rundll32.exe ptipbmf.dll, SetWriteCacheModeInstalled with the miniport drivers for Promise hard drive controllers in both RAID and non-RAID installations. May be necessary in order to maintain preferences applied to the RAID array connected to the Promise controller
    Xrundll32[path to worm]Added by the AUTEX WORM!
    XRundll32Rundll32.exe ptipbm.dll, SetWriteBackInstalled with the miniport drivers for Promise hard drive controllers in both RAID and non-RAID installations. If used is it required?
    XRundll32Windows.exeAdded by the QQPASS.E TROJAN!
    XRunDLL32winupdate.exeAdded by an unidentified TROJAN! - possibly a BMBOT variant
    Urundll32Rundll32.exe Wf2kcpl.dll DllLoadDefaultSettingsLoads default settings for Leadtek Winfast graphics cards
    NRunDLL32RunDLL32.exe NvMCTray.dll, NvTaskbarInitSystem Tray icon used to manage settings for nVidia based graphics cards. May be required for some 3D applications to recognize your card correctly - such as the game "Everquest". Otherwise, settings can be changed manually via Display Properties
    NRUNDLL32RUNDLL32.EXE NvQtwk, NvCplDaemonSystem Tray icon used to change display settings, change the clock rate and memory speed for nVidia based graphics cards. This is unnecessary since you can easily configure these settings the way you want them in the Display Properties and not have to mess with them again. Also disable the "NVIDIA Driver Helper Service" if enabled as it can cause this entry to be re-enabled on re-boot (note that this service can also cause extreme shutdown delays if enabled - see here)
    XRundll16Rundll16.exeAdded by a number of VIRUSES, WORMS and TROJANS!
    XRundll32Rundll32.exeAdded by the DVLDR TROJAN! Note - this is not the valid "Rundll32.exe" as it's in the WindowsFonts directory
    Xrundll***die.exe [path] ttg.exeAdded by the SUMTAX TROJAN! where *** is 134, 569, 777 or 946
    Xrundll***die.exe [path] secure.exeAdded by the SUMTAX TROJAN! where *** is 134, 569, 777 or 946
    Xrundll***die.exe [path] secure.batAdded by the SUMTAX TROJAN! where *** is 134, 569, 777 or 946
    Xrundll***die.exe [path] mdll.exeAdded by the SUMTAX TROJAN! where *** is 134, 569, 777 or 946
    Xrundli32rundli32.exeAdded by the LADE WORM!
    XRunDLLrundll32.exe bridge.dll, LoadFlingstone.com browser hijacker
    Xrundl332math.exe ...pluged.exeAdded by the DOOMJUICE WORM!
    XRunapp32Runapp32.exeAdded by the NEODURK TROJAN!
    XRund1l32Winfi1e32.exeAdded by the MERTIAN WORM!
    NrunAPrunAP.exeNot required but what is it?
    URunAlertAService.exeMSI MOtherboard PC Alert III - MSI motherboard monitoring software. Only required if you "overclock" your system
    Xrun=real.exeAdded by a variant of the LOVGATE WORM!
    ?run=win.ini??
    Xrun=RAVMOND.exeAdded by a variant of the LOVGATE WORM!
    Yrun=smsrun16.exeMicrosoft Systems Management Server (SMS) related - program that reads SMSRUN16.INI on clients running Win 3.1, Windows for Workgroups, Win95, or OS/2 to create program groups on the client and then launch SMS client programs
    Xrun=fntldr.exeCoolWebSearch parasite variant
    Xrun=svcinit.exeCoolWebSearch parasite variant
    ?run=wallflip.exeDesktop wallpaper changer?
    Urun=ramsys.exeAdvanced Startup Manager from Rays Lab
    Xrun=ptlseq.cplPhoenixNet BIOS adware. See here
    Nrun=pcfix2k.exepcfix2k splash screen
    Nrun=lxdboxcp.exeLexmark DOS-Printing Control Program for the Lexmark 2050. Only required if you need to print from DOS
    Nrun=hpfschedHPFSCHED is a small TSR that will remind you to clean the cartridges in your DeskJet from time to time in order to keep print quality high. It can be removed from the run line in win.ini if you do not want that feature
    Nrun=cmmpu.exeMIDI emulator driver for the integrated sound chip by C-Media based on the CMI-8330 chip set normally found in cheap motherboards. Also installed as part of the software for a Guillemot Maxi Muse sound card (PCI)
    XRun32dllocxdll.exeAdded by an unidentified VIRUS, WORM or TROJAN!
    Xrun32dlltask32.exeAdded by an unidentified VIRUS, WORM or TROJAN!
    Xrun32dllWINClock.exeAdded by an unidentified VIRUS, WORM or TROJAN!
    XRun XP Service Packxpservicepack.exeAdded by the SDBOT.AQA WORM!
    XRun TaskMrgcsrss.exeAdded by the LDPINCH-W TROJAN! Note - this is not the legitimate csrss.exe process, which should not appear in Msconfig/Startup!
    URun StartupMonitorStartupMonitor.exeMike Lin's StartupMonitor, throws up an alert and asks your permission every time any change is made to your start-up configuration, either in the registry or start menu
    URun POPFile in backgroundwperl.exePOPFile - E-mail spam blocker
    URuLaunchRuLaunch.exeInstant Updater for McAfee's VirusScan, Internet Security, Quick Clean, Uninstaller and Firewall products. In the case of VirusScan leave it enabled unless you update manually on a regular basis
    XRun MSupdt32wscript MSupdt32.vbsAdded by the CASER WORM!
    URun POPFile in backgroundperl.exePOPFile - E-mail spam blocker
    XRuby14Ruby14.exeAdded by the FIGHTRUB-A WORM!
    XRuby13Ruby13.exeAdded by the MEXER.E WORM!
    Yrtvscn95RTVSCN95.EXEReal-time virus scanner component of Norton Anti-Virus Corporate Edition
    Xrtosrtos.exeIRC trojan
    ?RTStartMuteN/A??
    YRTMonitorRTMonitor.exeCheyenne (now eTrust) antivirus
    NRtlMon.exeRtlMon.exeMonitor for RealTek network card
    XRSSrundll32 RSSToolbar.dll, DllRunMain"Related Sites" toolbar - SearchAndClick hijacker variant
    ?RSRCMTZRSRCMTZ.exe??
    UrsMenursMenu.exeSynchronizes a Casio PDA with MS Outlook
    Urscmptrscmpt.exeRequired on the GeFroce 64 meg MX card to show the full 64 meg memory and appears to be a software memory emulator running under the Win2K - see here. High CPU useage results - hence the U status
    XRRMedicrrmedic.exeTroubleshooting utility for the RoadRunner cable internet service. Not required and you are advised to completely uninstall it. Provides a lot of false alarms and gets a lot of people panicking about there internet connection
    YRPCSS.exerpcss.exeRemote Procedure Call. Required by windows for programs to communicate with each other on networks/different machines. Originally for NT only but now installed with Win98/98se. Under Win98/98se, a program may need it to communicate with other components of itself. You could delete the program but if any abnormalities occur soon after then reinstall. Under NT, deleting this critical system component will disable the OS. For a more detailed explanation see here
    XRPC Patcher[path to worm]Added by the BOLGI WORM!
    XRPCMSschost.exeAdded by a variant of the GAOBOT/AGOBOT WORM!
    URP32rp32.exeControlIT (was Remotely Possible) from Enterprise International for remote control and access to Win9x/NT systems.
    YRoxioEngineUtilityEngUtil.exePart of Roxio EasyCD Creator 6.0 - corrects any modification made to the Roxio Engine, it exits after checking
    NRoxioDragToDiscDrgToDsc.exePart of Roxio EasyCD Creator 6.0 - places the Roxio Drag-to-Disc icon in you system tray. "Easily drag and drop files for burning to CD or DVD. Disc formatting and burning will happen automatically". Not required for Roxio to work properly
    NRoxioAudioCentralRxMon.exePart of Roxio EasyCD Creator 6.0 - places the Roxio AudioCentral icon in you system tray. "Includes a player, media manager, ripper, tag and sound editor - integrated in a single application". Not required for Roxio to work properly.
    ?Roxio EngineMSMNGR32.EXENot believed to be a valid Roxio program - more likely a variant on the WOMANIZ.A TROJAN!
    NRoxAssistRoxAssist.exeRoxio Assistant is designed to correct Engine Initialization errors. If Easy CD & DVD Creator's Engine does not initialize, the applications in Easy CD & DVD Creator will not recognize your recorder. After running this program you should receive the message "Engine initialized successfully with full recorder support". If you do not receive the message, update your Virus software and then check and clean your system for viruses. After the removal of any viruses, uninstall and then reinstall Easy CD & DVD Creator (use "Add Remove Programs" in "Control Panel"). Can be run manually
    ?ROUTDROUTD.exe??
    Xromahere3************.exe [* = random char]CoolWebSearch parasite related
    Uromahere2************.exe [* = random char]CoolWebSearch parasite related
    Xromaherematrixhere.exeCoolWebSearch parasite related
    ?roketpiperpclient.exe??
    URocket.TimeRocketTime.exeTime synchronization software from Rocket Software
    NRoboFormWatcherRoboFormWatcher.exeAI Roboform from Siber Systems. Automatically completes web forms. Available via Start -> Programs
    NRoboFormRoboTaskBarIcon.exeRoboform - password manager and web form filler. Will work without this startup entry, as the "active" component is an integrated Internet Explorer browser plugin
    Xrngmf[path to trojan]Added by the RANKY.C TROJAN!
    ?rndll2rndll2.exeMay be related to the DivX program as a *.dat file in the same directory had "DivXPro505Bundle.exe" mentioned within?
    URNBOStartsentstrt.exeProgram used to initialise the VxD virtual driver for Sentinel drivers associated with Rainbow H/W keys that plug-in to the parallel port. These are usually supplied with workplace design tools and restrict the use of the software only to the machine to which the H/W key is connected. Required if you have such tools
    Nrmmonmprmmon.exeResource Monitor for the now defunct Chromatic Research MPact2 3DVD graphics card
    ?RMremoteRmRemote.exeRemote control driver for REALmagic Xcard. Is it required?
    Urmctrlrmctrl.exeRemote Control background application for CyberLink's PowerDVD version 4 and above. Enables you to use a remote control with your DVD drive if your drive came with one. Not required if you don't have a remote control, or don't wish to use one
    ?RjLyraInstallersetup.exe??
    URivaTunerStartupDaemonRivaTuner.exeRivaTuner for tweaking nVidia graphics cards. Required if you make any changes
    URivaTunerRivaTuner.exeRivaTuner for tweaking nVidia graphics cards. Required if you make any changes
    XrIOphosIsrIOPHosIs.vBSAdded by the RIOSYS MACRO!
    URing Central Faxrcenterrll.exeOnly needed if you want a PC to answer faxes automatically
    URhinoBlockerRhinoBlocker.exeRhinoBlocker - pop-up stopper
    NRHSI SHSSHS.exeRogers Hi-Speed Internet software. "Should you ever lose access to your Rogers Hi-Speed Internet connection or e-mail, the Self-Healing Software (SHS.exe) will automatically repair your settings to get you up and running in a flash"
    XRhino[random name]32.exeAdded by the BOFRA.A WORM!
    URHrh32.exeEuroFonts - adds Euro symbols to pre-Euro computers
    NRFX_auto_upgraderundll32.exe npvpg005.dllA browser plugin called the RichFX player. Here is a link to download RichFX's solution to removing the auto upgrade
    YrfwRfw.exeRAV AntiVirus
    ?rfwydgrfwydg.exe??
    XRFTrayRFTRay.exeReality Fusion GameCam Video Interaction Technology Software that comes with the Logitech QuickCam PC video camera and other USB cameras. It's only an icon that appears on your System Tray. Available via Start -> Programs
    Urfagentrfagent.exeRegistry First Aid - scans the Windows registry for orphan file/folder references, finds these files or folders on your drives that may have been moved from their initial locations, and then corrects your registry entries to match the located files or folders
    NRexSyMonrexsymon.exeIntellisync for REX sychronization software for Xircom REX MicroPDAs for sharing information between the PDA and PC
    URevoTaskbarAppRevoTask.exeControl Application for M-Audio Revolution 7.1 sound card. The sound card will function without it - but changes to speaker setup and sound modification (Bass/Treble etc) will not be available
    URetrieverSchedulerretrieverscheduler.exe80-20 Retriever from 80-20 - "80-20 Retriever is a powerful personal search tool that encompasses email folders, archived email, and local or network file systems, giving users one point of fast, accurate search for all personal information". Real-time scheduler - shortcut available
    Xretimeretime.exeAdded by the GIPMA TROJAN!
    UResumeFixClocksresumefix.exePart of the RadeonTweaker utility for overclocking ATI Radeon graphics cards
    UResume Copycopyfstq.exePart of Total Copy - an improved version of the Windows copy function. Allows for resumption file copies or moves in progress when computer was shut down. Not required if your not using the program or don't care about that function
    Xrestoryrestory.exeAdded by the RETSAM TROJAN!
    YRestoreIT!VBPTASK.EXERestoreIT! from FarStone "allows you to recover instantly your files, system configuration, and even your operating system, to any point in time prior to the data loss or system failure."
    ?Restart_VSViewsonic.exeCould be a left-over from the installation of a Viewsonic flat panel display
    ?Restart WatchWatch.exeAssociated with an Eicon Networks Diva ISDN or ADSL modem. What does it do and is it required?
    URestart WSC Settingwscrestp.exeWinStart Commander - part of Ultra WinCleaner Utility Suite. Starts Windows faster and controls hidden programs to boost performance and prevent system slow downs and crashes
    NResource Meterrsrcmtr.exeWindows Resource Meter. Available via Start -> Programs. You may want this enabled if your PC is suffering from crashes and want to know potential causes
    NResolution Assistantmatcli.exeDell Resolution Assistant. "matcli.exe is a motive Assistant Command line interface that gathers information about your system's identity like your name email address, city, state, etc and gets written to a log file". Resolution Assistant is required to run with the Help and Support program. If you uncheck Resolution Assistant and and then run Help and Support it will add another Resolution Assistant in the startup menu. If you remove the Resolution Assistant in the add/remove program some help menus in help and support will not be available. You decide
    URepliGo AssistantRepliGoMon.exeCerience RepliGo software - "any document you have on your PC can be transferred to your mobile device"
    Xrequesterrequester.5.exeAdware downloader, identified as TrojanProxy.Win32.Delf.h
    ?RemStartremstart.exePart of McAfee's Remote Desktop 32 Agent application. What does it do and is it required?
    ?RenolBib.exe??
    NRemovecplRemovecpl.exeRelated to a Belkin 54Mbps Wireless Utility Control Panel applet
    XRemoved.exeRemoved.exeGatorCheat - adware downloader
    URemoteControlPDVDServ.exeRemote Control background application for CyberLink's PowerDVD version 5 and above. Enables you to use a remote control with your DVD drive if your drive came with one. Not required if you don't have a remote control, or don't wish to use one
    NRemote_AgentRemoteAgent.exeCyberlink Power VCR II 3.0 is a TV tuner recording utility. If you want to schedule recordings, you will need this, otherwise can be disabled. Available via Start -> Programs
    URemoteCenterRcMan.exeRemote control for Creative MediaSource - plays back music in DVD-Audio, MP3, WMA, WAV and other media formats
    URemoteControlrmctrl.exeRemote Control background application for CyberLink's PowerDVD version 4 and above. Enables you to use a remote control with your DVD drive if your drive came with one. Not required if you don't have a remote control, or don't wish to use one
    YRemoteAgentRAUAgent.exeTrend Micro's Office Scan Client, see here - "Its Web-based management console gives administrators transparent access to desktop and mobile clients to coordinate automatic deployment of security policies and software updates"
    XRemote Procedure Callsmswinc.exeAdded by the RBOT-IT WORM!
    XRemote Procedure Callswin.exeAdded by the SDBOT-QI WORM!
    XRemote Procedure Callsmswinrpc.exeAdded by the RBOT.KJ WORM!
    XRemote Procedure Call LocatorRUNDLL32.EXE reg678.dll ondll_regAdded by a variant of the LOVGATE WORM!
    XRemote Procedure Call For Windows 32bitrpc.exeAdded by the RBOT-MD WORM!
    XRemote Procedure Callwinsysrpc.exeAdded by the SDBOT-PS WORM!
    XRemote Procedure Callwinrpc.exeAdded by the RBOT-KM WORM!
    Uremote masterremote master.exeRequired if you want your ASUS Remote control to work at all. Available via Start -> Programs
    URemote Management Agentzenrc32.exePart of Novell's ZENworks - "Complete End-to-End Directory-enabled Network Management". Installed on a managed workstation fo an administrator to remotely manage the workstation. Required if the PC is a managed workstation
    URemote Desktop Computingmarspc.exeMarspc Remote Desktop Computing
    NRemote ControlRc.exeHinet Hi-Five ISP software
    XRemote Access SlaveSynchost.exeAdded by the RIPJAC TROJAN!
    URemote Accessrnaapp.exeDial-up networking application - not normally found in the startup locations. It runs when you connect to the net via this method (ie, analogue 56K modem) and terminates after the connection is closed
    XRemndrCsRemnd.exeCasinoOnline foistware
    URemindMeRemindMe.exeRemind-Me - calendar software
    NRemind_XPRemind_XP.exeHP-specific program that reminds users to create System Recovery CDs. Once they use the Recovery CD Creator (Start -> PC Help & Tools -> Recovery CD Creator) to make the recovery CDs the entry will remove itself from the startup list
    Nreminder-ScanSoft Product Registrationremind32.exeRegistration reminder for ScanSoft products such as PaperPort
    NReminder-ranXXXXXremind32.exeRegistration reminder widget for Rand Mcnally maps
    NReminder-cpqXXXXXremind32.exeCompaq printer Registration
    NReminder-hpcXXXXXremind32.exeHP CD-Writer Registration
    NReminderRemind_XP.exeHP-specific program that reminds users to create System Recovery CDs. Once they use the Recovery CD Creator (Start -> PC Help & Tools -> Recovery CD Creator) to make the recovery CDs the entry will remove itself from the startup list
    NRemHelpRemhelp.exeBT Voyager ADSL Modem Help related
    NReminderreminder.exeFrom MS Money. Reminds you of your bills
    Xreloadreload.vbsAdded by the LOVELETTER.AS VIRUS!
    UReleaseRAMRRAM.exe"Release RAM allows your computer to run faster and uses your computer's RAM more efficiently". Some users swear by programs such as this but I suggest you read this article and make up your own mind
    Xreg_keyloader_name.exeAdded by the BEAGLE.Y or BEAGLE.Z or BEAGLE.AA WORMS!
    XReg_WFTRegsysw.comAdded by the WILSEF VIRUS!
    Xreg_keyFUKULAMER.exeAdded by the BEAGLE.AH WORM!
    URegx10EXEatix10.exeATI Remote Wonder - PC wireless remote control
    XRegWritecsrss.exeAdded by the SOKACAPS TROJAN! Note - this is not the legitimate csrss.exe process, which should not appear in Msconfig/Startup!
    XRegVerREGVER.EXEAdded by the LATINUS.16 TROJAN!
    ?regtmlpN/A??
    URegTweakRegTwk.exeRage3d Tweak - ATI Radeon tweaker which allows access to registry tweak options, custom display modes, refresh rates and overclocking all through an easy to use interface
    UREGSVR32regsvr32.exe ctasio.dllASIO (Audio Stream In/Out) drivers for the SoundBlaster Audigy 2 series soundcards - for recording and home project studios. Required if you use this functionality
    Xregsvrregsvr.exeAdded by the WEBMONEY-G TROJAN!
    Xregsvc32regsvc32.exeHomepage hijacker that changes your homepage to an adult content site
    XRegsvregsv.exeSearch hijacker - redirecting to scheo.com
    Xregsrvregsrv.exeAdded by the OPTIXPRO.11 TROJAN!
    NRegShaveregshave.exePart of the USB driver for your Fuji digital cameras - used when uninstalling the USB drivers, erasing all entries from the registry. Only required BEFORE attempting to uninstall the Fuji software or the uninstall may not work correctly
    Xregservices.exeregservices.exeAdded by an unidentified VIRUS, WORM or TROJAN!
    YRegrun2WatchDog.exeGreatis Software's RegRun 3 Security Suite which amongst other things replaces MSCONFIG. The WatchDog check for registry changes caused by trojan's, viruses, etc 
    XRegRunmActiveX.exeAdded by a variant of the RBOT WORM!
    YRegProtRegprot.exeRegistryProt from Diamond Computer Systems - protects the system registry against changes
    URegistryMechanicRegMech.exeRegistry Mechanic for Windows - "you can safely clean and repair Windows registry problems with a few simple mouse clicks! Problems with the Windows registry are a common cause of Windows crashes and error messages"
    XRegistryChkwinbackup.exeAdded by the MERTIAN WORM!
    XRegistry ServicesRegistry.exeAdded by the DOWNLOADER.CILE TROJAN!
    XRegistry Serverregsrv32.exeAdded by the RBOT-GM WORM!
    XRegistry Scannerregscanr.exeAdded by a variant of the OPTIX TROJAN!
    XRegistry Loaderregloadr.exeAdded by the GAOBOT.AO WORM!
    XRegistry Loaderwinhlpp32.exeAdded by the GAOBOT.AO WORM!
    XRegistry Checkupwinreg.exeAdded by an unidentified WORM or TROJAN!
    XRegistrywscript.exeAdded by the VBSWG.AQ WORM!
    NRegistration-Studio 8RegTool.exeRegistration for Pinnacle Studio Version 8 home video software from Pinnacle Systems
    URegisterDropHandlerREGIST~1.EXEPart of the OCR software TextBridge Pro 9.0 (and possibly earlier versions). Typically used with imaging devices such as scanners and digital cameras for creating text documents from images. This item will probably be displayed twice and will re-instate itself whenever you start the main program so leave it - once started it frees the memory it used. Its purpose and an explanation of how to correct a problem it creates for "Send To" can be found here. Note that you don't have to uninstall TextBridge for this fix to work and the program works fine afterwards. Not used on later versions of the software - hence the 'U' recommendation 
    ?Register SeqChkregsvr32.exe ..csseqchk.dll??
    NRegister MediaRing Talkregister.exeIf you don't want to register MediaRing and be reminded about it every bootup disable it
    ?reginfo32reginfo32.exe??
    URegFreezeregfreeze.exeRegFreeze anti-spyware software
    XREGEDITRegsrv32.comAdded by the SOUTHGHOST WORM!
    Xregeditregedit.exeAdded by the BRID.A WORM! Note - resides in C:WindowsSystem (Win9x/Me), C:WinntSystem32 (WinNT/2K), or C:WindowsSystem32 (WinXP). The valid "regedit.exe" resides in C:Windows (Win9x/Me/XP) or C:Winnt (WinNT/2K)
    XRegDoneExlsass.exeAdded by the WEBUS.B TROJAN! Note - this is not the legitimate lsass.exe process, which should not appear in Msconfig/Startup!
    XRegDone Excsrss.exeAdded by the WEBUS TROJAN! Note - this is not the legitimate csrss.exe process, which should not appear in Msconfig/Startup!
    XRegDonewinlogon.exeAdded by the NEVEG.A WORM! Note - this is not the legitimate winlogon.exe process, which should not appear in Msconfig/Startup!
    XRegcxnRegcxn.exeAdded by the COIBOA-D TROJAN!
    XRegDoneservices.exeAdded by the NEVEG.B or NEVEG.C WORMS! Note - this is not the legitimate services.exe process, which should not appear in Msconfig/Startup!
    XRegCompresREGCPM32.EXEAdult content dialler - see here. This has to be cleared at the same time as MSStartOptimizer (WINUPD.EXE), atisrc2 (windfind.exe) and mmxrun (msosa.exe), otherwise they return
    XRegCompresRegcpm32.exeAdded by the POLDO.B TROJAN!
    XRegCleanerSYSio32.exeAdded by an unidentified VIRUS, WORM or TROJAN! Note - do not confuse this with the popular RegCleaner registry cleaner freeware
    XRegcheck~CAB001.EXEAdded by the CYBRSPY.13A or CYBRSPY.13B TROJANS!
    XReg32reg33.exeCoolWebSearch parasite variant
    Xreg32reg32.exeAdded by the NOUPDATE.B TROJAN!
    XReg32Reg32.exeHijacker - redirecting to only-virgins.com
    XReg ServicesWinboot32.exeAdded by the RBOT.PB WORM!
    XReg Servicewinsy.exeAdded by a variant of the SPYBOT WORM!
    NRefreshRefresh.exe(Iomega) Refresh - loads the Iomega desktop icons at startup
    XRegReg.htaHomepage hi-jacker. Removal instructions here
    URefereereferee.exeMediaComm's monitor for file association changes. Stop rogue programs from screwing your settings either on installation or whenever they run
    XREEGRUN[path to file]Added by the SECDROP.AI TROJAN
    NRedline Taskbartaskbar.exeTaskbar icon for the Redline RegTweak overclocking program as supplied with Sapphire ATI graphics cards
    Xredirectredirect*.exeDotcomtoolbar/Linksummary hijacker installer - where * is a random digit
    NRed Flagredflag.exePMS prediction program with modes for guys and girls - no longer available
    XRed Swoosh EDN ClientRSEDNClient.exeRed Swoosh - mechanism used by web sites to allow you to download files from those sites quicker and more efficiently. Note from the license agreement they automatically update the software and share non-personally identifiable information with others in the network
    NRecSheRecSche.exeRecording scheduler for WatchTV Capture Card (TV Tuner card)
    ?RecoverFromRebootRecoverFromReboot.exe??
    ?RecoverFromRebootRECOVE~1.EXE??
    ?RecoverFromRebooRecoverFromReboot.exe??
    ?RecoverFromRebooRECOVE~1.EXE??
    NRecoverN/AAdded during the installation of Comcast High Speed Internet software. During installation the system reboots and if the disk is removed a screen appears asking for the disk to be re-inserted to complete installation. Not required once installion is complete
    XRecommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B}RH.DLLSmartPops adware
    NReclipreclip.exeReclip Popup Clipboard manager
    YRecguardrecguard.exeOn HP computers, Recguard prevents the deletion or corruption of the WinXP Recovery Partition. Without it enabled, it is possible to knock that completely out and force the customer to send the PC back to HP for a re-image, possibly at the customer's expense
    NRebootReboot.exeMS-DOS/Win3.1 utility use to clean boot a system. Sometimes installed by default from some driver CDs for motherboards
    XRealUpdaterrealupd.exeAdded by the PARLAY or MITGLIEDER.I TROJANS!
    NRealTrayRealPlay.exeSystem Tray icon for RealPlayer. If you subsequently start RealPlayer manually it adds itself back to the start-up list. You can stop this from happening by right-clicking on the tray icon and disabling StartCenter via Preferences
    ?RealTimeUpdateRealTimeUpdate.exeProduct description in properties is "InternetExplorerCommunicationAgent Module" ?
    YRealtime Monitorrealmon.exeRealtime scanner part of eTrust Antivirus/InoculateIT version 6 virus scanners from Computer Associates
    ?Realtime Audio Enginemmrtkrnl.exe??
    NRealschedrealsched.exeApplication Scheduler installed along with RealOne Player. Runs independently of RealOne Player, to remind AutoUpdate and Message Center to perform their tasks at pre-scheduled intervals. If it can't be disabled try deleting or renaming realsched.exe and then delete the entry in the registry
    ?RealpopupRealpopup.exeRealPopup - "Replaces old winpopup with a full featured freeware tool which remains stable and simple as its predecessor"
    XRealplayer Onerealplay.exeAdded by the RBOT-NK WORM!
    Xrealplay ml097erealplay.exeVariant of the RapidBlaster parasite (in a "RealPlay" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here. Note - this is not RealPlayer which can have the same executable name
    Xrealplay lptt01realplay.exeVariant of the RapidBlaster parasite (in a "RealPlay" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here. Note - this is not RealPlayer which can have the same executable name
    Xrealone_nt2003moniker.exeAdded by the SNONE.A WORM!
    NRealJukeboxSystraytsystray.exeSystem Tray icon for RealJukebox
    NRealDownloadRealPlay.exeDownload manager. Available via Start -> Programs
    XRealDownload Expressnpnzdad.exeAdvertising spyware
    NReality Fusion GameCam SERFTRay.exeSystem Tray access for Logitech's Reality Fusion GameCam. For more details see here. Available via Start -> Programs
    XRealAudioRealAudio.exeAdded by the CEEGAR TROJAN! Note - this is not associated with the popular RealPlayer media player
    XReal player updaterrealupd.exeAdded by the PARLAY TROJAN!
    XReal-TensReal-Tens.exeDownloadWare based advetising spyware
    XReal Internet PlayerReaiplay.exeAdded by a variant of the SPYBOT WORM!
    XReactor9[random name]32.exeAdded by the BOFRA.E WORM!
    Xreaddb40rundll32.exe [path] readdb40.dll, EnableRunDLL32LZIO.com adware downloader
    XReactor7[random name]32.exeAdded by the BOFRA.B WORM!
    XReactor8[random name]32.exeAdded by the BOFRA.E WORM!
    XReactor6[random name]32.exeAdded by the BOFRA.C WORM!
    XReactor5[random name]32.exeAdded by the BOFRA.D WORM!
    XReactor3[random name]32.exeAdded by the BOFRA.A WORM!
    Xrdvs[worm filename]Added by the ULTIMAX WORM!
    XRDLLRunDll16.exeAdded by the SDBOT.F TROJAN!
    URDClientRDCLIENT.EXERemote Disconnection Utility from Twiga. Used for connecting and disconnecting dial up connections on a network - only needed if there is a shared internet connection
    XRCSyncRCSync.exePrizeSurfer related. "PrizeSurfer is the free software that automatically enters you to win cash and prizes just for surfing the web and shopping online!" Stealth installed malware
    URCScheduleCheckRCSCHED.EXEScheduler for VCOM's Recovery Commander - which "can restore your non-booting system back to normal. It only takes a few minutes to get your system back up and running"
    XRcf Driverrcf.exeAdded by the RANDEX.BLD WORM!
    Xrbenh ml***erbenh.exeVariant of the RapidBlaster parasite (in a "RBEnhance" folder in Program Files) where *** represents random digits. It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here
    Xrb32 ml097erb32.exeVariant of the RapidBlaster parasite (in a "RapidBlaster" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here
    Xrb32 lptt01rb32.exeVariant of the RapidBlaster parasite (in a "RapidBlaster" folder in Program Files). It is not recommended you manually uninstall RapidBlaster but use RapidBlaster Killer - see here
    NRay Process KillerPrkill.exeRay Process Killer - clicking right mouse button produces popup menu with current active tasks. You can choose any task and click "Ok" to terminate it. Use CTRL+ALT+DEL instead
    ?rav_temp.exerav_temp.exe??
    XRavTimXP[worm filename]Added by the WULLIK.B WORM!
    XRavTimeXP[worm filename]Added by the WULLIK.B WORM!
    XRavTimerRavTimer.exeRAV AntiVirus
    YRavMonRavMon.exeRAV AntiVirus
    XRavTimeMstray.exeAdded by the WUKILL.A WORM!
    XRAVEN_VLZS.EXERAVEN_VLZS.EXEAnother eAcceleration program - spyware. Read their privacy statement here
    Xrate.exe********.exe [* = random char]Unidentified adware
    YRAV8Trayravtray8.exeRAV anti-virus related
    Xrate.exei11r54n4.exeAdded by the BEAGLE.E or BEAGLE.F or BEAGLE.G or BEAGLE.H or BEAGLE.I WORMS!
    XRasCon Remote Access Service Managerrasmngr.exeAdded by the SPYBOT.EM WORM!
    XRaseboln.exePurityScan/Clickspring adware
    YRaptor Mobilevpnservices.exeSymantec VPN Client used to connect to corporate networks. If unchecked, must be uninstalled using Add/Remove Programs as it tightly integrates into networking
    XRapidBlasterrb32.exeHomepage hijacker (adult content) - see this newsgroup thread
    URapid Restorerrpcsb.exeXPoint "Rapid Restore PC" - a "Managed Recovery? solution that enables IT Administrators to protect the corporate image, while offloading personal data backup and recovery chores to the end user"
    YRapAppRAPAPP.EXEApplication protection component of BlackICE PC Protection (was Defender) firewall, informing you of any modifications to programs, files or folders and detecting unknown programs trying to launch
    XRandomWin32mgnwin32.exeAdded by the SDBOT-DV WORM!
    XRandex virus built for IRBMeirbme.exeAdded by the RANDEX.RH WORM!
    URAMpageRAMpage.exeSmall Windows utility that displays the amount of available memory in an icon in the System Tray. It can also free memory by double clicking the tray icon, or by setting a threshold that activates the program automatically, or by having it run automatically when an application exits. RAMpage is free, and open source
    URamIdleramidle.exeRAM Idle - "A smart memory management program that will keep your computer running better, faster, and longer. RAM Idle works by  freeing up physical RAM wasted by Windows and other applications. In addition, RAM Idle also includes Cache and startup manager program that will give you more power to optimize your Windows." Some users swear by programs such as this but I suggest you read this article and make up your own mind
    URAMDeframdef.exeRam Def Xtreme - monitors and defragments your system RAM to improve reliability and speed. Some users swear by programs such as this but I suggest you read this article and make up your own mind
    XRamBooster2rb.exeAdded by the AKAK TROJAN!
    URAMASSTRAMASST.exeOptionally installed with some DVD drives (LG, Panasonic, etc). Disables Windows XP's CD-burning abilities because they cause some incompatibilities. It does not affect your ability to burn CDs. If you do not have this program running, you may have some compatibility issues with burnt DVDs
    URadioSvrRadioSvr.EXEUsed to configure wire less networks. Windows automatically detects the Wireless network and it configures the network
    URadBootRadBoot.exeRadLinker - tweaker/linker for ATI Radeon based graphics cards. It allows you easy access to per game settings
    YRabo Session MonitorRaboSessionMon.exeRelated to RaboBank electronic banking software
    NRadarSyncRadarSync.exeRadarsync utility comes from DFI with their latest motherboards, e.g., DFI LanParty Ultra - checks for BIOS and driver updates periodically
    XRabbitWannaHomerabbit.exeAdded by the MIMAIL.S WORM!
    XRA ServerSlave.exeAdded by the RA TROJAN!
    XRA ServerSlave.exeAdded by the RA TROJAN!
    XRabbitWannaHomerabbit.exeAdded by the MIMAIL.S WORM!
    YRabo Session MonitorRaboSessionMon.exeRelated to RaboBank electronic banking software
    NRadarSyncRadarSync.exeRadarsync utility comes from DFI with their latest motherboards, e.g., DFI LanParty Ultra - checks for BIOS and driver updates periodically
    URadBootRadBoot.exeRadLinker - tweaker/linker for ATI Radeon based graphics cards. It allows you easy access to per game settings
    URadioSvrRadioSvr.EXEUsed to configure wire less networks. Windows automatically detects the Wireless network and it configures the network
    URAMASSTRAMASST.exeOptionally installed with some DVD drives (LG, Panasonic, etc). Disables Windows XP's CD-burning abilities because they cause some incompatibilities. It does not affect your ability to burn CDs. If you do not have this program running, you may have some compatibility issues with burnt DVDs
    XRamBooster2rb.exeAdded by the AKAK TROJAN!
    URAMDeframdef.exeRam Def Xtreme - monitors and defragments your system RAM to improve reliability and speed. Some users swear by programs such as this but I suggest you read this article and make up your own mind
    URamIdleramidle.exeRAM Idle - "A smart memory management program that will keep your computer running better, faster, and longer. RAM Idle works by  freeing up physical RAM wasted by Windows and other applications. In addition, RAM Idle also includes Cache and startup manager program that will give you more power to optimize your Windows." Some users swear by programs such as this but I suggest you read this article and make up your own mind
    URAMpageRAMpage.exeSmall Windows utility that displays the amount of available memory in an icon in the System Tray. It can also free memory by double clicking the tray icon, or by setting a threshold that activates the program automatically, or by having it run automatically when an application exits. RAMpage is free, and open source
    XRandex virus built for IRBMeirbme.exeAdded by the RANDEX.RH WORM!
    XRandomWin32mgnwin32.exeAdded by the SDBOT-DV WORM!
    YRapAppRAPAPP.EXEApplication protection component of BlackICE PC Protection (was Defender) firewall, informing you of any modifications to programs, files or folders and detecting unknown programs trying to launch
    URapid Restorerrpcsb.exeXPoint "Rapid Restore PC" - a "Managed Recovery? solution that enables IT Administrators to protect the corporate image, while offloading personal data backup and recovery chores to the end user"
    XRapidBlasterrb32.exeHomepage hijacker (adult content) - see this newsgroup thread
    YRaptor Mobilevpnservices.exeSymantec VPN Client used to connect to corporate networks. If unchecked, must be uninstalled using Add/Remove Programs as it tightly integrates into networking
    XRasCon Remote Access Service Managerrasmngr.exeAdded by the SPYBOT.EM WORM!
    XRaseboln.exePurityScan/Clickspring adware
    Xrate.exei11r54n4.exeAdded by the BEAGLE.E or BEAGLE.F or BEAGLE.G or BEAGLE.H or BEAGLE.I WORMS!
    Xrate.exe********.exe [* = random char]Unidentified adware
    YRAV8Trayravtray8.exeRAV anti-virus related
    XRAVEN_VLZS.EXERAVEN_VLZS.EXEAnother eAcceleration program - spyware. Read their privacy statement here
    YRavMonRavMon.exeRAV AntiVirus
    XRavTimeMstray.exeAdded by the WUKILL.A WORM!
    XRavTimerRavTimer.exeRAV AntiVirus
    XRavTimeXP[worm filename]Added by the WULLIK.B WORM!