Sysinfo.org DB - Sep 2004 Updates

Latest updates for the list of startup programs provided at http://www.sysinfo.org/startuplist.php

29th September, 2004

New items - 43

X - .TEXTCONV (csrss.exe)
X - .WMAudio (csrss.exe)
N - AnyDVD (AnyDVD.exe)
X - bawindo (bawindo.exe)
X - BuildLabs (csrss.exe)
X - ccpApps (csrss.exe)
U - DellTouch (MMKeybd.exe)
X - DirectX for Microsoft Windows (Fservice.exe or Sservice.exe)
X - FiendlyType (csrss.exe)
? - gramdate (2Stop.exe)
X - ICQ Center (<path to worm>)
U - LiveUpdate (LiveUpdate.exe)
X - Microsoft IT Update (win64.exe)
X - Microsoft SourceSafe (csrss.exe)
X - Microsoft System Checkup (ntsysmgr.exe)
X - Microsoft Update (Isac.exe)
X - Microsoft Update 32 (explore32.exe)
X - Microsoft Windows Updater (svchostz.exe)
X - msnload32.exe (msnload32.exe)
X - MSNMESENGER (Main.exe)
U - NovaBackup * Tray Control (NbkCtrl.exe)
N - NVMixerTray (NVMixerTray.exe)
U - Openwares LiveUpdate (LiveUpdate.exe)
U - PRONoMgrWired (PRONoMgr.exe)
X - Prog (csrss.exe)
X - Rcf Driver (rcf.exe)
U - RCScheduleCheck (RCSCHED.EXE)
X - realone_nt2003 (moniker.exe)
X - RegDone Ex (csrss.exe)
U - RegistryMechanic (RegMech.exe)
? - SESync (SED.exe)
X - shellsystem (shellsystem.exe)
X - Shockwave (csrss.exe)
N - SmartBarXP (SmartBarXP.exe)
X - StubPath (Sservice.exe)
U - Super Popup Blocker (popkill.exe)
X - User Services (usersvc.exe)
X - w32 (w32.exe)
X - win (xwinxrpc32.exe)
X - Win32 USB Driver (winxpinit.exe)
X - Windows SyncroAd (SyncroAd.exe)
X - WinUpdate (wmbem.exe)
X - WinUpdate Loader (msnnm.exe)

Changed items - 3

ATI CATALYST System Tray (CLI.exe SystemTray) - status (N) changed and description updated
ATICCC (cli.exe runtime) - status (U) changed and description updated
DkService (DkService.exe) - status (Y) changed and description updated

17th September, 2004

New items - 68

X - (default) (twunk_32.exe or winhelp.exe)
N - Acme.PCHButton (pchbutton.exe)
X - alkasr (ÎäÒíÑ.exe)
? - AOL Messenger (TGRCNLUD.EXE)
U - AOL Spyware Protection (AOLSP Scheduler.exe)
N - ATI CATALYST System Tray (CLI.exe)
N - ATICCC (cli.exe)
X - auxAudioDevice (aux32.exe)
? - BBDial (BT Broadband.exe)
X - blah service (winupdate.exe)
? - Boston (Boston.exe)
U - BT Broadband Help (matcli.exe)
X - CashBack (cashback.exe)
X - dasxdads (fsdqd.exe)
X - Default System Research (vhchost.exe)
X - Downxz (Downxz.bat)
X - drvddll.exe (drvddll.exe)
U - DSLSTATEXE (dslstat.exe)
U - EnigmaPopupStop (EnigmaPopupStop.exe)
X - HIV (HIV.exe)
? - HPHUPD05 (hphupd05.exe)
? - HPHmon05 (hphmon05.exe)
X - iestart (iexp1orer.exe)
N - iRiver Updater (Updater.exe)
U - Kill Popup (KillPopup.exe)
N - LimeWire x.x (LimeWire.exe)
? - Microsoft Gina V Encryption (MSGINAV.EXE)
X - Microsoft Secure Messenger.NET Service (securitychk.exe)
X - Microsoft Services (services.exe)
X - Microsoft Windows updaterD (log32zx.exe)
N - MiniMavis (MiniMavis.exe)
X - MS Updates (syshosts.exe)
X - NaviSearch (nls.exe)
N - NeroNETTrayIcon (NNServiceCtrl.exe)
? - netpc32.exe (netpc32.exe)
X - oz2 (oz2.exe)
U - PopUpStopperProfessional (PopUpStopperProfessional.exe)
X - Print Spooler (spools.exe)
? - ProgramWindow (more comp.exe)
X - RamBooster2 (rb.exe)
X - Ruby13 (Ruby13.exe)
U - Spyware Begone (SpywareBeGone.exe)
X - sstata (dwdas.exe)
X - starter (scvhosting.exe)
N - Steam (steam.exe)
X - System File Drivers (nvsysvc32.exe)
X - systree (systree)
X - Task (tasker.exe)
X - Taskbell.exe (Rund1.exe)
U - TMESRV31 (TMESRV31.EXE)
X - Update" -s setup (Zupdate.exe)
U - UpdateManager (sgtray.exe)
U - VTTimer (VTTimer.exe)
X - wersds (doriot.exe)
? - WildTangent CDA (RUNDLL32.exe cdaEngine0400.dll,cdaEngineMain)
X - Win32 Configuration (videosd32.exe)
X - Win32System (win32s.exe)
X - Win32 USB2 Driver (win32usb.exe)
X - Win32 USB2.0 Driver (386.exe)
X - Winad Client (Winad.exe)
X - window2 (ssvchost.exe)
X - Windows media service (crvss.exe)
X - Windows Time Server (TimeSRV.exe)
X - WinSPF (windrv32.exe)
X - WinSPF (winspf32.exe)
X - Win USB 2.0 USB Driver (HPPrint.exe)
X - wscript.exe (vabian.vbs)
X - www.symantec.com (oz11111.exe)

Changed items - 18

/l:eng (N/A) - description changed
ActiveMenu (ActiveMenu.exe) - description updated
AIMWDInstall (AIMWDInstall.exe) - description updated
DDCActiveMenu (DDCActiveMenu.exe) - status (N) and description updated
DDCM or DDCMan (DDCMan.exe) - status (N) and description updated
erthgdr (windll.exe) - BEAGLE.AQ added as an alternative VIRUS name
HPGamesActiveMenu (ActiveMenu.exe)
IntelMEM (IntelMEM.exe) - status (U) and description changed
ISStart (ISStart.exe) - description updated
LogitechGalleryRepair (ISStart.exe) - description updated
LogitechVideoRepair (ISStart.exe) - description updated
MessengerPlus3 added to MessengerPlus & MessengerPlus2
Services (services.exe) - MYDOOM.W added as an alternative VIRUS name
wcmdmgr.exe (wcmdmgr.exe) - description updated
wcmdmgrl (wcmdmgrl.exe) - status (N) and description updated
WildTangent Web Driver updater (wcmdmgrl.exe) - status (N) and description updated
WINDVDpatch (CTHELPER.EXE) - status (U) changed and description updated
WT Game Channel or WT GameChannel (GameChannel.exe) - description updated

3rd September, 2004

New items - 123

X - .Prog (services.exe)
X - .Prog (winlogon.exe)
X - [Ephemeral 2.x] by TreeHugger, (<path to worm>)
U - ABIT uGuru (uGuru.exe)
? - Ace bows (Ace bows.exe)
X - AddClass (<Installation_Path>)
X - appconn (appconn.exe)
Y - AnVir Task Manager (AnVir.exe)
U - ASE Scheduler (ASE Scheduler.exe)
X - avserve3.exe (avserv3.exe)
U - BatInfEx (rundll32.exe)
X - BuildLab (services.exe)
X - BuildLab (winlogon.exe)
Y - CAISafe (isafe.exe)
N - Calendar 200X Reminder (calendar.exe)
X - ccApps (services.exe)
X - ccApps (winlogon.exe)
X - CentralProcessor (taskimgr.exe)
X - COM+ Event System (DRWTSN16.EXE)
X - COM++ System (exploier.exe or exploier.exe... or suchost.exe or svchost.exe...)
X - COM Service (msdrce.com)
X - Configuration Loader (msgfix.exe)
X - Configuration Loader (msnss.exe)
X - Configuration Service (suchost.exe)
X - Cryptographic Service (<random filename>.exe)
X - Distributed File System (Dfsvc.exe)
N - DrgToDsc (DrgToDsc.exe)
X - erthgdr (windll.exe)
U - EVOLOSTA (EVOLOSTA.EXE)
? - ExxtremeHelperDemon (exxdemon.exe)
X - FMSZ (fmsz.exe)
X - FriendlyTypeName (services.exe)
X - FriendlyTypeName (winlogon.exe)
U - HP Laser Jet Director (hppdirector.exe)
U - ImageDrive-{<hex numbers>} (ImageDrive.exe)
X - Installed shell32.dll (Office.exe...)
? - IntelMEM (IntelMEM.exe)
X - JavaVM (java.exe)
X - key (sysxp.exe)
X - key (sys_xp.exe)
X - key (winxp.exe)
X - load= (hint.exe)
X - mdetect (<path to trojan>)
X - Microsoft Associates, Inc. (iexplorer.exe)
X - Microsoft Inc. (iexplorer.exe)
X - Microsoft Services (lsserv.exe)
X - Microsoft Services (lssrv.exe)
X - Microsoft Update (mvsc.exe)
X - Microsoft Visual SourceSafe (services.exe)
X - Microsoft Visual SourceSafe (winlogon.exe)
X - Microzoft_Ofiz (KdzEregli.exe)
? - mmsys (recover.exe)
X - MSIEXEC (MSIEXEC32.exe)
U - MSKAGENTEXE (MskAgent.exe)
U - MSKDetectorExe (MSKDetct.exe)
? - msnappau (msnappau.exe)
X - msstask (msstask.exe)
X - NAVSCANNER32 (NAVSCANNER32.EXE)
? - NDrv (NDrv.exe)
X - NetworkAssociates Inc (internet.exe)
X - NVIDIA Video drivers (video_32D.exe)
N - Odometer (Odometer.EXE)
? - PartSeal (PartSeal.exe)
? - PCDRealtime (realtime.exe)
X - Poet (Poet.exe)
X - RegDone (services.exe)
X - RegDone (winlogon.exe)
? - Register SeqChk (regsvr32.exe ..\csseqchk.dll)
X - reg_key (FUKULAMER.exe)
X - reg_key (loader_name.exe)
U - rfagent (rfagent.exe)
X - run= (real.exe)
X - S0undMan (svch0st.exe)
X - Soft Profile Inc (hxdef.exe...)
X - Services (services.exe)
? - SHINITV (shinitv.exe)
U - SNDMon (SNDMon.exe)
U - SoundMAXPnP (SMax4PNP.exe)
U - SoundMAX (SMax4.exe)
U - spamihilator (spamihilator.exe)
U - SpybotSD TeaTimer (TeaTimer.exe)
X - SpywareGuard (winproc32.exe)
? - SSC_UserPrompt (UsrPrmpt.exe)
X - ssgrate.exe (sysdoor.exe)
X - ssgrate.exe (winerdir.exe)
? - Stacmon (Stacmon.exe)
? - Surveysa (surveysa.exe)
U - Symantec NetDriver Monitor (SNDMon.exe)
X - Sysmon (rpcmon.exe)
X - System Update (<random filename>.exe)
X - Systems (scchost.exe)
X - SystemTra (CDPlay.EXE)
X - TEXTCONV (services.exe)
X - TEXTCONV (winlogon.exe)
X - Traybar (lsass.exe)
X - taskmgr (taskmgr.exe)
X - ValidData (<path to trojan>)
X - VVSN (VVSN.exe)
? - W815DM (W815DM.exe)
X - Windows Explorer-3212 (WINRE16.EXE)
X - Windows SA (omniscient.exe)
X - Windows Update (Wuamgrd.exe)
X - Windows_Updates (svthost.exe)
X - WindUpdates (<path to trojan>)
X - Windows Video Drivers (videons32.exe)
X - WinExec (Winexec.exe.vbs)
X - WinHelp (realsched.exe)
X - Winhelp (TkBellExe.exe...)
X - winlibs.exe (winlibs.exe)
X - WinLsass (servicec.exe or <path to trojan>)
X - winpsd (winpsd.exe)
X - wintasks.exe (wintasks.exe)
X - Wintime (Wintime.exe)
X - WinTools (WToolsA.exe)
X - winupd (RUNDLL32.EXE <random value>.dll,_mainRD)
X - win_upd.exe (WINdirect.exe)
X - win_upd2.exe (WINdirect.exe)
X - WMAudio (services.exe)
X - WMAudio (winlogon.exe)
X - WSAConfiguration (wmon32.exe)
X - xor (svchost.exe)
X - Xpsystem (SERVICES.EXE)
? - zcb (zcb.exe)

Changed items - 37

AnVir (AnVir.exe) - description changed
CasAgnt (CasAgnt.exe) - status (U) and description changed
CTHELPER (CTHELPER.EXE) - status (U) changed and description updated
GigaByte (Cheatle.exe) - status (X) changed due to an error
Hardware Profile (hxdef.exe) - virus name changed to a generic for the LOVGATE series, "hxdef.exe..." added as an alternative command
Host (N/A) - added STARTPAGE.F as an alternative virus name
Israfel (Israfel.vbs) - added GAGGLE.E as an alternative virus name
Kernel32 (Kernel32.win) - added GAGGLE.E as an alternative virus name
load= (WPSLOAD.EXE) - description updated
Load= (wtfeat.exe) - description updated
LVComs (lvcoms.exe) - status (U) changed and description updated
Microsoft NetMeeting Associates, Inc. (NetMeeting.exe) - virus name changed to a generic for the LOVGATE series
Module Call initialize (RUNDLL32.EXE reg.dll, ondll_reg) - virus name changed to a generic for the LOVGATE series
Mstask (mstask.exe) - description updated
MutexServiceEx (Sys32Smm.exe) - status (N) and description changed
NVMCTRAY (RUNDLL32.EXE NVMCTRAY.DLL, NvTaskbarInit) - status (N) and description changed
PCRecSA (PCRecSA.exe) - status (U) and description changed
PRISMSTA.EXE (PRISMSTA.EXE) - status (U) and description changed
Program In Windows (IEXPLORE.EXE) - virus name changed to a generic for the LOVGATE series
Protected Storage (RUNDLL32.EXE MSSIGN30.DLL ondll_reg) - virus name changed to a generic for the LOVGATE series
Reminder (Remind_XP.exe) - status (N) and description changed
Remind_XP (Remind_XP.exe) - status (N) and description changed
Remote Procedure Call Locator (RUNDLL32.EXE reg678.dll ondll_reg) - virus name changed to a generic for the LOVGATE series
run= (RAVMOND.exe) - virus name changed to a generic for the LOVGATE series
RunDLL32 (RunDLL32.exe NvMCTray.dll, NvTaskbarInit) - status (N) and description changed
SB Audigy 2 Startup Menu (/l:eng) - status (N) and description changed
Shell Extension (spollsv.exe) - virus name changed to a generic for the LOVGATE series
ShockmachineReminder (SmReminder.exe) - changed from "shockmachine reminder"
SiSUSBRG (SiSUSBRG.exe) - status (N) changed and descritpion updated
syshelp (syshelp.exe) - virus name changed to a generic for the LOVGATE series
SystemTra (SysTra.exe) - virus name changed to a generic for the LOVGATE series
VFW Encoder/Decoder Settings (RUNDLL32.exe MSSIGN30.DLL ondll_reg) - virus name changed to a generic for the LOVGATE series
WinGate (WinGate.exe) - virus name changed to a generic for the LOVGATE series
WinGate initialize (WinGate.exe) - virus name changed to a generic for the LOVGATE series
WinHelp (WinHelp.exe) - virus name changed to a generic for the LOVGATE series
winzip (<path to trojan>) - added BANCOS.K as an alternative virus name
wserver (wserver.exe) - added SASSER.G as an alternative virus name

All CoolWebSearch links replaced

Back to Updates - 2004

Site Map

Home