New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 24)
· Marcia's (CO8)
· Bill G's (CO12)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 1194
Comments: 21
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsFavForums 

Power Scan

 
Post new topic   Reply to topic       All -> FavForums -> Security - Guests
View previous topic :: View next topic  
Author Message
Eddie

Guest
PostPosted: Mon Apr 12, 2004 9:18 pm    Post subject: Power Scan
Reply with quote
Power Scan was loaded on my computer and I was wondering how to get rid of it. I downloaded HiJackThis and ran it. I appreciate any help to get power scan off my computer and any recommendations to keep my computer safe.

Thank you,

Eddie

Logfile of HijackThis v1.97.7
Scan saved at 6:05:48 PM, on 4/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\program files\internet optimizer\sim\msbb.exe
C:\WINDOWS\System32\msrexe.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\ClockSync\Sync.exe
C:\Program Files\TM1184\ControlUtility\ControlUtility.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Eddie\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe
C:\Program Files\Common Files\Real\Update_OB\realevent.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://ok-search.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page..._id=138442
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page..._id=138442
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dellnet.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.searchdot.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchdot.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page..._id=138442
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.searchv.com/w/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://www.the-huns-yellow-pages.com/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://mshp.dll/index.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchdot.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://mshp.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://mshp.dll/index.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://mshp.dll/sp.html#10213
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.searchv.com/w/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchv.com/w/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchv.com/w/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://dellnet.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://www.supret.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = C:\WINDOWS\system32\searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://findloss.com/srchasst.html
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 66.197.100.83 auto.search.msn.com
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {2E9CAFF6-30C7-4208-8807-E79D4EC6F806} - C:\Program Files\Submit\submithook.dll
O2 - BHO: . - {587DBF2D-9145-4c9e-92C2-1F953DA73773} - C:\Documents and Settings\Eddie\Application Data\winyp\winyp32.dll (file missing)
O2 - BHO: (no name) - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem214.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O2 - BHO: OsbornTech Popup Blocker - {FF1BF4C7-4E08-4A28-A43F-9D60A9F7A880} - C:\WINDOWS\System32\mshelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Program Files\ISTbar\istbar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [msbb] c:\program files\internet optimizer\sim\msbb.exe
O4 - HKLM\..\Run: [xgxyzet] C:\WINDOWS\xgxyzet.exe
O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.exe
O4 - HKLM\..\Run: [zylwjgd] C:\WINDOWS\zylwjgd.exe
O4 - HKLM\..\Run: [rqlonaf] C:\WINDOWS\rqlonaf.exe
O4 - HKLM\..\Run: [jkd] C:\WINDOWS\jkd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Global Startup: Dell Control Utility.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MoneySide (HKLM)
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\svufzwow.exe
O16 - DPF: {11111111-1111-1111-1111-115945664298} - mhtml:file://C:NO_SUCH_MHT.MHT!http://www.008k.com/partner/inst/f10213.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C...0058912037
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc...wflash.cab
Back to top
Display posts from previous:   
Post new topic   Reply to topic       All -> FavForums -> Security - Guests All times are GMT - 5 Hours
Page 1 of 1

 
 
Quick Reply:
Username: 

Quote the last message
Attach signature (signatures can be changed in profile)
 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB 2.0.8a © 2001 phpBB Group

Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 1218 pages served in previous 5 minutes. Page Rendered: 1.067 seconds.