26th November, 2004
New items
- 87
- *WinLogon - X - [trojan path] ren time:[random number]
-
.mscdr - X - lsvchost.exe
-
Adaptec DirectCD - N - Directcd.exe
-
AdRotator.Application - X - csrss.exe
-
Alias SketchBook Snapshot - N - ALIASS~2.exe
-
Atomic.exe - U - Atomic.exe
-
AVG7_EMC - Y - AVGEMC.exe
-
CAVS - Y - CAVS.exe
-
center - X - [random name]32.exe
-
ComAgent - U - ComAgent.exe
-
Control handler - X - ahjinst.exe
-
CSV7P91 - X - CSV7P91.exe
-
CtrlVol - U - CtrlVol.exe
-
dps - X - dps.exe
-
Dynu Basic Client - U - dynubas.exe
-
Electron Microscope - U - EMIII.exe
-
GhostSurfDelSatellite - ? - DeleteSatellite.exe
-
Hot_Tarts_Au - X - Hot_Tarts_Au.exe
-
JavaUpdate0.07 - X - [filename]
-
KernellApps - X - csrss.exe
-
LicCtrl - U - rundll32.exe [path] MMFS.DLL, Service
-
LicCtrl - U - runservice.exe
-
Messenger6 - X - command.pif
-
Microsoft Update Machine - X - svshost.exe
-
Microsoft Update Machine - X - wuamgd.exe
-
Microsoft Update Machine - X - wupdt32x.exe
-
Microsoft Windows Update - X - svcshost.exe
-
Microsoft Windows Update - X - svmhost.exe
-
Microsoft Windows Update - X - svshost.exe
-
Microsoft World Service - X - winworld.exe
-
Micrsoft Driver - X - windrive.exe
-
Miosf Update - X - wimsqaad.exe
-
Mmgsvc - X - mmgsvc.exe
-
msdev - X - msdev.exe
-
MSKServerexe-> U - MSKSrvr.exe
-
MSN ang - X - cssrss.exe
-
MSN Start - X - msnmsgr7.exe
-
MSN Updater - X - msnms.exe
-
MSNGrabber - X - MSNgrabber.exe
-
msvsc32 - X - msdev.exe
-
NortonAV - X - norton_antivirus.exe
-
NvCpl - X - NvCpl.exe
-
OSD - U - OSD.exe
-
PowerProf - X - PowerProf.exe
-
prjtect - X - prjtect.exe
-
prktect - X - prktect.exe
-
prrtect - X - prrtect.exe
-
Quicktime Mediaplayer - X - winmplyer32.exe
-
Reactor3 - X - [random name]32.exe
-
Reactor6 - X - [random name]32.exe
-
Reactor7 - X - [random name]32.exe
-
Reactor8 - X - [random name]32.exe
-
Reactor9 - X - [random name]32.exe
-
Rhino - X - [random name]32.exe
-
RTMonitor - Y - RTMonitor.exe
-
SB - U - SB.exe
-
ScanSpyware v * - X - Scanner.exe
-
Security Manager - U - SecurityManager.exe
-
Sensiva - U - Sensiva.exe
-
services.exe - X - Services.exe (CIADOOR-F)
-
spoolsvr32 - X - csmss.exe
-
Sticky Notes - N - stikynot.exe
-
Svchost - X - svchosl.pif
-
Svhost Loader - X - svshost.exe
-
svshostdriver - X - svshost.exe
-
Sygate Personal Firewall - X - Sygate.exe
-
Syskey - X - sysinit.exe
-
tablet s - Y - tablet s
-
tgbcde - X - module32.exe
-
TimeSyncApp - X - TimeSynchronize.exe
-
tjstartup - X - svchost.exe
-
trirot - Y - trirot.exe
-
update run dos - X - logon.exe
-
updatev01 - N - updatev01.exe
-
Wbutton - ? - Wbutton.exe
-
Windows AdControl - X - WinAdCtl.exe
-
Windows Automatic Updates - X - dvldr.exe
-
Windows NT Service Name - X - winshock.exe
-
windows update - X - wuraclt.exe
-
windows update configurator - X - svghost.exe
-
Windows Update Manager for NT - X - wupdmgr32.exe
-
Windows Update Monitoring Service - X - winupdt.exe
-
WinGate Engine Monitor - U - wgengmon.exe
-
WinLogin - X - winlogin.exe
-
wsbklite - ? - wsbklite.exe
-
X10Weax - X - WTHRTRAY.exe
-
Yahoo Messenger - X - Yahoomsg.exe
Changed items
- 45
- 1A:Stardock MCP (mcpserver.exe) - description updated
-
AccessRampLAN01 (ARUpld32.exe) - description updated
-
ActiveShield (MCVSSHLD.EXE) - description updated
-
ATI CATALYST System Tray (CLI.exe SystemTray) - description updated
-
ATI Task Application (Atitkad.exe) - description updated
-
ATICCC (cli.exe runtime) - description updated
-
BMupdate (Bmupdate.exe) - description updated
-
bttray (bttray.exe) - description updated
-
C-Media Echo Control (EchoCtrl.exe) - description updated
-
Compaq Message Server (COMPAQ-RBA.EXE) - description updated
-
CPQBootPerfDB (CPQBootPerfDB.EXE) - description updated
-
DlaTray (Dlatray.exe) - description updated
-
DMISLAPP (DMISLAPP.exe) - description updated
-
drvlsnr (drvlsnr.exe) - status (U) and description changed
-
Fatpipe Dialer (fpdialer.exe) - description updated
-
Go!Zilla (gozilla.exe) - description updated
-
HalifaxHowardCluster (skinkers.exe) - status (U) and description changed
-
hfxp (hfxp.exe) - description updated
-
HP Precision Scan (hpmdlbwx.exe) - description updated
-
HP Updates (??) - description updated
-
HPAiODevice(hp psc 900 series) -1 (hpobrt07.exe) - description updated
-
IBMUltraBayHotSwapSound (IBMBAYSN.EXE) - description updated
-
Imesh Auto Update (??) - description updated
-
LoadPowerProfile (Rundll.exe powerprof.dll) - description updated
-
MBM 5 (MBM5.exe) - description updated
-
mcvsshld (mcvsshld.exe) - description updated
-
Mediafour XPlay Tray Notification Icon (Xptryicn.exe) - description updated
-
Microsoft Office Fast Cache (Fastboot.exe) - description updated
-
MSConfig (MSCONFIG32.EXE) - description updated
-
Nwpopup (Nwpopup.exe) - description updated
-
nwrecmsg (nwrecmsg.exe) - description updated
-
On Screen Display (OSD.EXE) - status (U) changed
-
Reactor5 ([random name]32.exe) - description updated
-
rundll32 (csrss.exe) - description updated
-
ScanRegistry (Scanregw.exe) - description updated
-
Service Host (svchost.exe) - description updated
-
skinkers (skinkers.exe) - status (U) and description changed
-
Stacmon (Stacmon.exe) - status (N) and description changed
-
SynSetup (SynTP.tmp RunOnce.exe) - description updated
-
VirusScan Online (mcvsshld.exe) - description updated
-
WaveTop Receiver 1 (N/A) - description updated
-
WaveTop Receiver 2 (N/A) - description updated
-
WaveTop Upload Manager (N/A) - description updated
-
Winamp (winamp.hta) - description updated
-
WinTask driver (wintask.exe) - description updated
New random entry
Others
- Deleted the "Reactor(random digit)" entry which is no longer valid
(MYDOOM.AI)
- Changed all generic entries using "(" and ")" in the
Startup Item/Name and Command columns to "[" and "]" to
distinguish them from ones that use these for real. The exceptions are the
ones with the Startup Item/Name as "(Default)" and the following:
- (*)API Machine
- (*)Run
- Aiptek Graphics Tablet (USB)
- ATI Task Application (Atikey)
- FTMSFLT(USB)
- HPAiODevice(hp psc 900 series) -1
- Kazaa Download Accelerator Updater (required)
- Main Executable (HP)
- Msn Update Manager (Sp2)
- MusIRC (irc.music.com) client
- NeuroMedia(IESpeaker)
- Post-It(r) Software
- PPK Setup(Server)
- SafeGuard Popup Blocker Updater (required)
- VAIO Action Setup (Server)
- VDI Manager (HP)
- Windows Video Acquisition (WVA)
- Changed all entries where the Command was shown as "??"
to "??". Those entries may cause a problem for people using the
database for their software. This affects the following entries:
- AAAKeyboard
- AccuWeather.comŽ Desktop
- AIMster
- Avxnews
- Bonzi Buddy
- Compaq Video CD Watcher
- Coupon Offers
- CQSCP2P SERVER
- CQSCP2PS
- Devlog
- Dosbat
- EDRestore
- FoolProofSweep
- HP Info Express
- HP RecordNow
- HP Updates
- Imesh
- Introduction-Registration
- LS120 Superdisk
- McAfee Winguage
- mfgboot
- Operator
- Qdsafe
- ScanFile
- SMS Win9x Message Agent
- Startup
- TGCMG
- Usrobotics Online Registration
- V128IITV
- Vinny
- Web Search
- Windows Eyes
- WRECK GUARD
11th November, 2004
New items
- 122
- [System Mechanic Professional Update [Incinerator.dll] - N - REREG: [path] Incinerator.dll
-
2thousandbuck - X - (path to file)
-
Automatic Microsoft Windows Updater - X - suchost.exe
-
AV - X - UPDATE-28062004.exe(25 blank spaces).vbs
-
Awatch - X - Awatch.exe
-
Bcvsrv32 - X - bcvsrv32.exe
-
BigPondCable - N - bpcable.exe
-
blah service - X - internet.exe
-
blah service - X - smnp.exe
-
ccenter - Y - CCenter.exe
-
ccUpdate - X - ccUpdate.exe
-
Classes - X - MSTAR2.EXE
-
Classes - X - mstart.exe
-
CLSID - X - msgplus.exe
-
cmssSystemProcess - X - csmss.exe
-
Configuration Loader - X - systemry.exe
-
ControlCenter2.0 - N - brctrcen.exe
-
CRC Value Verifier - X - Crsss64.exe
-
Creata Mail - U - JMSrvr.exe
-
Create A Monster - X - createAMonster.exe
-
DeskMateAutoUpdate - X - DeskMateAutoUpdate.exe
-
Dialer Detect - U - dd.exe
-
DirectX Video Driver - X - dxterm5.exe
-
DivX Player - X - DivXPlayer.exe
-
ewupdater - X - ewupdater.exe
-
FTPGraber - X - FTPGraber.exe
-
IE Menu Extension toolbar - X - rundll32.exe [path] tbextn.dll DllShowTB
-
iLyric - U - iLyric.exe
-
Initial Page - X - install.exe
-
IpCtrl - X - ipcon32.exe
-
Jawa322 - X - jawa32.exe
-
Kaspersky Antivirus - X - KasperskyAV.exe
-
kvern16.dll - X - regsvr32.exe [path] kvern16.dll
-
Lexmark 3100 Series - Y - lxbrbmgr.exe
-
Lock My PC - U - lockpc.exe
-
lxbrbmgr - Y - lxbrbmgr.exe
-
LXBRKsk - ? - LXBRKsk.exe
-
Mdmdll - X - mdmdll.exe
-
Microsof Winlog Host - X - wilogon32.exe
-
Microsoft CSRSS32 Protocol - X - csrss32.exe
-
Microsoft DNS Query - X - msdns.exe
-
Microsoft Macro Protection Subsystems - X - Msmacroprot32.exe
-
Microsoft Registry - X - csrse.exe
-
Microsoft System Checkup - X - ntsysman.exe
-
Microsoft Update Machine - X - systemll.exe
-
Microsoft Update Machine - X - winupdt.exe
-
Microsoft Update Security Patch - X - mssecurityupdatepatch.exe
-
Microsoft Winsock Wrapper - X - ws2_32s.exe
-
Microsoftmsn32.exe - X - microsoftmsn32.exe
-
msadcheck - X - msadcheck32.exe
-
MSOffice - X - services.exe
-
MSUpdSrv - X - msupdsrv.exe
-
Networks Configurator - X - NetConfs.exe
-
Noha - X - aasd.exe
-
Norton Update - X - ccUpdate.exe
-
OpenMstart - X - mcmgr32.exe
-
OpenMstart - X - mmgr32.exe
-
Piracy - N - SysUtil.exe
-
PopUpStopperCompanion - U - PSComp.exe
-
prdtect - X - prdtect.exe
-
prgtect - X - prgtect.exe
-
PrivacyScanner - X - pscan.exe
-
prmtect - X - prmtect.exe
-
ProcessGovernor - U - processgovernor.exe
-
ProcessSupervisorGUI - U - ProcessSupervisor.exe
-
prttect - X - prttect.exe
-
prxtect - X - prxtect.exe
-
Rase - X - boln.exe
-
RavMon - Y - RavMon.exe
-
RavTimer - Y - RavTimer.exe
-
Reactor(random digit) - X - (random name)32.exe
-
Reactor5 - X - (random name)32.exe
-
Reactor7 - X - (random name)32.exe
-
Registry Server - X - regsrv32.exe
-
RegRun - X - mActiveX.exe
-
regsvr - X - regsvr.exe
-
rfw - Y - Rfw.exe
-
Rundnm - X - Rundnm.exe
-
RunServices - X - runsvc32.exe
-
sealmon - U - sealmon.exe
-
sr64 - X - ********. exe
-
SrchfstUpdate - X - srchupdt.exe
-
SSBkgdUpdate - N - SSBkgdupdate.exe
-
Status Monitor - N - BrMfcWnd.exe
-
Sygate Personal Firewall - X - sysgut.exe
-
sys32 - X - sys32.exe
-
system32 - X - NeT-BoT.exe
-
Taskmon driver - X - winampa.exe
-
TimeService - X - trun.exe
-
Twain image - X - mmp32.exe
-
Update - X - UPDATE-28062004.exe(25 blank spaces).vbs
-
vern16.dll - X - regsvr32.exe [path] vernn16.dll
-
Video Process - X - MSlti64.exe
-
Video Services - X - sys32.exe
-
Vmmon32 - X - vmmon32.exe
-
WAPI - X - wts**.exe (* = random char)
-
WCPS - X - Wint**.exe (* = random char)
-
WD Button Manager - U - WDBtnMgr.exe
-
Winampa - X - winampa.exe
-
Winampa Agent - X - WINAMPA.EXE
-
Windows debug logging - X - winlogg.exe
-
Windows DLL Loader - X - defragfat32z.exe
-
Windows DLL Loader - X - rundll32.exe
-
Windows Help Manager - X - svchost32.exe
-
Windows logging - X - winlogd.exe
-
Windows Logon Procedure - X - Svchoste.exe
-
Windows Media Player - X - MediaPIayer.exe
-
Windows Security Module - X - module.exe
-
Windows Services Update - X - svch0st.exe
-
Windows SP2 Update - X - Sp2update.exe
-
Windows Update Manager - X - wupdmngr.exe
-
WindowsXP Update - X - windowsxpupdate.exe
-
winocx32 - X - winocx32.exe
-
Winsock2 driver - X - Zonealarmupdate.exe
-
Winsock32driver - X - win32server.exe
-
winupdtl - X - winupdtl.exe
-
Workstation Services - X - wrkstn.exe
-
wpds.exe - X - doriot.exe
-
XML Service - X - msxml.exe
-
xp_system - X - winlogon.exe
-
Yahoo Instant Messengar - X - YahooMsgr.exe
-
zervpack2 - X - update2.exe
Changed items
- 13
- Classes (int1.exe) - description updated
-
Classes (intl.exe) - description updated
-
Classes (run_21.exe) - description updated
-
Classes (srv.exe) - description updated
-
Classes (srv2.exe) - description updated
-
MessengerPlus (MsgPlus.exe) - description updated
-
MessengerPlus2 (MsgPlus.exe) - description updated
-
MessengerPlus3 (MsgPlus.exe) - description updated
-
pgtaff (pgtaff.exe) - description updated
-
shicoxp (shicoxp.exe) - description updated
-
STManager (drst.exe) - status (N) and description changed
-
Windows AdTools (WinAdTools.exe) - description updated
-
Windows SSL File (winssv.exe) - description updated
5th November, 2004
New items
- 283
- (random 12 digit number) - X - atitvo32.exe
-
(random 12 digit number) - X - autodisc.exe
-
(random 12 digit number) - X - cabview1.exe
-
(various names) - X - bling.exe
-
(various names) - X - mediaplayer32.exe
-
(various names) - X - svchostss.exe
-
(various names) - X - win32snd.exe
-
(various names) - X - winlogon32.exe
-
.mscdr - X - lassa.exe
-
_svchost.con - X - svchost.com
-
{0228e555-4f9c-4e35-a3ec-b109a192b4c2} - U - gnotify.exe
-
Ad Blocker Pro - U - Ad Blocker Pro.exe
-
AOL Companion - N - companion.exe
-
Ashampoo PopUpBlocker - U - PopUpKiller.exe
-
ATI DeviceDetect - N - ATIDtct.EXE
-
atiupdate - X - msshed32.exe
-
Attunel - X - Attunel.exe
-
AV Client - X - patch31345.exe
-
AV Industry - X - patch31345.exe
-
avast! - Y - ashDisp.exe
-
Avpr - X - avpr.exe
-
AVWLPSTA - ? - AVWLPSTA.exe
-
BGNewsAgent - Y - bgnewsag.exe
-
Chatango - N - Chatango.exe
-
chkdsk - X - c:\autoexec.bat
-
CHotKey - U - zHotkey.exe
-
Com+ Sys - X - csrs.exe
-
Config33.exe - X - Config33.exe
-
Configuration - X - (filename)
-
Configuration Default - X - Wuxat.exe
-
Configuration File - X - Winset32.exe
-
ControlPanel - X - host32.exe internat.dll, LoadKeyboardProfile
-
CoreCenter - U - CORECE~1.EXE
-
CoreCenter - U - CoreCenter.exe
-
CRC Value Verifier - X - crsss32.exe
-
Creative WebCam Tray - N - Camtray.exe
-
Device Configuration Loader - X - msdvc32.exe
-
DigiCell - U - DigiCell.exe
-
DigiD - X - DigitalSound.exe
-
DigitalNames - X - DigitalNamesStart.exe
-
Direct X Direct3D - X - dxd3d.exe
-
Direct X Opengl - X - dxopengl.exe
-
dllhelp - X - dllhlp.exe
-
dslmon - Y - dslmon.exe
-
E_S4I2F1 - N - E_S4I2F1
-
EasyDates - X - EasyDates.exe
-
Esoh - X - Esoh123.exe
-
exdl.exe - X - exdl.exe
-
Explorer - X - shellexp.exe
-
f1Tray.exe - U - F1TRAY.EXE
-
fGQEGqHOME - X - gwwgtp.exe
-
FineReader7NewsReaderPro - N - AbbyyNewsReader.exe
-
FireWire Driver - X - samx.exe
-
freshclam - Y - freshclam.exe
-
Games Acceleration - X - svshost.exe
-
Games toolbar - X - rundll32.exe [path] tbGame.dll, DllShowTB
-
GDAX - X - (path to backdoor)
-
Generic Host Process - X - SCHOST.EXE
-
GLSetT32 - X - smsiexec.exe
-
golumm - X - services.exe
-
helpw - X - helpw.exe
-
hplampc - U - hplampc.exe
-
hpotdd01.exe - Y - hpotdd01.exe
-
Hyper Start - X - instantmsgrs.exe
-
iecheck - N - iecheck.exe
-
internat - X - internat.exe (LYDRA-F)
-
Internet Connection Wizard - X - stisvsq.exe
-
Internet Download Accelerator - U - ida.exe
-
Internet Mail and News - X - msqdevl.exe
-
IPConfig - X - svcxnv32.exe
-
Isass - X - Isass.exe
-
Kazaa Download Accelerator Updater (required) - X - regsvr32 [path] kdp****.dll (*= random char)
-
Kernel32 - X - kernel32s.exe
-
Key Logger - X - csrss.exe
-
LanGuard - X - languard.exe
-
lcvga - X - lcvga.exe
-
Lightning Download - U - Lightning.exe
-
LManager - U - QtZpAcer.exe
-
load= - X - win32exec.exe
-
Load-Guard - X - Wscript.exe LGuarg.exe.vbs
-
lsass - X - lsasrv.exe
-
lssass - X - lssas.exe
-
M1cr0s0ft Upd4t4zS - X - update32.exe
-
Macfee Security Patch - X - Mpfsheild.exe
-
Matador - U - mantispm.exe
-
mdm - X - mdm.exe
-
Microsoft Data Machine - X - csdata32.exe
-
Microsoft Decryption Technology - X - Msfenoe.exe
-
Microsoft DirectX - X - PDSched.exe
-
Microsoft Dll Management - X - windll.exe
-
Microsoft Internet Acceleration Utility - X - iau.exe
-
Microsoft Kernel - X - Windows_kernel32.exe
-
Microsoft Management Console - X - lssas.exe
-
Microsoft media - X - winmplayers.exe
-
Microsoft Security Management - X - winnt.exe
-
Microsoft Server Application - X - Sound.exe
-
Microsoft Update - X - wuamgrd32.exe
-
Microsoft Update Loader - X - (random filename)
-
Microsoft Update Machine - X - memstat.exe
-
Microsoft Update Machine - X - ntce.exe
-
Microsoft Update Machine - X - system03.exe
-
Microsoft Update Machine - X - wuawx.exe
-
Microsoft Update Machine - X - zonealarm.exe
-
Microsoft Update Mechene - X - Updatez.exe
-
Microsoft Updates Resources - X - WinFixIDs.exe
-
Microsoft Windows Updater - X - WINUPDATE.EXE
-
Microsoft Windows Updates - X - explorer32.exe
-
Microsoftkeysd - X - systemproc.exe
-
Microszoft Update Mach1nezs - X - svchst.exe
-
Mirate Sp 2 Information - X - miratesp2.exe
-
MMSystem - X - RunDll32
-
Motive SmartBridge - N - MotiveSB.exe
-
MPFExe - Y - MpfTray.exe
-
MS FIREWALL - X - msfirewall.exe
-
MSAgent - X - mshtm.exe
-
MSChoExE - X - suge.exe
-
Msconfig - X - msconfig.exe (WINUR)
-
msconfig - X - wins.exe
-
MSDosdrv - X - msdosdrv.exe
-
MSMsgSvc - X - MSMSGSVC.exe
-
MSN - X - ctfmoons.exe
-
Msn Plus Updater - U - msnplus.exe
-
Msn Update Manager (Sp2) - X - MSMSGS.EXE
-
MsnMsgr - X - MsnMsgrs.exe
-
msnmsgsgs - X - msnmsgsgs.exe
-
mssoul - X - msmscc2.exe
-
msupdate - X - msupdate.exe
-
MsWindows SysDate - X - sysmsvc.exe
-
Mswinpid32 - X - mswinpid32.exe
-
Multimedia extensions - X - mservice.exe
-
MyVirt.exe - X - MyVirt.exe
-
NAV Agent - X - winsnav.vbs
-
NDIS Adapter - X - windows.exe
-
NetGuard - U - NetGuard.exe
-
netmsg - U - netmsg.exe
-
Network protocol service - X - wintcp.exe
-
Networks Controler - X - Netsis.exe
-
NPFMonitor - ? - NPFMntor.exe
-
NVSystem32 - X - nvscv32.exe
-
ODBC BackUp - U - fdxxl.exe
-
OneTouch Monitor - N - OneTouchMon.exe
-
PAVFNSVR - Y - PavFnSvr.exe
-
PavProc - Y - PavPrS9x.exe
-
PavProt - Y - PavProt.exe
-
Peeramid - ? - PService.exe
-
PeerGuardian - N - PeerGuardian_1.99b_pr14.exe
-
Personal Firwall - X - ptmedsrv.exe
-
pgtaff - X - pgtaff.exe
-
PicasaNet - N - Hello.exe
-
PK Services - X - pksvc.exe
-
Printer - X - (path to file) (LOWTAPER)
-
Printer - X - dipset.exe
-
PrnSys Executable - U - PrnSys.exe
-
ProdikeysAutorun - N - Prodload.exe
-
Protection - X - [path] runtask.exe [path] protection.exe
-
Protection - X - Protection.exe
-
PSIMSVC - Y - PSIMSVC.exe
-
RealAudio - X - RealAudio.exe
-
Realplayer One - X - realplay.exe
-
REEGRUN - X - (path to file)
-
Reg Service - X - winsy.exe
-
Regcxn - X - Regcxn.exe
-
Registry Checkup - X - winreg.exe
-
Remote Procedure Calls - X - mswinc.exe
-
Remote Procedure Calls - X - win.exe
-
RemoteAgent - Y - RAUAgent.exe
-
requester - X - requester.5.exe
-
Restart WSC Setting - U - wscrestp.exe
-
Ruby14 - X - Ruby14.exe
-
Run TaskMrg - X - csrss.exe
-
RundllSvr - X - Rundll.exe
-
SafeGuard Popup Blocker Updater - X - regsvr32 [path] sfgupd.dll
-
Sagate Security Firewall - X - sagate.exe
-
SBC Self Support Tool - U - matcli.exe
-
ScreenPrint32 - N - ScreenPrint32.exe
-
scvhost - X - svzhost.exe
-
SearchSetter - X - searchsetter[1].exe
-
Service Host - X - spoolxx.exe
-
ShellCommand - X - (path to file)
-
SpeedOptimizer - U - spo.exe
-
SPINX - X - Wscript.exe OXNEY.B.VBS
-
SpokeSysTray - U - SpokeSysTray.exe
-
SpoolService - X - spolsv.exe
-
SpySpotter - N - SpySpotter.exe
-
Spyware Doctor - U - spydoctor.exe
-
Spyware remover - X - Remove_spyware.exe
-
Srv RPCrom - X - NClienti386.exe
-
Start Upping - X - SVCHOSTES.EXE
-
STManager - ? - drst.exe
-
STOPzilla - U - Stopzilla.exe
-
STOPzilla Service - U - SZNTSVC.EXE
-
SupaDial - ? - SupaDial.exe
-
SuperSpamKiller Pro - U - Ssk.exe
-
SureCleanProfessional - U - SRClean.exe
-
SurfSideKick 2 - X - Ssk.exe
-
Surs - X - awab.exe
-
svchostr - X - svchostr.exe
-
svrrun - X - svrrun.exe
-
svwin32 - X - unninst32.exe
-
Sygate Personal Firewall - X - system32.exe
-
Sync Server - X - drwatsoon.exe
-
SysPilot - U - fdxxl.exe
-
System driver - X - Messenger.exe
-
System Manager - X - svchost.exe
-
system manager - X - System.exe
-
Systems Restart - X - slchost.exe
-
Systems Restart - X - spchost.exe
-
Taskmgo - X - (path to file)
-
tcupdater - X - tcupdater.exe
-
tempx - X - tempx.exe
-
Testing 123 - X - msdata.dat
-
TizzleTalk - U - TizzleTalk.exe
-
TvNow - U - TvNow.exe
-
Update - X - mshtm.exe
-
Update ver 1.0 - X - Swap.exe
-
upddateit - X - winit.exe
-
USB 2.1 Driver - X - winupdate1.exe
-
USB controller - X - Svcmm32.exe
-
USB Device - X - win32usb.exe
-
USB Hardware Monitoring - X - USBhardware.exe
-
USB SECURITY DEVICE CoInstaller - Y - JupitCo.exe
-
USBDetector - ? - UDetect.exe
-
Usrr - X - rncr.exe
-
Video - X - winamp32.exe
-
Video Lan Player - X - VideoLanPlayer.exe
-
Virt.exe - X - Virt.exe
-
VirtuaGirl - U - Vg.exe
-
W32.Scran - X - Scran.exe
-
wcmdmgr - U - wcmdmgrl.exe
-
wdskctl - X - wdskctl.exe
-
WebArmyKnife - N - WAK.exe
-
WebSavingsFromEbates0 - X - WebSavingsFromEbates0.exe
-
WebSpecials - X - rundll32 [path] webspec.dll
-
WG511WLU - Y - WG511WLU.exe
-
Win Comm - X - WinComm.exe
-
Win32 SSL Driver - X - winssv.exe
-
Win32 USB Driver - X - mvsecn.exe
-
Win32 Usb Driver - X - svhosint32.exe
-
Win32 USB2.0 Driver - X - service.exe
-
WIN32SNDS - X - banc.exe
-
Win32SystemMonitor - X - ***.exe (* = random char)
-
winadm - X - winadm.exe
-
WINCINEMAMGR - N - WINCIN~1.EXE
-
WinCinemaMgr - N - WinCinemaMgr.exe
-
WinCSRSS - X - MSGRT32.EXE
-
windef - X - Win32sp.vbs
-
Windows (random character) - X - diskcheck.exe
-
Windows AdTools - X - WinAdTools.exe
-
Windows Communicator - X - wincomm.exe
-
Windows Data Server - X - autodisc.exe
-
Windows Help File - X - winhelper32.exe
-
Windows Media Player - X - wmediaplayer.exe
-
Windows Media Player - X - WMP23.exe
-
Windows media services - X - cvrsss.exe
-
Windows Nets - X - WinNET.exe
-
Windows Network Service - X - winvc32.exe
-
Windows NT 32 - X - ntlogin32.exe
-
Windows System Manager Proc - X - winsmc.exe
-
Windows System Serivce - X - winserv.exe
-
windows system service - X - winsock.exe
-
Windows Task Manager - X - taskmgn.exe
-
Windows TCP/IP - X - wintcp.exe
-
Windows Update - X - host32.exe
-
WindowsKeyUpdate - X - master.exe
-
WindowsRegistration - X - (random filename)
-
WindowsRegKey%update - X - ethernet32m.exe
-
WindowsUpdate Service - X - wuautlc.exe
-
wingo - X - wingo.exe
-
WinMem - U - WinMem.exe
-
winrun - X - winrun.exe
-
Winsock2 driver - X - SPOLSV.EXE
-
WinTask driver - X - wintask.exe
-
winupdate.reg - X - winupdate.exe
-
winur - X - winrun.exe
-
winXP - X - 33.exe
-
WinXP - X - plugin1.exe
-
ws2help - X - ws2help.exe
-
xpsystem - X - MSXMIDI.EXE
-
Yahoo Update - X - Yahoo.exe
-
You've Got Pictures Screensaver - U - ygpsstra.exe
-
YZH.SYS - X - YZH.exe
-
ZeroSpyware - U - ZeroSpyware.exe
-
Zonealarm - X - Removeme.exe
Changed items
- 57
- .TEXTCONV (lsass.exe) - "Name or Startup Item" changed (WEBUS.B)
-
ashMaiSv (ashmaisv.exe) - description changed
-
AttuneClientEngine (attune_ce.exe) - description changed
-
AttuneContentUpdater (attune_cu.exe) - description changed
-
AttuneDiscovery (attune_di.exe) - description changed
-
AttuneSystray (attune_st.exe) - description changed
-
Avast32 (Astart32.exe) - description changed
-
AveoAttune (atmdlusr.exe) - description changed
-
AvMaiSrv (Avmaisrv.exe) - description changed
-
bawindo (bawindo.exe) - description changed
-
BlueToothAuthentication Agent (rundll32.exe irprops.cpl, BluetoothAuthenticationAgent) - description changed
-
CCWC7a (ac.exe) - description changed
-
CCWC7I (idxl.exe) - description changed
-
CCWC7s (stealth.exe) - description changed
-
CnsMax (Internat.exe) - description changed
-
Comm Driver (commh32.exe) - description changed
-
Configuration Loader (msgfix.exe) - description changed
-
DeviceDiscovery (hpotdd01.exe) - status (Y) and description changed
-
emsw.exe (emsw.exe) - description and hyperlink changed
-
HelpExp.exe (HelpExp.exe) - description and hyperlink changed
-
HREF.OCX (regsvr32.exe ....HREF.OCX) - description and hyperlink changed
-
HXDL.EXE (HXDL.EXE) - description and hyperlink changed
-
HXIUL.EXE (HXIUL.EXE) - description and hyperlink changed
-
LiveMonitor (LMonitor.exe) - description updated
-
LMonitor (LMonitor.exe) - description updated
-
Microsoft Restore (scrgrd.exe) - description changed
-
MMERefresh (MMERefresh.exe) - status (U) and description changed
-
MotiveSB (MotiveSB.exe) - description changed
-
mouseElf (gnetmous.exe) - description changed
-
MS FIREWALL (msfrewall.exe) - description changed
-
NDSTray (NDSTray.exe) - status (U) and description changed
-
PopUpKiller (PopUpKiller.exe) - hyperlink changed
-
PsPCCard (PsPCCard.exe) - status (Y) and description changed
-
Remind_XP (Remind_XP.exe) - description changed
-
Reminder (Remind_XP.exe) - description changed
-
rundll32 (rundll32.exe irprops.cpl, BluetoothAuthenticationAgent) - description changed
-
sndsrvc (SNDSRVC.EXE) - description updated
-
Spooler Subsytem App (spoolsvc.exe) - description changed
-
stcinstaller (id53.exe) - description changed
-
Sysino (lsess.exe) - description changed
-
taskmgr (taskmgr.exe) - description changed
-
Tgcmd (tgcmd.exe) - "tgcmdprovidersbc" removed from the "Name or Startup Item" column
-
TkBell.Exe (evntsvc.exe) - description corrected
-
TkBell.Exe (realsched.exe) - description corrected
-
TkBell.Exe (tkbell.exe) - description corrected
-
TkBellExe (evntsvc.exe) - description changed
-
TkBellExe (realsched.exe) - description changed
-
TkBellExe (tkbell.exe) - description changed
-
UPSentry 2000 (upsd.exe) - status (Y) and description corrected
-
UPSlim (upsd.exe) - status (Y) and description corrected
-
VbouncerDL (VbouncerInner****.exe (* = random char)) - command updated
-
Washer (washer.exe) - description and hyperlink changed
-
washindex (washidx.exe) - hyperlink changed
-
Window Washer (wwDisp.exe) - hyperlink changed
-
Windows DNS Daemon (windnsd.exe) - description changed
-
Windows Sound Manager (SndMon32.exe) - description changed
-
WindowsUpdate (vchost.exe) - description changed
Removed items
- 4
- TMESRV31 - ? - TMESRV31.EXE
- HXDL.EXE - X - HXIUL.EXE
- HXIUL.EXE - X - HXDL.EXE
- UPSentry 2000 or UPSlim - Y - upsd.exe
New random entry