Runscanner : freeware startup analyzer
If you want free network inventory don't forget to visit Lansweeper : Freeware asset and software inventory
Welcome Guest Search | Active Topics | Members | Log In | Register

RunScanner » RunScanner (English) » Beta testing » That hides here?

That hides here? Options
Previous Topic · Next Topic
angel
Posted: Monday, January 21, 2008 4:09:43 PM

Rank: Newbie
Groups: Member

Joined: 1/21/2008
Posts: 1
Points: 3
Too many trojanos in a few days, too slow the computer
That exists in this file?
thanks


Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

000 General info
Computer name : ANGEL-60677095C
Creation time : 21/01/2008 13:47:13
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 6.0.2900.2180
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.6.1.0
User Language : Español (alfabetización internacional)
User rights : Administrator
Windows folder : C:\windows

001 Running processes
c:\archivos de programa\microsoft activesync\wcescomm.exe (Microsoft Corporation)
* c:\windows\system32\smss.exe (Microsoft Corporation)
* c:\windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\system32\services.exe (Microsoft Corporation)
* c:\windows\system32\alg.exe (Microsoft Corporation)
c:\archivos de programa\ati technologies\ati control panel\atiptaxx.exe (ATI Technologies, Inc.)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
* c:\archivos de programa\alwil software\avast4\ashserv.exe (ALWIL Software)
* c:\archivos de programa\alwil software\avast4\aswupdsv.exe (ALWIL Software)
* c:\archivos de programa\alwil software\avast4\ashmaisv.exe (ALWIL Software)
* c:\archiv~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
* c:\archivos de programa\alwil software\avast4\ashwebsv.exe (ALWIL Software)
c:\archivos de programa\widcomm\software bluetooth\bin\btwdins.exe (WIDCOMM, Inc.)
c:\archivos de programa\widcomm\software bluetooth\bttray.exe (WIDCOMM, Inc.)
* c:\windows\system32\csrss.exe (Microsoft Corporation)
c:\windows\system32\cryptainersrv.exe (Cypherix Software (India) Pvt. Ltd.)
* c:\windows\system32\ctfmon.exe (Microsoft Corporation)
* c:\windows\system32\rundll32.exe (Microsoft Corporation)
* c:\windows\explorer.exe (Microsoft Corporation)
* c:\windows\explorer.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
c:\archivos de programa\hp\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
c:\archivos de programa\java\j2re1.4.2_03\bin\jusched.exe
* c:\windows\system32\lsass.exe (Microsoft Corporation)
c:\windows\system32\oodag.exe (O&O Software GmbH)
c:\windows\system32\hpzipm12.exe (HP)
* f:\runscanner.exe (Runscanner.net)
c:\archivos de programa\photodex\proshowgold\scsiaccess.exe
* c:\windows\system32\spoolsv.exe (Microsoft Corporation)
c:\archivos de programa\superantispyware\superantispyware.exe (SUPERAntiSpyware.com)
* c:\windows\system32\zonelabs\vsmon.exe (Zone Labs, LLC)
* c:\windows\system32\wscntfy.exe (Microsoft Corporation)
* c:\archivos de programa\zone labs\zonealarm\zlclient.exe (Zone Labs, LLC)

002 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
c:\archivos de programa\ati technologies\ati control panel\atiptaxx.exe (ATI Technologies, Inc.)
* c:\archiv~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
c:\archivos de programa\hp\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
c:\archivos de programa\java\j2re1.4.2_03\bin\jusched.exe
* c:\archivos de programa\zone labs\zonealarm\zlclient.exe (Zone Labs, LLC)

003 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
c:\archivos de programa\microsoft activesync\wcescomm.exe (Microsoft Corporation)
c:\archivos de programa\superantispyware\superantispyware.exe (SUPERAntiSpyware.com)

005 C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio
c:\archiv~1\archiv~1\adobe\calibr~1\adobeg~1.exe (Adobe Systems, Inc.)
c:\archiv~1\widcomm\softwa~1\bttray.exe (WIDCOMM, Inc.)

010 HKLM\SYSTEM\CurrentControlSet\Services (Services)
c:\windows\system32\ati2sgag.exe (ATI Smart)
* c:\archivos de programa\alwil software\avast4\ashserv.exe (avast! Antivirus)
* c:\archivos de programa\alwil software\avast4\aswupdsv.exe (avast! iAVS4 Control Service)
* c:\archivos de programa\alwil software\avast4\ashmaisv.exe (avast! Mail Scanner)
* c:\archivos de programa\alwil software\avast4\ashwebsv.exe (avast! Web Scanner)
c:\archivos de programa\widcomm\software bluetooth\bin\btwdins.exe (Bluetooth Service)
C:\windows\system32\cryptainersrv.exe (Cryptainer service)
c:\archivos de programa\archivos comunes\macromedia shared\service\macromedia licensing.exe (Macromedia Licensing Service)
c:\windows\system32\oodag.exe (O&O Defrag)
c:\windows\system32\hpzipm12.exe (Pml Driver HPZ12)
c:\archivos de programa\photodex\proshowgold\scsiaccess.exe (ScsiAccess)
* c:\windows\system32\zonelabs\vsmon.exe (TrueVector Internet Monitor)

011 HKLM\SYSTEM\CurrentControlSet\Services (drivers)
* c:\windows\system32\drivers\aswrdr.sys (aswRdr)
* c:\windows\system32\drivers\aavmker4.sys (avast! Asynchronous Virus Monitor)
* c:\windows\system32\drivers\aswtdi.sys (avast! Network Shield Support)
* c:\windows\system32\drivers\aswmon2.sys (avast! Standard Shield Support)
c:\windows\system32\drivers\btslbcsp.sys (Bluetooth Port Client Driver)
C:\windows\system32\drivers\btkrnl.sys (Bluetooth Protocol Stack)
c:\windows\system32\drivers\btserial.sys (Bluetooth Serial Driver)
- c:\windows\system32\drivers\changer.sys (Changer)
- c:\windows\system32\drivers\ikfileflt.sys (File Filter Driver)
C:\windows\system32\drivers\adildr.sys (General Purpose USB Driver (adildr.sys))
C:\windows\system32\drivers\slabser.sys (Global Positioning System Drivers)
C:\windows\system32\drivers\slabbus.sys (GPS USB Composite Device driver (WDM))
- c:\windows\system32\drivers\i2omgmt.sys (i2omgmt)
C:\windows\system32\drivers\imagedrv.sys (imagedrv)
C:\windows\system32\drivers\imagesrv.sys (imagesrv)
- c:\windows\system32\drivers\lbrtfdc.sys (lbrtfdc)
c:\windows\system32\ntsim.sys (NTSIM)
C:\windows\system32\drivers\pfc.sys (Padus ASPI Shell)
- c:\windows\system32\drivers\pcidump.sys (PCIDump)
- c:\windows\system32\drivers\pdcomp.sys (PDCOMP)
- c:\windows\system32\drivers\pdframe.sys (PDFRAME)
- c:\windows\system32\drivers\pdreli.sys (PDRELI)
- c:\windows\system32\drivers\pdrframe.sys (PDRFRAME)
c:\archivos de programa\superantispyware\sasdifsv.sys (SASDIFSV)
c:\archivos de programa\superantispyware\sasenum.sys (SASENUM)
c:\archivos de programa\superantispyware\saskutil.sys (SASKUTIL)
c:\windows\system32\drivers\scdemu.sys (SCDEmu)
* C:\windows\system32\zonelabs\srescan.sys (srescan)
* c:\windows\system32\drivers\ssoftnt4.sys (ssoftnt4)
- c:\windows\system32\drivers\iksysflt.sys (System Filter Driver)
* C:\windows\system32\drivers\truecrypt.sys (truecrypt)
C:\windows\system32\drivers\adiusbaw.sys (USB ADSL WAN Adapter)
* C:\windows\system32\vsdatant.sys (vsdatant)
- c:\windows\system32\drivers\wdica.sys (WDICA)
- f:\winpooch\winpooch.sys (Winpooch kernel spy)

030 HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
C:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}

031 HKLM\SOFTWARE\Classes\PROTOCOLS\Handler
c:\archivos de programa\hp\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) {CF184AD3-CDCB-4168-A3F7-8E447D129300}
c:\archivos de programa\microsoft activesync\aatp.dll (Microsoft Corporation) {d7b95390-b1c5-11d0-b111-0080c712fe82}

035 HKLM-HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
c:\windows\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}

052 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
GUID / CLSID not found {7E853D72-626A-48EC-A868-BA8D5E23E045}
GUID / CLSID not found {E947A403-B614-4FA8-B9E7-E790F0BDC87E}

061 HKLM-HCKU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
* c:\archivos de programa\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
c:\archivos de programa\axon data\axcrypt\axcrypt.dll (Axon Data) {A1834C72-29AF-4C85-8420-E55404EAB08D}
- deskpan.dll {42071714-76d4-11d1-8b24-00a0c9068ff3}
c:\windows\system32\mscoree.dll (Microsoft Corporation) {1D2680C9-0E2A-469d-B787-065558BC7D43}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509050}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509056}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509054}
c:\windows\system32\shellext\gmailfs.dll (Bjarke Viksoe) {2B3453E4-49DF-11D3-8229-0080BE509052}
* c:\archivos de programa\zone labs\zonealarm\zlavscan.dll (Zone Labs, LLC) {D9872D13-7651-4471-9EEE-F0A00218BEBB}
c:\windows\system32\btneighborhood.dll (WIDCOMM, Inc.) {6af09ec9-b429-11d4-a1fb-0090960218cb}
c:\archivos de programa\poweriso\pwrisosh.dll (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}
* c:\archivos de programa\smartftp client\smarthook.dll (SmartSoft Ltd.) {B8323370-FF27-11D2-97B6-204C4F4F5020}
c:\archivos de programa\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\archiv~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\archiv~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79305-84BE-11CE-9641-444553540000}
c:\archiv~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79306-84BE-11CE-9641-444553540000}
c:\archiv~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79307-84BE-11CE-9641-444553540000}

063 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute
- oodbs

067 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
c:\archivos de programa\superantispyware\saswinlo.dll (SUPERAntiSpyware.com)

069 HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
C:\windows\system32\bthcrp.dll (WIDCOMM, Inc.)

073 %windir%\Tasks
Actualización de Productos de IdiomaX.job : c:\archivos de programa\archivos comunes\idiomax shared\cat 6.0\idxlupdate.exe

100 Internet Explorer settings
Start Page HKCU : http://www.google.es/

104 HKLM\Software\Microsoft\Code Store Database\Distribution Units
GUID / CLSID not found {33564D57-0000-0010-8000-00AA00389B71}
c:\archivos de programa\java\j2re1.4.2_03\bin\npjpi142_03.dll (JavaSoft / Sun Microsystems, Inc.) {8AD9C840-044E-11D1-B3E9-00805F499D93}
GUID / CLSID not found {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
* c:\windows\downloaded program files\banksht2.dll (pixelStorm entertainment studios Inc.) {BD393C14-72AD-4790-A095-76522973D6B8}
c:\archivos de programa\java\j2re1.4.2_03\bin\npjpi142_03.dll (JavaSoft / Sun Microsystems, Inc.) {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
c:\windows\instal~1.ocx (Westech Korea Inc) {D4DCE020-AF15-49B5-B86D-E92A28ADBBA5}

105 HKCU\Software\Microsoft\Internet Explorer\MenuExt
E&xportar a Microsoft Excel : res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Enviar a &Bluetooth : C:\Archivos de programa\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm

170 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
{6986d8b8-051e-11dc-a694-0009dd1039c6} : F:\MENUUSB.HTML
{9767223a-09f3-11dc-a6a4-0009dd1039c6} : F:\PStart.exe
{bfe86884-9e66-11db-a520-0009dd1039c6} : PStart.exe

173 HKCR\*\shellex\ContextMenuHandlers
c:\archivos de programa\promt5\promt\prmshell.dll (PROject MT, Ltd.) {179A4540-F689-11d3-BEDC-00E0290CDC2F}
GUID / CLSID not found {1F77B17B-F531-44DB-ACA4-76ABB5010A28}
* c:\archivos de programa\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
GUID / CLSID not found {8FF88D27-7BD0-11D1-BFB7-00AA00262A11}
c:\archivos de programa\poweriso\pwrisosh.dll (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
c:\archivos de programa\axon data\axcrypt\axcrypt.dll (Axon Data) {A1834C72-29AF-4C85-8420-E55404EAB08D}
c:\archivos de programa\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
* c:\archivos de programa\zone labs\zonealarm\zlavscan.dll (Zone Labs, LLC) {D9872D13-7651-4471-9EEE-F0A00218BEBB}
c:\archiv~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\archivos de programa\one-click ringtone converter\shell.dll (Streamware Development) One-click Ringtone Converter
c:\archivos de programa\superantispyware\sasctxmn.dll (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
Back to top
 
Users browsing this topic
Guest

RunScanner » RunScanner (English) » Beta testing » That hides here?


Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

SoClean Theme Created by Jaben Cargman
Powered by YetAnotherforum.net
Copyright © 2003-2006 Yet Another Forum.net. All rights reserved.
This page was generated in 0.098 seconds.