Our November Competition
 User Reviews - Add Yours!
The PCHF Lounge
Go Back   PC Help Forum » Security & Safety » Anti-Virus
Reload this Page Runscanner log
Register for a Free Account

Anti-Virus - Runscanner log posted in the Security & Safety forums; Runscanner logfile * = signed file - = file not found General info ------------ Computer name : ANKUR Creation time : 8/7/2009 2:56:36 PM Hosts <> 127.0.0.1 : 0 Hosts ...


Reply
Free PC Performance Scan
Old 08-07-2009   #1
Moderator
 
Ankur's Avatar
 
Join Date: Jul 2009
Location: India
Posts: 129
PC Experience: Experienced
Default Runscanner log
Runscanner logfile

* = signed file
- = file not found

General info
------------
Computer name : ANKUR
Creation time : 8/7/2009 2:56:36 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.6001.18702
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.8.1.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe (eLitecore Technologies Ltd.)
* C:\Program Files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe (Anonymizer)
* C:\Program Files\Anonymizer\Anonymizer Software\common\AnonProxy.exe ( Anonymizer, Inc.)
* C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe (Anonymizer)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
C:\Program Files\Prevx\prevx.exe (Prevx)
C:\Program Files\Prevx\prevx.exe (Prevx)
* C:\Documents and Settings\Ankur\Desktop\RunScanner.exe (Runscanner.net)
C:\Program Files\Sandboxie\SbieSvc.exe (tzuk)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\ZONELABS\vsmon.exe (Check Point Software Technologies LTD)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
* C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

Unrated items
-------------
002 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
003 * C:\Program Files\Anonymizer\Anonymizer Software\Anonymizer.exe (Anonymizer)
005 C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe (eLitecore Technologies Ltd.)
010 * C:\Program Files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe (Anonymizer Management Service)
010 C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira AntiVir Guard)
010 C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira AntiVir Scheduler)
010 C:\Program Files\Prevx\prevx.exe (CSIScanner)
010 C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe (MSSQLSERVER)
010 C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (MSSQLServerADHelper)
010 C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Service)
010 C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlagent.exe (SQLSERVERAGENT)
011 * C:\Program Files\Avira\AntiVir Desktop\avgio.sys (avgio)
011 * C:\WINDOWS\system32\DRIVERS\avgntflt.sys (avgntflt)
011 * C:\WINDOWS\system32\DRIVERS\avipbb.sys (avipbb)
011 * C:\WINDOWS\System32\drivers\keyscrambler.sys (KeyScrambler)
011 C:\Program Files\Sandboxie\SbieDrv.sys (SbieDrv)
011 C:\WINDOWS\system32\DRIVERS\secdrv.sys (Secdrv)
011 * C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv)
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
031 C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) {E1D2BF42-A96B-11d1-9C6B-0000F875AC61}
031 C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) {E1D2BF42-A96B-11d1-9C6B-0000F875AC61}
031 C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) {314111c7-a502-11d2-bbca-00c04f8ec294}
031 C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) {E1D2BF40-A96B-11d1-9C6B-0000F875AC61}
035 C:\WINDOWS\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
052 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
052 * C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) {2B9F5787-88A5-4945-90E7-C4B18563BC5E}
061 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
061 C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
061 C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}
061 * C:\Program Files\Folder Lock 6\FLContextMenu.dll (NewSoftwares.net, Inc.) {03B54A4E-A635-418E-81FC-CF60CBB141AA}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
100 ProxyOverride HKCU : local
100 ProxyServer HKCU : http=198.163.152.230:3128
100 SearchUrl HKCU : Yahoo!
120 NameServer {04556D89-9AB3-4DE6-8109-9454BC0EE5E0} : 192.168.109.1,61.246.243.2
145 * C:\WINDOWS\system32\drivers\keyscrambler.sys (QFX Software Corporation)
173 GUID / CLSID not found
173 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
173 * C:\Program Files\Folder Lock 6\FLContextMenu.dll (NewSoftwares.net, Inc.) {03B54A4E-A635-418E-81FC-CF60CBB141AA}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found
221 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
221 * C:\Program Files\Folder Lock 6\FLContextMenu.dll (NewSoftwares.net, Inc.) {03B54A4E-A635-418E-81FC-CF60CBB141AA}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found
227 * C:\Program Files\Folder Lock 6\FLContextMenu.dll (NewSoftwares.net, Inc.) {03B54A4E-A635-418E-81FC-CF60CBB141AA}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\DOCUME~1\Ankur\LOCALS~1\Temp\catchme.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
061 deskpan.dll
Ankur is offline   Reply With Quote
Advertisement - Register to Remove
Old 08-07-2009   #2
Mod Team Leader
 
smokeycheech's Avatar
 
Join Date: Dec 2005
Location: Skynet HQ (kinda near PCHF bunker)
Posts: 2,189
PC Experience: Learning more every day!
Default Re: Runscanner log
Hello Ankur, welcome back to the forum!

We have a tried and tested method of malware removal here - if you could please click this link then follow all the instructions and post back the requested logs, then we can get our security team on the case to assist you

Please be sure to update Malwarebytes and run a full scan.

Looking forward to your reply,

Smokeycheech
__________________
If an elephant never forgets, how come they never win mastermind?
smokeycheech is offline   Reply With Quote
Old 08-08-2009   #3
Tech Support Team
 
Crush's Avatar
 
Join Date: Sep 2008
Location: Caldwell, New Jersey
Posts: 10,112
PC Experience: Always Learning New Things
Default Re: Runscanner log
Ankur,

You currently have a thread going in the In Progress section of the Security Forums. Is this for the same PC?

http://www.pchelpforum.com/progress-...omputer-3.html
__________________
Crush aka Chris
[Prework][Afterwork][PCHF Rules][BSOD's][SFC][Screenshots][PC Specs][Donate]
I am in fact, quite cool. My graphing calculator confirms this
Crush is offline   Reply With Quote

Reply


Bookmarks

Tags
log, runscanner
Similar discussions...
Thread Thread Starter Forum Replies Last Post
Fixed: Runscanner report analysis emil.sekula Spyware / AdWare 22 08-03-2009 05:31 PM
Pending: Runscanner.net whycomputerwhy [Pending] HJT Logs 27 04-02-2009 11:47 PM
Runscanner Highball Windows XP/2000 7 03-31-2008 04:57 PM

« Comodo Virus scan | Best security suite? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On


Site Map - Top

All times are GMT. The time now is 02:55 AM.
Powered by vBulletin
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2