Startup List Results
Startup Entry
Startup Entry
| Name | Filename | Description | Status |
| Gestionnaire des tâches de Windows | taskmgr.exe | Detected as Backdoor.Win32.Poison.fat by Kaspersky anti-virus. Note: Do not remove the legitimate file in \%WINDIR%\System32\taskmgr.exe Note: Use SDFix under supervision. | X |
| Microsoft | taskmgr.exe | Added by the Troj/Agent-VUT Trojan. Note: Located in \%Temp%\ Note: Do not remove the legitimate (taskmgr.exe) file which is always found in \%Windir%\%System%\ | X |
| Configuracion Del Sistema | taskmgr.exe | Added by the Troj/Agent-SWD Trojan. Note: Located in \%AppData%\ Note: Do not remove the legitimate (taskmgr.exe) file which is always found in \%Windir%\%System%\ | X |
| Windows Dump Error | taskmgr.exe | Added by the W32/Palevo-X WORM! Note: Located in \%WINDIR%\ Note: Do not remove the legitimate taskmgr.exe file which is always found in \%WINDIR%\%System%\ | X |
| taskmgr | taskmgr.exe | Added by the TROJ_UNDEF.QI Note: Located in \%WINDIR%\temp\cookies\ Note: Do not remove the legitimate taskmgr.exe file which is always found in \%WINDIR%\%System%\ | X |
O23 List Results
Windows Services
Windows Services
| Name | Filename | Description | Status |
| Remote Storage (Rmtstrg) | taskmgr.exe | Added by the Troj/Spy-UN TOJAN! Note: This worm\trojan is located in C:\%WINDIR%\System32\drivers\ (XP/WinNT/2K) Note: Read the link, monitors websites visited and report them to a remote site | X |
| Remote Storage (RS) (Rmtstrg2) | taskmgr.exe | Added by a varian the Troj/Spy-UN TOJAN! Note: This worm\trojan is located in C:\%WINDIR%\System32\drivers\ (XP/WinNT/2K) Note: Read the link, monitors websites visited and report them to a remote site | X |
| Task Manager Help (TskHlp) | taskmgr.exe | Backdoor.ServU-based : Location: C:\wutemp\taskmgr.exe Note: The Windows file taskmgr.exe is located in C:\WINDOWS\System32\taskmgr.exeand should not be removed. | X |
Drivers List Results
Driver Entry
Driver Entry
| Name | Filename | Description | Status |
| LocationTaskManager | loctaskmgr.exe | Related to the loctaskmgr.exe Lenovo Settings Location Awareness from Lenovo | L |
Active Setup List Results
Active Setup - Installed Component
Active Setup - Installed Component
| CLSID | Name | Filename | Description | Status |
| {2CEA6FD1-3AC2-CDEF-B8FF-F3CB1A7EBD4E} | (no name) | taskmgr.exe | Infostealer trojan, detected by Microsoft as Worm:Win32/Ainslot.A - also see here | X |
| {U3I506GK-P287-770R-LAF5-MT52361L485U} | (no name) | taskmgr.exe | Infostealer trojan, dropper detected by Kaspersky antivirus as Trojan-Spy.Win32.KeyLogger.qzp - also see this ThreatExpert Report | X |
| {52A5S3T3-M7C7-N057-63N7-ARDOJHP61W37} | (no name) | taskmgr.exe | Infostealer trojan, dropper detected by Sophos antivirus as Troj/Zbot-KZM | X |
| {52SBM055-73A0-U1B6-JLRK-O1584EGN62N2} | (no name) | taskmgr.exe | Infostealer trojan, dropper detected by Kaspersky antivirus as Trojan-Spy.Win32.KeyLogger.qzp | X |
| {7YBFXUI8-72F5-P0V7-WU71-E671N7660MOQ} | (no name) | taskmgr.exe | Infostealer trojan, dropper detected by ESET's Nod32 antivirus as Win32/AutoRun.Remtasu.E - also see here | X |