March 2005

Latest updates for the list of startup programs provided at http://www.sysinfo.org/startupinfo.html

21st March, 2005

New items - 161

winsystem.sys - X - smss.exe
*windows update - X - wsctl.exe
.mssecure - X - mssecure.exe
[default] - X - DrWatson32.exe
_winsystem.sys - X - smss.exe
1WinCfg32 - X - WebMailSpy.exe
32-bit Thunking service - X - thunk32.exe
ALG32 - X - ALG32.EXE
AOL 9.0 Optimized - X - AOLClient.exe
Archive - X - archive.exe - Adware
ASDPLUGIN - X - dsldbaccess.exe
avnort - X - formatsys.exe
avnort - X - msmbw.exe
avnort - X - serbw.exe
AvSer - X - dsm.exe
AvSer - X - msmpatch.exe
AvSer - X - svosm.exe
AvSer - X - sysup.exe
Calc Microsoft Windows - X - wincalc.exe
clean_service - X - clean_service.cmd
Csrss - X - csrss.exe
CSRSSU - X - CSRSSU.exe
CTCMonitor - U - CTCMonitor.exe
cwupdate - U - cwupdate.exe
Daemon - X - daemon.exe c daemon2.exe
Dns Resolver - X - dnsrslve.exe
dnscleaner - X - dnscleaner.exe
DsmSer - X - dsm.exe
DsmSer - X - msmpatch.exe
DsmSer - X - svosm.exe
DsmSer - X - sysup.exe
Dynamic Dns Binary - X - dynitora.exe
EanthologyApp - N - eanthology.exe
erghgjhgdr - X - windlhhl.exe
FastStart - X - ntnut32.exe
Firewall - X - wmlaunch .exe
Generic Host Process for Win32 Services - X - bazzi.exe
HMI PowerSystem - X - hmisvc32.exe
iprun - X - iPY.exe
ixplore - X - ixplore.exe
Kadoc - X - [random filename].exe
Kasper Antivirus - X - KASPERANTIVIRUS.EXE
ledpointer - U - CNYHKey.exe
loaddll - X - loaddll.exe
loader32 - X - sys*****.exe [***** = random digit]
Local runole service - X - srvc32.exe
LogService - X - wincalc.exe
ltwob - X - formatsys.exe
ltwob - X - msmbw.exe
ltwob - X - serbw.exe
McAfee Windows Protection - X - mcafee32.exe
Media Access - X - MediaAccK.exe
Media Pass - X - MediaPassK.exe
Messanger - X - trillian.exe
Microsoft boot system cfg32 - X - actboost.exe
Microsoft Explorer - X - svapache.exe
Microsoft Java Virtual Machine - X - MsConfiG.exe
MicroSoft Remote Secure Service - X - MSRSS.exe
Microsoft Services Unitd - X - MSU32.exe
Microsoft Update - X - wuampd.exe
Microsoftkeysds - X - lass32.exe
Microsofts media - X - wingtp.exe
Microsofts MediaScope - X - winmep.exe
mmxrun - X - mswinindex.exe
Ms Processe Manager - X - msproc.exe
MS Unix Binary - X - win32ttb.exe
MS USB 2.0 Windows Support - X - msusb32.exe
MS_LARISSA - X - MS_LARISSA.exe
mskj - X - mskj.exe
msmc - X - ms****.exe [* = random char]
MsnExplorer - X - winagent.exe
msnmsgq32 - X - msnmsgq.exe
MsVBdll - X - sys32dll.exe
NAV Auto Protect - X - dnsserv.exe
NAV Auto Protect - X - mcafee32.exe
NAV Auto Updates - X - csrssp.exe
NAV Auto Updates - X - navwindows.exe
NDAv - X - csnss.exe
NDAv - X - svhost.exe
Norton Auto-Protect - X - ccApp.exe
Norton Personal Firewall - X - jah.exe
Norton Personal Firewall - X - npfw.exe
NvCplScan - X - nvsc32.exe
nvsvca32 - X - nvsvca32.exe
popuppers65 - X - a64sddd.exe
popuppers65 - X - a65d.exe
Protection - X - IExplore .exe
qgqqft - X - [path to Trojan]
rCron - X - dservice.exe
RealP1ayer - X - [path to file]
realplay - N - realplay.exe
Registry System166 Checkup Monitor - X - SystemReg166.exe
REGRUN - X - winfix22490.exe
rollbk - X - dsm.exe
rollbk - X - msmpatch.exe
rollbk - X - svosm.exe
rollbk - X - sysup.exe
RSync - X - netsync.exe
SAGENTSERVICE - U - Sagent.exe
SDAv - X - csnss.exe
SDAv - X - svhost.exe
sdkupdate22 - X - SDK0mCORE.exe
serpe - X - formatsys.exe
serpe - X - msmbw.exe
serpe - X - serbw.exe
Service - X - SYSNT.exe
Services - X - windns.exe
Shell - X - Open32.exe
Shell32 - X - Shell32.vbs
Sistray32 - X - win.bat
sixtysix - X - sixtypopsix.exe
snapple - X - snapple.exe
Social Security Agency - X - rpcxsocsa.exe
sp - X - se.dll, DllInstall
spoolsv manager - X - SpoolMgr.exe
SPOOLSVU - X - SPOOLSVU.EXE
start extracting - X - spoolvse.exe
supernews12 - X - newsd32.exe
SVCHOST - X - scvhost.exe
SVCHOST - X - taskgmr.exe
SVHOST - X - SVHOST.EXE
sVideo2 - X - vxdrun6.exe
Sygate Personal Firewall - X - Sygate32.exe
Symantec Service - X - ccApp.exe
sys32dll - X - sys32dll.exe
Sysconfig - U - Stealth KeySpy.exe
sysmonnt - X - sysmonnt.exe
SysRes - X - WWE DIVAS.exe
System - X - sysctrl.exe
System Database administration - X - systemDA.exe
System Database Administration Support Process - X - sysdasp.exe
System Document Application - X - msdocument.exe
System Networking - X - sysnet.exe
Systems Restart - X - Rundll32.exe snim.dll, DllRegisterServer
update - X - winis.exe
Updater - X - adservernow.exe
WebRun - X - [Trojan filename]
Win32 - X - Game.exe.vbs
WIN32 DDOSSER - X - dos.exe
Win32 Service - X - bazzi.exe
Win32 USB3 Driver - X - win32tool.exe
WinAmpAgent - X - Msexploren.exe
WinAmpAgent - X - Shch.exe
WinAmpAgent - X - svchst.exe
WinAmpAgent - X - Winagent.exe
Windows AdStatus - X - WinStat.exe
Windows Media Player - X - wmplayer.exe
Windows Network Controller - X - winmms32.exe
Windows Service Pack Auto Update - X - winworks.exe
Windows Task Manager Emulator - X - kennewr.exe
Windows Taskmanager - X - lsassx.exe
Windows32 Messenger Service - X - msmsgv.exe
WindowsBackup - X - WINDOWSBACKUP.EXE
WindowsRegKey update - X - windns.exe
winis - X - winis.exe
Winlogon Shell - X - Explorer.exe svchost.exe
Wins32 Online - X - cfgpwnz.exe
WINTASK - X - taskgmr.exe
win-xp - X - nvsc32.exe
win-xp - X - winis.exe
WinXPHome - X - plugin2.exe

Changed items - 17

AddClass ([Installation_Path]) - description updated
dla (tfswctrl.exe) - description updated
eanth_critical_update_alert (sys_alert.exe) - status (N) and description updated
EanthologyApp (EANTHO~1.EXE) - status (N) and description updated
Internet Optimizer (optimize.exe) - hyperlink changed
IPW (IPW.exe) - status (N) and description updated
JavaVM (java.exe) - description updated
LARISSA ANTI VIRUS (LARISSA_ANTI_VIRUS.exe) - description updated
loadMecq0 (explorer.exe) - description updated
Logitech Hardware Abstraction Layer (Khalmnpr.exe) - status (U) and description updated
LSPFix (LSPmonitor.exe) - status (N) and description updated
LSPmonitor (LSPmonitor.exe) - status (N) and description updated
mssysint (Iexplore .exe) - description updated
tfswctrl (tfswctrl.exe) - description updated
WebScan (DEFSCANGUI.EXE) - status (N) and description updated
xp_system (services.exe) - description updated
xp_system (winlogon.exe) - description updated

New random entries - 4

REANET.B TROJAN!
BANCOS.Q TROJAN!
SPYBOTER.GEN TROJAN!
BOTUK TROJAN!

5th March, 2005

New items - 177

%FP%Friendly fts.exe - ? - fts.exe
(L4r1$$4) (4nt1) (V1ruz) - X - SP00Lsv32.pif
*windows update - X - wurauclt.exe
[various names] - X - PasswdMon.exe
[various names] - X - runload32.exe
{357AA41A-B7A8-4632-A27D-5B980B25CF43} - X - [path to svchost.exe]
0190 Warner - U - WARN0190.EXE
0900 Warner - U - WARN0900.EXE
Acronis True Image Monitor - N - TrueImageMonitor.exe
AcronisTrueImage Monitor - N - TrueImageMonitor.exe
Ad Muncher - U - AdMunch.exe
Admanager Controller - X - AdManCtl.exe
AdStatus Service - X - AdStatServ.exe
Adtools Service - X - AdTools.exe
ala.exe - U - ala.exe
antivirus32 - X - antivirus.exe
antiware - X - elite***32.exe [*** = random char]
Babylon Client - N - Babylon.exe
BOC412 - Y - BOC412.exe
BsCLiP - N - BSCLIP.exe
BTUSRBDG - Y - BtUsrBdg.exe
CaptionMgr32 - X - crssr.exe
chkhbci - N - chkhbci.exe
CLBOOT32 - U - CLBOOT32.EXE
Command Prompt32 - X - CmdPrompt32.pif
CP4HPOT - U - OneTouch.EXE
DBTMON - N - dbtmon.exe
Default - X - explore.vbs
Default - X - mtask.vbe
default - X - shell32.exe
Dell QuickSet - N - quickset.exe
Device Detector 2 - N - DevDtct2.exe
Diesel - X - Recalculate.exe
D-Link Air USB Utility - Y - AirCFG.exe
down - X - hlp32.exe
DownloadAccelerator - N - DAP.EXE
DragnDrop_Autolaunch - N - Autolaunch.exe
DSService - X - dmrss.exe
dxdll32 - X - ntxdll.exe
EPSON Stylus C44 Series - U - E_S10IC2.EXE
EPSON Stylus C46 Series - U - E_S4I0T1.EXE
erghgjhjgdr - X - windlhhl.exe
FastUser - N - fast.exe
FaxCenterServer - U - fm3032.exe
Firewall - X - wmlaunch .exe
FLMK08KB - U - MMKEYBD.EXE
fnmwebassist - X - fnmwebassist.exe
hcenter - U - tgcmd.exe
hiden - X - hiden.exe
hlinstaller1 - X - hlinstaller1.exe
Home Theater SchSvr - N - SchSvr.exe
IMClass - X - Svhosl.exe
Index Washer - U - WashIdx.exe
Indexindicator - X - Indexindicator.exe
IntelliPoint - U - point32.exe
Internet Optimizer - X - optimize.exe
ISSVC - Y - ISSVC.exe
iTunesHelper - Y - iTunesHelper.exe
JavaScript Debugging Service - X - JsDbgMan.exe
LARISSA ANTI VIRUS - X - LARISSA_ANTI_VIRUS.exe
Lexmark **** Series - U - lxbkbmgr.exe
Lexmark **** series - U - lxbtbmgr.exe
lexplore - X - lexplore.exe
lmu - X - LMU.exe
load - X - mdm.exe
loadMecq0 - X - explorer.exe
LSA - X - wfdmgr.exe
LXBTCATS - ? - rundll32 [path] LXBTtime.dll, _RunDLLEntry@16
MDN - X - MDNS.exe
MDN - X - MDNZ.exe
MEMreaload - X - MEMreaload.exe
Microsoft Device Manager - X - msdevmgr32.exe
Microsoft Excel - X - msexcel.exe
Microsoft Instant Messenger - X - msngmsngr32.exe
Microsoft Office Studio - X - scvhvst.exe
Microsoft QMGR - X - msnqmgr.exe
monitor - X - monitor.exe
Mozilla Firefox - X - F1REF0X.EXE
MPFTray - Y - MpfTray.exe
mprocessor - X - mprocessor.exe
MS Windows Update - X - scguard.exe
MSLARISSA - X - MSLARISSA.pif
MSN - X - msnmsgr.exe
MSN Messenger - X - Reosmsngr.exe
MSNPluginSrvcs - X - p6.exe
MSNPluginSrvcs - X - sagate.exe
MSNProxy - N - MSNProxy.exe
msrundll - X - msrund1l32.exe
MsUpdater System - X - udpsys32.exe
NAP32 - X - NAP32.exe
NAV Auto Protect - X - msfwe1.exe
NAV Auto Protect - X - navprotect.exe
Norton Ghost 9.0 - N - GhostTray.exe
ntechin - X - n20050308.exe
ntsmod - N - ntsmod.exe
nTune - U - nTune.exe
NvCplScan - X - winasp.exe
NVIDIA nTune - U - nTune.exe
NVRaidService - Y - nvraidservice.exe
olesvr - U - olesvr.exe
Open32 - X - Open32.exe
Opware14 - N - Opware14.exe
P2P Networking - N - P2P
Panda Antispam Server Service - U - PasSrv.exe
PC-Duo System Snapshot - U - CLBOOT32.EXE
PPPOEO - X - pingppac.exe
Preview AdService - X - PrevAdServ.exe
PrevxPro - Y - SAGUI.exe
PRISMSVR.EXE - ? - PRISMSVR.EXE
Program Neighborhood Agent - U - pnagent.exe
Protection - X - Firewall.exe
prutlct - X - prutlct.exe
Ptipbmf - ? - rundll32.exe ptipbmf.dll, SetWriteCacheMode
rCron - X - rcron.exe
real scheduler.hta - X - RealAudio.exe
REGIST~1 - U - REGIST~1.EXE
Reload - X - reload.exe
RPCserv32 - X - services.exe
run - X - Autoexec.com
run - X - inetinfo.exe
Run Msn Messenger - X - msnmgr.exe
run= - X - Autoexec.com
RunCA - Y - InvokeSvc3.exe
Secboot - X - w32tm.exe
Service - X - services.exe
Services Logon - X - services.exe
Services Startup - X - services.exe
Services Startup - X - svhost33.exe
Shell - X - Open32.exe
Sistray32 - X - remotehost.pif
SmcService - Y - smc.exe
sp2chk.exe - X - sp2chk.exe
SpyBlocker - U - spyblocker.exe
StatusClient - ? - StatusClient.exe
Suite - X - SuiteOffices.exe
SuperBar.Component - X - [path to services.exe]
SysRes - X - TASKMANAGER.exe
System Config Manager - X - smssl.exe
System Update - X - [random filename]
Systems Restart - X - Rundll32.exe snim.dll, DllRegisterServer
Telechips,Mass - U - patch.exe
Tesco.net - N - rundll32 [path] RyDial.dll, QuickStart
TotRecSched - U - TotRecSched.exe
TrackPointSrv - U - tp4mon.exe
Tweak UI 1.33 deutsch - U - RUNDLL32.EXE TWEAKUI.CPL, TweakMeUp
UniPrint - U - SetDfltSettings.exe
USBMonit.exe - U - USBMonit.exe
user - X - user32.exe
USRSTA.EXE - ? - USRSTA.EXE
Video Process - X - winasp.exe
vsc32cnf - N - vsc32cnf.exe
vscvol - N - vscvol.exe
Web Service - X - [random filename].exe
WhenUSearchWHSE - X - whse.exe
Win32 - X - system32.vbs
WIND0WS - X - mella.bat
Windows FormatAd - X - WinForm.exe
Windows Logon Procedure - X - Svchosta.exe
Windows Media Player - X - mcafe32.exe
Windows Network Controller - X - WinxPupd.exe
Windows Online Updater - X - dllman.exe
Windows Service - X - dddd.exe
Windows Service - X - prvdi.exe
Windows System File - X - cmxp.exe
WindowsXPserv - X - svcnxp32.exe
winhlp.exe - X - winhlp.exe
WinLogon - X - logon.exe
Winmgr.exe - X - scvhost.exe
WinNetDDE - X - [random characters].exe
Winserv - X - Winserv.ila
winshost.exe - X - winshost.exe
winsockdriver - X - iexplor.exe
WinSvc16.exe - X - WinSvc16.exe
winupdate_ - X - [path to file]
WLANSTA.EXE - N - WLANSTA.EXE
WUSB54Gv4 - Y - WUSB54Gv4.exe
zztp - X - svchost.exe

Changed items - 62

Acrobat Assistant *.* (Acrotray.exe) - name changed
Admilli Service (AdmilliServ.exe) - hyperlink changed
AdRotator.Application ([path to csrss.exe]) - description changed
ATICCC (cli.exe runtime) - status (N) and description changed
BlueToothAuthentication Agent (rundll32.exe irprops.cpl, BluetoothAuthenticationAgent) - description updated
BTUSRBDGF (BtUsrBdg.exe) - description changed
Dap (DAP.exe) - description changed
DeskAd Service (DeskAdServ.exe) - hyperlink changed
E_S10IC2 (E_S10IC2.EXE) - description changed
f~a (ra32.exe) - description changed
gcasDtServ (gcasDtServ.exe) - hyperlink and descritpion changed
gcasServ (gcasServ.exe) - hyperlink and descritpion changed
HostManager (AOLHostManager.exe) - status (N) and description changed
HP OfficeJet Series xxx Startup (HPOSTR03.EXE) - status (U) and description changed
HP OfficeJet Series xxx Startup (HPOstr05.exe) - status (U) and description changed
Imjpmig*.* (IMJPMIG.EXE) - name and descritpion changed
Intellitype (type32.exe) - description changed
kalvsys (kalv****.exe [* = random char]) - hyperlink changed
kalvsys (kalv***32.exe [* = random char]) - hyperlink changed
Lexmark **** Series (lxbabmgr.exe) - name and description changed
lsass (lsasrv.exe) - description changed
LVCOMSX (LVCOMSX.EXE) - status (N) and description changed
McAfeeUpdaterUI (UpdaterUI.exe) - status (N) and description changed
Mmgsvc (mmgsvc.exe) - hyperlink changed
mnpol (mnpol.exe) - description changed
Mscnt (mscnt.exe) - description changed
Msdmxm (msdmxm.exe) - description changed
Multimedia Codecs (mcc.exe) - hyperlink and description changed
NaviSearch (nls.exe) - hyperlink changed
nscntrl (nscntrl.exe) - description changed
nsdriver (nssys32.exe) - description changed
ntlfreedom (rundll32 [path] RyDial.dll, QuickStart) - description changed
pgtaff (pgtaff.exe) - hyperlink changed
piiserviceOE (N/A) - hyperlink and description changed
requester (requester.*.exe) - command and description changed
Save (Save.exe) - description changed
Savenow (savenow.exe) - description changed
Services Process (services.exe) - description changed
siService.exe (siService.exe) - hyperlink and description changed
sncntr (sncntr.exe) - description changed
SpecialOffers (SpecialOffers*.exe [* = digit]) - description changed
SpecialOffers (SpecialOffers.exe) - description changed
tp4mon (tp4mon.exe) - status (U) and description changed
tsa (tsm.exe) - description changed
Tsa2 (tsm2.exe) - description changed
type32 (type32.exe) - status (U) and description changed
ViewMgr (ViewMgr.exe) - hyperlink changed
VVSN (VVSN.exe) - description changed
WDInfo (wdinfo.exe) - description changed
wdskctl (wdskctl.exe) - hyperlink changed
WebSpecials (rundll32 [path] webspec.dll) - hyperlink changed
WhenUSave (Save.exe) - description changed
WhenUSearch (Search.exe) - description changed
Windows AdControl (WinAdCtl.exe) - hyperlink changed
Windows AdService (WinAdServ.exe) - hyperlink changed
Windows AdTools (WinAdTools.exe) - hyperlink changed
Windows ControlAd (WinCtlAd.exe) - hyperlink changed
Windows ServeAd (WinServAd.exe) - hyperlink changed
Windows SyncroAd (SyncroAd.exe) - hyperlink changedWindows TaskAd (Wintaskad.exe) - hyperlink changed
WindUpdates (WinUpdt.exe) - hyperlink changed
wovax (wovax.exe) - hyperlink and description changed
xpsystem (services.exe) - description changed

New random entries - 1

NAMSHARE WORM

Removed items - 6

BlueToothAuthentication Agent - U - rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent - Duplicate entry
imjpmig - N - IMJPMIG.EXE - Replaced by generic Imjpmig*.* entry
Lexmark X74-X75 - U - lxbabmgr.exe - Duplicate entry
requester - X - requester.5.exe - Replaced by generic requester.*.exe entry
requester - X - requester.6.exe - Replaced by generic requester.*.exe entry
requester - X - requester.8.exe - Replaced by generic requester.*.exe entry

Latest updates for the list of startup programs provided at http://www.sysinfo.org/startupinfo.html

21st March, 2005

5th March, 2005

Back to Updates - 2005