cracked xp pro sp1 true - PROXY HIJACK SVCHOST.EXE

stirfry · Guest

The rumours of a cracked XP Pro sp1 are true. I have been having reoccuring trouble with extra CPU utilization in a service.exe and SCHOST.exe. I have not been able to get an trojan/scanner to work for a week now. I saw reference to the rumour and VOILA.

One of our IT guys installed this bogus SPAM factory on to my laptop. Its actually an amazing piece of work. All of the links to every icon are bogus and the actual os files are renamed and scrambled on disk. There is frontpage, database utilities, spam tools, remote access through cyrix, thelist goes on and on. All this is hidden from you until its too late.

if anyone is interested I can provide more info.
Here is a dir of the system32 directory:
Directory of C:\WINDOWS\system32

[.] [..] [xircom]
[1025] [1028] [1031]
[1033] [1037] [1041]
[1042] [1054] [wins]
[wbem] [2052] [3076]
[3com_dmi] [usmt] termcap
[spool] [ShellExt] [Setup]
[Restore] [ras] [oobe]
[npp] [mui] [ZoneLabs]
[MsDtc] [Macromed] [inetsrv]
[IME] [icsxml] [ias]
[export] [drivers] [dllcache]
[DirectX] [dhcp] [config]
[Com] [CatRoot2] [CatRoot]
l3codeca.acm sl_anet.acm tssoft32.acm
msadp32.acm msaud32.acm msg711.acm
msg723.acm msgsm32.acm imaadp32.acm
ksproxy.ax l3codecx.ax acelpdec.ax
g711codc.ax wmvds32.ax wmv8ds32.ax
mpg2splt.ax msscds32.ax wiasf.ax
mpg4ds32.ax msadds32.ax vbisurf.ax
oembios.bin mib.bin Dcache.bin
setup.bmp cliconf.chm sqlsodbc.chm
noise.chs noise.cht login.cmd
usrlogon.cmd diskcopy.com mode.com
more.com loadfix.com diskcomp.com
format.com win.com chcp.com
command.com tree.com kb16.com
graftabl.com graphics.com edit.com
ega.cpi intl.cpl hdwwiz.cpl
sysdm.cpl appwiz.cpl joy.cpl
access.cpl main.cpl telephon.cpl
odbccp32.cpl timedate.cpl nwc.cpl
mmsys.cpl desk.cpl inetcpl.cpl
nusrmgr.cpl powercfg.cpl ncpa.cpl
12520850.cpx 12520437.cpx mlang.dat
FNTCACHE.DAT emptyregdb.dat secupd.dat
perfi009.dat oembios.dat noise.dat
perfc009.dat perfd009.dat perfh009.dat
zllictbl.dat dssec.dat wpa.dbl
noise.deu wbdbase.deu wbcache.deu
cfgmgr32.dll wowfaxui.dll certcli.dll
wowfax.dll wow32.dll ciadmin.dll
ws2help.dll cic.dll wmvdmoe.dll
ciodm.dll wmvdmod.dll wmvcore2.dll
wmvcore.dll clb.dll clbcatex.dll
clbcatq.dll cdosys.dll cdmodem.dll
cliconfg.dll wmv8dmod.dll wmstream.dll
wmsdmoe.dll wmsdmod.dll clusapi.dll
cmcfg32.dll wmpui.dll cmdial32.dll
wmpshell.dll wmploc.dll wmpcore.dll
wmpcd.dll wmnetmgr.dll cmpbk32.dll
cmprops.dll wmiscmgr.dll cmutil.dll
cnbjmon.dll cnetcfg.dll cnvfat.dll
colbact.dll wmiprop.dll comaddin.dll
comcat.dll comctl32.dll comdlg32.dll
wmi.dll cdm.dll commdlg.dll
wmerrenu.dll wmdmps.dll compatUI.dll
wmdmlog.dll compobj.dll compstui.dll
comrepl.dll comres.dll comsnap.dll
cfgbkend.dll comuid.dll wmasf.dll
wmadmoe.dll wmadmod.dll confmsp.dll
wlnotify.dll console.dll wldap32.dll
wkssvc.dll corpol.dll wintrust.dll
credui.dll crtdll.dll crypt32.dll
cryptdlg.dll cryptdll.dll cryptext.dll
cryptnet.dll cryptsvc.dll cryptui.dll
cscdll.dll winstrm.dll cscui.dll
csrsrv.dll winsta.dll csseqchk.dll
winsrv.dll ctl3d32.dll ctl3dv2.dll
winsock.dll winscard.dll cdfview.dll
winrnr.dll winntbbu.dll winnls.dll
winmm.dll winipsec.dll wininet.dll
winhttp.dll winfax.dll winbrand.dll
win87em.dll win32spl.dll ccfgnt.dll
wifeman.dll wiavusd.dll wiavideo.dll
wiashext.dll catsrvut.dll wiaservc.dll
wiascr.dll wiadss.dll wiadefui.dll
webvw.dll webhits.dll webclnt.dll
webcheck.dll wdigest.dll catsrvps.dll
cewmdm.dll comsvcs.dll wavemsp.dll
w32topl.dll w32time.dll vwipxspx.dll
vsutil.dll vss_ps.dll vssapi.dll
vspubapi.dll vsmonapi.dll vsdata.dll
vjoy.dll vga64k.dll vga256.dll
vga.dll vfpodbc.dll version.dll
verifier.dll ver.dll vdmredir.dll
vdmdbg.dll vcdex.dll vbscript.dll
catsrv.dll vbajet32.dll d3d8.dll
d3d8thk.dll d3dim.dll d3dim700.dll
d3dpmesh.dll d3dramp.dll d3drm.dll
d3dxof.dll danim.dll dataclen.dll
datime.dll davclnt.dll uxtheme.dll
dbgeng.dll dbghelp.dll dbmsadsn.dll
dbmsrpcn.dll dbmsvinn.dLL dbnetlib.dll
dbnmpntw.dll alrsvc.dll dciman32.dll
utildll.dll ddeml.dll usrvpa.dll
ddraw.dll ddrawex.dll usrvoica.dll
usrv80a.dll ws2_32.dll deskadp.dll
deskmon.dll deskperf.dll usrv42a.dll
devenum.dll usrsvpia.dll devmgr.dll
usrsdpia.dll usrrtosa.dll cards.dll
dfrgres.dll dfrgsnap.dll dfrgui.dll
dfsshlex.dll dgnet.dll dgrpsetu.dll
dgsetup.dll advpack.dll dhcpcsvc.dll
dhcpmon.dll dhcpsapi.dll diactfrm.dll
usrlbva.dll digest.dll dimap.dll
dinput.dll dinput8.dll advapi32.dll
capesnpn.dll camocx.dll diskcopy.dll
usrfaxa.dll usrdtea.dll usrdpa.dll
dispex.dll adsnw.dll usrcoina.dll
usrcntra.dll usp10.dll dmband.dll
dmcompos.dll dmconfig.dll dmdlgs.dll
dmdskmgr.dll dmdskres.dll dmime.dll
dmintf.dll dmloader.dll dmocx.dll
6to4svc.dll dmscript.dll dmserver.dll
dmstyle.dll dmsynth.dll dmusic.dll
dmutil.dll userenv.dll dnsapi.dll
dnsrslvr.dll docprop.dll docprop2.dll
user32.dll usbui.dll dpcdll.dll
dplay.dll usbmon.dll dplayx.dll
dpmodemx.dll dpnaddr.dll dpnet.dll
dpnhpast.dll dpnhupnp.dll dpnlobby.dll
dpnmodem.dll urlmon.dll dpnwsock.dll
dpserial.dll dpvacm.dll dpvoice.dll
url.dll dpvvox.dll dpwsock.dll
dpwsockx.dll ureg.dll adsnt.dll
drmclien.dll drmstor.dll drmv2clt.dll
drprov.dll upnpui.dll upnphost.dll
ds16gt.dLL ds32gt.dll dsauth.dll
dsdmo.dll dsdmoprp.dll dskquota.dll
dskquoui.dll dsound.dll upnp.dll
dsound3d.dll dsprop.dll dsprpres.dll
dsquery.dll wsecedit.dll dssec.dll
dssenh.dll dsuiext.dll dswave.dll
untfs.dll duser.dll uniplat.dll
unimdmat.dll umpnpmgr.dll dx7vb.dll
dx8vb.dll umdmxfrm.dll dxmasf.dll
dxmrtp.dll dxtmsft.dll dxtrans.dll
wshatm.dll umandlg.dll ulib.dll
efsadu.dll cabview.dll els.dll
cabinet.dll encapi.dll encdec.dll
EqnClass.Dll ersvc.dll es.dll
esent.dll esent97.dll esentprf.dll
ufat.dll udhisapi.dll typelib.dll
txflog.dll browsewm.dll eventcls.dll
tsddd.dll eventlog.dll tsd32.dll
tscfgwmi.dll tsbyuv.dll tsappcmp.dll
trkwks.dll browseui.dll adsnds.dll
expsrv.dll traffic.dll exts.dll
toolhelp.dll faultrep.dll tlntsvrp.dll
fde.dll fdeploy.dll feclient.dll
filemgmt.dll browser.dll themeui.dll
termsrv.dll termmgr.dll fldrclnr.dll
fmifs.dll browselc.dll fontext.dll
fontsub.dll aaaamon.dll wshcon.dll
wshext.dll framebuf.dll tcpmonui.dll
tcpmon.dll fsusd.dll tcpmib.dll
tapiui.dll ftsrch.dll bootvid.dll
tapisrv.dll gcdef.dll tapiperf.dll
gdi32.dll tapi32.dll tapi3.dll
getuname.dll glmf32.dll glu32.dll
gpedit.dll tapi.dll gpkcsp.dll
gpkrsrc.dll t2embed.dll gptext.dll
syssetup.dll wship6.dll wshisn.dll
sysinv.dll blackbox.dll syncui.dll
synceng.dll h323msp.dll hal.dll
wshnetbs.dll sxs.dll swprv.dll
hhsetup.dll hid.dll svcpack.dll
strmdll.dll hlink.dll hnetcfg.dll
hnetmon.dll hnetwiz.dll streamci.dll
storprop.dll hotplug.dll hticons.dll
htui.dll hypertrm.dll adsmsext.dll
iasacct.dll iasads.dll iashlpr.dll
iasnap.dll iaspolcy.dll iasrad.dll
iasrecst.dll iassam.dll iassdo.dll
iassvcs.dll icaapi.dll iccvid.dll
icfgnt5.dll icm32.dll icmp.dll
icmui.dll adsldpc.dll icwdial.dll
icwphbk.dll storage.dll idq.dll
stobject.dll ieakeng.dll ieaksie.dll
ieakui.dll iedkcs32.dll iepeers.dll
iernonce.dll iesetup.dll sti_ci.dll
sti.dll ifmon.dll ifsutil.dll
igmpagnt.dll iissuba.dll ils.dll
WshRm.dll imagehlp.dll stclient.dll
adsldp.dll imeshare.dll imgutil.dll
imm32.dll inetcfg.dll inetcomm.dll
bidispl.dll inetcplc.dll inetmib1.dll
inetpp.dll inetppui.dll inetres.dll
adptif.dll infosoft.dll initpki.dll
input.dll inseng.dll ssdpsrv.dll
batt.dll iologmsg.dll ssdpapi.dll
srvsvc.dll iphlpapi.dll ipmontr.dll
ipnathlp.dll ippromon.dll iprop.dll
iprtprio.dll iprtrmgr.dll srsvc.dll
ipsecsnp.dll ipsecsvc.dll ipsmsnap.dll
srrstr.dll ipv6mon.dll ipxmontr.dll
ipxpromn.dll ipxrip.dll srclient.dll
ipxrtmgr.dll ipxsap.dll ipxwan.dll
ir32_32.dll irclass.dll isign32.dll
isrdbg32.dll itircl.dll itss.dll
iuctl.dll iuengine.dll batmeter.dll
iyuv_32.dll jet500.dll jgaw400.dll
jgdw400.dll jgmd400.dll jgpl400.dll
jgsd400.dll jgsh400.dll jobexec.dll
basesrv.dll jscript.dll jsproxy.dll
sqlwoa.dll sqlwid.dll avwav.dll
KBDAL.DLL kbdaze.dll kbdazel.dll
kbdbe.dll kbdbene.dll kbdblr.dll
kbdbr.dll kbdbu.dll kbdca.dll
kbdcan.dll kbdcr.dll kbdcz.dll
kbdcz1.dll kbdcz2.dll kbdda.dll
kbddv.dll kbdes.dll kbdest.dll
kbdfc.dll kbdfi.dll kbdfo.dll
kbdfr.dll kbdgae.dll kbdgkl.dll
kbdgr.dll kbdgr1.dll kbdhe.dll
kbdhe220.dll kbdhe319.dll kbdhela2.dll
kbdhela3.dll kbdhept.dll kbdhu.dll
kbdhu1.dll kbdic.dll kbdir.dll
kbdit.dll kbdit142.dll kbdkaz.dll
kbdkyr.dll kbdla.dll kbdlt.dll
kbdlt1.dll kbdlv.dll kbdlv1.dll
kbdmac.dll kbdmon.dll kbdne.dll
kbdnec.dll kbdno.dll kbdpl.dll
kbdpl1.dll kbdpo.dll kbdro.dll
kbdru.dll kbdru1.dll kbdsf.dll
kbdsg.dll kbdsl.dll kbdsl1.dll
kbdsp.dll kbdsw.dll kbdtat.dll
kbdtuf.dll kbdtuq.dll kbduk.dll
kbdur.dll kbdus.dll kbdusl.dll
kbdusr.dll kbdusx.dll kbduzb.dll
kbdycc.dll kbdycl.dll kd1394.dll
kdcom.dll kerberos.dll kernel32.dll
sqlunirl.dll sqlsrv32.dll avtapi.dll
keymgr.dll spxcoins.dll sprio800.dll
sprio600.dll avmeter.dll ksuser.dll
avifile.dll avifil32.dll spoolss.dll
langwrbk.dll avicap32.dll laprxy.dll
licdll.dll licmgr10.dll licwmi.dll
spnike.dll linkinfo.dll lmhsvc.dll
lmrt.dll softpub.dll avicap.dll
loadperf.dll snmpsnap.dll localsec.dll
localspl.dll localui.dll snmpapi.dll
smlogcfg.dll wshtcpip.dll loghours.dll
wsnmp32.dll slbrccsp.dll slbiop.dll
slbcsp.dll slayerxp.dll skdll.dll
lpk.dll sisbkup.dll sigtab.dll
lprhelp.dll lprmonui.dll lsasrv.dll
shsvcs.dll shscrap.dll lz32.dll
lzexpand.dll shmedia.dll shlwapi.dll
admparse.dll shimgvw.dll mag_hook.dll
wsock32.dll shimeng.dll mapi32.dll
mapistub.dll mcastmib.dll mcd32.dll
mcdsrv32.dll mchgrcoi.dll shgina.dll
mciavi32.dll mcicda.dll mciole16.dll
mciole32.dll mciqtz32.dll mciseq.dll
shfolder.dll mciwave.dll shellstyle.dll
mdhcp.dll mdminst.dll mdwmdmsp.dll
acctres.dll mf3216.dll mfc40.dll
mfc40u.dll mfc42.dll mfc42u.dll
mfcsubs.dll mgmtapi.dll autodisc.dll
midimap.dll miglibnt.dll shell32.dll
mimefilt.dll mindex.dll wstdecod.dll
mlang.dll mll_hp.dll mll_mtf.dll
mll_qic.dll shell.dll mmcbase.dll
mmcndmgr.dll mmcshext.dll shdocvw.dll
mmdrv.dll mmfutil.dll wtsapi32.dll
mmsystem.dll shdoclc.dll mmutilse.dll
mnmdd.dll sfmapi.dll mobsync.dll
sfc_os.dll authz.dll modemui.dll
modex.dll audiosrv.dll moricons.dll
sfcfiles.dll sfc.dll wuaueng.dll
mpg4dmod.dll atrace.dll setupdll.dll
setupapi.dll mpr.dll mprapi.dll
mprddm.dll mprdim.dll mprmsg.dll
mprui.dll mqad.dll atmpvcno.dll
mqcertui.dll mqdscli.dll mqgentr.dll
mqise.dll mqlogmgr.dll mqoa.dll
serwvdrv.dll servdeps.dll serialui.dll
mqperf.dll senscfg.dll sensapi.dll
mqqm.dll mqrt.dll mqrtdep.dll
mqsec.dll mqsnap.dll sens.dll
sendmail.dll mqtrig.dll mqupgrd.dll
mqutil.dll sendcmsg.dll msaatext.dll
msacm.dll msacm32.dll security.dll
atmlib.dll atmfd.dll msafd.dll
msapsspc.dll msasn1.dll wuauserv.dll
msaudite.dll mscat32.dll secur32.dll
mscms.dll msconf.dll mscpx32r.dLL
mscpxl32.dLL MSCTF.dll atl.dll
MSCTFP.dll msdart.dll seclogon.dll
msdmo.dll actxprxy.dll sdpblb.dll
msdtclog.dll scrrun.dll scrobj.dll
msdtcprx.dll msdtctm.dll msdtcuiu.dll
scriptpw.dll scripto.dll msencode.dll
msexch40.dll msexcl40.dll msftedit.dll
scredir.dll atkctrs.dll wzcdlg.dll
msgina.dll atidrab.dll msgsvc.dll
sclgntfy.dll schedsvc.dll schannel.dll
scesrv.dll mshtml.dll scecli.dll
mshtmled.dll mshtmler.dll msi.dll
msident.dll msidle.dll msidntld.dll
msieftp.dll sccsccp.dll msihnd.dll
msimg32.dll msimsg.dll MSIMTF.dll
msisam11.dll msisip.dll msjet40.dll
msjetoledb40.dll msjint40.dll msjter40.dll
msjtes40.dll mslbui.dll msls31.dll
msltus40.dll msnetobj.dll msnsspc.dll
msobjs.dll msoeacct.dll msoert2.dll
msorc32r.dll msorcl32.dll sccbase.dll
mspatcha.dll mspbde40.dll mspmsp.dll
mspmspsv.dll msports.dll msprivs.dll
msr2c.dll msr2cenu.dll msratelc.dll
msrating.dll msrclr40.dll msrd2x40.dll
msrd3x40.dll msrecr40.dll msrepl40.dll
msrle32.dll mssap.dll wzcsapi.dll
msscp.dll scardssp.dll mssign32.dll
mssip32.dll msswch.dll scarddlg.dll
mstask.dll mstext40.dll mstime.dll
sbeio.dll mstlsapi.dll sbe.dll
mstscax.dll msuni11.dll msutb.dll
msv1_0.dll msvbvm50.dll msvbvm60.dll
msvcirt.dll msvcp50.dll msvcp60.dll
msvcrt.dll msvcrt20.dll msvcrt40.dll
msvfw32.dll msvidc32.dll msvidctl.dll
msvideo.dll msw3prt.dll mswdat10.dll
mswebdvd.dll mswmdm.dll mswsock.dll
mswstr10.dll msxbde40.dll msxml.dll
msxml2.dll msxml2r.dll msxml3.dll
msxml3r.dll msxmlr.dll msyuv.dll
mtxclu.dll mtxdm.dll mtxex.dll
mtxlegih.dll mtxoci.dll samsrv.dll
mycomput.dll mydocs.dll samlib.dll
narrhook.dll safrslv.dll ncobjapi.dll
asycfilt.dll safrdm.dll ncxpnt.dll
nddeapi.dll safrcdlg.dll nddenb32.dll
rtutils.dll rtm.dll rtipxmib.dll
rtcdll.dll netapi.dll netapi32.dll
netcfgx.dll rsvpsp.dll netevent.dll
neth.dll netid.dll netlogon.dll
netman.dll netmsg.dll netplwiz.dll
netrap.dll rsvpperf.dll rsvpmsg.dll
netshell.dll rsmps.dll netui0.dll
netui1.dll netui2.dll rshx32.dll
newdev.dll nlhtml.dll rsfsaps.dll
nmevtmsg.dll nmmkcert.dll wzcsvc.dll
xactsrv.dll xenroll.dll certmgr.dll
rsaenh.dll rpcss.dll rpcrt4.dll
rpcns4.dll routetab.dll rnr20.dll
riched32.dll riched20.dll resutils.dll
activeds.dll npptools.dll asfsipc.dll
rend.dll remotepg.dll ntdll.dll
regwizc.dll regsvc.dll regapi.dll
rdpwsx.dll rdpsnd.dll ntdsapi.dll
ntdsbcli.dll rdpdd.dll rdpcfgex.dll
rdchost.dll rcbdyctl.dll rastls.dll
rastapi.dll rasser.dll ntlanman.dll
ntlanui.dll ntlanui2.dll ntlsapi.dll
ntmarta.dll ntmsapi.dll ntmsdba.dll
ntmsevt.dll ntmsmgr.dll rassapi.dll
rasrad.dll ntmssvc.dll rasppp.dll
ntprint.dll rasmxs.dll ntsdexts.dll
ntshrui.dll rasmontr.dll ntvdmd.dll
asferror.dll rasmans.dll nwapi16.dll
nwapi32.dll xolehlp.dll rasman.dll
nwcfg.dll nwevent.dll nwprovau.dll
rasdlg.dll nwwks.dll oakley.dll
objsel.dll occache.dll ocmanage.dll
odbc16gt.dll odbc32.dll odbc32gt.dll
rasctrs.dll odbcbcp.dll odbcconf.dll
raschap.dll rasauto.dll xpsp1res.dll
odbccp32.dll odbccr32.dll odbccu32.dll
odbcint.dll odbcji32.dll odbcjt32.dll
odbcp32r.dll odbctrac.dll oddbse32.dll
odexl32.dll odfox32.dll odpdx32.dll
odtext32.dll appmgr.dll appmgmts.dll
rasapi32.dll offfilt.dll ole2.dll
ole2disp.dll ole2nls.dll ole32.dll
oleacc.dll oleaccrc.dll oleaut32.dll
olecli.dll olecli32.dll olecnv32.dll
oledlg.dll oleprn.dll olepro32.dll
olesvr.dll olesvr32.dll olethk32.dll
aclui.dll rasadhlp.dll opengl32.dll
acledit.dll osuninst.dll racpldlg.dll
query.dll quartz.dll panmap.dll
paqsp.dll qosname.dll pautoenr.dll
qmgrprxy.dll pdh.dll qmgr.dll
apphelp.dll qedwipes.dll qedit.dll
perfctrs.dll zipfldr.dll perfdisk.dll
qdvd.dll qdv.dll apcups.dll
ixsso.dll qcap.dll qasf.dll
perfnet.dll perfnw.dll perfos.dll
perfproc.dll pstorsvc.dll perfts.dll
pstorec.dll psnppagn.dll photowiz.dll
pid.dll pidgen.dll pifmgr.dll
pschdprf.dll psbase.dll pjlmon.dll
psapi.dll plustab.dll pmspl.dll
pngfilt.dll polstore.dll amstream.dll
powrprof.dll prflbmsg.dll profmap.dll
printui.dll msdxmlc.dll system.drv
keyboard.drv lanman.drv sound.drv
mciavi.drv mciseq.drv mciwave.drv
mouse.drv msacm32.drv timer.drv
msh261.drv msh263.drv vga.drv
netware.drv wdmaud.drv wfwnet.drv
comm.drv winspool.drv noise.eng
wbcache.enu wbdbase.enu noise.enu
noise.esn wbdbase.esn wbcache.esn
winmine.exe winlogon.exe winhlp32.exe
pentnt.exe winchat.exe pathping.exe
qprocess.exe asr_ldm.exe packager.exe
qwinsta.exe osuninst.exe osk.exe
openfiles.exe asr_pfu.exe cscript.exe
rasautou.exe odbcconf.exe wiaacmgr.exe
odbcad32.exe comp.exe rasdial.exe
nwscript.exe wextract.exe nw16.exe
ntvdm.exe winmsd.exe rasphone.exe
ntoskrnl.exe ping.exe perfmon.exe
ntkrnlpa.exe at.exe qappsrv.exe
wupdmgr.exe rcimlby.exe rcp.exe
atmadm.exe attrib.exe rdpclip.exe
xcopy.exe alg.exe wuauclt.exe
rdsaddin.exe rdshost.exe recover.exe
redir.exe reg.exe autochk.exe
regedt32.exe regini.exe autoconv.exe
regsvr32.exe regwiz.exe ntsd.exe
relog.exe ntbackup.exe autofmt.exe
nslookup.exe replace.exe reset.exe
autolfn.exe notepad.exe rexec.exe
winspool.exe cmstp.exe w32tm.exe
route.exe routemon.exe vwipxspx.exe
vssvc.exe csrss.exe atievxx.exe
vssadmin.exe ctfmon.exe nlsfunc.exe
rsh.exe winver.exe rsm.exe
netstat.exe rsmsink.exe rsmui.exe
rsnotify.exe ping6.exe rsopprov.exe
rsvp.exe VetMsgNT.exe verifier.exe
netsh.exe netsetup.exe netdde.exe
net1.exe rtcshare.exe utilman.exe
net.exe dcomcnfg.exe runas.exe
rundll32.exe runonce.exe rwinsta.exe
nddeapir.exe ddeshare.exe nbtstat.exe
narrator.exe bootcfg.exe debug.exe
savedump.exe mstsc.exe mstinit.exe
sc.exe msswchx.exe defrag.exe
scardsvr.exe mspaint.exe msiexec.exe
bootok.exe mshta.exe mshearts.exe
convert.exe schtasks.exe proxycfg.exe
msg.exe actmovie.exe usrshuta.exe
dfrgfat.exe usrprbda.exe usrmlnka.exe
sdbinst.exe msdtc.exe secedit.exe
bootvrfy.exe dfrgntfs.exe diantz.exe
cacls.exe proquota.exe progman.exe
mrinfo.exe mqtgsvc.exe mqsvc.exe
diskpart.exe diskperf.exe calc.exe
wscript.exe services.exe dllhost.exe
dllhst3g.exe sessmgr.exe sethc.exe
accwiz.exe mqbkup.exe setup.exe
mpnotify.exe mplay32.exe setver.exe
print.exe sfc.exe mountvol.exe
mobsync.exe mnmsrvc.exe shadow.exe
share.exe write.exe dmadmin.exe
mmc.exe migpwd.exe mem.exe
control.exe conime.exe asr_fmt.exe
wpnpinst.exe makecab.exe magnify.exe
dmremote.exe userinit.exe shmgrate.exe
shrpubw.exe doskey.exe lsass.exe
shutdown.exe lpr.exe sigverif.exe
wpabaln.exe lpq.exe user.exe
skeys.exe logonui.exe dosx.exe
logoff.exe logman.exe logagent.exe
lodctr.exe smlogsvc.exe smss.exe
sndrec32.exe sndvol32.exe locator.exe
dplaysvr.exe lnkstub.exe sol.exe
sort.exe dpnsvr.exe dpvsetup.exe
compact.exe spider.exe spiisupd.exe
lights.exe ahui.exe label.exe
spoolsv.exe sprestrt.exe krnl386.exe
driverquery.exe charmap.exe chkdsk.exe
arp.exe ups.exe wowexec.exe
wowdeb.exe chkntfs.exe ipxroute.exe
ipv6.exe ipsec6.exe ipconfig.exe
drwatson.exe drwtsn32.exe upnpcont.exe
cidaemon.exe cmmon32.exe dumprep.exe
unlodctr.exe dvdplay.exe dvdupgrd.exe
dwwin.exe dxdiag.exe imapi.exe
cipher.exe cisvc.exe iexpress.exe
stimon.exe edlin.exe ie4uinit.exe
ckcnv.exe hostname.exe typeperf.exe
cleanmgr.exe cliconfg.exe subst.exe
svchost.exe esentutl.exe eudcedit.exe
help.exe syncapp.exe clipbrd.exe
clipsrv.exe grpconv.exe sysedit.exe
cmdl32.exe syskey.exe tsshutdn.exe
sysocmgr.exe tskill.exe tsdiscon.exe
gpupdate.exe append.exe systeminfo.exe
systray.exe gpresult.exe eventcreate.exe
getmac.exe wmpstub.exe gdi.exe
cmd.exe ftp.exe taskkill.exe
tasklist.exe taskman.exe taskmgr.exe
tcmsetup.exe fsutil.exe tscupgrd.exe
tscon.exe freecell.exe tcpsvcs.exe
eventtriggers.exe forcedos.exe telnet.exe
fontview.exe fixmapi.exe finger.exe
tftp.exe findstr.exe find.exe
mscdexnt.exe tlntadmn.exe tlntsess.exe
tlntsvr.exe fc.exe fastopen.exe
tourstart.exe tracerpt.exe tracert.exe
tracert6.exe extrac32.exe expand.exe
exe2bin.exe eventvwr.exe noise.fra
wbdbase.fra wbcache.fra ntimage.gif
mqprfsym.h pschdcnt.h perfci.h
tslabels.h perffilt.h rasctrnm.h
msdtcprf.h perfwci.h rsvpcnts.h
winhelp.hlp net.hlp edit.hlp
cmmgr32.hlp esentprf.hxx MSCTFIME.IME
homepage.inf $winnt$.inf mmdriver.inf
ieuinit.inf perfci.ini pschdprf.ini
esentprf.ini tslabels.ini prodspec.ini
perffilt.ini rasctrs.ini perfwci.ini
tcpmon.ini rsvp.ini mqperf.ini
PerfStringBackup.INI msdtcprf.ini desktop.ini
wbcache.ita noise.ita wbdbase.ita
wuaucpl.cpl.manifest sapi.cpl.manifest logonui.exe.manifest
cdplayer.exe.manifest WindowsLogon.manifest nwc.cpl.manifest
ncpa.cpl.manifest winoldap.mod secpol.msc
ciadv.msc services.msc wmimgmt.msc
diskmgmt.msc dfrg.msc ntmsmgr.msc
devmgmt.msc perfmon.msc gpedit.msc
lusrmgr.msc ntmsoprq.msc compmgmt.msc
fsmgmt.msc rsop.msc certmgr.msc
eventvwr.msc webfldrs.msi wbcache.nld
noise.nld wbdbase.nld c_874.nls
c_869.nls c_866.nls c_950.nls
c_865.nls geo.nls c_863.nls
c_861.nls ctype.nls c_860.nls
c_857.nls c_037.nls c_855.nls
c_10000.nls c_852.nls c_10006.nls
c_850.nls c_10007.nls c_10010.nls
c_875.nls c_10017.nls c_500.nls
c_437.nls c_28605.nls unicode.nls
c_28603.nls c_932.nls c_28599.nls
c_10029.nls c_28598.nls C_28597.NLS
c_10079.nls c_10081.nls c_10082.nls
l_intl.nls c_936.nls l_except.nls
C_28595.NLS c_1026.nls c_1250.nls
locale.nls sortkey.nls c_737.nls
sorttbls.nls C_28594.NLS c_28593.nls
c_1251.nls c_1252.nls c_28592.nls
c_28591.nls c_949.nls c_21866.nls
c_20905.nls c_1253.nls c_1254.nls
c_1255.nls c_20866.nls c_20261.nls
c_20127.nls c_1258.nls c_1257.nls
c_1256.nls c_775.nls AUTOEXEC.NT
CONFIG.NT tdc.ocx proctexe.ocx
wmidx.ocx plugin.ocx asctrls.ocx
sysmon.ocx msscript.ocx hhctrl.ocx
daxctle.ocx wmp.ocx dmview.ocx
msdxm.ocx wshom.ocx graphics.pro
cmos.ram rsaci.rat sqlsrv32.rll
cliconfg.rll bios4.rom v7vga.rom
bios1.rom odbcconf.rsp View Channels.scf
ssmypics.scr sstext3d.scr scrnsave.scr
ssmarque.scr ssflwbox.scr ssbezier.scr
ss3dfo.scr sspipes.scr logon.scr
ssmyst.scr ssstars.scr sysprint.sep
pscript.sep pcl.sep sysprtj.sep
oembios.sig secupd.sig instcat.sql
wbdbase.sve wbcache.sve noise.sve
watchdog.sys vsdatant.sys ansi.sys
win32k.sys ntio804.sys country.sys
ntio411.sys ntio404.sys ntio.sys
ntdos804.sys ntdos412.sys ntdos411.sys
ntdos404.sys key01.sys himem.sys
keyboard.sys ntio412.sys ntdos.sys
noise.tha stdole32.tlb nscompat.tlb
activeds.tlb mqoa20.tlb mqoa10.tlb
mshtml.tlb msdatsrc.tlb simpdata.tlb
stdole2.tlb amcompat.tlb mqoa.tlb
CONFIG.TMP wdl.trm mmtask.tsk
h323.tsp ipconf.tsp kmddsp.tsp
hidphone.tsp ndptsp.tsp remotesp.tsp
unimdm.tsp h323log.txt eula.txt
subrange.uce kanji_2.uce korean.uce
bopomofo.uce gb2312.uce ideograf.uce
kanji_1.uce shiftjis.uce prnjobs.vbs
prndrvr.vbs eventquery.vbs prnmngr.vbs
pagefileconfig.vbs pubprn.vbs prnqctl.vbs
prnport.vbs prncnfg.vbs dsound.vxd
cmdlib.wsc vsconfig.xml wmpscheme.xml
1732 File(s) 260,736,940 bytes

cbutton · Guest

I think I may have the same thing going on in my computer. Could you send me more info?

Action · Guest

I think thats whats up with mine also.. Every time i try to run a virus scan or adware scan the computer shuts off.. Completely off.. I get wierd emails all the time made from mixed names in my address book, or captured phrases from AOL instant messanger.... NAV doesn't know what it is.. no fix... Sad

Need Help... Please Jack(AT)fancyfinds.com

Gorath · Guest

I recieved a pop-up on my system stating "your system is subject to spam........" with the usual "OK" and "Cancel" buttons. The window was done in XP view ( I use classic windows view ), so I knew it wasn't a system message. I closed the explorer window correctly, using the window close button.. "not" the buttons in the window.

Within minutes, my system lost internet connectivity. Assuming it was related to the client I was running ( I play DAoC online ), I rebooted my system.

Hrmm... no internet..
Rebooted my system again... Got connectivity for about 30 seconds then "no internet" again....

I went into the system applications and found that "atmpvcno.exe" was using 95% of system resources, and the other 5% were being used by my LAN connection, and RAM was filling up at about 1mb/sec... I ended the process, and Viola... internet is back up.

I rebooted with the same results.

Looking on Google, this is the only thread I found with atmpvcno anywhere in it. Anyone have any ideas as to what trojan or even legit-gone-haywire program is initiating this?

TonyKlein · Posted: Sat Dec 13, 2003 9:57 pm Post subject:

Go to http://tomcoyote.org/hjt/ , and download 'Hijack This!'.
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please show us its contents.

Most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

TonyKlein · Posted: Mon Dec 15, 2003 11:19 am Post subject:

Ashgoh, , your question has been moved to its own thread.

You can find it here:

http://www.computercops.biz/postt9715.html

Anyone else reading this thread, please post a new topic of your own, and do not add to this one.
It makes things very confusing indeed.

shadoweternal · Guest

i just wanted someone to take a look at my hijackthis log. my xp celeron 1.06 laptop while closing random programs (every 3 or 4 days) dumps memory and the blue screen of death blames vsdatant.sys as the culprit. i play cs/halflife on this and have heavy vid tweaks so maybe imwasteing your time and the prob wont show up in the log but thanks in advance and i hope i get to scream and worship u guys for figureing it out.


	Home ˇ Topics ˇ Submit News ˇ Top 10 This entire site, Cops Themes, and Computer Cops are Š 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright Š 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 900 pages served in previous 5 minutes. Page Rendered: 0.744 seconds.