PDA

View Full Version : TOOLS-System Startup advises VIRUS



TreeHead
2006-06-11, 20:42
TOOLS - System Startup provides the following info:

Under the heading, Key - HK_LM:RunServices
Under the heading, Value - LoadPowerProfile
Under the heading, Command Line - Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

The Additional Window (for more info.) provides the following:

Current filename: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Database status: Not required - virus, spyware, malware or other resource hog
Value: LoadPowerProfile
Filename: ASDAPI.EXE
Description:
Added by the CABRO TROJAN! Not to be confused with the valid LoadPowerProfile entry where the comman is Rundll32.exe powrprof.dll
-----------------------------------------------
During normal usage of my system, my monitor shuts off after approx. 15 minutes of non-use. However when I toggle the above entry, to disable same, my monitor NEVER shuts off. I would like my monitor to continue shutting off after 15 minutes of non-use; but obviously don't want the virus. Can anyone please advise? The following additional information is copied & pasted from TOOLS-View Report-Startup List:
Located: HK_LM:RunServices, LoadPowerProfile
command: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
file: C:\WINDOWS\Rundll32.exe
size: 24576
MD5: 208c3f7142c109f3055cb07c95af0f2e

Cosmo
2006-06-11, 20:59
Hm, you didnt mention your OS ans it si also not really clear for me, to which file filesize and md5 belong.

Well, my is XP-Pro SP 2, Both rundll32.exe and powrprof.dll have different size and checksum as your file.

TreeHead
2006-06-13, 04:33
Operating System = Windows ME

The *only info. about the file, file size and MD5 which I can find is copied & pasted from TOOLS-View Report-Startup List (see below):
*IF there is somewhere else I should be looking for this info., or if additional info. is required, kindly advise where I need to look. Thanks.

Located: HK_LM:RunServices, LoadPowerProfile
command: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
file: C:\WINDOWS\Rundll32.exe
size: 24576
MD5: 208c3f7142c109f3055cb07c95af0f2e