Latest updates for the list of startup programs provided at http://www.sysinfo.org/startupinfo.html

29th September, 2004

New items - 43

• X - .TEXTCONV (csrss.exe)
• X - .WMAudio (csrss.exe)
• N - AnyDVD (AnyDVD.exe)
• X - bawindo (bawindo.exe)
• X - BuildLabs (csrss.exe)
• X - ccpApps (csrss.exe)
• U - DellTouch (MMKeybd.exe)
• X - DirectX for Microsoft Windows (Fservice.exe or Sservice.exe)
• X - FiendlyType (csrss.exe)
• ? - gramdate (2Stop.exe)
• X - ICQ Center (<path to worm>)
• U - LiveUpdate (LiveUpdate.exe)
• X - Microsoft IT Update (win64.exe)
• X - Microsoft SourceSafe (csrss.exe)
• X - Microsoft System Checkup (ntsysmgr.exe)
• X - Microsoft Update (Isac.exe)
• X - Microsoft Update 32 (explore32.exe)
• X - Microsoft Windows Updater (svchostz.exe)
• X - msnload32.exe (msnload32.exe)
• X - MSNMESENGER (Main.exe)
• U - NovaBackup * Tray Control (NbkCtrl.exe)
• N - NVMixerTray (NVMixerTray.exe)
• U - Openwares LiveUpdate (LiveUpdate.exe)
• U - PRONoMgrWired (PRONoMgr.exe)
• X - Prog (csrss.exe)
• X - Rcf Driver (rcf.exe)
• U - RCScheduleCheck (RCSCHED.EXE)
• X - realone_nt2003 (moniker.exe)
• X - RegDone Ex (csrss.exe)
• U - RegistryMechanic (RegMech.exe)
• ? - SESync (SED.exe)
• X - shellsystem (shellsystem.exe)
• X - Shockwave (csrss.exe)
• N - SmartBarXP (SmartBarXP.exe)
• X - StubPath (Sservice.exe)
• U - Super Popup Blocker (popkill.exe)
• X - User Services (usersvc.exe)
• X - w32 (w32.exe)
• X - win (xwinxrpc32.exe)
• X - Win32 USB Driver (winxpinit.exe)
• X - Windows SyncroAd (SyncroAd.exe) 
• X - WinUpdate (wmbem.exe)
• X - WinUpdate Loader (msnnm.exe)

Changed items - 3

• ATI CATALYST System Tray (CLI.exe SystemTray) - status (N) changed and description updated
• ATICCC (cli.exe runtime) - status (U) changed and description updated
• DkService (DkService.exe) - status (Y) changed and description updated

17th September, 2004

New items - 68

• X - (default) (twunk_32.exe or winhelp.exe)
• N - Acme.PCHButton (pchbutton.exe)
• X - alkasr (ÎäÒíÑ.exe)
• ? - AOL Messenger (TGRCNLUD.EXE)
• U - AOL Spyware Protection (AOLSP Scheduler.exe)
• N - ATI CATALYST System Tray (CLI.exe)
• N - ATICCC (cli.exe)
• X - auxAudioDevice (aux32.exe)
• ? - BBDial (BT Broadband.exe)
• X - blah service (winupdate.exe)
• ? - Boston (Boston.exe)
• U - BT Broadband Help (matcli.exe)
• X - CashBack (cashback.exe)
• X - dasxdads (fsdqd.exe)
• X - Default System Research (vhchost.exe)
• X - Downxz (Downxz.bat)
• X - drvddll.exe (drvddll.exe)
• U - DSLSTATEXE (dslstat.exe)
• U - EnigmaPopupStop (EnigmaPopupStop.exe)
• X - HIV (HIV.exe)
• ? - HPHUPD05 (hphupd05.exe)
• ? - HPHmon05 (hphmon05.exe)
• X - iestart (iexp1orer.exe)
• N - iRiver Updater (Updater.exe)
• U - Kill Popup (KillPopup.exe)
• N - LimeWire x.x (LimeWire.exe)
• ? - Microsoft Gina V Encryption (MSGINAV.EXE)
• X - Microsoft Secure Messenger.NET Service (securitychk.exe)
• X - Microsoft Services (services.exe)
• X - Microsoft Windows updaterD (log32zx.exe)
• N - MiniMavis (MiniMavis.exe)
• X - MS Updates (syshosts.exe)
• X - NaviSearch (nls.exe)
• N - NeroNETTrayIcon (NNServiceCtrl.exe)
• ? - netpc32.exe (netpc32.exe)
• X - oz2 (oz2.exe)
• U - PopUpStopperProfessional (PopUpStopperProfessional.exe)
• X - Print Spooler (spools.exe)
• ? - ProgramWindow (more comp.exe)
• X - RamBooster2 (rb.exe)
• X - Ruby13 (Ruby13.exe)
• U - Spyware Begone (SpywareBeGone.exe)
• X - sstata (dwdas.exe)
• X - starter (scvhosting.exe)
• N - Steam (steam.exe)
• X - System File Drivers (nvsysvc32.exe)
• X - systree (systree)
• X - Task (tasker.exe)
• X - Taskbell.exe (Rund1.exe)
• U - TMESRV31 (TMESRV31.EXE)
• X - Update" -s setup (Zupdate.exe)
• U - UpdateManager (sgtray.exe)
• U - VTTimer (VTTimer.exe)
• X - wersds (doriot.exe)
• ? - WildTangent CDA (RUNDLL32.exe cdaEngine0400.dll,cdaEngineMain)
• X - Win32 Configuration (videosd32.exe)
• X - Win32System (win32s.exe)
• X - Win32 USB2 Driver (win32usb.exe)
• X - Win32 USB2.0 Driver (386.exe)
• X - Winad Client (Winad.exe)
• X - window2 (ssvchost.exe)
• X - Windows media service (crvss.exe)
• X - Windows Time Server (TimeSRV.exe)
• X - WinSPF (windrv32.exe)
• X - WinSPF (winspf32.exe)
• X - Win USB 2.0 USB Driver (HPPrint.exe)
• X - wscript.exe (vabian.vbs)
• X - www.symantec.com (oz11111.exe)

Changed items - 18

• /l:eng (N/A) - description changed
• ActiveMenu (ActiveMenu.exe) - description updated
• AIMWDInstall (AIMWDInstall.exe) - description updated
• DDCActiveMenu (DDCActiveMenu.exe) - status (N) and description updated
• DDCM or DDCMan (DDCMan.exe) - status (N) and description updated
• erthgdr (windll.exe) - BEAGLE.AQ added as an alternative VIRUS name
• HPGamesActiveMenu (ActiveMenu.exe)
• IntelMEM (IntelMEM.exe) - status (U) and description changed
• ISStart (ISStart.exe) - description updated
• LogitechGalleryRepair (ISStart.exe) - description updated
• LogitechVideoRepair (ISStart.exe) - description updated
• MessengerPlus3 added to MessengerPlus & MessengerPlus2
• Services (services.exe) - MYDOOM.W added as an alternative VIRUS name
• wcmdmgr.exe (wcmdmgr.exe) - description updated
• wcmdmgrl (wcmdmgrl.exe) - status (N) and description updated
• WildTangent Web Driver updater (wcmdmgrl.exe) - status (N) and description updated
• WINDVDpatch (CTHELPER.EXE) - status (U) changed and description updated
• WT Game Channel or WT GameChannel (GameChannel.exe) - description updated

3rd September, 2004

New items - 123

• X - .Prog (services.exe)
• X - .Prog (winlogon.exe)
• X - [Ephemeral 2.x] by TreeHugger, (<path to worm>)
• U - ABIT uGuru (uGuru.exe)
• ? - Ace bows (Ace bows.exe)
• X - AddClass (<Installation_Path>)
• X - appconn (appconn.exe)
• Y - AnVir Task Manager (AnVir.exe)
• U - ASE Scheduler (ASE Scheduler.exe)
• X - avserve3.exe (avserv3.exe)
• U - BatInfEx (rundll32.exe)
• X - BuildLab (services.exe)
• X - BuildLab (winlogon.exe)
• Y - CAISafe (isafe.exe)
• N - Calendar 200X Reminder (calendar.exe)
• X - ccApps (services.exe)
• X - ccApps (winlogon.exe)
• X - CentralProcessor (taskimgr.exe)
• X - COM+ Event System (DRWTSN16.EXE)
• X - COM++ System (exploier.exe or exploier.exe... or suchost.exe or svchost.exe...)
• X - COM Service (msdrce.com)
• X - Configuration Loader (msgfix.exe)
• X - Configuration Loader (msnss.exe)
• X - Configuration Service (suchost.exe)
• X - Cryptographic Service (<random filename>.exe)
• X - Distributed File System (Dfsvc.exe)
• N - DrgToDsc (DrgToDsc.exe)
• X - erthgdr (windll.exe)
• U - EVOLOSTA (EVOLOSTA.EXE)
• ? - ExxtremeHelperDemon (exxdemon.exe)
• X - FMSZ (fmsz.exe)
• X - FriendlyTypeName (services.exe)
• X - FriendlyTypeName (winlogon.exe)
• U - HP Laser Jet Director (hppdirector.exe)
• U - ImageDrive-{<hex numbers>} (ImageDrive.exe)
• X - Installed shell32.dll (Office.exe...)
• ? - IntelMEM (IntelMEM.exe)
• X - JavaVM (java.exe)
• X - key (sysxp.exe)
• X - key (sys_xp.exe)
• X - key (winxp.exe)
• X - load= (hint.exe)
• X - mdetect (<path to trojan>)
• X - Microsoft Associates, Inc. (iexplorer.exe)
• X - Microsoft Inc. (iexplorer.exe)
• X - Microsoft Services (lsserv.exe)
• X - Microsoft Services (lssrv.exe)
• X - Microsoft Update (mvsc.exe)
• X - Microsoft Visual SourceSafe (services.exe)
• X - Microsoft Visual SourceSafe (winlogon.exe)
• X - Microzoft_Ofiz (KdzEregli.exe)
• ? - mmsys (recover.exe)
• X - MSIEXEC (MSIEXEC32.exe)
• U - MSKAGENTEXE (MskAgent.exe)
• U - MSKDetectorExe (MSKDetct.exe)
• ? - msnappau (msnappau.exe)
• X - msstask (msstask.exe)
• X - NAVSCANNER32 (NAVSCANNER32.EXE)
• ? - NDrv (NDrv.exe)
• X - NetworkAssociates Inc (internet.exe)
• X - NVIDIA Video drivers (video_32D.exe)
• N - Odometer (Odometer.EXE)
• ? - PartSeal (PartSeal.exe)
• ? - PCDRealtime (realtime.exe)
• X - Poet (Poet.exe)
• X - RegDone (services.exe)
• X - RegDone (winlogon.exe)
• ? - Register SeqChk (regsvr32.exe ..\csseqchk.dll)
• X - reg_key (FUKULAMER.exe)
• X - reg_key (loader_name.exe)
• U - rfagent (rfagent.exe)
• X - run= (real.exe)
• X - S0undMan (svch0st.exe)
• X - Soft Profile Inc (hxdef.exe...)
• X - Services (services.exe)
• ? - SHINITV (shinitv.exe)
• U - SNDMon (SNDMon.exe)
• U - SoundMAXPnP (SMax4PNP.exe)
• U - SoundMAX (SMax4.exe)
• U - spamihilator (spamihilator.exe)
• U - SpybotSD TeaTimer (TeaTimer.exe)
• X - SpywareGuard (winproc32.exe)
• ? - SSC_UserPrompt (UsrPrmpt.exe)
• X - ssgrate.exe (sysdoor.exe)
• X - ssgrate.exe (winerdir.exe)
• ? - Stacmon (Stacmon.exe)
• ? - Surveysa (surveysa.exe)
• U - Symantec NetDriver Monitor (SNDMon.exe)
• X - Sysmon (rpcmon.exe)
• X - System Update (<random filename>.exe)
• X - Systems (scchost.exe)
• X - SystemTra (CDPlay.EXE)
• X - TEXTCONV (services.exe)
• X - TEXTCONV (winlogon.exe)
• X - Traybar (lsass.exe)
• X - taskmgr (taskmgr.exe)
• X - ValidData (<path to trojan>)
• X - VVSN (VVSN.exe)
• ? - W815DM (W815DM.exe)
• X - Windows Explorer-3212 (WINRE16.EXE)
• X - Windows SA (omniscient.exe)
• X - Windows Update (Wuamgrd.exe)
• X - Windows_Updates (svthost.exe)
• X - WindUpdates (<path to trojan>)
• X - Windows Video Drivers (videons32.exe)
• X - WinExec (Winexec.exe.vbs)
• X - WinHelp (realsched.exe)
• X - Winhelp (TkBellExe.exe...)
• X - winlibs.exe (winlibs.exe)
• X - WinLsass (servicec.exe or <path to trojan>)
• X - winpsd (winpsd.exe)
• X - wintasks.exe (wintasks.exe)
• X - Wintime (Wintime.exe)
• X - WinTools (WToolsA.exe)
• X - winupd (RUNDLL32.EXE <random value>.dll,_mainRD)
• X - win_upd.exe (WINdirect.exe)
• X - win_upd2.exe (WINdirect.exe)
• X - WMAudio (services.exe)
• X - WMAudio (winlogon.exe)
• X - WSAConfiguration (wmon32.exe)
• X - xor (svchost.exe)
• X - Xpsystem (SERVICES.EXE)
• ? - zcb (zcb.exe)

Changed items - 37

• AnVir (AnVir.exe) - description changed
• CasAgnt (CasAgnt.exe) - status (U) and description changed
• CTHELPER (CTHELPER.EXE) - status (U) changed and description updated
• GigaByte (Cheatle.exe) - status (X) changed due to an error
• Hardware Profile (hxdef.exe) - virus name changed to a generic for the LOVGATE series, "hxdef.exe..." added as an alternative command
• Host (N/A) - added STARTPAGE.F as an alternative virus name
• Israfel (Israfel.vbs) - added GAGGLE.E as an alternative virus name
• Kernel32 (Kernel32.win) - added GAGGLE.E as an alternative virus name
• load= (WPSLOAD.EXE) - description updated
• Load= (wtfeat.exe) - description updated
• LVComs (lvcoms.exe) - status (U) changed and description updated
• Microsoft NetMeeting Associates, Inc. (NetMeeting.exe) - virus name changed to a generic for the LOVGATE series
• Module Call initialize (RUNDLL32.EXE reg.dll, ondll_reg) - virus name changed to a generic for the LOVGATE series
• Mstask (mstask.exe) - description updated
• MutexServiceEx (Sys32Smm.exe) - status (N) and description changed
• NVMCTRAY (RUNDLL32.EXE NVMCTRAY.DLL, NvTaskbarInit) - status (N) and description changed
• PCRecSA (PCRecSA.exe) - status (U) and description changed
• PRISMSTA.EXE (PRISMSTA.EXE) - status (U) and description changed
• Program In Windows (IEXPLORE.EXE) - virus name changed to a generic for the LOVGATE series
• Protected Storage (RUNDLL32.EXE MSSIGN30.DLL ondll_reg) - virus name changed to a generic for the LOVGATE series
• Reminder (Remind_XP.exe) - status (N) and description changed
• Remind_XP (Remind_XP.exe) - status (N) and description changed
• Remote Procedure Call Locator (RUNDLL32.EXE reg678.dll ondll_reg) - virus name changed to a generic for the LOVGATE series
• run= (RAVMOND.exe) - virus name changed to a generic for the LOVGATE series
• RunDLL32 (RunDLL32.exe NvMCTray.dll, NvTaskbarInit) - status (N) and description changed
• SB Audigy 2 Startup Menu (/l:eng) - status (N) and description changed
• Shell Extension (spollsv.exe) - virus name changed to a generic for the LOVGATE series
• ShockmachineReminder (SmReminder.exe) - changed from "shockmachine reminder"
• SiSUSBRG (SiSUSBRG.exe) - status (N) changed and descritpion updated
• syshelp (syshelp.exe) - virus name changed to a generic for the LOVGATE series
• SystemTra (SysTra.exe) - virus name changed to a generic for the LOVGATE series
• VFW Encoder/Decoder Settings (RUNDLL32.exe MSSIGN30.DLL ondll_reg) - virus name changed to a generic for the LOVGATE series
• WinGate (WinGate.exe) - virus name changed to a generic for the LOVGATE series
• WinGate initialize (WinGate.exe) - virus name changed to a generic for the LOVGATE series
• WinHelp (WinHelp.exe) - virus name changed to a generic for the LOVGATE series
• winzip (<path to trojan>) - added BANCOS.K as an alternative virus name
• wserver (wserver.exe) - added SASSER.G as an alternative virus name

All CoolWebSearch links replaced

Back to Updates - 2004